From sle-updates at lists.suse.com Mon Sep 3 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 3 Sep 2012 18:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1093-1: moderate: Recommended update for suse-sam Message-ID: <20120903160831.9039232257@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-sam ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1093-1 Rating: moderate References: #744724 #744725 #753355 #759683 #768327 #768330 #771685 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. It includes one version update. Description: This update to SUSE Supportability Analysis Module (suse-sam) includes the following fixes and improvements: * Implement full check for mixed Service Packs (bnc#753355, bnc#744725) * Update metadata for SLE 11 SP2 (bnc#759683) * Prevent warning when a product doesn't have any core packages for any Service Pack (bnc#768327) * Add two more gpg key names for OES repositories (bnc#771685) * Clarify support status when some updates are not installed (bnc#768330, bnc#744724). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-susesam-201208-6654 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-susesam-201208-6654 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-susesam-201208-6654 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.7.1 suse-sam-data-0.8.4-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.7.1 suse-sam-data-0.8.4-0.5.2 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.7.1 suse-sam-data-0.8.4-0.5.2 References: https://bugzilla.novell.com/744724 https://bugzilla.novell.com/744725 https://bugzilla.novell.com/753355 https://bugzilla.novell.com/759683 https://bugzilla.novell.com/768327 https://bugzilla.novell.com/768330 https://bugzilla.novell.com/771685 http://download.novell.com/patch/finder/?keywords=3e61c9e7f2b8bf196f75a14968161d45 From sle-updates at lists.suse.com Mon Sep 3 12:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 3 Sep 2012 20:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1094-1: moderate: Recommended update for suse-sam Message-ID: <20120903180833.A629132257@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-sam ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1094-1 Rating: moderate References: #727499 #744724 #744725 #753355 #759683 #768327 #768330 #771685 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes one version update. Description: This update to SUSE Supportability Analysis Module (suse-sam) includes the following fixes and improvements: * Implement full check for mixed Service Packs (bnc#753355, bnc#744725) * Update metadata for SLE 11 SP2 (bnc#759683) * Prevent warning when a product doesn't have any core packages for any Service Pack (bnc#768327) * Fix handling of empty release tag in the product description files (bnc#727499) * Add two more gpg key names for OES repositories (bnc#771685) * Clarify support status when some updates are not installed (bnc#768330, bnc#744724). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-susesam-201208-6655 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-susesam-201208-6655 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-susesam-201208-6655 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.4.5.1 suse-sam-data-0.8.4-0.4.5.1 - SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.4.5.1 suse-sam-data-0.8.4-0.4.5.1 - SUSE Linux Enterprise Desktop 11 SP1 (noarch) [New Version: 0.8.4]: suse-sam-0.8.4-0.4.5.1 suse-sam-data-0.8.4-0.4.5.1 References: https://bugzilla.novell.com/727499 https://bugzilla.novell.com/744724 https://bugzilla.novell.com/744725 https://bugzilla.novell.com/753355 https://bugzilla.novell.com/759683 https://bugzilla.novell.com/768327 https://bugzilla.novell.com/768330 https://bugzilla.novell.com/771685 http://download.novell.com/patch/finder/?keywords=99903d74a389f74b7bf38d6bb16ae6da From sle-updates at lists.suse.com Mon Sep 3 13:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 3 Sep 2012 21:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1095-1: moderate: Security update for libxml2 Message-ID: <20120903190831.70F2F32257@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1095-1 Rating: moderate References: #769184 Cross-References: CVE-2012-2807 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes several libxml2 integer overflows which could have been used to crash libxml2 parsers or potentially execute code. Security Issues: * CVE-2012-2807 Contraindications: Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libxml2-6571 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libxml2-6571 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libxml2-6571 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libxml2-6571 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libxml2-6571 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libxml2-6571 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libxml2-6571 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.19.1 libxml2-doc-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libxml2-x86-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libxml2-2.7.6-0.19.1 libxml2-doc-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libxml2-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.19.1 libxml2-doc-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libxml2-x86-2.7.6-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libxml2-2.7.6-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libxml2-32bit-2.7.6-0.19.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libxml2-2.7.6-0.19.