From sle-updates at lists.suse.com Tue Oct 2 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Oct 2012 18:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1279-1: moderate: Recommended update for sblim-sfcb Message-ID: <20121002160834.0761C32266@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-sfcb ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1279-1 Rating: moderate References: #744995 #767533 #770234 #770430 #782327 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This collective update for Small Footprint CIM Broker (sblim-sfcb) resolves the following issues: * Don't log debug/trace messages by default (bnc#767533) * Prevent crash on early shutdown (while provider initialization is still in progress) (bnc#770430) * Don't try to kill the SLP thread if it hasn't been fully set up yet (bnc#770430) * Fix insecure LD_LIBRARY_PATH usage in init script (bnc#770234, CVE-2012-3381) * Don't replace configuration files when updating (bnc#744995) * Keep argvDebug commented out (defaulting to false) in sfcb.cfg (bnc#782327). Security Issue reference: * CVE-2012-3381 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sblim-sfcb-6888 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sblim-sfcb-6888 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sblim-sfcb-6888 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sblim-sfcb-1.3.11-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sblim-sfcb-1.3.11-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sblim-sfcb-1.3.11-0.19.1 References: http://support.novell.com/security/cve/CVE-2012-3381.html https://bugzilla.novell.com/744995 https://bugzilla.novell.com/767533 https://bugzilla.novell.com/770234 https://bugzilla.novell.com/770430 https://bugzilla.novell.com/782327 http://download.novell.com/patch/finder/?keywords=d87398134aa1ab215e01c15fb0a0b2cd From sle-updates at lists.suse.com Thu Oct 4 08:08:21 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Oct 2012 16:08:21 +0200 (CEST) Subject: SUSE-RU-2012:1286-1: Recommended update for yast2-kerberos-client Message-ID: <20121004140821.31A0F32268@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-kerberos-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1286-1 Rating: low References: #778949 #779010 #779261 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes two new package versions. Description: This collective update to YaST's Kerberos Client and LDAP Client modules resolves the following issues: * Correctly import sssd status (bnc#779010) * Added missing AutoYaST support for SSSD + Kerberos (bnc#778949) * Enable sssd service during auto-installation (bnc#779261). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-kerberos-ldap-201209-6835 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-kerberos-ldap-201209-6835 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-kerberos-ldap-201209-6835 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.15 and 2.17.35]: yast2-kerberos-client-2.17.15-0.5.1 yast2-ldap-client-2.17.35-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.15 and 2.17.35]: yast2-kerberos-client-2.17.15-0.5.1 yast2-ldap-client-2.17.35-0.5.2 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.15 and 2.17.35]: yast2-kerberos-client-2.17.15-0.5.1 yast2-ldap-client-2.17.35-0.5.2 References: https://bugzilla.novell.com/778949 https://bugzilla.novell.com/779010 https://bugzilla.novell.com/779261 http://download.novell.com/patch/finder/?keywords=10e6aec21765efc3c41ca56504697268 From sle-updates at lists.suse.com Mon Oct 8 12:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Oct 2012 20:08:24 +0200 (CEST) Subject: SUSE-RU-2012:1312-1: Recommended update for xorg-x11-driver-input Message-ID: <20121008180824.AC3B232266@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-driver-input ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1312-1 Rating: low References: #743401 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to X.Org input drivers (xorg-x11-driver-input) resolves a problem in the vmmouse driver that prevented it from loading when the Xen kernel is being used. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xorg-x11-driver-input-6722 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xorg-x11-driver-input-6722 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xorg-x11-driver-input-6722 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xorg-x11-driver-input-7.4-13.44.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): xorg-x11-driver-input-7.4-13.44.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xorg-x11-driver-input-7.4-13.44.1 References: https://bugzilla.novell.com/743401 http://download.novell.com/patch/finder/?keywords=4e7abee3588dcdf406e32b7f825f8372 From sle-updates at lists.suse.com Mon Oct 8 13:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Oct 2012 21:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1313-1: Recommended update for perl Message-ID: <20121008190835.05A5432266@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1313-1 Rating: low References: #778763 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update resolves a problem in Perl's map operator that could cause a leak memory in some circumstances. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-perl-6885 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-perl-6885 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-perl-6885 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-perl-6885 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): perl-base-32bit-5.10.0-64.57.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): perl-base-x86-5.10.0-64.57.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): perl-5.10.0-64.57.1 perl-base-5.10.0-64.57.1 perl-doc-5.10.0-64.57.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): perl-32bit-5.10.0-64.57.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): perl-5.10.0-64.57.1 perl-base-5.10.0-64.57.1 perl-doc-5.10.0-64.57.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): perl-32bit-5.10.0-64.57.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): perl-x86-5.10.0-64.57.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): perl-5.10.0-64.57.1 perl-base-5.10.0-64.57.1 perl-doc-5.10.0-64.57.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): perl-32bit-5.10.0-64.57.1 References: https://bugzilla.novell.com/778763 http://download.novell.com/patch/finder/?keywords=e42a430d8fa2017f99f034f161a075a6 From sle-updates at lists.suse.com Mon Oct 8 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Oct 2012 22:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1314-1: Recommended update for iscsitarget Message-ID: <20121008200829.031E432269@maintenance.suse.de> SUSE Recommended Update: Recommended update for iscsitarget ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1314-1 Rating: low References: #760919 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Real Time 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds a man-page for ietadm (bnc#760919) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-iscsitarget-6853 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-iscsitarget-6853 - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-iscsitarget-6853 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-iscsitarget-6853 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): iscsitarget-1.4.20-0.23.1 iscsitarget-kmp-default-1.4.20_3.0.38_0.5-0.23.1 iscsitarget-kmp-trace-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): iscsitarget-kmp-pae-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): iscsitarget-1.4.20-0.23.1 iscsitarget-kmp-default-1.4.20_3.0.38_0.5-0.23.1 iscsitarget-kmp-trace-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): iscsitarget-kmp-xen-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64): iscsitarget-kmp-ppc64-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586): iscsitarget-kmp-pae-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Real Time 11 SP2 (x86_64): iscsitarget-kmp-rt-1.4.20_3.0.35_rt58_0.7-0.23.1 iscsitarget-kmp-rt_trace-1.4.20_3.0.35_rt58_0.7-0.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): iscsitarget-1.4.20-0.23.1 iscsitarget-kmp-default-1.4.20_3.0.38_0.5-0.23.1 iscsitarget-kmp-trace-1.4.20_3.0.38_0.5-0.23.1 iscsitarget-kmp-xen-1.4.20_3.0.38_0.5-0.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586): iscsitarget-kmp-pae-1.4.20_3.0.38_0.5-0.23.1 References: https://bugzilla.novell.com/760919 http://download.novell.com/patch/finder/?keywords=69de303903953dc9527adafffcd1de4a From sle-updates at lists.suse.com Tue Oct 9 07:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Oct 2012 15:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1319-1: Recommended update for SLE POS Message-ID: <20121009130833.E36CF3226A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLE POS ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1319-1 Rating: low References: #712812 #747346 #771592 #773613 #773649 #773861 #775040 #775278 #775462 #775488 #775850 #776905 #777231 #777827 #778570 #778787 #779360 #779701 #782092 Affected Products: SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has 19 recommended fixes can now be installed. It includes three new package versions. Description: This update provides SUSE Linux Enterprise Point of Service 11 SP2 Feature Pack 2: * new --enable-pos-services option of posInitBranchserver for easier migration * enables and starts posASWatch and posleases services * fixed usage on low resolution displays * enabled xInclude and baseDN In addition, the following fixes have been added: * corrected messages from posInitAdminserver non-interactive mode (bnc#773613) * check return value of posAdmin --import (bnc#775850) * fixed migration from SP2 to SP2 FP1 (bnc#775040) * fixed repeating registration problem in multi MAC configuration (bnc#775488) * fixed posAdmin import when unnecessary elements are missing (bnc#775462) * fixed returning error code in posInitBranchserver * fixed problems in posAdmin-GUI * fixed crash in specific situations (bnc#777231) * improved finalize step (bnc#776905) * fixed import to LDAP (bnc#777827) * set execute bit for hal script (bnc#712812) Kiwi was updated to 4.85.80 with the following fixes: * added a 10sec timeout for the language selection (bnc #778570) * cleanup spec file, correctly set virt-utils Requires (bnc #782092) * fix The fetchFile() return value (bnc #779701) * fixed startshell.c to compile without warnings * fixed setupPackageKeys() to work without pubring.gpg * netboot: enable multicast for system image and transfer to a block device, respectively disable it for any other transfer (bnc #773649) * auto adapt image size only if size was not explicitly set (bnc #775278) * make sure specified size is used for virtual disk images even if the calculated minimum size is bigger than the specified value (bnc #775278) * check blkid before mounting in searchBiosBootDevice (bnc #773861) * netboot: added function pxePartitionSetupCheck() which is used to validate the PART information whether the requested partition sizes can be reached according to the size of the disk. This implements the request in (bnc #771592) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-slepos-sp2-fp2-6907 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64) [New Version: 1.1.0,3.4.3 and 4.85.80]: POS_Contrib-1.1.0-0.5.1 POS_Migration-3.4.3-0.30.1 POS_Server-Admin3-3.4.3-0.30.1 POS_Server-AdminGUI-3.4.3-0.30.1 POS_Server-AdminTools3-3.4.3-0.30.1 POS_Server-BranchTools3-3.4.3-0.30.1 POS_Server-Modules3-3.4.3-0.30.1 POS_Server3-3.4.3-0.30.1 admind-1.9-1.30.1 admind-client-1.9-1.30.1 kiwi-4.85.80-0.5.1 kiwi-desc-isoboot-4.85.80-0.5.1 kiwi-desc-netboot-4.85.80-0.5.1 kiwi-desc-oemboot-4.85.80-0.5.1 kiwi-doc-4.85.80-0.5.1 kiwi-tools-4.85.80-0.5.1 posbios-1.0-1.30.1 - SUSE Linux Enterprise Point of Service 11 SP2 (noarch) [New Version: 3.4.3]: POS_Image-Branchserver3-3.4.0-0.30.2 POS_Image-Graphical3-3.4.0-0.30.2 POS_Image-Minimal3-3.4.0-0.30.2 POS_Image-Netboot-hooks-3.4.0-0.30.2 POS_Image3-3.4.3-0.30.2 slepos-guide_en-11.2-0.17.1 slepos-guide_en-pdf-11.2-0.17.1 References: https://bugzilla.novell.com/712812 https://bugzilla.novell.com/747346 https://bugzilla.novell.com/771592 https://bugzilla.novell.com/773613 https://bugzilla.novell.com/773649 https://bugzilla.novell.com/773861 https://bugzilla.novell.com/775040 https://bugzilla.novell.com/775278 https://bugzilla.novell.com/775462 https://bugzilla.novell.com/775488 https://bugzilla.novell.com/775850 https://bugzilla.novell.com/776905 https://bugzilla.novell.com/777231 https://bugzilla.novell.com/777827 https://bugzilla.novell.com/778570 https://bugzilla.novell.com/778787 https://bugzilla.novell.com/779360 https://bugzilla.novell.com/779701 https://bugzilla.novell.com/782092 http://download.novell.com/patch/finder/?keywords=2cf56528c7565ead0fd5bdb90cca2296 From sle-updates at lists.suse.com Tue Oct 9 13:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Oct 2012 21:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1320-1: important: Security update for qemu Message-ID: <20121009190833.74CE732268@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1320-1 Rating: important References: #740165 #777084 Cross-References: CVE-2012-0029 CVE-2012-3515 Affected Products: SUSE Studio Onsite 1.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). CVE-2012-0029: A buffer overflow in the e1000 device emulation was fixed Security Issue references: * CVE-2012-3515 * CVE-2012-0029 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-qemu-6852 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.2 (x86_64): qemu-0.10.1-0.5.7.1 References: http://support.novell.com/security/cve/CVE-2012-0029.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/740165 https://bugzilla.novell.com/777084 http://download.novell.com/patch/finder/?keywords=86d45c23c62093dbb012d29f065b7abe From sle-updates at lists.suse.com Tue Oct 9 16:09:09 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Oct 2012 00:09:09 +0200 (CEST) Subject: SUSE-RU-2012:1321-1: moderate: Recommended update for btrfsprogs Message-ID: <20121009220909.C981632260@maintenance.suse.de> SUSE Recommended Update: Recommended update for btrfsprogs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1321-1 Rating: moderate References: #750185 #766623 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for btrfsprogs provides the following fixes: * mkfs: create root directory with 755 (bnc#766623) * fsck: understand -s option * fsck: make aware of freespace inodes * fsck: segfault fixes * btrfs: fix 'fi show' search by uuid * btrfs: fix leaked handle for scrub command * btrfs: add get/set subvol flags ioctl * btrfs: add clone_range ioctl * btrfs: a few enhancements in debug-tree output * btrfs: use native hw instruction for crc32c when available * btrfs: strip binaries in /sbin * support for non-root md, dm and crypto device autodetection (bnc#750185) * enhance btrfs' mkinitrd setup phase Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-btrfsprogs-6784 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-btrfsprogs-6784 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-btrfsprogs-6784 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): btrfsprogs-0.19-5.31.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): btrfsprogs-0.19-5.31.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): btrfsprogs-0.19-5.31.1 References: https://bugzilla.novell.com/750185 https://bugzilla.novell.com/766623 http://download.novell.com/patch/finder/?keywords=1c935c276f893f9d20f36c621e51b8a6 From sle-updates at lists.suse.com Tue Oct 9 17:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Oct 2012 01:08:40 +0200 (CEST) Subject: SUSE-RU-2012:1322-1: Recommended update for banshee-1 Message-ID: <20121009230840.5353C321E7@maintenance.suse.de> SUSE Recommended Update: Recommended update for banshee-1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1322-1 Rating: low References: #779291 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides a fix for a problem where a paused video would display a black rectangle instead of a still frame (bnc#779291) Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-banshee-1-6886 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-banshee-1-6886 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): banshee-1-2.0.1-2.17.2 banshee-1-backend-engine-gstreamer-2.0.1-2.17.2 banshee-1-backend-platform-gnome-2.0.1-2.17.2 banshee-1-backend-platform-unix-2.0.1-2.17.2 banshee-1-devel-2.0.1-2.17.2 banshee-1-extensions-default-2.0.1-2.17.2 banshee-1-lang-2.0.1-2.17.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): banshee-1-2.0.1-2.17.2 banshee-1-backend-engine-gstreamer-2.0.1-2.17.2 banshee-1-backend-io-gio-2.0.1-2.17.2 banshee-1-backend-platform-gnome-2.0.1-2.17.2 banshee-1-backend-platform-unix-2.0.1-2.17.2 banshee-1-client-classic-2.0.1-2.17.2 banshee-1-client-muinshee-2.0.1-2.17.2 banshee-1-core-2.0.1-2.17.2 banshee-1-dmp-2.0.1-2.17.2 banshee-1-dmp-apple-devices-2.0.1-2.17.2 banshee-1-dmp-mtp-2.0.1-2.17.2 banshee-1-extensions-default-2.0.1-2.17.2 banshee-1-lang-2.0.1-2.17.2 References: https://bugzilla.novell.com/779291 http://download.novell.com/patch/finder/?keywords=f5771765818fbe94982ef21a25157dc1 From sle-updates at lists.suse.com Wed Oct 10 11:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Oct 2012 19:08:36 +0200 (CEST) Subject: SUSE-RU-2012:1325-1: Recommended update for gpg2 Message-ID: <20121010170836.67C253226C@maintenance.suse.de> SUSE Recommended Update: Recommended update for gpg2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1325-1 Rating: low References: #778723 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to GnuPG 2 (gpg2) adds missing option strings for "--batch" and "--homedir". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gpg2-6884 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gpg2-6884 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gpg2-6884 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gpg2-2.0.9-25.33.31.1 gpg2-lang-2.0.9-25.33.31.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gpg2-2.0.9-25.33.31.1 gpg2-lang-2.0.9-25.33.31.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gpg2-2.0.9-25.33.31.1 gpg2-lang-2.0.9-25.33.31.1 References: https://bugzilla.novell.com/778723 http://download.novell.com/patch/finder/?keywords=ae79e748288f1e673aea803d03ec8074 From sle-updates at lists.suse.com Wed Oct 10 13:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Oct 2012 21:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1326-1: critical: Security update for flash-player Message-ID: <20121010190832.DAC203226C@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1326-1 Rating: critical References: #784168 Cross-References: CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 CVE-2012-5263 CVE-2012-5264 CVE-2012-5265 CVE-2012-5266 CVE-2012-5267 CVE-2012-5268 CVE-2012-5269 CVE-2012-5270 CVE-2012-5271 CVE-2012-5272 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. It includes one version update. Description: flash player was updated to version 11.2.202.243 fixing a lot of security issues: CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272 Please visit http://www.adobe.com/support/security/bulletins/apsb12-22.ht ml for details. Security Issue references: * CVE-2012-5248 * CVE-2012-5249 * CVE-2012-5250 * CVE-2012-5251 * CVE-2012-5253 * CVE-2012-5254 * CVE-2012-5255 * CVE-2012-5257 * CVE-2012-5259 * CVE-2012-5260 * CVE-2012-5262 * CVE-2012-5264 * CVE-2012-5265 * CVE-2012-5266 * CVE-2012-5252 * CVE-2012-5256 * CVE-2012-5258 * CVE-2012-5261 * CVE-2012-5263 * CVE-2012-5267 * CVE-2012-5268 * CVE-2012-5269 * CVE-2012-5270 * CVE-2012-5271 * CVE-2012-5272 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.243]: flash-player-11.2.202.243-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-5248.html http://support.novell.com/security/cve/CVE-2012-5249.html http://support.novell.com/security/cve/CVE-2012-5250.html http://support.novell.com/security/cve/CVE-2012-5251.html http://support.novell.com/security/cve/CVE-2012-5252.html http://support.novell.com/security/cve/CVE-2012-5253.html http://support.novell.com/security/cve/CVE-2012-5254.html http://support.novell.com/security/cve/CVE-2012-5255.html http://support.novell.com/security/cve/CVE-2012-5256.html http://support.novell.com/security/cve/CVE-2012-5257.html http://support.novell.com/security/cve/CVE-2012-5258.html http://support.novell.com/security/cve/CVE-2012-5259.html http://support.novell.com/security/cve/CVE-2012-5260.html http://support.novell.com/security/cve/CVE-2012-5261.html http://support.novell.com/security/cve/CVE-2012-5262.html http://support.novell.com/security/cve/CVE-2012-5263.html http://support.novell.com/security/cve/CVE-2012-5264.html http://support.novell.com/security/cve/CVE-2012-5265.html http://support.novell.com/security/cve/CVE-2012-5266.html http://support.novell.com/security/cve/CVE-2012-5267.html http://support.novell.com/security/cve/CVE-2012-5268.html http://support.novell.com/security/cve/CVE-2012-5269.html http://support.novell.com/security/cve/CVE-2012-5270.html http://support.novell.com/security/cve/CVE-2012-5271.html http://support.novell.com/security/cve/CVE-2012-5272.html https://bugzilla.novell.com/784168 http://download.novell.com/patch/finder/?keywords=9861c635f16f057af9420d20facf5938 From sle-updates at lists.suse.com Wed Oct 10 15:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Oct 2012 23:08:25 +0200 (CEST) Subject: SUSE-SU-2012:1327-1: moderate: Security update for dhcp Message-ID: <20121010210825.EAF4C3226D@maintenance.suse.de> SUSE Security Update: Security update for dhcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1327-1 Rating: moderate References: #780167 Cross-References: CVE-2012-3955 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update to ISC dhcp-4.2.4-P2 release provides a security fix for an issue with the use of lease times. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. CVE-2012-3955 has been assigned to this issue. Security Issue reference: * CVE-2012-3955 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-dhcp-6831 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-dhcp-6831 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-dhcp-6831 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-dhcp-6831 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P2]: dhcp-devel-4.2.4.P2-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 4.2.4.P2]: dhcp-4.2.4.P2-0.5.1 dhcp-client-4.2.4.P2-0.5.1 dhcp-relay-4.2.4.P2-0.5.1 dhcp-server-4.2.4.P2-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P2]: dhcp-4.2.4.P2-0.5.1 dhcp-client-4.2.4.P2-0.5.1 dhcp-relay-4.2.4.P2-0.5.1 dhcp-server-4.2.4.P2-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.2.4.P2]: dhcp-4.2.4.P2-0.5.1 dhcp-client-4.2.4.P2-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3955.html https://bugzilla.novell.com/780167 http://download.novell.com/patch/finder/?keywords=7781f2ce06d447847fcd3a648a73d5e5 From sle-updates at lists.suse.com Fri Oct 12 21:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 05:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1331-1: Recommended update for yast2-backup Message-ID: <20121013030833.2C34132273@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-backup ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1331-1 Rating: low References: #756493 #776079 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for yast2-backup provides the following fixes: * NFS related fields disabled when local backup selected (bnc#776079) * UI refresh adapted also in searching for changed files belonging to RPMs (BNC #756493). * UI refresh in searching for modified files optimized for faster machines (and disks) (BNC #756493). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-backup-6871 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-backup-6871 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-backup-6871 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.12]: yast2-backup-2.17.12-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.12]: yast2-backup-2.17.12-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.12]: yast2-backup-2.17.12-0.5.1 References: https://bugzilla.novell.com/756493 https://bugzilla.novell.com/776079 http://download.novell.com/patch/finder/?keywords=2a9b16496f0d572822f2f1cf94c78be0 From sle-updates at lists.suse.com Fri Oct 12 22:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 06:08:30 +0200 (CEST) Subject: SUSE-SU-2012:1326-2: critical: Security update for flash-player Message-ID: <20121013040830.70FA232272@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1326-2 Rating: critical References: #784168 Cross-References: CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 CVE-2012-5263 CVE-2012-5264 CVE-2012-5265 CVE-2012-5266 CVE-2012-5267 CVE-2012-5268 CVE-2012-5269 CVE-2012-5270 CVE-2012-5271 CVE-2012-5272 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. It includes one version update. Description: flash player was updated to version 11.2.202.243, fixing a lot of security issues: CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272 Please visit http://www.adobe.com/support/security/bulletins/apsb12-22.ht ml for details. Security Issue references: * CVE-2012-5248 * CVE-2012-5249 * CVE-2012-5250 * CVE-2012-5251 * CVE-2012-5253 * CVE-2012-5254 * CVE-2012-5255 * CVE-2012-5257 * CVE-2012-5259 * CVE-2012-5260 * CVE-2012-5262 * CVE-2012-5264 * CVE-2012-5265 * CVE-2012-5266 * CVE-2012-5252 * CVE-2012-5256 * CVE-2012-5258 * CVE-2012-5261 * CVE-2012-5263 * CVE-2012-5267 * CVE-2012-5268 * CVE-2012-5269 * CVE-2012-5270 * CVE-2012-5271 * CVE-2012-5272 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-6937 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.243]: flash-player-11.2.202.243-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-5248.html http://support.novell.com/security/cve/CVE-2012-5249.html http://support.novell.com/security/cve/CVE-2012-5250.html http://support.novell.com/security/cve/CVE-2012-5251.html http://support.novell.com/security/cve/CVE-2012-5252.html http://support.novell.com/security/cve/CVE-2012-5253.html http://support.novell.com/security/cve/CVE-2012-5254.html http://support.novell.com/security/cve/CVE-2012-5255.html http://support.novell.com/security/cve/CVE-2012-5256.html http://support.novell.com/security/cve/CVE-2012-5257.html http://support.novell.com/security/cve/CVE-2012-5258.html http://support.novell.com/security/cve/CVE-2012-5259.html http://support.novell.com/security/cve/CVE-2012-5260.html http://support.novell.com/security/cve/CVE-2012-5261.html http://support.novell.com/security/cve/CVE-2012-5262.html http://support.novell.com/security/cve/CVE-2012-5263.html http://support.novell.com/security/cve/CVE-2012-5264.html http://support.novell.com/security/cve/CVE-2012-5265.html http://support.novell.com/security/cve/CVE-2012-5266.html http://support.novell.com/security/cve/CVE-2012-5267.html http://support.novell.com/security/cve/CVE-2012-5268.html http://support.novell.com/security/cve/CVE-2012-5269.html http://support.novell.com/security/cve/CVE-2012-5270.html http://support.novell.com/security/cve/CVE-2012-5271.html http://support.novell.com/security/cve/CVE-2012-5272.html https://bugzilla.novell.com/784168 http://download.novell.com/patch/finder/?keywords=713cd3d91b738edf8089a1736e75e781 From sle-updates at lists.suse.com Fri Oct 12 22:08:50 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 06:08:50 +0200 (CEST) Subject: SUSE-RU-2012:1332-1: Recommended update for libdlm Message-ID: <20121013040850.D44AF3226F@maintenance.suse.de> SUSE Recommended Update: Recommended update for libdlm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1332-1 Rating: low References: #777137 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update removes the trigger for spurious kernel log messages about "dlm: dev_write no op" when dlm_controld is closing connections (bnc#777137) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-libdlm-6881 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): libdlm-3.00.01-0.17.1 libdlm-devel-3.00.01-0.17.1 libdlm3-3.00.01-0.17.1 References: https://bugzilla.novell.com/777137 http://download.novell.com/patch/finder/?keywords=bd4174dbd55f62c1eeb87597181dddb0 From sle-updates at lists.suse.com Fri Oct 12 22:09:06 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 06:09:06 +0200 (CEST) Subject: SUSE-SU-2012:1333-1: critical: Security update for bind Message-ID: <20121013040906.8E1B832272@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1333-1 Rating: critical References: #780157 Cross-References: CVE-2012-4244 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a bug where specially-crafted RRs could have caused a Denial of Service (Application crash) in named. CVE-2012-4244 was assigned to this issue. Security Issue reference: * CVE-2012-4244 Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): bind-9.3.4-1.40.1 bind-chrootenv-9.3.4-1.40.1 bind-devel-9.3.4-1.40.1 bind-doc-9.3.4-1.40.1 bind-libs-9.3.4-1.40.1 bind-utils-9.3.4-1.40.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): bind-libs-32bit-9.3.4-1.40.1 References: http://support.novell.com/security/cve/CVE-2012-4244.html https://bugzilla.novell.com/780157 http://download.novell.com/patch/finder/?keywords=5798d03a4e2045a2e1ed416f1e06f583 From sle-updates at lists.suse.com Fri Oct 12 22:09:21 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 06:09:21 +0200 (CEST) Subject: SUSE-RU-2012:1334-1: Recommended update for release-notes-slepos Message-ID: <20121013040921.D4AE432272@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-slepos ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1334-1 Rating: low References: #783541 Affected Products: SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest Release Notes for SUSE Linux Enterprise 11 SP2 Point of Service. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-release-notes-slepos-6922 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64): release-notes-slepos-11-1.24.1 References: https://bugzilla.novell.com/783541 http://download.novell.com/patch/finder/?keywords=cac0eef2d9f219db31591fb25440d069 From sle-updates at lists.suse.com Fri Oct 12 22:09:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 06:09:38 +0200 (CEST) Subject: SUSE-RU-2012:1335-1: important: Recommended update for PostgreSQL Message-ID: <20121013040938.24CB132273@maintenance.suse.de> SUSE Recommended Update: Recommended update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1335-1 Rating: important References: #779927 #780978 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides PostgreSQL 8.3.21. The detailed list of changes can be found here: http://www.postgresql.org/docs/8.3/static/release-8-3-21.htm l This update contains the following changes: * Improve page-splitting decisions in GiST indexes. * Fix cascading privilege revoke to stop if privileges are still held. * Fix handling of SIGFPE when PL/Perl is in use. * Prevent PL/Perl from crashing if a recursive PL/Perl function is redefined while being executed. * Work around possible misoptimization in PL/Perl. In addition, the init script was changed to avoid that processes (re-)starting PostgreSQL in a pipe or subshell don't hang (bnc#779927) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-postgresql-201209-6876 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-postgresql-201209-6876 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-postgresql-201209-6876 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 8.3.21]: postgresql-8.3.21-0.4.1 postgresql-contrib-8.3.21-0.4.1 postgresql-docs-8.3.21-0.4.1 postgresql-server-8.3.21-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): postgresql-init-9.1-0.6.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.21]: postgresql-8.3.21-0.4.1 postgresql-contrib-8.3.21-0.4.1 postgresql-docs-8.3.21-0.4.1 postgresql-server-8.3.21-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): postgresql-init-9.1-0.6.14.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 8.3.21]: postgresql-8.3.21-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): postgresql-init-9.1-0.6.14.1 References: https://bugzilla.novell.com/779927 https://bugzilla.novell.com/780978 http://download.novell.com/patch/finder/?keywords=e6b0fd56486f5f726f678eb5018eec19 From sle-updates at lists.suse.com Fri Oct 12 23:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Oct 2012 07:08:30 +0200 (CEST) Subject: SUSE-SU-2012:1336-1: moderate: Security update for PostgreSQL Message-ID: <20121013050830.B103132272@maintenance.suse.de> SUSE Security Update: Security update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1336-1 Rating: moderate References: #700876 #765069 #770193 #776523 Cross-References: CVE-2012-3488 CVE-2012-3489 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. It includes one version update. Description: PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed: * CVE-2012-3488: This update fixes arbitrary read and write of files via XSL functionality. * CVE-2012-2655: postgresql: denial of service (stack exhaustion) via specially-crafted SQL. * CVE-2011-2483: crypt_blowfish was mishandling 8 bit characters. Security Issue references: * CVE-2012-3488 * CVE-2012-3489 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64) [New Version: 8.1.23]: postgresql-8.1.23-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 8.1.23]: postgresql-contrib-8.1.23-0.11.1 postgresql-devel-8.1.23-0.11.1 postgresql-docs-8.1.23-0.11.1 postgresql-libs-8.1.23-0.11.1 postgresql-pl-8.1.23-0.11.1 postgresql-server-8.1.23-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 8.1.23]: postgresql-libs-32bit-8.1.23-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 8.1.23]: postgresql-libs-x86-8.1.23-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 8.1.23]: postgresql-libs-64bit-8.1.23-0.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 8.1.23]: postgresql-devel-8.1.23-0.11.1 postgresql-libs-8.1.23-0.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 8.1.23]: postgresql-libs-32bit-8.1.23-0.11.1 - SLE SDK 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64) [New Version: 8.1.23]: postgresql-8.1.23-0.11.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 8.1.23]: postgresql-contrib-8.1.23-0.11.1 postgresql-devel-8.1.23-0.11.1 postgresql-docs-8.1.23-0.11.1 postgresql-pl-8.1.23-0.11.1 postgresql-server-8.1.23-0.11.1 References: http://support.novell.com/security/cve/CVE-2012-3488.html http://support.novell.com/security/cve/CVE-2012-3489.html https://bugzilla.novell.com/700876 https://bugzilla.novell.com/765069 https://bugzilla.novell.com/770193 https://bugzilla.novell.com/776523 http://download.novell.com/patch/finder/?keywords=ee84db0d1f4471abd4ab51536636eb1e From sle-updates at lists.suse.com Mon Oct 15 12:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 15 Oct 2012 20:08:23 +0200 (CEST) Subject: SUSE-RU-2012:1349-1: moderate: Recommended update for ClamAV Message-ID: <20121015180823.660C832279@maintenance.suse.de> SUSE Recommended Update: Recommended update for ClamAV ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1349-1 Rating: moderate References: #780181 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to ClamAV 0.97.6 resolves the following issue: * CL_EFORMAT: Bad format or broken data ERROR reported as scan result (bnc#780181). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-clamav-6896 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-clamav-6896 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-clamav-6896 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.2.