From sle-updates at lists.suse.com Fri Jun 1 09:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 17:08:27 +0200 (CEST) Subject: SUSE-SU-2012:0682-1: moderate: Security update for ecryptfs-utils Message-ID: <20120601150827.AE095321E7@maintenance.suse.de> SUSE Security Update: Security update for ecryptfs-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0682-1 Rating: moderate References: #735342 #745372 #745581 #745584 #745825 Cross-References: CVE-2011-3145 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: ecryptfs-utils was updated to fix a security issue and some bugs. Security issue fixed: mount.ecryptfs_private did not set correct group ownerships when it modifies mtab (CVE-2011-3145). Also some bugs that made this set of tools non-working were fixed. You need to manually hand setuid root permissions to /sbin/mount.ecryptfs_private if you want to use it as a non-root user. Security Issues: * CVE-2011-3145 Contraindications: Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-ecryptfs-utils-6187 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-ecryptfs-utils-6187 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-ecryptfs-utils-6187 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-ecryptfs-utils-6187 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-ecryptfs-utils-6187 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-61-1.33.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): ecryptfs-utils-32bit-61-1.33.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): ecryptfs-utils-x86-61-1.33.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): ecryptfs-utils-61-1.33.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): ecryptfs-utils-32bit-61-1.33.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-61-1.33.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): ecryptfs-utils-32bit-61-1.33.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): ecryptfs-utils-x86-61-1.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ecryptfs-utils-61-1.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): ecryptfs-utils-32bit-61-1.33.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): ecryptfs-utils-61-1.33.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): ecryptfs-utils-32bit-61-1.33.1 References: http://support.novell.com/security/cve/CVE-2011-3145.html https://bugzilla.novell.com/735342 https://bugzilla.novell.com/745372 https://bugzilla.novell.com/745581 https://bugzilla.novell.com/745584 https://bugzilla.novell.com/745825 http://download.novell.com/patch/finder/?keywords=e78040dfb7b945bcde597140adc40742 From sle-updates at lists.suse.com Fri Jun 1 10:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 18:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0683-1: Recommended update for release-notes-sled Message-ID: <20120601160829.77D3C321C0@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0683-1 Rating: low References: #748834 #750728 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Desktop 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-release-notes-sled-6178 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 11.2.25]: release-notes-sled-11.2.25-0.9.1 References: https://bugzilla.novell.com/748834 https://bugzilla.novell.com/750728 http://download.novell.com/patch/finder/?keywords=6dfa6c6399a304f2caed0c21f70c9357 From sle-updates at lists.suse.com Fri Jun 1 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 18:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0684-1: Recommended update for udev Message-ID: <20120601160831.17FB1321E7@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0684-1 Rating: low References: #640008 #732648 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the following reports for udev: * 732648: udev/fstab_import does not work with devices specified as /dev/VGNAME/LVNAME * 640008: udev does not store long devpaths in its database In addition, the system ramdisk will now be regenerated after the package update. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libudev-devel-6264 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libudev-devel-6264 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libudev-devel-6264 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libudev-devel-6264 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libudev-devel-128-13.18.1 libudev0-128-13.18.1 libvolume_id-devel-128-13.18.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libvolume_id1-128-13.18.1 udev-128-13.18.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libvolume_id1-128-13.18.1 udev-128-13.18.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libvolume_id1-128-13.18.1 udev-128-13.18.1 References: https://bugzilla.novell.com/640008 https://bugzilla.novell.com/732648 http://download.novell.com/patch/finder/?keywords=6dd58d07ae2f4bc5b543db2eff5385d3 From sle-updates at lists.suse.com Fri Jun 1 11:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 19:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0685-1: Recommended update for sles-manuals_en Message-ID: <20120601170834.2B2F0321C0@maintenance.suse.de> SUSE Recommended Update: Recommended update for sles-manuals_en ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0685-1 Rating: low References: #757309 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This updates the SUSE Linux Enterprise Server Manual to the latest version. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sles-manuals_en-6268 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sles-manuals_en-6268 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): sles-manuals_en-11.2-0.43.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): sles-manuals_en-11.2-0.43.1 References: https://bugzilla.novell.com/757309 http://download.novell.com/patch/finder/?keywords=047cdfbfc611500199219981de53634c From sle-updates at lists.suse.com Fri Jun 1 12:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 20:08:27 +0200 (CEST) Subject: SUSE-SU-2012:0686-1: moderate: Security update for strongswan Message-ID: <20120601180827.98F8A323D8@maintenance.suse.de> SUSE Security Update: Security update for strongswan ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0686-1 Rating: moderate References: #761325 Cross-References: CVE-2012-2388 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update fixed a security issue in strongswan's "gmp" plugin which could be exploited by attackers to forge RSA signature/certificate to authenticate as any legitimate user (CVE-2012-2388 ). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-strongswan-6333 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-strongswan-6333 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-strongswan-6333 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-strongswan-6333 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-strongswan-6333 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.13.1 strongswan-doc-4.4.0-6.13.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.13.1 strongswan-doc-4.4.0-6.13.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.13.1 strongswan-doc-4.4.0-6.13.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): strongswan-4.4.0-6.9.1 strongswan-doc-4.4.0-6.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.13.1 strongswan-doc-4.4.0-6.13.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 4.4.0]: strongswan-4.4.0-6.13.1 strongswan-doc-4.4.0-6.13.1 References: http://support.novell.com/security/cve/CVE-2012-2388.html https://bugzilla.novell.com/761325 http://download.novell.com/patch/finder/?keywords=6182785f4415eddda64fc010041fd1e1 http://download.novell.com/patch/finder/?keywords=b4b9e72b6ba8e6ab546311ccb9332c19 From sle-updates at lists.suse.com Fri Jun 1 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Jun 2012 23:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0687-1: Recommended update for mcelog Message-ID: <20120601210828.9026A323D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for mcelog ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0687-1 Rating: low References: #742716 #748484 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for mcelog provides the following changes: * Add Sandybridge support. * Add Westmere EX and missing older Xeon (model 0x25) support. * Add Ivy Bridge support. * Fix wrong conditional typo about time stamp logging. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-mcelog-6188 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-mcelog-6188 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-mcelog-6188 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): mcelog-1.0.2010.03.10-0.10.1 - SUSE Linux Enterprise Server 11 SP1 (x86_64): mcelog-1.0.2010.03.10-0.10.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): mcelog-1.0.2010.03.10-0.10.1 References: https://bugzilla.novell.com/742716 https://bugzilla.novell.com/748484 http://download.novell.com/patch/finder/?keywords=3954eb5534c05a133e0c12a60659054c From sle-updates at lists.suse.com Fri Jun 1 18:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 2 Jun 2012 02:08:29 +0200 (CEST) Subject: SUSE-SU-2012:0688-1: important: Security update for MozillaFirefox Message-ID: <20120602000829.7439D323F5@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0688-1 Rating: important References: #758408 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes two new package versions. Description: MozillaFirefox was updated to the 10.0.4 ESR release to fix various bugs and security issues. * Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2012-20) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. o Christian Holler a reported memory safety and security problem affecting Firefox 11. (CVE-2012-0468) o Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay reported memory safety problems and crashes that affect Firefox ESR and Firefox 11. (CVE-2012-0467) * Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable. (MFSA 2012-22 / CVE-2012-0469) * Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. This happens due to float error, resulting from graphics values being passed through different number systems. (MFSA 2012-23 / CVE-2012-0470) * Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. This can leave users vulnerable to cross-site scripting (XSS) attacks on maliciously crafted web pages. (MFSA 2012-24 / CVE-2012-0471) * Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. This is created by using cairo-dwrite to attempt to render fonts on an unsupported code path. This corruption causes a potentially exploitable crash on affected systems. (MFSA 2012-25 / CVE-2012-0472) * Mozilla community member Matias Juntunen discovered an error in WebGLBuffer where FindMaxElementInSubArray receives wrong template arguments from FindMaxUshortElement. This bug causes maximum index to be computed incorrectly within WebGL.drawElements, allowing the reading of illegal video memory. (MFSA 2012-26 / CVE-2012-0473) * Security researchers Jordi Chancel and Eddy Bordi reported that they could short-circuit page loads to show the address of a different site than what is loaded in the window in the addressbar. Security researcher Chris McGowen independently reported the same flaw, and further demonstrated that this could lead to loading scripts from the attacker's site, leaving users vulnerable to cross-site scripting (XSS) attacks. (MFSA 2012-27 / CVE-2012-0474) * Security researcher Simone Fabiano reported that if a cross-site XHR or WebSocket is opened on a web server on a non-standard port for web traffic while using an IPv6 address, the browser will send an ambiguous origin headers if the IPv6 address contains at least 2 consecutive 16-bit fields of zeroes. If there is an origin access control list that uses IPv6 literals, this issue could be used to bypass these access controls on the server. (MFSA 2012-28 / CVE-2012-0475) * Security researcher Masato Kinugawa found that during the decoding of ISO-2022-KR and ISO-2022-CN character sets, characters near 1024 bytes are treated incorrectly, either doubling or deleting bytes. On certain pages it might be possible for an attacker to pad the output of the page such that these errors fall in the right place to affect the structure of the page, allowing for cross-site script (XSS) injection. (MFSA 2012-29 / CVE-2012-0477) * Mozilla community member Ms2ger found an image rendering issue with WebGL when texImage2D uses use JSVAL_TO_OBJECT on arbitrary objects. This can lead to a crash on a maliciously crafted web page. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. (MFSA 2012-30 / CVE-2012-0478) * Mateusz Jurczyk of the Google Security Team discovered an off-by-one error in the OpenType Sanitizer using the Address Sanitizer tool. This can lead to an out-of-bounds read and execution of an uninitialized function pointer during parsing and possible remote code execution. (MFSA 2012-31 / CVE-2011-3062) * Security researcher Daniel Divricean reported that a defect in the error handling of javascript errors can leak the file names and location of javascript files on a server, leading to inadvertent information disclosure and a vector for further attacks. (MFSA 2012-32 / CVE-2011-1187) * Security researcher Jeroen van der Gun reported that if RSS or Atom XML invalid content is loaded over HTTPS, the addressbar updates to display the new location of the loaded resource, including SSL indicators, while the main window still displays the previously loaded content. This allows for phishing attacks where a malicious page can spoof the identify of another seemingly secure site. (MFSA 2012-33 / CVE-2012-0479) Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.4]: firefox3-gtk2-2.10.6-0.10.1 mozilla-nss-3.13.4-0.5.5 mozilla-nss-devel-3.13.4-0.5.5 mozilla-nss-tools-3.13.4-0.5.5 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 7]: MozillaFirefox-10.0.4-0.7.6 MozillaFirefox-branding-SLED-7-0.8.12 MozillaFirefox-translations-10.0.4-0.7.6 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.13.4]: firefox3-gtk2-32bit-2.10.6-0.10.1 mozilla-nss-32bit-3.13.4-0.5.5 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.13.4]: mozilla-nss-x86-3.13.4-0.5.5 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.13.4]: mozilla-nss-64bit-3.13.4-0.5.5 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.13.4]: beagle-0.2.18-78.13.1.102 beagle-evolution-0.2.18-78.13.1.102 beagle-firefox-0.2.18-78.13.1.102 beagle-gui-0.2.18-78.13.1.102 firefox3-gtk2-2.10.6-0.10.1 mhtml-firefox-0.5-1.11.5 mozilla-nss-3.13.4-0.5.5 mozilla-nss-devel-3.13.4-0.5.5 mozilla-nss-tools-3.13.4-0.5.5 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.13.4]: firefox3-gtk2-32bit-2.10.6-0.10.1 mozilla-nss-32bit-3.13.4-0.5.5 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 7]: MozillaFirefox-10.0.4-0.7.6 MozillaFirefox-branding-SLED-7-0.8.12 MozillaFirefox-translations-10.0.4-0.7.6 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.4]: beagle-0.2.18-78.13.1.102 beagle-evolution-0.2.18-78.13.1.102 beagle-firefox-0.2.18-78.13.1.102 beagle-gui-0.2.18-78.13.1.102 firefox3-autoconf261-2.61-0.5.5 firefox3-binutils-2.21.1-0.8.5 firefox3-gtk2-devel-2.10.6-0.10.1 firefox3-gtk2-doc-2.10.6-0.10.1 firefox3-make-3.81-0.129.5 firefox3-python-base-2.6.8-0.7.4 mozilla-nss-tools-3.13.4-0.5.5 yasm-1.1.0-10.5.5 yasm-devel-1.1.0-10.5.5 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.4-0.7.6 References: https://bugzilla.novell.com/758408 http://download.novell.com/patch/finder/?keywords=f83092661fed82089220795937f323d2 From sle-updates at lists.suse.com Fri Jun 1 18:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 2 Jun 2012 02:08:32 +0200 (CEST) Subject: SUSE-SU-2012:0689-1: important: kernel update for SLE11 SP2 Message-ID: <20120602000832.297CC32403@maintenance.suse.de> SUSE Security Update: kernel update for SLE11 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0689-1 Rating: important References: #704280 #708836 #718521 #721857 #725592 #732296 #738528 #738644 #743232 #744758 #745088 #746938 #748112 #748463 #748806 #748859 #750426 #751550 #752022 #752634 #753172 #753698 #754085 #754428 #754690 #754969 #755178 #755537 #755758 #755812 #756236 #756821 #756840 #756940 #757077 #757202 #757205 #757289 #757373 #757517 #757565 #757719 #757783 #757789 #757950 #758104 #758279 #758532 #758540 #758731 #758813 #758833 #759340 #759539 #759541 #759657 #759908 #759971 #760015 #760279 #760346 #760974 #761158 #761387 #761772 #762285 #762329 #762424 Cross-References: CVE-2012-2127 CVE-2012-2133 CVE-2012-2313 CVE-2012-2319 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves four vulnerabilities and has 64 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.31, fixing lots of bugs and security issues. Various security and bug fixes contained in the Linux 3.0 stable releases 3.0.27 up to 3.0.31 are included, but not explicitly listed below. Following security issues were fixed: CVE-2012-2313: The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. CVE-2012-2133: A use after free bug in hugetlb support could be used by local attackers to crash the system. CVE-2012-2127: Various leaks in namespace handling over fork where fixed, which could be exploited by e.g. vsftpd access by remote users. CVE-2012-2319: A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. Following non security bugs were fixed by this update: BTRFS: - btrfs: partial revert of truncation improvements (bnc#748463 bnc#760279). - btrfs: fix eof while discarding extents - btrfs: check return value of bio_alloc() properly - btrfs: return void from clear_state_bit - btrfs: avoid possible use-after-free in clear_extent_bit() - btrfs: Make free_ipath() deal gracefully with NULL pointers - btrfs: do not call free_extent_buffer twice in iterate_irefs - btrfs: add missing read locks in backref.c - btrfs: fix max chunk size check in chunk allocator - btrfs: double unlock bug in error handling - btrfs: do not return EINTR - btrfs: fix btrfs_ioctl_dev_info() crash on missing device - btrfs: fix that check_int_data mount option was ignored - btrfs: do not mount when we have a sectorsize unequal to PAGE_SIZE - btrfs: avoid possible use-after-free in clear_extent_bit() - btrfs: retrurn void from clear_state_bit - btrfs: Fix typo in free-space-cache.c - btrfs: remove the ideal caching code - btrfs: remove search_start and search_end from find_free_extent and callers - btrfs: adjust the write_lock_level as we unlock - btrfs: actually call btrfs_init_lockdep - btrfs: fix regression in scrub path resolving - btrfs: show useful info in space reservation tracepoint - btrfs: flush out and clean up any block device pages during mount - btrfs: fix deadlock during allocating chunks - btrfs: fix race between direct io and autodefrag - btrfs: fix the mismatch of page->mapping - btrfs: fix recursive defragment with autodefrag option - btrfs: add a check to decide if we should defrag the range - btrfs: do not bother to defrag an extent if it is a big real extent - btrfs: update to the right index of defragment - btrfs: Fix use-after-free in __btrfs_end_transaction - btrfs: stop silently switching single chunks to raid0 on balance - btrfs: add wrappers for working with alloc profiles - btrfs: make profile_is_valid() check more strict - btrfs: move alloc_profile_is_valid() to volumes.c - btrfs: add get_restripe_target() helper - btrfs: add __get_block_group_index() helper - btrfs: improve the logic in btrfs_can_relocate() - btrfs: validate target profiles only if we are going to use them - btrfs: allow dup for data chunks in mixed mode - btrfs: fix memory leak in resolver code - btrfs: fix infinite loop in btrfs_shrink_device() - btrfs: error handling locking fixu - btrfs: fix uninit variable in repair_eb_io_failure - btrfs: always store the mirror we read the eb from - btrfs: do not count CRC or header errors twice while scrubbing - btrfs: do not start delalloc inodes during sync - btrfs: fix repair code for RAID10 - btrfs: Prevent root_list corruption - btrfs: fix block_rsv and space_info lock ordering - btrfs: Fix space checking during fs resize - btrfs: avoid deadlocks from GFP_KERNEL allocations during btrfs_real_readdir - btrfs: reduce lock contention during extent insertion - btrfs: Add properly locking around add_root_to_dirty_list - btrfs: Fix mismatching struct members in ioctl.h netfilter: - netfilter: nf_conntrack: make event callback registration per-netns (bnc#758540). DRM: - drm/edid: Add a workaround for 1366x768 HD panel (bnc#753172). - drm/edid: Add extra_modes (bnc#753172). - drm/edid: Add packed attribute to new gtf2 and cvt structs (bnc#753172). - drm/edid: Add the reduced blanking DMT modes to the DMT list (bnc#753172). - drm/edid: Allow drm_mode_find_dmt to hunt for reduced-blanking modes (bnc#753172). - drm/edid: Do drm_dmt_modes_for_range() for all range descriptor types (bnc#753172). - drm/edid: Document drm_mode_find_dmt (bnc#753172). - drm/edid: Fix some comment typos in the DMT mode list (bnc#753172). - drm/edid: Generate modes from extra_modes for range descriptors (bnc#753172). - drm/edid: Give the est3 mode struct a real name (bnc#753172). - drm/edid: Remove a misleading comment (bnc#753172). - drm/edid: Rewrite drm_mode_find_dmt search loop (bnc#753172). - drm/edid: Update range descriptor struct for EDID 1.4 (bnc#753172). - drm/edid: add missing NULL checks (bnc#753172). - drm/edid: s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/ (bnc#753172). - Fix kABI for drm EDID improvement patches (bnc#753172). - drm: Fix the case where multiple modes are returned from EDID (bnc#753172) - drm/i915: Add more standard modes to LVDS output (bnc#753172). - drm/i915: Disable LVDS at mode change (bnc#752022). - drm/i915: add Ivy Bridge GT2 Server entries (bnc#759971). - drm/i915: delay drm_irq_install() at resume (bnc#753698). - EDD: Check for correct EDD 3.0 length (bnc#762285). XEN: - blkfront: make blkif_io_lock spinlock per-device. - blkback: streamline main processing loop (fate#309305). - blkback: Implement discard requests handling (fate#309305). - blkback: Enhance discard support with secure erasing support (fate#309305). - blkfront: Handle discard requests (fate#309305). - blkfront: Enhance discard support with secure erasing support (fate#309305). - blkif: support discard (fate#309305). - blkif: Enhance discard support with secure erasing support (fate#309305). - xen/smpboot: adjust ordering of operations. - x86-64: provide a memset() that can deal with 4Gb or above at a time (bnc#738528). - Update Xen patches to 3.0.27. - Update Xen patches to 3.0.31. - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53 (bnc#760974). - xen/gntdev: fix multi-page slot allocation (bnc#760974). TG3: - tg3: Avoid panic from reserved statblk field access (bnc#760346). - tg3: Fix 5717 serdes powerdown problem (bnc#756940). - tg3: Fix RSS ring refill race condition (bnc#756940). - tg3: Fix single-vector MSI-X code (bnc#756940). - tg3: fix ipv6 header length computation (bnc#756940). S/390: - dasd: Fix I/O stall when reserving dasds (bnc#757719). - s390/af_iucv: detect down state of HS transport interface (bnc#758279,LTC#80859). - s390/af_iucv: allow shutdown for HS transport sockets (bnc#758279,LTC#80860). - mm: s390: Fix BUG by using __set_page_dirty_no_writeback on swap. (bnc#751550) - s390/qeth: Improve OSA Express 4 blkt defaults (bnc#754969,LTC#80325). - s390/zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754969,LTC#80378). - zfcpdump: Implement async sdias event processing (bnc#761387,LTC#81330). ALSA: - ALSA: hda - Always resume the codec immediately (bnc#750426). - ALSA: hda - Add Creative CA0132 HDA codec support (bnc#762424). - ALSA: hda - Fix error handling in patch_ca0132.c (bnc#762424). - ALSA: hda - Add the support for Creative SoundCore3D (bnc#762424). OTHER: - ixgbe: fix ring assignment issues for SR-IOV and drop cases (bnc#761158). - ixgbe: add missing rtnl_lock in PM resume path (bnc#748859). - MCE, AMD: Drop too granulary family model checks (bnc#758833). - EDAC, MCE, AMD: Print CPU number when reporting the error (bnc#758833). - EDAC, MCE, AMD: Print valid addr when reporting an error (bnc#758833). - libata: skip old error history when counting probe trials. - x86: kdb: restore kdb stack trace (bnc#760015). - ehea: fix allmulticast support, - ehea: fix promiscuous mode (both bnc#757289) - ehea: only register irq after setting up ports (bnc#758731). - ehea: fix losing of NEQ events when one event occurred early (bnc#758731). - scsi: Silence unnecessary warnings about ioctl to partition (bnc#758104). - scsi_dh_rdac: Update match function to check page C8 (bnc#757077). - scsi_dh_rdac: Add new NetApp IDs (bnc#757077). - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22 0489:E03C (bnc#759908). - x86/amd: Add missing feature flag for fam15h models 10h-1fh processors (bnc#759340). - x86: Report cpb and eff_freq_ro flags correctly (bnc#759340). - x86, amd: Fix up numa_node information for AMD CPU family 15h model 0-0fh northbridge functions (bnc#759340). - x86/PCI: amd: Kill misleading message about enablement of IO access to PCI ECS] (bnc#759340). - cdc-wdm: fix race leading leading to memory corruption (bnc#759539). - tlan: add cast needed for proper 64 bit operation (bnc#756840). - bonding:update speed/duplex for NETDEV_CHANGE (bnc#752634). - bonding: comparing a u8 with -1 is always false (bnc#752634). - bonding: start slaves with link down for ARP monitor (bnc#752634). - bonding: do not increase rx_dropped after processing LACPDUs (bnc#759657). - x86: fix the initialization of physnode_map (bnc#748112). - sched,rt: fix isolated CPUs leaving root_task_group indefinitely throttled (bnc#754085). - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression. Revert 0209f649, and turn tick skew on globally, since 0209f649 came about to mitigate lock contention that skew removal induces, both on xtime_lock and on RCU leaf node locks. NOTE: This change trades ~400% latency regression fix for power consumption progression that skew removal bought (at high cost). - Revert mainline 0209f649 - rcu: limit rcu_node leaf-level fanout (bnc#718521). - md: fix possible corruption of array metadata on shutdown. - md/bitmap: prevent bitmap_daemon_work running while initialising bitmap. - md: ensure changes to write-mostly are reflected in metadata (bnc#755178). - cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (bnc#757789). - procfs, namespace, pid_ns: fix leakage upon fork() failure (bnc#757783). - mqueue: fix a vfsmount longterm reference leak (bnc#757783). - procfs: fix a vfsmount longterm reference leak (bnc#757783). - scsi_dh_alua: Optimize stpg command (bnc#744758). - scsi_dh_alua: Store pref bit from RTPG (bnc#755758). - scsi_dh_alua: set_params interface (bnc#755758). - uwb: fix error handling (bnc#757950). - uwb: fix use of del_timer_sync() in interrupt (bnc#757950). - usbhid: fix error handling of not enough bandwidth (bnc#704280). - mm: Improve preservation of page-age information (bnc#754690) - pagecache limit: Fix the shmem deadlock (bnc#755537). - USB: sierra: add support for Sierra Wireless MC7710 (bnc#757517). - USB: fix resource leak in xhci power loss path (bnc#746938). - x86/iommu/intel: Fix identity mapping for sandy bridge (bnc#743232). - ipv6: Check dest prefix length on original route not copied one in rt6_alloc_cow() (bnc#757202). - ipv6: do not use inetpeer to store metrics for routes (bnc#757202). - ipv6: fix problem with expired dst cache (bnc#757205). - ipv6: unshare inetpeers. - bridge: correct IPv6 checksum after pull (bnc#738644). - scsi: storvsc: Account for in-transit packets in the RESET path. - patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merge.pa tch: - patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue.pat ch: Fix vma merging issue during mbind affecting JVMs. - ACPI, APEI: Fix incorrect APEI register bit width check and usage (bnc#725592). - vmxnet3: cap copy length at size of skb to prevent dropped frames on tx (bnc#755812). - rt2x00: rt2x00dev: move rfkill_polling register to proper place (bnc#748806). - pagecache: fix the BUG_ON safety belt - pagecache: Fixed the GFP_NOWAIT is zero and not suitable for tests bug (bnc#755537) - igb: reset PHY after recovering from PHY power down. (bnc#745088) - igb: fix rtnl race in PM resume path (bnc#748859). - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing (bnc#757373). - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing (bnc#757373, redhat#727875). - cfq-iosched: Reduce linked group count upon group destruction (bnc#759541). - cdc_ether: Ignore bogus union descriptor for RNDIS devices (bnc#761772). - sys_poll: fix incorrect type for timeout parameter (bnc#754428). - staging:rts_pstor:Avoid "Bad target number" message when probing driver (bnc#762329). - staging:rts_pstor:Complete scanning_done variable (bnc#762329). - staging:rts_pstor:Fix SDIO issue (bnc#762329). - staging:rts_pstor: Fix a bug that a MMCPlus card ca not be accessed (bnc#762329). - staging:rts_pstor: Fix a miswriting (bnc#762329). - staging:rts_pstor:Fix possible panic by NULL pointer dereference (bnc#762329). - staging:rts_pstor: fix thread synchronization flow (bnc#762329). - freezer:do not unnecessarily set PF_NOFREEZE explicitly (bnc#762329). - staging:rts_pstor: off by one in for loop (bnc#762329). - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch: fix typo: use if defined(CONFIG_*) rather than if CONFIG_* Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Contraindications: Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-6338 slessp2-kernel-6349 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-6338 slessp2-kernel-6339 slessp2-kernel-6345 slessp2-kernel-6348 slessp2-kernel-6349 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-6338 sleshasp2-kernel-6339 sleshasp2-kernel-6345 sleshasp2-kernel-6348 sleshasp2-kernel-6349 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-6338 sledsp2-kernel-6349 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.31]: kernel-default-3.0.31-0.9.1 kernel-default-base-3.0.31-0.9.1 kernel-default-devel-3.0.31-0.9.1 kernel-source-3.0.31-0.9.1 kernel-syms-3.0.31-0.9.1 kernel-trace-3.0.31-0.9.1 kernel-trace-base-3.0.31-0.9.1 kernel-trace-devel-3.0.31-0.9.1 kernel-xen-devel-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.31]: kernel-pae-3.0.31-0.9.1 kernel-pae-base-3.0.31-0.9.1 kernel-pae-devel-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.31]: kernel-default-3.0.31-0.9.1 kernel-default-base-3.0.31-0.9.1 kernel-default-devel-3.0.31-0.9.1 kernel-source-3.0.31-0.9.1 kernel-syms-3.0.31-0.9.1 kernel-trace-3.0.31-0.9.1 kernel-trace-base-3.0.31-0.9.1 kernel-trace-devel-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.31]: kernel-ec2-3.0.31-0.9.1 kernel-ec2-base-3.0.31-0.9.1 kernel-ec2-devel-3.0.31-0.9.1 kernel-xen-3.0.31-0.9.1 kernel-xen-base-3.0.31-0.9.1 kernel-xen-devel-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.31]: kernel-default-man-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.31]: kernel-ppc64-3.0.31-0.9.1 kernel-ppc64-base-3.0.31-0.9.1 kernel-ppc64-devel-3.0.31-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.31]: kernel-pae-3.0.31-0.9.1 kernel-pae-base-3.0.31-0.9.1 kernel-pae-devel-3.0.31-0.9.