From sle-updates at lists.suse.com Thu Nov 1 11:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 1 Nov 2012 18:08:31 +0100 (CET) Subject: SUSE-OU-2012:1429-1: Optional update for cachefilesd Message-ID: <20121101170831.79F0732286@maintenance.suse.de> SUSE Optional Update: Optional update for cachefilesd ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1429-1 Rating: low References: #782369 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides cachefilesd, which is a user-space management daemon for CacheFiles, a generic caching framework for mounted filesystems. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cachefilesd-6952 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cachefilesd-6952 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): cachefilesd-0.10.5-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): cachefilesd-0.10.5-0.5.1 References: https://bugzilla.novell.com/782369 http://download.novell.com/patch/finder/?keywords=f43e9815da042465d1b322a8ef9aa70e From sle-updates at lists.suse.com Fri Nov 2 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 2 Nov 2012 17:08:33 +0100 (CET) Subject: SUSE-RU-2012:1430-1: Recommended update for yast2 Message-ID: <20121102160833.A671632286@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1430-1 Rating: low References: #651893 #765235 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for yast2 provides the following fixes: * Update Deleted and OriginalDevices in NetworkInterfaces::Write. * added missing dependency on bind-utils. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-6972 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-6972 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-6972 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-6972 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.120]: yast2-devel-doc-2.17.120-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.120]: yast2-2.17.120-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.120]: yast2-2.17.120-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.120]: yast2-2.17.120-0.5.1 References: https://bugzilla.novell.com/651893 https://bugzilla.novell.com/765235 http://download.novell.com/patch/finder/?keywords=348bf6128e71937628461e42d3b03ccd From sle-updates at lists.suse.com Fri Nov 2 11:45:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 2 Nov 2012 18:45:27 +0100 (CET) Subject: SUSE-RU-2012:1431-1: moderate: Recommended update for ocfs2-tools Message-ID: <20121102174527.CAEF73228F@maintenance.suse.de> SUSE Recommended Update: Recommended update for ocfs2-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1431-1 Rating: moderate References: #781122 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ocfs2-tools fixes an issue where the file system checker runs in an infinite loop in case the chain data structure on disk loops. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-ocfs2-tools-6942 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): ocfs2-tools-1.6.4-0.11.1 ocfs2-tools-devel-1.6.4-0.11.1 ocfs2-tools-o2cb-1.6.4-0.11.1 ocfs2console-1.6.4-0.11.1 References: https://bugzilla.novell.com/781122 http://download.novell.com/patch/finder/?keywords=e12c6b4835a513a9e94c770b36970b10 From sle-updates at lists.suse.com Fri Nov 2 11:45:44 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 2 Nov 2012 18:45:44 +0100 (CET) Subject: SUSE-RU-2012:1432-1: Recommended update for yast2-network Message-ID: <20121102174544.294AB3228F@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1432-1 Rating: low References: #749800 #777472 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for YaST's Network Configuration module (yast2-network) resolves the following issues: * Do not overwrite default gateway after closing the NIC edit dialog using the Back button (bnc#777472) * Remove additional addresses from the correct ifcfg (bnc#749800). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.144]: yast2-network-2.13.144-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2.13.144]: yast2-network-2.13.144-0.7.1 References: https://bugzilla.novell.com/749800 https://bugzilla.novell.com/777472 http://download.novell.com/patch/finder/?keywords=fc1913423c60e8e43397fd93b929722e From sle-updates at lists.suse.com Fri Nov 2 11:45:59 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 2 Nov 2012 18:45:59 +0100 (CET) Subject: SUSE-RU-2012:1433-1: Recommended update for yast2-network Message-ID: <20121102174559.AF3D13228E@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1433-1 Rating: low References: #778665 #781330 #782283 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This collective update for YaST's network configuration module (yast2-network) provides the following fixes: * Allow auto-enabling of all interfaces only during installation (bnc#782283) * Let curl follow redirects when downloading release notes package (bnc#781330) * When changing the system's host name, update Postfix configuration too (bnc#778665). Additionally, improvements and fixes to bonding and bridging support were implemented in YaPI, the API used by WebYaST (FATE#313209): * Write: default BOOTPROTO to 'static', allow omitting IPADDR * Allow manipulating STARTMODE, don't assume 'auto' * Handle ETHERDEVICE and VLAN_ID * Make MTU configurable using YaPI * YaPI (re)Read: Don't append a slash to ipaddr like '1.2.3.4/8/'. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-network-6995 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-network-6995 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-network-6995 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-network-6995 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.178]: yast2-network-devel-doc-2.17.178-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.178]: yast2-network-2.17.178-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.178]: yast2-network-2.17.178-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.178]: yast2-network-2.17.178-0.5.1 References: https://bugzilla.novell.com/778665 https://bugzilla.novell.com/781330 https://bugzilla.novell.com/782283 http://download.novell.com/patch/finder/?keywords=44196dc9985b8a38abdc1ee0e0ebed79 From sle-updates at lists.suse.com Fri Nov 2 11:46:16 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 2 Nov 2012 18:46:16 +0100 (CET) Subject: SUSE-RU-2012:1434-1: moderate: Recommended update for PAM Message-ID: <20121102174616.EF2573228E@maintenance.suse.de> SUSE Recommended Update: Recommended update for PAM ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1434-1 Rating: moderate References: #774667 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This patch contains a rewrite of the field parser in pam_group and pam_time to fix a segmentation fault on large /etc/security/group.conf. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): pam-0.99.6.3-28.29.1 pam-devel-0.99.6.3-28.29.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): pam-32bit-0.99.6.3-28.29.1 pam-devel-32bit-0.99.6.3-28.29.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): pam-x86-0.99.6.3-28.29.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): pam-64bit-0.99.6.3-28.29.1 pam-devel-64bit-0.99.6.3-28.29.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): pam-0.99.6.3-28.29.1 pam-devel-0.99.6.3-28.29.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): pam-32bit-0.99.6.3-28.29.1 References: https://bugzilla.novell.com/774667 http://download.novell.com/patch/finder/?keywords=82bc75676215ef5483a90aea8046fc55 From sle-updates at lists.suse.com Fri Nov 2 17:33:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 3 Nov 2012 00:33:32 +0100 (CET) Subject: SUSE-RU-2012:1435-1: Recommended update for yast2-registration Message-ID: <20121102233332.2BEF432285@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-registration ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1435-1 Rating: low References: #718334 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes a yast2-registration issue that occurred when the registration was called in an SSH session. The registration browser to enter additional registration information did not appear. Fix for bugs: (bnc#718334) (bnc#179614) Indications: During YaST2 registration called via SSH the registration browser does not appear. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-registration-6823 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-registration-6823 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-registration-6823 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 References: https://bugzilla.novell.com/718334 http://download.novell.com/patch/finder/?keywords=78e7b186c456dc84742806a4144821c6 From sle-updates at lists.suse.com Fri Nov 2 18:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 3 Nov 2012 01:08:42 +0100 (CET) Subject: SUSE-RU-2012:1436-1: Recommended update for yast2-registration Message-ID: <20121103000842.2ED5E32283@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-registration ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1436-1 Rating: low References: #718334 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes a yast2-registration issue that occurred when the registration was called in an SSH session. The registration browser to enter additional registration information did not appear. Fix for bugs: (bnc#718334) (bnc#179614) Indications: During YaST2 registration called via SSH the registration browser does not appear. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-registration-6823 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-registration-6823 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-registration-6823 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.35.4]: yast2-registration-2.17.35.4-0.5.1 yast2-registration-branding-SLE-2.17.35.4-0.5.1 References: https://bugzilla.novell.com/718334 http://download.novell.com/patch/finder/?keywords=78e7b186c456dc84742806a4144821c6 From sle-updates at lists.suse.com Mon Nov 5 11:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 5 Nov 2012 19:08:34 +0100 (CET) Subject: SUSE-SU-2012:1390-3: important: Security update for bind Message-ID: <20121105180834.66AA232287@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1390-3 Rating: important References: #784602 Cross-References: CVE-2012-5166 Affected Products: SUSE CORE 9 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Specially crafted RDATA could have caused the bind nameserver to lockup (CVE-2012-5166). This was a different flaw than CVE-2012-4244. Security Issue reference: * CVE-2012-5166 Package List: - SUSE CORE 9 (i586 s390 s390x x86_64): bind-9.3.4-4.18 bind-devel-9.3.4-4.18 bind-utils-9.3.4-4.18 - SUSE CORE 9 (x86_64): bind-utils-32bit-9-201210261342 - SUSE CORE 9 (s390x): bind-utils-32bit-9-201210261352 References: http://support.novell.com/security/cve/CVE-2012-5166.html https://bugzilla.novell.com/784602 http://download.novell.com/patch/finder/?keywords=cc769094d1b8a281e47121ac083eae2b From sle-updates at lists.suse.com Mon Nov 5 15:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 5 Nov 2012 23:08:25 +0100 (CET) Subject: SUSE-RU-2012:1444-1: Recommended update for openLDAP Message-ID: <20121105220826.0189332287@maintenance.suse.de> SUSE Recommended Update: Recommended update for openLDAP ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1444-1 Rating: low References: #752927 #760820 #764533 #768671 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This collective update to OpenLDAP server, libraries and tools resolves the following issues: * Fix crash in slapd when using CSN in sync cookie (supplied via -c command line switch) * Fix crash in ldapmodify/ldapadd when the LDIF contains LDAP controls * Do not modify /etc/openldap/ldap.conf when updating from SLES10 * LDAP client uses 100% CPU when DNS Round Robin is configured for LDAP servers. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-compat-libldap-2_3-0-6868 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-compat-libldap-2_3-0-6868 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-compat-libldap-2_3-0-6868 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-compat-libldap-2_3-0-6868 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): openldap2-devel-2.4.26-0.16.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): openldap2-devel-32bit-2.4.26-0.16.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): openldap2-2.4.26-0.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): compat-libldap-2_3-0-2.3.37-2.16.1 libldap-2_4-2-2.4.26-0.16.1 openldap2-2.4.26-0.16.1 openldap2-back-meta-2.4.26-0.16.1 openldap2-client-2.4.26-0.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libldap-2_4-2-32bit-2.4.26-0.16.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): compat-libldap-2_3-0-2.3.37-2.16.1 libldap-2_4-2-2.4.26-0.16.1 openldap2-2.4.26-0.16.1 openldap2-back-meta-2.4.26-0.16.1 openldap2-client-2.4.26-0.16.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libldap-2_4-2-32bit-2.4.26-0.16.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libldap-2_4-2-x86-2.4.26-0.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libldap-2_4-2-2.4.26-0.16.1 openldap2-client-2.4.26-0.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libldap-2_4-2-32bit-2.4.26-0.16.1 References: https://bugzilla.novell.com/752927 https://bugzilla.novell.com/760820 https://bugzilla.novell.com/764533 https://bugzilla.novell.com/768671 http://download.novell.com/patch/finder/?keywords=9e258b73715e5998f8d4639be6be6ca2 From sle-updates at lists.suse.com Mon Nov 5 16:09:06 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 6 Nov 2012 00:09:06 +0100 (CET) Subject: SUSE-YU-2012:1445-1: YOU update for software update stack Message-ID: <20121105230906.3E06532289@maintenance.suse.de> SUSE YOU Update: YOU update for software update stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2012:1445-1 Rating: low References: #665327 #745404 #769819 #773641 #782539 #782736 #783539 #784900 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 8 YOU fixes can now be installed. It includes four new package versions. Description: This update for the software update stack 2012/10 provides the following fixes: libzypp: * Fix handling of cross-device links (bnc#782736) * Relax evaluation of patch category tags (case insensitive) * Filter zero sized devices in disk usage counter (bnc#769819) * Fix possibly reporting timeout as "aborted by user" (bnc#665327) * Allow libcurl to take proxy from environment if proxy is not configured or disallowed (bnc#745404) * For installed products also filelists when trying to find the buddy (bnc#784900). zypper: * Properly encode data in XML output (bnc#773641) * Add patch/list-patches option --category to man page (bnc#783539). libsatsolver: * Fix susetags parser to not ignore the filelist of the last solvable (bnc#782539). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-softwaremgmt-201210-6967 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-softwaremgmt-201210-6967 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-softwaremgmt-201210-6967 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-softwaremgmt-201210-6967 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.6,0.44.5 and 9.12.8]: libsatsolver-devel-0.17.6-0.5.1 libzypp-devel-9.12.8-0.5.1 ruby-satsolver-0.44.5-0.5.54 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.17.6,0.44.5,1.6.167 and 9.12.8]: libzypp-9.12.8-0.5.1 perl-satsolver-0.44.5-0.5.54 python-satsolver-0.44.5-0.5.54 satsolver-tools-0.17.6-0.5.1 zypper-1.6.167-0.7.2 zypper-log-1.6.167-0.7.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.6,0.44.5,1.6.167 and 9.12.8]: libzypp-9.12.8-0.5.1 perl-satsolver-0.44.5-0.5.54 python-satsolver-0.44.5-0.5.54 satsolver-tools-0.17.6-0.5.1 zypper-1.6.167-0.7.2 zypper-log-1.6.167-0.7.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.17.6,0.44.5,1.6.167 and 9.12.8]: libzypp-9.12.8-0.5.1 perl-satsolver-0.44.5-0.5.54 python-satsolver-0.44.5-0.5.54 satsolver-tools-0.17.6-0.5.1 zypper-1.6.167-0.7.2 zypper-log-1.6.167-0.7.2 References: https://bugzilla.novell.com/665327 https://bugzilla.novell.com/745404 https://bugzilla.novell.com/769819 https://bugzilla.novell.com/773641 https://bugzilla.novell.com/782539 https://bugzilla.novell.com/782736 https://bugzilla.novell.com/783539 https://bugzilla.novell.com/784900 http://download.novell.com/patch/finder/?keywords=7b68808d0407da8011b66d941e202b53 From sle-updates at lists.suse.com Tue Nov 6 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 6 Nov 2012 19:08:35 +0100 (CET) Subject: SUSE-RU-2012:1446-1: moderate: Recommended update for python-novaclient Message-ID: <20121106180835.2925032289@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-novaclient ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1446-1 Rating: moderate References: #777867 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update changes python-novaclient to encode user data to UTF-8 when creating a server. This fixes an issue in horizon when an instance was started with non-ascii characters in user data (bnc#777867). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-python-novaclient-7021 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): python-novaclient-2012.1+git.1345053935.bab694e-0.10.1 References: https://bugzilla.novell.com/777867 http://download.novell.com/patch/finder/?keywords=180b41895cecf270baa3f89868e39752 From sle-updates at lists.suse.com Tue Nov 6 11:08:55 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 6 Nov 2012 19:08:55 +0100 (CET) Subject: SUSE-RU-2012:1447-1: Recommended update for novell-qtgui Message-ID: <20121106180855.4611C32287@maintenance.suse.de> SUSE Recommended Update: Recommended update for novell-qtgui ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1447-1 Rating: low References: #762520 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds a detailed error message in case the login attempt times out (bnc#762520). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-novell-qtgui-6882 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): novell-qtgui-3.0.0-0.18.1 novell-qtgui-cli-3.0.0-0.18.1 References: https://bugzilla.novell.com/762520 http://download.novell.com/patch/finder/?keywords=6503220d53ce3d46b39a33b4f1280def From sle-updates at lists.suse.com Tue Nov 6 11:09:12 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 6 Nov 2012 19:09:12 +0100 (CET) Subject: SUSE-RU-2012:1448-1: moderate: Recommended update for supportutils-plugin-susecloud Message-ID: <20121106180912.1BADD32289@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils-plugin-susecloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1448-1 Rating: moderate References: #784738 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the supportutils plugin for SUSE Cloud adds support for capturing the following files * /opt/dell/chef/data_bags/crowbar/bc-template-*.json (bnc#784738) * /var/chef/cache/chef-stacktrace.out Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-supportutils-plugin-susecloud-7022 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch): supportutils-plugin-susecloud-1.0-0.11.1 References: https://bugzilla.novell.com/784738 http://download.novell.com/patch/finder/?keywords=eda3f4fbcdcd276254db7f0e13a7fb80 From sle-updates at lists.suse.com Wed Nov 7 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 7 Nov 2012 18:08:33 +0100 (CET) Subject: SUSE-RU-2012:1449-1: important: Recommended update for sysstat, sysstat-isag Message-ID: <20121107170833.98BF232289@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysstat, sysstat-isag ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1449-1 Rating: important References: #757993 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to sysstat resolves a problem that prevented the system activity data collector (sadc) from starting up at boot time. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): sysstat-8.0.4-1.18.1 sysstat-isag-8.0.4-1.18.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): sysstat-8.0.4-1.18.1 sysstat-isag-8.0.4-1.18.1 References: https://bugzilla.novell.com/757993 http://download.novell.com/patch/finder/?keywords=5cb504cc4771b6e1a4c46d2bca35ca6e From sle-updates at lists.suse.com Wed Nov 7 14:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 7 Nov 2012 22:08:27 +0100 (CET) Subject: SUSE-RU-2012:1450-1: Recommended update for xorg-x11-server-rdp Message-ID: <20121107210827.38D863228A@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-server-rdp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1450-1 Rating: low References: #770683 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for X.Org's RDP server (xorg-x11-server-rdp) resolves a problem in the idletime counter that could cause excessive wake-ups, using a lot of CPU time. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xorg-x11-server-rdp-6988 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xorg-x11-server-rdp-6988 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xorg-x11-server-rdp-6988 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xorg-x11-server-rdp-7.3.99-3.20.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): xorg-x11-server-rdp-7.3.99-3.20.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xorg-x11-server-rdp-7.3.99-3.20.1 References: https://bugzilla.novell.com/770683 http://download.novell.com/patch/finder/?keywords=6b101f7ae7eb9103834dac49c2e1185e From sle-updates at lists.suse.com Wed Nov 7 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 7 Nov 2012 23:08:27 +0100 (CET) Subject: SUSE-RU-2012:1451-1: moderate: Recommended update for SUSE_SLES_SAP-release Message-ID: <20121107220827.A2F4B32289@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE_SLES_SAP-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1451-1 Rating: moderate References: #781801 #786485 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes an error in the product metadata for SUSE Linux Enterprise Server for SAP 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-SUSE_SLES_SAP-release-7011 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (x86_64): SUSE_SLES_SAP-release-11.2-2.8.1 References: https://bugzilla.novell.com/781801 https://bugzilla.novell.com/786485 http://download.novell.com/patch/finder/?keywords=f7e4d3ff4856df68cf02f2054cddcc39 From sle-updates at lists.suse.com Wed Nov 7 15:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 7 Nov 2012 23:08:42 +0100 (CET) Subject: SUSE-RU-2012:1452-1: Recommended update for SUSE Linux Enterprise High Availability Extension 11 SP2 documentation Message-ID: <20121107220842.6DAD932289@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Linux Enterprise High Availability Extension 11 SP2 documentation ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1452-1 Rating: low References: #782209 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the SUSE Linux Enterprise High Availability Extension 11 SP2 documentation. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-sle-ha-guide_en-pdf-6894 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (noarch) [New Version: 11.2]: sle-ha-guide_en-pdf-11.2-0.7.1 sle-ha-manuals_en-11.2-0.7.1 sle-ha-nfs-quick_en-pdf-11.2-0.7.1 References: https://bugzilla.novell.com/782209 http://download.novell.com/patch/finder/?keywords=e5a6652999e3d4453e6cb82bf7dcba09 From sle-updates at lists.suse.com Wed Nov 7 15:08:57 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 7 Nov 2012 23:08:57 +0100 (CET) Subject: SUSE-RU-2012:1453-1: moderate: Recommended update for SUSE-Linux-Enterprise-RT-release Message-ID: <20121107220857.DE25C32289@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE-Linux-Enterprise-RT-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1453-1 Rating: moderate References: #781801 Affected Products: Subscription Management Tool 11 SP2 SUSE Linux Enterprise Real Time 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an error in the product metadata for SUSE Linux Enterprise Real Time 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-sle-smt-release-6889 - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-SUSE-Linux-Enterprise-RT-release-6878 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-sle-pos-release-6879 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-suse-cloud-release-6880 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): sle-smt-release-11.2-1.4 - SUSE Linux Enterprise Real Time 11 SP2 (x86_64): SUSE-Linux-Enterprise-RT-release-11.2-1.4 - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64): sle-pos-release-11.2-1.4 - SUSE Cloud 1.0 (x86_64): suse-cloud-release-1.0-1.4 References: https://bugzilla.novell.com/781801 http://download.novell.com/patch/finder/?keywords=666e372fa77471a896c3057de63d2f7a http://download.novell.com/patch/finder/?keywords=bd91bd8492890ded114fb9429958777e http://download.novell.com/patch/finder/?keywords=e2e544aa132e6dd7ce10b80a37c21ff2 http://download.novell.com/patch/finder/?keywords=e8948f44e366cc4cc26df4fa900d02ad From sle-updates at lists.suse.com Thu Nov 8 09:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 8 Nov 2012 17:08:31 +0100 (CET) Subject: SUSE-RU-2012:1454-1: Recommended update for syslinux Message-ID: <20121108160831.78CA53228A@maintenance.suse.de> SUSE Recommended Update: Recommended update for syslinux ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1454-1 Rating: low References: #691211 #762048 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update for syslinux provides fixes for the following issues: * 762048: syslinux may fail under high load in a virtual machine * 691211: PXE timeout value is not always used correctly Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-syslinux-6963 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-syslinux-6963 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-syslinux-6963 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): syslinux-3.82-8.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): syslinux-3.82-8.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): syslinux-3.82-8.7.1 References: https://bugzilla.novell.com/691211 https://bugzilla.novell.com/762048 http://download.novell.com/patch/finder/?keywords=2054a76bea739c102d401ec5c69674a6 From sle-updates at lists.suse.com Thu Nov 8 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 8 Nov 2012 18:08:31 +0100 (CET) Subject: SUSE-SU-2012:1455-1: important: Security update for openstack-glance Message-ID: <20121108170831.91ABE3229F@maintenance.suse.de> SUSE Security Update: Security update for openstack-glance ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1455-1 Rating: important References: #787814 Cross-References: CVE-2012-4573 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: OpenStack glance had a bug where image deletion was allowed for all logged in users (CVE-2012-4573). This has been fixed. Security Issue reference: * CVE-2012-4573 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-glance-7033 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-glance-2012.1+git.1344578005.120fcf4-0.7.1 python-glance-2012.1+git.1344578005.120fcf4-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-4573.html https://bugzilla.novell.com/787814 http://download.novell.com/patch/finder/?keywords=702ffac90e6c557e86e585da921b9b98 From sle-updates at lists.suse.com Thu Nov 8 10:08:47 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 8 Nov 2012 18:08:47 +0100 (CET) Subject: SUSE-RU-2012:1456-1: Recommended update for vsftpd Message-ID: <20121108170847.154B9322A2@maintenance.suse.de> SUSE Recommended Update: Recommended update for vsftpd ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1456-1 Rating: low References: #762381 #767364 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for vsftpd provides the following fixes: * 767364: Fix SSL session context handling causing SSL data connections to fail * 762381: Fix vsftpd childs terminating under high load Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-vsftpd-6966 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-vsftpd-6966 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): vsftpd-2.0.7-4.25.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): vsftpd-2.0.7-4.25.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): vsftpd-2.0.4-19.18.222.24.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): vsftpd-2.0.4-19.18.222.24.1 References: https://bugzilla.novell.com/762381 https://bugzilla.novell.com/767364 http://download.novell.com/patch/finder/?keywords=5698d83e8b0510424aa19c03c7722548 http://download.novell.com/patch/finder/?keywords=dfd0abe45177d4f0dee003dca75845aa From sle-updates at lists.suse.com Thu Nov 8 14:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 8 Nov 2012 22:08:27 +0100 (CET) Subject: SUSE-RU-2012:1410-2: moderate: Recommended update for perl-Bootloader Message-ID: <20121108210827.3E4CC322A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-Bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1410-2 Rating: moderate References: #775183 #776915 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for perl-Bootloader resolves the following issues: * When using CCISS or similar RAID controller updating may break the bootloader configuration by changing (hd0, 0) to (hd0) in menu.lst (bnc#776915) * Bootloader configuration with serial lines may put 'serial' and 'terminal' entries into menu.lst in the wrong order (bnc#775183). As this update fixes a severe regression over the last update for regular SLES 11 SP1 customers, SUSE is also providing this update for non Long Term Service Pack Support subscribers. Please read the TID 7010670 for more information. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-perl-Bootloader-6960 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-perl-Bootloader-6983 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 0.4.89.44]: perl-Bootloader-0.4.89.44-0.4.2.1 - SUSE Linux Enterprise Server 11 SP1 (i586 s390x x86_64) [New Version: 0.4.89.44]: perl-Bootloader-0.4.89.44-0.4.2.1 References: https://bugzilla.novell.com/775183 https://bugzilla.novell.com/776915 http://download.novell.com/patch/finder/?keywords=1255681411f9e42a473036fd1af14025 http://download.novell.com/patch/finder/?keywords=5efc4502c9a7c92d36e235a068b1d832 From sle-updates at lists.suse.com Fri Nov 9 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 9 Nov 2012 22:08:28 +0100 (CET) Subject: SUSE-RU-2012:1457-1: Recommended update for scim Message-ID: <20121109210828.5F2B532336@maintenance.suse.de> SUSE Recommended Update: Recommended update for scim ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1457-1 Rating: low References: #783190 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes focus issues in SCIM, especially when using Java applications (bnc#783190). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-scim-6947 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-scim-6947 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-scim-6947 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-scim-6947 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): scim-devel-1.4.7-166.36.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): scim-32bit-1.4.7-166.36.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): scim-1.4.7-166.36.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): scim-32bit-1.4.7-166.36.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): scim-1.4.7-166.36.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): scim-32bit-1.4.7-166.36.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): scim-x86-1.4.7-166.36.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): scim-1.4.7-166.36.1 References: https://bugzilla.novell.com/783190 http://download.novell.com/patch/finder/?keywords=bb546cb8c0ce73e423cec07d4d4f59c5 From sle-updates at lists.suse.com Fri Nov 9 14:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 9 Nov 2012 22:08:42 +0100 (CET) Subject: SUSE-RU-2012:1458-1: Recommended update for Hyper-V drivers Message-ID: <20121109210842.F19E232337@maintenance.suse.de> SUSE Recommended Update: Recommended update for Hyper-V drivers ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1458-1 Rating: low References: #770763 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to Hyper-V tools removes restart_on_update from the package's post uninstall script. The daemon can not be restarted at this point, and the new daemon may not be completely compatible with the current running kernel. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-hyper-v-6841 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): hyper-v-3-0.7.1 References: https://bugzilla.novell.com/770763 http://download.novell.com/patch/finder/?keywords=08b1dba73003fbd211398d4b40e99b39 From sle-updates at lists.suse.com Fri Nov 9 18:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 10 Nov 2012 02:08:33 +0100 (CET) Subject: SUSE-FU-2012:1459-1: Feature update for kdump and crash Message-ID: <20121110010833.DA0A1322A3@maintenance.suse.de> SUSE Feature Update: Feature update for kdump and crash ______________________________________________________________________________ Announcement ID: SUSE-FU-2012:1459-1 Rating: low References: #761624 #765379 #784913 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three feature fixes can now be installed. It includes two new package versions. Description: This update provides support for LZO compressed kdump files. In addition, crash has been updated to 6.0.7 which includes the following enhancements: * Enhanced the search command to allow the searched-for value to be entered as a crash (expression) or a kernel symbol name * Added a new "search -t" option that will restrict the search to the kernel stack pages of all tasks. * Fix for the s390x "bt -[tT]" options when run on an active task on a live system * Fix for s390x "vm -p" option, which may show invalid user to physical address translation data if a page is not mapped. * Added new "vm -[xd]" options to be used in conjunction with "vm -[mv]", which override the current default output format with hexadecimal or decimal format for just the command instance. * Fix for the s390x "vm -p" command and "vtop -u " commands to properly translate pages that are swapped out into their swap file and offset. Without the patch, the swap file and offset would not be displayed. * Add support to for reading dumpfiles compressed by LZO using makedumpfile version 1.4.4 or later. * Added a new "printm" command to the embedded gdb module * Added a new "runq -t" option that displays the timestamp information Added a new "runq -t" option that displays the timestamp information of each cpu's runqueue, which consists of either the rq.clock, the rq.most_recent_timestamp or rq.timestamp_last_tick value, whichever applies. Following each cpu timestamp is the last_run or timestamp value of the active task on that cpu, whichever applies, along with the task identification. Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-kdump-lzo-support-7006 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kdump-lzo-support-7006 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kdump-lzo-support-7006 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kdump-lzo-support-7006 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 6.0.7]: crash-devel-6.0.7-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.4.4 and 6.0.7]: crash-6.0.7-0.5.1 makedumpfile-1.4.4-0.