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 0.97.6]: clamav-0.97.6-0.5.1 References: https://bugzilla.novell.com/780181 http://download.novell.com/patch/finder/?keywords=1db0c99090318be502246324dd88c8fc http://download.novell.com/patch/finder/?keywords=4924d957443c87607d9bbcb7d83e1a53 From sle-updates at lists.suse.com Mon Oct 15 16:09:05 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Oct 2012 00:09:05 +0200 (CEST) Subject: SUSE-SU-2012:1350-1: moderate: Security update for Linux kernel Message-ID: <20121015220905.8FE463227A@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1350-1 Rating: moderate References: #698102 #731035 #740291 #744198 #753617 #754670 #761774 #762099 #762214 #762693 #763198 #763954 #764209 #764900 #766156 #766654 #768084 #768504 #769035 #769195 #769251 #769407 #770034 #770695 #770763 #771706 #772407 #772427 #772473 #772786 #772831 #773007 #773319 #773320 #773688 #773831 #774073 #774289 #774612 #774902 #774973 #775182 #775373 #775984 #776019 #776095 #776787 #776896 #777024 #777269 #778082 #778822 #779330 #779461 #779699 #780012 #780461 #781018 #781134 Cross-References: CVE-2012-2745 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves one vulnerability and has 58 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.42 which fixes various bugs and security issues. The following security issues have been fixed: * CVE-2012-2745: A denial of service in key management was fixed. (This was fixed in 3.0.28 already, but is listed here.) Some more security and bug fixes might already be part of the 3.0.42 stable kernel release which is included here. The following non security issues have been fixed: BTRFS: * btrfs: allow setting NOCOW for a zero sized file via ioctl * btrfs: fix a bug of per-file nocow * btrfs: fix the missing error information in create_pending_snapshot() * btrfs: fix off-by-one in file clone * btrfs: move transaction aborts to the point of failure * btrfs: fix unnecessary warning when the fragments make the space alloc fail * btrfs: return EPERM upon rmdir on a subvolume * btrfs: cleanup for duplicated code in find_free_extent * btrfs: cleanup fs_info->hashers * btrfs: use vfree instead of kfree * btrfs: fix error path in create_pending_snapshot() * btrfs: fix file extent discount problem in the, snapshot * btrfs: fix full backref problem when inserting shared block reference * btrfs: fix wrong size for the reservation of the, snapshot creation * btrfs: fix error handling in delete_block_group_cache() * btrfs: polish names of kmem caches * btrfs: update last trans if we do not update the inode * btrfs: fix possible corruption when fsyncing written prealloced extents * btrfs: set journal_info in async trans commit worker * btrfs: fix a bug in parsing return value in logical resolve * btrfs: use helper for logical resolve * btrfs: use larger limit for translation of logical to inode * btrfs: use a slab for ordered extents allocation * btrfs: fix unprotected ->log_batch * btrfs: output more information when aborting a unused transaction handle * btrfs: fix wrong size for the reservation when doing, file pre-allocation * btrfs: cleanup for unused ref cache stuff * btrfs: fix a misplaced address operator in a condition * btrfs: fix that error value is changed by mistake * btrfs: fix second lock in btrfs_delete_delayed_items() * btrfs: increase the size of the free space cache * btrfs: fix enospc problems when deleting a subvol * btrfs: fix wrong mtime and ctime when creating snapshots * btrfs: fix race in run_clustered_refs S/390: * zfcp: remove invalid reference to list iterator variable (bnc#779461). * zfcp: Make trace record tags unique (bnc#780012,LTC#84941). * zfcp: Do not wakeup while suspended (bnc#780012,LTC#84816). * zfcp: restore refcount check on port_remove (bnc#780012,LTC#84942). * zfcp: No automatic port_rescan on events (bnc#780012,LTC#84817). * dasd: System hang after all channel were lost (bnc#780012,LTC#85025). * Added patches.arch/s390-54-01-hypfs-missing-files.patch to series.conf. (bnc#769407) * dasd: set and unset TIMEOUT flag automatically (bnc#768084). * kernel: incorrect task size after fork of a 31 bit process (bnc#772407,LTC#83674). * patches.arch/s390-55-03-crst-table-downgrade.patch: Deleted due to 31bit compile error. ALSA: * ALSA: hda - Add mic-mute LED control for HP laptop (bnc#779330). * ALSA: hda - Add 3stack-automute model to AD1882 codec (bnc#775373). Wireless: * rt2x00: Remove incorrect led blink. (bnc#774902) * Revert "rt2x00: handle spurious pci interrupts". (bnc#774902) * rt2x00: Mark active channels survey data as "in use". (bnc#774902) * rt2x00: Convert big if-statements to switch-statements. (bnc#774902) * rt2800: zero MAC_SYS_CTRL bits during BBP and MAC reset. (bnc#774902) * rt2800lib: fix wrong -128dBm when signal is stronger than -12dBm. (bnc#774902) * rt2800: document RF_R03 register bits [7:4]. (bnc#774902) * rt2x00: Introduce concept of driver data in struct rt2x00_dev. (bnc#774902) * rt2x00: Use struct rt2x00_dev driver data in rt2800{pci,usb}. (bnc#774902) * rt2x00: fix a possible NULL pointer dereference. (bnc#774902) * rt2x00:Add VCO recalibration. (bnc#774902) * rt2x00:Add RT5372 chipset support. (bnc#774902) * rt2x00: Set IEEE80211_HW_REPORTS_TX_ACK_STATUS in rt2800. (bnc#774902) * rt2800: introduce wpdma_disable function. (bnc#774902) * rt2800: initialize queues before giving up due to DMA error. (bnc#774902) * rt2800: zero registers of unused TX rings. (bnc#774902) * wireless: rt2x00: rt2800pci add more RT539x ids. (bnc#774902) * rt2x00:Add RT5392 chipset support. (bnc#774902) * patches.fixes/0012-rt2x00-Add-RT5372-chipset-support.patch: Fix typo. * rt2800: Add documentation on MCU requests. (bnc#744198) * rt2800pci: Fix "Error - MCU request failed" during initialization. (bnc#744198) Packaging: * rpm/kernel-binary.spec.in: Temporarily disable icecream builds until miscompilation is resolved (bnc#763954 bnc#773831) * rpm/kernel-binary.spec.in: add Conflicts for older hyper-v hv_kvp_daemon (bnc#770763) the kernel-user interface changed, old binaries will busyloop with newer kernel * rpm/kernel-binary.spec.in: Do not run debugedit -i, use eu-unstrip to retrieve the build-id instead (bnc#768504). * rpm/kernel-binary.spec.in: Fix Obsoletes: tag for the SLE11-SP1 realtek-r8192ce_pci-kmp package. Misc * patches.suse/no-partition-scan: Implement "no_partition_scan" commandline option (FATE#303697). * vfs: dcache: use DCACHE_DENTRY_KILLED instead of DCACHE_DISCONNECTED in d_kill() (bnc#779699). * igb: convert to ndo_fix_features (bnc#777269). * igb: do vlan cleanup (bnc#777269). * tcp: flush DMA queue before sk_wait_data if rcv_wnd is zero (bnc#777024). * drm: Export drm_probe_ddc() (bnc#780461). * drm/dp: Update DPCD defines (bnc#780461). * drm/i915/dp: Be smarter about connection sense for branch devices (bnc#780461). * drm/i915/dp: Fetch downstream port info if needed during DPCD fetch (bnc#780461). * md: fix so that GET_ARRAY_INFO and GET_DISK_INFO fail correctly when array has not "raid_disks" count yet. * sched: Fix ancient race in do_exit() (bnc#781018). * sched: fix divide by zero in thread_group/task_times() (bnc#761774). * sched: fix migration thread runtime bogosity (bnc#773688, bnc#769251). * megaraid_sas: boot hangs up while LD is offline issue (bnc#698102). * memcg: warn on deeper hierarchies with use_hierarchy==0 (bnc#781134). * scsi_dh_alua: Retry the check-condition in case Mode Parameters Changed (bnc#772473). * scsi: update scsi.h with SYNCHRONIZE_CACHE_16 (FATE#313550,bnc#769195). * sd: Reshuffle init_sd to avoid crash (bnc#776787). * st: remove st_mutex (bnc#773007). * cifs: Assume passwords are encoded according to iocharset (try #2) (bnc#731035). * drm/fb-helper: delay hotplug handling when partially bound (bnc#778822). * drm/fb helper: do not call drm_crtc_helper_set_config (bnc#778822). * patches.drivers/drm-Skip-too-big-EDID-extensions: Delete. Fixed in firmware, so no longer needed (bnc#764900) * drm/i915: Fix backlight control for systems which have bl polarity reversed (bnc #766156). * patches.kernel.org/patch-3.0.27-28: Update references (bnc#770695 CVE-2012-2745). * xen/x86-64: fix hypercall page unwind info. * patches.xen/xen3-patch-3.0.40-41: Linux 3.0.41. * Refresh other Xen patches (bnc#776019). * e1000e: clear REQ and GNT in EECD (82571 && 82572) (bnc#762099). * bonding: add some slack to arp monitoring time limits (bnc#776095). * patches.arch/x2apic_opt_out.patch: Refresh. bnc#778082 * x86, mce: Do not call del_timer_sync() in IRQ context (bnc#776896). * cpufreq / ACPI: Fix not loading acpi-cpufreq driver regression (bnc#766654). * ida: Update references (bnc#740291). * audit: do not free_chunk() after fsnotify_add_mark() (bnc#762214). * audit: fix refcounting in audit-tree (bnc#762214). * mlx4_en: map entire pages to increase throughput. * usb: Add support for root hub port status CAS (bnc#774289). * fs,reiserfs: unlock superblock before calling reiserfs_quota_on_mount() (bnc#772786). * reiserfs: fix deadlock with nfs racing on create/lookup (bnc#762693). * NFS: Slow down state manager after an unhandled error (bnc#774973). * nfs: increase number of permitted callback connections (bnc#771706). * Freezer / sunrpc / NFS: do not allow TASK_KILLABLE sleeps to block the freezer (bnc#775182). * powerpc/pseries: Support lower minimum entitlement for virtual processors (bnc#775984). * powerpc: Disable /dev/port interface on systems without an ISA bridge (bnc#754670). * ocfs2: Add a missing journal credit in ocfs2_link_credits() -v2 (bnc#773320). * block: do not artificially constrain max_sectors for stacking drivers (bnc#774073). * bnx2x: Clear MDC/MDIO warning message (bnc#769035). * bnx2x: Fix BCM57810-KR AN speed transition (bnc#769035). * bnx2x: Fix BCM57810-KR FC (bnc#769035). * bnx2x: Fix BCM578x0-SFI pre-emphasis settings (bnc#769035). * bnx2x: Fix link issue for BCM8727 boards (bnc#769035). * bnx2x: PFC fix (bnc#769035). * bnx2x: fix checksum validation (bnc#769035). * bnx2x: fix panic when TX ring is full (bnc#769035). * bnx2x: previous driver unload revised (bnc#769035). * bnx2x: remove WARN_ON (bnc#769035). * bnx2x: update driver version (bnc#769035). * xhci: Fix a logical vs bitwise AND bug (bnc#772427). * xhci: Switch PPT ports to EHCI on shutdown (bnc#772427). * xhci: definitions of register definitions to preserve kABI (bnc#772427). * xhci: Introduce a private switchback method to preserve kABI (bnc#772427). * config.conf: Drop reference to a s390 vanilla config that does not exist. * block: eliminate potential for infinite loop in blkdev_issue_discard (bnc#773319). * Fix cosmetic (but worrisome to users) stop class accounting bug. * bluetooth: Another vendor specific ID for BCM20702A0 [0a5c:21f1] (bnc#774612). * memcg: further prevent OOM with too many dirty pages (bnc#763198). * patches.fixes/mm-consider-PageReclaim-for-sync-reclaim.patch : Refresh to match the upstream version. * tmpfs: optimize clearing when writing (VM Performance). * tmpfs: distribute interleave better across nodes (bnc#764209). * patches.fixes/tmpfs-implement-NUMA-node-interleaving.patch: dropped in favor of the upstream patch Security Issue reference: * CVE-2012-2745 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-6923 slessp2-kernel-6926 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-6923 slessp2-kernel-6924 slessp2-kernel-6925 slessp2-kernel-6926 slessp2-kernel-6931 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-6923 sleshasp2-kernel-6924 sleshasp2-kernel-6925 sleshasp2-kernel-6926 sleshasp2-kernel-6931 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-6923 sledsp2-kernel-6926 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.42]: kernel-default-3.0.42-0.7.3 kernel-default-base-3.0.42-0.7.3 kernel-default-devel-3.0.42-0.7.3 kernel-source-3.0.42-0.7.3 kernel-syms-3.0.42-0.7.3 kernel-trace-3.0.42-0.7.3 kernel-trace-base-3.0.42-0.7.3 kernel-trace-devel-3.0.42-0.7.3 kernel-xen-devel-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.42]: kernel-pae-3.0.42-0.7.3 kernel-pae-base-3.0.42-0.7.3 kernel-pae-devel-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.42]: kernel-default-3.0.42-0.7.3 kernel-default-base-3.0.42-0.7.3 kernel-default-devel-3.0.42-0.7.3 kernel-source-3.0.42-0.7.3 kernel-syms-3.0.42-0.7.3 kernel-trace-3.0.42-0.7.3 kernel-trace-base-3.0.42-0.7.3 kernel-trace-devel-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.42]: kernel-ec2-3.0.42-0.7.3 kernel-ec2-base-3.0.42-0.7.3 kernel-ec2-devel-3.0.42-0.7.3 kernel-xen-3.0.42-0.7.3 kernel-xen-base-3.0.42-0.7.3 kernel-xen-devel-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.42]: kernel-default-man-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.42]: kernel-ppc64-3.0.42-0.7.3 kernel-ppc64-base-3.0.42-0.7.3 kernel-ppc64-devel-3.0.42-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.42]: kernel-pae-3.0.42-0.7.3 kernel-pae-base-3.0.42-0.7.3 kernel-pae-devel-3.0.42-0.7.3 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.42_0.7-2.18.7 cluster-network-kmp-trace-1.4_3.0.42_0.7-2.18.7 gfs2-kmp-default-2_3.0.42_0.7-0.7.42 gfs2-kmp-trace-2_3.0.42_0.7-0.7.42 ocfs2-kmp-default-1.6_3.0.42_0.7-0.11.6 ocfs2-kmp-trace-1.6_3.0.42_0.7-0.11.6 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.42_0.7-2.18.7 gfs2-kmp-xen-2_3.0.42_0.7-0.7.42 ocfs2-kmp-xen-1.6_3.0.42_0.7-0.11.6 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.42_0.7-2.18.7 gfs2-kmp-ppc64-2_3.0.42_0.7-0.7.42 ocfs2-kmp-ppc64-1.6_3.0.42_0.7-0.11.6 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.42_0.7-2.18.7 gfs2-kmp-pae-2_3.0.42_0.7-0.7.42 ocfs2-kmp-pae-1.6_3.0.42_0.7-0.11.6 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.42]: kernel-default-3.0.42-0.7.3 kernel-default-base-3.0.42-0.7.3 kernel-default-devel-3.0.42-0.7.3 kernel-default-extra-3.0.42-0.7.3 kernel-source-3.0.42-0.7.3 kernel-syms-3.0.42-0.7.3 kernel-trace-3.0.42-0.7.3 kernel-trace-base-3.0.42-0.7.3 kernel-trace-devel-3.0.42-0.7.3 kernel-trace-extra-3.0.42-0.7.3 kernel-xen-3.0.42-0.7.3 kernel-xen-base-3.0.42-0.7.3 kernel-xen-devel-3.0.42-0.7.3 kernel-xen-extra-3.0.42-0.7.3 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.42]: kernel-pae-3.0.42-0.7.3 kernel-pae-base-3.0.42-0.7.3 kernel-pae-devel-3.0.42-0.7.3 kernel-pae-extra-3.0.42-0.7.3 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.42_0.7-0.14.23 ext4-writeable-kmp-trace-0_3.0.42_0.7-0.14.23 kernel-default-extra-3.0.42-0.7.3 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.42_0.7-0.14.23 kernel-xen-extra-3.0.42-0.7.3 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.42_0.7-0.14.23 kernel-ppc64-extra-3.0.42-0.7.3 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.42_0.7-0.14.23 kernel-pae-extra-3.0.42-0.7.3 References: http://support.novell.com/security/cve/CVE-2012-2745.html https://bugzilla.novell.com/698102 https://bugzilla.novell.com/731035 https://bugzilla.novell.com/740291 https://bugzilla.novell.com/744198 https://bugzilla.novell.com/753617 https://bugzilla.novell.com/754670 https://bugzilla.novell.com/761774 https://bugzilla.novell.com/762099 https://bugzilla.novell.com/762214 https://bugzilla.novell.com/762693 https://bugzilla.novell.com/763198 https://bugzilla.novell.com/763954 https://bugzilla.novell.com/764209 https://bugzilla.novell.com/764900 https://bugzilla.novell.com/766156 https://bugzilla.novell.com/766654 https://bugzilla.novell.com/768084 https://bugzilla.novell.com/768504 https://bugzilla.novell.com/769035 https://bugzilla.novell.com/769195 https://bugzilla.novell.com/769251 https://bugzilla.novell.com/769407 https://bugzilla.novell.com/770034 https://bugzilla.novell.com/770695 https://bugzilla.novell.com/770763 https://bugzilla.novell.com/771706 https://bugzilla.novell.com/772407 https://bugzilla.novell.com/772427 https://bugzilla.novell.com/772473 https://bugzilla.novell.com/772786 https://bugzilla.novell.com/772831 https://bugzilla.novell.com/773007 https://bugzilla.novell.com/773319 https://bugzilla.novell.com/773320 https://bugzilla.novell.com/773688 https://bugzilla.novell.com/773831 https://bugzilla.novell.com/774073 https://bugzilla.novell.com/774289 https://bugzilla.novell.com/774612 https://bugzilla.novell.com/774902 https://bugzilla.novell.com/774973 https://bugzilla.novell.com/775182 https://bugzilla.novell.com/775373 https://bugzilla.novell.com/775984 https://bugzilla.novell.com/776019 https://bugzilla.novell.com/776095 https://bugzilla.novell.com/776787 https://bugzilla.novell.com/776896 https://bugzilla.novell.com/777024 https://bugzilla.novell.com/777269 https://bugzilla.novell.com/778082 https://bugzilla.novell.com/778822 https://bugzilla.novell.com/779330 https://bugzilla.novell.com/779461 https://bugzilla.novell.com/779699 https://bugzilla.novell.com/780012 https://bugzilla.novell.com/780461 https://bugzilla.novell.com/781018 https://bugzilla.novell.com/781134 http://download.novell.com/patch/finder/?keywords=093be6c543a0ba2b6ecf2968d4a92212 http://download.novell.com/patch/finder/?keywords=0a2a6cf21f8291011c81928522f1063a http://download.novell.com/patch/finder/?keywords=2205d86ff343bf4bd4269c0ee1a36fce http://download.novell.com/patch/finder/?keywords=56bb8b246b094d7b9bb76894fbb7a521 http://download.novell.com/patch/finder/?keywords=89ed32091b7cde5f4b5f62a8d0ae9f0f http://download.novell.com/patch/finder/?keywords=9bafa94f852e694b59b99001aa47a2b5 http://download.novell.com/patch/finder/?keywords=c29b53bba0dc375ee51121e1a1619e8d http://download.novell.com/patch/finder/?keywords=d3169be940573b6d9ace41778ad0a84c http://download.novell.com/patch/finder/?keywords=d62b0fd1b9b16f9da1561454d3ac760d http://download.novell.com/patch/finder/?keywords=f6f94ee4ea8bc5fdac3a7d71f4d55ed9 From sle-updates at lists.suse.com Tue Oct 16 14:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Oct 2012 22:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1351-1: important: Security update for Mozilla Firefox Message-ID: <20121016200833.AFA6D3227D@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1351-1 Rating: important References: #783533 Cross-References: CVE-2012-3977 CVE-2012-3982 CVE-2012-3983 CVE-2012-3984 CVE-2012-3985 CVE-2012-3986 CVE-2012-3987 CVE-2012-3988 CVE-2012-3989 CVE-2012-3990 CVE-2012-3991 CVE-2012-3992 CVE-2012-3993 CVE-2012-3994 CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 CVE-2012-4184 CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 CVE-2012-4192 CVE-2012-4193 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. It includes two new package versions. Description: MozillaFirefox was updated to the 10.0.9ESR security release which fixes bugs and security issues: * MFSA 2012-73 / CVE-2012-3977: Security researchers Thai Duong and Juliano Rizzo reported that SPDY's request header compression leads to information leakage, which can allow the extraction of private data such as session cookies, even over an encrypted SSL connection. (This does not affect Firefox 10 as it does not feature the SPDY extension. It was silently fixed for Firefox 15.) * MFSA 2012-74: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * CVE-2012-3983: Henrik Skupin, Jesse Ruderman and moz_bug_r_a4 reported memory safety problems and crashes that affect Firefox 15. * CVE-2012-3982: Christian Holler and Jesse Ruderman reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 15. * MFSA 2012-75 / CVE-2012-3984: Security researcher David Bloom of Cue discovered that "select" elements are always-on-top chromeless windows and that navigation away from a page with an active "select" menu does not remove this window.When another menu is opened programmatically on a new page, the original "select" menu can be retained and arbitrary HTML content within it rendered, allowing an attacker to cover arbitrary portions of the new page through absolute positioning/scrolling, leading to spoofing attacks. Security researcher Jordi Chancel found a variation that would allow for click-jacking attacks was well. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References Navigation away from a page with an active "select" dropdown menu can be used for URL spoofing, other evil Firefox 10.0.1 : Navigation away from a page with multiple active "select" dropdown menu can be used for Spoofing And ClickJacking with XPI using window.open and geolocalisation * MFSA 2012-76 / CVE-2012-3985: Security researcher Collin Jackson reported a violation of the HTML5 specifications for document.domain behavior. Specified behavior requires pages to only have access to windows in a new document.domain but the observed violation allowed pages to retain access to windows from the page's initial origin in addition to the new document.domain. This could potentially lead to cross-site scripting (XSS) attacks. * MFSA 2012-77 / CVE-2012-3986: Mozilla developer Johnny Stenback discovered that several methods of a feature used for testing (DOMWindowUtils) are not protected by existing security checks, allowing these methods to be called through script by web pages. This was addressed by adding the existing security checks to these methods. * MFSA 2012-78 / CVE-2012-3987: Security researcher Warren He reported that when a page is transitioned into Reader Mode in Firefox for Android, the resulting page has chrome privileges and its content is not thoroughly sanitized. A successful attack requires user enabling of reader mode for a malicious page, which could then perform an attack similar to cross-site scripting (XSS) to gain the privileges allowed to Firefox on an Android device. This has been fixed by changing the Reader Mode page into an unprivileged page. This vulnerability only affects Firefox for Android. * MFSA 2012-79 / CVE-2012-3988: Security researcher Soroush Dalili reported that a combination of invoking full screen mode and navigating backwards in history could, in some circumstances, cause a hang or crash due to a timing dependent use-after-free pointer reference. This crash may be potentially exploitable. * MFSA 2012-80 / CVE-2012-3989: Mozilla community member Ms2ger reported a crash due to an invalid cast when using the instanceof operator on certain types of JavaScript objects. This can lead to a potentially exploitable crash. * MFSA 2012-81 / CVE-2012-3991: Mozilla community member Alice White reported that when the GetProperty function is invoked through JSAPI, security checking can be bypassed when getting cross-origin properties. This potentially allowed for arbitrary code execution. * MFSA 2012-82 / CVE-2012-3994: Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location and top can be shadowed by Object.defineProperty as well. This can allow for possible cross-site scripting (XSS) attacks through plugins. * MFSA 2012-83: Security researcher Mariusz Mlynski reported that when InstallTrigger fails, it throws an error wrapped in a Chrome Object Wrapper (COW) that fails to specify exposed properties. These can then be added to the resulting object by an attacker, allowing access to chrome privileged functions through script. While investigating this issue, Mozilla security researcher moz_bug_r_a4 found that COW did not disallow accessing of properties from a standard prototype in some situations, even when the original issue had been fixed. These issues could allow for a cross-site scripting (XSS) attack or arbitrary code execution. * CVE-2012-3993: XrayWrapper pollution via unsafe COW * CVE-2012-4184: ChromeObjectWrapper is not implemented as intended * MFSA 2012-84 / CVE-2012-3992: Security researcher Mariusz Mlynski reported an issue with spoofing of the location property. In this issue, writes to location.hash can be used in concert with scripted history navigation to cause a specific website to be loaded into the history object. The baseURI can then be changed to this stored site, allowing an attacker to inject a script or intercept posted data posted to a location specified with a relative path. * MFSA 2012-85: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series of use-after-free, buffer overflow, and out of bounds read issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting two additional use-after-free flaws introduced during Firefox 16 development and fixed before general release. * CVE-2012-3995: Out of bounds read in IsCSSWordSpacingSpace * CVE-2012-4179: Heap-use-after-free in nsHTMLCSSUtils::CreateCSSPropertyTxn * CVE-2012-4180: Heap-buffer-overflow in nsHTMLEditor::IsPrevCharInNodeWhitespace * CVE-2012-4181: Heap-use-after-free in nsSMILAnimationController::DoSample * CVE-2012-4182: Heap-use-after-free in nsTextEditRules::WillInsert * CVE-2012-4183: Heap-use-after-free in DOMSVGTests::GetRequiredFeatures * MFSA 2012-86: Security researcher Atte Kettunen from OUSPG reported several heap memory corruption issues found using the Address Sanitizer tool. These issues are potentially exploitable, allowing for remote code execution. * CVE-2012-4185: Global-buffer-overflow in nsCharTraits::length * CVE-2012-4186: Heap-buffer-overflow in nsWaveReader::DecodeAudioData * CVE-2012-4187: Crash with ASSERTION: insPos too small * CVE-2012-4188: Heap-buffer-overflow in Convolve3x3 * MFSA 2012-87 / CVE-2012-3990: Security researcher miaubiz used the Address Sanitizer tool to discover a use-after-free in the IME State Manager code. This could lead to a potentially exploitable crash. * MFSA 2012-89 / CVE-2012-4192 / CVE-2012-4193: Mozilla security researcher moz_bug_r_a4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue(). This can allow for improper access access to the Location object. In versions 15 and earlier of affected products, there was also the potential for arbitrary code execution. Security Issue reference: * CVE-2012-3977 * CVE-2012-3982 * CVE-2012-3983 * CVE-2012-3984 * CVE-2012-3985 * CVE-2012-3986 * CVE-2012-3987 * CVE-2012-3988 * CVE-2012-3989 * CVE-2012-3990 * CVE-2012-3991 * CVE-2012-3992 * CVE-2012-3993 * CVE-2012-3994 * CVE-2012-3995 * CVE-2012-4179 * CVE-2012-4180 * CVE-2012-4181 * CVE-2012-4182 * CVE-2012-4183 * CVE-2012-4184 * CVE-2012-4185 * CVE-2012-4186 * CVE-2012-4187 * CVE-2012-4188 * CVE-2012-4192 * CVE-2012-4193 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201210-6951 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201210-6951 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201210-6951 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 10.0.9]: MozillaFirefox-10.0.9-0.3.1 MozillaFirefox-translations-10.0.9-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.9]: MozillaFirefox-10.0.9-0.3.1 MozillaFirefox-branding-SLED-7-0.6.7.85 MozillaFirefox-translations-10.0.9-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 7]: MozillaFirefox-10.0.9-0.5.1 MozillaFirefox-branding-SLED-7-0.8.35 MozillaFirefox-translations-10.0.9-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.9]: MozillaFirefox-10.0.9-0.3.1 MozillaFirefox-branding-SLED-7-0.6.7.85 MozillaFirefox-translations-10.0.9-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 7]: MozillaFirefox-10.0.9-0.5.1 MozillaFirefox-branding-SLED-7-0.8.35 MozillaFirefox-translations-10.0.9-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.9-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3977.html http://support.novell.com/security/cve/CVE-2012-3982.html http://support.novell.com/security/cve/CVE-2012-3983.html http://support.novell.com/security/cve/CVE-2012-3984.html http://support.novell.com/security/cve/CVE-2012-3985.html http://support.novell.com/security/cve/CVE-2012-3986.html http://support.novell.com/security/cve/CVE-2012-3987.html http://support.novell.com/security/cve/CVE-2012-3988.html http://support.novell.com/security/cve/CVE-2012-3989.html http://support.novell.com/security/cve/CVE-2012-3990.html http://support.novell.com/security/cve/CVE-2012-3991.html http://support.novell.com/security/cve/CVE-2012-3992.html http://support.novell.com/security/cve/CVE-2012-3993.html http://support.novell.com/security/cve/CVE-2012-3994.html http://support.novell.com/security/cve/CVE-2012-3995.html http://support.novell.com/security/cve/CVE-2012-4179.html http://support.novell.com/security/cve/CVE-2012-4180.html http://support.novell.com/security/cve/CVE-2012-4181.html http://support.novell.com/security/cve/CVE-2012-4182.html http://support.novell.com/security/cve/CVE-2012-4183.html http://support.novell.com/security/cve/CVE-2012-4184.html http://support.novell.com/security/cve/CVE-2012-4185.html http://support.novell.com/security/cve/CVE-2012-4186.html http://support.novell.com/security/cve/CVE-2012-4187.html http://support.novell.com/security/cve/CVE-2012-4188.html http://support.novell.com/security/cve/CVE-2012-4192.html http://support.novell.com/security/cve/CVE-2012-4193.html https://bugzilla.novell.com/783533 http://download.novell.com/patch/finder/?keywords=9df8424f201589e4fca1abdc2e0b1023 http://download.novell.com/patch/finder/?keywords=b54051bb7b93d9b879c04f373ce0061d From sle-updates at lists.suse.com Tue Oct 16 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Oct 2012 23:08:27 +0200 (CEST) Subject: SUSE-SU-2012:1352-1: moderate: Security update for openstack-swift Message-ID: <20121016210827.C113A3227B@maintenance.suse.de> SUSE Security Update: Security update for openstack-swift ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1352-1 Rating: moderate References: #779215 Cross-References: CVE-2012-4413 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The openstack SWIFT component has been updated to fix a security issue: * CVE-2012-4406: The pickle serialization for memcache could be exploited to execute code. It was replaced by JSON. Security Issue reference: * CVE-2012-4413 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-swift-6819 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-swift-1.4.8+git.1332408124.4a6fead-0.11.1 openstack-swift-account-1.4.8+git.1332408124.4a6fead-0.11.1 openstack-swift-container-1.4.8+git.1332408124.4a6fead-0.11.1 openstack-swift-doc-1.4.8+git.1332408124.4a6fead-0.11.1 openstack-swift-object-1.4.8+git.1332408124.4a6fead-0.11.1 openstack-swift-proxy-1.4.8+git.1332408124.4a6fead-0.11.1 python-swift-1.4.8+git.1332408124.4a6fead-0.11.1 References: http://support.novell.com/security/cve/CVE-2012-4413.html https://bugzilla.novell.com/779215 http://download.novell.com/patch/finder/?keywords=9d6ca417db66a8fd03dcda14001eaa95 From sle-updates at lists.suse.com Tue Oct 16 16:09:01 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 00:09:01 +0200 (CEST) Subject: SUSE-RU-2012:1353-1: moderate: Recommended update for supportutils-plugin-susecloud Message-ID: <20121016220901.F0A9F3227D@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils-plugin-susecloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1353-1 Rating: moderate References: #779696 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for supportutils-plugin-susecloud provides a significantly enhanced version which also captures logfiles for glance, swift, nova, and barclamp, if available. It also fixes spurious "File not found" errors (bnc#779696). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-supportutils-plugin-susecloud-6870 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch): supportutils-plugin-susecloud-1.0-0.9.1 References: https://bugzilla.novell.com/779696 http://download.novell.com/patch/finder/?keywords=8cb4c2a5f864c2c60742681a8a25e4b5 From sle-updates at lists.suse.com Wed Oct 17 08:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:08:24 +0200 (CEST) Subject: SUSE-RU-2012:1357-1: important: Recommended update for rubygem-chef-server Message-ID: <20121017140824.91DEF3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for rubygem-chef-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1357-1 Rating: important References: #780426 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds a daily compaction job to avoid disk space leakage with couchdb (bnc#780426). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-chef-server-6837 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): rubygem-chef-server-0.10.8-0.13.1 References: https://bugzilla.novell.com/780426 http://download.novell.com/patch/finder/?keywords=88e8647172713a8684d22948b98f5f46 From sle-updates at lists.suse.com Wed Oct 17 08:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:08:39 +0200 (CEST) Subject: SUSE-RU-2012:1358-1: Recommended update for openstack-keystone Message-ID: <20121017140839.CE1273227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1358-1 Rating: low References: #779747 #782289 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-keystone provides the following fixes: * Require authz to update user's tenant * List tokens for memcached backend * Delete user tokens after role grant/revoke * Remove superfluous editing of /usr/bin/gensslcert in postinstallation script (bnc#779747) * utf-8 encode user keys in memcache (bug 1056373) * make init script start after database * add --all_tenants option to volume-list command Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-keystone-201209-6912 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-keystone-2012.1+git.1348675554.0e1f05e-0.5.1 openstack-keystone-doc-2012.1+git.1348675554.0e1f05e-0.5.1 python-keystone-2012.1+git.1348675554.0e1f05e-0.5.1 python-novaclient-2012.1+git.1345053935.bab694e-0.8.1 References: https://bugzilla.novell.com/779747 https://bugzilla.novell.com/782289 http://download.novell.com/patch/finder/?keywords=730a1f9a6d5ffebc4e919f653f8889c7 From sle-updates at lists.suse.com Wed Oct 17 08:08:55 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:08:55 +0200 (CEST) Subject: SUSE-RU-2012:1359-1: Recommended update for openstack-glance Message-ID: <20121017140855.1E3C032097@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-glance ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1359-1 Rating: low References: #779747 #781798 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update removes a superfluous step of editing /usr/bin/gensslcert in the postinstallation script. In addition the init script is updated to wait for the PostgreSQL database before starting up. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-glance-6911 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-glance-2012.1+git.1344578005.120fcf4-0.5.1 python-glance-2012.1+git.1344578005.120fcf4-0.5.1 References: https://bugzilla.novell.com/779747 https://bugzilla.novell.com/781798 http://download.novell.com/patch/finder/?keywords=b74b1da97301721b23a70e8a69a2a3f1 From sle-updates at lists.suse.com Wed Oct 17 08:09:10 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:09:10 +0200 (CEST) Subject: SUSE-RU-2012:1360-1: important: Recommended update for sleshammer Message-ID: <20121017140910.F201F3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for sleshammer ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1360-1 Rating: important References: #778124 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sleshammer provides the following fixes: * always write hostname to /etc/hosts to ensure $HOSTNAME is correct (bnc#778124) * add check for --userootforbuild Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-sleshammer-6846 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): sleshammer-0.1-0.11.1 References: https://bugzilla.novell.com/778124 http://download.novell.com/patch/finder/?keywords=8a674bf0d59e7351d1b616fd43661de2 From sle-updates at lists.suse.com Wed Oct 17 08:09:13 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:09:13 +0200 (CEST) Subject: SUSE-RU-2012:1361-1: Recommended update for openstack-dashboard Message-ID: <20121017140913.6ABE23227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-dashboard ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1361-1 Rating: low References: #776559 #776890 #779747 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for openstack-dashboard provides the following fixes: * Do not crash when deleting image or volume with no name (bnc#776890) * Fix open redirect in Horizon. (bnc#776559) * Remove superfluous editing of /usr/bin/gensslcert in postinstallation script (bnc#779747) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-dashboard-6869 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-dashboard-2012.1+git.1345662940.35eada8-0.7.1 openstack-dashboard-config-2012.1+git.1345662940.35eada8-0.7.1 python-horizon-2012.1+git.1345662940.35eada8-0.7.1 References: https://bugzilla.novell.com/776559 https://bugzilla.novell.com/776890 https://bugzilla.novell.com/779747 http://download.novell.com/patch/finder/?keywords=9de27674d50e0b436f610c0acfb781f6 From sle-updates at lists.suse.com Wed Oct 17 08:09:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:09:29 +0200 (CEST) Subject: SUSE-RU-2012:1362-1: Recommended update for python-glanceclient Message-ID: <20121017140929.5BA8C3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-glanceclient ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1362-1 Rating: low References: #780048 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update removes the remove cryptic "No handlers could be found for logger" error message. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-python-glanceclient-6836 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): python-glanceclient-2012.1+git.1342772282.71a0cae-0.9.1 References: https://bugzilla.novell.com/780048 http://download.novell.com/patch/finder/?keywords=9f199f809a5cc074bc5aabc94ee048ee From sle-updates at lists.suse.com Wed Oct 17 08:09:46 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:09:46 +0200 (CEST) Subject: SUSE-RU-2012:1363-1: Recommended update for openstack-nova Message-ID: <20121017140946.7DDA83227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1363-1 Rating: low References: #779747 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to openstack-nova provides the following fixes: * Make flavorextradata ignore deleted flavors. * Ensure hairpin_mode is set whenever vifs is added to bridge. * Fix simple_tenant_usage's handing of future end times * Redefine the domain's XML on volume attach/detach * Remove superfluous editing of /usr/bin/gensslcert in postinstallation script (bnc#779747) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-nova-6873 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-nova-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-api-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-cert-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-compute-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-doc-2012.1+git.1346731301.47dabb3-0.5.1 openstack-nova-network-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-objectstore-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-scheduler-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-vncproxy-2012.1+git.1346731301.47dabb3-0.5.2 openstack-nova-volume-2012.1+git.1346731301.47dabb3-0.5.2 python-nova-2012.1+git.1346731301.47dabb3-0.5.2 References: https://bugzilla.novell.com/779747 http://download.novell.com/patch/finder/?keywords=103c4157ddd0fa241b005528e0ce260c From sle-updates at lists.suse.com Wed Oct 17 08:10:02 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Oct 2012 16:10:02 +0200 (CEST) Subject: SUSE-RU-2012:1364-1: Recommended update for cloud-init Message-ID: <20121017141002.C111D3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for cloud-init ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1364-1 Rating: low References: #779553 #779588 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for cloud-init provides the following fixes: * Add missing python-xml dependency * drop ubuntu as default user name * disable ssh ecdsa host key creation * replace python 2.7 code with 2.5 compliant code * drop debian specific checks (bnc#779553) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-cloud-init-6845 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): cloud-init-0.6.3-0.11.1 References: https://bugzilla.novell.com/779553 https://bugzilla.novell.com/779588 http://download.novell.com/patch/finder/?keywords=bd16704e790a66b80e4435d0237b520f From sle-updates at lists.suse.com Wed Oct 17 18:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Oct 2012 02:08:27 +0200 (CEST) Subject: SUSE-RU-2012:1365-1: important: Recommended update for PostgreSQL Message-ID: <20121018000827.887D132269@maintenance.suse.de> SUSE Recommended Update: Recommended update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1365-1 Rating: important References: #782251 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides PostgreSQL 9.1.6, which includes fixes for issues that could have caused data corruption. * For the full list of changes, see http://www.postgresql.org/docs/9.1/static/release.html * Fix persistence marking of shared buffers during WAL replay. * Fix planner's assignment of executor parameters, and fix executor's rescan logic for CTE plan nodes. * Fix misbehavior when default_transaction_isolation is set to serializable. * Improve selectivity estimation for text search queries involving prefixes, i.e. "word":* patterns. * Improve page-splitting decisions in GiST indexes. * Fix cascading privilege revoke to stop if privileges are still held. * Disallow extensions from containing the schema they are assigned to. * Improve error messages for Hot Standby misconfiguration errors. * Make configure probe for mbstowcs_l. * Fix handling of SIGFPE when PL/Perl is in use. * Prevent PL/Perl from crashing if a recursive PL/Perl function is redefined while being executed. * Work around possible misoptimization in PL/Perl. * Fix bugs in "contrib/pg_trgm"'s LIKE pattern analysis code. * Remove unnecessary dependency on pg_config from pg_upgrade. Users who upgrade from a previous 9.1 release should run VACUUM and/or and/or index rebuilds after applying this update. See also: http://wiki.postgresql.org/wiki/20120924updaterelease Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-postgresql-201209-6892 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-postgresql-201209-6892 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-postgresql-201209-6892 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-postgresql-201209-6892 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): postgresql91-devel-9.1.6-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libecpg6-9.1.6-0.4.1 libpq5-9.1.6-0.4.1 postgresql91-9.1.6-0.4.1 postgresql91-contrib-9.1.6-0.4.1 postgresql91-docs-9.1.6-0.4.1 postgresql91-server-9.1.6-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libpq5-32bit-9.1.6-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libecpg6-9.1.6-0.4.1 libpq5-9.1.6-0.4.1 postgresql91-9.1.6-0.4.1 postgresql91-contrib-9.1.6-0.4.1 postgresql91-docs-9.1.6-0.4.1 postgresql91-server-9.1.6-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libpq5-32bit-9.1.6-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libpq5-x86-9.1.6-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libecpg6-9.1.6-0.4.1 libpq5-9.1.6-0.4.1 postgresql91-9.1.6-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libpq5-32bit-9.1.6-0.4.1 References: https://bugzilla.novell.com/782251 http://download.novell.com/patch/finder/?keywords=e21eb545afd1ed13932e4a18773cd494 From sle-updates at lists.suse.com Wed Oct 17 18:08:43 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Oct 2012 02:08:43 +0200 (CEST) Subject: SUSE-RU-2012:1366-1: moderate: Recommended update for autofs Message-ID: <20121018000843.A2A943227A@maintenance.suse.de> SUSE Recommended Update: Recommended update for autofs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1366-1 Rating: moderate References: #774241 #777709 #778537 #779114 #780990 #784288 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This consolidated update for autofs provides an enhancement to support individual timeouts for each direct map present in the master map. In addition, the following fixes are added: * fix submount shutdown race * fix locking problems in the master source mutex that could cause deadlocks * fix lookup for keys in an included multi-mount map * fix buffer initialization in the master map parser * fix an use after free mistake in lookup_prune_one_cache() that could cause a segmentation fault Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-autofs-6936 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-autofs-6936 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-autofs-6936 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): autofs-5.0.5-11.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): autofs-5.0.5-11.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): autofs-5.0.5-11.27.1 References: https://bugzilla.novell.com/774241 https://bugzilla.novell.com/777709 https://bugzilla.novell.com/778537 https://bugzilla.novell.com/779114 https://bugzilla.novell.com/780990 https://bugzilla.novell.com/784288 http://download.novell.com/patch/finder/?keywords=f5d4932a0dfed46f381ce5f06579eb64 From sle-updates at lists.suse.com Thu Oct 18 09:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Oct 2012 17:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1367-1: moderate: Security update for rubygem-actionpack-2_3 Message-ID: <20121018150832.C96D33227E@maintenance.suse.de> SUSE Security Update: Security update for rubygem-actionpack-2_3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1367-1 Rating: moderate References: #775649 Cross-References: CVE-2012-3465 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update fixes the strip_tags helper in Ruby on Rails which could have resulted in a cross-site scripting vulnerability. CVE-2012-3465 has been assigned to this issue. Security Issue reference: * CVE-2012-3465 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-actionpack-2_3-6802 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-actionpack-2_3-6802 - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-6802 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-6802 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-actionpack-2_3-6801 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-actionpack-2_3-6801 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.8.1 - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.8.1 - SUSE Studio Onsite 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.8.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-actionpack-2_3-2.3.14-0.12.1 - SUSE Cloud 1.0 (x86_64): rubygem-actionpack-2_3-2.3.14-0.12.1 References: http://support.novell.com/security/cve/CVE-2012-3465.html https://bugzilla.novell.com/775649 http://download.novell.com/patch/finder/?keywords=2b07947598b12d37508907617d9fc83d http://download.novell.com/patch/finder/?keywords=6127d299d97f12be4acb434f8c4dc3b2 From sle-updates at lists.suse.com Thu Oct 18 14:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Oct 2012 22:08:32 +0200 (CEST) Subject: SUSE-RU-2012:1368-1: Recommended update for yast2-samba-server Message-ID: <20121018200832.BE2CB3227D@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-samba-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1368-1 Rating: low References: #756426 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to YaST's Samba Server Configuration module (yast2-samba-server) fixes a problem that could enforce a password change when it was not needed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-samba-server-6844 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-samba-server-6844 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-samba-server-6844 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.14]: yast2-samba-server-2.17.14-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.14]: yast2-samba-server-2.17.14-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.14]: yast2-samba-server-2.17.14-0.5.1 References: https://bugzilla.novell.com/756426 http://download.novell.com/patch/finder/?keywords=7920feff0a4c66fce581e626be42f1da From sle-updates at lists.suse.com Thu Oct 18 15:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Oct 2012 23:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1369-1: important: Recommended update for crowbar Message-ID: <20121018210828.6FE9A32280@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1369-1 Rating: important References: #776573 #777523 #777524 #777777 #777843 #777850 #777873 #777897 #778032 #778088 #778250 #778739 #779709 #780412 #780797 #782525 #782526 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has 17 recommended fixes can now be installed. It includes 12 new package versions. Description: This update for Crowbar provides the following changes: * Update submodule references for SUSE Cloud 1.0 * create osdmap from conf on all monitors and use it for monitor FS creation to have the correct number of pgs * Bump default size for file storage to 10 GB instead of 2 GB * Calculate a reasonable default size of the local volume storage file * Improve list of storage disks in webui * nova-multi-controller role should not always conflict with ceph-store * Fix disk detection to work when used on a node with an alias * Do not restart nova-api on /etc/nova/nova.conf changes if SSL is enabled * Remove _edit_attributes.html.haml * ceph-store role should not always conflict with nova-multi-controller * Update crowbar-SASS-styles.patch: use text cursor for text fields * Gracefully handle case where node is missing * Fix hung ssh when rebooting client nodes (bnc#779709) * Add size_bytes to Disk class * Include apache2 recipes if glance is using SSL, not keystone * Move ping/start_up_delay inside ruby_block (bnc#777777) * do not take down network (bnc#777777) * Only use start_up_delay if a NIC is actually ifup'd (bnc#777777) * Add ping test of admin node when interfaces change (bnc#777777) * Ensure correct ordering of swift roles in run list for any given node. * Added 0 as available Bonding Policy (bnc#780412) * Add a public_name attribute to each node (bnc#777523) * Add a hint explaining what the public name is (bnc#777523) * Fix instance_selector helper (bnc#780797) * Register keystone endpoint with public name of node if it exists (bnc#777523) * In non-SSL mode with no public name, use IP address for public endpoint (bnc#777523) * Use public ip/host when registering api endpoint when binding to all IPs (bnc#777524) * Make SSL setup respect the bind_open_address setting (bnc#777524) * Add SSLCertificateChainFile to apache config (bnc#778032) * Use proper path for setting db-related attributes (bnc#780797) * Register keystone endpoint with public name of node if it exists (bnc#777523) * In non-SSL mode with no public name, use IP address for public endpoint (bnc#777523) * Add SSLCertificateChainFile to apache config (bnc#778032) * Check for root password to avoid accidental lock-out from admin node (bnc#782525) * require pwdutils instead of obsolete shadow-utils to work on openSUSE * Update submodule references for SUSE Cloud 1.0 * Use lock when transitioning barclamps (bnc#782526) * Add SSLCertificateChainFile to apache config (bnc#778032) * Add UI for certificate chain file and set default to "" (bnc#778032) * Register keystone endpoint with public name of node if it exists (bnc#777523) * In non-SSL mode with no public name, use IP address for public endpoint (bnc#777523) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-201210-6969 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): rubygem-ohai-0.6.10-0.13.2 - SUSE Cloud 1.0 (noarch) [New Version: 2.17.26]: crowbar-1.2+git.1349391150.b93deec-0.5.1 crowbar-barclamp-ceph-1.2+git.1347542690.659db58-0.7.17 crowbar-barclamp-crowbar-1.2+git.1349391355.9ed7911-0.5.9 crowbar-barclamp-deployer-1.2+git.1346325803.779a69b-0.7.17 crowbar-barclamp-glance-1.2+git.1348652325.9a1e101-0.5.11 crowbar-barclamp-keystone-1.2+git.1348653347.7f3c0d9-0.5.1 crowbar-barclamp-network-1.2+git.1347441550.73ea47d-0.5.18 crowbar-barclamp-nova-1.2+git.1348844314.f8e16cd-0.5.11 crowbar-barclamp-nova_dashboard-1.2+git.1348653483.8171545-0.5.1 crowbar-barclamp-provisioner-1.2+git.1349391305.332f536-0.5.9 crowbar-barclamp-swift-1.2+git.1347541330.98dfae7-0.5.11 yast2-crowbar-2.17.26-0.5.11 References: https://bugzilla.novell.com/776573 https://bugzilla.novell.com/777523 https://bugzilla.novell.com/777524 https://bugzilla.novell.com/777777 https://bugzilla.novell.com/777843 https://bugzilla.novell.com/777850 https://bugzilla.novell.com/777873 https://bugzilla.novell.com/777897 https://bugzilla.novell.com/778032 https://bugzilla.novell.com/778088 https://bugzilla.novell.com/778250 https://bugzilla.novell.com/778739 https://bugzilla.novell.com/779709 https://bugzilla.novell.com/780412 https://bugzilla.novell.com/780797 https://bugzilla.novell.com/782525 https://bugzilla.novell.com/782526 http://download.novell.com/patch/finder/?keywords=66da523b9c1fd03ad41c25090d18e3a8 From sle-updates at lists.suse.com Fri Oct 19 10:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Oct 2012 18:08:26 +0200 (CEST) Subject: SUSE-RU-2012:1366-2: moderate: Recommended update for autofs5 Message-ID: <20121019160826.719A732283@maintenance.suse.de> SUSE Recommended Update: Recommended update for autofs5 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1366-2 Rating: moderate References: #774241 #777709 #778537 #779114 #780990 #784288 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This consolidated update for autofs provides an enhancement to support individual timeouts for each direct map present in the master map. In addition, the following fixes are added: * fix submount shutdown race * fix locking problems in the master source mutex that could cause deadlocks * fix lookup for keys in an included multi-mount map * fix buffer initialization in the master map parser * fix an use after free mistake in lookup_prune_one_cache() that could cause a segmentation fault Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): autofs5-5.0.5-0.20.