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.31_0.9-2.10.23 cluster-network-kmp-trace-1.4_3.0.31_0.9-2.10.23 gfs2-kmp-default-2_3.0.31_0.9-0.7.23 gfs2-kmp-trace-2_3.0.31_0.9-0.7.23 ocfs2-kmp-default-1.6_3.0.31_0.9-0.7.23 ocfs2-kmp-trace-1.6_3.0.31_0.9-0.7.23 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.31_0.9-2.10.23 gfs2-kmp-xen-2_3.0.31_0.9-0.7.23 ocfs2-kmp-xen-1.6_3.0.31_0.9-0.7.23 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.31_0.9-2.10.23 gfs2-kmp-ppc64-2_3.0.31_0.9-0.7.23 ocfs2-kmp-ppc64-1.6_3.0.31_0.9-0.7.23 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.31_0.9-2.10.23 gfs2-kmp-pae-2_3.0.31_0.9-0.7.23 ocfs2-kmp-pae-1.6_3.0.31_0.9-0.7.23 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.31]: kernel-default-3.0.31-0.9.1 kernel-default-base-3.0.31-0.9.1 kernel-default-devel-3.0.31-0.9.1 kernel-default-extra-3.0.31-0.9.1 kernel-source-3.0.31-0.9.1 kernel-syms-3.0.31-0.9.1 kernel-trace-3.0.31-0.9.1 kernel-trace-base-3.0.31-0.9.1 kernel-trace-devel-3.0.31-0.9.1 kernel-trace-extra-3.0.31-0.9.1 kernel-xen-3.0.31-0.9.1 kernel-xen-base-3.0.31-0.9.1 kernel-xen-devel-3.0.31-0.9.1 kernel-xen-extra-3.0.31-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.31]: kernel-pae-3.0.31-0.9.1 kernel-pae-base-3.0.31-0.9.1 kernel-pae-devel-3.0.31-0.9.1 kernel-pae-extra-3.0.31-0.9.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.31_0.9-0.14.4 kernel-default-extra-3.0.31-0.9.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.31_0.9-0.14.4 kernel-xen-extra-3.0.31-0.9.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.31_0.9-0.14.4 kernel-ppc64-extra-3.0.31-0.9.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.31_0.9-0.14.4 kernel-pae-extra-3.0.31-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-2127.html http://support.novell.com/security/cve/CVE-2012-2133.html http://support.novell.com/security/cve/CVE-2012-2313.html http://support.novell.com/security/cve/CVE-2012-2319.html https://bugzilla.novell.com/704280 https://bugzilla.novell.com/708836 https://bugzilla.novell.com/718521 https://bugzilla.novell.com/721857 https://bugzilla.novell.com/725592 https://bugzilla.novell.com/732296 https://bugzilla.novell.com/738528 https://bugzilla.novell.com/738644 https://bugzilla.novell.com/743232 https://bugzilla.novell.com/744758 https://bugzilla.novell.com/745088 https://bugzilla.novell.com/746938 https://bugzilla.novell.com/748112 https://bugzilla.novell.com/748463 https://bugzilla.novell.com/748806 https://bugzilla.novell.com/748859 https://bugzilla.novell.com/750426 https://bugzilla.novell.com/751550 https://bugzilla.novell.com/752022 https://bugzilla.novell.com/752634 https://bugzilla.novell.com/753172 https://bugzilla.novell.com/753698 https://bugzilla.novell.com/754085 https://bugzilla.novell.com/754428 https://bugzilla.novell.com/754690 https://bugzilla.novell.com/754969 https://bugzilla.novell.com/755178 https://bugzilla.novell.com/755537 https://bugzilla.novell.com/755758 https://bugzilla.novell.com/755812 https://bugzilla.novell.com/756236 https://bugzilla.novell.com/756821 https://bugzilla.novell.com/756840 https://bugzilla.novell.com/756940 https://bugzilla.novell.com/757077 https://bugzilla.novell.com/757202 https://bugzilla.novell.com/757205 https://bugzilla.novell.com/757289 https://bugzilla.novell.com/757373 https://bugzilla.novell.com/757517 https://bugzilla.novell.com/757565 https://bugzilla.novell.com/757719 https://bugzilla.novell.com/757783 https://bugzilla.novell.com/757789 https://bugzilla.novell.com/757950 https://bugzilla.novell.com/758104 https://bugzilla.novell.com/758279 https://bugzilla.novell.com/758532 https://bugzilla.novell.com/758540 https://bugzilla.novell.com/758731 https://bugzilla.novell.com/758813 https://bugzilla.novell.com/758833 https://bugzilla.novell.com/759340 https://bugzilla.novell.com/759539 https://bugzilla.novell.com/759541 https://bugzilla.novell.com/759657 https://bugzilla.novell.com/759908 https://bugzilla.novell.com/759971 https://bugzilla.novell.com/760015 https://bugzilla.novell.com/760279 https://bugzilla.novell.com/760346 https://bugzilla.novell.com/760974 https://bugzilla.novell.com/761158 https://bugzilla.novell.com/761387 https://bugzilla.novell.com/761772 https://bugzilla.novell.com/762285 https://bugzilla.novell.com/762329 https://bugzilla.novell.com/762424 http://download.novell.com/patch/finder/?keywords=1807bcd2b9628830e46f87bbce0c68fb http://download.novell.com/patch/finder/?keywords=2f14534cc5f6410a84a13bedeae921e5 http://download.novell.com/patch/finder/?keywords=433a101aa3e734c55d581257cd100f6b http://download.novell.com/patch/finder/?keywords=5d93f32b6c5678423315d9763dcdea53 http://download.novell.com/patch/finder/?keywords=62d70aee81de7f4d62272d33326be568 http://download.novell.com/patch/finder/?keywords=6ecf603bc7f492a1e4ab33c86ef6115a http://download.novell.com/patch/finder/?keywords=780f3653ec4f849b5c346c0dab9cd91c http://download.novell.com/patch/finder/?keywords=b1249381226b03cee526b6949e9fbba4 http://download.novell.com/patch/finder/?keywords=b13b5578bab912738d92e3b37e444732 http://download.novell.com/patch/finder/?keywords=f39e72bf933211809d610be1747cfb3e From sle-updates at lists.suse.com Fri Jun 1 22:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 2 Jun 2012 06:08:27 +0200 (CEST) Subject: SUSE-RU-2012:0690-1: Recommended update for yast2-network Message-ID: <20120602040827.1CE2F32409@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0690-1 Rating: low References: #748251 #749365 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to yast2-network provides the following fixes: * Sleep between writing udev rules and ifcfgs so that rcnetwork reload works reliably. * Avoid that aborting the internet connectivity test aborts the installation. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-network-6020 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-network-6020 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-network-6020 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-network-6020 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.172]: yast2-network-devel-doc-2.17.172-0.5.7 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.172]: yast2-network-2.17.172-0.5.7 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.172]: yast2-network-2.17.172-0.5.7 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.172]: yast2-network-2.17.172-0.5.7 References: https://bugzilla.novell.com/748251 https://bugzilla.novell.com/749365 http://download.novell.com/patch/finder/?keywords=6e9c036e53b6f393c4e7f73e449644c4 From sle-updates at lists.suse.com Mon Jun 4 12:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jun 2012 20:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0693-1: Recommended update for ethtool Message-ID: <20120604180825.6647B3240C@maintenance.suse.de> SUSE Recommended Update: Recommended update for ethtool ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0693-1 Rating: low References: #744364 #748599 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update adds support for dumping and loading the network driver firmware to ethtool (bnc#748599). In addition, it fixes displaying of IXGBE flow director rules (bnc#744364). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ethtool-6130 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ethtool-6130 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ethtool-6130 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ethtool-6.2.6.39-0.11.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ethtool-6.2.6.39-0.11.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ethtool-6.2.6.39-0.11.1 References: https://bugzilla.novell.com/744364 https://bugzilla.novell.com/748599 http://download.novell.com/patch/finder/?keywords=dec0aaae7836943a4c1d15d332254881 From sle-updates at lists.suse.com Mon Jun 4 17:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jun 2012 01:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0687-2: Recommended update for mcelog Message-ID: <20120604230830.3F6273240C@maintenance.suse.de> SUSE Recommended Update: Recommended update for mcelog ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0687-2 Rating: low References: #742716 #748484 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for mcelog provides the following fixes: * Add support to an older Xeon (model 0x25) that was missing (bnc#742716) * Add Ivy Bridge support (bnc#748484) Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mcelog-6190 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mcelog-6190 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mcelog-6190 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): mcelog-1.0.2011.06.08-0.11.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): mcelog-1.0.2011.06.08-0.11.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): mcelog-1.0.2011.06.08-0.11.1 References: https://bugzilla.novell.com/742716 https://bugzilla.novell.com/748484 http://download.novell.com/patch/finder/?keywords=6ce91a182806bf2ac1c9960c3d0a0a57 From sle-updates at lists.suse.com Mon Jun 4 18:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jun 2012 02:08:27 +0200 (CEST) Subject: SUSE-RU-2012:0694-1: moderate: Recommended update for subscription-tools Message-ID: <20120605000827.BD4E2323F5@maintenance.suse.de> SUSE Recommended Update: Recommended update for subscription-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0694-1 Rating: moderate References: #723613 #753031 #761857 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for subscription-tools resolves the following issues: * The isRegistered command exit with an error if the registration status file is empty * Fix detection of KVM hypervisor In addition, the package documentation was improved. Indications: The program isRegistered delivers error messages Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-subscription-tools-6287 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-subscription-tools-6287 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-subscription-tools-6287 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): subscription-tools-1.0-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): subscription-tools-1.0-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): subscription-tools-1.0-0.19.1 References: https://bugzilla.novell.com/723613 https://bugzilla.novell.com/753031 https://bugzilla.novell.com/761857 http://download.novell.com/patch/finder/?keywords=bb702dbbe5daeadf670e51fefaacc614 From sle-updates at lists.suse.com Mon Jun 4 18:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jun 2012 02:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0685-2: Recommended update for SLED Manuals Message-ID: <20120605000829.4963632403@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLED Manuals ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0685-2 Rating: low References: #757309 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This updates the SUSE Linux Enterprise Desktop Manual to the latest state. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sled-admin_en-pdf-6270 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (noarch): sled-admin_en-pdf-11.2-0.37.1 sled-apps_en-pdf-11.2-0.37.1 sled-deployment_en-pdf-11.2-0.37.1 sled-gnomequick_en-pdf-11.2-0.37.1 sled-gnomeuser_en-pdf-11.2-0.37.1 sled-installquick_en-pdf-11.2-0.37.1 sled-kdequick_en-pdf-11.2-0.37.1 sled-kdeuser_en-pdf-11.2-0.37.1 sled-libreofficequick_en-pdf-11.2-0.37.1 sled-manuals_en-11.2-0.37.1 sled-security_en-pdf-11.2-0.37.1 sled-tuning_en-pdf-11.2-0.37.1 sled-xen_en-pdf-11.2-0.37.1 References: https://bugzilla.novell.com/757309 http://download.novell.com/patch/finder/?keywords=e6c9bb1ef5d152af758bed5d7ad3621d From sle-updates at lists.suse.com Tue Jun 5 14:03:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jun 2012 22:03:34 +0200 (CEST) Subject: SUSE-RU-2012:0698-1: Recommended update for sled11-branding-hp-cnb-SBSO Message-ID: <20120605200736.3E2E93240E@maintenance.suse.de> SUSE Recommended Update: Recommended update for sled11-branding-hp-cnb-SBSO ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0698-1 Rating: low References: #762925 Affected Products: SLED 11 HP CNB Preload SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update improves the webcam performance on some HP laptops. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SLED 11 HP CNB Preload SP2: zypper in -t patch slehpcnbp2-sled11-branding-hp-cnb-SBSO-6375 slehpcnbup2-sled11-branding-hp-cnb-SBSO-6377 To bring your system up-to-date, use "zypper patch". Package List: - SLED 11 HP CNB Preload SP2 (x86_64): sled11-branding-hp-cnb-SBSO-0.9-0.27.1 References: https://bugzilla.novell.com/762925 http://download.novell.com/patch/finder/?keywords=488814c5fef172407ca7bf82c41167b0 http://download.novell.com/patch/finder/?keywords=5b3c279b2dc862ebe6458d70baf30f8f From sle-updates at lists.suse.com Tue Jun 5 14:16:50 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jun 2012 22:16:50 +0200 (CEST) Subject: SUSE-RU-2012:0699-1: Recommended update for sled11-branding-hp-cnb-SBSO Message-ID: <20120605203559.78B0832179@maintenance.suse.de> SUSE Recommended Update: Recommended update for sled11-branding-hp-cnb-SBSO ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0699-1 Rating: low References: #762925 Affected Products: SLED 11 HP CNB Preload SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update improves the webcam performance on some HP laptops. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SLED 11 HP CNB Preload SP2: zypper in -t patch slehpcnbp2-sled11-branding-hp-cnb-SBSO-6375 slehpcnbup2-sled11-branding-hp-cnb-SBSO-6377 To bring your system up-to-date, use "zypper patch". Package List: - SLED 11 HP CNB Preload SP2 (x86_64): sled11-branding-hp-cnb-SBSO-0.9-0.27.1 References: https://bugzilla.novell.com/762925 http://download.novell.com/patch/finder/?keywords=488814c5fef172407ca7bf82c41167b0 http://download.novell.com/patch/finder/?keywords=5b3c279b2dc862ebe6458d70baf30f8f From sle-updates at lists.suse.com Tue Jun 5 16:08:57 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 00:08:57 +0200 (CEST) Subject: SUSE-SU-2012:0700-1: Security update for PostgreSQL Message-ID: <20120605220857.718A332179@maintenance.suse.de> SUSE Security Update: Security update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0700-1 Rating: low References: #701489 #749299 #749303 Cross-References: CVE-2012-0866 CVE-2012-0868 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. It includes one version update. Description: * Security and bugfix release 8.3.18: o Require execute permission on the trigger function for CREATE TRIGGER (CVE-2012-0866, bnc#749299). o Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303). Please see the PostgreSQL release notes document for full changelog and details: http://www.postgresql.org/docs/8.3/static/release.html Security Issue references: * CVE-2012-0868 * CVE-2012-0866 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-postgresql-6023 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-postgresql-6023 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-postgresql-6023 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-postgresql-6023 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-postgresql-6023 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-postgresql-6023 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-postgresql-6023 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-devel-8.3.18-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-devel-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-8.3.18-0.3.1 postgresql-contrib-8.3.18-0.3.1 postgresql-docs-8.3.18-0.3.1 postgresql-libs-8.3.18-0.3.1 postgresql-server-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-libs-32bit-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 8.3.18]: postgresql-libs-x86-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 8.3.18]: postgresql-8.3.18-0.3.1 postgresql-contrib-8.3.18-0.3.1 postgresql-docs-8.3.18-0.3.1 postgresql-libs-8.3.18-0.3.1 postgresql-server-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 8.3.18]: postgresql-libs-32bit-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-8.3.18-0.3.1 postgresql-contrib-8.3.18-0.3.1 postgresql-docs-8.3.18-0.3.1 postgresql-libs-8.3.18-0.3.1 postgresql-server-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 8.3.18]: postgresql-libs-32bit-8.3.18-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 8.3.18]: postgresql-libs-x86-8.3.18-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 8.3.18]: postgresql-8.3.18-0.3.1 postgresql-libs-8.3.18-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 8.3.18]: postgresql-libs-32bit-8.3.18-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 8.3.18]: postgresql-8.3.18-0.3.1 postgresql-libs-8.3.18-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 8.3.18]: postgresql-libs-32bit-8.3.18-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-0866.html http://support.novell.com/security/cve/CVE-2012-0868.html https://bugzilla.novell.com/701489 https://bugzilla.novell.com/749299 https://bugzilla.novell.com/749303 http://download.novell.com/patch/finder/?keywords=6c8d0102b4f4c35e6b48e8424a7d993b From sle-updates at lists.suse.com Tue Jun 5 16:09:00 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 00:09:00 +0200 (CEST) Subject: SUSE-RU-2012:0701-1: Recommended update for yast2-ldap Message-ID: <20120605220900.EB1383217B@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-ldap ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0701-1 Rating: low References: #745877 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update adds an option to disable certificate checks on hosts. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-ldap-5983 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-ldap-5983 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-ldap-5983 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.7]: yast2-ldap-2.17.7-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.7]: yast2-ldap-2.17.7-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.7]: yast2-ldap-2.17.7-0.5.1 References: https://bugzilla.novell.com/745877 http://download.novell.com/patch/finder/?keywords=fa6754ba05cff5f6f879030c5e0e9201 From sle-updates at lists.suse.com Tue Jun 5 17:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 01:08:29 +0200 (CEST) Subject: SUSE-SU-2012:0702-1: Security update for PostgreSQL Message-ID: <20120605230829.A47CD3217B@maintenance.suse.de> SUSE Security Update: Security update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0702-1 Rating: low References: #749299 #749303 Cross-References: CVE-2012-0866 CVE-2012-0868 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: * Security and bugfix release: * Require execute permission on the trigger function for CREATE TRIGGER (CVE-2012-0866, bnc#749299). * Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303). Please see the PostgreSQL release notes document for full changelog and details: http://www.postgresql.org/docs/8.3/static/release.html Security Issue references: * CVE-2012-0868 * CVE-2012-0866 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64): postgresql-8.1.22-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): postgresql-contrib-8.1.22-0.8.1 postgresql-devel-8.1.22-0.8.1 postgresql-docs-8.1.22-0.8.1 postgresql-libs-8.1.22-0.8.1 postgresql-server-8.1.22-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): postgresql-libs-32bit-8.1.22-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): postgresql-libs-x86-8.1.22-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): postgresql-libs-64bit-8.1.22-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): postgresql-devel-8.1.22-0.8.1 postgresql-libs-8.1.22-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): postgresql-libs-32bit-8.1.22-0.8.1 - SLE SDK 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64): postgresql-8.1.22-0.8.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): postgresql-contrib-8.1.22-0.8.1 postgresql-devel-8.1.22-0.8.1 postgresql-docs-8.1.22-0.8.1 postgresql-server-8.1.22-0.8.1 References: http://support.novell.com/security/cve/CVE-2012-0866.html http://support.novell.com/security/cve/CVE-2012-0868.html https://bugzilla.novell.com/749299 https://bugzilla.novell.com/749303 http://download.novell.com/patch/finder/?keywords=bb8dbe40ca6eb550de22331990660c8f From sle-updates at lists.suse.com Tue Jun 5 19:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 03:08:27 +0200 (CEST) Subject: SUSE-SU-2012:0703-1: important: Security update for pidgin-otr Message-ID: <20120606010827.49E153240E@maintenance.suse.de> SUSE Security Update: Security update for pidgin-otr ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0703-1 Rating: important References: #762498 Cross-References: CVE-2012-2369 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: A format string flaw in pidgin-otr could have caused a denial of service condition or even potentially allowed attackers to execute arbitrary code. This has been fixed. Security Issue reference: * CVE-2012-2369 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-pidgin-otr-6380 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-pidgin-otr-6380 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): pidgin-otr-3.2.0-1.40.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): pidgin-otr-3.2.0-1.40.1 References: http://support.novell.com/security/cve/CVE-2012-2369.html https://bugzilla.novell.com/762498 http://download.novell.com/patch/finder/?keywords=88a4e0d56e88f035f398a36e479c669e From sle-updates at lists.suse.com Wed Jun 6 08:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 16:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0704-1: Recommended update for NFS Message-ID: <20120606140825.C717E327F6@maintenance.suse.de> SUSE Recommended Update: Recommended update for NFS ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0704-1 Rating: low References: #752537 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds locking to avoid a race which could have caused high-available NFS exports to become unavailable when multiple cluster services failed over at the same time due to changes made to exportfs done by multiple processes in parallel overwriting each other. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): nfs-utils-1.0.7-36.46.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): nfs-utils-1.0.7-36.46.1 References: https://bugzilla.novell.com/752537 http://download.novell.com/patch/finder/?keywords=09c619267263f50ae8f8d646df41dcf5 From sle-updates at lists.suse.com Wed Jun 6 09:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 17:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0705-1: Recommended update for gdm Message-ID: <20120606150831.0E91E327F6@maintenance.suse.de> SUSE Recommended Update: Recommended update for gdm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0705-1 Rating: low References: #727346 #747434 #749965 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for gdm fixes the handling of smartcard readers in gdm. Now it is possible that the username that is being provided by the smartcard reader is automatically filled in. In addition, respecting the setting of DISPLAYMANAGER_ROOT_LOGIN_REMOTE="no" in /etc/sysconfig/displaymanager was implemented in gdm. Furthermore, the handling of XRandr size-changed signal was fixed to relocate the greeter login and panel windows correctly (bnc#749965) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-gdm-5945 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-gdm-5945 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-gdm-5945 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-gdm-5945 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-gdm-5945 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gdm-2.24.0-24.81.2 gdm-branding-upstream-2.24.0-24.81.2 gdm-lang-2.24.0-24.81.2 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): gdm-2.24.0-24.81.2 gdm-branding-upstream-2.24.0-24.81.2 gdm-lang-2.24.0-24.81.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): gdm-2.24.0-24.81.2 gdm-branding-upstream-2.24.0-24.81.2 gdm-lang-2.24.0-24.81.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gdm-2.24.0-24.81.2 gdm-branding-upstream-2.24.0-24.81.2 gdm-lang-2.24.0-24.81.2 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): gdm-2.24.0-24.81.2 gdm-branding-upstream-2.24.0-24.81.2 gdm-lang-2.24.0-24.81.2 References: https://bugzilla.novell.com/727346 https://bugzilla.novell.com/747434 https://bugzilla.novell.com/749965 http://download.novell.com/patch/finder/?keywords=8a683b0d8d22e9084621bfe8fe883957 From sle-updates at lists.suse.com Wed Jun 6 10:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 18:08:32 +0200 (CEST) Subject: SUSE-SU-2012:0706-1: moderate: Security update for quagga Message-ID: <20120606160832.77109327F7@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0706-1 Rating: moderate References: #677335 #752204 #752205 #752206 #759081 Cross-References: CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update of quagga fixes multiple security flaws that could have caused a Denial of Service via specially crafted packets (CVE-2012-1820, CVE-2012-0249, CVE-2012-0250, CVE-2012-0255). Additionally, issues with service owned directories in combination with logrotate were fixed. Security Issue references: * CVE-2012-0249 * CVE-2012-0250 * CVE-2012-0255 * CVE-2012-1820 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-quagga-6241 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-quagga-6241 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-quagga-6241 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-quagga-6241 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-quagga-6241 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): quagga-0.99.15-0.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): quagga-0.99.15-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.10.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): quagga-0.99.15-0.10.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): quagga-0.99.9-14.15.1 quagga-devel-0.99.9-14.15.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): quagga-0.99.9-14.15.1 quagga-devel-0.99.9-14.15.1 References: http://support.novell.com/security/cve/CVE-2012-0249.html http://support.novell.com/security/cve/CVE-2012-0250.html http://support.novell.com/security/cve/CVE-2012-0255.html http://support.novell.com/security/cve/CVE-2012-1820.html https://bugzilla.novell.com/677335 https://bugzilla.novell.com/752204 https://bugzilla.novell.com/752205 https://bugzilla.novell.com/752206 https://bugzilla.novell.com/759081 http://download.novell.com/patch/finder/?keywords=9bef93966149baad96780e499beb1fec http://download.novell.com/patch/finder/?keywords=cca62683f5972913c5a953595b8b67f9 From sle-updates at lists.suse.com Wed Jun 6 10:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 18:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0707-1: Recommended update for NFS Message-ID: <20120606160834.49FE7327F8@maintenance.suse.de> SUSE Recommended Update: Recommended update for NFS ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0707-1 Rating: low References: #752537 #756479 #758492 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for nfs-client includes the following changes: * Adds locking to avoid a race which could have caused high-available NFS exports to become unavailable when multiple cluster services failed over at the same time due to changes made to exportfs done by multiple processes in parallel overwriting each other. * Fixes issues with NFSv4 pseudo root management which was interfering with using different types of host identifiers (e.g. netgroup vs IP address) on different exports. * Removes a duplicate MOUNTD_PORT variable from sysconfig/nfs. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nfs-client-6222 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nfs-client-6222 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-nfs-client-6222 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nfs-client-1.2.3-18.23.1 nfs-doc-1.2.3-18.23.1 nfs-kernel-server-1.2.3-18.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nfs-client-1.2.3-18.23.1 nfs-doc-1.2.3-18.23.1 nfs-kernel-server-1.2.3-18.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): nfs-client-1.2.3-18.23.1 nfs-kernel-server-1.2.3-18.23.1 References: https://bugzilla.novell.com/752537 https://bugzilla.novell.com/756479 https://bugzilla.novell.com/758492 http://download.novell.com/patch/finder/?keywords=f82c19839638fcab31fe1802b5e3aaba From sle-updates at lists.suse.com Wed Jun 6 12:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 20:08:23 +0200 (CEST) Subject: SUSE-RU-2012:0708-1: Recommended update for nagios-plugins Message-ID: <20120606180823.E0666327FA@maintenance.suse.de> SUSE Recommended Update: Recommended update for nagios-plugins ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0708-1 Rating: low References: #751992 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for nagios-plugins fixes a buffer overflow in the check_ntp_peer plug-in. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-nagios-plugins-6201 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-nagios-plugins-6201 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-nagios-plugins-6201 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nagios-plugins-1.4.13-1.37.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): nagios-plugins-1.4.13-1.37.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): nagios-plugins-1.4.13-1.37.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): nagios-plugins-1.4.13-2.7.3 nagios-plugins-extras-1.4.13-2.7.3 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): nagios-plugins-1.4.13-2.7.3 nagios-plugins-extras-1.4.13-2.7.3 References: https://bugzilla.novell.com/751992 http://download.novell.com/patch/finder/?keywords=0a365f1dd221222e54d7f27db9b14e7f http://download.novell.com/patch/finder/?keywords=be15bba0fdf06d93cbf4884571008bdb From sle-updates at lists.suse.com Wed Jun 6 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 23:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0709-1: Recommended update for nfs-utils Message-ID: <20120606210829.057E3327FB@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfs-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0709-1 Rating: low References: #752537 #756479 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update adds locking to avoid a race which could cause high-available NFS exports to become unavailable when multiple cluster services fail over at the same time due to changes made to exportfs done by multiple processes in parallel overwriting each other. In addition, it removes a duplicate MOUNTD_PORT variable from sysconfig/nfs. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-nfs-client-6176 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-nfs-client-6176 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-nfs-client-6176 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): nfs-client-1.2.1-2.24.1 nfs-doc-1.2.1-2.24.1 nfs-kernel-server-1.2.1-2.24.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): nfs-client-1.2.1-2.24.1 nfs-doc-1.2.1-2.24.1 nfs-kernel-server-1.2.1-2.24.