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libxml2-32bit-2.7.6-0.19.1 References: http://support.novell.com/security/cve/CVE-2012-2807.html https://bugzilla.novell.com/769184 http://download.novell.com/patch/finder/?keywords=c69ade5ac86ea5a8948f19bc2bc6b237 From sle-updates at lists.suse.com Mon Sep 3 14:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 3 Sep 2012 22:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1075-2: moderate: Recommended update for stunnel Message-ID: <20120903200830.B93293224A@maintenance.suse.de> SUSE Recommended Update: Recommended update for stunnel ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1075-2 Rating: moderate References: #775262 #776756 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to stunnel resolves the following issues: * Fix OpenSSL library initialization * Default FIPS mode to off when building against updated OpenSSL library * Correct configure option to enable libwrap support. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-stunnel-6761 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-stunnel-6761 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 4.36]: stunnel-4.36-0.10.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.36]: stunnel-4.36-0.10.2 References: https://bugzilla.novell.com/775262 https://bugzilla.novell.com/776756 http://download.novell.com/patch/finder/?keywords=a2182b9f0c8c41ebdf52a18ce405462b From sle-updates at lists.suse.com Tue Sep 4 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 4 Sep 2012 22:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1106-1: important: Recommended update for postgresql-init Message-ID: <20120904200828.7F57632257@maintenance.suse.de> SUSE Recommended Update: Recommended update for postgresql-init ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1106-1 Rating: important References: #777797 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes PostgreSQL not starting correctly anymore (bnc#777797). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-postgresql-init-6729 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-postgresql-init-6729 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-postgresql-init-6729 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): postgresql-init-9.1-0.6.12.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): postgresql-init-9.1-0.6.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): postgresql-init-9.1-0.6.12.1 References: https://bugzilla.novell.com/777797 http://download.novell.com/patch/finder/?keywords=41c423d64006bb073d28d7202212409e From sle-updates at lists.suse.com Wed Sep 5 08:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 5 Sep 2012 16:08:29 +0200 (CEST) Subject: SUSE-OU-2012:1118-1: Optional update for SUSE Linux Enterprise for SAP Applications 11 SP2 Message-ID: <20120905140829.102C33225A@maintenance.suse.de> SUSE Optional Update: Optional update for SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1118-1 Rating: low References: #776993 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides an updated Pool for SUSE Linux Enterprise for SAP Applications 11 SP2 installations. Indications: Every user might install those packages. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-SAP11SP2-Pool-6704 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (x86_64): SUSE_SLES_SAP-release-11.2-1.5.1 SUSE_SLES_SAP-release-DVD-11.2-1.5.1 clamsap-0.9.7-0.5.1 compat-32bit-2009.1.19-1.8 compat-openssl097g-0.9.7g-146.20.1 compat-openssl097g-32bit-0.9.7g-146.20.1 sles-release-11.2-2.5.1 - SUSE Linux Enterprise for SAP Applications 11 SP2 (noarch): ClusterTools2-2.3.1-0.5.1 sap-installation-wizard-2.17-0.36.1 sap_suse_cluster_connector-0.1.0-0.13.1 References: https://bugzilla.novell.com/776993 http://download.novell.com/patch/finder/?keywords=c405c561ca09d35814b957fe1cf28409 From sle-updates at lists.suse.com Wed Sep 5 22:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 06:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1119-1: Recommended update for xfsprogs Message-ID: <20120906040833.EFD7332248@maintenance.suse.de> SUSE Recommended Update: Recommended update for xfsprogs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1119-1 Rating: low References: #773087 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to xfsprogs 3.1.8 brings fixes and improvements, including: * repair: properly mark lost+found inode as used * repair: validate acl count before reading it * repair: avoid ABBA deadlocks on prefetched buffers and in inode prefetching * repair: do not walk the unlinked inode list * repair: use recursive buffer locking * repair: allocate and free extent and inode records individually * repair: handle filesystems with the log in allocation group 0 * repair: update extent count after zapping duplicate blocks (bnc#773087) * mkfs: refuse to initialize a misaligned device if not forced using libblkid. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xfsprogs-6658 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xfsprogs-6658 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xfsprogs-6658 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xfsprogs-6658 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.1.8]: xfsprogs-devel-3.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.1.8]: xfsprogs-3.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.1.8]: xfsprogs-3.1.8-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.1.8]: xfsprogs-3.1.8-0.5.1 References: https://bugzilla.novell.com/773087 http://download.novell.com/patch/finder/?keywords=3c5ca944327618d3bce9d82e20a267ac From sle-updates at lists.suse.com Thu Sep 6 11:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 19:08:36 +0200 (CEST) Subject: SUSE-RU-2012:1127-1: Recommended update for xorg-x11 Message-ID: <20120906170836.6971F3225A@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1127-1 Rating: low References: #748648 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to xorg-x11 fixes the Japanese keyboard layout in X configurations that use dynamically configured evdev driver. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xorg-x11-6727 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xorg-x11-6727 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xorg-x11-6727 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xorg-x11-7.4-9.53.2 xorg-x11-xauth-7.4-9.53.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): xorg-x11-7.4-9.53.2 xorg-x11-xauth-7.4-9.53.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xorg-x11-7.4-9.53.2 xorg-x11-xauth-7.4-9.53.2 References: https://bugzilla.novell.com/748648 http://download.novell.com/patch/finder/?keywords=56195b2257efe03175e0c51dc3e4b61f From sle-updates at lists.suse.com Thu Sep 6 12:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 20:08:26 +0200 (CEST) Subject: SUSE-SU-2012:1077-2: moderate: Security update for nut Message-ID: <20120906180826.E6C5D32249@maintenance.suse.de> SUSE Security Update: Security update for nut ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1077-2 Rating: moderate References: #764699 Cross-References: CVE-2012-2944 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of nut fixes a denial of service flaw that could have been exploited by remote attackers to cause an application crash of upsd. Security Issue reference: * CVE-2012-2944 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64): nut-2.0.3-20.10.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): nut-2.0.3-20.10.1 References: http://support.novell.com/security/cve/CVE-2012-2944.html https://bugzilla.novell.com/764699 http://download.novell.com/patch/finder/?keywords=59049173f724dbe51f76a9dd1f317dc8 From sle-updates at lists.suse.com Thu Sep 6 12:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 20:08:29 +0200 (CEST) Subject: SUSE-RU-2012:1128-1: Recommended update for sysconfig Message-ID: <20120906180829.0EFBE3225A@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysconfig ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1128-1 Rating: low References: #753433 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to sysconfig fixes /lib/udev/rename_netiface and /etc/init.d/network scripts to handle FORCE_PERSISTENT_NAMES=no correctly. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): sysconfig-0.50.9-13.70.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): sysconfig-0.50.9-13.70.1 References: https://bugzilla.novell.com/753433 http://download.novell.com/patch/finder/?keywords=63abb5fdca199362928e76982744f3c1 From sle-updates at lists.suse.com Thu Sep 6 14:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 22:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1095-2: moderate: Security update for libxml2 Message-ID: <20120906200831.399F93225A@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1095-2 Rating: moderate References: #769184 Cross-References: CVE-2012-2807 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes libxml2 integer overflows.( CVE-2012-2807) Security Issue reference: * CVE-2012-2807 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): libxml2-2.6.23-15.33.17 libxml2-devel-2.6.23-15.33.17 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libxml2-32bit-2.6.23-15.33.17 libxml2-devel-32bit-2.6.23-15.33.17 - SUSE Linux Enterprise Server 10 SP4 (ia64): libxml2-x86-2.6.23-15.33.17 - SUSE Linux Enterprise Server 10 SP4 (ppc): libxml2-64bit-2.6.23-15.33.17 libxml2-devel-64bit-2.6.23-15.33.17 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libxml2-2.6.23-15.33.17 libxml2-devel-2.6.23-15.33.17 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libxml2-32bit-2.6.23-15.33.17 libxml2-devel-32bit-2.6.23-15.33.17 References: http://support.novell.com/security/cve/CVE-2012-2807.html https://bugzilla.novell.com/769184 http://download.novell.com/patch/finder/?keywords=e380dcebcb29c98b9351f36692fef4a7 From sle-updates at lists.suse.com Thu Sep 6 14:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 22:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1129-1: important: Security update for Xen Message-ID: <20120906200832.EE5213225A@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1129-1 Rating: important References: #777084 #777090 Cross-References: CVE-2012-3494 CVE-2012-3515 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: XEN was updated to fix multiple bugs and security issues. The following security issues have been fixed: * CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) Security Issue references: * CVE-2012-3494 * CVE-2012-3515 Indications: Everyone using XEN should update. Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64): xen-3.2.3_17040_28-0.6.13.5 xen-devel-3.2.3_17040_28-0.6.13.5 xen-doc-html-3.2.3_17040_28-0.6.13.5 xen-doc-pdf-3.2.3_17040_28-0.6.13.5 xen-doc-ps-3.2.3_17040_28-0.6.13.5 xen-kmp-debug-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-default-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-kdump-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-smp-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-libs-3.2.3_17040_28-0.6.13.5 xen-tools-3.2.3_17040_28-0.6.13.5 xen-tools-domU-3.2.3_17040_28-0.6.13.5 xen-tools-ioemu-3.2.3_17040_28-0.6.13.5 - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64): xen-libs-32bit-3.2.3_17040_28-0.6.13.5 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): xen-kmp-bigsmp-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-kdumppae-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-vmi-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 xen-kmp-vmipae-3.2.3_17040_28_2.6.16.60_0.83.169-0.6.13.5 References: http://support.novell.com/security/cve/CVE-2012-3494.