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): autofs5-5.0.5-0.20.1 References: https://bugzilla.novell.com/774241 https://bugzilla.novell.com/777709 https://bugzilla.novell.com/778537 https://bugzilla.novell.com/779114 https://bugzilla.novell.com/780990 https://bugzilla.novell.com/784288 http://download.novell.com/patch/finder/?keywords=447b17f81e0b03a772aa7d15c0fc43a3 From sle-updates at lists.suse.com Fri Oct 19 13:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Oct 2012 21:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1373-1: important: Recommended update for sleshammer Message-ID: <20121019190831.DF7D932280@maintenance.suse.de> SUSE Recommended Update: Recommended update for sleshammer ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1373-1 Rating: important References: #785627 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression in the web ui after the last sleshammer update. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-sleshammer-201210-2-6979 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): rubygem-ohai-0.6.10-0.15.1 sleshammer-0.1-0.13.1 References: https://bugzilla.novell.com/785627 http://download.novell.com/patch/finder/?keywords=71acd0557c4522344cba069b7d50be3f From sle-updates at lists.suse.com Mon Oct 22 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Oct 2012 18:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1381-1: important: Recommended update for microcode_ctl Message-ID: <20121022160833.C3B2132279@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1381-1 Rating: important References: #779550 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides Intel's CPU microcode version 20120606-v2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-microcode_ctl-6902 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-microcode_ctl-6902 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-microcode_ctl-6903 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-microcode_ctl-6903 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-microcode_ctl-6902 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): microcode_ctl-1.17-102.46.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.46.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): microcode_ctl-1.17-102.46.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): microcode_ctl-1.17-102.46.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.46.1 References: https://bugzilla.novell.com/779550 http://download.novell.com/patch/finder/?keywords=3b73c3b79c623a2f9e65b9fd801861f1 http://download.novell.com/patch/finder/?keywords=4edcd9ba2aa02a913d4ccf3ee755c1e2 From sle-updates at lists.suse.com Mon Oct 22 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Oct 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1382-1: moderate: Recommended update for openssl-certs Message-ID: <20121022170837.A030C32280@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl-certs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1382-1 Rating: moderate References: #783509 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: The openssl-certs certificate store was updated with the Mozilla certdata.txt update to 1.85. The following changes were done: * new "Actalis Authentication Root CA" * new "Trustis FPS Root CA" * new "StartCom Certification Authority" * new "StartCom Certification Authority G2" * new "Buypass Class 2 Root CA" * new "Buypass Class 3 Root CA" * updated: "Sonera Class2 CA": remove code-signing * updated: "thawte Primary Root CA": added code-signing * updated: "Trustis_FPS_Root_CA.pem": added code-signing * updated: VeriSign Class 3 Public Primary Certification Authority - G5": added code-signing, email-protection Mozilla tracker bug: https://bugzilla.mozilla.org/show_bug.cgi?id=757197 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-openssl-certs-6941 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-openssl-certs-6941 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-openssl-certs-6941 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 1.85]: openssl-certs-1.85-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 1.85]: openssl-certs-1.85-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (noarch) [New Version: 1.85]: openssl-certs-1.85-0.17.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 1.85]: openssl-certs-1.85-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 1.85]: openssl-certs-1.85-0.17.1 References: https://bugzilla.novell.com/783509 http://download.novell.com/patch/finder/?keywords=7ac4d071eacd53eeedc8ae8bd3615962 http://download.novell.com/patch/finder/?keywords=a22d8e7f8c93fbb0ea8bbc4d294ff792 From sle-updates at lists.suse.com Mon Oct 22 12:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Oct 2012 20:08:25 +0200 (CEST) Subject: SUSE-RU-2012:1383-1: important: Recommended update for dbus Message-ID: <20121022180825.86D8C3227E@maintenance.suse.de> SUSE Recommended Update: Recommended update for dbus ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1383-1 Rating: important References: #697105 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression in the previous security update that caused dbus-daemon-launch-helper to stop working (bnc#697105). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-dbus-1-6957 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-dbus-1-6957 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-dbus-1-6957 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-dbus-1-6958 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-dbus-1-6957 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): dbus-1-devel-1.2.10-3.27.1 dbus-1-devel-doc-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): dbus-1-1.2.10-3.27.1 dbus-1-x11-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): dbus-1-32bit-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): dbus-1-1.2.10-3.27.1 dbus-1-x11-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): dbus-1-32bit-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): dbus-1-x86-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): dbus-1-1.2.10-3.27.1 dbus-1-x11-1.2.10-3.27.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64): dbus-1-32bit-1.2.10-3.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): dbus-1-1.2.10-3.27.1 dbus-1-x11-1.2.10-3.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): dbus-1-32bit-1.2.10-3.27.1 References: https://bugzilla.novell.com/697105 http://download.novell.com/patch/finder/?keywords=1723dada90c7fe765806f3b46d8afae2 http://download.novell.com/patch/finder/?keywords=be64b157069a7baf3b1bf1c7f1569426 From sle-updates at lists.suse.com Tue Oct 23 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Oct 2012 19:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1390-1: important: Security update for bind Message-ID: <20121023170835.833993227D@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1390-1 Rating: important References: #784602 Cross-References: CVE-2012-5166 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The following issue has been fixed: * Specially crafted RDATA could have caused bind to lockup. This was a different flaw than CVE-2012-4244. Security Issue reference: * CVE-2012-5166 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-bind-6944 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bind-6944 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bind-6944 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-bind-6980 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bind-6944 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-devel-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64) [New Version: 9.6ESVR7P4]: bind-devel-32bit-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.8.1 bind-chrootenv-9.6ESVR7P4-0.8.1 bind-doc-9.6ESVR7P4-0.8.1 bind-libs-9.6ESVR7P4-0.8.1 bind-utils-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.8.1 bind-chrootenv-9.6ESVR7P4-0.8.1 bind-doc-9.6ESVR7P4-0.8.1 bind-libs-9.6ESVR7P4-0.8.1 bind-utils-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.6ESVR7P4]: bind-libs-x86-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.2.3.1 bind-chrootenv-9.6ESVR7P4-0.2.3.1 bind-doc-9.6ESVR7P4-0.2.3.1 bind-libs-9.6ESVR7P4-0.2.3.1 bind-utils-9.6ESVR7P4-0.2.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.2.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.7.1 bind-chrootenv-9.6ESVR7P4-0.7.1 bind-devel-9.6ESVR7P4-0.7.1 bind-doc-9.6ESVR7P4-0.7.1 bind-libs-9.6ESVR7P4-0.7.1 bind-utils-9.6ESVR7P4-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P4]: bind-libs-x86-9.6ESVR7P4-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P4]: bind-devel-64bit-9.6ESVR7P4-0.7.1 bind-libs-64bit-9.6ESVR7P4-0.7.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): bind-9.3.4-1.42.1 bind-chrootenv-9.3.4-1.42.1 bind-devel-9.3.4-1.42.1 bind-doc-9.3.4-1.42.1 bind-libs-9.3.4-1.42.1 bind-utils-9.3.4-1.42.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): bind-libs-32bit-9.3.4-1.42.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-libs-9.6ESVR7P4-0.8.1 bind-utils-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-libs-9.6ESVR7P4-0.7.1 bind-utils-9.6ESVR7P4-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.7.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.7.1 bind-chrootenv-9.6ESVR7P4-0.7.1 bind-devel-9.6ESVR7P4-0.7.1 bind-doc-9.6ESVR7P4-0.7.1 - SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P4]: bind-devel-64bit-9.6ESVR7P4-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-5166.html https://bugzilla.novell.com/784602 http://download.novell.com/patch/finder/?keywords=0491290854c3af020f68ff0d5b8b26cd http://download.novell.com/patch/finder/?keywords=43e6060a96c82b013f497e12bdab3e50 http://download.novell.com/patch/finder/?keywords=746fd176e23d559fd877814c838c73cc http://download.novell.com/patch/finder/?keywords=b317f08d89c8077faca5bab8b9e853e7 From sle-updates at lists.suse.com Wed Oct 24 00:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Oct 2012 08:08:27 +0200 (CEST) Subject: SUSE-SU-2012:1390-2: important: Security update for bind Message-ID: <20121024060827.78F7C32280@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1390-2 Rating: important References: #784602 Cross-References: CVE-2012-5166 Affected Products: SUSE Linux Enterprise Server 10 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following issue has been fixed: * Specially crafted RDATA could have caused bind to lockup. This was a different flaw than CVE-2012-4244. Security Issue reference: * CVE-2012-5166 Package List: - SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64): bind-9.3.4-1.31.33.1 bind-chrootenv-9.3.4-1.31.33.1 bind-devel-9.3.4-1.31.33.1 bind-doc-9.3.4-1.31.33.1 bind-libs-9.3.4-1.31.33.1 bind-utils-9.3.4-1.31.33.1 - SUSE Linux Enterprise Server 10 SP2 (s390x x86_64): bind-libs-32bit-9.3.4-1.31.33.1 References: http://support.novell.com/security/cve/CVE-2012-5166.html https://bugzilla.novell.com/784602 http://download.novell.com/patch/finder/?keywords=a8e673632571bbd76e46ad33621a07bc From sle-updates at lists.suse.com Wed Oct 24 01:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Oct 2012 09:08:38 +0200 (CEST) Subject: SUSE-SU-2012:1391-1: important: Security update for Linux kernel Message-ID: <20121024070838.AB2F632282@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1391-1 Rating: important References: #674284 #703156 #734056 #738400 #738528 #747576 #755546 #758985 #760974 #762581 #763526 #765102 #765320 #767277 #767504 #767766 #767939 #769784 #770507 #770697 #772409 #773272 #773831 #776888 #777575 #783058 Cross-References: CVE-2011-1044 CVE-2011-4110 CVE-2012-2136 CVE-2012-2663 CVE-2012-2744 CVE-2012-3510 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 20 fixes is now available. Description: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2011-2494: kernel/taskstats.c in the Linux kernel allowed local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another users password (a side channel attack). * CVE-2012-2744: net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel, when the nf_conntrack_ipv6 module is enabled, allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. * CVE-2012-3510: Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel allowed local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. * CVE-2011-4110: The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allowed local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and updating a negative key into a fully instantiated key. * CVE-2011-1044: The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel did not initialize a certain response buffer, which allowed local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. * CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. * CVE-2012-2136: The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel did not properly validate a certain length value, which allowed local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. * CVE-2012-2663: A small denial of service leak in dropping syn+fin messages was fixed. The following non-security issues have been fixed: Packaging: * kbuild: Fix gcc -x syntax (bnc#773831). NFS: * knfsd: An assortment of little fixes to the sunrpc cache code (bnc#767766). * knfsd: Unexport cache_fresh and fix a small race (bnc#767766). * knfsd: nfsd: do not drop silently on upcall deferral (bnc#767766). * knfsd: svcrpc: remove another silent drop from deferral code (bnc#767766). * sunrpc/cache: simplify cache_fresh_locked and cache_fresh_unlocked (bnc#767766). * sunrpc/cache: recheck cache validity after cache_defer_req (bnc#767766). * sunrpc/cache: use list_del_init for the list_head entries in cache_deferred_req (bnc#767766). * sunrpc/cache: avoid variable over-loading in cache_defer_req (bnc#767766). * sunrpc/cache: allow thread to block while waiting for cache update (bnc#767766). * sunrpc/cache: Fix race in sunrpc/cache introduced by patch to allow thread to block while waiting for cache update (bnc#767766). * sunrpc/cache: Another fix for race problem with sunrpc cache deferal (bnc#767766). * knfsd: nfsd: make all exp_finding functions return -errnos on err (bnc#767766). * Fix kabi breakage in previous nfsd patch series (bnc#767766). * nfsd: Work around incorrect return type for wait_for_completion_interruptible_timeout (bnc#767766). * nfs: Fix a potential file corruption issue when writing (bnc#773272). * nfs: Allow sync writes to be multiple pages (bnc#763526). * nfs: fix reference counting for NFSv4 callback thread (bnc#767504). * nfs: flush signals before taking down callback thread (bnc#767504). * nfsv4: Ensure nfs_callback_down() calls svc_destroy() (bnc#767504). SCSI: * SCSI/ch: Check NULL for kmalloc() return (bnc#783058). * drivers/scsi/aic94xx/aic94xx_init.c: correct the size argument to kmalloc (bnc#783058). * block: fail SCSI passthrough ioctls on partition devices (bnc#738400). * dm: do not forward ioctls from logical volumes to the underlying device (bnc#738400). * vmware: Fix VMware hypervisor detection (bnc#777575, bnc#770507). S/390: * lgr: Make lgr_page static (bnc#772409,LTC#83520). * zfcp: Fix oops in _blk_add_trace() (bnc#772409,LTC#83510). * kernel: Add z/VM LGR detection (bnc#767277,LTC#RAS1203). * be2net: Fix EEH error reset before a flash dump completes (bnc#755546). * mptfusion: fix msgContext in mptctl_hp_hostinfo (bnc#767939). * PCI: Fix bus resource assignment on 32 bits with 64b resources. (bnc#762581) * PCI: fix up setup-bus.c #ifdef. (bnc#762581) * x86: powernow-k8: Fix indexing issue (bnc#758985). * net: Fix race condition about network device name allocation (bnc#747576). XEN: * smpboot: adjust ordering of operations. * xen/x86-64: provide a memset() that can deal with 4Gb or above at a time (bnc#738528). * xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53 (bnc#760974). * xen/gntdev: fix multi-page slot allocation (bnc#760974). Security Issues: * CVE-2011-1044 * CVE-2011-4110 * CVE-2012-2136 * CVE-2012-2663 * CVE-2012-2744 * CVE-2012-3510 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): kernel-default-2.6.16.60-0.99.1 kernel-source-2.6.16.60-0.99.1 kernel-syms-2.6.16.60-0.99.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.99.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.99.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): kernel-smp-2.6.16.60-0.99.1 kernel-xen-2.6.16.60-0.99.1 - SUSE Linux Enterprise Server 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.99.1 kernel-kdumppae-2.6.16.60-0.99.1 kernel-vmi-2.6.16.60-0.99.1 kernel-vmipae-2.6.16.60-0.99.1 kernel-xenpae-2.6.16.60-0.99.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): kernel-iseries64-2.6.16.60-0.99.1 kernel-ppc64-2.6.16.60-0.99.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kernel-default-2.6.16.60-0.99.1 kernel-smp-2.6.16.60-0.99.1 kernel-source-2.6.16.60-0.99.1 kernel-syms-2.6.16.60-0.99.1 kernel-xen-2.6.16.60-0.99.