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): nfs-client-1.2.1-2.24.1 nfs-kernel-server-1.2.1-2.24.1 References: https://bugzilla.novell.com/752537 https://bugzilla.novell.com/756479 http://download.novell.com/patch/finder/?keywords=42685973ffbdcb28b19e51874dd2dcff From sle-updates at lists.suse.com Wed Jun 6 15:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jun 2012 23:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0710-1: important: Recommended update for Python Message-ID: <20120606210830.BACF6327FB@maintenance.suse.de> SUSE Recommended Update: Recommended update for Python ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0710-1 Rating: important References: #764555 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update adds a regression fix for retry counter in pythons urllib2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libpython2_6-1_0-6362 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libpython2_6-1_0-6362 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: python-devel-2.6.8-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 2.6.8]: python-demo-2.6.8-0.15.1 python-gdbm-2.6.8-0.15.1 python-idle-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64) [New Version: 2.6.8]: python-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: python-devel-2.6.8-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 2.6.8]: python-demo-2.6.8-0.15.1 python-gdbm-2.6.8-0.15.1 python-idle-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64) [New Version: 2.6.8]: python-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.15.1 python-2.6.8-0.15.1 python-base-2.6.8-0.15.1 python-curses-2.6.8-0.15.1 python-demo-2.6.8-0.15.1 python-gdbm-2.6.8-0.15.1 python-idle-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 python-xml-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.15.1 python-32bit-2.6.8-0.15.1 python-base-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 2.6.8]: libpython2_6-1_0-x86-2.6.8-0.15.1 python-base-x86-2.6.8-0.15.1 python-x86-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.15.1 python-2.6.8-0.15.1 python-base-2.6.8-0.15.1 python-curses-2.6.8-0.15.1 python-demo-2.6.8-0.15.1 python-gdbm-2.6.8-0.15.1 python-idle-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 python-xml-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.15.1 python-32bit-2.6.8-0.15.1 python-base-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.15.1 python-2.6.8-0.15.1 python-base-2.6.8-0.15.1 python-curses-2.6.8-0.15.1 python-demo-2.6.8-0.15.1 python-gdbm-2.6.8-0.15.1 python-idle-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 python-xml-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.15.1 python-32bit-2.6.8-0.15.1 python-base-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 2.6.8]: libpython2_6-1_0-x86-2.6.8-0.15.1 python-base-x86-2.6.8-0.15.1 python-x86-2.6.8-0.15.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.15.1 python-2.6.8-0.15.1 python-base-2.6.8-0.15.1 python-curses-2.6.8-0.15.1 python-devel-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 python-xml-2.6.8-0.15.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.15.1 python-base-32bit-2.6.8-0.15.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.15.1 python-2.6.8-0.15.1 python-base-2.6.8-0.15.1 python-curses-2.6.8-0.15.1 python-devel-2.6.8-0.15.1 python-tk-2.6.8-0.15.1 python-xml-2.6.8-0.15.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.15.1 python-base-32bit-2.6.8-0.15.1 References: https://bugzilla.novell.com/764555 http://download.novell.com/patch/finder/?keywords=12788553d4241e9300b2f52a1d308d0d From sle-updates at lists.suse.com Wed Jun 6 16:08:58 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jun 2012 00:08:58 +0200 (CEST) Subject: SUSE-RU-2012:0711-1: moderate: Recommended update for hal Message-ID: <20120606220858.2CA40327FA@maintenance.suse.de> SUSE Recommended Update: Recommended update for hal ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0711-1 Rating: moderate References: #745277 #745979 #749336 #752251 #756332 #762478 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update to hal resolves the following issues: * Fix handling of the video switch key for BIOS'es of certain vendors built in year 2012 or later (bnc#762478) * Set a delay for polling battery devices and adds a forcefully update of the battery status when AC is plugged in or out (bnc#745979) * Disable WLAN key code for 2011/2012 HP models for avoiding the conflict of hard and soft rfkill state changes * Respect the "cpufreq" boot parameter when restarting the HAL daemon, preventing the load of CPU frequency modules when they are not wanted (bnc#750484). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-hal-6332 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-hal-6332 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-hal-6332 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-hal-6332 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): hal-devel-0.5.12-23.68.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): hal-0.5.12-23.68.1 hal-doc-0.5.12-23.68.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): hal-32bit-0.5.12-23.68.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): hal-0.5.12-23.68.1 hal-doc-0.5.12-23.68.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): hal-32bit-0.5.12-23.68.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): hal-x86-0.5.12-23.68.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): hal-0.5.12-23.68.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): hal-32bit-0.5.12-23.68.1 References: https://bugzilla.novell.com/745277 https://bugzilla.novell.com/745979 https://bugzilla.novell.com/749336 https://bugzilla.novell.com/752251 https://bugzilla.novell.com/756332 https://bugzilla.novell.com/762478 http://download.novell.com/patch/finder/?keywords=560fc5583478fef5fa23e3db091a8a31 From sle-updates at lists.suse.com Wed Jun 6 16:09:00 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jun 2012 00:09:00 +0200 (CEST) Subject: SUSE-RU-2012:0712-1: moderate: Recommended update for curl Message-ID: <20120606220900.2ABAB327FB@maintenance.suse.de> SUSE Recommended Update: Recommended update for curl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0712-1 Rating: moderate References: #755908 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update adds the option --ssl-allow-beast which can be used to disable the workaround for a security flaw in the SSL3 and TLS1.0 protocols. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-curl-6237 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-curl-6237 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-curl-6237 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-curl-6237 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-curl-6237 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-curl-6237 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-curl-6237 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 7.19.7]: libcurl-devel-7.19.7-1.20.21.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 7.19.7]: libcurl-devel-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 7.19.7]: curl-7.19.7-1.20.21.1 libcurl4-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 7.19.7]: libcurl4-32bit-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 7.19.7]: libcurl4-x86-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 7.19.7]: curl-7.19.7-1.20.21.1 libcurl4-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 7.19.7]: libcurl4-32bit-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 7.19.7]: curl-7.19.7-1.20.21.1 libcurl4-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 7.19.7]: libcurl4-32bit-7.19.7-1.20.21.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 7.19.7]: libcurl4-x86-7.19.7-1.20.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 7.19.7]: curl-7.19.7-1.20.21.1 libcurl4-7.19.7-1.20.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 7.19.7]: libcurl4-32bit-7.19.7-1.20.21.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 7.19.7]: curl-7.19.7-1.20.21.1 libcurl4-7.19.7-1.20.21.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 7.19.7]: libcurl4-32bit-7.19.7-1.20.21.1 References: https://bugzilla.novell.com/755908 http://download.novell.com/patch/finder/?keywords=6004bcfd903c4b55eec886781d19afbc From sle-updates at lists.suse.com Wed Jun 6 17:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jun 2012 01:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0713-1: Recommended update for release-notes-sles Message-ID: <20120606230831.C99FA327F9@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0713-1 Rating: low References: #661511 #749049 #750414 #750625 #750905 #750970 #751006 #753005 #754041 #754267 #755503 #755877 #756801 #756881 #757039 #757044 #760930 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has 17 recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2. * Collaborative Memory Management Stage II (CMM2) Lite (bnc#753005) * Broadcom 57712 vNICs/NPAR PCIE Functions Disappearing under SP2 (bnc#750414) * Upgrading from SLES 10 (GA and Service Packs) or SLES 11 GA (bnc#755503, bnc#751006) * libica 2.1.0 Available in SLES 11 SP2 for s390x * Loading the Installation Kernel via Network on POWER (bnc#756801) * Formatting Large Disk Partitions on Windows 8 Server (bnc#754041); SUSE Linux Enterprise Real Time Extension (bnc#754267) * Updated entries: btrfs (bnc#757039, updated in fate) * New entries: Kernel Development Files Moved (bnc#661511) * More fixes: bnc#755877; bnc#750905; bnc#750970 (in fate); bnc#757044; bnc#760930 (php version info, also see fate#311983); bnc#756881; bnc#749049. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-6263 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.37]: release-notes-sles-11.2.0.37-0.9.1 References: https://bugzilla.novell.com/661511 https://bugzilla.novell.com/749049 https://bugzilla.novell.com/750414 https://bugzilla.novell.com/750625 https://bugzilla.novell.com/750905 https://bugzilla.novell.com/750970 https://bugzilla.novell.com/751006 https://bugzilla.novell.com/753005 https://bugzilla.novell.com/754041 https://bugzilla.novell.com/754267 https://bugzilla.novell.com/755503 https://bugzilla.novell.com/755877 https://bugzilla.novell.com/756801 https://bugzilla.novell.com/756881 https://bugzilla.novell.com/757039 https://bugzilla.novell.com/757044 https://bugzilla.novell.com/760930 http://download.novell.com/patch/finder/?keywords=b2c9ba434235c21a24868dc84c28d27c From sle-updates at lists.suse.com Wed Jun 6 17:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jun 2012 01:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0714-1: moderate: Recommended update for hal Message-ID: <20120606230833.9EDFD327F9@maintenance.suse.de> SUSE Recommended Update: Recommended update for hal ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0714-1 Rating: moderate References: #750484 #753504 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to hal resolves the following issues: * Fix handling of the video switch key for BIOS'es of certain vendors built in year 2012 or later (bnc#753504) * Respect the "cpufreq" boot parameter when restarting the HAL daemon, preventing the load of CPU frequency modules when they are not wanted (bnc#750484). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-hal-6328 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-hal-6328 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-hal-6328 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-hal-6328 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): hal-devel-0.5.12-23.49.51.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): hal-0.5.12-23.49.51.1 hal-doc-0.5.12-23.49.51.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): hal-32bit-0.5.12-23.49.51.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): hal-0.5.12-23.49.51.1 hal-doc-0.5.12-23.49.51.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): hal-32bit-0.5.12-23.49.51.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): hal-x86-0.5.12-23.49.51.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): hal-0.5.12-23.49.51.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): hal-32bit-0.5.12-23.49.51.1 References: https://bugzilla.novell.com/750484 https://bugzilla.novell.com/753504 http://download.novell.com/patch/finder/?keywords=72f5cd6df2e5246ad7bac90d9db2baea From sle-updates at lists.suse.com Thu Jun 7 16:09:00 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jun 2012 00:09:00 +0200 (CEST) Subject: SUSE-RU-2012:0716-1: moderate: Recommended update for release-notes-smt Message-ID: <20120607220900.F2E6E327FB@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-smt ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0716-1 Rating: moderate References: #757956 Affected Products: Subscription Management Tool 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest version of the Release Notes for the Subscription Management Tool 11 SP2 for SUSE Linux Enterprise. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-release-notes-smt-6290 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): release-notes-smt-2.0-0.22.1 References: https://bugzilla.novell.com/757956 http://download.novell.com/patch/finder/?keywords=cf2f971aa17897c852376cd338bfb80c From sle-updates at lists.suse.com Thu Jun 7 16:08:59 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jun 2012 00:08:59 +0200 (CEST) Subject: SUSE-RU-2012:0715-1: Recommended update for SUSE Lifecycle Management Server Message-ID: <20120607220859.23E19327FA@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Lifecycle Management Server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0715-1 Rating: low References: #743589 #749109 #749598 #749717 #750487 #750670 #752093 #758051 #759720 #764563 #764955 Affected Products: SUSE Studio Standard Edition 1.2 ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. It includes one version update. Description: This update for the SUSE Lifecycle Management Server 1.2 provides the following changes: 743589 Corrected behaviour of script slms-purge * The script slms purge --node nocontact with --date should delete nodes which doesn't contact SLMS after but instead it remove all nodes which is registered before . It can cause severe data lose for customers, as already working appliance stop working as unregistered. 749109 Add support for SLE11-SP2 * Add support for appliances based on SUSE Linux Enterprise 11-SP2. 749598 Appliances fails to register after update * Missing reference to a rexml/document library in the the external part of rails app controller caused a server error during register process of customers' appliances. 749717 Changed owvership of overlay files archives * Fixed problem with permissions in slms/webapp/lib/overlay_files_pack.rb where the new directory created via extract of tar archive from SUSE Studio kept the original permissions which was unacceptable in case the expected owner was root. 750487 Appliance version removal not successful * Adapted and later from Studio and SLMS removed appliance could not be removed completely from SLMS after it has been downgraded to a previous version, which blocked any updates of an adapted appliance to a new version with a lower number. This patch includes removal of all records from db and file system from any release and update packages and patches when a appliance version is being deleted. 750670 Added UI elements to customer modification * Adds options for removing testing customers completely and for switching the status of the customer between 'active' and 'inactive'. These options were missing in the recent releases. 752093 Errors in web server SSL configuration * New update package modified apache1 configuration files by removing customers' own certificates and put the default SLMS certificate in place. Resolved by splitting Apache configuration and including new configuration file slms/apache-conf/vhosts.d/slms_ssl_options.include. 759720 Removal of rejected patches * Fix removal of patches rejected in the "Testing Update Repository". 764563 No update/progress bar on patch generation with web interface * Fix user interface problem when creating and rejecting patches. 764955 Internal Server Error on patch reject * Resolve a Rails 2.3 bug in active_resource that could cause an internal server error when rejecting a patch. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-slms-sle11-sp2-support-6383 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 1.2.8]: slms-1.2.8-0.3.1 slms-core-1.2.8-0.3.1 slms-customer-center-1.2.8-0.3.1 slms-devel-doc-1.2.8-0.3.1 slms-external-1.2.8-0.3.1 slms-registration-1.2.8-0.3.1 slms-testsuite-1.2.8-0.3.1 References: https://bugzilla.novell.com/743589 https://bugzilla.novell.com/749109 https://bugzilla.novell.com/749598 https://bugzilla.novell.com/749717 https://bugzilla.novell.com/750487 https://bugzilla.novell.com/750670 https://bugzilla.novell.com/752093 https://bugzilla.novell.com/758051 https://bugzilla.novell.com/759720 https://bugzilla.novell.com/764563 https://bugzilla.novell.com/764955 http://download.novell.com/patch/finder/?keywords=edb2b95721259e2ca95502dd07a85d4f From sle-updates at lists.suse.com Fri Jun 8 09:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jun 2012 17:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0719-1: Recommended update for aaa_base Message-ID: <20120608150833.B953D327FC@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0719-1 Rating: low References: #747318 #752298 #762535 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to aaa_base resolves the following issues: * The file system type of /dev was incorrectly listed as "devtmpfs" in /etc/mtab. * The debug file system mounted in /sys/kernel/debug was not listed in /etc/mtab. * NIS/YP domain name is set as FQDN hostname. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-aaa_base-6386 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-aaa_base-6386 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-aaa_base-6386 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): aaa_base-11-6.69.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.69.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): aaa_base-11-6.69.1 References: https://bugzilla.novell.com/747318 https://bugzilla.novell.com/752298 https://bugzilla.novell.com/762535 http://download.novell.com/patch/finder/?keywords=cce0c8fe0262abb7fd30b0ad2af55241 From sle-updates at lists.suse.com Fri Jun 8 09:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jun 2012 17:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0718-1: moderate: Recommended update for audit Message-ID: <20120608150831.D6B26327FB@maintenance.suse.de> SUSE Recommended Update: Recommended update for audit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0718-1 Rating: moderate References: #751736 #752346 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The audit daemon (auditd) would leak memory when log_format=NOLOG was specified in /etc/audit/auditd.conf. This configuration is typically used when forwarding log information to other hosts via the network rather than performing local logging. In addition, auditctl would fail to parse negative arguments for a0-a3 rules. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-audit-6214 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-audit-6221 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-audit-6214 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-audit-6214 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-audit-6221 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-audit-6221 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-audit-6214 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-audit-6221 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): audit-devel-1.7.7-5.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): audit-libs-python-1.7.7-6.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): audit-devel-1.7.7-5.18.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): audit-libs-python-1.7.7-6.2.10.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): audit-1.7.7-5.27.1 audit-audispd-plugins-1.7.7-6.27.1 audit-libs-1.7.7-5.27.1 audit-libs-python-1.7.7-6.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): audit-libs-32bit-1.7.7-5.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): audit-1.7.7-5.27.1 audit-audispd-plugins-1.7.7-6.27.1 audit-libs-1.7.7-5.27.1 audit-libs-python-1.7.7-6.27.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): audit-libs-32bit-1.7.7-5.27.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): audit-libs-x86-1.7.7-5.27.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): audit-1.7.7-5.18.10.1 audit-audispd-plugins-1.7.7-6.2.10.1 audit-libs-1.7.7-5.18.10.1 audit-libs-python-1.7.7-6.2.10.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): audit-libs-32bit-1.7.7-5.18.10.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): audit-1.7.7-5.18.10.1 audit-audispd-plugins-1.7.7-6.2.10.1 audit-libs-1.7.7-5.18.10.1 audit-libs-python-1.7.7-6.2.10.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): audit-libs-32bit-1.7.7-5.18.10.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): audit-libs-x86-1.7.7-5.18.10.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): audit-1.7.7-5.27.1 audit-libs-1.7.7-5.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): audit-libs-32bit-1.7.7-5.27.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): audit-1.7.7-5.18.10.1 audit-libs-1.7.7-5.18.10.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): audit-libs-32bit-1.7.7-5.18.10.1 References: https://bugzilla.novell.com/751736 https://bugzilla.novell.com/752346 http://download.novell.com/patch/finder/?keywords=8cbf20c4ebed3d0f92a075d9b47e0166 http://download.novell.com/patch/finder/?keywords=eab169f32184e1e342ea7f6c564ce646 From sle-updates at lists.suse.com Fri Jun 8 10:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jun 2012 18:08:38 +0200 (CEST) Subject: SUSE-RU-2012:0720-1: Recommended update for SUSE Lifecycle Management Server Manuals Message-ID: <20120608160838.07656327FC@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Lifecycle Management Server Manuals ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0720-1 Rating: low References: #749109 Affected Products: SUSE Studio Standard Edition 1.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Updates the SUSE Lifecycle Management Server manual to the latest state. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-sle-slms-manual_en-6397 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Standard Edition 1.2 (noarch): sle-slms-manual_en-1.2-0.17.1 sle-slms-manual_en-pdf-1.2-0.17.1 References: https://bugzilla.novell.com/749109 http://download.novell.com/patch/finder/?keywords=e5f6d2bf22cac5641d5b1a6bb86b215f From sle-updates at lists.suse.com Fri Jun 8 17:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 Jun 2012 01:08:39 +0200 (CEST) Subject: SUSE-SU-2012:0721-1: important: Security update for PHP5 Message-ID: <20120608230840.02F553217B@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0721-1 Rating: important References: #761631 Cross-References: CVE-2012-2335 CVE-2012-2336 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: PHP5 was updated with incremental fixes to the previous update: * CVE-2012-2335: Additional unsafe cgi wrapper scripts are also fixed now. * CVE-2012-2336: Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. Security Issue references: * CVE-2012-2335 * CVE-2012-2336 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-apache2-mod_php5-6316 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-apache2-mod_php5-6316 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-apache2-mod_php5-6316 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-apache2-mod_php5-6316 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-apache2-mod_php5-6316 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: php5-devel-5.2.14-0.7.30.40.1 php5-imap-5.2.14-0.7.30.40.1 php5-ncurses-5.2.14-0.7.30.40.1 php5-posix-5.2.14-0.7.30.40.1 php5-readline-5.2.14-0.7.30.40.1 php5-sockets-5.2.14-0.7.30.40.1 php5-sqlite-5.2.14-0.7.30.40.1 php5-tidy-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.40.1 php5-5.2.14-0.7.30.40.1 php5-bcmath-5.2.14-0.7.30.40.1 php5-bz2-5.2.14-0.7.30.40.1 php5-calendar-5.2.14-0.7.30.40.1 php5-ctype-5.2.14-0.7.30.40.1 php5-curl-5.2.14-0.7.30.40.1 php5-dba-5.2.14-0.7.30.40.1 php5-dbase-5.2.14-0.7.30.40.1 php5-dom-5.2.14-0.7.30.40.1 php5-exif-5.2.14-0.7.30.40.1 php5-fastcgi-5.2.14-0.7.30.40.1 php5-ftp-5.2.14-0.7.30.40.1 php5-gd-5.2.14-0.7.30.40.1 php5-gettext-5.2.14-0.7.30.40.1 php5-gmp-5.2.14-0.7.30.40.1 php5-hash-5.2.14-0.7.30.40.1 php5-iconv-5.2.14-0.7.30.40.1 php5-json-5.2.14-0.7.30.40.1 php5-ldap-5.2.14-0.7.30.40.1 php5-mbstring-5.2.14-0.7.30.40.1 php5-mcrypt-5.2.14-0.7.30.40.1 php5-mysql-5.2.14-0.7.30.40.1 php5-odbc-5.2.14-0.7.30.40.1 php5-openssl-5.2.14-0.7.30.40.1 php5-pcntl-5.2.14-0.7.30.40.1 php5-pdo-5.2.14-0.7.30.40.1 php5-pear-5.2.14-0.7.30.40.1 php5-pgsql-5.2.14-0.7.30.40.1 php5-pspell-5.2.14-0.7.30.40.1 php5-shmop-5.2.14-0.7.30.40.1 php5-snmp-5.2.14-0.7.30.40.1 php5-soap-5.2.14-0.7.30.40.1 php5-suhosin-5.2.14-0.7.30.40.1 php5-sysvmsg-5.2.14-0.7.30.40.1 php5-sysvsem-5.2.14-0.7.30.40.1 php5-sysvshm-5.2.14-0.7.30.40.1 php5-tokenizer-5.2.14-0.7.30.40.1 php5-wddx-5.2.14-0.7.30.40.1 php5-xmlreader-5.2.14-0.7.30.40.1 php5-xmlrpc-5.2.14-0.7.30.40.1 php5-xmlwriter-5.2.14-0.7.30.40.1 php5-xsl-5.2.14-0.7.30.40.1 php5-zip-5.2.14-0.7.30.40.1 php5-zlib-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: php5-devel-5.2.14-0.7.30.40.1 php5-imap-5.2.14-0.7.30.40.1 php5-ncurses-5.2.14-0.7.30.40.1 php5-posix-5.2.14-0.7.30.40.1 php5-readline-5.2.14-0.7.30.40.1 php5-sockets-5.2.14-0.7.30.40.1 php5-sqlite-5.2.14-0.7.30.40.1 php5-tidy-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.40.1 php5-5.2.14-0.7.30.40.1 php5-bcmath-5.2.14-0.7.30.40.1 php5-bz2-5.2.14-0.7.30.40.1 php5-calendar-5.2.14-0.7.30.40.1 php5-ctype-5.2.14-0.7.30.40.1 php5-curl-5.2.14-0.7.30.40.1 php5-dba-5.2.14-0.7.30.40.1 php5-dbase-5.2.14-0.7.30.40.1 php5-dom-5.2.14-0.7.30.40.1 php5-exif-5.2.14-0.7.30.40.1 php5-fastcgi-5.2.14-0.7.30.40.1 php5-ftp-5.2.14-0.7.30.40.1 php5-gd-5.2.14-0.7.30.40.1 php5-gettext-5.2.14-0.7.30.40.1 php5-gmp-5.2.14-0.7.30.40.1 php5-hash-5.2.14-0.7.30.40.1 php5-iconv-5.2.14-0.7.30.40.1 php5-json-5.2.14-0.7.30.40.1 php5-ldap-5.2.14-0.7.30.40.1 php5-mbstring-5.2.14-0.7.30.40.1 php5-mcrypt-5.2.14-0.7.30.40.1 php5-mysql-5.2.14-0.7.30.40.1 php5-odbc-5.2.14-0.7.30.40.1 php5-openssl-5.2.14-0.7.30.40.1 php5-pcntl-5.2.14-0.7.30.40.1 php5-pdo-5.2.14-0.7.30.40.1 php5-pear-5.2.14-0.7.30.40.1 php5-pgsql-5.2.14-0.7.30.40.1 php5-pspell-5.2.14-0.7.30.40.1 php5-shmop-5.2.14-0.7.30.40.1 php5-snmp-5.2.14-0.7.30.40.1 php5-soap-5.2.14-0.7.30.40.1 php5-suhosin-5.2.14-0.7.30.40.1 php5-sysvmsg-5.2.14-0.7.30.40.1 php5-sysvsem-5.2.14-0.7.30.40.1 php5-sysvshm-5.2.14-0.7.30.40.1 php5-tokenizer-5.2.14-0.7.30.40.1 php5-wddx-5.2.14-0.7.30.40.1 php5-xmlreader-5.2.14-0.7.30.40.1 php5-xmlrpc-5.2.14-0.7.30.40.1 php5-xmlwriter-5.2.14-0.7.30.40.1 php5-xsl-5.2.14-0.7.30.40.1 php5-zip-5.2.14-0.7.30.40.1 php5-zlib-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.40.1 php5-5.2.14-0.7.30.40.1 php5-bcmath-5.2.14-0.7.30.40.1 php5-bz2-5.2.14-0.7.30.40.1 php5-calendar-5.2.14-0.7.30.40.1 php5-ctype-5.2.14-0.7.30.40.1 php5-curl-5.2.14-0.7.30.40.1 php5-dba-5.2.14-0.7.30.40.1 php5-dbase-5.2.14-0.7.30.40.1 php5-dom-5.2.14-0.7.30.40.1 php5-exif-5.2.14-0.7.30.40.1 php5-fastcgi-5.2.14-0.7.30.40.1 php5-ftp-5.2.14-0.7.30.40.1 php5-gd-5.2.14-0.7.30.40.1 php5-gettext-5.2.14-0.7.30.40.1 php5-gmp-5.2.14-0.7.30.40.1 php5-hash-5.2.14-0.7.30.40.1 php5-iconv-5.2.14-0.7.30.40.1 php5-json-5.2.14-0.7.30.40.1 php5-ldap-5.2.14-0.7.30.40.1 php5-mbstring-5.2.14-0.7.30.40.1 php5-mcrypt-5.2.14-0.7.30.40.1 php5-mysql-5.2.14-0.7.30.40.1 php5-odbc-5.2.14-0.7.30.40.1 php5-openssl-5.2.14-0.7.30.40.1 php5-pcntl-5.2.14-0.7.30.40.1 php5-pdo-5.2.14-0.7.30.40.1 php5-pear-5.2.14-0.7.30.40.1 php5-pgsql-5.2.14-0.7.30.40.1 php5-pspell-5.2.14-0.7.30.40.1 php5-shmop-5.2.14-0.7.30.40.1 php5-snmp-5.2.14-0.7.30.40.1 php5-soap-5.2.14-0.7.30.40.1 php5-suhosin-5.2.14-0.7.30.40.1 php5-sysvmsg-5.2.14-0.7.30.40.1 php5-sysvsem-5.2.14-0.7.30.40.1 php5-sysvshm-5.2.14-0.7.30.40.1 php5-tokenizer-5.2.14-0.7.30.40.1 php5-wddx-5.2.14-0.7.30.40.1 php5-xmlreader-5.2.14-0.7.30.40.1 php5-xmlrpc-5.2.14-0.7.30.40.1 php5-xmlwriter-5.2.14-0.7.30.40.1 php5-xsl-5.2.14-0.7.30.40.1 php5-zip-5.2.14-0.7.30.40.1 php5-zlib-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.40.1 php5-5.2.14-0.7.30.40.1 php5-bcmath-5.2.14-0.7.30.40.1 php5-bz2-5.2.14-0.7.30.40.1 php5-calendar-5.2.14-0.7.30.40.1 php5-ctype-5.2.14-0.7.30.40.1 php5-curl-5.2.14-0.7.30.40.1 php5-dba-5.2.14-0.7.30.40.1 php5-dbase-5.2.14-0.7.30.40.1 php5-dom-5.2.14-0.7.30.40.1 php5-exif-5.2.14-0.7.30.40.1 php5-fastcgi-5.2.14-0.7.30.40.1 php5-ftp-5.2.14-0.7.30.40.1 php5-gd-5.2.14-0.7.30.40.1 php5-gettext-5.2.14-0.7.30.40.1 php5-gmp-5.2.14-0.7.30.40.1 php5-hash-5.2.14-0.7.30.40.1 php5-iconv-5.2.14-0.7.30.40.1 php5-json-5.2.14-0.7.30.40.1 php5-ldap-5.2.14-0.7.30.40.1 php5-mbstring-5.2.14-0.7.30.40.1 php5-mcrypt-5.2.14-0.7.30.40.1 php5-mysql-5.2.14-0.7.30.40.1 php5-odbc-5.2.14-0.7.30.40.1 php5-openssl-5.2.14-0.7.30.40.1 php5-pcntl-5.2.14-0.7.30.40.1 php5-pdo-5.2.14-0.7.30.40.1 php5-pear-5.2.14-0.7.30.40.1 php5-pgsql-5.2.14-0.7.30.40.1 php5-pspell-5.2.14-0.7.30.40.1 php5-shmop-5.2.14-0.7.30.40.1 php5-snmp-5.2.14-0.7.30.40.1 php5-soap-5.2.14-0.7.30.40.1 php5-suhosin-5.2.14-0.7.30.40.1 php5-sysvmsg-5.2.14-0.7.30.40.1 php5-sysvsem-5.2.14-0.7.30.40.1 php5-sysvshm-5.2.14-0.7.30.40.1 php5-tokenizer-5.2.14-0.7.30.40.1 php5-wddx-5.2.14-0.7.30.40.1 php5-xmlreader-5.2.14-0.7.30.40.1 php5-xmlrpc-5.2.14-0.7.30.40.1 php5-xmlwriter-5.2.14-0.7.30.40.1 php5-xsl-5.2.14-0.7.30.40.1 php5-zip-5.2.14-0.7.30.40.1 php5-zlib-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.40.1 php5-5.2.14-0.7.30.40.1 php5-bcmath-5.2.14-0.7.30.40.1 php5-bz2-5.2.14-0.7.30.40.1 php5-calendar-5.2.14-0.7.30.40.1 php5-ctype-5.2.14-0.7.30.40.1 php5-curl-5.2.14-0.7.30.40.1 php5-dba-5.2.14-0.7.30.40.1 php5-dbase-5.2.14-0.7.30.40.1 php5-dom-5.2.14-0.7.30.40.1 php5-exif-5.2.14-0.7.30.40.1 php5-fastcgi-5.2.14-0.7.30.40.1 php5-ftp-5.2.14-0.7.30.40.1 php5-gd-5.2.14-0.7.30.40.1 php5-gettext-5.2.14-0.7.30.40.1 php5-gmp-5.2.14-0.7.30.40.1 php5-hash-5.2.14-0.7.30.40.1 php5-iconv-5.2.14-0.7.30.40.1 php5-json-5.2.14-0.7.30.40.1 php5-ldap-5.2.14-0.7.30.40.1 php5-mbstring-5.2.14-0.7.30.40.1 php5-mcrypt-5.2.14-0.7.30.40.1 php5-mysql-5.2.14-0.7.30.40.1 php5-odbc-5.2.14-0.7.30.40.1 php5-openssl-5.2.14-0.7.30.40.1 php5-pcntl-5.2.14-0.7.30.40.1 php5-pdo-5.2.14-0.7.30.40.1 php5-pear-5.2.14-0.7.30.40.1 php5-pgsql-5.2.14-0.7.30.40.1 php5-pspell-5.2.14-0.7.30.40.1 php5-shmop-5.2.14-0.7.30.40.1 php5-snmp-5.2.14-0.7.30.40.1 php5-soap-5.2.14-0.7.30.40.1 php5-suhosin-5.2.14-0.7.30.40.1 php5-sysvmsg-5.2.14-0.7.30.40.1 php5-sysvsem-5.2.14-0.7.30.40.1 php5-sysvshm-5.2.14-0.7.30.40.1 php5-tokenizer-5.2.14-0.7.30.40.1 php5-wddx-5.2.14-0.7.30.40.1 php5-xmlreader-5.2.14-0.7.30.40.1 php5-xmlrpc-5.2.14-0.7.30.40.1 php5-xmlwriter-5.2.14-0.7.30.40.1 php5-xsl-5.2.14-0.7.30.40.1 php5-zip-5.2.14-0.7.30.40.1 php5-zlib-5.2.14-0.7.30.40.