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/777084 https://bugzilla.novell.com/777090 http://download.novell.com/patch/finder/?keywords=b08cee9a947266299a47b5d55046f727 From sle-updates at lists.suse.com Thu Sep 6 14:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Sep 2012 22:08:34 +0200 (CEST) Subject: SUSE-SU-2012:1130-1: important: Security update for PHP5 Message-ID: <20120906200834.EA1443225A@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1130-1 Rating: important References: #775852 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.38.1 php5-5.2.14-0.38.1 php5-bcmath-5.2.14-0.38.1 php5-bz2-5.2.14-0.38.1 php5-calendar-5.2.14-0.38.1 php5-ctype-5.2.14-0.38.1 php5-curl-5.2.14-0.38.1 php5-dba-5.2.14-0.38.1 php5-dbase-5.2.14-0.38.1 php5-devel-5.2.14-0.38.1 php5-dom-5.2.14-0.38.1 php5-exif-5.2.14-0.38.1 php5-fastcgi-5.2.14-0.38.1 php5-ftp-5.2.14-0.38.1 php5-gd-5.2.14-0.38.1 php5-gettext-5.2.14-0.38.1 php5-gmp-5.2.14-0.38.1 php5-hash-5.2.14-0.38.1 php5-iconv-5.2.14-0.38.1 php5-imap-5.2.14-0.38.1 php5-json-5.2.14-0.38.1 php5-ldap-5.2.14-0.38.1 php5-mbstring-5.2.14-0.38.1 php5-mcrypt-5.2.14-0.38.1 php5-mhash-5.2.14-0.38.1 php5-mysql-5.2.14-0.38.1 php5-ncurses-5.2.14-0.38.1 php5-odbc-5.2.14-0.38.1 php5-openssl-5.2.14-0.38.1 php5-pcntl-5.2.14-0.38.1 php5-pdo-5.2.14-0.38.1 php5-pear-5.2.14-0.38.1 php5-pgsql-5.2.14-0.38.1 php5-posix-5.2.14-0.38.1 php5-pspell-5.2.14-0.38.1 php5-shmop-5.2.14-0.38.1 php5-snmp-5.2.14-0.38.1 php5-soap-5.2.14-0.38.1 php5-sockets-5.2.14-0.38.1 php5-sqlite-5.2.14-0.38.1 php5-suhosin-5.2.14-0.38.1 php5-sysvmsg-5.2.14-0.38.1 php5-sysvsem-5.2.14-0.38.1 php5-sysvshm-5.2.14-0.38.1 php5-tokenizer-5.2.14-0.38.1 php5-wddx-5.2.14-0.38.1 php5-xmlreader-5.2.14-0.38.1 php5-xmlrpc-5.2.14-0.38.1 php5-xsl-5.2.14-0.38.1 php5-zlib-5.2.14-0.38.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.38.1 php5-5.2.14-0.38.1 php5-bcmath-5.2.14-0.38.1 php5-bz2-5.2.14-0.38.1 php5-calendar-5.2.14-0.38.1 php5-ctype-5.2.14-0.38.1 php5-curl-5.2.14-0.38.1 php5-dba-5.2.14-0.38.1 php5-dbase-5.2.14-0.38.1 php5-devel-5.2.14-0.38.1 php5-dom-5.2.14-0.38.1 php5-exif-5.2.14-0.38.1 php5-fastcgi-5.2.14-0.38.1 php5-ftp-5.2.14-0.38.1 php5-gd-5.2.14-0.38.1 php5-gettext-5.2.14-0.38.1 php5-gmp-5.2.14-0.38.1 php5-hash-5.2.14-0.38.1 php5-iconv-5.2.14-0.38.1 php5-imap-5.2.14-0.38.1 php5-ldap-5.2.14-0.38.1 php5-mbstring-5.2.14-0.38.1 php5-mcrypt-5.2.14-0.38.1 php5-mhash-5.2.14-0.38.1 php5-mysql-5.2.14-0.38.1 php5-ncurses-5.2.14-0.38.1 php5-odbc-5.2.14-0.38.1 php5-openssl-5.2.14-0.38.1 php5-pcntl-5.2.14-0.38.1 php5-pdo-5.2.14-0.38.1 php5-pear-5.2.14-0.38.1 php5-pgsql-5.2.14-0.38.1 php5-posix-5.2.14-0.38.1 php5-pspell-5.2.14-0.38.1 php5-shmop-5.2.14-0.38.1 php5-snmp-5.2.14-0.38.1 php5-soap-5.2.14-0.38.1 php5-sockets-5.2.14-0.38.1 php5-sqlite-5.2.14-0.38.1 php5-suhosin-5.2.14-0.38.1 php5-sysvmsg-5.2.14-0.38.1 php5-sysvsem-5.2.14-0.38.1 php5-sysvshm-5.2.14-0.38.1 php5-tidy-5.2.14-0.38.1 php5-tokenizer-5.2.14-0.38.1 php5-wddx-5.2.14-0.38.1 php5-xmlreader-5.2.14-0.38.1 php5-xmlrpc-5.2.14-0.38.1 php5-xsl-5.2.14-0.38.1 php5-zlib-5.2.14-0.38.1 References: https://bugzilla.novell.com/775852 http://download.novell.com/patch/finder/?keywords=6bcc0e41be00989b383aaa71edda8620 From sle-updates at lists.suse.com Fri Sep 7 07:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 15:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1132-1: important: Security update for Xen Message-ID: <20120907130835.9BC6132257@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1132-1 Rating: important References: #776300 #776995 #777084 #777086 #777088 #777090 #777091 Cross-References: CVE-2012-3494 CVE-2012-3495 CVE-2012-3496 CVE-2012-3498 CVE-2012-3515 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has two fixes is now available. It includes one version update. Description: XEN was updated 4.1.3 to fix multiple bugs and security issues. The following security issues have been fixed: * CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3495: xen: hypercall physdev_get_free_pirq vulnerability (XSA-13) * CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability (XSA-14) * CVE-2012-3498: xen: PHYSDEVOP_map_pirq index vulnerability (XSA-16) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) Also the following bugs have been fixed: * pvscsi support of attaching Luns - bnc#776995 The following related bugs in vm-install 0.5.12 have been fixed: * bnc#776300 - vm-install does not pass --extra-args in --upgrade * Add for support Open Enterprise Server 11 * Add support for Windows 8 and Windows Server 2012 * Add support for Ubuntu 12 (Precise Pangolin) Security Issue references: * CVE-2012-3496 * CVE-2012-3494 * CVE-2012-3495 * CVE-2012-3498 * CVE-2012-3515 Indications: Everyone using XEN should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xen-201209-6748 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xen-201209-6748 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xen-201209-6748 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xen-201209-6748 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): xen-devel-4.1.3_02-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): xen-kmp-trace-4.1.3_02_3.0.38_0.5-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): xen-kmp-default-4.1.3_02_3.0.38_0.5-0.5.1 xen-kmp-trace-4.1.3_02_3.0.38_0.5-0.5.1 xen-libs-4.1.3_02-0.5.1 xen-tools-domU-4.1.3_02-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64) [New Version: 0.5.12]: vm-install-0.5.12-0.5.1 xen-4.1.3_02-0.5.1 xen-doc-html-4.1.3_02-0.5.1 xen-doc-pdf-4.1.3_02-0.5.1 xen-libs-32bit-4.1.3_02-0.5.1 xen-tools-4.1.3_02-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 0.5.12]: vm-install-0.5.12-0.5.3 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): xen-kmp-default-4.1.3_02_3.0.38_0.5-0.5.1 xen-kmp-trace-4.1.3_02_3.0.38_0.5-0.5.1 xen-libs-4.1.3_02-0.5.1 xen-tools-domU-4.1.3_02-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 0.5.12]: vm-install-0.5.12-0.5.1 xen-4.1.3_02-0.5.1 xen-doc-html-4.1.3_02-0.5.1 xen-doc-pdf-4.1.3_02-0.5.1 xen-libs-32bit-4.1.3_02-0.5.1 xen-tools-4.1.3_02-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 0.5.12]: vm-install-0.5.12-0.5.3 References: http://support.novell.com/security/cve/CVE-2012-3494.html http://support.novell.com/security/cve/CVE-2012-3495.html http://support.novell.com/security/cve/CVE-2012-3496.html http://support.novell.com/security/cve/CVE-2012-3498.