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.4.4 and 6.0.7]: crash-6.0.7-0.5.1 crash-sial-6.0.7-0.5.1 kdump-0.7.8-1.33.40.3 makedumpfile-1.4.4-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.4 and 6.0.7]: crash-6.0.7-0.5.1 crash-sial-6.0.7-0.5.1 makedumpfile-1.4.4-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): kdump-0.7.8-1.33.40.3 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.4]: kdump-0.7.8-1.33.40.3 makedumpfile-1.4.4-0.7.1 References: https://bugzilla.novell.com/761624 https://bugzilla.novell.com/765379 https://bugzilla.novell.com/784913 http://download.novell.com/patch/finder/?keywords=83f0e8afdc8e7c22b219e72021cf26d2 From sle-updates at lists.suse.com Mon Nov 12 12:08:52 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 12 Nov 2012 20:08:52 +0100 (CET) Subject: SUSE-SU-2012:1472-1: Security update for sap_suse_cluster_connector Message-ID: <20121112190853.AE35C32336@maintenance.suse.de> SUSE Security Update: Security update for sap_suse_cluster_connector ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1472-1 Rating: low References: #763793 #777453 #778273 #778293 Cross-References: CVE-2012-0426 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: A tmp race condition was fixed in sap_suse_cluster_connector. CVE-2012-0426 was assigned to this issue. Additionally some minor non-security fixes are included. Security Issue reference: * CVE-2012-0426 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-sap_suse_cluster_connector-6918 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (noarch): sap_suse_cluster_connector-1.0.0-0.8.1 References: http://support.novell.com/security/cve/CVE-2012-0426.html https://bugzilla.novell.com/763793 https://bugzilla.novell.com/777453 https://bugzilla.novell.com/778273 https://bugzilla.novell.com/778293 http://download.novell.com/patch/finder/?keywords=67f8397652f3d8ee3df37f91ef07cc58 From sle-updates at lists.suse.com Mon Nov 12 16:09:08 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 13 Nov 2012 00:09:08 +0100 (CET) Subject: SUSE-RU-2012:1473-1: Recommended update for tomcat5 Message-ID: <20121112230908.6628832336@maintenance.suse.de> SUSE Recommended Update: Recommended update for tomcat5 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1473-1 Rating: low References: #677335 #781589 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Tomcat5 fixes the logrotate configuration to avoid error messages regarding insecure permissions. Package List: - SUSE Linux Enterprise Server 10 SP4 (noarch): tomcat5-5.5.27-0.20.1 tomcat5-admin-webapps-5.5.27-0.20.1 tomcat5-webapps-5.5.27-0.20.1 - SLE SDK 10 SP4 (noarch): tomcat5-5.5.27-0.20.1 tomcat5-admin-webapps-5.5.27-0.20.1 tomcat5-webapps-5.5.27-0.20.1 References: https://bugzilla.novell.com/677335 https://bugzilla.novell.com/781589 http://download.novell.com/patch/finder/?keywords=86516bd3ce4ac1b04974997845c03c85 From sle-updates at lists.suse.com Tue Nov 13 13:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 13 Nov 2012 21:08:27 +0100 (CET) Subject: SUSE-RU-2012:1474-1: Recommended update for lxc Message-ID: <20121113200827.BC0B3322A3@maintenance.suse.de> SUSE Recommended Update: Recommended update for lxc ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1474-1 Rating: low References: #776169 #786970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update to Linux Containers (lxc) includes the following improvements and fixes: * Add Requires(post) dependency on aaa_base (bnc#786970) * Add dhcpcd to default installation in SLES template (bnc#776169) * Modify MAC address when cloning a container * When destroying a running container, wait until it is stopped before destroying it * Update lxc-sles template: o Change back default network configuration STARTMODE from "manual" to "auto" o When creating a container with 0.0.0.0 as IPv4 address, auto-configure container to use DHCP (bnc#776169). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-lxc-7012 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lxc-7012 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lxc-7012 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): lxc-devel-0.7.5-1.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): lxc-0.7.5-1.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): lxc-0.7.5-1.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): lxc-0.7.5-1.27.1 References: https://bugzilla.novell.com/776169 https://bugzilla.novell.com/786970 http://download.novell.com/patch/finder/?keywords=05b414579ceaff956846c6f99e013638 From sle-updates at lists.suse.com Tue Nov 13 14:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 13 Nov 2012 22:08:30 +0100 (CET) Subject: SUSE-RU-2012:1436-2: Recommended update for yast2-registration Message-ID: <20121113210831.52765322A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-registration ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1436-2 Rating: low References: #718334 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes a yast2-registration issue that occurred when the registration was called in an SSH session. The registration browser to enter additional registration information did not appear. Fix for bugs: bnc#718334 and bnc#179614. Package List: - SUSE Linux Enterprise Server 10 SP4 (noarch) [New Version: 2.13.24.1]: yast2-registration-2.13.24.1-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 2.13.24.1]: yast2-registration-2.13.24.1-0.5.1 References: https://bugzilla.novell.com/718334 http://download.novell.com/patch/finder/?keywords=47224626b5b6d1858a21256a2eb59ad5 From sle-updates at lists.suse.com Tue Nov 13 14:08:46 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 13 Nov 2012 22:08:46 +0100 (CET) Subject: SUSE-SU-2012:1475-1: moderate: Security update for IBM Java 1.4.2 Message-ID: <20121113210846.1406F3233A@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.4.2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1475-1 Rating: moderate References: #666744 #778943 Cross-References: CVE-2012-1713 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 SUSE Linux Enterprise for SAP Applications 11 SP1 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: IBM Java 1.4.2 has been updated to SR13-FP13 that fixes bugs and security issues. Please see for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Additionally one bug has been fixed: * fix bnc#771808: create symlink /usr/bin/javaws properly Security Issue references: * CVE-2012-1717 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-java-1_4_2-ibm-sap-6998 - SUSE Linux Enterprise for SAP Applications 11 SP1: zypper in -t patch slesapp1-java-1_4_2-ibm-sap-6997 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_4_2-ibm-sap-6998 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (x86_64): java-1_4_2-ibm-sap-1.4.2_sr13.13-0.3.1 java-1_4_2-ibm-sap-devel-1.4.2_sr13.13-0.3.1 - SUSE Linux Enterprise for SAP Applications 11 SP1 (x86_64): java-1_4_2-ibm-sap-1.4.2_sr13.13-0.3.1 java-1_4_2-ibm-sap-devel-1.4.2_sr13.13-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (x86_64): java-1_4_2-ibm-sap-1.4.2_sr13.13-0.3.1 java-1_4_2-ibm-sap-devel-1.4.2_sr13.13-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html https://bugzilla.novell.com/666744 https://bugzilla.novell.com/778943 http://download.novell.com/patch/finder/?keywords=362e4a8f1f21644a7d9eb0b72f2da0c9 http://download.novell.com/patch/finder/?keywords=fa385924d3e201f9e1a8265800eb93bd From sle-updates at lists.suse.com Tue Nov 13 21:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 14 Nov 2012 05:08:32 +0100 (CET) Subject: SUSE-RU-2012:1476-1: Recommended update for SUSE Manager 1.7 Message-ID: <20121114040832.C61903233A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1476-1 Rating: low References: #776356 #776374 #776377 #776527 #783667 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes 11 new package versions. Description: This update fixes the following issues: * precompile python code to prevent verification issues * fix symlink handling in rhncfg * fix rhnmd init script * separate proxy auth error hostname into separate header * multi-tiered proxies don't update auth tokens correctly * fix getOSVersionAndRelease for multiple products * keep permissions and owner of systemid file * update documentation * cleanup jabberd db and use insserv to switch to current default runlevel * enable proxy services only in runlevel 3 and 5 * fixing the rpm license header according to upstream * Set owner/group of config-defaults dir consistently (bnc#776377) * Fixing the License rpm header to match the COPYING information How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: mgr-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: mgr-proxy start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-suse-manager-proxy-201209-6943 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.2 and 1.7.38.19]: spacewalk-backend-1.7.38.19-0.5.3 spacewalk-backend-libs-1.7.38.19-0.5.3 suseRegisterInfo-1.7.2-0.5.1 - SUSE Manager Proxy 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.0.4,1.7.1.4,1.7.12.7,1.7.14.11,1.7.28.12,1.7.6.7,5.10.27.7,5.10.41.5 and 5.3.10.4]: osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.4 rhncfg-actions-5.10.27.7-0.5.4 rhncfg-client-5.10.27.7-0.5.4 rhncfg-management-5.10.27.7-0.5.4 rhnmd-5.3.10.4-0.5.1 spacewalk-base-minimal-1.7.28.12-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-proxy-broker-1.7.12.7-0.5.3 spacewalk-proxy-common-1.7.12.7-0.5.3 spacewalk-proxy-docs-1.7.0.4-0.5.3 spacewalk-proxy-installer-1.7.6.7-0.5.5 spacewalk-proxy-management-1.7.12.7-0.5.3 spacewalk-proxy-package-manager-1.7.12.7-0.5.3 spacewalk-proxy-redirect-1.7.12.7-0.5.3 spacewalk-remote-utils-1.7.1.4-0.5.4 References: https://bugzilla.novell.com/776356 https://bugzilla.novell.com/776374 https://bugzilla.novell.com/776377 https://bugzilla.novell.com/776527 https://bugzilla.novell.com/783667 http://download.novell.com/patch/finder/?keywords=a106219115cfd254fba784919bd5cb25 From sle-updates at lists.suse.com Tue Nov 13 21:08:47 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 14 Nov 2012 05:08:47 +0100 (CET) Subject: SUSE-RU-2012:1477-1: Recommended update for SUSE Manager Client Tools Message-ID: <20121114040847.EA92A3233A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1477-1 Rating: low References: #776356 #776377 #776527 #783667 #783671 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update fixes the following issues: * install grubby-compat to /sbin * precompile python code to prevent verification issues * fix symlink handling in rhncfg * fix rhnmd init script * do not change channels during upgrade_version * fix getOSVersionAndRelease for multiple products * keep permissions and owner of systemid file * fixing the rpm license header according to upstream * precompile python code to prevent verification issues (bnc#776356) Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-client-tools-201209-2-6954 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): koan-2.2.2-0.25.1 spacewalk-backend-libs-1.7.38.19-0.5.5 suseRegisterInfo-1.7.2-0.5.1 - SUSE Manager Client Tools for SLE 11 SP2 (noarch): osad-5.10.41.6-0.5.1 rhncfg-5.10.27.8-0.5.1 rhncfg-actions-5.10.27.8-0.5.1 rhncfg-client-5.10.27.8-0.5.1 rhncfg-management-5.10.27.8-0.5.1 rhnmd-5.3.10.4-0.5.2 spacewalk-check-1.7.14.12-0.5.1 spacewalk-client-setup-1.7.14.12-0.5.1 spacewalk-client-tools-1.7.14.12-0.5.1 spacewalk-koan-1.7.1.4-0.5.5 spacewalk-remote-utils-1.7.1.4-0.5.6 - SLE CLIENT TOOLS 10 for x86_64 (x86_64): koan-2.2.2-0.17.1 spacewalk-backend-libs-1.7.38.19-0.5.1 suseRegisterInfo-1.7.2-0.5.1 - SLE CLIENT TOOLS 10 for x86_64 (noarch): osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.1 rhncfg-actions-5.10.27.7-0.5.1 rhncfg-client-5.10.27.7-0.5.1 rhncfg-management-5.10.27.7-0.5.1 rhnmd-5.3.10.4-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-koan-1.7.1.4-0.5.1 spacewalk-remote-utils-1.7.1.4-0.5.2 - SLE CLIENT TOOLS 10 for s390x (noarch): osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.1 rhncfg-actions-5.10.27.7-0.5.1 rhncfg-client-5.10.27.7-0.5.1 rhncfg-management-5.10.27.7-0.5.1 rhnmd-5.3.10.4-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-koan-1.7.1.4-0.5.1 spacewalk-remote-utils-1.7.1.4-0.5.2 - SLE CLIENT TOOLS 10 for s390x (s390x): koan-2.2.2-0.17.1 spacewalk-backend-libs-1.7.38.19-0.5.1 suseRegisterInfo-1.7.2-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.1 rhncfg-actions-5.10.27.7-0.5.1 rhncfg-client-5.10.27.7-0.5.1 rhncfg-management-5.10.27.7-0.5.1 rhnmd-5.3.10.4-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-koan-1.7.1.4-0.5.1 spacewalk-remote-utils-1.7.1.4-0.5.2 - SLE CLIENT TOOLS 10 for ia64 (ia64): koan-2.2.2-0.17.1 spacewalk-backend-libs-1.7.38.19-0.5.1 suseRegisterInfo-1.7.2-0.5.1 - SLE CLIENT TOOLS 10 for PPC (noarch): osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.1 rhncfg-actions-5.10.27.7-0.5.1 rhncfg-client-5.10.27.7-0.5.1 rhncfg-management-5.10.27.7-0.5.1 rhnmd-5.3.10.4-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-koan-1.7.1.4-0.5.1 spacewalk-remote-utils-1.7.1.4-0.5.2 - SLE CLIENT TOOLS 10 for PPC (ppc): koan-2.2.2-0.17.1 spacewalk-backend-libs-1.7.38.19-0.5.1 suseRegisterInfo-1.7.2-0.5.1 - SLE CLIENT TOOLS 10 (noarch): osad-5.10.41.5-0.5.1 rhncfg-5.10.27.7-0.5.1 rhncfg-actions-5.10.27.7-0.5.1 rhncfg-client-5.10.27.7-0.5.1 rhncfg-management-5.10.27.7-0.5.1 rhnmd-5.3.10.4-0.5.1 spacewalk-check-1.7.14.11-0.5.1 spacewalk-client-setup-1.7.14.11-0.5.1 spacewalk-client-tools-1.7.14.11-0.5.1 spacewalk-koan-1.7.1.4-0.5.1 spacewalk-remote-utils-1.7.1.4-0.5.2 - SLE CLIENT TOOLS 10 (i586): koan-2.2.2-0.17.1 spacewalk-backend-libs-1.7.38.19-0.5.1 suseRegisterInfo-1.7.2-0.5.1 References: https://bugzilla.novell.com/776356 https://bugzilla.novell.com/776377 https://bugzilla.novell.com/776527 https://bugzilla.novell.com/783667 https://bugzilla.novell.com/783671 http://download.novell.com/patch/finder/?keywords=adb60138a1773867bed43663fbfc7582 http://download.novell.com/patch/finder/?keywords=e5abbfe79aaa7609e50c6158ff1a027a From sle-updates at lists.suse.com Tue Nov 13 21:09:03 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 14 Nov 2012 05:09:03 +0100 (CET) Subject: SUSE-RU-2012:1478-1: Recommended update for smdba Message-ID: <20121114040903.143223233A@maintenance.suse.de> SUSE Recommended Update: Recommended update for smdba ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1478-1 Rating: low References: #756824 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update add the following feature: * hot backup for oracle DB support now disaster recovery The commandline options changed! Please read the man page and have a look at http://wiki.novell.com/index.php/SUSE_Manager/RDBMS#Mounting _and_Backups In case you use a oracle DB you cannot specify the backup directory anymore. Please mount your backup storage to /opt/apps/oracle/flash_recovery_area/ by keeping the directories which already exists in this directory. You need to create a new backup first, after installing this update. This update fixes the following issues: * fix space-overview header Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-smdba-6970 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.2]: smdba-1.2-0.5.1 References: https://bugzilla.novell.com/756824 http://download.novell.com/patch/finder/?keywords=09a4fc2a815838115b19f4d4dbf08bf2 From sle-updates at lists.suse.com Tue Nov 13 23:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 14 Nov 2012 07:08:23 +0100 (CET) Subject: SUSE-RU-2012:1479-1: Recommended update for cobbler Message-ID: <20121114060823.75DD83233A@maintenance.suse.de> SUSE Recommended Update: Recommended update for cobbler ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1479-1 Rating: low References: #753584 #753806 #760924 #775591 #776321 #776356 #776374 #776377 #776571 #776596 #776615 #777462 #780913 #783667 #783671 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 15 recommended fixes can now be installed. It includes 16 new package versions. Description: This update adds the following feature: * Read system proxy values during setup and use them as default in SUSE Manager This update fixes the following issues: * Set owner/group of config-defaults dir consistently * Set owner/group of tomcat dir consistently * recompile python files * remove directories from filelist which are owned by spacewalk-java * add LTSS channels for SLES10 SP3 and SLES11 SP1 * add channels for product SLES for SAP SP2 * prevent outputting escape sequences to non-terminals * do not quote argument of the help command * load suse_products in the server object if not available * reposync: do not use a proxy to access localhost * separate proxy auth error hostname into separate header * multi-tiered proxies don't update auth tokens correctly * Cleaned up the doc pages navigation buttons * fixed white background on Notes and Alerts in docs. * fix getOSVersionAndRelease for multiple products * keep permissions and owner of systemid file * use elaborator for foreign_packages_get_noncompliant_systems * fix reboot needed on postgresql by using allServerKeywordSinceReboot view * Do not show asterisk on software channels page * Fix NPE during proxy activation in case proxyChannel is a base channel * Unsubscribe channels only if we are configured to automatically re-subscribe * Validate proxy format on general config page * make IE use IE7 compatability mode for pages with editarea * fix icons on SSM provisioning page and system list page * validate virt guest parameters also for API input * Hide the checkbox 'Disconnected SUSE Manager' * Fix missing CVEs in patches listing with Oracle 11 * disable the update button if the text area is empty * fix schema upgrade script with comments after semicolon * fix schema upgrade unique constraint violation * honor hostname overwrites in /etc/hosts * restart spacewalk services after final DB changes How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade. The schema update will take a long time, depending on the number of synced RPMs and CPU power of the machine used. Please DO NOT abort the schema migration! 