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.34.1 php5-5.2.14-0.34.1 php5-bcmath-5.2.14-0.34.1 php5-bz2-5.2.14-0.34.1 php5-calendar-5.2.14-0.34.1 php5-ctype-5.2.14-0.34.1 php5-curl-5.2.14-0.34.1 php5-dba-5.2.14-0.34.1 php5-dbase-5.2.14-0.34.1 php5-devel-5.2.14-0.34.1 php5-dom-5.2.14-0.34.1 php5-exif-5.2.14-0.34.1 php5-fastcgi-5.2.14-0.34.1 php5-ftp-5.2.14-0.34.1 php5-gd-5.2.14-0.34.1 php5-gettext-5.2.14-0.34.1 php5-gmp-5.2.14-0.34.1 php5-hash-5.2.14-0.34.1 php5-iconv-5.2.14-0.34.1 php5-imap-5.2.14-0.34.1 php5-json-5.2.14-0.34.1 php5-ldap-5.2.14-0.34.1 php5-mbstring-5.2.14-0.34.1 php5-mcrypt-5.2.14-0.34.1 php5-mhash-5.2.14-0.34.1 php5-mysql-5.2.14-0.34.1 php5-ncurses-5.2.14-0.34.1 php5-odbc-5.2.14-0.34.1 php5-openssl-5.2.14-0.34.1 php5-pcntl-5.2.14-0.34.1 php5-pdo-5.2.14-0.34.1 php5-pear-5.2.14-0.34.1 php5-pgsql-5.2.14-0.34.1 php5-posix-5.2.14-0.34.1 php5-pspell-5.2.14-0.34.1 php5-shmop-5.2.14-0.34.1 php5-snmp-5.2.14-0.34.1 php5-soap-5.2.14-0.34.1 php5-sockets-5.2.14-0.34.1 php5-sqlite-5.2.14-0.34.1 php5-suhosin-5.2.14-0.34.1 php5-sysvmsg-5.2.14-0.34.1 php5-sysvsem-5.2.14-0.34.1 php5-sysvshm-5.2.14-0.34.1 php5-tokenizer-5.2.14-0.34.1 php5-wddx-5.2.14-0.34.1 php5-xmlreader-5.2.14-0.34.1 php5-xmlrpc-5.2.14-0.34.1 php5-xsl-5.2.14-0.34.1 php5-zlib-5.2.14-0.34.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.34.1 php5-5.2.14-0.34.1 php5-bcmath-5.2.14-0.34.1 php5-bz2-5.2.14-0.34.1 php5-calendar-5.2.14-0.34.1 php5-ctype-5.2.14-0.34.1 php5-curl-5.2.14-0.34.1 php5-dba-5.2.14-0.34.1 php5-dbase-5.2.14-0.34.1 php5-devel-5.2.14-0.34.1 php5-dom-5.2.14-0.34.1 php5-exif-5.2.14-0.34.1 php5-fastcgi-5.2.14-0.34.1 php5-ftp-5.2.14-0.34.1 php5-gd-5.2.14-0.34.1 php5-gettext-5.2.14-0.34.1 php5-gmp-5.2.14-0.34.1 php5-hash-5.2.14-0.34.1 php5-iconv-5.2.14-0.34.1 php5-imap-5.2.14-0.34.1 php5-ldap-5.2.14-0.34.1 php5-mbstring-5.2.14-0.34.1 php5-mcrypt-5.2.14-0.34.1 php5-mhash-5.2.14-0.34.1 php5-mysql-5.2.14-0.34.1 php5-ncurses-5.2.14-0.34.1 php5-odbc-5.2.14-0.34.1 php5-openssl-5.2.14-0.34.1 php5-pcntl-5.2.14-0.34.1 php5-pdo-5.2.14-0.34.1 php5-pear-5.2.14-0.34.1 php5-pgsql-5.2.14-0.34.1 php5-posix-5.2.14-0.34.1 php5-pspell-5.2.14-0.34.1 php5-shmop-5.2.14-0.34.1 php5-snmp-5.2.14-0.34.1 php5-soap-5.2.14-0.34.1 php5-sockets-5.2.14-0.34.1 php5-sqlite-5.2.14-0.34.1 php5-suhosin-5.2.14-0.34.1 php5-sysvmsg-5.2.14-0.34.1 php5-sysvsem-5.2.14-0.34.1 php5-sysvshm-5.2.14-0.34.1 php5-tidy-5.2.14-0.34.1 php5-tokenizer-5.2.14-0.34.1 php5-wddx-5.2.14-0.34.1 php5-xmlreader-5.2.14-0.34.1 php5-xmlrpc-5.2.14-0.34.1 php5-xsl-5.2.14-0.34.1 php5-zlib-5.2.14-0.34.1 References: http://support.novell.com/security/cve/CVE-2012-2335.html http://support.novell.com/security/cve/CVE-2012-2336.html https://bugzilla.novell.com/761631 http://download.novell.com/patch/finder/?keywords=9254c34a3137091631d58336e794751f http://download.novell.com/patch/finder/?keywords=e24fcb47191769c91e3f4a461e16add2 From sle-updates at lists.suse.com Mon Jun 11 11:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Jun 2012 19:08:32 +0200 (CEST) Subject: SUSE-RU-2012:0712-2: moderate: Recommended update for curl Message-ID: <20120611170832.0A002327F8@maintenance.suse.de> SUSE Recommended Update: Recommended update for curl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0712-2 Rating: moderate References: #755908 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds the option --ssl-allow-beast which can be used to disable the workaround for a security flaw in the SSL3 and TLS1.0 protocols. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): curl-7.15.1-19.22.1 curl-devel-7.15.1-19.22.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): curl-32bit-7.15.1-19.22.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): curl-x86-7.15.1-19.22.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): curl-64bit-7.15.1-19.22.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): curl-7.15.1-19.22.1 curl-devel-7.15.1-19.22.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): curl-32bit-7.15.1-19.22.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): curl-devel-7.15.1-19.22.1 References: https://bugzilla.novell.com/755908 http://download.novell.com/patch/finder/?keywords=1b5ea231f0c26c8bca502c5c94035ced From sle-updates at lists.suse.com Mon Jun 11 12:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Jun 2012 20:08:28 +0200 (CEST) Subject: SUSE-SU-2012:0724-1: critical: Security update for flash-player Message-ID: <20120611180828.7438E327F8@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0724-1 Rating: critical References: #766241 Cross-References: CVE-2012-2034 CVE-2012-2035 CVE-2012-2036 CVE-2012-2037 CVE-2012-2038 CVE-2012-2039 CVE-2012-2040 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. It includes one version update. Description: Flash Player has been updated to 11.2.202.236 which fixes various bugs and critical security issues. The advisory published by Adobe can be found here: https://www.adobe.com/support/security/bulletins/apsb12-14.h tml These updates resolve * a memory corruption vulnerability that could lead to code execution (CVE-2012-2034). * a stack overflow vulnerability that could lead to code execution (CVE-2012-2035). * an integer overflow vulnerability that could lead to code execution (CVE-2012-2036). * a memory corruption vulnerability that could lead to code execution (CVE-2012-2037). * a security bypass vulnerability that could lead to information disclosure (CVE-2012-2038). * null dereference vulnerabilities that could lead to code execution (CVE-2012-2039). * a binary planting vulnerability in the Flash Player installer that could lead to code execution (CVE-2012-2040). Security Issue references: * CVE-2012-2034 * CVE-2012-2035 * CVE-2012-2036 * CVE-2012-2037 * CVE-2012-2038 * CVE-2012-2039 * CVE-2012-2040 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-flash-player-6404 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-flash-player-6404 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.236]: flash-player-11.2.202.236-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 11.2.202.236]: flash-player-11.2.202.236-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.236]: flash-player-11.2.202.236-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-2034.html http://support.novell.com/security/cve/CVE-2012-2035.html http://support.novell.com/security/cve/CVE-2012-2036.html http://support.novell.com/security/cve/CVE-2012-2037.html http://support.novell.com/security/cve/CVE-2012-2038.html http://support.novell.com/security/cve/CVE-2012-2039.html http://support.novell.com/security/cve/CVE-2012-2040.html https://bugzilla.novell.com/766241 http://download.novell.com/patch/finder/?keywords=32f63c722aa23420e1bd3dc2156e2cda http://download.novell.com/patch/finder/?keywords=887bb347a8b547f7a9640dc2346b0aab From sle-updates at lists.suse.com Mon Jun 11 19:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jun 2012 03:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0725-1: moderate: Recommended update for nautilus Message-ID: <20120612010828.4E68D327F8@maintenance.suse.de> SUSE Recommended Update: Recommended update for nautilus ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0725-1 Rating: moderate References: #748529 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a crash when loading an invalid key file uri, like for example when attempting to download a Bomgar session file (bnc#748529). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-nautilus-6099 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-nautilus-6099 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-nautilus-6099 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-nautilus-6099 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-nautilus-6099 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-nautilus-6099 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-nautilus-6099 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): nautilus-devel-2.28.4-1.12.10 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): nautilus-devel-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nautilus-2.28.4-1.12.10 nautilus-lang-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): nautilus-32bit-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP2 (ia64): nautilus-x86-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): nautilus-2.28.4-1.12.10 nautilus-lang-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): nautilus-32bit-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): nautilus-2.28.4-1.12.10 nautilus-lang-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): nautilus-32bit-2.28.4-1.12.10 - SUSE Linux Enterprise Server 11 SP1 (ia64): nautilus-x86-2.28.4-1.12.10 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): nautilus-2.28.4-1.12.10 nautilus-lang-2.28.4-1.12.10 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): nautilus-32bit-2.28.4-1.12.10 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): nautilus-2.28.4-1.12.10 nautilus-lang-2.28.4-1.12.10 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): nautilus-32bit-2.28.4-1.12.10 References: https://bugzilla.novell.com/748529 http://download.novell.com/patch/finder/?keywords=d9a0d668f11c7333a1bdd2ef86512543 From sle-updates at lists.suse.com Tue Jun 12 14:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jun 2012 22:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0729-1: Recommended update for KVM and Xen Message-ID: <20120612200829.F10DF327F8@maintenance.suse.de> SUSE Recommended Update: Recommended update for KVM and Xen ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0729-1 Rating: low References: #720929 #733715 #739585 #742773 #743414 #744771 #745005 #745367 #745880 #745890 #746613 #746702 #747172 #747331 #753165 #754906 #757346 #757537 #757970 #760023 #760557 #761142 #764077 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves three vulnerabilities and has 20 fixes is now available. It includes two new package versions. Description: This collective update for Xen 2012/06 on SUSE Linux Enterprise 11 SP2 provides the following fixes: Xen * 757537: xen: CVE-2012-0217 PV guest escalation * 757970: xen: CVE-2012-0218 guest denial of service on syscall GPF generation * 764077: xen: CVE-2012-2934 Report a denial of service issue on old, pre-SVM AMD CPUs (AMD Erratum 121). AMD Erratum #121 is described in "Revision Guide for AMD Athlon 64 and AMD Opteron Processors": http://support.amd.com/us/Processor_TechDocs/25759.pdf The following 130nm and 90nm (DDR1-only) AMD processors are subject to this erratum: o First-generation AMD-Opteron(tm) single and dual core processors in either 939 or 940 packages: + AMD Opteron(tm) 100-Series Processors + AMD Opteron(tm) 200-Series Processors + AMD Opteron(tm) 800-Series Processors + AMD Athlon(tm) processors in either 754, 939 or 940 packages + AMD Sempron(tm) processor in either 754 or 939 packages + AMD Turion(tm) Mobile Technology in 754 package This issue does not effect Intel processors. The impact of this flaw is that a malicious PV guest user can halt the host system. As this is a hardware flaw, it is not fixable except by upgrading your hardware to a newer revision, or not allowing untrusted 64bit guestsystems. The patch changes the behaviour of the host system booting, which makes it unable to create guest machines until a specific boot option is set. There is a new XEN boot option "allow_unsafe" for GRUB which allows the host to start guests again. This is added to /boot/grub/menu.lst in the line looking like this: kernel /boot/xen.gz .... allow_unsafe or add this option to the XEN_APPEND line /etc/sysconfig/bootloader, like e.g.: XEN_APPEND="allow_unsafe" Note: .... in the first example represents the existing boot options for the host. * 753165: xen/scripts/network-bridge wont create bridge * 745880: cpuid setting is not preserved across xend restarts * 747331: standard "newburn" kernel QA stress test freezes the guest * 745367: MCE bank handling during migration * 744771: VM with passed through PCI card fails to reboot under dom0 load * 746702: Xen HVM DomU crash during Windows Server 2008 install, when maxmem > memory * 745005: Update vif configuration examples in xmexample* * 743414: using vifname is ignored when defining a xen virtual interface with xl/libxl * 739585: Xen block-attach fails after repeated attach/detach * Fate 310510: fix xenpaging vm-install * 760557: Fix error on two virtual discs with conflicting virtual names * 760023: Can't upgrade an OES 2 (64-bit) XEN Guest Server to OES 11 * 757346: XEN guest OS installation (SLES 11 SP2 guest) fails on SLED 11 SP2 * 742773: vm-install shows bogus error msg without defined installation source * KVM: Add 'unsafe' and 'directsync' as options to cache_mode * KVM: During installation set the target disk to 'unsafe' mode for better performance. * 761142: vm-install fails to create its new VM: bogus "Not enough space on device" message * 754906: virt-manager is not allowing to upgrade oes11 to oes11sp1 machine virt-manager * 746613: validation error when adding USB redirection * KVM: Add cache mode support for directsync and unsafe libvirt * 747172: PCI device passthrough fails with "Broadcom NetXtreme II BCM5709 Gigabit Ethernet" (bnx2) (kvm) * 745890: Unable to start xen domains with virsh when using libxenlight toolstack and apparmor * KVM: Add support for qemu's 'unsafe' cache mode (directsync mode already there) virt-utils * vpc: Round up image size during fixed image creation * fate 309765: Create images that can be run on Microsoft Hyper-V host Added the VHD Fixed Disk format support yast2-vm * 720929: Upgrade from OES 2 SP2 to OES 11 RC3 re-adds "x0..respawn..xterm" to inittab * 733715: Fix typo in relocation-server.pot Security Issue references: * CVE-2012-0217 * CVE-2012-0218 * CVE-2012-2934 Indications: Every Xen and KVM user should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xen-201206-6400 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xen-201206-6400 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xen-201206-6400 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): libvirt-devel-0.9.6-0.15.71 xen-devel-4.1.2_18-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-32bit-0.9.6-0.15.71 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 0.5.9 and 2.17.10]: libvirt-0.9.6-0.15.71 libvirt-client-0.9.6-0.15.71 libvirt-doc-0.9.6-0.15.71 libvirt-python-0.9.6-0.15.71 virt-manager-0.9.0-3.17.26 virt-utils-1.1.7-0.11.15 vm-install-0.5.9-0.7.13 xen-kmp-default-4.1.2_18_3.0.31_0.9-0.9.1 xen-kmp-trace-4.1.2_18_3.0.31_0.9-0.9.1 xen-libs-4.1.2_18-0.9.1 xen-tools-domU-4.1.2_18-0.9.1 yast2-vm-2.17.10-0.5.42 - SUSE Linux Enterprise Server 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.15.71 xen-4.1.2_18-0.9.1 xen-doc-html-4.1.2_18-0.9.1 xen-doc-pdf-4.1.2_18-0.9.1 xen-libs-32bit-4.1.2_18-0.9.1 xen-tools-4.1.2_18-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586): xen-kmp-pae-4.1.2_18_3.0.31_0.9-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.5.9 and 2.17.10]: libvirt-0.9.6-0.15.71 libvirt-client-0.9.6-0.15.71 libvirt-doc-0.9.6-0.15.71 libvirt-python-0.9.6-0.15.71 virt-manager-0.9.0-3.17.26 virt-utils-1.1.7-0.11.15 vm-install-0.5.9-0.7.13 xen-kmp-default-4.1.2_18_3.0.31_0.9-0.9.1 xen-kmp-trace-4.1.2_18_3.0.31_0.9-0.9.1 xen-libs-4.1.2_18-0.9.1 xen-tools-domU-4.1.2_18-0.9.1 yast2-vm-2.17.10-0.5.42 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.15.71 xen-4.1.2_18-0.9.1 xen-doc-html-4.1.2_18-0.9.1 xen-doc-pdf-4.1.2_18-0.9.1 xen-libs-32bit-4.1.2_18-0.9.1 xen-tools-4.1.2_18-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586): xen-kmp-pae-4.1.2_18_3.0.31_0.9-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-0217.html http://support.novell.com/security/cve/CVE-2012-0218.html http://support.novell.com/security/cve/CVE-2012-2934.html https://bugzilla.novell.com/720929 https://bugzilla.novell.com/733715 https://bugzilla.novell.com/739585 https://bugzilla.novell.com/742773 https://bugzilla.novell.com/743414 https://bugzilla.novell.com/744771 https://bugzilla.novell.com/745005 https://bugzilla.novell.com/745367 https://bugzilla.novell.com/745880 https://bugzilla.novell.com/745890 https://bugzilla.novell.com/746613 https://bugzilla.novell.com/746702 https://bugzilla.novell.com/747172 https://bugzilla.novell.com/747331 https://bugzilla.novell.com/753165 https://bugzilla.novell.com/754906 https://bugzilla.novell.com/757346 https://bugzilla.novell.com/757537 https://bugzilla.novell.com/757970 https://bugzilla.novell.com/760023 https://bugzilla.novell.com/760557 https://bugzilla.novell.com/761142 https://bugzilla.novell.com/764077 http://download.novell.com/patch/finder/?keywords=10328b4d3af18715e20d3656ebf3478c From sle-updates at lists.suse.com Tue Jun 12 15:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jun 2012 23:08:26 +0200 (CEST) Subject: SUSE-SU-2012:0730-1: critical: Security update for Xen Message-ID: <20120612210826.E9DB3327F9@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0730-1 Rating: critical References: #757537 #757970 #764077 Cross-References: CVE-2012-0217 CVE-2012-0218 CVE-2012-2934 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Server 10 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: Three security issues were found in XEN. Two security issues are fixed by this update: * CVE-2012-0217: Due to incorrect fault handling in the XEN hypervisor it was possible for a XEN guest domain administrator to execute code in the XEN host environment. * CVE-2012-0218: Also a guest user could crash the guest XEN kernel due to a protection fault bounce. The third fix is changing the Xen behaviour on certain hardware: * CVE-2012-2934: The issue is a denial of service issue on older pre-SVM AMD CPUs (AMD Erratum 121). AMD Erratum #121 is described in "Revision Guide for AMD Athlon 64 and AMD Opteron Processors": http://support.amd.com/us/Processor_TechDocs/25759.pdf The following 130nm and 90nm (DDR1-only) AMD processors are subject to this erratum: o First-generation AMD-Opteron(tm) single and dual core processors in either 939 or 940 packages: + AMD Opteron(tm) 100-Series Processors + AMD Opteron(tm) 200-Series Processors + AMD Opteron(tm) 800-Series Processors + AMD Athlon(tm) processors in either 754, 939 or 940 packages + AMD Sempron(tm) processor in either 754 or 939 packages + AMD Turion(tm) Mobile Technology in 754 package This issue does not effect Intel processors. The impact of this flaw is that a malicious PV guest user can halt the host system. As this is a hardware flaw, it is not fixable except by upgrading your hardware to a newer revision, or not allowing untrusted 64bit guestsystems. The patch changes the behaviour of the host system booting, which makes it unable to create guest machines until a specific boot option is set. There is a new XEN boot option "allow_unsafe" for GRUB which allows the host to start guests again. This is added to /boot/grub/menu.lst in the line looking like this: kernel /boot/xen.gz .... allow_unsafe Note: .... in this example represents the existing boot options for the host. Security Issue references: * CVE-2012-0217 * CVE-2012-0218 * CVE-2012-2934 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-xen-201206-6399 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-xen-201206-6399 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-xen-201206-6399 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-xen-201206-6399 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): xen-devel-4.0.3_21548_04-0.9.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): xen-kmp-trace-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64): xen-4.0.3_21548_04-0.9.1 xen-doc-html-4.0.3_21548_04-0.9.1 xen-doc-pdf-4.0.3_21548_04-0.9.1 xen-kmp-default-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 xen-kmp-trace-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 xen-libs-4.0.3_21548_04-0.9.1 xen-tools-4.0.3_21548_04-0.9.1 xen-tools-domU-4.0.3_21548_04-0.9.1 - SUSE Linux Enterprise Server 11 SP1 (i586): xen-kmp-pae-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): xen-3.2.3_17040_38-0.11.1 xen-devel-3.2.3_17040_38-0.11.1 xen-doc-html-3.2.3_17040_38-0.11.1 xen-doc-pdf-3.2.3_17040_38-0.11.1 xen-doc-ps-3.2.3_17040_38-0.11.1 xen-kmp-debug-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-default-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-kdump-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-smp-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-libs-3.2.3_17040_38-0.11.1 xen-tools-3.2.3_17040_38-0.11.1 xen-tools-domU-3.2.3_17040_38-0.11.1 xen-tools-ioemu-3.2.3_17040_38-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_38-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (i586): xen-kmp-bigsmp-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-kdumppae-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-vmi-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-vmipae-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64): xen-3.2.3_17040_28-0.6.11.1 xen-devel-3.2.3_17040_28-0.6.11.1 xen-doc-html-3.2.3_17040_28-0.6.11.1 xen-doc-pdf-3.2.3_17040_28-0.6.11.1 xen-doc-ps-3.2.3_17040_28-0.6.11.1 xen-kmp-debug-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-default-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-kdump-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-smp-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-libs-3.2.3_17040_28-0.6.11.1 xen-tools-3.2.3_17040_28-0.6.11.1 xen-tools-domU-3.2.3_17040_28-0.6.11.1 xen-tools-ioemu-3.2.3_17040_28-0.6.11.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64): xen-libs-32bit-3.2.3_17040_28-0.6.11.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): xen-kmp-bigsmp-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-kdumppae-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-vmi-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 xen-kmp-vmipae-3.2.3_17040_28_2.6.16.60_0.83.131-0.6.11.1 - SUSE Linux Enterprise Server 10 SP2 (i586 x86_64): xen-3.2.0_16718_26-0.8.1 xen-devel-3.2.0_16718_26-0.8.1 xen-doc-html-3.2.0_16718_26-0.8.1 xen-doc-pdf-3.2.0_16718_26-0.8.1 xen-doc-ps-3.2.0_16718_26-0.8.1 xen-kmp-debug-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.8.1 xen-kmp-default-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.8.1 xen-kmp-kdump-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.8.1 xen-kmp-smp-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.8.1 xen-libs-3.2.0_16718_26-0.8.1 xen-tools-3.2.0_16718_26-0.8.1 xen-tools-domU-3.2.0_16718_26-0.8.1 xen-tools-ioemu-3.2.0_16718_26-0.8.1 - SUSE Linux Enterprise Server 10 SP2 (x86_64): xen-libs-32bit-3.2.0_16718_26-0.8.1 - SUSE Linux Enterprise Server 10 SP2 (i586): xen-kmp-bigsmp-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.8.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): xen-4.0.3_21548_04-0.9.1 xen-kmp-default-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 xen-libs-4.0.3_21548_04-0.9.1 xen-tools-4.0.3_21548_04-0.9.1 xen-tools-domU-4.0.3_21548_04-0.9.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586): xen-kmp-pae-4.0.3_21548_04_2.6.32.59_0.5-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): xen-3.2.3_17040_38-0.11.1 xen-devel-3.2.3_17040_38-0.11.1 xen-doc-html-3.2.3_17040_38-0.11.1 xen-doc-pdf-3.2.3_17040_38-0.11.1 xen-doc-ps-3.2.3_17040_38-0.11.1 xen-kmp-default-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-smp-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-libs-3.2.3_17040_38-0.11.1 xen-tools-3.2.3_17040_38-0.11.1 xen-tools-domU-3.2.3_17040_38-0.11.1 xen-tools-ioemu-3.2.3_17040_38-0.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_38-0.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): xen-kmp-bigsmp-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 - SLE SDK 10 SP4 (i586 x86_64): xen-3.2.3_17040_38-0.11.1 xen-devel-3.2.3_17040_38-0.11.1 xen-kmp-debug-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-kmp-kdump-3.2.3_17040_38_2.6.16.60_0.97.1-0.11.1 xen-libs-3.2.3_17040_38-0.11.1 xen-tools-3.2.3_17040_38-0.11.1 xen-tools-ioemu-3.2.3_17040_38-0.11.1 - SLE SDK 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_38-0.11.1 References: http://support.novell.com/security/cve/CVE-2012-0217.html http://support.novell.com/security/cve/CVE-2012-0218.html http://support.novell.com/security/cve/CVE-2012-2934.html https://bugzilla.novell.com/757537 https://bugzilla.novell.com/757970 https://bugzilla.novell.com/764077 http://download.novell.com/patch/finder/?keywords=1428153e4b377d6519b568fc4a847a50 http://download.novell.com/patch/finder/?keywords=1fd339d2b48672edeccbed4bd3b9dd9d http://download.novell.com/patch/finder/?keywords=bbca71d17e042f39532a8e3060358202 http://download.novell.com/patch/finder/?keywords=c25fa3090bc865a8836ebaff073cd9b6 From sle-updates at lists.suse.com Wed Jun 13 09:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jun 2012 17:08:31 +0200 (CEST) Subject: SUSE-SU-2012:0732-1: moderate: Security update for libpng Message-ID: <20120613150831.CA47632830@maintenance.suse.de> SUSE Security Update: Security update for libpng ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0732-1 Rating: moderate References: #754745 Cross-References: CVE-2011-3048 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue has been fixed: * specially crafted png files could have caused a memory corruption in libpng's png_set_text_2() function (CVE-2011-3048). Security Issue reference: * CVE-2011-3048 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libpng-devel-6077 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libpng-devel-6077 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libpng-devel-6077 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libpng-devel-6077 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libpng-devel-6077 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libpng-devel-6077 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libpng-devel-6077 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.29.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.29.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libpng12-0-x86-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libpng12-0-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libpng12-0-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libpng12-0-x86-1.2.31-5.29.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): libpng-1.2.8-19.35.4 libpng-devel-1.2.8-19.35.4 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libpng-32bit-1.2.8-19.35.4 libpng-devel-32bit-1.2.8-19.35.4 - SUSE Linux Enterprise Server 10 SP4 (ia64): libpng-x86-1.2.8-19.35.4 - SUSE Linux Enterprise Server 10 SP4 (ppc): libpng-64bit-1.2.8-19.35.4 libpng-devel-64bit-1.2.8-19.35.4 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libpng-devel-1.2.31-5.29.1 libpng12-0-1.2.31-5.29.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libpng12-0-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libpng-devel-1.2.31-5.29.1 libpng12-0-1.2.31-5.29.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libpng12-0-32bit-1.2.31-5.29.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libpng-1.2.8-19.35.4 libpng-devel-1.2.8-19.35.4 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libpng-32bit-1.2.8-19.35.4 libpng-devel-32bit-1.2.8-19.35.4 References: http://support.novell.com/security/cve/CVE-2011-3048.html https://bugzilla.novell.com/754745 http://download.novell.com/patch/finder/?keywords=62fa6d82a602002d1a921c7a7707c533 http://download.novell.com/patch/finder/?keywords=9b497e6ba7d48d9b4aa16c679cc768b6 From sle-updates at lists.suse.com Wed Jun 13 11:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jun 2012 19:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0733-1: Recommended update for aaa_base Message-ID: <20120613170825.0EABC32830@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0733-1 Rating: low References: #752298 #762535 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to aaa_base resolves the following issues: * The file system type of /dev was incorrectly listed as "devtmpfs" in /etc/mtab * NIS/YP domain name is set as FQDN hostname Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-aaa_base-6384 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-aaa_base-6384 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-aaa_base-6384 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): aaa_base-11-6.46.46.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.46.46.2 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): aaa_base-11-6.46.46.2 References: https://bugzilla.novell.com/752298 https://bugzilla.novell.com/762535 http://download.novell.com/patch/finder/?keywords=f27ceff4295ba6a818928737b3668928 From sle-updates at lists.suse.com Wed Jun 13 12:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jun 2012 20:08:23 +0200 (CEST) Subject: SUSE-SU-2012:0734-1: important: Security update for IBM Java Message-ID: <20120613180823.6A2AF32832@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0734-1 Rating: important References: #763805 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP1 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 SR13 FP12 has been released which fixes various bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ has more informations. CVEs addressed: CVE-2011-3563 CVE-2012-0499 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-java-1_4_2-ibm-6360 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-java-1_4_2-ibm-6360 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-java-1_4_2-ibm-6360 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-java-1_4_2-ibm-6360 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-java-1_4_2-ibm-6360 - SUSE Linux Enterprise Java 11 SP1: zypper in -t patch slejsp1-java-1_4_2-ibm-6360 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 11 SP1 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.12-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.5.1 - SUSE Linux Enterprise Java 11 SP1 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Java 11 SP1 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.2.