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.99.1 kernel-xenpae-2.6.16.60-0.99.1 - SLE SDK 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.99.1 - SLE SDK 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.99.1 - SLE SDK 10 SP4 (i586 x86_64): kernel-xen-2.6.16.60-0.99.1 - SLE SDK 10 SP4 (i586): kernel-xenpae-2.6.16.60-0.99.1 References: http://support.novell.com/security/cve/CVE-2011-1044.html http://support.novell.com/security/cve/CVE-2011-4110.html http://support.novell.com/security/cve/CVE-2012-2136.html http://support.novell.com/security/cve/CVE-2012-2663.html http://support.novell.com/security/cve/CVE-2012-2744.html http://support.novell.com/security/cve/CVE-2012-3510.html https://bugzilla.novell.com/674284 https://bugzilla.novell.com/703156 https://bugzilla.novell.com/734056 https://bugzilla.novell.com/738400 https://bugzilla.novell.com/738528 https://bugzilla.novell.com/747576 https://bugzilla.novell.com/755546 https://bugzilla.novell.com/758985 https://bugzilla.novell.com/760974 https://bugzilla.novell.com/762581 https://bugzilla.novell.com/763526 https://bugzilla.novell.com/765102 https://bugzilla.novell.com/765320 https://bugzilla.novell.com/767277 https://bugzilla.novell.com/767504 https://bugzilla.novell.com/767766 https://bugzilla.novell.com/767939 https://bugzilla.novell.com/769784 https://bugzilla.novell.com/770507 https://bugzilla.novell.com/770697 https://bugzilla.novell.com/772409 https://bugzilla.novell.com/773272 https://bugzilla.novell.com/773831 https://bugzilla.novell.com/776888 https://bugzilla.novell.com/777575 https://bugzilla.novell.com/783058 http://download.novell.com/patch/finder/?keywords=118cf41af33f48911c473f3bd88c74a8 http://download.novell.com/patch/finder/?keywords=1d5bd8295622191606c935851bd82ff9 http://download.novell.com/patch/finder/?keywords=3b3320a96f49fe4615b35ba22bb6cbf3 http://download.novell.com/patch/finder/?keywords=9dc087603b172b449aa9a07b548bf3cf http://download.novell.com/patch/finder/?keywords=c77cfcc87d8e54df006cb42c12c2fadb From sle-updates at lists.suse.com Wed Oct 24 14:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Oct 2012 22:08:27 +0200 (CEST) Subject: SUSE-RU-2012:1397-1: Recommended update for X.org and Mesa Message-ID: <20121024200827.D6F4232280@maintenance.suse.de> SUSE Recommended Update: Recommended update for X.org and Mesa ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1397-1 Rating: low References: #752352 #754313 #759971 #767707 #770306 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This collective update for the X.Org video drivers and the Mesa library resolves the following issues: * Fix GPU rendering and hang up on IVB GT1 desktop (bnc#770306) * Enable backlight and RTF modes for eDP (bnc#752352,bnc#767707) * Add support for Ivy Bridge GT2 Server chipset (bnc#759971) * Update to intel-gpu-tools 1.1 with IvyBridge support (bnc#754313). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xorg-mesa-201209-6838 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xorg-mesa-201209-6838 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xorg-mesa-201209-6838 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xorg-mesa-201209-6838 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): Mesa-devel-7.11.2-0.7.3 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): Mesa-devel-32bit-7.11.2-0.7.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): Mesa-7.11.2-0.7.3 xorg-x11-driver-video-7.4.0.1-0.52.7 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): Mesa-32bit-7.11.2-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): Mesa-7.11.2-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): xorg-x11-driver-video-7.4.0.1-0.52.7 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): Mesa-32bit-7.11.2-0.7.3 - SUSE Linux Enterprise Server 11 SP2 (ia64): Mesa-x86-7.11.2-0.7.3 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): Mesa-7.11.2-0.7.3 xorg-x11-driver-video-7.4.0.1-0.52.7 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): Mesa-32bit-7.11.2-0.7.3 References: https://bugzilla.novell.com/752352 https://bugzilla.novell.com/754313 https://bugzilla.novell.com/759971 https://bugzilla.novell.com/767707 https://bugzilla.novell.com/770306 http://download.novell.com/patch/finder/?keywords=740c86109ba44a7f92bbb9b409496335 From sle-updates at lists.suse.com Wed Oct 24 14:08:43 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Oct 2012 22:08:43 +0200 (CEST) Subject: SUSE-SU-2012:1398-1: important: Security update for OpenJDK Message-ID: <20121024200843.31ED832280@maintenance.suse.de> SUSE Security Update: Security update for OpenJDK ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1398-1 Rating: important References: #785433 Cross-References: CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-4681 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5078 CVE-2012-5079 CVE-2012-5080 CVE-2012-5081 CVE-2012-5082 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 31 vulnerabilities is now available. Description: java-openjdk was upgraded to version 1.11.5 to fix various security and non-security issues. Security Issue references: * CVE-2012-4681 * CVE-2012-5083 * CVE-2012-1531 * CVE-2012-5086 * CVE-2012-5087 * CVE-2012-1533 * CVE-2012-1532 * CVE-2012-5076 * CVE-2012-3143 * CVE-2012-5088 * CVE-2012-5078 * CVE-2012-5089 * CVE-2012-5084 * CVE-2012-5080 * CVE-2012-3159 * CVE-2012-5068 * CVE-2012-4416 * CVE-2012-5074 * CVE-2012-5071 * CVE-2012-5069 * CVE-2012-5067 * CVE-2012-5070 * CVE-2012-5075 * CVE-2012-5073 * CVE-2012-5079 * CVE-2012-5072 * CVE-2012-5081 * CVE-2012-5082 * CVE-2012-3216 * CVE-2012-5077 * CVE-2012-5085 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-java-1_6_0-openjdk-6987 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b24.1.11.5-0.2.1 java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.5-0.2.1 java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.5-0.2.1 References: http://support.novell.com/security/cve/CVE-2012-1531.html http://support.novell.com/security/cve/CVE-2012-1532.html http://support.novell.com/security/cve/CVE-2012-1533.html http://support.novell.com/security/cve/CVE-2012-3143.html http://support.novell.com/security/cve/CVE-2012-3159.html http://support.novell.com/security/cve/CVE-2012-3216.html http://support.novell.com/security/cve/CVE-2012-4416.html http://support.novell.com/security/cve/CVE-2012-4681.html http://support.novell.com/security/cve/CVE-2012-5067.html http://support.novell.com/security/cve/CVE-2012-5068.html http://support.novell.com/security/cve/CVE-2012-5069.html http://support.novell.com/security/cve/CVE-2012-5070.html http://support.novell.com/security/cve/CVE-2012-5071.html http://support.novell.com/security/cve/CVE-2012-5072.html http://support.novell.com/security/cve/CVE-2012-5073.html http://support.novell.com/security/cve/CVE-2012-5074.html http://support.novell.com/security/cve/CVE-2012-5075.html http://support.novell.com/security/cve/CVE-2012-5076.html http://support.novell.com/security/cve/CVE-2012-5077.html http://support.novell.com/security/cve/CVE-2012-5078.html http://support.novell.com/security/cve/CVE-2012-5079.html http://support.novell.com/security/cve/CVE-2012-5080.html http://support.novell.com/security/cve/CVE-2012-5081.html http://support.novell.com/security/cve/CVE-2012-5082.html http://support.novell.com/security/cve/CVE-2012-5083.html http://support.novell.com/security/cve/CVE-2012-5084.html http://support.novell.com/security/cve/CVE-2012-5085.html http://support.novell.com/security/cve/CVE-2012-5086.html http://support.novell.com/security/cve/CVE-2012-5087.html http://support.novell.com/security/cve/CVE-2012-5088.html http://support.novell.com/security/cve/CVE-2012-5089.html https://bugzilla.novell.com/785433 http://download.novell.com/patch/finder/?keywords=c230e2b1023ded8fd1041aa18bc26a60 From sle-updates at lists.suse.com Wed Oct 24 16:09:07 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Oct 2012 00:09:07 +0200 (CEST) Subject: SUSE-SU-2012:1203-2: important: Security update for qemu Message-ID: <20121024220907.EAC8C32280@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1203-2 Rating: important References: #777084 Cross-References: CVE-2012-3515 Affected Products: SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). This has been fixed. Security Issue reference: * CVE-2012-3515 Package List: - SLE SDK 10 SP4 (i586 ia64 x86_64): qemu-0.8.2-37.14.1 References: http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/777084 http://download.novell.com/patch/finder/?keywords=30f612a13ba8c3e5184ba89d4582a058 From sle-updates at lists.suse.com Fri Oct 26 08:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Oct 2012 16:08:24 +0200 (CEST) Subject: SUSE-RU-2012:1400-1: moderate: Recommended update for quagga Message-ID: <20121026140824.124A132283@maintenance.suse.de> SUSE Recommended Update: Recommended update for quagga ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1400-1 Rating: moderate References: #781567 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for quagga resolves a problem that could cause a crash in ospfd when another instance of the daemon is started in the network. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-quagga-6955 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-quagga-6955 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-quagga-6955 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): quagga-0.99.15-0.12.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): quagga-0.99.15-0.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.12.1 References: https://bugzilla.novell.com/781567 http://download.novell.com/patch/finder/?keywords=9a3ba277729d9530404b66b37e9309bf From sle-updates at lists.suse.com Fri Oct 26 10:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Oct 2012 18:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1401-1: Recommended update for binutils Message-ID: <20121026160834.D365132283@maintenance.suse.de> SUSE Recommended Update: Recommended update for binutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1401-1 Rating: low References: #767762 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression in handling overrides of weak symbols that can cause linking to abort on PowerPC platforms. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-binutils-6973 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-binutils-6973 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-binutils-6973 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-binutils-6973 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): binutils-devel-2.21.1-0.9.2 cross-ppc-binutils-2.21.1-0.9.1 cross-spu-binutils-2.21.1-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): binutils-devel-32bit-2.21.1-0.9.2 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 x86_64): binutils-gold-2.21.1-0.9.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): binutils-2.21.1-0.9.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): binutils-2.21.1-0.9.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): binutils-2.21.1-0.9.2 References: https://bugzilla.novell.com/767762 http://download.novell.com/patch/finder/?keywords=9a7a919294fcc79c08a9cfd4ae11279f From sle-updates at lists.suse.com Fri Oct 26 11:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Oct 2012 19:08:39 +0200 (CEST) Subject: SUSE-RU-2012:1402-1: Recommended update for novfs KMP Message-ID: <20121026170839.16CF832282@maintenance.suse.de> SUSE Recommended Update: Recommended update for novfs KMP ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1402-1 Rating: low References: #751173 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to the novfs kernel module resolves the following issue: * User access rights to volumes are not updated correctly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-novfs-kmp-6731 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): novfs-kmp-default-1_3.0.38_0.5-0.19.1 novfs-kmp-trace-1_3.0.38_0.5-0.19.1 novfs-kmp-xen-1_3.0.38_0.5-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586): novfs-kmp-pae-1_3.0.38_0.5-0.19.1 References: https://bugzilla.novell.com/751173 http://download.novell.com/patch/finder/?keywords=9f2bc7fcdadefcfd618795e3ac3297d7 From sle-updates at lists.suse.com Fri Oct 26 11:08:55 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Oct 2012 19:08:55 +0200 (CEST) Subject: SUSE-RU-2012:1403-1: Recommended update for novell-novfsd Message-ID: <20121026170855.9CE8A3227A@maintenance.suse.de> SUSE Recommended Update: Recommended update for novell-novfsd ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1403-1 Rating: low References: #737214 #763207 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes two issues which cause simultaneous nwlogin attempts to fail. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-novell-novfsd-6905 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): novell-novfsd-3.0.0-0.22.1 References: https://bugzilla.novell.com/737214 https://bugzilla.novell.com/763207 http://download.novell.com/patch/finder/?keywords=f936dd540e582f765c7686fb8184fa98 From sle-updates at lists.suse.com Mon Oct 29 10:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 29 Oct 2012 17:08:25 +0100 (CET) Subject: SUSE-RU-2012:1410-1: moderate: Recommended update for perl-Bootloader Message-ID: <20121029160825.DBF5932283@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-Bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1410-1 Rating: moderate References: #775183 #776915 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for perl-Bootloader resolves the following issues: * When using CCISS or similar RAID controller updating may break the bootloader configuration by changing (hd0,0) to (hd0) in menu.lst (bnc#776915) * Bootloader configuration with serial lines may put 'serial' and 'terminal' entries into menu.lst in the wrong order (bnc#775183). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-perl-Bootloader-6915 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-perl-Bootloader-6915 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-perl-Bootloader-6915 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.4.89.44]: perl-Bootloader-0.4.89.44-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.4.89.44]: perl-Bootloader-0.4.89.44-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.4.89.44]: perl-Bootloader-0.4.89.44-0.5.1 References: https://bugzilla.novell.com/775183 https://bugzilla.novell.com/776915 http://download.novell.com/patch/finder/?keywords=7166245c33b34e5e26caeb6dcef79030 From sle-updates at lists.suse.com Tue Oct 30 10:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Oct 2012 17:08:29 +0100 (CET) Subject: SUSE-RU-2012:1414-1: important: Recommended update for timezone Message-ID: <20121030160829.2E50432284@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1414-1 Rating: important References: #787005 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Samoa fall 2012 and later * Palestine fall 2012 * Bahia no longer has DST * Tocantins has DST * Israel has new DST rules next year * Jordan stays on DST this winter Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2012h]: timezone-2012h-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2012h]: timezone-2012h-0.5.1 References: https://bugzilla.novell.com/787005 http://download.novell.com/patch/finder/?keywords=d2b3d4f7779714716833a15509201a9a From sle-updates at lists.suse.com Tue Oct 30 12:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Oct 2012 19:08:35 +0100 (CET) Subject: SUSE-RU-2012:1415-1: moderate: Recommended update for aaa_base Message-ID: <20121030180835.5F28B32284@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1415-1 Rating: moderate References: #778175 #781442 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for aaa_base provides the following fixes: * fix path to faillog in /etc/profile and /etc/csh.login (bnc#781442) * Work around a separate /var parition, that is restore the pid file for the blogd as otherwise the signal SIGIO can not be submitted to the current blogd process. (bnc#778175) Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-aaa_base-6962 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-aaa_base-6962 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-aaa_base-6962 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): aaa_base-11-6.75.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.75.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): aaa_base-11-6.75.1 References: https://bugzilla.novell.com/778175 https://bugzilla.novell.com/781442 http://download.novell.com/patch/finder/?keywords=b672c3192b2946e20fb05ebea2f43004 From sle-updates at lists.suse.com Wed Oct 31 13:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Oct 2012 20:08:31 +0100 (CET) Subject: SUSE-RU-2012:1425-1: Recommended update for tgt Message-ID: <20121031190831.A0D5932284@maintenance.suse.de> SUSE Recommended Update: Recommended update for tgt ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1425-1 Rating: low References: #714295 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the Linux Target Framework (tgt) adds a man page for the tgtd daemon. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-tgt-6914 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-tgt-6914 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): tgt-0.9.10-0.17.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): tgt-0.9.10-0.17.1 References: https://bugzilla.novell.com/714295 http://download.novell.com/patch/finder/?keywords=0685813ce444f08ca54f334cbf37d560 From sle-updates at lists.suse.com Wed Oct 31 13:08:47 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Oct 2012 20:08:47 +0100 (CET) Subject: SUSE-RU-2012:1414-2: important: Recommended update for timezone, timezone-debuginfo, timezone-debugsource, timezone-java Message-ID: <20121031190848.097873227E@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone, timezone-debuginfo, timezone-debugsource, timezone-java ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1414-2 Rating: important References: #787005 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Samoa fall 2012 and later * Palestine fall 2012 * Bahia no longer has DST * Tocantins has DST * Israel has new DST rules next year * Jordan stays on DST this winter Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-timezone-2012h-7003 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-timezone-2012h-7003 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-timezone-2012h-7003 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-timezone-2012h-7003 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): timezone-java-2012h-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2012h]: timezone-2012h-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2012h]: timezone-java-2012h-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2012h]: timezone-2012h-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2012h]: timezone-java-2012h-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2012h]: timezone-2012h-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2012h]: timezone-java-2012h-0.3.1 References: https://bugzilla.novell.com/787005 http://download.novell.com/patch/finder/?keywords=02e8e92652cb3f3ea5a4219718ad8eda From sle-updates at lists.suse.com Wed Oct 31 15:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Oct 2012 22:08:27 +0100 (CET) Subject: SUSE-SU-2012:1426-1: important: Security update for Mozilla Firefox Message-ID: <20121031210827.A3D8932285@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1426-1 Rating: important References: #786522 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes two new package versions. Description: MozillaFirefox was updated to the 10.0.10ESR security release. The following issues have been fixed: * MFSA 2012-90: Mozilla has fixed a number of issues related to the Location object in order to enhance overall security. Details for each of the current fixed issues are below. Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. * CVE-2012-4194: Security researcher Mariusz Mlynski reported that the true value of window.location could be shadowed by user content through the use of the valueOf method, which can be combined with some plugins to perform a cross-site scripting (XSS) attack on users. * CVE-2012-4195: Mozilla security researcher moz_bug_r_a4 discovered that the CheckURL function in window.location can be forced to return the wrong calling document and principal, allowing a cross-site scripting (XSS) attack. There is also the possibility of gaining arbitrary code execution if the attacker can take advantage of an add-on that interacts with the page content. * CVE-2012-4196: Security researcher Antoine Delignat-Lavaud of the PROSECCO research team at INRIA Paris reported the ability to use property injection by prototype to bypass security wrapper protections on the Location object, allowing the cross-origin reading of the Location object. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-firefox-201210b-7004 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201210b-7004 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201210b-7004 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201210b-7004 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.9.3]: mozilla-nspr-devel-4.9.3-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 10.0.10 and 4.9.3]: MozillaFirefox-10.0.10-0.3.1 MozillaFirefox-translations-10.0.10-0.3.1 mozilla-nspr-4.9.3-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 4.9.3]: mozilla-nspr-32bit-4.9.3-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.10 and 4.9.3]: MozillaFirefox-10.0.10-0.3.1 MozillaFirefox-translations-10.0.10-0.3.1 mozilla-nspr-4.9.3-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 4.9.3]: mozilla-nspr-32bit-4.9.3-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 4.9.3]: mozilla-nspr-x86-4.9.3-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 4.9.3]: mozilla-nspr-4.9.3-0.5.1 mozilla-nspr-devel-4.9.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-10.0.10-0.5.2 MozillaFirefox-translations-10.0.10-0.5.2 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 4.9.3]: mozilla-nspr-32bit-4.9.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 4.9.3]: mozilla-nspr-x86-4.9.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 4.9.3]: mozilla-nspr-64bit-4.9.3-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.10 and 4.9.3]: MozillaFirefox-10.0.10-0.3.1 MozillaFirefox-translations-10.0.10-0.3.1 mozilla-nspr-4.9.3-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 4.9.3]: mozilla-nspr-32bit-4.9.3-0.2.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 4.9.3]: mozilla-nspr-4.9.3-0.5.1 mozilla-nspr-devel-4.9.3-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 4.9.3]: mozilla-nspr-32bit-4.9.3-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): MozillaFirefox-10.0.10-0.5.2 MozillaFirefox-translations-10.0.10-0.5.2 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.10-0.5.2 References: https://bugzilla.novell.com/786522 http://download.novell.com/patch/finder/?keywords=67c3a0325cfb67cf4cabe8f44fe58645 http://download.novell.com/patch/finder/?keywords=a779e3f3d65e3943cbd34d5b913f5501 From sle-updates at lists.suse.com Wed Oct 31 16:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Oct 2012 23:08:27 +0100 (CET) Subject: SUSE-SU-2012:1427-1: moderate: Security update for LibreOffice Message-ID: <20121031220828.033E332287@maintenance.suse.de> SUSE Security Update: Security update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1427-1 Rating: moderate References: #719988 #734733 #741480 #744510 #757602 #758565 #759172 #759180 #760019 #760997 #768027 #770708 #772094 #773048 #773061 #773515 #774167 #774681 #774921 #775899 #775906 #777181 #778669 Cross-References: CVE-2012-4233 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves one vulnerability and has 22 fixes is now available. It includes one version update. Description: LibreOffice was updated to SUSE 3.5 bugfix release 13 (based on upstream 3.5.6-rc2) which fixes a lot of bugs. The following bugs have been fixed: * polygon fill rule (bnc#759172) * open XML in Writer (bnc#777181) * undo in text objects (fdo#36138) * broken numbering level (bnc#760019) * better MathML detection (bnc#774921) * pictures in DOCX import (bnc#772094) * collapsing border painting (fdo#39415) * better DOCX text box export (fdo#45724) * hidden text in PPTX import (bnc#759180) * slide notes in PPTX import (bnc#768027) * RTL paragraphs in DOC import (fdo#43398) * better vertical text imports (bnc#744510) * HYPERLINK field in DOCX import (fdo#51034) * shadow color on partial redraw (bnc#773515) * floating objects in DOCX import (bnc#775899) * graphite2 hyphenation regression (fdo#49486) * missing shape position and size (bnc#760997) * page style attributes in ODF import (fdo#38056) * browsing in Template dialog crasher (fdo#46249) * wrong master slide shape being used (bnc#758565) * page borders regression in ODT import (fdo#38056) * invalidate bound rect after drag&drop (fdo#44534) * rotated shape margins in PPTX import (bnc#773048) * pasting into more than 1 sheet crasher (fdo#47311) * crashers in PPT/PPTX import (bnc#768027, bnc#774167 * missing footnote in DOCX/DOC/RTF export (fdo#46020) * checkbox no-label behaviour (fdo#51336, bnc#757602) * try somewhat harder to read w:position (bnc#773061) * FormatNumber can handle sal_uInt32 values (fdo#51793) * rectangle-paragraph tables in DOCX import (bnc#775899) * header and bullet in slideshow transition (bnc#759172) * default background color in DOC/DOCX export (fdo#45724) * font name / size attributes in DOCX import (bnc#774681) * zero rect. size causing wrong line positions (fdo#47434) * adjusted display of Bracket/BracePair in PPT (bnc#741480) * use Unicode functions for QuickStarter tooltip (fdo#52143) * TabRatio API and detect macro at group shape fixes (bnc#770708) * indented text in DOCX file does not wrap correctly (bnc#775906) * undocked toolbars do not show all icons in special ratio (fdo#47071) * cross-reference text when Caption order is Numbering first (fdo#50801) * bullet color same as following text by default (bnc#719988, bnc#734733) * misc RTF import fixes (rhbz#819304, fdo#49666, bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335, fdo#48446, fdo#49892, fdo#46966) * libvisio was updated to 0.0.19: * file displays as blank page in Draw (fdo#50990) * Use the vendor SUSE instead of Novell, Inc. * Some NULL pointer dereferences were fixed. (CVE-2012-4233) Security Issue reference: * CVE-2012-4233 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libreoffice-356-6804 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libreoffice-356-6804 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 3.5.4.13]: libreoffice-branding-upstream-3.5.4.13-0.3.1 libreoffice-help-cs-3.5.4.13-0.3.1 libreoffice-help-da-3.5.4.13-0.3.1 libreoffice-help-de-3.5.4.13-0.3.1 libreoffice-help-en-GB-3.5.4.13-0.3.1 libreoffice-help-en-US-3.5.4.13-0.3.1 libreoffice-help-es-3.5.4.13-0.3.1 libreoffice-help-fr-3.5.4.13-0.3.1 libreoffice-help-gu-IN-3.5.4.13-0.3.1 libreoffice-help-hi-IN-3.5.4.13-0.3.1 libreoffice-help-hu-3.5.4.13-0.3.1 libreoffice-help-it-3.5.4.13-0.3.1 libreoffice-help-ja-3.5.4.13-0.3.1 libreoffice-help-ko-3.5.4.13-0.3.1 libreoffice-help-nl-3.5.4.13-0.3.1 libreoffice-help-pl-3.5.4.13-0.3.1 libreoffice-help-pt-3.5.4.13-0.3.1 libreoffice-help-pt-BR-3.5.4.13-0.3.1 libreoffice-help-ru-3.5.4.13-0.3.1 libreoffice-help-sv-3.5.4.13-0.3.1 libreoffice-help-zh-CN-3.5.4.13-0.3.1 libreoffice-help-zh-TW-3.5.4.13-0.3.1 libreoffice-icon-themes-3.5.4.13-0.3.1 libreoffice-l10n-af-3.5.4.13-0.3.1 libreoffice-l10n-ar-3.5.4.13-0.3.1 libreoffice-l10n-ca-3.5.4.13-0.3.1 libreoffice-l10n-cs-3.5.4.13-0.3.1 libreoffice-l10n-da-3.5.4.13-0.3.1 libreoffice-l10n-de-3.5.4.13-0.3.1 libreoffice-l10n-el-3.5.4.13-0.3.1 libreoffice-l10n-en-GB-3.5.4.13-0.3.1 libreoffice-l10n-es-3.5.4.13-0.3.1 libreoffice-l10n-fi-3.5.4.13-0.3.1 libreoffice-l10n-fr-3.5.4.13-0.3.1 libreoffice-l10n-gu-IN-3.5.4.13-0.3.1 libreoffice-l10n-hi-IN-3.5.4.13-0.3.1 libreoffice-l10n-hu-3.5.4.13-0.3.1 libreoffice-l10n-it-3.5.4.13-0.3.1 libreoffice-l10n-ja-3.5.4.13-0.3.1 libreoffice-l10n-ko-3.5.4.13-0.3.1 libreoffice-l10n-nb-3.5.4.13-0.3.1 libreoffice-l10n-nl-3.5.4.13-0.3.1 libreoffice-l10n-nn-3.5.4.13-0.3.1 libreoffice-l10n-pl-3.5.4.13-0.3.1 libreoffice-l10n-pt-3.5.4.13-0.3.1 libreoffice-l10n-pt-BR-3.5.4.13-0.3.1 libreoffice-l10n-ru-3.5.4.13-0.3.1 libreoffice-l10n-sk-3.5.4.13-0.3.1 libreoffice-l10n-sv-3.5.4.13-0.3.1 libreoffice-l10n-xh-3.5.4.13-0.3.1 libreoffice-l10n-zh-CN-3.5.4.13-0.3.1 libreoffice-l10n-zh-TW-3.5.4.13-0.3.1 libreoffice-l10n-zu-3.5.4.13-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 3.5.4.13]: libreoffice-help-cs-3.5.4.13-0.3.1 libreoffice-help-da-3.5.4.13-0.3.1 libreoffice-help-de-3.5.4.13-0.3.1 libreoffice-help-en-GB-3.5.4.13-0.3.1 libreoffice-help-en-US-3.5.4.13-0.3.1 libreoffice-help-es-3.5.4.13-0.3.1 libreoffice-help-fr-3.5.4.13-0.3.1 libreoffice-help-gu-IN-3.5.4.13-0.3.1 libreoffice-help-hi-IN-3.5.4.13-0.3.1 libreoffice-help-hu-3.5.4.13-0.3.1 libreoffice-help-it-3.5.4.13-0.3.1 libreoffice-help-ja-3.5.4.13-0.3.1 libreoffice-help-ko-3.5.4.13-0.3.1 libreoffice-help-nl-3.5.4.13-0.3.1 libreoffice-help-pl-3.5.4.13-0.3.1 libreoffice-help-pt-3.5.4.13-0.3.1 libreoffice-help-pt-BR-3.5.4.13-0.3.1 libreoffice-help-ru-3.5.4.13-0.3.1 libreoffice-help-sv-3.5.4.13-0.3.1 libreoffice-help-zh-CN-3.5.4.13-0.3.1 libreoffice-help-zh-TW-3.5.4.13-0.3.1 libreoffice-icon-themes-3.5.4.13-0.3.1 libreoffice-l10n-af-3.5.4.13-0.3.1 libreoffice-l10n-ar-3.5.4.13-0.3.1 libreoffice-l10n-ca-3.5.4.13-0.3.1 libreoffice-l10n-cs-3.5.4.13-0.3.1 libreoffice-l10n-da-3.5.4.13-0.3.1 libreoffice-l10n-de-3.5.4.13-0.3.1 libreoffice-l10n-en-GB-3.5.4.13-0.3.1 libreoffice-l10n-es-3.5.4.13-0.3.1 libreoffice-l10n-fi-3.5.4.13-0.3.1 libreoffice-l10n-fr-3.5.4.13-0.3.1 libreoffice-l10n-gu-IN-3.5.4.13-0.3.1 libreoffice-l10n-hi-IN-3.5.4.13-0.3.1 libreoffice-l10n-hu-3.5.4.13-0.3.1 libreoffice-l10n-it-3.5.4.13-0.3.1 libreoffice-l10n-ja-3.5.4.13-0.3.1 libreoffice-l10n-ko-3.5.4.13-0.3.1 libreoffice-l10n-nb-3.5.4.13-0.3.1 libreoffice-l10n-nl-3.5.4.13-0.3.1 libreoffice-l10n-nn-3.5.4.13-0.3.1 libreoffice-l10n-pl-3.5.4.13-0.3.1 libreoffice-l10n-pt-3.5.4.13-0.3.1 libreoffice-l10n-pt-BR-3.5.4.13-0.3.1 libreoffice-l10n-ru-3.5.4.13-0.3.1 libreoffice-l10n-sk-3.5.4.13-0.3.1 libreoffice-l10n-sv-3.5.4.13-0.3.1 libreoffice-l10n-xh-3.5.4.13-0.3.1 libreoffice-l10n-zh-CN-3.5.4.13-0.3.1 libreoffice-l10n-zh-TW-3.5.4.13-0.3.1 libreoffice-l10n-zu-3.5.4.13-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.5.4.13]: libreoffice-3.5.4.13-0.7.1 libreoffice-af-3.5.4.13-0.7.1 libreoffice-ar-3.5.4.13-0.7.1 libreoffice-ca-3.5.4.13-0.7.1 libreoffice-cs-3.5.4.13-0.7.1 libreoffice-da-3.5.4.13-0.7.1 libreoffice-de-3.5.4.13-0.7.1 libreoffice-el-3.5.4.13-0.7.1 libreoffice-en-GB-3.5.4.13-0.7.1 libreoffice-es-3.5.4.13-0.7.1 libreoffice-fi-3.5.4.13-0.7.1 libreoffice-fr-3.5.4.13-0.7.1 libreoffice-galleries-3.5.4.13-0.7.1 libreoffice-gnome-3.5.4.13-0.7.1 libreoffice-gu-IN-3.5.4.13-0.7.1 libreoffice-hi-IN-3.5.4.13-0.7.1 libreoffice-hu-3.5.4.13-0.7.1 libreoffice-it-3.5.4.13-0.7.1 libreoffice-ja-3.5.4.13-0.7.1 libreoffice-kde-3.5.4.13-0.7.1 libreoffice-ko-3.5.4.13-0.7.1 libreoffice-mono-3.5.4.13-0.7.1 libreoffice-nb-3.5.4.13-0.7.1 libreoffice-nl-3.5.4.13-0.7.1 libreoffice-nn-3.5.4.13-0.7.1 libreoffice-pl-3.5.4.13-0.7.1 libreoffice-pt-BR-3.5.4.13-0.7.1 libreoffice-ru-3.5.4.13-0.7.1 libreoffice-sk-3.5.4.13-0.7.1 libreoffice-sv-3.5.4.13-0.7.1 libreoffice-xh-3.5.4.13-0.7.1 libreoffice-zh-CN-3.5.4.13-0.7.1 libreoffice-zh-TW-3.5.4.13-0.7.1 libreoffice-zu-3.5.4.13-0.7.1 - SLE SDK 10 SP4 (i586) [New Version: 3.5.4.13]: libreoffice-3.5.4.13-0.7.1 libreoffice-cs-3.5.4.13-0.7.1 libreoffice-de-3.5.4.13-0.7.1 libreoffice-es-3.5.4.13-0.7.1 libreoffice-fr-3.5.4.13-0.7.1 libreoffice-galleries-3.5.4.13-0.7.1 libreoffice-gnome-3.5.4.13-0.7.1 libreoffice-hu-3.5.4.13-0.7.1 libreoffice-it-3.5.4.13-0.7.1 libreoffice-ja-3.5.4.13-0.7.1 libreoffice-kde-3.5.4.13-0.7.1 libreoffice-mono-3.5.4.13-0.7.1 libreoffice-pl-3.5.4.13-0.7.1 libreoffice-pt-BR-3.5.4.13-0.7.1 libreoffice-sk-3.5.4.13-0.7.1 libreoffice-zh-CN-3.5.4.13-0.7.1 libreoffice-zh-TW-3.5.4.13-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-4233.html https://bugzilla.novell.com/719988 https://bugzilla.novell.com/734733 https://bugzilla.novell.com/741480 https://bugzilla.novell.com/744510 https://bugzilla.novell.com/757602 https://bugzilla.novell.com/758565 https://bugzilla.novell.com/759172 https://bugzilla.novell.com/759180 https://bugzilla.novell.com/760019 https://bugzilla.novell.com/760997 https://bugzilla.novell.com/768027 https://bugzilla.novell.com/770708 https://bugzilla.novell.com/772094 https://bugzilla.novell.com/773048 https://bugzilla.novell.com/773061 https://bugzilla.novell.com/773515 https://bugzilla.novell.com/774167 https://bugzilla.novell.com/774681 https://bugzilla.novell.com/774921 https://bugzilla.novell.com/775899 https://bugzilla.novell.com/775906 https://bugzilla.novell.com/777181 https://bugzilla.novell.com/778669 http://download.novell.com/patch/finder/?keywords=75b0fcb15ca3749c7c3e6082b74f167b http://download.novell.com/patch/finder/?keywords=b81441caf6c597bd91c0c57a66bd0ed6 From sle-updates at lists.suse.com Wed Oct 31 17:09:06 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 1 Nov 2012 00:09:06 +0100 (CET) Subject: SUSE-SU-2012:1428-1: moderate: Security update for Qt4 Message-ID: <20121031230906.660B432285@maintenance.suse.de> SUSE Security Update: Security update for Qt4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1428-1 Rating: moderate References: #779952 Cross-References: CVE-2012-4929 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: libqt4 has been updated to fix the "CRIME" attack where compression using SSL connections have side-channel attacks to leak plaintext or cryptographic keys. Compression has been disabled to mitigate the CRIME attack (CVE-2012-4929). Security Issue reference: * CVE-2012-4929 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libQtWebKit-devel-6935 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libQtWebKit-devel-6935 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libQtWebKit-devel-6935 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libQtWebKit-devel-6935 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libQtWebKit-devel-4.6.3-5.18.1 libqt4-devel-4.6.3-5.18.1 libqt4-sql-postgresql-4.6.3-5.18.1 libqt4-sql-unixODBC-4.6.3-5.18.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.18.1 libqt4-sql-mysql-32bit-4.6.3-5.18.1 libqt4-sql-postgresql-32bit-4.6.3-5.18.1 libqt4-sql-sqlite-32bit-4.6.3-5.18.1 libqt4-sql-unixODBC-32bit-4.6.3-5.18.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): libqt4-devel-doc-data-4.6.3-5.18.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): libQtWebKit4-x86-4.6.3-5.18.1 libqt4-sql-mysql-x86-4.6.3-5.18.1 libqt4-sql-postgresql-x86-4.6.3-5.18.1 libqt4-sql-sqlite-x86-4.6.3-5.18.1 libqt4-sql-unixODBC-x86-4.6.3-5.18.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libQtWebKit4-4.6.3-5.18.1 libqt4-4.6.3-5.18.1 libqt4-qt3support-4.6.3-5.18.1 libqt4-sql-4.6.3-5.18.1 libqt4-sql-mysql-4.6.3-5.18.1 libqt4-sql-sqlite-4.6.3-5.18.1 libqt4-x11-4.6.3-5.18.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libQtWebKit4-32bit-4.6.3-5.18.1 libqt4-32bit-4.6.3-5.18.1 libqt4-qt3support-32bit-4.6.3-5.18.1 libqt4-sql-32bit-4.6.3-5.18.1 libqt4-x11-32bit-4.6.3-5.18.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libQtWebKit4-4.6.3-5.18.1 libqt4-4.6.3-5.18.1 libqt4-qt3support-4.6.3-5.18.1 libqt4-sql-4.6.3-5.18.1 libqt4-sql-mysql-4.6.3-5.18.1 libqt4-sql-sqlite-4.6.3-5.18.1 libqt4-x11-4.6.3-5.18.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.18.1 libqt4-32bit-4.6.3-5.18.1 libqt4-qt3support-32bit-4.6.3-5.18.1 libqt4-sql-32bit-4.6.3-5.18.1 libqt4-x11-32bit-4.6.3-5.18.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libQtWebKit4-x86-4.6.3-5.18.1 libqt4-qt3support-x86-4.6.3-5.18.1 libqt4-sql-x86-4.6.3-5.18.1 libqt4-x11-x86-4.6.3-5.18.1 libqt4-x86-4.6.3-5.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libQtWebKit4-4.6.3-5.18.1 libqt4-4.6.3-5.18.1 libqt4-qt3support-4.6.3-5.18.1 libqt4-sql-4.6.3-5.18.1 libqt4-sql-mysql-4.6.3-5.18.1 libqt4-sql-postgresql-4.6.3-5.18.1 libqt4-sql-sqlite-4.6.3-5.18.1 libqt4-sql-unixODBC-4.6.3-5.18.1 libqt4-x11-4.6.3-5.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libQtWebKit4-32bit-4.6.3-5.18.1 libqt4-32bit-4.6.3-5.18.1 libqt4-qt3support-32bit-4.6.3-5.18.1 libqt4-sql-32bit-4.6.3-5.18.1 libqt4-sql-mysql-32bit-4.6.3-5.18.1 libqt4-sql-postgresql-32bit-4.6.3-5.18.1 libqt4-sql-sqlite-32bit-4.6.3-5.18.1 libqt4-sql-unixODBC-32bit-4.6.3-5.18.1 libqt4-x11-32bit-4.6.3-5.18.1 References: http://support.novell.com/security/cve/CVE-2012-4929.html https://bugzilla.novell.com/779952 http://download.novell.com/patch/finder/?keywords=bb5ee44df67a64b7fc80a596cc675822