5. Start the Spacewalk service: spacewalk-service start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-suse-manager-201210-6953 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.1.4,1.7.19,1.7.2,1.7.38.19 and 1.7.7.8]: cobbler-2.2.2-0.25.2 release-notes-susemanager-1.7.0-0.11.12 spacecmd-1.7.7.8-0.5.2 spacewalk-backend-1.7.38.19-0.5.31 spacewalk-backend-app-1.7.38.19-0.5.31 spacewalk-backend-applet-1.7.38.19-0.5.31 spacewalk-backend-config-files-1.7.38.19-0.5.31 spacewalk-backend-config-files-common-1.7.38.19-0.5.31 spacewalk-backend-config-files-tool-1.7.38.19-0.5.31 spacewalk-backend-iss-1.7.38.19-0.5.31 spacewalk-backend-iss-export-1.7.38.19-0.5.31 spacewalk-backend-libs-1.7.38.19-0.5.31 spacewalk-backend-package-push-server-1.7.38.19-0.5.31 spacewalk-backend-server-1.7.38.19-0.5.31 spacewalk-backend-sql-1.7.38.19-0.5.31 spacewalk-backend-sql-oracle-1.7.38.19-0.5.31 spacewalk-backend-sql-postgresql-1.7.38.19-0.5.31 spacewalk-backend-tools-1.7.38.19-0.5.31 spacewalk-backend-xml-export-libs-1.7.38.19-0.5.31 spacewalk-backend-xmlrpc-1.7.38.19-0.5.31 spacewalk-backend-xp-1.7.38.19-0.5.31 spacewalk-branding-1.7.1.4-0.5.8 suseRegisterInfo-1.7.2-0.5.2 susemanager-1.7.19-0.5.26 susemanager-tools-1.7.19-0.5.26 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.0.3,1.7.14.12,1.7.15.8,1.7.2.3,1.7.28.12,1.7.3.8,1.7.5,1.7.54.20,1.7.56.15,1.7.9.10 and 5.10.41.6]: osa-dispatcher-5.10.41.6-0.5.7 sm-ncc-sync-data-1.7.5-0.5.2 spacewalk-base-1.7.28.12-0.5.2 spacewalk-base-minimal-1.7.28.12-0.5.2 spacewalk-client-tools-1.7.14.12-0.5.2 spacewalk-config-1.7.2.3-0.5.7 spacewalk-doc-indexes-1.7.0.3-0.5.11 spacewalk-grail-1.7.28.12-0.5.2 spacewalk-html-1.7.28.12-0.5.2 spacewalk-java-1.7.54.20-0.5.7 spacewalk-java-config-1.7.54.20-0.5.7 spacewalk-java-lib-1.7.54.20-0.5.7 spacewalk-java-oracle-1.7.54.20-0.5.7 spacewalk-java-postgresql-1.7.54.20-0.5.7 spacewalk-pxt-1.7.28.12-0.5.2 spacewalk-search-1.7.3.8-0.5.7 spacewalk-setup-1.7.9.10-0.5.2 spacewalk-sniglets-1.7.28.12-0.5.2 spacewalk-taskomatic-1.7.54.20-0.5.7 spacewalk-utils-1.7.15.8-0.5.22 susemanager-client-config_en-pdf-1.7-0.11.12 susemanager-install_en-pdf-1.7-0.11.12 susemanager-jsp_en-1.7-0.11.12 susemanager-manuals_en-1.7-0.11.12 susemanager-proxy-quick_en-pdf-1.7-0.11.12 susemanager-quick_en-pdf-1.7-0.11.12 susemanager-reference_en-pdf-1.7-0.11.12 susemanager-schema-1.7.56.15-0.5.2 References: https://bugzilla.novell.com/753584 https://bugzilla.novell.com/753806 https://bugzilla.novell.com/760924 https://bugzilla.novell.com/775591 https://bugzilla.novell.com/776321 https://bugzilla.novell.com/776356 https://bugzilla.novell.com/776374 https://bugzilla.novell.com/776377 https://bugzilla.novell.com/776571 https://bugzilla.novell.com/776596 https://bugzilla.novell.com/776615 https://bugzilla.novell.com/777462 https://bugzilla.novell.com/780913 https://bugzilla.novell.com/783667 https://bugzilla.novell.com/783671 http://download.novell.com/patch/finder/?keywords=91386a72d3d48022842648061eba9db7 From sle-updates at lists.suse.com Wed Nov 14 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 14 Nov 2012 23:08:27 +0100 (CET) Subject: SUSE-RU-2012:1482-1: Recommended update for multipath-tools Message-ID: <20121114220827.07F0832339@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1482-1 Rating: low References: #656036 #719838 #749577 #749584 #773407 #775623 #787217 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This collective update to multipath-tools include the following fixes: * Set geometry information for multipath maps, preventing a floating point exception when installing the Grub boot loader (bnc#749577) * Initialize pointer passed to get_cmdvec, fixing a segmentation fault when invalid commands were entered in the interactive mode (bnc#773407) * Fix exit status for -h and -t options in multipath command (bnc#775623) * Add new SAN arrays from Intel and DataCore to hardware table (bnc#749584) * Rework sysfs device handling, fixing recovery problems with iSCSI paths (bnc#719838) * Remove caching of sysfs devices (bnc#656036) * Fix segmentation fault in multipath -t (bnc#787217). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): multipath-tools-0.4.7-34.70.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): multipath-tools-0.4.7-34.70.1 References: https://bugzilla.novell.com/656036 https://bugzilla.novell.com/719838 https://bugzilla.novell.com/749577 https://bugzilla.novell.com/749584 https://bugzilla.novell.com/773407 https://bugzilla.novell.com/775623 https://bugzilla.novell.com/787217 http://download.novell.com/patch/finder/?keywords=a80b822e1c9fbdcdf6ca2a0021b12e83 From sle-updates at lists.suse.com Thu Nov 15 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 15 Nov 2012 18:08:33 +0100 (CET) Subject: SUSE-RU-2012:1483-1: moderate: Recommended update for quota Message-ID: <20121115170833.9D7DD32341@maintenance.suse.de> SUSE Recommended Update: Recommended update for quota ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1483-1 Rating: moderate References: #783171 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes repquota and warnquota are not properly working for XFS filesystems (bnc#783171). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-quota-6981 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-quota-6981 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-quota-6981 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): quota-3.16-50.41.1 quota-nfs-3.16-50.41.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): quota-3.16-50.41.1 quota-nfs-3.16-50.41.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): quota-3.16-50.41.1 References: https://bugzilla.novell.com/783171 http://download.novell.com/patch/finder/?keywords=8e80bae2ec190b34bf91afc13b83d763 From sle-updates at lists.suse.com Thu Nov 15 11:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 15 Nov 2012 19:08:39 +0100 (CET) Subject: SUSE-RU-2012:1484-1: Recommended update for Midnight Commander Message-ID: <20121115180839.307813233B@maintenance.suse.de> SUSE Recommended Update: Recommended update for Midnight Commander ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1484-1 Rating: low References: #782792 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Midnight Commander (mc) resolves a problem that could make mc erroneously modify the destination file name when moving a file or directory. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mc-7034 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mc-7034 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mc-7034 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): mc-4.6.2.pre1-121.33.1 mc-lang-4.6.2.pre1-121.33.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): mc-4.6.2.pre1-121.33.1 mc-lang-4.6.2.pre1-121.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): mc-4.6.2.pre1-121.33.1 mc-lang-4.6.2.pre1-121.33.1 References: https://bugzilla.novell.com/782792 http://download.novell.com/patch/finder/?keywords=a8e58aedc7ba4be665c4457c2841c501 From sle-updates at lists.suse.com Thu Nov 15 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 15 Nov 2012 23:08:27 +0100 (CET) Subject: SUSE-SU-2012:1485-1: important: Security update for flash-player Message-ID: <20121115220827.F11883233E@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1485-1 Rating: important References: #788450 Cross-References: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. It includes one version update. Description: This update of flash-player fixes multiple (unspecified) buffer overflows, memory corruptions and other security-related issues. Security Issue references: * CVE-2012-5274 * CVE-2012-5275 * CVE-2012-5276 * CVE-2012-5277 * CVE-2012-5278 * CVE-2012-5279 * CVE-2012-5280 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-7038 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.251]: flash-player-11.2.202.251-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.251]: flash-player-11.2.202.251-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-5274.html http://support.novell.com/security/cve/CVE-2012-5275.html http://support.novell.com/security/cve/CVE-2012-5276.html http://support.novell.com/security/cve/CVE-2012-5277.html http://support.novell.com/security/cve/CVE-2012-5278.html http://support.novell.com/security/cve/CVE-2012-5279.html http://support.novell.com/security/cve/CVE-2012-5280.html https://bugzilla.novell.com/788450 http://download.novell.com/patch/finder/?keywords=2704cd8e916c14e8d622e540925ea064 http://download.novell.com/patch/finder/?keywords=8a2ea2251ceaffe0fb0d2fb2849a774e From sle-updates at lists.suse.com Thu Nov 15 16:09:06 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 16 Nov 2012 00:09:06 +0100 (CET) Subject: SUSE-SU-2012:1486-1: important: Security update for Xen Message-ID: <20121115230906.4437B32340@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1486-1 Rating: important References: #777890 #778105 #779212 #784087 #786516 #786517 #786518 #786519 #786520 #787163 Cross-References: CVE-2012-3497 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has two fixes is now available. Description: XEN was updated to fix various bugs and security issues: The following security issues have been fixed: * CVE-2012-4544: xen: Domain builder Out-of-memory due to malicious kernel/ramdisk (XSA 25) * CVE-2012-4411: XEN / qemu: guest administrator can access qemu monitor console (XSA-19) * CVE-2012-4535: xen: Timer overflow DoS vulnerability (XSA 20) * CVE-2012-4536: xen: pirq range check DoS vulnerability (XSA 21) * CVE-2012-4537: xen: Memory mapping failure DoS vulnerability (XSA 22) * CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability (XSA 23) * CVE-2012-4539: xen: Grant table hypercall infinite loop DoS vulnerability (XSA 24) * CVE-2012-3497: xen: multiple TMEM hypercall vulnerabilities (XSA-15) Also the following bugs have been fixed and upstream patches have been applied: * bnc#784087 - L3: Xen BUG at io_apic.c:129 26102-x86-IOAPIC-legacy-not-first.patch * Upstream patches merged: 26054-x86-AMD-perf-ctr-init.patch 26055-x86-oprof-hvm-mode.patch 26056-page-alloc-flush-filter.patch 26061-x86-oprof-counter-range.patch 26062-ACPI-ERST-move-data.patch 26063-x86-HPET-affinity-lock.patch 26093-HVM-PoD-grant-mem-type.patch 25931-x86-domctl-iomem-mapping-checks.patch 25952-x86-MMIO-remap-permissions.patch 25808-domain_create-return-value.patch 25814-x86_64-set-debugreg-guest.patch 25815-x86-PoD-no-bug-in-non-translated.patch 25816-x86-hvm-map-pirq-range-check.patch 25833-32on64-bogus-pt_base-adjust.patch 25834-x86-S3-MSI-resume.patch 25835-adjust-rcu-lock-domain.patch 25836-VT-d-S3-MSI-resume.patch 25850-tmem-xsa-15-1.patch 25851-tmem-xsa-15-2.patch 25852-tmem-xsa-15-3.patch 25853-tmem-xsa-15-4.patch 25854-tmem-xsa-15-5.patch 25855-tmem-xsa-15-6.patch 25856-tmem-xsa-15-7.patch 25857-tmem-xsa-15-8.patch 25858-tmem-xsa-15-9.patch 25859-tmem-missing-break.patch 25860-tmem-cleanup.patch 25883-pt-MSI-cleanup.patch 25927-x86-domctl-ioport-mapping-range.patch 25929-tmem-restore-pool-version.patch * bnc#778105 - first XEN-PV VM fails to spawn xend: Increase wait time for disk to appear in host bootloader Modified existing xen-domUloader.diff 25752-ACPI-pm-op-valid-cpu.patch 25754-x86-PoD-early-access.patch 25755-x86-PoD-types.patch 25756-x86-MMIO-max-mapped-pfn.patch Security Issue references: * CVE-2012-4539 * CVE-2012-3497 * CVE-2012-4411 * CVE-2012-4535 * CVE-2012-4537 * CVE-2012-4536 * CVE-2012-4538 * CVE-2012-4539 * CVE-2012-4544 Indications: Everyone using XEN should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xen-201211-7018 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xen-201211-7018 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xen-201211-7018 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xen-201211-7018 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): xen-devel-4.1.3_04-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xen-kmp-trace-4.1.3_04_3.0.42_0.7-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): xen-kmp-default-4.1.3_04_3.0.42_0.7-0.5.1 xen-kmp-trace-4.1.3_04_3.0.42_0.7-0.5.1 xen-libs-4.1.3_04-0.5.1 xen-tools-domU-4.1.3_04-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): xen-4.1.3_04-0.5.1 xen-doc-html-4.1.3_04-0.5.1 xen-doc-pdf-4.1.3_04-0.5.1 xen-libs-32bit-4.1.3_04-0.5.1 xen-tools-4.1.3_04-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586): xen-kmp-pae-4.1.3_04_3.0.42_0.7-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xen-kmp-default-4.1.3_04_3.0.42_0.7-0.5.1 xen-kmp-trace-4.1.3_04_3.0.42_0.7-0.5.1 xen-libs-4.1.3_04-0.5.1 xen-tools-domU-4.1.3_04-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): xen-4.1.3_04-0.5.1 xen-doc-html-4.1.3_04-0.5.1 xen-doc-pdf-4.1.3_04-0.5.1 xen-libs-32bit-4.1.3_04-0.5.1 xen-tools-4.1.3_04-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586): xen-kmp-pae-4.1.3_04_3.0.42_0.7-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3497.html http://support.novell.com/security/cve/CVE-2012-4411.html http://support.novell.com/security/cve/CVE-2012-4535.html http://support.novell.com/security/cve/CVE-2012-4536.html http://support.novell.com/security/cve/CVE-2012-4537.html http://support.novell.com/security/cve/CVE-2012-4538.html http://support.novell.com/security/cve/CVE-2012-4539.html http://support.novell.com/security/cve/CVE-2012-4544.html https://bugzilla.novell.com/777890 https://bugzilla.novell.com/778105 https://bugzilla.novell.com/779212 https://bugzilla.novell.com/784087 https://bugzilla.novell.com/786516 https://bugzilla.novell.com/786517 https://bugzilla.novell.com/786518 https://bugzilla.novell.com/786519 https://bugzilla.novell.com/786520 https://bugzilla.novell.com/787163 http://download.novell.com/patch/finder/?keywords=8f87058beb7d6e2bf1940373a4fb3ae2 From sle-updates at lists.suse.com Fri Nov 16 09:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 16 Nov 2012 17:08:29 +0100 (CET) Subject: SUSE-SU-2012:1487-1: important: Security update for Xen Message-ID: <20121116160829.F2FF132340@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1487-1 Rating: important References: #651093 #713555 #784087 #786516 #786517 Cross-References: CVE-2012-3497 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: XEN received various security and bugfixes: * CVE-2012-4535: xen: Timer overflow DoS vulnerability (XSA-20) * CVE-2012-4537: xen: Memory mapping failure DoS vulnerability (XSA-22) The following additional bugs have beenfixed: * bnc#784087 - L3: Xen BUG at io_apic.c:129 26102-x86-IOAPIC-legacy-not-first.patch * Upstream patches from Jan 25927-x86-domctl-ioport-mapping-range.patch 25931-x86-domctl-iomem-mapping-checks.patch 26061-x86-oprof-counter-range.patch 25431-x86-EDD-MBR-sig-check.patch 25480-x86_64-sysret-canonical.patch 25481-x86_64-AMD-erratum-121.patch 25485-x86_64-canonical-checks.patch 25587-param-parse-limit.patch 25589-pygrub-size-limits.patch 25744-hypercall-return-long.patch 25765-x86_64-allow-unsafe-adjust.patch 25773-x86-honor-no-real-mode.patch 25786-x86-prefer-multiboot-meminfo-over-e801.patch 25808-domain_create-return-value.patch 25814-x86_64-set-debugreg-guest.patch 24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch 25200-x86_64-trap-bounce-flags.patch 25271-x86_64-IST-index.patch * bnc#651093 - win2k8 guests are unable to restore after saving the vms state ept-novell-x64.patch 23800-x86_64-guest-addr-range.patch 24168-x86-vioapic-clear-remote_irr.patch 24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch * bnc#713555 - Unable to install RHEL 6.1 x86 as a paravirtualized guest OS on SLES 10 SP4 x86 vm-install-0.2.19.tar.bz2 Security Issue references: * CVE-2012-4539 * CVE-2012-3497 * CVE-2012-4411 * CVE-2012-4535 * CVE-2012-4537 * CVE-2012-4536 * CVE-2012-4538 * CVE-2012-4539 * CVE-2012-4544 Package List: - SUSE Linux Enterprise Server 10 SP4 (x86_64): xen-3.2.3_17040_42-0.7.2 xen-devel-3.2.3_17040_42-0.7.2 xen-doc-html-3.2.3_17040_42-0.7.2 xen-doc-pdf-3.2.3_17040_42-0.7.2 xen-doc-ps-3.2.3_17040_42-0.7.2 xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-libs-3.2.3_17040_42-0.7.2 xen-libs-32bit-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.2 xen-tools-domU-3.2.3_17040_42-0.7.2 xen-tools-ioemu-3.2.3_17040_42-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (i586): xen-3.2.3_17040_42-0.7.1 xen-devel-3.2.3_17040_42-0.7.1 xen-doc-html-3.2.3_17040_42-0.7.1 xen-doc-pdf-3.2.3_17040_42-0.7.1 xen-doc-ps-3.2.3_17040_42-0.7.1 xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-kdumppae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-vmi-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-vmipae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-libs-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.1 xen-tools-domU-3.2.3_17040_42-0.7.1 xen-tools-ioemu-3.2.3_17040_42-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): xen-3.2.3_17040_42-0.7.2 xen-devel-3.2.3_17040_42-0.7.2 xen-doc-html-3.2.3_17040_42-0.7.2 xen-doc-pdf-3.2.3_17040_42-0.7.2 xen-doc-ps-3.2.3_17040_42-0.7.2 xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-libs-3.2.3_17040_42-0.7.2 xen-libs-32bit-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.2 xen-tools-domU-3.2.3_17040_42-0.7.2 