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.12-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.12-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.12-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.12-0.5.1 References: https://bugzilla.novell.com/763805 http://download.novell.com/patch/finder/?keywords=91410c4f201444d1c10815a8d2e98c88 http://download.novell.com/patch/finder/?keywords=adc0df3a81b3b146456e8e1893f4ddd4 From sle-updates at lists.suse.com Thu Jun 14 10:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jun 2012 18:08:30 +0200 (CEST) Subject: SUSE-SU-2012:0736-1: important: Security update for Linux kernel Message-ID: <20120614160830.712E432833@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0736-1 Rating: important References: #671124 #671479 #683270 #693639 #713430 #718343 #721869 #722400 #723294 #724692 #724734 #726600 #729685 #730118 #730200 #731673 #732613 #733155 #734707 #737325 #737899 #740131 #742148 #742881 #744592 #745640 #745732 #745760 #745929 #746397 #746980 #747381 #749168 #750168 #750928 #751880 #752486 #754964 #758813 #760902 #761389 #762111 #764128 Cross-References: CVE-2011-2928 CVE-2011-4077 CVE-2011-4324 CVE-2011-4330 CVE-2012-2313 CVE-2012-2319 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 37 fixes is now available. Description: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2012-2319: A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. * CVE-2012-2313: The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. * CVE-2011-2928: The befs_follow_linkl function in fs/befs/linuxvfs.c in the Linux kernel did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem. * CVE-2011-4077: Fixed a memory corruption possibility in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. * CVE-2011-4324: A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. * CVE-2011-4330: Mounting a corrupted hfs filesystem could lead to a buffer overflow. The following non-security issues have been fixed: * kernel: pfault task state race (bnc#764128,LTC#81724). * ap: Toleration for ap bus devices with device type 10 (bnc#761389). * hugetlb, numa: fix interleave mpol reference count (bnc#762111). * cciss: fixup kdump (bnc#730200). * kdump: Avoid allocating bootmem map over crash reserved region (bnc#749168, bnc#722400, bnc#742881). * qeth: Improve OSA Express 4 blkt defaults (bnc#754964,LTC#80325). * zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754964,LTC#80378). * virtio: add names to virtqueue struct, mapping from devices to queues (bnc#742148). * virtio: find_vqs/del_vqs virtio operations (bnc#742148). * virtio_pci: optional MSI-X support (bnc#742148). * virtio_pci: split up vp_interrupt (bnc#742148). * knfsd: nfsd4: fix laundromat shutdown race (752556). * driver core: Check for valid device in bus_find_device() (bnc#729685). * VMware detection backport from mainline (bnc#671124, bnc#747381). * net: adding memory barrier to the poll and receive callbacks (bnc#746397 bnc#750928). * qla2xxx: drop reference before wait for completion (bnc#744592). * qla2xxx: drop reference before wait for completion (bnc#744592). * ixgbe driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off (bnc#693639) * Properly release MSI(X) vector(s) when MSI(X) gets disabled (bnc#723294, bnc#721869). * scsi: Always retry internal target error (bnc#745640). * cxgb4: fix parent device access in netdev_printk (bnc#733155). * lcs: lcs offline failure (bnc#752486,LTC#79788). * qeth: add missing wake_up call (bnc#752486,LTC#79899). * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR (bnc#751880). * xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. * xenbus_dev: add missing error checks to watch handling. * blkfront: properly fail packet requests (bnc#745929). * blkback: failure to write "feature-barrier" node is non-fatal. * igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown (bnc#723294). * igb: Fix for Alt MAC Address feature on 82580 and later devices (bnc#746980). * igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown (bnc#723294). * cfq: Fix infinite loop in cfq_preempt_queue() (bnc#724692). * dasd: fix fixpoint divide exception in define_extent (bnc#750168,LTC#79125). * ctcmpc: use correct idal word list for ctcmpc (bnc#750168,LTC#79264). * patches.fixes/ext3-fix-reuse-of-freed-blocks.diff: Delete. Patch should not really be needed and apparently causes a performance regression (bnc#683270) * tcp: fix race condition leading to premature termination of sockets in FIN_WAIT2 state and connection being reset (bnc#745760) * kernel: console interrupts vs. panic (bnc#737325,LTC#77272). * af_iucv: remove IUCV-pathes completely (bnc#737325,LTC#78292). * qdio: wrong buffers-used counter for ERROR buffers (bnc#737325,LTC#78758). * ext3: Fix credit estimate for DIO allocation (bnc#745732). * jbd: validate sb->s_first in journal_get_superblock() (bnc#730118). * ocfs2: serialize unaligned aio (bnc#671479). * cifs: eliminate usage of kthread_stop for cifsd (bnc#718343). * virtio: fix wrong type used, resulting in truncated addresses in bigsmp kernel. (bnc#737899) * cciss: Adds simple mode functionality (bnc#730200). * blktap: fix locking (again) (bnc#724734). * block: Initial support for data-less (or empty) barrier support (bnc#734707 FATE#313126). * xen: Do not allow empty barriers to be passed down to queues that do not grok them (bnc#734707 FATE#313126). * linkwatch: Handle jiffies wrap-around (bnc#740131). Security Issue references: * CVE-2011-2928 * CVE-2011-4077 * CVE-2011-4324 * CVE-2011-4330 * CVE-2012-2319 * CVE-2012-2313 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): kernel-default-2.6.16.60-0.97.1 kernel-source-2.6.16.60-0.97.1 kernel-syms-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): kernel-smp-2.6.16.60-0.97.1 kernel-xen-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.97.1 kernel-kdumppae-2.6.16.60-0.97.1 kernel-vmi-2.6.16.60-0.97.1 kernel-vmipae-2.6.16.60-0.97.1 kernel-xenpae-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): kernel-iseries64-2.6.16.60-0.97.1 kernel-ppc64-2.6.16.60-0.97.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kernel-default-2.6.16.60-0.97.1 kernel-smp-2.6.16.60-0.97.1 kernel-source-2.6.16.60-0.97.1 kernel-syms-2.6.16.60-0.97.1 kernel-xen-2.6.16.60-0.97.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.97.1 kernel-xenpae-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 x86_64): kernel-xen-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586): kernel-xenpae-2.6.16.60-0.97.1 References: http://support.novell.com/security/cve/CVE-2011-2928.html http://support.novell.com/security/cve/CVE-2011-4077.html http://support.novell.com/security/cve/CVE-2011-4324.html http://support.novell.com/security/cve/CVE-2011-4330.html http://support.novell.com/security/cve/CVE-2012-2313.html http://support.novell.com/security/cve/CVE-2012-2319.html https://bugzilla.novell.com/671124 https://bugzilla.novell.com/671479 https://bugzilla.novell.com/683270 https://bugzilla.novell.com/693639 https://bugzilla.novell.com/713430 https://bugzilla.novell.com/718343 https://bugzilla.novell.com/721869 https://bugzilla.novell.com/722400 https://bugzilla.novell.com/723294 https://bugzilla.novell.com/724692 https://bugzilla.novell.com/724734 https://bugzilla.novell.com/726600 https://bugzilla.novell.com/729685 https://bugzilla.novell.com/730118 https://bugzilla.novell.com/730200 https://bugzilla.novell.com/731673 https://bugzilla.novell.com/732613 https://bugzilla.novell.com/733155 https://bugzilla.novell.com/734707 https://bugzilla.novell.com/737325 https://bugzilla.novell.com/737899 https://bugzilla.novell.com/740131 https://bugzilla.novell.com/742148 https://bugzilla.novell.com/742881 https://bugzilla.novell.com/744592 https://bugzilla.novell.com/745640 https://bugzilla.novell.com/745732 https://bugzilla.novell.com/745760 https://bugzilla.novell.com/745929 https://bugzilla.novell.com/746397 https://bugzilla.novell.com/746980 https://bugzilla.novell.com/747381 https://bugzilla.novell.com/749168 https://bugzilla.novell.com/750168 https://bugzilla.novell.com/750928 https://bugzilla.novell.com/751880 https://bugzilla.novell.com/752486 https://bugzilla.novell.com/754964 https://bugzilla.novell.com/758813 https://bugzilla.novell.com/760902 https://bugzilla.novell.com/761389 https://bugzilla.novell.com/762111 https://bugzilla.novell.com/764128 http://download.novell.com/patch/finder/?keywords=3395803e5857d3e0f44b39331dc3b010 http://download.novell.com/patch/finder/?keywords=74169532cbeb6a34c2168ce4ce202dbf http://download.novell.com/patch/finder/?keywords=96d47125b6fb737bee4bf3f7619aa63d http://download.novell.com/patch/finder/?keywords=9fe1c1f891de7bb8b0abad73549e497a http://download.novell.com/patch/finder/?keywords=d66830daf8e6d37d2c64dfa779e3a77d From sle-updates at lists.suse.com Thu Jun 14 14:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jun 2012 22:08:26 +0200 (CEST) Subject: SUSE-RU-2012:0737-1: moderate: Recommended update for sblim-testsuite Message-ID: <20120614200826.8ADF732835@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-testsuite ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0737-1 Rating: moderate References: #757389 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides SBLIM Testsuite to 1.3.0, which was included in SLE11 SP2: * fixed recognition of arrays in consistency's property test * new modifyInst attribute is not recognized in assoc test * association call's syntax not sufficient * migrate provider licenses to EPL Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-sblim-testsuite-6204 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-sblim-testsuite-6204 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-sblim-testsuite-6204 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-sblim-testsuite-6204 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-sblim-testsuite-6204 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch): sblim-testsuite-1.3.0-8.3.2 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch): sblim-testsuite-1.3.0-8.3.2 - SUSE Linux Enterprise Server 11 SP1 (noarch): sblim-testsuite-1.3.0-8.3.2 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): sblim-testsuite-1.3.0-8.3.2 - SUSE Linux Enterprise Desktop 11 SP1 (noarch): sblim-testsuite-1.3.0-8.3.2 References: https://bugzilla.novell.com/757389 http://download.novell.com/patch/finder/?keywords=259b9638f0c447941e0c271f85665be5 From sle-updates at lists.suse.com Thu Jun 14 15:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jun 2012 23:08:26 +0200 (CEST) Subject: SUSE-RU-2012:0738-1: Recommended update for yast2-hardware-detection Message-ID: <20120614210826.BB6CD32835@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-hardware-detection ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0738-1 Rating: low References: #652962 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes two new package versions. Description: Fixed displaying and setting of DIAG mode in YaST S/390 module. Indications: DIAG mode not displayed correctly in YaST S/390 module. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.9]: yast2-hardware-detection-2.13.9-0.6.4 - SUSE Linux Enterprise Server 10 SP4 (s390x) [New Version: 2.13.29]: yast2-s390-2.13.29-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2.13.9]: yast2-hardware-detection-2.13.9-0.6.4 - SLE SDK 10 SP4 (ia64 ppc s390x x86_64) [New Version: 2.13.29]: yast2-s390-2.13.29-0.7.1 References: https://bugzilla.novell.com/652962 http://download.novell.com/patch/finder/?keywords=ef358f18a11a78f46307d808d7a55212 From sle-updates at lists.suse.com Thu Jun 14 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jun 2012 23:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0739-1: Recommended update for OpenLDAP Message-ID: <20120614210828.5E21932837@maintenance.suse.de> SUSE Recommended Update: Recommended update for OpenLDAP ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0739-1 Rating: low References: #750466 #751945 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update to OpenLDAP fixes multiple replication issues which could lead to delete operation not being propagated to the slave servers correctly. Additionally a vulnerability (CVE-2012-1164) was fixed that could cause certain OpenLDAP proxy configurations to crash while processing LDAP search requests with the "attrsOnly" option enabled. Security Issues: * CVE-2012-1164 Indications: OpenLDAP replication issues and proxy crash. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-compat-libldap-2_3-0-6104 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-compat-libldap-2_3-0-6104 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.26]: openldap2-devel-2.4.26-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64) [New Version: 2.4.26]: openldap2-devel-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 2.4.26]: openldap2-2.4.26-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.26]: openldap2-devel-2.4.26-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 2.4.26]: openldap2-devel-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 2.4.26]: openldap2-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.26]: compat-libldap-2_3-0-2.3.37-2.14.1 libldap-2_4-2-2.4.26-0.14.1 openldap2-2.4.26-0.14.1 openldap2-back-meta-2.4.26-0.14.1 openldap2-client-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 2.4.26]: libldap-2_4-2-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 2.4.26]: libldap-2_4-2-x86-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.4.26]: compat-libldap-2_3-0-2.3.37-2.14.1 libldap-2_4-2-2.4.26-0.14.1 openldap2-2.4.26-0.14.1 openldap2-back-meta-2.4.26-0.14.1 openldap2-client-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 2.4.26]: libldap-2_4-2-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.26]: compat-libldap-2_3-0-2.3.37-2.14.1 libldap-2_4-2-2.4.26-0.14.1 openldap2-2.4.26-0.14.1 openldap2-back-meta-2.4.26-0.14.1 openldap2-client-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 2.4.26]: libldap-2_4-2-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 2.4.26]: libldap-2_4-2-x86-2.4.26-0.14.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.4.26]: libldap-2_4-2-2.4.26-0.14.1 openldap2-client-2.4.26-0.14.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 2.4.26]: libldap-2_4-2-32bit-2.4.26-0.14.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.4.26]: libldap-2_4-2-2.4.26-0.14.1 openldap2-client-2.4.26-0.14.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 2.4.26]: libldap-2_4-2-32bit-2.4.26-0.14.1 References: http://support.novell.com/security/cve/CVE-2012-1164.html https://bugzilla.novell.com/750466 https://bugzilla.novell.com/751945 http://download.novell.com/patch/finder/?keywords=70bb49e5aa24a4fc384f4e2ae346f160 From sle-updates at lists.suse.com Thu Jun 14 16:08:56 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 00:08:56 +0200 (CEST) Subject: SUSE-SU-2012:0740-1: moderate: Security update for t1lib Message-ID: <20120614220856.BED5A32835@maintenance.suse.de> SUSE Security Update: Security update for t1lib ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0740-1 Rating: moderate References: #684802 #757961 Cross-References: CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. Security Issue references: * CVE-2011-0764 * CVE-2011-1552 * CVE-2011-1553 * CVE-2011-1554 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): t1lib-1.3.1-585.11.1 t1lib-devel-1.3.1-585.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): t1lib-1.3.1-585.11.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): t1lib-1.3.1-585.11.1 t1lib-devel-1.3.1-585.11.1 References: http://support.novell.com/security/cve/CVE-2011-0764.html http://support.novell.com/security/cve/CVE-2011-1552.html http://support.novell.com/security/cve/CVE-2011-1553.html http://support.novell.com/security/cve/CVE-2011-1554.html https://bugzilla.novell.com/684802 https://bugzilla.novell.com/757961 http://download.novell.com/patch/finder/?keywords=0a41b9d515732b420bea02ef6d7030a1 From sle-updates at lists.suse.com Thu Jun 14 17:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 01:08:31 +0200 (CEST) Subject: SUSE-SU-2012:0741-1: important: Security update for bind Message-ID: <20120614230831.523DB32801@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0741-1 Rating: important References: #765315 Cross-References: CVE-2012-1667 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The following issue has been fixed: * Records with zero length rdata field could have crashed named or disclose portions of memory to clients (CVE-2012-1667). Security Issue reference: * CVE-2012-1667 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-bind-6388 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-bind-6388 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-bind-6388 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-bind-6388 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-devel-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64) [New Version: 9.6ESVR7P1]: bind-devel-32bit-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.2.5.1 bind-chrootenv-9.6ESVR7P1-0.2.5.1 bind-doc-9.6ESVR7P1-0.2.5.1 bind-libs-9.6ESVR7P1-0.2.5.1 bind-utils-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.2.5.1 bind-chrootenv-9.6ESVR7P1-0.2.5.1 bind-doc-9.6ESVR7P1-0.2.5.1 bind-libs-9.6ESVR7P1-0.2.5.1 bind-utils-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 9.6ESVR7P1]: bind-libs-x86-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 9.6ESVR7P1]: bind-libs-9.6ESVR7P1-0.2.5.1 bind-utils-9.6ESVR7P1-0.2.5.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.2.5.1 References: http://support.novell.com/security/cve/CVE-2012-1667.html https://bugzilla.novell.com/765315 http://download.novell.com/patch/finder/?keywords=5a8f30aa7298342017cd0d068e2af050 From sle-updates at lists.suse.com Thu Jun 14 18:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 02:08:26 +0200 (CEST) Subject: SUSE-RU-2012:0742-1: important: Recommended update for suseRegister Message-ID: <20120615000826.2BB043282C@maintenance.suse.de> SUSE Recommended Update: Recommended update for suseRegister ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0742-1 Rating: important References: #746236 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds a requirement on openssl-certs to suseRegister, in order to fix registration with the changed SSL certificate on the Novell Customer Center. Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (noarch): suseRegister-1.2-9.50.52.1 References: https://bugzilla.novell.com/746236 http://download.novell.com/patch/finder/?keywords=a50bb359adda87bf0ef0fbaaaf19ac98 From sle-updates at lists.suse.com Thu Jun 14 19:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 03:08:28 +0200 (CEST) Subject: SUSE-SU-2012:0743-1: moderate: Security update for taglib Message-ID: <20120615010828.7337332835@maintenance.suse.de> SUSE Security Update: Security update for taglib ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0743-1 Rating: moderate References: #750690 #750691 #750693 Cross-References: CVE-2012-1108 CVE-2012-1584 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The following issue has been fixed: * Specially crafted ogg files could have crashed taglib Security Issue references: * CVE-2012-1108 * CVE-2012-1584 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-taglib-6179 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-taglib-6179 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-taglib-6179 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-taglib-6179 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-taglib-6179 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-taglib-6179 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-taglib-6179 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): taglib-devel-1.5-19.23.4 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): taglib-devel-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): taglib-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): taglib-32bit-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP2 (ia64): taglib-x86-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): taglib-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): taglib-32bit-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): taglib-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): taglib-32bit-1.5-19.23.4 - SUSE Linux Enterprise Server 11 SP1 (ia64): taglib-x86-1.5-19.23.4 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): taglib-1.4-20.8.2 taglib-devel-1.4-20.8.2 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): taglib-32bit-1.4-20.8.2 - SUSE Linux Enterprise Server 10 SP4 (ia64): taglib-x86-1.4-20.8.2 - SUSE Linux Enterprise Server 10 SP4 (ppc): taglib-64bit-1.4-20.8.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): taglib-1.5-19.23.4 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): taglib-32bit-1.5-19.23.4 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): taglib-1.5-19.23.4 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): taglib-32bit-1.5-19.23.4 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): taglib-1.4-20.8.2 taglib-devel-1.4-20.8.2 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): taglib-32bit-1.4-20.8.2 References: http://support.novell.com/security/cve/CVE-2012-1108.html http://support.novell.com/security/cve/CVE-2012-1584.html https://bugzilla.novell.com/750690 https://bugzilla.novell.com/750691 https://bugzilla.novell.com/750693 http://download.novell.com/patch/finder/?keywords=5c89fe350359a52965c0528f42056cfb http://download.novell.com/patch/finder/?keywords=cd82b6b35d24911b6b1aa3e62fbad07c From sle-updates at lists.suse.com Thu Jun 14 20:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 04:08:26 +0200 (CEST) Subject: SUSE-SU-2012:0744-1: moderate: Security update for t1lib Message-ID: <20120615020826.9BFA832835@maintenance.suse.de> SUSE Security Update: Security update for t1lib ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0744-1 Rating: moderate References: #684802 #757961 Cross-References: CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. Security Issue references: * CVE-2011-0764 * CVE-2011-1552 * CVE-2011-1553 * CVE-2011-1554 * CVE-2011-0433 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-t1lib-6195 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-t1lib-6195 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-t1lib-6195 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-t1lib-6195 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-t1lib-6195 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-t1lib-6195 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-t1lib-6195 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): t1lib-devel-5.1.1-100.21.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): t1lib-devel-5.1.1-100.21.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): t1lib-5.1.1-100.21.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): t1lib-5.1.1-100.21.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): t1lib-5.1.1-100.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): t1lib-5.1.1-100.21.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): t1lib-5.1.1-100.21.1 References: http://support.novell.com/security/cve/CVE-2011-0433.html http://support.novell.com/security/cve/CVE-2011-0764.html http://support.novell.com/security/cve/CVE-2011-1552.html http://support.novell.com/security/cve/CVE-2011-1553.html http://support.novell.com/security/cve/CVE-2011-1554.html https://bugzilla.novell.com/684802 https://bugzilla.novell.com/757961 http://download.novell.com/patch/finder/?keywords=1dd18a507815f6acda816b664d48a4cd From sle-updates at lists.suse.com Thu Jun 14 21:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 05:08:28 +0200 (CEST) Subject: SUSE-SU-2012:0741-2: important: Security update for bind Message-ID: <20120615030828.17EEC32836@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0741-2 Rating: important References: #765315 Cross-References: CVE-2012-1667 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The following issue has been fixed: * Records with zero length rdata field could have crashed named or disclose portions of memory to clients (CVE-2012-1667). Security Issue reference: * CVE-2012-1667 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-bind-6382 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bind-6382 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bind-6382 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bind-6382 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-devel-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64) [New Version: 9.6ESVR7P1]: bind-devel-32bit-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.5.1 bind-chrootenv-9.6ESVR7P1-0.5.1 bind-doc-9.6ESVR7P1-0.5.1 bind-libs-9.6ESVR7P1-0.5.1 bind-utils-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.5.1 bind-chrootenv-9.6ESVR7P1-0.5.1 bind-doc-9.6ESVR7P1-0.5.1 bind-libs-9.6ESVR7P1-0.5.1 bind-utils-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.6ESVR7P1]: bind-libs-x86-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.6ESVR7P1]: bind-libs-9.6ESVR7P1-0.5.1 bind-utils-9.6ESVR7P1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-1667.html https://bugzilla.novell.com/765315 http://download.novell.com/patch/finder/?keywords=6c613f6b4f6b9ab1c13907a84d16ebda From sle-updates at lists.suse.com Fri Jun 15 13:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 21:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0745-1: important: Recommended update for ksh Message-ID: <20120615190829.4C5C03283A@maintenance.suse.de> SUSE Recommended Update: Recommended update for ksh ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0745-1 Rating: important References: #704898 #753845 #759730 #765171 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: This update to Korn Shell (ksh) resolves the following issues: * Restore the symbolic link /etc/ksh.kshrc which, in some specific circumstances, might have been removed by a previous update (bnc#759730) * Piping output to a pager under ksh may cause a hang on s390x (bnc#753845) * Add "close on execute" flag to file descriptors used for pipe handling to avoid warnings (bnc#704898) * Do not ignore backslashes/escapes for read built-in (bnc#765171). This update also includes fixes from the ksh93u+ upstream project released between Feb 14 and Feb 29 2012. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-93u-0.15.1 ksh-devel-93u-0.15.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 93u]: ksh-93u-0.15.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-devel-93u-0.15.1 References: https://bugzilla.novell.com/704898 https://bugzilla.novell.com/753845 https://bugzilla.novell.com/759730 https://bugzilla.novell.com/765171 http://download.novell.com/patch/finder/?keywords=cee1a669d722c9bbbb288ccce8cca884 From sle-updates at lists.suse.com Fri Jun 15 14:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jun 2012 22:08:23 +0200 (CEST) Subject: SUSE-SU-2012:0746-1: important: Security update for Mozilla Firefox Message-ID: <20120615200823.1923B32839@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0746-1 Rating: important References: #765204 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes three new package versions. Description: MozillaFirefox has been updated to 10.0.5ESR fixing various bugs and security issues. * MFSA 2012-34 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, and Brian Bondy reported memory safety problems and crashes that affect Firefox 12.(CVE-2012-1938) Christian Holler reported a memory safety problem that affects Firefox ESR. (CVE-2012-1939) Igor Bukanov, Olli Pettay, Boris Zbarsky, and Jesse Ruderman reported memory safety problems and crashes that affect Firefox ESR and Firefox 13. (CVE-2012-1937) Ken Russell of Google reported a bug in NVIDIA graphics drivers that they needed to work around in the Chromium WebGL implementation. Mozilla has done the same in Firefox 13 and ESR 10.0.5. (CVE-2011-3101) * MFSA 2012-35 Security researcher James Forshaw of Context Information Security found two issues with the Mozilla updater and the Mozilla updater service introduced in Firefox 12 for Windows. The first issue allows Mozilla's updater to load a local DLL file in a privileged context. The updater can be called by the Updater Service or independently on systems that do not use the service. The second of these issues allows for the updater service to load an arbitrary local DLL file, which can then be run with the same system privileges used by the service. Both of these issues require local file system access to be exploitable. Possible Arbitrary Code Execution by Update Service (CVE-2012-1942) Updater.exe loads wsock32.dll from application directory (CVE-2012-1943) * MFSA 2012-36 Security researcher Adam Barth found that inline event handlers, such as onclick, were no longer blocked by Content Security Policy's (CSP) inline-script blocking feature. Web applications relying on this feature of CSP to protect against cross-site scripting (XSS) were not fully protected. (CVE-2012-1944) * MFSA 2012-37 Security researcher Paul Stone reported an attack where an HTML page hosted on a Windows share and then loaded could then load Windows shortcut files (.lnk) in the same share. These shortcut files could then link to arbitrary locations on the local file system of the individual loading the HTML page. That page could show the contents of these linked files or directories from the local file system in an iframe, causing information disclosure. This issue could potentially affect Linux machines with samba shares enabled. (CVE-2012-1945) * MFSA 2012-38 Security researcher Arthur Gerkis used the Address Sanitizer tool to find a use-after-free while replacing/inserting a node in a document. This use-after-free could possibly allow for remote code execution. (CVE-2012-1946) * MFSA 2012-39 Security researcher Kaspar Brand found a flaw in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. Effects of this issue depend on the field. One known symptom is an unexploitable crash in handling OCSP responses. NSS also mishandles zero-length basic constraints, assuming default values for some types that should be rejected as malformed. These issues have been addressed in NSS 3.13.4, which is now being used by Mozilla. (CVE-2012-0441) * MFSA 2012-40 Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-free occurs in nsFrameList when working with column layout with absolute positioning in a container that changes size. The second buffer overflow occurs in nsHTMLReflowState when a window is resized on a page with nested columns and a combination of absolute and relative positioning. All three of these issues are potentially exploitable. Heap-buffer-overflow in utf16_to_isolatin1 (CVE-2012-1947) Heap-use-after-free in nsFrameList::FirstChild (CVE-2012-1940) Heap-buffer-overflow in nsHTMLReflowState::CalculateHypotheticalBox, with nested multi-column, relative position, and absolute position (CVE-2012-1941) More information on security issues can be found on: http://www.mozilla.org/security/announce/ Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-MozillaFirefox-6425 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-MozillaFirefox-6425 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-MozillaFirefox-6425 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-MozillaFirefox-6425 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-MozillaFirefox-6425 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-MozillaFirefox-6425 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-MozillaFirefox-6425 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-devel-4.9.1-0.5.1 mozilla-nss-devel-3.13.5-0.4.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-devel-4.9.1-0.5.1 mozilla-nss-devel-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.5,3.13.5 and 4.9.1]: MozillaFirefox-10.0.5-0.3.6 MozillaFirefox-translations-10.0.5-0.3.6 libfreebl3-3.13.5-0.4.2 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nss-32bit-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-x86-3.13.5-0.4.2 mozilla-nspr-x86-4.9.1-0.5.1 mozilla-nss-x86-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 10.0.5,3.13.5 and 4.9.1]: MozillaFirefox-10.0.5-0.3.6 MozillaFirefox-translations-10.0.5-0.3.6 libfreebl3-3.13.5-0.4.2 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nss-32bit-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.5,3.13.5 and 4.9.1]: MozillaFirefox-10.0.5-0.3.6 MozillaFirefox-translations-10.0.5-0.3.6 libfreebl3-3.13.5-0.4.2 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nss-32bit-3.13.5-0.4.2 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-x86-3.13.5-0.4.2 mozilla-nspr-x86-4.9.1-0.5.1 mozilla-nss-x86-3.13.5-0.4.2 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-4.9.1-0.8.1 mozilla-nspr-devel-4.9.1-0.8.1 mozilla-nss-3.13.5-0.7.2 mozilla-nss-devel-3.13.5-0.7.2 mozilla-nss-tools-3.13.5-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-10.0.5-0.8.4 MozillaFirefox-translations-10.0.5-0.8.4 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-32bit-4.9.1-0.8.1 mozilla-nss-32bit-3.13.5-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-x86-4.9.1-0.8.1 mozilla-nss-x86-3.13.5-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-64bit-4.9.1-0.8.1 mozilla-nss-64bit-3.13.5-0.7.