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/776300 https://bugzilla.novell.com/776995 https://bugzilla.novell.com/777084 https://bugzilla.novell.com/777086 https://bugzilla.novell.com/777088 https://bugzilla.novell.com/777090 https://bugzilla.novell.com/777091 http://download.novell.com/patch/finder/?keywords=2940fd614757e4aece023d8a6e626af3 From sle-updates at lists.suse.com Fri Sep 7 08:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 16:08:24 +0200 (CEST) Subject: SUSE-SU-2012:1133-1: important: Security update for Xen Message-ID: <20120907140824.800E03225B@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1133-1 Rating: important References: #777084 #777090 Cross-References: CVE-2012-3494 CVE-2012-3495 CVE-2012-3496 CVE-2012-3498 CVE-2012-3515 CVE-2012-3516 Affected Products: SUSE Linux Enterprise Server 10 SP2 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: XEN was updated to fix multiple bugs and security issues. The following security issues have been fixed: * CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) Security Issue references: * CVE-2012-3496 * CVE-2012-3494 * CVE-2012-3495 * CVE-2012-3498 * CVE-2012-3516 * CVE-2012-3515 Indications: Everyone using XEN should update. Package List: - SUSE Linux Enterprise Server 10 SP2 (i586 x86_64): xen-3.2.0_16718_26-0.10.1 xen-devel-3.2.0_16718_26-0.10.1 xen-doc-html-3.2.0_16718_26-0.10.1 xen-doc-pdf-3.2.0_16718_26-0.10.1 xen-doc-ps-3.2.0_16718_26-0.10.1 xen-kmp-debug-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1 xen-kmp-default-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1 xen-kmp-kdump-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1 xen-kmp-smp-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1 xen-libs-3.2.0_16718_26-0.10.1 xen-tools-3.2.0_16718_26-0.10.1 xen-tools-domU-3.2.0_16718_26-0.10.1 xen-tools-ioemu-3.2.0_16718_26-0.10.1 - SUSE Linux Enterprise Server 10 SP2 (x86_64): xen-libs-32bit-3.2.0_16718_26-0.10.1 - SUSE Linux Enterprise Server 10 SP2 (i586): xen-kmp-bigsmp-3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-3494.html http://support.novell.com/security/cve/CVE-2012-3495.html http://support.novell.com/security/cve/CVE-2012-3496.html http://support.novell.com/security/cve/CVE-2012-3498.html http://support.novell.com/security/cve/CVE-2012-3515.html http://support.novell.com/security/cve/CVE-2012-3516.html https://bugzilla.novell.com/777084 https://bugzilla.novell.com/777090 http://download.novell.com/patch/finder/?keywords=6779ef884a44335e87986cb4684ebd15 From sle-updates at lists.suse.com Fri Sep 7 12:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 20:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1134-1: important: Recommended update for openssh Message-ID: <20120907180838.018FB3225B@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssh ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1134-1 Rating: important References: #778376 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to OpenSSH corrects the default path to the xauth binary. Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64): openssh-5.1p1-41.14.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): openssh-askpass-5.1p1-41.14.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): openssh-5.1p1-41.14.1 openssh-askpass-5.1p1-41.14.1 References: https://bugzilla.novell.com/778376 http://download.novell.com/patch/finder/?keywords=85dc96d2828d2c57b0109581add62b85 From sle-updates at lists.suse.com Fri Sep 7 12:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 20:08:40 +0200 (CEST) Subject: SUSE-SU-2012:1135-1: important: Security update for Xen Message-ID: <20120907180840.38C233225E@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1135-1 Rating: important References: #762484 #777084 #777090 Cross-References: CVE-2012-2625 CVE-2012-3494 CVE-2012-3515 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: XEN was updated to fix multiple bugs and security issues. The following security issues have been fixed: * CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) * CVE-2012-2625: xen: pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service Security Issue references: * CVE-2012-3494 * CVE-2012-3515 * CVE-2012-2625 Indications: Everyone using XEN should update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): xen-3.2.3_17040_40-0.7.2 xen-devel-3.2.3_17040_40-0.7.2 xen-doc-html-3.2.3_17040_40-0.7.2 xen-doc-pdf-3.2.3_17040_40-0.7.2 xen-doc-ps-3.2.3_17040_40-0.7.2 xen-kmp-debug-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-default-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-kdump-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-smp-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-libs-3.2.3_17040_40-0.7.2 xen-tools-3.2.3_17040_40-0.7.2 xen-tools-domU-3.2.3_17040_40-0.7.2 xen-tools-ioemu-3.2.3_17040_40-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_40-0.7.2 - SUSE Linux Enterprise Server 10 SP4 (i586): xen-kmp-bigsmp-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-kdumppae-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-vmi-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-vmipae-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): xen-3.2.3_17040_40-0.7.2 xen-devel-3.2.3_17040_40-0.7.2 xen-doc-html-3.2.3_17040_40-0.7.2 xen-doc-pdf-3.2.3_17040_40-0.7.2 xen-doc-ps-3.2.3_17040_40-0.7.2 xen-kmp-default-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-smp-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-libs-3.2.3_17040_40-0.7.2 xen-tools-3.2.3_17040_40-0.7.2 xen-tools-domU-3.2.3_17040_40-0.7.2 xen-tools-ioemu-3.2.3_17040_40-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_40-0.7.