xen-tools-ioemu-3.2.3_17040_42-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586): xen-3.2.3_17040_42-0.7.1 xen-devel-3.2.3_17040_42-0.7.1 xen-doc-html-3.2.3_17040_42-0.7.1 xen-doc-pdf-3.2.3_17040_42-0.7.1 xen-doc-ps-3.2.3_17040_42-0.7.1 xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-libs-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.1 xen-tools-domU-3.2.3_17040_42-0.7.1 xen-tools-ioemu-3.2.3_17040_42-0.7.1 - SLE SDK 10 SP4 (x86_64): xen-3.2.3_17040_42-0.7.2 xen-devel-3.2.3_17040_42-0.7.2 xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2 xen-libs-3.2.3_17040_42-0.7.2 xen-libs-32bit-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.2 xen-tools-ioemu-3.2.3_17040_42-0.7.2 - SLE SDK 10 SP4 (i586): xen-3.2.3_17040_42-0.7.1 xen-devel-3.2.3_17040_42-0.7.1 xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1 xen-libs-3.2.3_17040_42-0.7.1 xen-tools-3.2.3_17040_42-0.7.1 xen-tools-ioemu-3.2.3_17040_42-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-3497.html http://support.novell.com/security/cve/CVE-2012-4411.html http://support.novell.com/security/cve/CVE-2012-4535.html http://support.novell.com/security/cve/CVE-2012-4536.html http://support.novell.com/security/cve/CVE-2012-4537.html http://support.novell.com/security/cve/CVE-2012-4538.html http://support.novell.com/security/cve/CVE-2012-4539.html http://support.novell.com/security/cve/CVE-2012-4544.html https://bugzilla.novell.com/651093 https://bugzilla.novell.com/713555 https://bugzilla.novell.com/784087 https://bugzilla.novell.com/786516 https://bugzilla.novell.com/786517 http://download.novell.com/patch/finder/?keywords=1e9042debead5d88c23444a904a4e0c9 From sle-updates at lists.suse.com Fri Nov 16 10:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 16 Nov 2012 18:08:30 +0100 (CET) Subject: SUSE-SU-2012:1488-1: Security update for glibc Message-ID: <20121116170830.A4E5332340@maintenance.suse.de> SUSE Security Update: Security update for glibc ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1488-1 Rating: low References: #676178 #753756 #760216 #770891 Cross-References: CVE-2011-1089 CVE-2012-3406 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This collective update to the GNU Lib C library (glibc) provides the following fixes: * Make addmntent() return errors also for cached streams (bnc#676178, CVE-2011-1089) * Fix overflows in vfprintf() (bnc#770891, CVE-2012-3406) * Fix incomplete results from nscd (bnc#753756) * Fix a deadlock in dlsym in case the symbol isn't found, for multi-threaded programs (bnc #760216). Security Issues: * CVE-2011-1089 * CVE-2012-3406 Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 i686 ia64 ppc s390x x86_64): glibc-2.4-31.103.1 glibc-devel-2.4-31.103.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): glibc-html-2.4-31.103.1 glibc-i18ndata-2.4-31.103.1 glibc-info-2.4-31.103.1 glibc-locale-2.4-31.103.1 glibc-profile-2.4-31.103.1 nscd-2.4-31.103.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): glibc-32bit-2.4-31.103.1 glibc-devel-32bit-2.4-31.103.1 glibc-locale-32bit-2.4-31.103.1 glibc-profile-32bit-2.4-31.103.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): glibc-locale-x86-2.4-31.103.1 glibc-profile-x86-2.4-31.103.1 glibc-x86-2.4-31.103.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): glibc-64bit-2.4-31.103.1 glibc-devel-64bit-2.4-31.103.1 glibc-locale-64bit-2.4-31.103.1 glibc-profile-64bit-2.4-31.103.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 i686 x86_64): glibc-2.4-31.103.1 glibc-devel-2.4-31.103.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): glibc-html-2.4-31.103.1 glibc-i18ndata-2.4-31.103.1 glibc-info-2.4-31.103.1 glibc-locale-2.4-31.103.1 nscd-2.4-31.103.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): glibc-32bit-2.4-31.103.1 glibc-devel-32bit-2.4-31.103.1 glibc-locale-32bit-2.4-31.103.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): glibc-dceext-2.4-31.103.1 glibc-html-2.4-31.103.1 glibc-profile-2.4-31.103.1 - SLE SDK 10 SP4 (s390x x86_64): glibc-dceext-32bit-2.4-31.103.1 glibc-profile-32bit-2.4-31.103.1 - SLE SDK 10 SP4 (ia64): glibc-dceext-x86-2.4-31.103.1 glibc-profile-x86-2.4-31.103.1 - SLE SDK 10 SP4 (ppc): glibc-dceext-64bit-2.4-31.103.1 glibc-profile-64bit-2.4-31.103.1 References: http://support.novell.com/security/cve/CVE-2011-1089.html http://support.novell.com/security/cve/CVE-2012-3406.html https://bugzilla.novell.com/676178 https://bugzilla.novell.com/753756 https://bugzilla.novell.com/760216 https://bugzilla.novell.com/770891 http://download.novell.com/patch/finder/?keywords=ae7b2bb12ddda522987dc10489bcbf1f From sle-updates at lists.suse.com Fri Nov 16 13:08:41 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 16 Nov 2012 21:08:41 +0100 (CET) Subject: SUSE-SU-2012:1489-1: important: Security update for IBM Java 1.5.0 Message-ID: <20121116200841.B334732342@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.5.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1489-1 Rating: important References: #788750 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.5.0 has been updated to SR15 which fixes bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ CVE-2012-3216,CVE-2012-3143,CVE-2012-5073,CVE-2012-5075,CVE- 2012-5083,CVE-2012-5083,CVE-2012-1531,CVE-2012-5081,CVE-2012 -5069,CVE-2012-5071,CVE-2012-5084,CVE-2012-5079,CVE-2012-508 9 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_5_0-ibm-jdbc-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_5_0-ibm-64bit-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (ppc): java-1_5_0-ibm-jdbc-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): java-1_5_0-ibm-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-demo-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-src-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): java-1_5_0-ibm-32bit-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-alsa-32bit-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr15.0-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-jdbc-1.5.0_sr15.0-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr15.0-0.5.1 References: https://bugzilla.novell.com/788750 http://download.novell.com/patch/finder/?keywords=bb56b08850390b907db4d458f187e204 From sle-updates at lists.suse.com Fri Nov 16 13:08:58 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 16 Nov 2012 21:08:58 +0100 (CET) Subject: SUSE-SU-2012:1490-1: important: Security update for IBM Java 1.4.2 Message-ID: <20121116200858.BA6F332342@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.4.2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1490-1 Rating: important References: #758651 #788750 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP2 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 has been updated to SR13-FP14 which fixes bugs and security issues. More information can be found on: [http://www.ibm.com/developerworks/java/jdk/alerts/)(http:// www.ibm.com/developerworks/java/jdk/alerts/) CVEs fixed: CVE-2012-3216,CVE-2012-5073,CVE-2012-5083,CVE-2012-5083,CVE- 2012-1531,CVE-2012-5081,CVE-2012-5084,CVE-2012-5079 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_4_2-ibm-7043 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_4_2-ibm-7043 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_4_2-ibm-7043 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_4_2-ibm-7043 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.14-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.2.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.14-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.14-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.5.1 References: https://bugzilla.novell.com/758651 https://bugzilla.novell.com/788750 http://download.novell.com/patch/finder/?keywords=a01a06d8f691fbd19a4c84cccb9cd2f1 http://download.novell.com/patch/finder/?keywords=cc64f4b8f8231d78d335786a3fa84851 From sle-updates at lists.suse.com Mon Nov 19 09:10:01 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 19 Nov 2012 17:10:01 +0100 (CET) Subject: SUSE-RU-2012:1500-1: Recommended update for novell-client Message-ID: <20121119161001.B608C32343@maintenance.suse.de> SUSE Recommended Update: Recommended update for novell-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1500-1 Rating: low References: #749721 #757243 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to novell-client fixes the following issues: * 749721: Single Sign-On not working for users * 757243: Fix a very misleading typo in the logging output Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-novell-client-6976 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): novell-client-3.0.0-0.18.22.1 novell-client-script-3.0.0-0.18.22.1 References: https://bugzilla.novell.com/749721 https://bugzilla.novell.com/757243 http://download.novell.com/patch/finder/?keywords=0713f22c60341069e75d67d5cce2cc5e From sle-updates at lists.suse.com Mon Nov 19 13:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 19 Nov 2012 21:08:25 +0100 (CET) Subject: SUSE-SU-2012:1503-1: important: Security update for libvirt Message-ID: <20121119200825.EDBD832341@maintenance.suse.de> SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1503-1 Rating: important References: #772586 #773621 #773626 #780432 Cross-References: CVE-2012-3497 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: libvirt received security and bugfixes: * CVE-2012-4423: Fixed a libvirt remote denial of service (crash) problem. The following bugs have been fixed: * qemu: Fix probing for guest capabilities * xen-xm: Generate UUID if not specified * xenParseXM: don't dereference NULL pointer when script is empty Security Issue references: * CVE-2012-4539 * CVE-2012-3497 * CVE-2012-4411 * CVE-2012-4535 * CVE-2012-4537 * CVE-2012-4536 * CVE-2012-4538 * CVE-2012-4539 * CVE-2012-4544 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libvirt-201211-7015 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libvirt-201211-7015 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libvirt-201211-7015 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): libvirt-devel-0.9.6-0.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-32bit-0.9.6-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): libvirt-0.9.6-0.23.1 libvirt-client-0.9.6-0.23.1 libvirt-doc-0.9.6-0.23.1 libvirt-python-0.9.6-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libvirt-0.9.6-0.23.1 libvirt-client-0.9.6-0.23.1 libvirt-doc-0.9.6-0.23.1 libvirt-python-0.9.6-0.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.23.1 References: http://support.novell.com/security/cve/CVE-2012-3497.html http://support.novell.com/security/cve/CVE-2012-4411.html http://support.novell.com/security/cve/CVE-2012-4535.html http://support.novell.com/security/cve/CVE-2012-4536.html http://support.novell.com/security/cve/CVE-2012-4537.html http://support.novell.com/security/cve/CVE-2012-4538.html http://support.novell.com/security/cve/CVE-2012-4539.html http://support.novell.com/security/cve/CVE-2012-4544.html https://bugzilla.novell.com/772586 https://bugzilla.novell.com/773621 https://bugzilla.novell.com/773626 https://bugzilla.novell.com/780432 http://download.novell.com/patch/finder/?keywords=6c77cedf2e828c0cfa0f10bbd2cdbb87 From sle-updates at lists.suse.com Mon Nov 19 16:09:07 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 00:09:07 +0100 (CET) Subject: SUSE-RU-2012:1504-1: Recommended update for SuSEfirewall2 Message-ID: <20121119230908.2A34D3233D@maintenance.suse.de> SUSE Recommended Update: Recommended update for SuSEfirewall2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1504-1 Rating: low References: #767392 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: SuSEfirewall was updated to allow IPv6 MLD (Multicast Listener Discovery) Queries (ICMP Type 130) by default in the external zone. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-SuSEfirewall2-6910 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-SuSEfirewall2-6910 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-SuSEfirewall2-6910 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): SuSEfirewall2-3.6_SVNr208-2.7.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): SuSEfirewall2-3.6_SVNr208-2.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): SuSEfirewall2-3.6_SVNr208-2.7.1 References: https://bugzilla.novell.com/767392 http://download.novell.com/patch/finder/?keywords=5c569a2e500cbd7ee6e4bcb847340ae8 From sle-updates at lists.suse.com Mon Nov 19 16:09:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 00:09:22 +0100 (CET) Subject: SUSE-RU-2012:1505-1: Recommended update for X.Org Message-ID: <20121119230922.7408F32341@maintenance.suse.de> SUSE Recommended Update: Recommended update for X.Org ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1505-1 Rating: low References: #774315 #782319 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for the X.Org Server (xorg-x11-server) resolves the following issues: * On dual-head setups that use displays with different resolutions, the mouse pointer could be incorrectly positioned in a section of the screen that's not visible. * When connecting to the X server using VNC, the colors of Motif applications could be displayed incorrectly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xorg-x11-Xvnc-6919 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xorg-x11-Xvnc-6919 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xorg-x11-Xvnc-6919 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xorg-x11-Xvnc-6919 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-sdk-7.4-27.68.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xorg-x11-Xvnc-7.4-27.68.1 xorg-x11-server-7.4-27.68.1 xorg-x11-server-extra-7.4-27.68.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): xorg-x11-Xvnc-7.4-27.68.1 xorg-x11-server-7.4-27.68.1 xorg-x11-server-extra-7.4-27.68.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xorg-x11-Xvnc-7.4-27.68.1 xorg-x11-server-7.4-27.68.1 xorg-x11-server-extra-7.4-27.68.1 References: https://bugzilla.novell.com/774315 https://bugzilla.novell.com/782319 http://download.novell.com/patch/finder/?keywords=bc92311879b8f7c8deee3534c385e662 From sle-updates at lists.suse.com Tue Nov 20 08:08:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 16:08:22 +0100 (CET) Subject: SUSE-RU-2012:1508-1: Recommended update for sled11-branding-hp-bnb Message-ID: <20121120150822.C75CA32340@maintenance.suse.de> SUSE Recommended Update: Recommended update for sled11-branding-hp-bnb ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1508-1 Rating: low References: #789784 Affected Products: SLED 11 HP BNB Preload SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The online repository hosting the Validity Fingerprint driver disappeared. This update removes the repository from the system, to allow to proceed with migration to SLED 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SLED 11 HP BNB Preload SP1: zypper in -t patch slehpbnbp1-sled11-branding-hp-bnb-7060 To bring your system up-to-date, use "zypper patch". Package List: - SLED 11 HP BNB Preload SP1 (noarch): sled11-branding-hp-bnb-1-0.118.120.1 References: https://bugzilla.novell.com/789784 http://download.novell.com/patch/finder/?keywords=c075ef5a188d1eda95faffe76fe46c96 From sle-updates at lists.suse.com Tue Nov 20 09:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 17:08:25 +0100 (CET) Subject: SUSE-RU-2012:1509-1: Recommended update for sled-release Message-ID: <20121120160825.53C8432342@maintenance.suse.de> SUSE Recommended Update: Recommended update for sled-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1509-1 Rating: low References: #749912 Affected Products: SLED 11 HP BNB Preload SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update prepares the system for a System Upgrade to SUSE Linux Enterprise Desktop 11 SP2. Please follow the technical instruction document for the information on how to upgrade your system to SUSE Linux Enterprise Desktop 11 SP2: https://www.suse.com/support/kb/doc.php?id=7010200 Please have a look for more Information and Resources about SUSE Linux Enterprise Desktop 11 SP2 here: http://www.suse.com/promo/sle11sp2.html Indications: Enablement of Upgrade to SLED 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SLED 11 HP BNB Preload SP1: zypper in -t patch slehpbnbp1-sled-release-6698 To bring your system up-to-date, use "zypper patch". Package List: - SLED 11 HP BNB Preload SP1 (i586): sled-release-11.1-7.1 References: https://bugzilla.novell.com/749912 http://download.novell.com/patch/finder/?keywords=51235d100a840eb33c9f827611f7ba65 From sle-updates at lists.suse.com Tue Nov 20 10:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 18:08:27 +0100 (CET) Subject: SUSE-RU-2012:1510-1: Recommended update for rdesktop Message-ID: <20121120170827.A408A32342@maintenance.suse.de> SUSE Recommended Update: Recommended update for rdesktop ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1510-1 Rating: low References: #723705 #778844 #787270 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for rdesktop resolves the following issues: * Fix a segmentation fault that could happen when connecting to Windows 2008 R2 Server (bnc#778844) * Fix sound playback in Windows 2008 R2 Server, which requires the rdpdr channel to be initialized (bnc#723705) * Dynamically adjust the start and end times of daylight savings (bnc#787270). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-rdesktop-7054 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): rdesktop-1.6.0-39.15.1 References: https://bugzilla.novell.com/723705 https://bugzilla.novell.com/778844 https://bugzilla.novell.com/787270 http://download.novell.com/patch/finder/?keywords=bab5342b0dc7db525828503fe8872a72 From sle-updates at lists.suse.com Tue Nov 20 10:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 18:08:42 +0100 (CET) Subject: SUSE-SU-2012:1511-1: moderate: Security update for icedtea-web Message-ID: <20121120170842.A38BB32342@maintenance.suse.de> SUSE Security Update: Security update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1511-1 Rating: moderate References: #784859 #785333 #786775 #787846 Cross-References: CVE-2012-4540 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. It includes one version update. Description: The IcedTea-Web Java plugin has been updated to version 1.3.1 to fix various bugs and security issues. 1.3.1 changes: * Security Updates o CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet * Common o PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775) Security Issue reference: * CVE-2012-4540 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icedtea-web-7041 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.3.1]: icedtea-web-1.3.1-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-4540.html https://bugzilla.novell.com/784859 https://bugzilla.novell.com/785333 https://bugzilla.novell.com/786775 https://bugzilla.novell.com/787846 http://download.novell.com/patch/finder/?keywords=fe843a85263c39ee81c6ce36f83bda27 From sle-updates at lists.suse.com Tue Nov 20 14:08:44 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 22:08:44 +0100 (CET) Subject: SUSE-RU-2012:1513-1: Recommended update for microcode_ctl Message-ID: <20121120210844.1ADC632342@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1513-1 Rating: low References: #784917 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides AMD's CPU microcode version 2012-09-10. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-microcode_ctl-6985 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-microcode_ctl-6985 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-microcode_ctl-6986 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-microcode_ctl-6986 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-microcode_ctl-6985 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): microcode_ctl-1.17-102.48.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.48.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): microcode_ctl-1.17-102.48.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): microcode_ctl-1.17-102.48.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.48.1 References: https://bugzilla.novell.com/784917 http://download.novell.com/patch/finder/?keywords=2c60034c5d31a0dcf79aac2a42aa3e59 http://download.novell.com/patch/finder/?keywords=32a5ff93192afdc37bcb798c9abe58a6 From sle-updates at lists.suse.com Tue Nov 20 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 23:08:27 +0100 (CET) Subject: SUSE-RU-2012:1517-1: Recommended update for libnuma Message-ID: <20121120220827.342F032342@maintenance.suse.de> SUSE Recommended Update: Recommended update for libnuma ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1517-1 Rating: low References: #784125 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a missing symbol export in libnuma. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libnuma-devel-7032 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libnuma-devel-7032 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libnuma-devel-7032 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libnuma-devel-7032 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64 ppc64 x86_64): libnuma-devel-2.0.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libnuma1-2.0.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64): libnuma-devel-32bit-2.0.7-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libnuma1-2.0.7-0.9.1 numactl-2.0.7-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (ia64 ppc64 x86_64): libnuma1-2.0.7-0.9.1 numactl-2.0.7-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64): libnuma1-32bit-2.0.7-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libnuma1-2.0.7-0.9.1 numactl-2.0.7-0.9.1 References: https://bugzilla.novell.com/784125 http://download.novell.com/patch/finder/?keywords=d9b16cba4ef5412ec1d253aa1c99c02e From sle-updates at lists.suse.com Tue Nov 20 15:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 20 Nov 2012 23:08:42 +0100 (CET) Subject: SUSE-RU-2012:1518-1: Recommended update for python-qt Message-ID: <20121120220842.615BA32343@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-qt ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1518-1 Rating: low References: #780723 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update adds compatibility with python SIP 3.9.x which was provided as part of SUSE Linux Enterprise SP1 and later. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-python-qt-7048 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-python-qt-7048 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.18.1]: python-qt-3.18.1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.18.1]: python-qt-3.18.1-0.5.1 References: https://bugzilla.novell.com/780723 http://download.novell.com/patch/finder/?keywords=9ffc22a526d734fca9a99e064a3bbd12 From sle-updates at lists.suse.com Wed Nov 21 10:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 21 Nov 2012 18:08:32 +0100 (CET) Subject: SUSE-SU-2012:1489-2: important: Security update for IBM Java 1.7.0 Message-ID: <20121121170832.C143032345@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.7.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1489-2 Rating: important References: #788750 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.7.0 has been updated to SR3 which fixes bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159,CVE-2012-3216,CVE-2012-5070,CVE-2012-5067,CVE- 2012-3143,CVE-2012-5076,CVE-2012-5077,CVE-2012-5073,CVE-2012 -5074,CVE-2012-5075,CVE-2012-5083,CVE-2012-5083,CVE-2012-507 2,CVE-2012-1531,CVE-2012-5081,CVE-2012-1532,CVE-2012-1533,CV E-2012-5069,CVE-2012-5071,CVE-2012-5084,CVE-2012-5087,CVE-20 12-5086,CVE-2012-5079,CVE-2012-5088,CVE-2012-5089 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_7_0-ibm-7046 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_7_0-ibm-7046 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_7_0-ibm-7046 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_7_0-ibm-7046 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_7_0-ibm-alsa-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_7_0-ibm-plugin-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_7_0-ibm-alsa-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr3.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr3.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr3.0-0.5.1 References: https://bugzilla.novell.com/788750 http://download.novell.com/patch/finder/?keywords=6af80338101f9a022afdf21e00326b65 From sle-updates at lists.suse.com Wed Nov 21 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 21 Nov 2012 19:08:37 +0100 (CET) Subject: SUSE-SU-2012:1520-1: important: Security update for libssh2 Message-ID: <20121121180837.2E4DD32342@maintenance.suse.de> SUSE Security Update: Security update for libssh2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1520-1 Rating: important References: #789827 Cross-References: CVE-2012-4562 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of libssh fixes multiple integer overflows. CVE-2012-4562 has been assigned to this issue. Security Issue reference: * CVE-2012-4562 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libssh2-7073 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libssh2-7073 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libssh2-0.2-5.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libssh2-0.2-5.18.1 References: http://support.novell.com/security/cve/CVE-2012-4562.html https://bugzilla.novell.com/789827 http://download.novell.com/patch/finder/?keywords=2e1c319ecc84f3419428796ffd252ae7 From sle-updates at lists.suse.com Wed Nov 21 12:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 21 Nov 2012 20:08:28 +0100 (CET) Subject: SUSE-RU-2012:1521-1: Recommended update for gedit Message-ID: <20121121190828.E8E7C32340@maintenance.suse.de> SUSE Recommended Update: Recommended update for gedit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1521-1 Rating: low References: #752387 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Gedit extends the external file modification check to also verify if the file permissions have changed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gedit-7040 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gedit-7040 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gedit-7040 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gedit-2.28.3-0.8.1 gedit-lang-2.28.3-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gedit-2.28.3-0.8.1 gedit-lang-2.28.3-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gedit-2.28.3-0.8.1 gedit-lang-2.28.3-0.8.1 References: https://bugzilla.novell.com/752387 http://download.novell.com/patch/finder/?keywords=855bdca32e9517b0249dd1ad2cca58b7 From sle-updates at lists.suse.com Wed Nov 21 13:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 21 Nov 2012 21:08:26 +0100 (CET) Subject: SUSE-RU-2012:1522-1: Recommended update for ipvsadm Message-ID: <20121121200826.69D8432338@maintenance.suse.de> SUSE Recommended Update: Recommended update for ipvsadm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1522-1 Rating: low References: #775051 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update resolves a segmentation fault in ipvsadm when trying to bind a real server to a virtual server. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-ipvsadm-6851 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): ipvsadm-1.26-5.9.1 References: https://bugzilla.novell.com/775051 http://download.novell.com/patch/finder/?keywords=75e0a44a38341d6cd549880dc57f34c3 From sle-updates at lists.suse.com Thu Nov 22 12:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 22 Nov 2012 20:08:25 +0100 (CET) Subject: SUSE-RU-2012:1528-1: moderate: Recommended update for ksh Message-ID: <20121122190825.10CBD32342@maintenance.suse.de> SUSE Recommended Update: Recommended update for ksh ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1528-1 Rating: moderate References: #785266 #785360 #786134 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This collective update for the Korn Shell (ksh) resolves the following issues: * Fix a crash when a value of the environment is null (bnc#785266) * Add a workaround for filled /tmp file systems (bnc#786134) * Check for subshell if tmp file can be used otherwise use a pipe (bnc#786134) * Restore shell variables before any output will be placed in a temp file or buffer (bnc#786134) * Be able to export justified and zerofilled variables (bnc#785360). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ksh-6991 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ksh-6991 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ksh-6991 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ksh-6991 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ksh-devel-93u-0.14.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ksh-93u-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ksh-93u-0.14.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-93u-0.19.1 ksh-devel-93u-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ksh-93u-0.14.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 93u]: ksh-93u-0.19.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-devel-93u-0.19.1 References: https://bugzilla.novell.com/785266 https://bugzilla.novell.com/785360 https://bugzilla.novell.com/786134 http://download.novell.com/patch/finder/?keywords=54e976dabcabce0e71fdf848a7e4839e http://download.novell.com/patch/finder/?keywords=7dc47e5a433ddae789cb140b547c19cb From sle-updates at lists.suse.com Thu Nov 22 13:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 22 Nov 2012 21:08:27 +0100 (CET) Subject: SUSE-SU-2012:1529-1: moderate: Security update for inst-source-utils Message-ID: <20121122200827.2EBC332342@maintenance.suse.de> SUSE Security Update: Security update for inst-source-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1529-1 Rating: moderate References: #604730 Cross-References: CVE-2012-0427 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes two new package versions. Description: Multiple code execution flaws have been fixed that could have been exploited via specially crafted file names / directory path names. Security Issue reference: * CVE-2012-0427 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-inst-source-utils-6817 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-inst-source-utils-6817 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-inst-source-utils-6817 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-inst-source-utils-6817 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2012.9.13]: inst-source-utils-2012.9.13-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2012.9.13]: inst-source-utils-2012.9.13-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2012.9.13]: inst-source-utils-2012.9.13-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (noarch) [New Version: 2008.11.26]: inst-source-utils-2008.11.26-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2012.9.13]: inst-source-utils-2012.9.13-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 2008.11.26]: inst-source-utils-2008.11.26-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-0427.html https://bugzilla.novell.com/604730 http://download.novell.com/patch/finder/?keywords=37a5722f1fdf0e2643b80548de09976b http://download.novell.com/patch/finder/?keywords=f35a1b0dc8ef2c77aa295b221038b7af From sle-updates at lists.suse.com Thu Nov 22 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 22 Nov 2012 23:08:28 +0100 (CET) Subject: SUSE-RU-2012:1530-1: Recommended update for udev Message-ID: <20121122220829.0820332340@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1530-1 Rating: low References: #691155 #782539 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update for uev provides the following fixes: * 782539: Don't run mkinitrd while installing/upgrading from Yast * 691155: Fix potential stack overflow in collect Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-libudev-devel-6964 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): libvolume_id1-128-13.22.1 udev-128-13.22.1 References: https://bugzilla.novell.com/691155 https://bugzilla.novell.com/782539 http://download.novell.com/patch/finder/?keywords=76e13327b16988b470150c2955d83618 From sle-updates at lists.suse.com Thu Nov 22 16:09:09 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 23 Nov 2012 00:09:09 +0100 (CET) Subject: SUSE-RU-2012:1531-1: Recommended update for seccheck Message-ID: <20121122230909.1FF6332343@maintenance.suse.de> SUSE Recommended Update: Recommended update for seccheck ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1531-1 Rating: low References: #746042 #768963 #769046 #769770 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This collective update to Security-Check Scripts (seccheck) resolves the following issues: * Parse lsof output correctly, preventing spurious changes to listening sockets (bnc#769046) * Do not print warnings when the John utility is not installed (bnc#768963) * Improve reporting of account names with equal UIDs (bnc#769770) * Do not limit the mount point detection to special file systems (bnc#746042). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-seccheck-6893 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-seccheck-6893 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): seccheck-2.0-657.17.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): seccheck-2.0-657.17.1 References: https://bugzilla.novell.com/746042 https://bugzilla.novell.com/768963 https://bugzilla.novell.com/769046 https://bugzilla.novell.com/769770 http://download.novell.com/patch/finder/?keywords=c1fbda0ecb033b8328551d59535cb314 From sle-updates at lists.suse.com Mon Nov 26 12:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 26 Nov 2012 20:08:24 +0100 (CET) Subject: SUSE-RU-2012:1574-1: Recommended update for openstack-dashboard Message-ID: <20121126190824.49BFC32343@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-dashboard ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1574-1 Rating: low References: #770065 #772230 #780982 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to openstack-dashboard provides the following fixes: * 780982: Fix boot from volume not possible from dashboard * 772230: Remove CSS file references to fonts from google server * 770065: Adding a title to (nova) Dashboard Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-201211-7037 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-dashboard-2012.1+git.1346336140.35eada8-0.5.1 openstack-dashboard-config-2012.1+git.1346336140.35eada8-0.5.1 openstack-nova-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-api-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-cert-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-compute-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-doc-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-network-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-objectstore-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-scheduler-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-vncproxy-2012.1+git.1348669189.d1d5d6d-0.5.1 openstack-nova-volume-2012.1+git.1348669189.d1d5d6d-0.5.1 python-horizon-2012.1+git.1346336140.35eada8-0.5.1 python-nova-2012.1+git.1348669189.d1d5d6d-0.5.1 - SUSE Cloud 1.0 (noarch): crowbar-barclamp-nova_dashboard-1.2+git.1352386675.86e7af9-0.5.1 References: https://bugzilla.novell.com/770065 https://bugzilla.novell.com/772230 https://bugzilla.novell.com/780982 http://download.novell.com/patch/finder/?keywords=4a0fd4af2a44f12da7f3c091f3eca1e5 From sle-updates at lists.suse.com Tue Nov 27 14:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 27 Nov 2012 22:08:29 +0100 (CET) Subject: SUSE-RU-2012:1576-1: moderate: Recommended update for libblkid Message-ID: <20121127210829.122C032345@maintenance.suse.de> SUSE Recommended Update: Recommended update for libblkid ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1576-1 Rating: moderate References: #776462 #779763 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for util-linux fixes a segmentation fault in mount that occurs when incomplete entries are found in /etc/fstab. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libblkid-devel-7049 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libblkid-devel-7049 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libblkid-devel-7049 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libblkid-devel-7049 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libblkid-devel-2.19.1-6.33.33.1 libuuid-devel-2.19.1-6.33.33.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libblkid-devel-32bit-2.19.1-6.33.33.1 libblkid1-32bit-2.16-6.13.24 libuuid-devel-32bit-2.19.1-6.33.33.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): libblkid1-x86-2.16-6.13.24 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libblkid1-2.19.1-6.33.33.1 libuuid1-2.19.1-6.33.33.1 util-linux-2.19.1-6.33.33.1 util-linux-lang-2.19.1-6.33.33.1 uuid-runtime-2.19.1-6.33.33.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libblkid1-32bit-2.19.1-6.33.33.1 libuuid1-32bit-2.19.1-6.33.33.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libblkid1-2.19.1-6.33.33.1 libuuid1-2.19.1-6.33.33.1 util-linux-2.19.1-6.33.33.1 util-linux-lang-2.19.1-6.33.33.1 uuid-runtime-2.19.1-6.33.33.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libblkid1-32bit-2.19.1-6.33.33.1 libuuid1-32bit-2.19.1-6.33.33.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libblkid1-x86-2.19.1-6.33.33.1 libuuid1-x86-2.19.1-6.33.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libblkid1-2.19.1-6.33.33.1 libuuid-devel-2.19.1-6.33.33.1 libuuid1-2.19.1-6.33.33.1 util-linux-2.19.1-6.33.33.1 util-linux-lang-2.19.1-6.33.33.1 uuid-runtime-2.19.1-6.33.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libblkid1-32bit-2.19.1-6.33.33.1 libuuid1-32bit-2.19.1-6.33.33.1 References: https://bugzilla.novell.com/776462 https://bugzilla.novell.com/779763 http://download.novell.com/patch/finder/?keywords=af476f3ecb92320578b2554d4742cb0b From sle-updates at lists.suse.com Tue Nov 27 14:08:45 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 27 Nov 2012 22:08:45 +0100 (CET) Subject: SUSE-RU-2012:1577-1: Recommended update for procps Message-ID: <20121127210845.9336432346@maintenance.suse.de> SUSE Recommended Update: Recommended update for procps ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1577-1 Rating: low References: #786140 #786272 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for procps resolves the following issues: * Fix a problem in vmstat that prevented it from reading partition specific statistics from /proc/diskstats * Fix slabtop option for displaying output only once. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-procps-7008 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-procps-7008 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-procps-7008 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): procps-3.2.7-151.26.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): procps-3.2.7-151.26.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): procps-3.2.7-151.26.1 References: https://bugzilla.novell.com/786140 https://bugzilla.novell.com/786272 http://download.novell.com/patch/finder/?keywords=52125e02a2d25405b9c47430618ec3f8 From sle-updates at lists.suse.com Tue Nov 27 16:09:07 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 00:09:07 +0100 (CET) Subject: SUSE-SU-2012:1578-1: important: Security update for libotr Message-ID: <20121127230907.2AC3632345@maintenance.suse.de> SUSE Security Update: Security update for libotr ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1578-1 Rating: important References: #777468 Cross-References: CVE-2012-3461 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes various heap overflows in libotr. CVE-2012-3461 has been assigned to this issue. Security Issue reference: * CVE-2012-3461 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libotr-7076 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libotr-7076 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libotr-7076 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libotr-7076 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libotr-devel-3.2.0-10.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libotr2-3.2.0-10.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libotr2-3.2.0-10.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libotr2-3.2.0-10.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libotr-3.0.0-16.9.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): libotr-3.0.0-16.9.1 libotr-devel-3.0.0-16.9.1 References: http://support.novell.com/security/cve/CVE-2012-3461.html https://bugzilla.novell.com/777468 http://download.novell.com/patch/finder/?keywords=185be6b158bccfaa385e8682935d125d http://download.novell.com/patch/finder/?keywords=fe4d1b88e23655d9450cf3fc8115a6e8 From sle-updates at lists.suse.com Tue Nov 27 17:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 01:08:33 +0100 (CET) Subject: SUSE-RU-2012:1579-1: important: Recommended update for supportutils Message-ID: <20121128000833.1E0203233D@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1579-1 Rating: important References: #772728 #773838 #779481 #780518 #780522 #781892 #783179 #783963 #784888 #784929 #784931 #787483 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. Description: This collective update to Support Troubleshooting Tools (supportutils) includes the following fixes and improvements: * Fixed eDirectory instance errors from ADD_OPTION_EDIR (bnc#787483) * Fixed ravsui verify/rebuild logs and moved to novell-nss.txt (bnc#780522) * Fixed SLED detection in summary.xml (bnc#784931) * Fixed multiple SBD device failure (bnc#783963) * Fixed tomcat detection issues (bnc#772728) * Fixed SLE 10 kernel detection in analyzevmcore * Included VAR_OPTION_HEADER_FILE at the beginning of each file (bnc#781892) * Included elilo.cfg files if found * Increased VAR_OPTION_MSG_MAXSIZE to 25M and added VAR_OPTION_MSG_LINE_COUNT (bnc#780518) * Added efibootmgr to boot.txt (bnc#773838) * Added nlvm to novell-nss.txt (bnc#779481) * Added VAR_OPTION_HBREPORT_DIRS to supportconfig.conf(5) man page * Added hb_reports to ha.txt * Added autoupg.xml and autoupg_updated.xml to y2log.txt * Added /etc/products.d/* xml files to summary.xml (bnc#784929) * Added SLES for SAP/VMware detection to basic-environment.txt (bnc#784888) * Added "corosync-cfgtool -s" and "corosync-fplay" to ha.txt (bnc#783179) * Added kernel and debuginfo kernel details to analyzevmcore(8) man page * Added executable check on user specified binary in getappcore * Removed cib check for sbd partitions. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-supportutils-7071 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-supportutils-7071 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-supportutils-7071 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): supportutils-1.20-0.28.65.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): supportutils-1.20-0.28.65.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): supportutils-1.20-0.28.65.1 References: https://bugzilla.novell.com/772728 https://bugzilla.novell.com/773838 https://bugzilla.novell.com/779481 https://bugzilla.novell.com/780518 https://bugzilla.novell.com/780522 https://bugzilla.novell.com/781892 https://bugzilla.novell.com/783179 https://bugzilla.novell.com/783963 https://bugzilla.novell.com/784888 https://bugzilla.novell.com/784929 https://bugzilla.novell.com/784931 https://bugzilla.novell.com/787483 http://download.novell.com/patch/finder/?keywords=5d9fb8a29fe3b810c7545a36018caa62 From sle-updates at lists.suse.com Wed Nov 28 10:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 18:08:32 +0100 (CET) Subject: SUSE-RU-2012:1587-1: Recommended update for ocfs2-tools Message-ID: <20121128170832.381A832347@maintenance.suse.de> SUSE Recommended Update: Recommended update for ocfs2-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1587-1 Rating: low References: #789420 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ocfs2-tools resolves a compatibility problem between debugfs.ocfs2's fs_locks sub-command and Linux kernel 3.0. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-ocfs2-tools-7051 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): ocfs2-tools-1.6.4-0.13.1 ocfs2-tools-devel-1.6.4-0.13.1 ocfs2-tools-o2cb-1.6.4-0.13.1 ocfs2console-1.6.4-0.13.1 References: https://bugzilla.novell.com/789420 http://download.novell.com/patch/finder/?keywords=2ec9072556fabbbd2962ffe5562b1f8d From sle-updates at lists.suse.com Wed Nov 28 13:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 21:08:27 +0100 (CET) Subject: SUSE-SU-2012:1588-1: important: Security update for IBM Java 1.6.0 Message-ID: <20121128200827.C83FD32345@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.6.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1588-1 Rating: important References: #780491 #785631 #788750 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.6.0 has been updated to SR12 which fixes bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159, CVE-2012-3216, CVE-2012-5068, CVE-2012-3143, CVE-2012-5073, CVE-2012-5075, CVE-2012-5083, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-1532, CVE-2012-1533, CVE-2012-5069, CVE-2012-5071, CVE-2012-5084, CVE-2012-5079, CVE-2012-5089 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-devel-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_6_0-ibm-alsa-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_6_0-ibm-64bit-1.6.0_sr12.0-0.10.1 - SUSE Linux Enterprise Java 10 SP4 (x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-devel-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.10.1 java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.10.1 References: https://bugzilla.novell.com/780491 https://bugzilla.novell.com/785631 https://bugzilla.novell.com/788750 http://download.novell.com/patch/finder/?keywords=94ebbbaeb864d11273a4fe129dc23269 From sle-updates at lists.suse.com Wed Nov 28 14:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 22:08:32 +0100 (CET) Subject: SUSE-RU-2012:1589-1: moderate: Recommended update for release-notes-SLES-for-VMware and release-notes-sles Message-ID: <20121128210832.8928032345@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-SLES-for-VMware and release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1589-1 Rating: moderate References: #778537 #779572 #779575 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2. The changes in detail are: * New entry: VMware ballooning driver (bnc#779572; fate#311976); * New entry: AutoFS timeouts in direct mounts (bnc#778537; fate#312611). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-SLES-for-VMware-7104 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-SLES-for-VMware-7104 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.41]: release-notes-SLES-for-VMware-11.2.0.41-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.41]: release-notes-sles-11.2.0.41-0.9.1 References: https://bugzilla.novell.com/778537 https://bugzilla.novell.com/779572 https://bugzilla.novell.com/779575 http://download.novell.com/patch/finder/?keywords=fee4f57cad78ab632d0ff8925a9556dd From sle-updates at lists.suse.com Wed Nov 28 15:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 28 Nov 2012 23:08:29 +0100 (CET) Subject: SUSE-RU-2012:1590-1: Recommended update for heartbeat Message-ID: <20121128220829.2708232346@maintenance.suse.de> SUSE Recommended Update: Recommended update for heartbeat ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1590-1 Rating: low References: #661231 #690836 #769679 #785294 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This collective update to Heartbeat resolves the following issues: * Fix access to meta/parameters of clone instances in hb_gui (bnc#661231) * Do not request retransmission of lost messages from dead members (bnc#690836) * Xen: implement stop of a migrating domain (bnc#769679) * Fix sector_size definition for s390 (bnc#785294). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): heartbeat-2.1.4-0.28.1 heartbeat-cmpi-2.1.4-0.28.1 heartbeat-ldirectord-2.1.4-0.28.1 heartbeat-pils-2.1.4-0.28.1 heartbeat-stonith-2.1.4-0.28.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): heartbeat-2.1.4-0.28.1 heartbeat-cmpi-2.1.4-0.28.1 heartbeat-ldirectord-2.1.4-0.28.1 heartbeat-pils-2.1.4-0.28.1 heartbeat-stonith-2.1.4-0.28.1 References: https://bugzilla.novell.com/661231 https://bugzilla.novell.com/690836 https://bugzilla.novell.com/769679 https://bugzilla.novell.com/785294 http://download.novell.com/patch/finder/?keywords=5c0119d2daec288467eafb91b673f5c9 From sle-updates at lists.suse.com Wed Nov 28 16:09:09 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 29 Nov 2012 00:09:09 +0100 (CET) Subject: SUSE-RU-2012:1591-1: moderate: Recommended update for rpcbind Message-ID: <20121128230909.6CE0E32347@maintenance.suse.de> SUSE Recommended Update: Recommended update for rpcbind ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1591-1 Rating: moderate References: #762185 #767185 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for rpcbind contains fixes for the following reports: * 767185: rpcbind answers GETADDR with non-preferred address * 762185: /etc/init.d/rpcbind start returns immediately even if rpcbind is not fully initialized. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-rpcbind-7070 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-rpcbind-7070 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-rpcbind-7070 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): rpcbind-0.1.6+git20080930-6.18.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): rpcbind-0.1.6+git20080930-6.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): rpcbind-0.1.6+git20080930-6.18.1 References: https://bugzilla.novell.com/762185 https://bugzilla.novell.com/767185 http://download.novell.com/patch/finder/?keywords=aaf7ca512c76d339e9dee54950f1ba4f From sle-updates at lists.suse.com Wed Nov 28 17:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 29 Nov 2012 01:08:36 +0100 (CET) Subject: SUSE-SU-2012:1592-1: important: Security update for Mozilla Firefox Message-ID: <20121129000836.BBC7432263@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1592-1 Rating: important References: #790140 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes two new package versions. Description: Mozilla Firefox has been updated to the 10.0.11 ESR security release, which fixes various bugs and security issues. * MFSA 2012-106: Security researcher miaubiz used the Address Sanitizer tool to discover a series critically rated of use-after-free, buffer overflow, and memory corruption issues in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank miaubiz for reporting two additional use-after-free and memory corruption issues introduced during Firefox development that have been fixed before general release. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11: o use-after-free when loading html file on osx (CVE-2012-5830) o Mesa crashes on certain texImage2D calls involving level>0 (CVE-2012-5833) o integer overflow, invalid write w/webgl bufferdata (CVE-2012-5835) The following issues have been fixed in Firefox 17: o crash in copyTexImage2D with image dimensions too large for given level (CVE-2012-5838) * MFSA 2012-105: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting five additional use-after-free, out of bounds read, and buffer overflow flaws introduced during Firefox development that have been fixed before general release. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11: o Heap-use-after-free in nsTextEditorState::PrepareEditor (CVE-2012-4214) o Heap-use-after-free in nsPlaintextEditor::FireClipboardEvent (CVE-2012-4215) o Heap-use-after-free in gfxFont::GetFontEntry (CVE-2012-4216) o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829) o heap-buffer-overflow in gfxShapedWord::CompressedGlyph::IsClusterStart o CVE-2012-5839 o Heap-use-after-free in nsTextEditorState::PrepareEditor (CVE-2012-5840) The following issues have been fixed in Firefox 17: o Heap-use-after-free in XPCWrappedNative::Mark (CVE-2012-4212) o Heap-use-after-free in nsEditor::FindNextLeafNode (CVE-2012-4213) o Heap-use-after-free in nsViewManager::ProcessPendingUpdates (CVE-2012-4217) o Heap-use-after-free BuildTextRunsScanner::BreakSink::SetBreaks (CVE-2012-4218) * MFSA 2012-104 / CVE-2012-4210: Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution. * MFSA 2012-103 / CVE-2012-4209: Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to "top". This can allow for possible cross-site scripting (XSS) attacks through plugins. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * MFSA 2012-102 / CVE-2012-5837: Security researcher Masato Kinugawa reported that when script is entered into the Developer Toolbar, it runs in a chrome privileged context. This allows for arbitrary code execution or cross-site scripting (XSS) if a user can be convinced to paste malicious code into the Developer Toolbar. * MFSA 2012-101 / CVE-2012-4207: Security researcher Masato Kinugawa found when HZ-GB-2312 charset encoding is used for text, the "~" character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. * MFSA 2012-100 / CVE-2012-5841: Mozilla developer Bobby Holley reported that security wrappers filter at the time of property access, but once a function is returned, the caller can use this function without further security checks. This affects cross-origin wrappers, allowing for write actions on objects when only read actions should be properly allowed. This can lead to cross-site scripting (XSS) attacks. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * MFSA 2012-99 / CVE-2012-4208: Mozilla developer Peter Van der Beken discovered that same-origin XrayWrappers expose chrome-only properties even when not in a chrome compartment. This can allow web content to get properties of DOM objects that are intended to be chrome-only. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * MFSA 2012-98 / CVE-2012-4206: Security researcher Robert Kugler reported that when a specifically named DLL file on a Windows computer is placed in the default downloads directory with the Firefox installer, the Firefox installer will load this DLL when it is launched. In circumstances where the installer is run by an administrator privileged account, this allows for the downloaded DLL file to be run with administrator privileges. This can lead to arbitrary code execution from a privileged account. * MFSA 2012-97 / CVE-2012-4205: Mozilla developer Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. * MFSA 2012-96 / CVE-2012-4204: Security researcher Scott Bell of Security-Assessment.com used the Address Sanitizer tool to discover a memory corruption in str_unescape in the Javascript engine. This could potentially lead to arbitrary code execution. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * MFSA 2012-95 / CVE-2012-4203: Security researcher kakzz.ng at gmail.com reported that if a javascript: URL is selected from the list of Firefox "new tab" page, the script will inherit the privileges of the privileged "new tab" page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. * MFSA 2012-94 / CVE-2012-5836: Security researcher Jonathan Stephens discovered that combining SVG text on a path with the setting of CSS properties could lead to a potentially exploitable crash. * MFSA 2012-93 / CVE-2012-4201: Mozilla security researcher moz_bug_r_a4 reported that if code executed by the evalInSandbox function sets location.href, it can get the wrong subject principal for the URL check, ignoring the sandbox's Javascript context and gaining the context of evalInSandbox object. This can lead to malicious web content being able to perform a cross-site scripting (XSS) attack or stealing a copy of a local file if the user has installed an add-on vulnerable to this attack. * MFSA 2012-92 / CVE-2012-4202: Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution. * MFSA 2012-91: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, and Bill McCloskey reported memory safety problems and crashes that affect Firefox 16. (CVE-2012-5843) Jesse Ruderman, Andrew McCreight, Bob Clary, and Kyle Huey reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 16. (CVE-2012-5842) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-firefox-20121121-7093 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-20121121-7093 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-20121121-7093 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-20121121-7093 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.14]: mozilla-nss-devel-3.14-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 10.0.11 and 3.14]: MozillaFirefox-10.0.11-0.3.1 MozillaFirefox-translations-10.0.11-0.3.1 libfreebl3-3.14-0.3.1 mozilla-nss-3.14-0.3.1 mozilla-nss-tools-3.14-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.14]: libfreebl3-32bit-3.14-0.3.1 mozilla-nss-32bit-3.14-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.11 and 3.14]: MozillaFirefox-10.0.11-0.3.1 MozillaFirefox-translations-10.0.11-0.3.1 libfreebl3-3.14-0.3.1 mozilla-nss-3.14-0.3.1 mozilla-nss-tools-3.14-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.14]: libfreebl3-32bit-3.14-0.3.1 mozilla-nss-32bit-3.14-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.14]: libfreebl3-x86-3.14-0.3.1 mozilla-nss-x86-3.14-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14]: mozilla-nss-3.14-0.6.1 mozilla-nss-devel-3.14-0.6.1 mozilla-nss-tools-3.14-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-10.0.11-0.5.1 MozillaFirefox-translations-10.0.11-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.14]: mozilla-nss-32bit-3.14-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.14]: mozilla-nss-x86-3.14-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.14]: mozilla-nss-64bit-3.14-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.11 and 3.14]: MozillaFirefox-10.0.11-0.3.1 MozillaFirefox-translations-10.0.11-0.3.1 libfreebl3-3.14-0.3.1 mozilla-nss-3.14-0.3.1 mozilla-nss-tools-3.14-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.14]: libfreebl3-32bit-3.14-0.3.1 mozilla-nss-32bit-3.14-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.14]: mozilla-nss-3.14-0.6.1 mozilla-nss-devel-3.14-0.6.1 mozilla-nss-tools-3.14-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.14]: mozilla-nss-32bit-3.14-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): MozillaFirefox-10.0.11-0.5.1 MozillaFirefox-translations-10.0.11-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14]: mozilla-nss-tools-3.14-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.11-0.5.1 References: https://bugzilla.novell.com/790140 http://download.novell.com/patch/finder/?keywords=8f4e08deca5960ae494ddceeb6c10708 http://download.novell.com/patch/finder/?keywords=be7a175297dfe6897d72c7cf8ca67245 From sle-updates at lists.suse.com Thu Nov 29 09:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 29 Nov 2012 17:08:35 +0100 (CET) Subject: SUSE-RU-2012:1579-2: important: Recommended update for supportutils Message-ID: <20121129160835.A3E2432345@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1579-2 Rating: important References: #772728 #773838 #779481 #780518 #780522 #781892 #783179 #783963 #784888 #784929 #784931 #787483 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. Description: This collective update to Support Troubleshooting Tools (supportutils) includes the following fixes and improvements: * Fixed eDirectory instance errors from ADD_OPTION_EDIR (bnc#787483) * Fixed ravsui verify/rebuild logs and moved to novell-nss.txt (bnc#780522) * Fixed SLED detection in summary.xml (bnc#784931) * Fixed multiple SBD device failure (bnc#783963) * Fixed tomcat detection issues (bnc#772728) * Fixed SLE 10 kernel detection in analyzevmcore * Included VAR_OPTION_HEADER_FILE at the beginning of each file (bnc#781892) * Included elilo.cfg files if found * Increased VAR_OPTION_MSG_MAXSIZE to 25M and added VAR_OPTION_MSG_LINE_COUNT (bnc#780518) * Added efibootmgr to boot.txt (bnc#773838) * Added nlvm to novell-nss.txt (bnc#779481) * Added VAR_OPTION_HBREPORT_DIRS to supportconfig.conf(5) man page * Added hb_reports to ha.txt * Added autoupg.xml and autoupg_updated.xml to y2log.txt * Added /etc/products.d/* xml files to summary.xml (bnc#784929) * Added SLES for SAP/VMware detection to basic-environment.txt (bnc#784888) * Added "corosync-cfgtool -s" and "corosync-fplay" to ha.txt (bnc#783179) * Added kernel and debuginfo kernel details to analyzevmcore(8) man page * Added executable check on user specified binary in getappcore * Removed cib check for sbd partitions. Package List: - SUSE Linux Enterprise Server 10 SP4 (noarch): supportutils-1.20-0.65.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch): supportutils-1.20-0.65.1 References: https://bugzilla.novell.com/772728 https://bugzilla.novell.com/773838 https://bugzilla.novell.com/779481 https://bugzilla.novell.com/780518 https://bugzilla.novell.com/780522 https://bugzilla.novell.com/781892 https://bugzilla.novell.com/783179 https://bugzilla.novell.com/783963 https://bugzilla.novell.com/784888 https://bugzilla.novell.com/784929 https://bugzilla.novell.com/784931 https://bugzilla.novell.com/787483 http://download.novell.com/patch/finder/?keywords=bf708e2a3f3a1d4cd7196e6e7ae46b66 From sle-updates at lists.suse.com Thu Nov 29 17:08:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 30 Nov 2012 01:08:22 +0100 (CET) Subject: SUSE-RU-2012:1593-1: Recommended update for LVM2 and udev Message-ID: <20121130000822.5C78432263@maintenance.suse.de> SUSE Recommended Update: Recommended update for LVM2 and udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1593-1 Rating: low References: #691155 #767057 #773450 #773925 #773985 #782539 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This collective update for LVM2 and udev provides the following fixes: LVM2: * 773985: LVM merge of root FS LV does not fully complete * 773925: lvm needs udev_sync to be default value * 767057: change default lock dir to /var/run/lvm/lock udev: * 773450: Fix /dev/mapper devices disappearing when running: 'udevadm trigger' * 782539: Don't run mkinitrd while installing/upgrading from Yast * 691155: Fix potential stack overflow in collect Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-lvm2-udev-201210-6946 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lvm2-udev-201210-6946 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lvm2-udev-201210-6946 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-lvm2-udev-201210-6946 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.65.1 libudev-devel-147-0.65.1 libudev0-147-0.65.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libgudev-1_0-0-147-0.65.1 libudev0-147-0.65.1 lvm2-2.02.84-3.37.1 udev-147-0.65.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.65.1 libudev0-32bit-147-0.65.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.65.1 libudev0-147-0.65.1 lvm2-2.02.84-3.37.1 udev-147-0.65.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.65.1 libudev0-32bit-147-0.65.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libgudev-1_0-0-x86-147-0.65.1 libudev0-x86-147-0.65.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libgudev-1_0-0-147-0.65.1 libudev0-147-0.65.1 lvm2-2.02.84-3.37.1 udev-147-0.65.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libgudev-1_0-0-32bit-147-0.65.1 libudev0-32bit-147-0.65.1 References: https://bugzilla.novell.com/691155 https://bugzilla.novell.com/767057 https://bugzilla.novell.com/773450 https://bugzilla.novell.com/773925 https://bugzilla.novell.com/773985 https://bugzilla.novell.com/782539 http://download.novell.com/patch/finder/?keywords=d348313495553cf149fd461133f32eb7 From sle-updates at lists.suse.com Fri Nov 30 12:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 30 Nov 2012 20:08:39 +0100 (CET) Subject: SUSE-OU-2012:1594-1: Optional update for sles4sap-guide_en Message-ID: <20121130190839.F1F7632256@maintenance.suse.de> SUSE Optional Update: Optional update for sles4sap-guide_en ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1594-1 Rating: low References: #783134 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This new package contains documentation for SUSE Linux Enterprise Server for SAP Applications 11-SP2. Indications: Every user can install this package. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-sles4sap-guide_en-6977 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (noarch): sles4sap-guide_en-11.2-0.5.1 References: https://bugzilla.novell.com/783134 http://download.novell.com/patch/finder/?keywords=29d3a0215886671c1549ee5e76c92b5a From sle-updates at lists.suse.com Fri Nov 30 13:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 30 Nov 2012 21:08:32 +0100 (CET) Subject: SUSE-SU-2012:1595-1: important: Security update for IBM Java 1.6.0 Message-ID: <20121130200832.ECD9D32345@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.6.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1595-1 Rating: important References: #785631 #788750 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.6.0 has been updated to SR12 which fixes bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159, CVE-2012-3216, CVE-2012-5068, CVE-2012-3143, CVE-2012-5073, CVE-2012-5075, CVE-2012-5083, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-1532, CVE-2012-1533, CVE-2012-5069, CVE-2012-5071, CVE-2012-5084, CVE-2012-5079, CVE-2012-5089 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_6_0-ibm-7095 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_6_0-ibm-7095 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_6_0-ibm-7095 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_6_0-ibm-7095 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-devel-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.5.1 java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr12.0-0.5.1 References: https://bugzilla.novell.com/785631 https://bugzilla.novell.com/788750 http://download.novell.com/patch/finder/?keywords=5a12f1af483115fdac3b86d87bb0d68c From sle-updates at lists.suse.com Fri Nov 30 17:08:46 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Dec 2012 01:08:46 +0100 (CET) Subject: SUSE-RU-2012:1596-1: moderate: Recommended update for gvfs Message-ID: <20121201000847.18D1232274@maintenance.suse.de> SUSE Recommended Update: Recommended update for gvfs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1596-1 Rating: moderate References: #706758 #770440 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes various issues in webdev handling in Nautilus (bnc#706758, bnc#770440). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-gvfs-7024 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gvfs-7024 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gvfs-7024 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gvfs-7024 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gvfs-devel-1.4.3-0.15.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gvfs-1.4.3-0.15.1 gvfs-backends-1.4.3-0.15.1 gvfs-fuse-1.4.3-0.15.1 gvfs-lang-1.4.3-0.15.1 libgvfscommon0-1.4.3-0.15.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gvfs-1.4.3-0.15.1 gvfs-backends-1.4.3-0.15.1 gvfs-fuse-1.4.3-0.15.1 gvfs-lang-1.4.3-0.15.1 libgvfscommon0-1.4.3-0.15.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gvfs-1.4.3-0.15.1 gvfs-backends-1.4.3-0.15.1 gvfs-fuse-1.4.3-0.15.1 gvfs-lang-1.4.3-0.15.1 libgvfscommon0-1.4.3-0.15.1 References: https://bugzilla.novell.com/706758 https://bugzilla.novell.com/770440 http://download.novell.com/patch/finder/?keywords=ea639eee5c486d8d27db112fbdfb1e5f From sle-updates at lists.suse.com Fri Nov 30 18:08:45 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Dec 2012 02:08:45 +0100 (CET) Subject: SUSE-RU-2012:1597-1: moderate: Recommended update for PolicyKit Message-ID: <20121201010845.D94D532343@maintenance.suse.de> SUSE Recommended Update: Recommended update for PolicyKit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1597-1 Rating: moderate References: #644966 #783176 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update adjusts the PolicyKit apparmor profiles to allow group and other nameservice based lookups for determining rights. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-PolicyKit-6999 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-PolicyKit-6999 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-PolicyKit-6999 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-PolicyKit-6999 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): PolicyKit-devel-0.9-14.41.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): PolicyKit-0.9-14.41.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): PolicyKit-32bit-0.9-14.41.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): PolicyKit-0.9-14.41.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): PolicyKit-32bit-0.9-14.41.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): PolicyKit-x86-0.9-14.41.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): PolicyKit-0.9-14.41.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): PolicyKit-32bit-0.9-14.41.1 References: https://bugzilla.novell.com/644966 https://bugzilla.novell.com/783176 http://download.novell.com/patch/finder/?keywords=f5b09167bb672e5af46240c423ad4f50 From sle-updates at lists.suse.com Fri Nov 30 19:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Dec 2012 03:08:35 +0100 (CET) Subject: SUSE-RU-2012:1598-1: moderate: Recommended update for apparmor-profiles Message-ID: <20121201020835.B9E7032345@maintenance.suse.de> SUSE Recommended Update: Recommended update for apparmor-profiles ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1598-1 Rating: moderate References: #783176 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adjusts the Novell LUM and NCP specific apparmor abstraction profiles to allow some new configuration files and libraries used by Novell OES 11 SP1. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apparmor-profiles-7000 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apparmor-profiles-7000 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-apparmor-profiles-7000 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): apparmor-profiles-2.3-48.16.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): apparmor-profiles-2.3-48.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): apparmor-profiles-2.3-48.16.1 References: https://bugzilla.novell.com/783176 http://download.novell.com/patch/finder/?keywords=bef8696589887cd1837883afd9021463