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.5,3.13.5 and 4.9.1]: MozillaFirefox-10.0.5-0.3.6 MozillaFirefox-translations-10.0.5-0.3.6 libfreebl3-3.13.5-0.4.2 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nss-32bit-3.13.5-0.4.2 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 10.0.5,3.13.5 and 4.9.1]: MozillaFirefox-10.0.5-0.3.6 MozillaFirefox-translations-10.0.5-0.3.6 libfreebl3-3.13.5-0.4.2 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 3.13.5 and 4.9.1]: libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nss-32bit-3.13.5-0.4.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-4.9.1-0.8.1 mozilla-nspr-devel-4.9.1-0.8.1 mozilla-nss-3.13.5-0.7.2 mozilla-nss-devel-3.13.5-0.7.2 mozilla-nss-tools-3.13.5-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.13.5 and 4.9.1]: mozilla-nspr-32bit-4.9.1-0.8.1 mozilla-nss-32bit-3.13.5-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586): MozillaFirefox-10.0.5-0.8.4 MozillaFirefox-translations-10.0.5-0.8.4 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.5]: mozilla-nss-tools-3.13.5-0.7.2 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.5-0.8.4 References: https://bugzilla.novell.com/765204 http://download.novell.com/patch/finder/?keywords=07d017248ab36079da2d7b88d9bc2d80 http://download.novell.com/patch/finder/?keywords=17a6ba181710949a9ded0279ec9b1ffb From sle-updates at lists.suse.com Fri Jun 15 19:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 Jun 2012 03:08:27 +0200 (CEST) Subject: SUSE-SU-2012:0741-3: important: Security update for bind Message-ID: <20120616010827.8A7D232839@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0741-3 Rating: important References: #765315 Cross-References: CVE-2012-1667 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The following issue has been fixed: * Records with zero length rdata field could have crashed named or disclosed portions of memory to clients (CVE-2012-1667). Security Issue references: * CVE-2012-1667 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.10.1 bind-chrootenv-9.6ESVR7P1-0.10.1 bind-devel-9.6ESVR7P1-0.10.1 bind-doc-9.6ESVR7P1-0.10.1 bind-libs-9.6ESVR7P1-0.10.1 bind-utils-9.6ESVR7P1-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P1]: bind-libs-x86-9.6ESVR7P1-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P1]: bind-devel-64bit-9.6ESVR7P1-0.10.1 bind-libs-64bit-9.6ESVR7P1-0.10.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P1]: bind-libs-9.6ESVR7P1-0.10.1 bind-utils-9.6ESVR7P1-0.10.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P1]: bind-libs-32bit-9.6ESVR7P1-0.10.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P1]: bind-9.6ESVR7P1-0.10.1 bind-chrootenv-9.6ESVR7P1-0.10.1 bind-devel-9.6ESVR7P1-0.10.1 bind-doc-9.6ESVR7P1-0.10.1 - SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P1]: bind-devel-64bit-9.6ESVR7P1-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-1667.html https://bugzilla.novell.com/765315 http://download.novell.com/patch/finder/?keywords=4328ed71a96bc49951a61a9a05eab4f0 From sle-updates at lists.suse.com Mon Jun 18 09:08:43 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jun 2012 17:08:43 +0200 (CEST) Subject: SUSE-RU-2012:0756-1: Recommended update for release-notes-sles Message-ID: <20120618150843.DC3953283B@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0756-1 Rating: low References: #747605 #749554 #761121 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11-SP2. The changes in detail are: * Document security issue with XEN on Some AMD Processors * Document YaST Repair Tool Limitation (bnc#747605) * Using pstore to read kernel crashes (fate#311705) * More fixes: bnc#749554 (novfs and NCL, in fate#313160). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-6433 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.38]: release-notes-sles-11.2.0.38-0.7.1 References: https://bugzilla.novell.com/747605 https://bugzilla.novell.com/749554 https://bugzilla.novell.com/761121 http://download.novell.com/patch/finder/?keywords=6bcba0615c80cfb51be147b344606464 From sle-updates at lists.suse.com Mon Jun 18 10:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jun 2012 18:08:32 +0200 (CEST) Subject: SUSE-RU-2012:0757-1: moderate: Recommended update for yast2-dns-server Message-ID: <20120618160832.C7EC432832@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-dns-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0757-1 Rating: moderate References: #690237 #745560 #746363 #746401 #753038 #755592 #755766 #758745 #765445 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. It includes one version update. Description: This collective update for yast2-dns-server fixes the following reports: * 690237: yast2-dns-server fails to setup LDAP config * 745560: Fix broken zone-files when using subdomains * 746363: Issues with DNS TXT records added via YaST * 746401: Switching LDAP support on/off doesn't trigger saving the current status of all DNS zones * 755766: YaST2 DNS server plugin truncating TXT record values that contain a semi-colon * 753038: Triggering the global "modified" flag while adding/modifying a zone to be correctly stored later * 755592: Fixed removing RRs from LDAP when they share the same LDAP object with another non-deleted RRs * 758745: Fixed redrawing records settings UI entries when deleting records * 765445: Handle missing /etc/named.conf properly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-dns-server-6402 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-dns-server-6402 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-dns-server-6402 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.21]: yast2-dns-server-2.17.21-0.5.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.21]: yast2-dns-server-2.17.21-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.21]: yast2-dns-server-2.17.21-0.5.2 References: https://bugzilla.novell.com/690237 https://bugzilla.novell.com/745560 https://bugzilla.novell.com/746363 https://bugzilla.novell.com/746401 https://bugzilla.novell.com/753038 https://bugzilla.novell.com/755592 https://bugzilla.novell.com/755766 https://bugzilla.novell.com/758745 https://bugzilla.novell.com/765445 http://download.novell.com/patch/finder/?keywords=da2119100dbf483d1c82a04572b275f0 From sle-updates at lists.suse.com Mon Jun 18 11:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jun 2012 19:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0745-2: important: Recommended update for ksh Message-ID: <20120618170834.1F17B32839@maintenance.suse.de> SUSE Recommended Update: Recommended update for ksh ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0745-2 Rating: important References: #704898 #753845 #759730 #765171 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: This update to Korn Shell (ksh) resolves the following issues: * Restore the symbolic link /etc/ksh.kshrc which, in some specific circumstances, might have been removed by a previous update (bnc#759730) * Piping output to a pager under ksh may cause a hang on s390x (bnc#753845) * Add "close on execute" flag to file descriptors used for pipe handling to avoid warnings (bnc#704898) * Do not ignore backslashes/escapes for read built-in (bnc#765171). This update also includes fixes from the ksh93u+ upstream project released between Feb 14 and Feb 29 2012. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-ksh-6394 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-ksh-6394 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-ksh-6394 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-ksh-6394 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-ksh-6394 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-ksh-6394 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-ksh-6394 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 93u]: ksh-devel-93u-0.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 93u]: ksh-devel-93u-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 93u]: ksh-93u-0.10.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 93u]: ksh-93u-0.10.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 93u]: ksh-93u-0.10.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 93u]: ksh-93u-0.10.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 93u]: ksh-93u-0.10.1 References: https://bugzilla.novell.com/704898 https://bugzilla.novell.com/753845 https://bugzilla.novell.com/759730 https://bugzilla.novell.com/765171 http://download.novell.com/patch/finder/?keywords=00fd1027236f7f8f522cfb87c70503d9 From sle-updates at lists.suse.com Mon Jun 18 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jun 2012 19:08:35 +0200 (CEST) Subject: SUSE-RU-2012:0758-1: moderate: Recommended update for yast2-dns-server Message-ID: <20120618170835.89CA23283B@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-dns-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0758-1 Rating: moderate References: #646895 #676676 #679960 #690237 #745560 #746363 #746401 #753038 #755592 #755766 #758745 #765445 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. It includes one version update. Description: This collective update for yast2-dns-server provides fixes for the following reports: * 646895: Wildcard '*' not supported as valid hostname * 676676: Fix module proposing its own IP as forwarder * 679960: Fix DNS problems with zone creations * 690237: Fix yast2-dns-server failing to setup LDAP config * 745560: Fix incorrect zone-files when using subdomains * 746363: Fix Issues with DNS TXT records added via YaST * 746401: Fix switching LDAP support not triggering saving the current status * 755766: YaST2 DNS server plugin truncating TXT record values that contain a semi-colon * 753038: Triggering the global "modified" flag while adding/modifying a zone to be correctly stored later * 755592: Fixed removing RRs from LDAP when they share the same LDAP object with another non-deleted RRs * 758745: Fixed redrawing records settings UI entries when deleting records * 765445: Handle missing /etc/named.conf properly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-yast2-dns-server-6401 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-yast2-dns-server-6401 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-yast2-dns-server-6401 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 2.17.14.4]: yast2-dns-server-2.17.14.4-0.3.2 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 2.17.14.4]: yast2-dns-server-2.17.14.4-0.3.2 - SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 2.17.14.4]: yast2-dns-server-2.17.14.4-0.3.2 References: https://bugzilla.novell.com/646895 https://bugzilla.novell.com/676676 https://bugzilla.novell.com/679960 https://bugzilla.novell.com/690237 https://bugzilla.novell.com/745560 https://bugzilla.novell.com/746363 https://bugzilla.novell.com/746401 https://bugzilla.novell.com/753038 https://bugzilla.novell.com/755592 https://bugzilla.novell.com/755766 https://bugzilla.novell.com/758745 https://bugzilla.novell.com/765445 http://download.novell.com/patch/finder/?keywords=5530c84d3111c88a752259fd6a0ca27e From sle-updates at lists.suse.com Mon Jun 18 13:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jun 2012 21:08:29 +0200 (CEST) Subject: SUSE-SU-2012:0741-4: important: Security update for bind Message-ID: <20120618190829.4E6143283B@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0741-4 Rating: important References: #765315 Cross-References: CVE-2012-1667 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following issue has been fixed: * Records with zero length rdata field could have crashed named or disclosed portions of memory to clients (CVE-2012-1667). Security Issue references: * CVE-2012-1667 Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): bind-9.3.4-1.36.1 bind-chrootenv-9.3.4-1.36.1 bind-devel-9.3.4-1.36.1 bind-doc-9.3.4-1.36.1 bind-libs-9.3.4-1.36.1 bind-utils-9.3.4-1.36.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): bind-libs-32bit-9.3.4-1.36.1 References: http://support.novell.com/security/cve/CVE-2012-1667.html https://bugzilla.novell.com/765315 http://download.novell.com/patch/finder/?keywords=fa5792b05ad6f009c42c5cd575b8e906 From sle-updates at lists.suse.com Tue Jun 19 09:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jun 2012 17:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0761-1: Recommended update for release-notes-sles Message-ID: <20120619150830.B2B5632837@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0761-1 Rating: low References: #716670 #753983 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 10 SP4. The changes in detail are: Fix some suse.com references. Generate date and version information automatically (bnc#716670). Add samba version number (bnc#753983). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 10.4.11]: release-notes-sles-10.4.11-0.8.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 10.4.11]: release-notes-sles-10.4.11-0.8.1 References: https://bugzilla.novell.com/716670 https://bugzilla.novell.com/753983 http://download.novell.com/patch/finder/?keywords=55fa9ea4af7a0547f8ab7f036b630781 From sle-updates at lists.suse.com Tue Jun 19 14:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jun 2012 22:08:24 +0200 (CEST) Subject: SUSE-SU-2012:0762-1: critical: Security update for java-1_6_0-openjdk Message-ID: <20120619200824.F0BC03283C@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0762-1 Rating: critical References: #766802 Cross-References: CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: java-1_6_0-openjdk was updated to the IcedTea 1.11.3 release, fixing multiple security issues: * S7079902, CVE-2012-1711: Refine CORBA data models * S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations * S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC * S7143872, CVE-2012-1718: Improve certificate extension processing * S7152811, CVE-2012-1723: Issues in client compiler * S7157609, CVE-2012-1724: Issues with loop * S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile Security Issue references: * CVE-2012-1725 * CVE-2012-1723 * CVE-2012-1713 * CVE-2012-1716 * CVE-2012-1711 * CVE-2012-1724 * CVE-2012-1719 * CVE-2012-1717 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-java-1_6_0-openjdk-6437 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-java-1_6_0-openjdk-6437 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.3.1 java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.3.1 java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.3.1 java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.3.1 java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-1711.html http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1716.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1719.html http://support.novell.com/security/cve/CVE-2012-1723.html http://support.novell.com/security/cve/CVE-2012-1724.html http://support.novell.com/security/cve/CVE-2012-1725.html https://bugzilla.novell.com/766802 http://download.novell.com/patch/finder/?keywords=238a3f3249e53037791e1d82285d7523 From sle-updates at lists.suse.com Tue Jun 19 14:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jun 2012 22:08:26 +0200 (CEST) Subject: SUSE-SU-2012:0763-1: moderate: Security update for ImageMagick Message-ID: <20120619200826.D60BA3283C@maintenance.suse.de> SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0763-1 Rating: moderate References: #746880 #752879 #754749 #758512 Cross-References: CVE-2012-0247 CVE-2012-0248 CVE-2012-0259 CVE-2012-0260 CVE-2012-1185 CVE-2012-1186 CVE-2012-1610 CVE-2012-1798 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update of ImageMagick fixes multiple security vulnerabilities that could be exploited by attackers via specially crafted image files: * CVE-2012-0259 / CVE-2012-1610: Integer overflow when processing EXIF directory entries with tags of e.g. format 5 (EXIF_FMT_URATIONAL) and a large components count. * CVE-2012-0247 / CVE-2012-1185: Integer overflows via "number_bytes" and "offset" could lead to memory corruption. CVE-2012-0248 / CVE-2012-1186: Denial of service via "profile.c". * CVE-2012-0260: Denial of service via JPEG restart markers (excessive CPU consumption). * CVE-2012-1798: Copying of invalid memory when reading TIFF EXIF IFD. Security Issue references: * CVE-2012-0247 * CVE-2012-0248 * CVE-2012-1185 * CVE-2012-1186 * CVE-2012-0259 * CVE-2012-0260 * CVE-2012-1798 * CVE-2012-1610 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-ImageMagick-6226 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-ImageMagick-6226 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-ImageMagick-6226 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-ImageMagick-6226 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-ImageMagick-6226 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-ImageMagick-6226 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-ImageMagick-6226 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-7.24.1 ImageMagick-devel-6.4.3.6-7.24.1 libMagick++-devel-6.4.3.6-7.24.1 libMagick++1-6.4.3.6-7.24.1 libMagickWand1-6.4.3.6-7.24.1 perl-PerlMagick-6.4.3.6-7.24.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-7.24.1 ImageMagick-devel-6.4.3.6-7.24.1 libMagick++-devel-6.4.3.6-7.24.1 libMagick++1-6.4.3.6-7.24.1 libMagickWand1-6.4.3.6-7.24.1 perl-PerlMagick-6.4.3.6-7.24.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libMagickCore1-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libMagickCore1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-7.24.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ImageMagick-6.4.3.6-7.24.1 libMagick++1-6.4.3.6-7.24.1 libMagickCore1-6.4.3.6-7.24.1 libMagickWand1-6.4.3.6-7.24.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libMagickCore1-32bit-6.4.3.6-7.24.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): ImageMagick-6.4.3.6-7.24.1 libMagick++1-6.4.3.6-7.24.1 libMagickCore1-6.4.3.6-7.24.1 libMagickWand1-6.4.3.6-7.24.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libMagickCore1-32bit-6.4.3.6-7.24.1 References: http://support.novell.com/security/cve/CVE-2012-0247.html http://support.novell.com/security/cve/CVE-2012-0248.html http://support.novell.com/security/cve/CVE-2012-0259.html http://support.novell.com/security/cve/CVE-2012-0260.html http://support.novell.com/security/cve/CVE-2012-1185.html http://support.novell.com/security/cve/CVE-2012-1186.html http://support.novell.com/security/cve/CVE-2012-1610.html http://support.novell.com/security/cve/CVE-2012-1798.html https://bugzilla.novell.com/746880 https://bugzilla.novell.com/752879 https://bugzilla.novell.com/754749 https://bugzilla.novell.com/758512 http://download.novell.com/patch/finder/?keywords=02ea9cfe762a9d4a9f7250d6f994eb43 From sle-updates at lists.suse.com Tue Jun 19 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jun 2012 23:08:28 +0200 (CEST) Subject: SUSE-SU-2012:0764-1: moderate: Security update for ImageMagick Message-ID: <20120619210828.EBC9C3283C@maintenance.suse.de> SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0764-1 Rating: moderate References: #746880 #752879 #754749 #758512 Cross-References: CVE-2012-0247 CVE-2012-0248 CVE-2012-0259 CVE-2012-0260 CVE-2012-1185 CVE-2012-1186 CVE-2012-1610 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update of ImageMagick fixes multiple security vulnerabilities that could have been exploited by attackers via specially crafted image files: * CVE-2012-0259 / CVE-2012-1610: Integer overflow when processing EXIF directory entries with tags of e.g. format 5 (EXIF_FMT_URATIONAL) and a large components count. * CVE-2012-0247 / CVE-2012-1185: Integer overflows via "number_bytes" and "offset" could lead to memory corruption. * CVE-2012-0248 / CVE-2012-1186: Denial of service via "profile.c". * CVE-2012-0260: Denial of service via JPEG restart markers (excessive CPU consumption). Security Issue references: * CVE-2012-0247 * CVE-2012-0248 * CVE-2012-1185 * CVE-2012-1186 * CVE-2012-0259 * CVE-2012-0260 * CVE-2012-1610 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): ImageMagick-6.2.5-16.34.1 ImageMagick-Magick++-6.2.5-16.34.1 ImageMagick-devel-6.2.5-16.34.1 perl-PerlMagick-6.2.5-16.34.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): ImageMagick-6.2.5-16.34.1 ImageMagick-Magick++-6.2.5-16.34.1 ImageMagick-Magick++-devel-6.2.5-16.34.1 ImageMagick-devel-6.2.5-16.34.1 perl-PerlMagick-6.2.5-16.34.1 References: http://support.novell.com/security/cve/CVE-2012-0247.html http://support.novell.com/security/cve/CVE-2012-0248.html http://support.novell.com/security/cve/CVE-2012-0259.html http://support.novell.com/security/cve/CVE-2012-0260.html http://support.novell.com/security/cve/CVE-2012-1185.html http://support.novell.com/security/cve/CVE-2012-1186.html http://support.novell.com/security/cve/CVE-2012-1610.html https://bugzilla.novell.com/746880 https://bugzilla.novell.com/752879 https://bugzilla.novell.com/754749 https://bugzilla.novell.com/758512 http://download.novell.com/patch/finder/?keywords=73ca451abc4b60d47f7346db66e99f9a From sle-updates at lists.suse.com Wed Jun 20 08:08:21 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 16:08:21 +0200 (CEST) Subject: SUSE-SU-2012:0765-1: important: Security update for oracle-update Message-ID: <20120620140821.AF66D3283D@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0765-1 Rating: important References: #736238 #757705 #760074 #760660 #763895 #764049 Cross-References: CVE-2012-1675 Affected Products: SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has 5 fixes is now available. Description: This package wraps the Oracle Server update process for the Oracle server included in SUSE Manager. On installation of this package it will pull and install the Oracle updates and patches, integrated so that SUSE Manager is correctly stopped, the databases converted and restarted. It contains a security helper script that may adjust the Oracle server listening on all network interfaces to just listen on localhost (CVE-2012-1675). To switch to a configuration that will restrict the listener to localhost only run the following command as root: spacewalk-service stop /opt/apps/db-update/smdba-netswitch localhost spacewalk-service start In case you want to revert to the previous configuration, just run: spacewalk-service stop /opt/apps/db-update/smdba-netswitch worldwide spacewalk-service start Security Issue references: * CVE-2012-1675 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-oracle-update-6368 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): oracle-update-0.1-0.5.8.1 References: http://support.novell.com/security/cve/CVE-2012-1675.html https://bugzilla.novell.com/736238 https://bugzilla.novell.com/757705 https://bugzilla.novell.com/760074 https://bugzilla.novell.com/760660 https://bugzilla.novell.com/763895 https://bugzilla.novell.com/764049 http://download.novell.com/patch/finder/?keywords=a0b8b5031c3d0c502432381a5213b6c2 From sle-updates at lists.suse.com Wed Jun 20 10:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 18:08:35 +0200 (CEST) Subject: SUSE-FU-2012:0766-1: Feature update for tboot Message-ID: <20120620160835.A1BF03283D@maintenance.suse.de> SUSE Feature Update: Feature update for tboot ______________________________________________________________________________ Announcement ID: SUSE-FU-2012:0766-1 Rating: low References: #757713 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one feature fix can now be installed. Description: The Intel(R) trusted boot component tboot was updated to 1.7.0. (FATE#313333), including the following changes: * Print version number while changeset info unavailable * Document DA changes in README * Add event log for PCR extends in tboot * Follow details / authorities PCR mapping style in tboot * Support details / authorities PCR mapping * Support TPM event log * fix build issue for txt-stat in 64 bit environment. * update README for mwait AP wakeup mechanism * tboot: provide a new AP wakeup way for OS/VMM - mwait then memory write * Original txt-stat.c doesn't display TXT heap info by default. Add command line options to display help info and optionally enable displaying heap info. * Fix a shutdown issue on heavily throttled large server * Adjust mle_hdr.{mle|cmdline}_{start|end}_off according to CS285,286 changes to give lcp_mlehash correct info to produce hash value. * Fix boot issue caused by including mle page table into tboot memory * Fix for possible overwritting to mle page table by GRUB2 * Add PAGE_UP() fn that rounds things up/donw to a page. * Update get_mbi_mem_end() with a accurate, safer calculating way ACPI fix and sanity check * Add some sanity check before using mods_count in a count-down loop * TPM: add waiting on expect==0 before issue tpmGo * txt-stat: Don't show heap info by default. * Exchange definitions for TBOOT_BASE_ADDR & TBOOT_START * Add const qualifier for suibable parms of all possible fns. * fix possible mbi overwrite issue for Linux with grub2 * enhance print_mbi() to print more mbi info for debug purpose * Fix for GRUB2 loading elf image such as Xen. * Move apply_policy() call into txt_post_launch() * Don't zap s3_key in tboot shared page if sealing failed due to tpm unowned * Update the explanation of signed lists to make it clearer. * tboot: add a fall back for reboot via keyboard reset vector * tboot: revise README to explain how to configure GRUB2 config file for tboot * tboot: rewrite acpi reg access fns to refer to bit_width instead of access_width * tboot: change reboot mechanism to use keyboard reset vector * tboot: handle mis-programmed TXT config regs and TXT heap gracefully * tboot: add warning when TPM timeout values are wrong * all PM1_CNT accesses should be 16bit. * Enlarge NR_CPUS from 64 to 256 * Add support for SBIOS policy element type (LCP_SBIOS_ELEMENT) to lcp_crtpolelt * Fix processor id list matching between platform and acmod * Make lcp_crtpollist support empty lists (i.e. with no elements) * print a bit more error reasons in txt-stat * Fix segmentation fault in txt-stat on some systems Indications: Trusted computing users should update Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-tboot-6174 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-tboot-6174 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): tboot-20120115_1.7.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): tboot-20120115_1.7.0-0.5.1 References: https://bugzilla.novell.com/757713 http://download.novell.com/patch/finder/?keywords=68904f340444bf1986132dced511c5d2 From sle-updates at lists.suse.com Wed Jun 20 10:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 18:08:37 +0200 (CEST) Subject: SUSE-SU-2012:0767-1: moderate: Security update for dhcpcd Message-ID: <20120620160837.39CDB3283E@maintenance.suse.de> SUSE Security Update: Security update for dhcpcd ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0767-1 Rating: moderate References: #758227 #760334 Cross-References: CVE-2012-2152 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: A stack overflow in dhcpcd was fixed which could be used by network local attackers to crash the dhcpcd and so causing loss of DHCP functionality. (CVE-2012-2152) Security Issue references: * CVE-2012-2152 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-dhcpcd-6301 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-dhcpcd-6301 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-dhcpcd-6301 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-dhcpcd-6301 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-dhcpcd-6301 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): dhcpcd-3.2.3-44.30.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): dhcpcd-3.2.3-44.30.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): dhcpcd-3.2.3-44.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): dhcpcd-3.2.3-44.30.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): dhcpcd-3.2.3-44.30.1 References: http://support.novell.com/security/cve/CVE-2012-2152.html https://bugzilla.novell.com/758227 https://bugzilla.novell.com/760334 http://download.novell.com/patch/finder/?keywords=577fbcb78b8b81944e88bbcc835dbdf6 From sle-updates at lists.suse.com Wed Jun 20 12:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 20:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0768-1: moderate: Recommended update for LVM2 Message-ID: <20120620180829.DEAC53283E@maintenance.suse.de> SUSE Recommended Update: Recommended update for LVM2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0768-1 Rating: moderate References: #626749 #760832 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to LVM2 resolves the following issues: * Fix a problem that prevented LVM volumes running on top of iSCSI devices from being mounted at boot time. * Suppress an incorrect warning message from "pvs -a" output. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-lvm2-6417 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-lvm2-6417 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-lvm2-6417 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): lvm2-2.02.39-18.52.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): lvm2-2.02.39-18.52.2 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): lvm2-2.02.39-18.52.2 References: https://bugzilla.novell.com/626749 https://bugzilla.novell.com/760832 http://download.novell.com/patch/finder/?keywords=8bb8af34af9b436c5a984f95ab9b39b5 From sle-updates at lists.suse.com Wed Jun 20 13:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 21:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0769-1: moderate: Recommended update for LVM2 Message-ID: <20120620190831.8646E3283D@maintenance.suse.de> SUSE Recommended Update: Recommended update for LVM2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0769-1 Rating: moderate References: #756995 #760832 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to LVM2 resolves the following issues: * Re-enable support for mirrored logical volumes through cmirrord. * Suppress an incorrect warning message from "pvs -a" output. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lvm2-6418 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lvm2-6418 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-lvm2-6418 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): lvm2-2.02.84-3.29.12 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): lvm2-2.02.84-3.29.12 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): lvm2-2.02.84-3.29.12 References: https://bugzilla.novell.com/756995 https://bugzilla.novell.com/760832 http://download.novell.com/patch/finder/?keywords=6afafa0eab77afa1efd1b504e61b2ab8 From sle-updates at lists.suse.com Wed Jun 20 13:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 21:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0770-1: Recommended update for man-pages Message-ID: <20120620190833.50BAC32837@maintenance.suse.de> SUSE Recommended Update: Recommended update for man-pages ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0770-1 Rating: low References: #470005 #742607 #753103 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to man-pages improves the open(2) man page to describe in more detail a race condition that can occur between the fork() system call and direct I/O operations. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-man-pages-6323 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-man-pages-6323 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-man-pages-6322 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-man-pages-6322 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-man-pages-6323 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-man-pages-6322 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): man-pages-3.15-2.23.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): man-pages-3.15-2.23.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch): man-pages-3.15-2.20.16.1 - SUSE Linux Enterprise Server 11 SP1 (noarch): man-pages-3.15-2.20.16.1 - SUSE Linux Enterprise Server 10 SP4 (noarch): man-pages-2.68-20.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): man-pages-3.15-2.23.1 - SUSE Linux Enterprise Desktop 11 SP1 (noarch): man-pages-3.15-2.20.16.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch): man-pages-2.68-20.12.1 References: https://bugzilla.novell.com/470005 https://bugzilla.novell.com/742607 https://bugzilla.novell.com/753103 http://download.novell.com/patch/finder/?keywords=37fd814f91b89f9b806b6d0ed409127b http://download.novell.com/patch/finder/?keywords=56c88758dc23e761de96db197f1987b0 http://download.novell.com/patch/finder/?keywords=d692fe308e1dc0f2d5fca151bd9dfd5e From sle-updates at lists.suse.com Wed Jun 20 14:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 22:08:26 +0200 (CEST) Subject: SUSE-SU-2012:0771-1: moderate: Security update for puppet Message-ID: <20120620200826.A29BA32837@maintenance.suse.de> SUSE Security Update: Security update for puppet ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0771-1 Rating: moderate References: #755726 #755869 #755870 #755871 #755872 Cross-References: CVE-2012-1986 CVE-2012-1987 CVE-2012-1988 CVE-2012-1989 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. It includes one version update. Description: This update fixes the following issues: * CVE-2011-1986: Filebucket arbitrary file read * CVE-2012-1987: Filebucket DoS * CVE-2012-1988: Filebucket arbitrary code execution * CVE-2012-1989: insecure handling of temporary files Security Issue references: * CVE-2012-1988 * CVE-2012-1989 * CVE-2012-1986 * CVE-2012-1987 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-puppet-6115 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-puppet-6115 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-puppet-6115 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-puppet-6115 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-puppet-6115 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.12]: puppet-2.6.12-0.14.1 puppet-server-2.6.12-0.14.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.12]: puppet-2.6.12-0.14.1 puppet-server-2.6.12-0.14.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.12]: puppet-2.6.12-0.14.1 puppet-server-2.6.12-0.14.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.12]: puppet-2.6.12-0.14.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.12]: puppet-2.6.12-0.14.1 References: http://support.novell.com/security/cve/CVE-2012-1986.html http://support.novell.com/security/cve/CVE-2012-1987.html http://support.novell.com/security/cve/CVE-2012-1988.html http://support.novell.com/security/cve/CVE-2012-1989.html https://bugzilla.novell.com/755726 https://bugzilla.novell.com/755869 https://bugzilla.novell.com/755870 https://bugzilla.novell.com/755871 https://bugzilla.novell.com/755872 http://download.novell.com/patch/finder/?keywords=d5875dc9c1e3b6b7298be6f4723c1894 From sle-updates at lists.suse.com Wed Jun 20 15:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jun 2012 23:08:32 +0200 (CEST) Subject: SUSE-SU-2012:0772-1: moderate: Security update for expat Message-ID: <20120620210832.5B59E3283E@maintenance.suse.de> SUSE Security Update: Security update for expat ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0772-1 Rating: moderate References: #750914 #751464 #751465 Cross-References: CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The following issues have been fixed: * expat was prone to a hash collision attack that could lead to excessive CPU usage (CVE-2012-0876) * expat didn't close file descriptors in some cases (CVE-2012-1147) * specially crafted XML files could lead to a memory leak (CVE-2012-1148) Security Issue references: * CVE-2012-0876 * CVE-2012-1147 * CVE-2012-1148 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): expat-2.0.0-13.17.25 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): expat-32bit-2.0.0-13.17.25 - SUSE Linux Enterprise Server 10 SP4 (ia64): expat-x86-2.0.0-13.17.25 - SUSE Linux Enterprise Server 10 SP4 (ppc): expat-64bit-2.0.0-13.17.25 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): expat-2.0.0-13.17.25 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): expat-32bit-2.0.0-13.17.25 References: http://support.novell.com/security/cve/CVE-2012-0876.html http://support.novell.com/security/cve/CVE-2012-1147.html http://support.novell.com/security/cve/CVE-2012-1148.html https://bugzilla.novell.com/750914 https://bugzilla.novell.com/751464 https://bugzilla.novell.com/751465 http://download.novell.com/patch/finder/?keywords=4a77c640139b9b5a7e5b29f40a1e6f95 From sle-updates at lists.suse.com Wed Jun 20 16:09:00 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 00:09:00 +0200 (CEST) Subject: SUSE-SU-2012:0773-1: moderate: Security update for expat Message-ID: <20120620220900.5D7D13283F@maintenance.suse.de> SUSE Security Update: Security update for expat ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0773-1 Rating: moderate References: #750914 #751464 #751465 #755377 Cross-References: CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update of expat fixes the following bugs: * hash collision attack that could lead to exessive CPU usage (CVE-2012-0876) * expat didn't close file descriptors in some cases (CVE-2012-1147) * specially crafted xml files could lead to a memory leak (CVE-2012-1148) Security Issue references: * CVE-2012-0876 * CVE-2012-1147 * CVE-2012-1148 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-expat-6200 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-expat-6200 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-expat-6200 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-expat-6200 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-expat-6200 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-expat-6200 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-expat-6200 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libexpat-devel-2.0.1-88.34.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libexpat-devel-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): expat-2.0.1-88.34.1 libexpat1-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libexpat1-32bit-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libexpat1-x86-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): expat-2.0.1-88.34.1 libexpat1-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libexpat1-32bit-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): expat-2.0.1-88.34.1 libexpat1-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libexpat1-32bit-2.0.1-88.34.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libexpat1-x86-2.0.1-88.34.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): expat-2.0.1-88.34.1 libexpat1-2.0.1-88.34.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libexpat1-32bit-2.0.1-88.34.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): expat-2.0.1-88.34.1 libexpat1-2.0.1-88.34.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libexpat1-32bit-2.0.1-88.34.1 References: http://support.novell.com/security/cve/CVE-2012-0876.html http://support.novell.com/security/cve/CVE-2012-1147.html http://support.novell.com/security/cve/CVE-2012-1148.html https://bugzilla.novell.com/750914 https://bugzilla.novell.com/751464 https://bugzilla.novell.com/751465 https://bugzilla.novell.com/755377 http://download.novell.com/patch/finder/?keywords=4f4720017d3689f1be23fb836976906d From sle-updates at lists.suse.com Wed Jun 20 16:09:02 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 00:09:02 +0200 (CEST) Subject: SUSE-RU-2012:0756-2: Recommended update for release-notes-SLES-for-VMware Message-ID: <20120620220902.2893E3283F@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-SLES-for-VMware ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0756-2 Rating: low References: #747605 #749554 #761121 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11-SP2 for VMware. The changes in detail are: * Document security issue with XEN on Some AMD Processors * Document YaST Repair Tool Limitation (bnc#747605) * Using pstore to read kernel crashes (fate#311705) * More fixes: bnc#749554 (novfs and NCL, in fate#313160). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-SLES-for-VMware-6432 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.38]: release-notes-SLES-for-VMware-11.2.0.38-0.7.1 References: https://bugzilla.novell.com/747605 https://bugzilla.novell.com/749554 https://bugzilla.novell.com/761121 http://download.novell.com/patch/finder/?keywords=69d2fc43efc5645f7827a9689fb2f0bc From sle-updates at lists.suse.com Wed Jun 20 17:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 01:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0774-1: Recommended update for hwinfo Message-ID: <20120620230830.AE87E3283C@maintenance.suse.de> SUSE Recommended Update: Recommended update for hwinfo ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0774-1 Rating: low References: #748993 #760240 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to hwinfo provides improved hardware detection: * map system bios (bnc#748993) * getsysinfo: do not try to copy event files from debugfs (bnc#760240). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-hwinfo-6337 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-hwinfo-6337 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-hwinfo-6337 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-hwinfo-6337 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.46]: hwinfo-devel-15.46-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 15.46]: hwinfo-15.46-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.46]: hwinfo-15.46-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 15.46]: hwinfo-15.46-0.9.1 References: https://bugzilla.novell.com/748993 https://bugzilla.novell.com/760240 http://download.novell.com/patch/finder/?keywords=9db41037fcf2342e66c0d4791748f538 From sle-updates at lists.suse.com Thu Jun 21 11:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 19:08:26 +0200 (CEST) Subject: SUSE-RU-2012:0775-1: Recommended update for servicelog Message-ID: <20120621170826.745A03283F@maintenance.suse.de> SUSE Recommended Update: Recommended update for servicelog ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0775-1 Rating: low References: #728709 Affected Products: SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides servicelog 1.1.9 (bnc#728709), which fixes bugs in the servicelog_manage command. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-servicelog-6027 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 1.1.9]: servicelog-1.1.9-0.4.3.1 References: https://bugzilla.novell.com/728709 http://download.novell.com/patch/finder/?keywords=81ae365a5c575f0400c7496a09be9b44 From sle-updates at lists.suse.com Thu Jun 21 11:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 19:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0776-1: Recommended update for libvpd2 Message-ID: <20120621170828.23EFF32841@maintenance.suse.de> SUSE Recommended Update: Recommended update for libvpd2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0776-1 Rating: low References: #703848 #707631 #709565 #728709 #736245 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes two new package versions. Description: This updates lsvpd to version 1.6.11, which provides fixes for the following reports: * 703848: Fix servicelog linking against a ppc only lib * 707631: lsvpd: Fix lsvio -e does not display the correct information * 709565: Add dependency for thin provisioning * 728709: update RAS ppc64 packages * 736245: lsvio command with -s, -d, -e etc options does not exit with an error message for non VIO clients Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-lsvpd-1611-6150 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-lsvpd-1611-6150 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64) [New Version: 2.1.3]: libvpd2-devel-2.1.3-0.8.3.2 - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 1.6.11 and 2.1.3]: libvpd2-2.1.3-0.8.3.2 lsvpd-1.6.11-0.10.3.1 References: https://bugzilla.novell.com/703848 https://bugzilla.novell.com/707631 https://bugzilla.novell.com/709565 https://bugzilla.novell.com/728709 https://bugzilla.novell.com/736245 http://download.novell.com/patch/finder/?keywords=83177061cea6f56ddcf35672ae2e053d From sle-updates at lists.suse.com Thu Jun 21 11:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 19:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0777-1: Recommended update for powerpc-utils, powerpc-utils-debuginfo, powerpc-utils-debugsource Message-ID: <20120621170829.AE5E032841@maintenance.suse.de> SUSE Recommended Update: Recommended update for powerpc-utils, powerpc-utils-debuginfo, powerpc-utils-debugsource ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0777-1 Rating: low References: #748248 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for powerpc-utils adds a check for a missing events file when calling rtas_dump -f. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-powerpc-utils-6026 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-powerpc-utils-6026 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 1.2.11]: powerpc-utils-1.2.11-0.4.4.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 1.2.11]: powerpc-utils-1.2.11-0.4.4.1 References: https://bugzilla.novell.com/748248 http://download.novell.com/patch/finder/?keywords=312b668f1115f67ae43a5c9248580016 From sle-updates at lists.suse.com Thu Jun 21 11:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jun 2012 19:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0778-1: Recommended update for ppc64-diag Message-ID: <20120621170831.377793283F@maintenance.suse.de> SUSE Recommended Update: Recommended update for ppc64-diag ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0778-1 Rating: low References: #706054 #707033 #712920 Affected Products: SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for ppc64-diag provides an update to 2.4.2, including the following fixes: * Minor modifications to GPFS catalog files * Added gpfs files to the catalog, updated ppc64-diag-setup * fix rtas exit probe option * fix rtas_errd --help gives segfault Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-ppc64-diag-6412 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 2.4.2]: ppc64-diag-2.4.2-0.4.2.1 References: https://bugzilla.novell.com/706054 https://bugzilla.novell.com/707033 https://bugzilla.novell.com/712920 http://download.novell.com/patch/finder/?keywords=047c4cd76e3ea7823af65795ccc1e818 From sle-updates at lists.suse.com Thu Jun 21 16:09:01 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jun 2012 00:09:01 +0200 (CEST) Subject: SUSE-RU-2012:0779-1: Recommended update for hwinfo Message-ID: <20120621220901.0EB1E3283F@maintenance.suse.de> SUSE Recommended Update: Recommended update for hwinfo ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0779-1 Rating: low References: #639807 #644149 #644299 #645877 #654959 #678966 #693090 #716708 #719202 #720082 #725134 #748993 #760240 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has 13 recommended fixes can now be installed. It includes one version update. Description: This update to hwinfo provides improved hardware detection: * properly detect FCOE disks (bnc#725134) * s390: recognize model 2 OSA Express interfaces (bnc#720082) * add id to Validity fingerprint sensor (bnc#719202) * fix network detection if several interfaces are attached to a single PCI function (bnc#693090) * update vmbus device detection (bnc#716708) * add unisys hypervisor bus info (bnc#678966) * add vmbus storage controllers (bnc#654959) * report InfiniBand controller as network controller (bnc#645877, bnc#644299) * support Validity fingerprint sensor (bnc#644149) * recognize InfiniBand controller (bnc#645877, bnc#644299, bnc#639807) * map system bios (bnc#748993) * getsysinfo: do not try to copy event files from debugfs (bnc#760240). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-hwinfo-6334 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-hwinfo-6334 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-hwinfo-6334 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-hwinfo-6334 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.46]: hwinfo-devel-15.46-0.6.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 15.46]: hwinfo-15.46-0.6.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.46]: hwinfo-15.46-0.6.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 15.46]: hwinfo-15.46-0.6.1 References: https://bugzilla.novell.com/639807 https://bugzilla.novell.com/644149 https://bugzilla.novell.com/644299 https://bugzilla.novell.com/645877 https://bugzilla.novell.com/654959 https://bugzilla.novell.com/678966 https://bugzilla.novell.com/693090 https://bugzilla.novell.com/716708 https://bugzilla.novell.com/719202 https://bugzilla.novell.com/720082 https://bugzilla.novell.com/725134 https://bugzilla.novell.com/748993 https://bugzilla.novell.com/760240 http://download.novell.com/patch/finder/?keywords=0e9d96ce8becfaa19f1ebef54f49fe90 From sle-updates at lists.suse.com Thu Jun 21 17:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jun 2012 01:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0780-1: Recommended update for libslab Message-ID: <20120621230832.047D33283B@maintenance.suse.de> SUSE Recommended Update: Recommended update for libslab ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0780-1 Rating: low References: #752262 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes crashes, for example in gnome-main-menu, when run in gb18030 locale. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libslab-6068 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libslab-6068 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libslab-6068 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libslab-6068 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libslab-6068 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libslab-6068 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libslab-6068 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libslab-devel-2.27.91-6.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libslab-devel-2.27.91-6.17.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libslab-lang-2.27.91-6.17.1 libslab0-2.27.91-6.17.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libslab-lang-2.27.91-6.17.1 libslab0-2.27.91-6.17.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libslab-lang-2.27.91-6.17.1 libslab0-2.27.91-6.17.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libslab-lang-2.27.91-6.17.1 libslab0-2.27.91-6.17.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libslab-lang-2.27.91-6.17.1 libslab0-2.27.91-6.17.1 References: https://bugzilla.novell.com/752262 http://download.novell.com/patch/finder/?keywords=7ce09a8eb7e3d3272f8654fc7dfbe4a9 From sle-updates at lists.suse.com Fri Jun 22 11:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jun 2012 19:08:36 +0200 (CEST) Subject: SUSE-SU-2012:0782-1: important: Security update for finch, libpurple and pidgin Message-ID: <20120622170836.7693832841@maintenance.suse.de> SUSE Security Update: Security update for finch, libpurple and pidgin ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0782-1 Rating: important References: #752275 #760890 #761155 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Various remote triggerable crashes in pidgin have been fixed: * CVE-2012-1178: In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text (). * CVE-2012-1178/CVE-2012-2318: Incoming messages with certain characters or character encodings can cause clients to crash. * CVE-2012-2214: A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-finch-6294 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-finch-6294 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-finch-6294 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-finch-6294 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): finch-2.6.6-0.15.1 finch-devel-2.6.6-0.15.1 libpurple-2.6.6-0.15.1 libpurple-devel-2.6.6-0.15.1 libpurple-lang-2.6.6-0.15.1 pidgin-2.6.6-0.15.1 pidgin-devel-2.6.6-0.15.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): finch-2.6.6-0.15.1 finch-devel-2.6.6-0.15.1 libpurple-2.6.6-0.15.1 libpurple-devel-2.6.6-0.15.1 libpurple-lang-2.6.6-0.15.1 pidgin-2.6.6-0.15.1 pidgin-devel-2.6.6-0.15.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): finch-2.6.6-0.15.1 libpurple-2.6.6-0.15.1 libpurple-lang-2.6.6-0.15.1 libpurple-meanwhile-2.6.6-0.15.1 libpurple-tcl-2.6.6-0.15.1 pidgin-2.6.6-0.15.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): finch-2.6.6-0.15.1 libpurple-2.6.6-0.15.1 libpurple-lang-2.6.6-0.15.1 libpurple-meanwhile-2.6.6-0.15.1 libpurple-tcl-2.6.6-0.15.1 pidgin-2.6.6-0.15.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): finch-2.6.6-0.16.1 libpurple-2.6.6-0.16.1 pidgin-2.6.6-0.16.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): finch-2.6.6-0.16.1 finch-devel-2.6.6-0.16.1 libpurple-2.6.6-0.16.1 libpurple-devel-2.6.6-0.16.1 pidgin-2.6.6-0.16.1 pidgin-devel-2.6.6-0.16.1 References: https://bugzilla.novell.com/752275 https://bugzilla.novell.com/760890 https://bugzilla.novell.com/761155 http://download.novell.com/patch/finder/?keywords=1444b130f542f9e056af8af62199bd10 http://download.novell.com/patch/finder/?keywords=b0914368d9cc2257e01e528c5ffb01e8 From sle-updates at lists.suse.com Mon Jun 25 18:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 02:08:23 +0200 (CEST) Subject: SUSE-SU-2012:0789-1: important: Security update for Linux kernel Message-ID: <20120626000823.0B1413283F@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0789-1 Rating: important References: #556135 #735909 #743579 #744404 #747404 #754690 #756050 #757315 #758243 #759336 #759545 #759805 #760237 #760806 #761087 #761245 #762991 #762992 #763267 #763307 #763485 #763717 #764091 #764150 #764209 #764500 #764900 #765102 #765253 #765320 #765524 Cross-References: CVE-2012-2119 CVE-2012-2136 CVE-2012-2373 CVE-2012-2375 CVE-2012-2390 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 26 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.34, fixing a lot of bugs and security issues. The update from Linux kernel 3.0.31 to 3.0.34 also fixes various bugs not listed here. The following security issues have been fixed: * CVE-2012-2136: Local attackers could trigger an overflow in sock_alloc_send_pksb(), potentially crashing the machine or escalate privileges. * CVE-2012-2390: A memory leak in transparent hugepages on mmap failure could be used by local attacker to run the machine out of memory (local denial of service). * CVE-2012-2119: A malicious guest driver could overflow the host stack by passing a long descriptor, so potentially crashing the host system or escalating privileges on the host. * CVE-2012-2375: Malicious NFS server could crash the clients when more than 2 GETATTR bitmap words are returned in response to the FATTR4_ACL attribute requests, only incompletely fixed by CVE-2011-4131. The following non-security bugs have been fixed: Hyper-V: * storvsc: Properly handle errors from the host (bnc#747404). * HID: hid-hyperv: Do not use hid_parse_report() directly. * HID: hyperv: Set the hid drvdata correctly. * drivers/hv: Get rid of an unnecessary check in vmbus_prep_negotiate_resp(). * drivers/hv: util: Properly handle version negotiations. * hv: fix return type of hv_post_message(). * net/hyperv: Add flow control based on hi/low watermark. * usb/net: rndis: break out <1/rndis.h> defines. only net/hyperv part * usb/net: rndis: remove ambigous status codes. only net/hyperv part * usb/net: rndis: merge command codes. only net/hyperv part * net/hyperv: Adding cancellation to ensure rndis filter is closed. * update hv drivers to 3.4-rc1, requires new hv_kvp_daemon: * drivers: hv: kvp: Add/cleanup connector defines. * drivers: hv: kvp: Move the contents of hv_kvp.h to hyperv.h. * net/hyperv: Convert camel cased variables in rndis_filter.c to lower cases. * net/hyperv: Correct the assignment in netvsc_recv_callback(). * net/hyperv: Remove the unnecessary memset in rndis_filter_send(). * drivers: hv: Cleanup the kvp related state in hyperv.h. * tools: hv: Use hyperv.h to get the KVP definitions. * drivers: hv: kvp: Cleanup the kernel/user protocol. * drivers: hv: Increase the number of VCPUs supported in the guest. * net/hyperv: Fix data corruption in rndis_filter_receive(). * net/hyperv: Add support for vlan trunking from guests. * Drivers: hv: Add new message types to enhance KVP. * Drivers: hv: Support the newly introduced KVP messages in the driver. * Tools: hv: Fully support the new KVP verbs in the user level daemon. * Tools: hv: Support enumeration from all the pools. * net/hyperv: Fix the code handling tx busy. * patches.suse/suse-hv-pata_piix-ignore-disks.patch replace our version of this patch with upstream variant: ata_piix: defer disks to the Hyper-V drivers by default libata: add a host flag to ignore detected ATA devices. Btrfs: * btrfs: more module message prefixes. * vfs: re-implement writeback_inodes_sb(_nr)_if_idle() and rename them * btrfs: flush all the dirty pages if try_to_writeback_inodes_sb_nr() fails * vfs: re-implement writeback_inodes_sb(_nr)_if_idle() and rename them * btrfs: fix locking in btrfs_destroy_delayed_refs * btrfs: wake up transaction waiters when aborting a transaction * btrfs: abort the transaction if the commit fails * btrfs: fix btrfs_destroy_marked_extents * btrfs: unlock everything properly in the error case for nocow * btrfs: fix return code in drop_objectid_items * btrfs: check to see if the inode is in the log before fsyncing * btrfs: pass locked_page into extent_clear_unlock_delalloc if theres an error * btrfs: check the return code of btrfs_save_ino_cache * btrfs: do not update atime for RO snapshots (FATE#306586). * btrfs: convert the inode bit field to use the actual bit operations * btrfs: fix deadlock when the process of delayed refs fails * btrfs: stop defrag the files automatically when doin readonly remount or umount * btrfs: avoid memory leak of extent state in error handling routine * btrfs: make sure that we have made everything in pinned tree clean * btrfs: destroy the items of the delayed inodes in error handling routine * btrfs: ulist realloc bugfix * btrfs: bugfix in btrfs_find_parent_nodes * btrfs: bugfix: ignore the wrong key for indirect tree block backrefs * btrfs: avoid buffer overrun in btrfs_printk * btrfs: fall back to non-inline if we do not have enough space * btrfs: NUL-terminate path buffer in DEV_INFO ioctl result * btrfs: avoid buffer overrun in mount option handling * btrfs: do not do balance in readonly mode * btrfs: fix the same inode id problem when doing auto defragment * btrfs: fix wrong error returned by adding a device * btrfs: use fastpath in extent state ops as much as possible Misc: * tcp: drop SYN+FIN messages (bnc#765102). * mm: avoid swapping out with swappiness==0 (swappiness). * thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991). * paravirt: Split paravirt MMU ops (bnc#556135, bnc#754690, FATE#306453). * paravirt: Only export pv_mmu_ops symbol if PARAVIRT_MMU * parvirt: Stub support KABI for KVM_MMU (bnc#556135, bnc#754690, FATE#306453). * tmpfs: implement NUMA node interleaving (bnc#764209). * synaptics-hp-clickpad: Fix the detection of LED on the recent HP laptops (bnc#765524) * supported.conf: mark xt_AUDIT as supported (bnc#765253) * mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (bnc#762991 CVE-2012-2373). * xhci: Do not free endpoints in xhci_mem_cleanup() (bnc#763307). * xhci: Fix invalid loop check in xhci_free_tt_info() (bnc#763307). * drm: Skip too big EDID extensions (bnc#764900). * drm/i915: Add HP EliteBook to LVDS-temporary-disable list (bnc#763717). * hwmon: (fam15h_power) Increase output resolution (bnc#759336). * hwmon: (k10temp) Add support for AMD Trinity CPUs (bnc#759336). * rpm/kernel-binary.spec.in: Own the right -kdump initrd (bnc#764500) * memcg: prevent from OOM with too many dirty pages. * dasd: re-prioritize partition detection message (bnc#764091,LTC#81617). * kernel: pfault task state race (bnc#764091,LTC#81724). * kernel: clear page table for sw large page emulation (bnc#764091,LTC#81933). * USB: fix bug of device descriptor got from superspeed device (bnc#761087). * xfrm: take net hdr len into account for esp payload size calculation (bnc#759545). * st: clean up dev cleanup in st_probe (bnc#760806). * st: clean up device file creation and removal (bnc#760806). * st: get rid of scsi_tapes array (bnc#760806). * st: raise device limit (bnc#760806). * st: Use static class attributes (bnc#760806). * mm: Optimize put_mems_allowed() usage (VM performance). * cifs: fix oops while traversing open file list (try #4) (bnc#756050). * scsi: Fix dm-multipath starvation when scsi host is busy (bnc#763485). * dasd: process all requests in the device tasklet (bnc#763267). * rt2x00:Add RT539b chipset support (bnc#760237). * kabi/severities: Ignore changes in drivers/net/wireless/rt2x00, these are just exports used among the rt2x00 modules. * rt2800: radio 3xxx: reprogram only lower bits of RF_R3 (bnc#759805). * rt2800: radio 3xxx: program RF_R1 during channel switch (bnc#759805). * rt2800: radio 3xxxx: channel switch RX/TX calibration fixes (bnc#759805). * rt2x00: Avoid unnecessary uncached (bnc#759805). * rt2x00: Introduce sta_add/remove callbacks (bnc#759805). * rt2x00: Add WCID to crypto struct (bnc#759805). * rt2x00: Add WCID to HT TX descriptor (bnc#759805). * rt2x00: Move bssidx calculation into its own function (bnc#759805). * rt2x00: Make use of sta_add/remove callbacks in rt2800 (bnc#759805). * rt2x00: Forbid aggregation for STAs not programmed into the hw (bnc#759805). * rt2x00: handle spurious pci interrupts (bnc#759805). * rt2800: disable DMA after firmware load. * rt2800: radio 3xxx: add channel switch calibration routines (bnc#759805). * rpm/kernel-binary.spec.in: Obsolete ath3k, as it is now in the tree. * floppy: remove floppy-specific O_EXCL handling (bnc#757315). * floppy: convert to delayed work and single-thread wq (bnc#761245). Security Issue references: * CVE-2012-2119 * CVE-2012-2136 * CVE-2012-2373 * CVE-2012-2390 * CVE-2012-2375 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-6457 slessp2-kernel-6463 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-6453 slessp2-kernel-6457 slessp2-kernel-6458 slessp2-kernel-6463 slessp2-kernel-6467 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-6453 sleshasp2-kernel-6457 sleshasp2-kernel-6458 