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586): xen-kmp-bigsmp-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 - SLE SDK 10 SP4 (i586 x86_64): xen-3.2.3_17040_40-0.7.2 xen-devel-3.2.3_17040_40-0.7.2 xen-kmp-debug-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-kmp-kdump-3.2.3_17040_40_2.6.16.60_0.97.32-0.7.2 xen-libs-3.2.3_17040_40-0.7.2 xen-tools-3.2.3_17040_40-0.7.2 xen-tools-ioemu-3.2.3_17040_40-0.7.2 - SLE SDK 10 SP4 (x86_64): xen-libs-32bit-3.2.3_17040_40-0.7.2 References: http://support.novell.com/security/cve/CVE-2012-2625.html http://support.novell.com/security/cve/CVE-2012-3494.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/762484 https://bugzilla.novell.com/777084 https://bugzilla.novell.com/777090 http://download.novell.com/patch/finder/?keywords=7abce5ad0bd27a8e2084fe946c37389f From sle-updates at lists.suse.com Fri Sep 7 14:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 22:08:40 +0200 (CEST) Subject: SUSE-RU-2012:1136-1: Recommended update for Cisco Unified Computing fencing agent Message-ID: <20120907200840.8265D3225C@maintenance.suse.de> SUSE Recommended Update: Recommended update for Cisco Unified Computing fencing agent ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1136-1 Rating: low References: #569957 #729634 #729831 #738882 #755671 #757660 #759056 #762603 #763465 #764273 #765625 #769724 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. It includes four new package versions. Description: This collective update adds support for a fencing agent for the Cisco Unified Computing System in all required components of the SUSE Linux Enterprise High Availability Extension 11 SP2 product, and includes two new packages (fence-agents and python-pexpect) (FATE#313362, bnc#769724). Additionally, many fixes and improvements are provided: pacemaker (updated to version 1.1.7): * RA: ClusterMon - Don't fail in stop if the process is missing (bnc#569957) * RA: controld - Redirect the standard output and error on checking state (bnc#757660) * RA: controld - Fix the typo which should be "globally_unique" (bnc#762603) * PE: Support of referencing resource templates in resource sets (bnc#729634) * PE: Unmanaged services should block shutdown unless in maintenance mode (bnc#738882) * crmd: Restart sub-systems correctly (bnc#755671). corosync (update to version 1.4.3): * Fixed bug when corosync receive JoinMSG in OPERATIONAL state (bnc#729831) * Correct nodeid of token when we retransmit it (bnc#729831) * Correct nodeid in memb_state_commit_token_send function (bnc#729831) * Remove checking of range value (bnc#729831). crmsh: * ticket: fix redirecting rsc references in tickets (bnc#763465) * shadow: calculate shadow directory just like crm_shadow (bnc#759056). hawk: * GUI: jQuery: Fix AJAX memory leak in IE8 (bnc#764273) * GUI: summary_view: Fix IE JS error on detail pane update (bnc#765625) * GUI: Primitive editor: Handle RA metadata with missing longdesc (bnc#769724). cluster-glue: * clplumbing: fix memory leak for Gmain_timeout * hb_report now captures more relevant data and performs better. The list above is not comprehensive. For details, please refer to the individual package change logs and Bugzilla. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-slehae-201207-6580 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.5.2,1.0.9.1,1.1.7 and 1.4.3]: cluster-glue-1.0.9.1-0.38.2 corosync-1.4.3-0.5.1 crmsh-1.1.0-0.19.16 fence-agents-3.1.6-0.5.2 hawk-0.5.2-0.36.4 hawk-templates-0.5.2-0.36.4 libcorosync-devel-1.4.3-0.5.1 libcorosync4-1.4.3-0.5.1 libglue-devel-1.0.9.1-0.38.2 libglue2-1.0.9.1-0.38.2 libpacemaker-devel-1.1.7-0.5.15 libpacemaker3-1.1.7-0.5.15 pacemaker-1.1.7-0.5.15 python-pexpect-2.3-23.19.1 References: https://bugzilla.novell.com/569957 https://bugzilla.novell.com/729634 https://bugzilla.novell.com/729831 https://bugzilla.novell.com/738882 https://bugzilla.novell.com/755671 https://bugzilla.novell.com/757660 https://bugzilla.novell.com/759056 https://bugzilla.novell.com/762603 https://bugzilla.novell.com/763465 https://bugzilla.novell.com/764273 https://bugzilla.novell.com/765625 https://bugzilla.novell.com/769724 http://download.novell.com/patch/finder/?keywords=75ffa9cf4fb19d6a9c92a6ad724219e8 From sle-updates at lists.suse.com Fri Sep 7 15:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 23:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1137-1: Recommended update for yast2-cluster Message-ID: <20120907210831.012AF3225B@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-cluster ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1137-1 Rating: low References: #737253 #743111 #747033 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update to yast2-cluster resolves the following issues: * An error in the subnet mask calculation may result in an incorrect IP address configured in the High Availability Extension services (bnc#747033). * Add /etc/drbd.conf to the list of files that are synchronized by csync2 (bnc#737253). * Translate some text messages that were printed only in English (bnc#743111). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-yast2-cluster-6565 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (noarch): yast2-cluster-2.15.0-8.39.1 References: https://bugzilla.novell.com/737253 https://bugzilla.novell.com/743111 https://bugzilla.novell.com/747033 http://download.novell.com/patch/finder/?keywords=d7eae3876f72f73893631e3e0bb2aad0 From sle-updates at lists.suse.com Fri Sep 7 15:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 7 Sep 2012 23:08:32 +0200 (CEST) Subject: SUSE-FU-2012:1138-1: Feature update for yast2-network Message-ID: <20120907210832.B859B3225C@maintenance.suse.de> SUSE Feature Update: Feature update for yast2-network ______________________________________________________________________________ Announcement ID: SUSE-FU-2012:1138-1 Rating: low References: #752464 #769081 #769175 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. It includes one version update. Description: This update to YaST2 Network Configuration module (yast2-network) adds support for automatic configuration of devices enslaved into a bond interface. Additionally, the update resolves the following issues: * In some special circumstances, the network configuration module could remove valid entries from /etc/hosts. * The credentials to access wireless networks could be recorded in YaST's debug logs (readable only by the system administrator). Security Issues: * CVE-2012-0425 Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-network-6780 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-network-6780 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-network-6780 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-network-6780 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.175]: yast2-network-devel-doc-2.17.175-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.175]: yast2-network-2.17.175-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.175]: yast2-network-2.17.175-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.175]: yast2-network-2.17.175-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-0425.html https://bugzilla.novell.com/752464 https://bugzilla.novell.com/769081 https://bugzilla.novell.com/769175 http://download.novell.com/patch/finder/?keywords=cf8d615f97c5ee2c9aeccd735b86ffc9 From sle-updates at lists.suse.com Mon Sep 10 18:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Sep 2012 02:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1142-1: moderate: Recommended update for yast2-http-server Message-ID: <20120911000833.BD1D032258@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-http-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1142-1 Rating: moderate References: #777248 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to YaST's HTTP Server Configuration module (yast2-http-server) improves compatibility with the new PHP 5.3 module. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-http-server-6770 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-http-server-6770 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-http-server-6770 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.15]: yast2-http-server-2.17.15-0.5.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.15]: yast2-http-server-2.17.15-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.15]: yast2-http-server-2.17.15-0.5.2 References: https://bugzilla.novell.com/777248 http://download.novell.com/patch/finder/?keywords=26899e8c32d9676b6ca3ce7f1bb64987 From sle-updates at lists.suse.com Mon Sep 10 19:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Sep 2012 03:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1143-1: Recommended update for lio-mibs, lio-utils, lio-utils-debuginfo Message-ID: <20120911010831.4923F3225C@maintenance.suse.de> SUSE Recommended Update: Recommended update for lio-mibs, lio-utils, lio-utils-debuginfo ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1143-1 Rating: low References: #769195 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update improves handling of LIO. The changes in detail are: * provide links to tools in /usr/sbin * install init.d script * add missing modprobe commands to start script Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lio-mibs-6716 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lio-mibs-6716 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): lio-mibs-4.0-0.7.2 lio-utils-4.0-0.7.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): lio-mibs-4.0-0.7.2 lio-utils-4.0-0.7.2 References: https://bugzilla.novell.com/769195 http://download.novell.com/patch/finder/?keywords=b56c9da91dfdee9e126963d54ba6f152 From sle-updates at lists.suse.com Tue Sep 11 22:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 06:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1146-1: Recommended update for cifs-utils Message-ID: <20120912040831.DCE3F3225E@maintenance.suse.de> SUSE Recommended Update: Recommended update for cifs-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1146-1 Rating: low References: #761150 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to cifs-utils fixes the package's post installation scripts to correctly restart the CIFS client during an update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cifs-utils-6788 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cifs-utils-6788 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cifs-utils-6788 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): cifs-utils-5.1-0.11.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): cifs-utils-5.1-0.11.