sleshasp2-kernel-6463 sleshasp2-kernel-6467 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-6457 sledsp2-kernel-6463 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.34]: kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.34]: kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.34]: kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.34]: kernel-ec2-3.0.34-0.7.9 kernel-ec2-base-3.0.34-0.7.9 kernel-ec2-devel-3.0.34-0.7.9 kernel-xen-3.0.34-0.7.9 kernel-xen-base-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.34]: kernel-default-man-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.34]: kernel-ppc64-3.0.34-0.7.9 kernel-ppc64-base-3.0.34-0.7.9 kernel-ppc64-devel-3.0.34-0.7.9 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.34]: kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.34_0.7-2.10.30 cluster-network-kmp-trace-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-default-2_3.0.34_0.7-0.7.30 gfs2-kmp-trace-2_3.0.34_0.7-0.7.30 ocfs2-kmp-default-1.6_3.0.34_0.7-0.7.30 ocfs2-kmp-trace-1.6_3.0.34_0.7-0.7.30 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-xen-2_3.0.34_0.7-0.7.30 ocfs2-kmp-xen-1.6_3.0.34_0.7-0.7.30 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-ppc64-2_3.0.34_0.7-0.7.30 ocfs2-kmp-ppc64-1.6_3.0.34_0.7-0.7.30 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-pae-2_3.0.34_0.7-0.7.30 ocfs2-kmp-pae-1.6_3.0.34_0.7-0.7.30 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.34]: kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-default-extra-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9 kernel-trace-extra-3.0.34-0.7.9 kernel-xen-3.0.34-0.7.9 kernel-xen-base-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9 kernel-xen-extra-3.0.34-0.7.9 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.34]: kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9 kernel-pae-extra-3.0.34-0.7.9 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.34_0.7-0.14.11 kernel-default-extra-3.0.34-0.7.9 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.34_0.7-0.14.11 kernel-xen-extra-3.0.34-0.7.9 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.34_0.7-0.14.11 kernel-ppc64-extra-3.0.34-0.7.9 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.34_0.7-0.14.11 kernel-pae-extra-3.0.34-0.7.9 References: http://support.novell.com/security/cve/CVE-2012-2119.html http://support.novell.com/security/cve/CVE-2012-2136.html http://support.novell.com/security/cve/CVE-2012-2373.html http://support.novell.com/security/cve/CVE-2012-2375.html http://support.novell.com/security/cve/CVE-2012-2390.html https://bugzilla.novell.com/556135 https://bugzilla.novell.com/735909 https://bugzilla.novell.com/743579 https://bugzilla.novell.com/744404 https://bugzilla.novell.com/747404 https://bugzilla.novell.com/754690 https://bugzilla.novell.com/756050 https://bugzilla.novell.com/757315 https://bugzilla.novell.com/758243 https://bugzilla.novell.com/759336 https://bugzilla.novell.com/759545 https://bugzilla.novell.com/759805 https://bugzilla.novell.com/760237 https://bugzilla.novell.com/760806 https://bugzilla.novell.com/761087 https://bugzilla.novell.com/761245 https://bugzilla.novell.com/762991 https://bugzilla.novell.com/762992 https://bugzilla.novell.com/763267 https://bugzilla.novell.com/763307 https://bugzilla.novell.com/763485 https://bugzilla.novell.com/763717 https://bugzilla.novell.com/764091 https://bugzilla.novell.com/764150 https://bugzilla.novell.com/764209 https://bugzilla.novell.com/764500 https://bugzilla.novell.com/764900 https://bugzilla.novell.com/765102 https://bugzilla.novell.com/765253 https://bugzilla.novell.com/765320 https://bugzilla.novell.com/765524 http://download.novell.com/patch/finder/?keywords=1a7682fe55225a6d2fb7535ed5b3a6f0 http://download.novell.com/patch/finder/?keywords=31fea157a35016e51d4182b32fcb4191 http://download.novell.com/patch/finder/?keywords=4011009aab039f02db913a7bce208f8f http://download.novell.com/patch/finder/?keywords=5a7bc846608efdf1aca0d4f66ea9c9bb http://download.novell.com/patch/finder/?keywords=643ef9cef491ee6820b78654f2716745 http://download.novell.com/patch/finder/?keywords=681e25e2cce92c21c5a62ccbf5cc5678 http://download.novell.com/patch/finder/?keywords=8d123a34ca9f20522bea6195c39428aa http://download.novell.com/patch/finder/?keywords=970acd862c76b234643d06e43d4048ed http://download.novell.com/patch/finder/?keywords=e33c406efece164f0fd3b33e3b387568 http://download.novell.com/patch/finder/?keywords=f2bfce4b05959a193517d5099e8b3451 From sle-updates at lists.suse.com Mon Jun 25 18:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 02:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0790-1: Recommended update for pam Message-ID: <20120626000825.2B05F3283F@maintenance.suse.de> SUSE Recommended Update: Recommended update for pam ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0790-1 Rating: low References: #759130 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a double-free issue in pam_tty_audit that causes, when enabled, the login to crash and no longer work. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-pam-6449 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-pam-6449 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-pam-6449 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-pam-6449 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): pam-devel-1.0.4-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): pam-devel-32bit-1.0.4-0.9.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): pam-1.0.4-0.9.1 pam-doc-1.0.4-0.9.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): pam-32bit-1.0.4-0.9.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): pam-1.0.4-0.9.1 pam-doc-1.0.4-0.9.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): pam-32bit-1.0.4-0.9.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): pam-x86-1.0.4-0.9.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): pam-1.0.4-0.9.1 pam-doc-1.0.4-0.9.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): pam-32bit-1.0.4-0.9.1 References: https://bugzilla.novell.com/759130 http://download.novell.com/patch/finder/?keywords=c5daa7279e9e2d23bf6e7c15cf35bd53 From sle-updates at lists.suse.com Tue Jun 26 07:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 15:08:31 +0200 (CEST) Subject: SUSE-SU-2012:0791-1: Security update for perl-DBD-Pg Message-ID: <20120626130831.9664C32842@maintenance.suse.de> SUSE Security Update: Security update for perl-DBD-Pg ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0791-1 Rating: low References: #751500 Cross-References: CVE-2012-1151 Affected Products: SUSE Studio Standard Edition 1.2 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: perl-DBD-Pg was prone to format string errors which could have crashed applications (CVE-2012-1151). This has been fixed. Security Issue references: * CVE-2012-1151 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-perl-DBD-Pg-6019 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Standard Edition 1.2 (x86_64): perl-DBD-Pg-2.10.3-1.20.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): perl-DBD-Pg-1.43-13.10.1 References: http://support.novell.com/security/cve/CVE-2012-1151.html https://bugzilla.novell.com/751500 http://download.novell.com/patch/finder/?keywords=24930e6a7dc80c0177ce9a6232051c1e http://download.novell.com/patch/finder/?keywords=2d5014b83f526c4ec74e9a1e2eade2e2 From sle-updates at lists.suse.com Tue Jun 26 09:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 17:08:31 +0200 (CEST) Subject: SUSE-SU-2012:0792-1: moderate: Security update for wireshark Message-ID: <20120626150831.BC93332842@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0792-1 Rating: moderate References: #763855 #763857 #763859 Cross-References: CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: This version upgrade of wireshark fixes multiple denial of service flaws: * CVE-2012-2394: denial of service via memory alignment flaw * CVE-2012-2393: DIAMETER memory allocation flaw * CVE-2012-2392: denial of service in multiple dissectors / parsers Additionally, various other non-security bug fixes have been introduced. Security Issue references: * CVE-2012-2392 * CVE-2012-2393 * CVE-2012-2394 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-wireshark-6381 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-wireshark-6381 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-wireshark-6381 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-wireshark-6381 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-wireshark-6381 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-wireshark-6381 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-wireshark-6381 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.13]: wireshark-devel-1.4.13-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.13]: wireshark-devel-1.4.13-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-1.4.13-0.5.1 wireshark-devel-1.4.13-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.4.13]: wireshark-1.4.13-0.2.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): wireshark-1.4.13-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-devel-1.4.13-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-2392.html http://support.novell.com/security/cve/CVE-2012-2393.html http://support.novell.com/security/cve/CVE-2012-2394.html https://bugzilla.novell.com/763855 https://bugzilla.novell.com/763857 https://bugzilla.novell.com/763859 http://download.novell.com/patch/finder/?keywords=5983708b2e2f0e4b7509a75f22ba2a57 http://download.novell.com/patch/finder/?keywords=5fa5091667b27983282e5dac3c593ef4 From sle-updates at lists.suse.com Tue Jun 26 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 18:08:31 +0200 (CEST) Subject: SUSE-SU-2012:0793-1: moderate: Security update for libxml2 Message-ID: <20120626160831.8E8333283B@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0793-1 Rating: moderate References: #764538 Cross-References: CVE-2011-3102 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Specially crafted XML could have caused a denial of service via an out-of-bounds write (application crash) to applications that are linked against libxml2 (CVE-2011-3102). This has been fixed. Security Issue references: * CVE-2011-3102 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libxml2-6365 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libxml2-6365 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libxml2-6365 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libxml2-6365 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libxml2-6365 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libxml2-6365 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libxml2-6365 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.17.1 libxml2-doc-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libxml2-x86-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libxml2-2.7.6-0.17.1 libxml2-doc-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libxml2-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.17.1 libxml2-doc-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libxml2-x86-2.7.6-0.17.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): libxml2-2.6.23-15.31.4 libxml2-devel-2.6.23-15.31.4 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libxml2-32bit-2.6.23-15.31.4 libxml2-devel-32bit-2.6.23-15.31.4 - SUSE Linux Enterprise Server 10 SP4 (ia64): libxml2-x86-2.6.23-15.31.4 - SUSE Linux Enterprise Server 10 SP4 (ppc): libxml2-64bit-2.6.23-15.31.4 libxml2-devel-64bit-2.6.23-15.31.4 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libxml2-2.7.6-0.17.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libxml2-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libxml2-2.7.6-0.17.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libxml2-32bit-2.7.6-0.17.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libxml2-2.6.23-15.31.4 libxml2-devel-2.6.23-15.31.4 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libxml2-32bit-2.6.23-15.31.4 libxml2-devel-32bit-2.6.23-15.31.4 References: http://support.novell.com/security/cve/CVE-2011-3102.html https://bugzilla.novell.com/764538 http://download.novell.com/patch/finder/?keywords=7b174cf04bc60f0775dbbdbb0c987eb1 http://download.novell.com/patch/finder/?keywords=850fa3835152c3c596cbd2ee604d57f6 From sle-updates at lists.suse.com Tue Jun 26 11:08:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 19:08:22 +0200 (CEST) Subject: SUSE-SU-2012:0791-2: Security update for perl-DBD-Pg Message-ID: <20120626170822.6D45632842@maintenance.suse.de> SUSE Security Update: Security update for perl-DBD-Pg ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0791-2 Rating: low References: #751500 Cross-References: CVE-2012-1151 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: perl-DBD-Pg was prone to format string errors which could have crashed applications (CVE-2012-1151). This has been fixed. Security Issue reference: * CVE-2012-1151 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-perl-DBD-Pg-6018 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-perl-DBD-Pg-6018 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): perl-DBD-Pg-2.10.3-1.20.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): perl-DBD-Pg-2.10.3-1.20.1 References: http://support.novell.com/security/cve/CVE-2012-1151.html https://bugzilla.novell.com/751500 http://download.novell.com/patch/finder/?keywords=959e32728c02fbf15529c5272c2e91ef From sle-updates at lists.suse.com Tue Jun 26 12:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 20:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0794-1: Recommended update for kiwi Message-ID: <20120626180828.8FAE732843@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0794-1 Rating: low References: #732247 #736491 #743159 #745548 #747346 #747898 #752259 #752604 #754344 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. It includes one version update. Description: This update for Kiwi provides the following fixes: * make sure kernelCheck() initializes list of kernels if empty (bnc #752259) * fixed entry for hv_netvsc.ko driver * add new kernel module paths for Microsoft HyperV (hv) modules * fixed xen check which makes sure to include the _non_ splash version of the initrd into the image because the xen loader doesn't like the splash info at the end of the cpio archive (bnc #736491) * fixed initrd module list for ec2 format code * netboot: fixed setup of root device for local boot * fixed mkinitrd call in ec2 format code: * don't use -A also make sure the exit code of mkinitrd is evaluated * make sure all required filesystem modules are added to /etc/sysconfig/kernel before calling mkinitrd * because the input stream from XML is utf-8 encoded it's required to set binmode correctly to utf-8 too when writing the data out. This is at least required for the profile file inside the initrd because it contains data from the XML like the oem boot title * follow up and improved fix for basePackBootIncludes to pack only items listed in the rpm package filelist but don't recursively look them up in the filesystem when tar'ing them up (bnc #743159) * added staging/hv drivers to SLE11 boot image descriptions. Beginning with SLE11-SP2 the drivers are part of the standard kernel and thus they should be preserved (bnc #747898) * with reference to (bnc #747898) a new function called suseStripModules() has been added. The function searches for update modules and removes the old version which might be provided by the standard kernel to prevent a load clash * make sure /etc/modprobe.d is preserved (bnc #747898) * added virtio drivers for sle10 boot image descriptions (bnc #747346) * fixed importFile function to export only prefixed version of the variable if there is a prefix and not both (bnc #732247) * fixed import of dhcp info file (bnc #745548) * added rootfs check to ec2 format code * fixed updateOtherDeviceFstab() to correctly create missing mount points inside the root file system (bnc #754344) * fixed creation of sat job list, eliminate duplicate jobs * make sure solver failed packages/patterns are evaluated in info module * make sure solver problems are evaluated in info module * removed obsolete test and import of grub binary from initrd * the extracted binary is not called so this is dirty code Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-kiwi-6123 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-kiwi-6123 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.85.30]: kiwi-4.85.30-0.5.1 kiwi-instsource-4.85.30-0.5.1 kiwi-tools-4.85.30-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 s390x x86_64) [New Version: 4.85.30]: kiwi-desc-oemboot-4.85.30-0.5.1 kiwi-desc-vmxboot-4.85.30-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 4.85.30]: kiwi-desc-isoboot-4.85.30-0.5.1 kiwi-desc-netboot-4.85.30-0.5.1 kiwi-doc-4.85.30-0.5.1 kiwi-pxeboot-4.85.30-0.5.1 - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64) [New Version: 4.85.30]: kiwi-4.85.30-0.5.1 kiwi-desc-isoboot-4.85.30-0.5.1 kiwi-desc-netboot-4.85.30-0.5.1 kiwi-desc-oemboot-4.85.30-0.5.1 kiwi-doc-4.85.30-0.5.1 kiwi-tools-4.85.30-0.5.1 References: https://bugzilla.novell.com/732247 https://bugzilla.novell.com/736491 https://bugzilla.novell.com/743159 https://bugzilla.novell.com/745548 https://bugzilla.novell.com/747346 https://bugzilla.novell.com/747898 https://bugzilla.novell.com/752259 https://bugzilla.novell.com/752604 https://bugzilla.novell.com/754344 http://download.novell.com/patch/finder/?keywords=4677177db89f13c8a2de2768360e931a From sle-updates at lists.suse.com Tue Jun 26 12:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jun 2012 20:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0795-1: moderate: Recommended update for openssl-certs Message-ID: <20120626180830.3379132834@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl-certs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0795-1 Rating: moderate References: #760503 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This updates includes the latest SSL root certificates trusted by Mozilla as of 2012-04-25. * new: EC_ACC.pem * new: Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem * new: Security_Communication_RootCA2.pem * removed: TC_TrustCenter_Germany_Class_2_CA.pem * removed: TC_TrustCenter_Germany_Class_3_CA.pem * removed: Verisign_Class_1_Public_Primary_Certification_Authority.1.pe m * removed: Verisign_Class_2_Public_Primary_Certification_Authority.pem * removed: Verisign_Class_4_Public_Primary_Certification_Authority_G2.p em Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-openssl-certs-6452 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-openssl-certs-6452 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-openssl-certs-6452 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-openssl-certs-6452 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-openssl-certs-6452 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch): openssl-certs-0.9.8h-27.5.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch): openssl-certs-0.9.8h-27.5.1 - SUSE Linux Enterprise Server 11 SP1 (noarch): openssl-certs-0.9.8h-27.5.1 - SUSE Linux Enterprise Server 10 SP4 (noarch): openssl-certs-0.8.0-0.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): openssl-certs-0.9.8h-27.5.1 - SUSE Linux Enterprise Desktop 11 SP1 (noarch): openssl-certs-0.9.8h-27.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch): openssl-certs-0.8.0-0.12.1 References: https://bugzilla.novell.com/760503 http://download.novell.com/patch/finder/?keywords=3b77f4c6988a05fe253577052d681893 http://download.novell.com/patch/finder/?keywords=66346e3f28b7ea6b3f20e027604928f9 From sle-updates at lists.suse.com Tue Jun 26 17:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jun 2012 01:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0796-1: important: Recommended update for sysvinit Message-ID: <20120626230831.B861032834@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysvinit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0796-1 Rating: important References: #730193 #762489 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes a buffer overflow when parsing /proc/self/mountinfo, which could have caused checkproc/killproc/startproc to be aborted by fortify checks unconditionally (bnc#762489). In addition, a deadlock condition in blogd on shutdown has been fixed (bnc#730193) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sysvinit-6480 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sysvinit-6480 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sysvinit-6480 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sysvinit-2.86-213.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sysvinit-2.86-213.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sysvinit-2.86-213.1 References: https://bugzilla.novell.com/730193 https://bugzilla.novell.com/762489 http://download.novell.com/patch/finder/?keywords=0bb07f77e3f96d95d352f34139a477c9 From sle-updates at lists.suse.com Wed Jun 27 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jun 2012 18:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0797-1: moderate: Recommended update for yast2-storage Message-ID: <20120627160831.29E5632843@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-storage ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0797-1 Rating: moderate References: #751780 #758639 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to yast2-storage fixes an issue in YaST's partitioning module that allowed users to select unavailable mount-by methods (bnc#758639). In addition, MD RAIDs are no longer deactivated during installation (bnc#751780). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-yast2-storage-6267 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-yast2-storage-6267 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-yast2-storage-6267 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-yast2-storage-6267 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.99.4]: yast2-storage-devel-2.17.99.4-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.17.99.4]: yast2-storage-2.17.99.4-0.3.1 yast2-storage-lib-2.17.99.4-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.99.4]: yast2-storage-2.17.99.4-0.3.1 yast2-storage-lib-2.17.99.4-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.17.99.4]: yast2-storage-2.17.99.4-0.3.1 yast2-storage-lib-2.17.99.4-0.3.1 References: https://bugzilla.novell.com/751780 https://bugzilla.novell.com/758639 http://download.novell.com/patch/finder/?keywords=971aa6c24b03a050a07161d282ec5ab6 From sle-updates at lists.suse.com Wed Jun 27 12:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jun 2012 20:08:23 +0200 (CEST) Subject: SUSE-SU-2012:0741-5: important: Security update for bind Message-ID: <20120627180823.D9ED032845@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0741-5 Rating: important References: #765315 Cross-References: CVE-2012-1667 Affected Products: SUSE Linux Enterprise Server 10 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following issue has been fixed: * Records with zero length rdata field could have crashed named or disclose portions of memory to clients (CVE-2012-1667). Security Issue reference: * CVE-2012-1667 Package List: - SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64): bind-9.3.4-1.31.31.1 bind-chrootenv-9.3.4-1.31.31.1 bind-devel-9.3.4-1.31.31.1 bind-doc-9.3.4-1.31.31.1 bind-libs-9.3.4-1.31.31.1 bind-utils-9.3.4-1.31.31.1 - SUSE Linux Enterprise Server 10 SP2 (s390x x86_64): bind-libs-32bit-9.3.4-1.31.31.1 References: http://support.novell.com/security/cve/CVE-2012-1667.html https://bugzilla.novell.com/765315 http://download.novell.com/patch/finder/?keywords=aba1373453815722878a790dee66f659 From sle-updates at lists.suse.com Wed Jun 27 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jun 2012 23:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0798-1: moderate: Recommended update for freeradius Message-ID: <20120627210828.5039332845@maintenance.suse.de> SUSE Recommended Update: Recommended update for freeradius ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0798-1 Rating: moderate References: #677335 #691783 #752873 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to freeradius-server resolves the following issues: * Updating from SLES 11 to SLES 11 SP1 might overwrite some configuration files in the "sites-available" directory (bnc#691783). * Fixed log rotation warnings because of non-root log directories (bnc#677335). * Fixed symbol resolution for optional modules (bnc#752873). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-freeradius-server-6359 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-freeradius-server-6359 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-freeradius-server-6359 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-freeradius-server-6359 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-freeradius-server-6359 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): freeradius-server-devel-2.1.1-7.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): freeradius-server-libs-2.1.1-7.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): freeradius-server-devel-2.1.1-7.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): freeradius-server-libs-2.1.1-7.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): freeradius-server-2.1.1-7.12.1 freeradius-server-dialupadmin-2.1.1-7.12.1 freeradius-server-doc-2.1.1-7.12.1 freeradius-server-libs-2.1.1-7.12.1 freeradius-server-utils-2.1.1-7.12.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): freeradius-server-2.1.1-7.12.1 freeradius-server-dialupadmin-2.1.1-7.12.1 freeradius-server-doc-2.1.1-7.12.1 freeradius-server-libs-2.1.1-7.12.1 freeradius-server-utils-2.1.1-7.12.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): freeradius-server-2.1.1-7.12.1 freeradius-server-dialupadmin-2.1.1-7.12.1 freeradius-server-doc-2.1.1-7.12.1 freeradius-server-libs-2.1.1-7.12.1 freeradius-server-utils-2.1.1-7.12.1 References: https://bugzilla.novell.com/677335 https://bugzilla.novell.com/691783 https://bugzilla.novell.com/752873 http://download.novell.com/patch/finder/?keywords=377fe5bbe9aad90c016eb0b7d2ce0af5 From sle-updates at lists.suse.com Thu Jun 28 09:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jun 2012 17:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0800-1: Recommended update for ReaR Message-ID: <20120628150833.993D732845@maintenance.suse.de> SUSE Recommended Update: Recommended update for ReaR ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0800-1 Rating: low References: #722228 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Remove quiet boot option for the boot in the ReaR recovery system. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-rear-5955 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (noarch): rear-1.10.0-1.9.1 References: https://bugzilla.novell.com/722228 http://download.novell.com/patch/finder/?keywords=bcb33777a8cac08a292e80bb2722b045 From sle-updates at lists.suse.com Thu Jun 28 11:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jun 2012 19:08:25 +0200 (CEST) Subject: SUSE-OU-2012:0801-1: Optional update for rubygem-rdoc Message-ID: <20120628170826.15A3C32845@maintenance.suse.de> SUSE Optional Update: Optional update for rubygem-rdoc ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:0801-1 Rating: low References: #754609 Affected Products: WebYaST 1.2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides rubygem-rdoc as an optional dependency in order to generate documentation. Indications: Every interested user can install it. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-rdoc-6203 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64): rubygem-rdoc-2.5.11-0.5.3 References: https://bugzilla.novell.com/754609 http://download.novell.com/patch/finder/?keywords=ea422ef1927515a372787a412125e18e From sle-updates at lists.suse.com Thu Jun 28 11:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jun 2012 19:08:27 +0200 (CEST) Subject: SUSE-RU-2012:0802-1: moderate: Recommended update for yast2-storage Message-ID: <20120628170827.AE8D432275@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-storage ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0802-1 Rating: moderate References: #758639 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to yast2-storage fixes an issue in YaST's partitioning module that allowed users to select unavailable mount-by methods. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.111]: yast2-storage-2.13.111-0.6.1 yast2-storage-devel-2.13.111-0.6.1 yast2-storage-evms-2.13.111-0.6.1 yast2-storage-lib-2.13.111-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2.13.111]: yast2-storage-2.13.111-0.6.1 yast2-storage-lib-2.13.111-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.111]: yast2-storage-devel-2.13.111-0.6.1 yast2-storage-evms-2.13.111-0.6.1 References: https://bugzilla.novell.com/758639 http://download.novell.com/patch/finder/?keywords=18691b6aa40afae8605d72f4cdadd906 From sle-updates at lists.suse.com Thu Jun 28 14:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jun 2012 22:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0803-1: Recommended update for atftp Message-ID: <20120628200825.8DBC232845@maintenance.suse.de> SUSE Recommended Update: Recommended update for atftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0803-1 Rating: low References: #599856 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to atftp resolves the following issue: * When receiving data, a race condition where two server threads pick up a single client may occur and result in an overwrite of the transferred file. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-atftp-6387 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-atftp-6387 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-atftp-6387 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): atftp-0.7.0-135.10.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): atftp-0.7.0-135.10.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): atftp-0.7.0-135.10.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): atftp-0.7.0-1.24.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): atftp-0.7.0-1.24.1 References: https://bugzilla.novell.com/599856 http://download.novell.com/patch/finder/?keywords=5a7b02316877fec4b02acfaf39f6ffaa http://download.novell.com/patch/finder/?keywords=d3bb8663441540925e916087a225954b From sle-updates at lists.suse.com Fri Jun 29 17:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 30 Jun 2012 01:08:32 +0200 (CEST) Subject: SUSE-OU-2012:0805-1: Optional update for ocfs2-tools Message-ID: <20120629230832.3027F32843@maintenance.suse.de> SUSE Optional Update: Optional update for ocfs2-tools ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:0805-1 Rating: low References: #736844 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds a dlm_locks command to debugfs.ocfs2. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): ocfs2-tools-1.4.0-0.11.1 ocfs2-tools-devel-1.4.0-0.11.1 ocfs2console-1.4.0-0.11.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): ocfs2-tools-1.4.0-0.11.1 ocfs2-tools-devel-1.4.0-0.11.1 ocfs2console-1.4.0-0.11.1 References: https://bugzilla.novell.com/736844 http://download.novell.com/patch/finder/?keywords=909ddfe1278161c997562270e9dbc583