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): cifs-utils-5.1-0.11.1 References: https://bugzilla.novell.com/761150 http://download.novell.com/patch/finder/?keywords=e92cd638094785ccff21efb2407ae2a3 From sle-updates at lists.suse.com Tue Sep 11 22:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 06:08:34 +0200 (CEST) Subject: SUSE-SU-2012:1147-1: moderate: Security update for inn Message-ID: <20120912040834.5C3C63225C@maintenance.suse.de> SUSE Security Update: Security update for inn ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1147-1 Rating: moderate References: #776967 Cross-References: CVE-2012-3523 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: A STARTTLS injection issue has been fixed in inn. CVE-2012-3523 has been assigned to this issue. Security Issue reference: * CVE-2012-3523 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-inn-6774 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-inn-6774 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-inn-6774 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): inn-devel-2.4.2-170.21.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): inn-2.4.2-170.21.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): inn-2.4.2-170.21.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): inn-2.4.2-170.21.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): inn-2.4.2-20.9.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): inn-2.4.2-20.9.1 References: http://support.novell.com/security/cve/CVE-2012-3523.html https://bugzilla.novell.com/776967 http://download.novell.com/patch/finder/?keywords=052e129a0b795031695c195c312556aa http://download.novell.com/patch/finder/?keywords=f03ecff3fb6680aa0bf3baf1d92ae965 From sle-updates at lists.suse.com Tue Sep 11 22:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 06:08:36 +0200 (CEST) Subject: SUSE-SU-2012:1148-1: critical: Security update for OpenJDK Message-ID: <20120912040836.3358432260@maintenance.suse.de> SUSE Security Update: Security update for OpenJDK ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1148-1 Rating: critical References: #777499 Cross-References: CVE-2012-0547 CVE-2012-1682 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The following security issues have been fixed: * S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder * S7163201, CVE-2012-0547: Simplify toolkit internals references Security Issue references: * CVE-2012-1682 * CVE-2012-0547 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-java-1_6_0-openjdk-6772 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b24.1.11.4-0.3.1 java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.4-0.3.1 java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.4-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-0547.html http://support.novell.com/security/cve/CVE-2012-1682.html https://bugzilla.novell.com/777499 http://download.novell.com/patch/finder/?keywords=3a2f76ea954e211ebdec523673a69595 From sle-updates at lists.suse.com Tue Sep 11 23:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 07:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1149-1: important: Security update for compat-openssl097g Message-ID: <20120912050832.1C28B3225E@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl097g ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1149-1 Rating: important References: #758060 Cross-References: CVE-2012-2110 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This compat-openssl097g rollup update contains various security fixes: * CVE-2012-2131,CVE-2012-2110: incorrect integer conversions in OpenSSL could have resulted in memory corruption during buffer management operations. Security Issue reference: * CVE-2012-2110 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-compat-openssl097g-6749 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-compat-openssl097g-6749 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (x86_64): compat-openssl097g-0.9.7g-146.22.1 compat-openssl097g-32bit-0.9.7g-146.22.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): compat-openssl097g-0.9.7g-13.23.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): compat-openssl097g-32bit-0.9.7g-13.23.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): compat-openssl097g-x86-0.9.7g-13.23.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): compat-openssl097g-64bit-0.9.7g-13.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): compat-openssl097g-0.9.7g-146.22.1 compat-openssl097g-32bit-0.9.7g-146.22.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): compat-openssl097g-0.9.7g-13.23.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): compat-openssl097g-32bit-0.9.7g-13.23.1 References: http://support.novell.com/security/cve/CVE-2012-2110.html https://bugzilla.novell.com/758060 http://download.novell.com/patch/finder/?keywords=6f04264f0709c1dee299245669fdda7c http://download.novell.com/patch/finder/?keywords=acfbe9a056a9163e512e971404eb3aaa From sle-updates at lists.suse.com Tue Sep 11 23:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 07:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1150-1: Recommended update for nmap Message-ID: <20120912050834.BB1573225E@maintenance.suse.de> SUSE Recommended Update: Recommended update for nmap ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1150-1 Rating: low References: #750738 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update resolves a segfault in nmap when pinging a destination that is unreachable (bnc#750738). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nmap-6734 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nmap-6734 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nmap-4.75-1.28.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nmap-4.75-1.28.1 References: https://bugzilla.novell.com/750738 http://download.novell.com/patch/finder/?keywords=f28aaef567ca058a5fa89c6bafa8696a From sle-updates at lists.suse.com Wed Sep 12 12:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Sep 2012 20:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1155-1: important: Security update for dbus-1 Message-ID: <20120912180835.DEACB32260@maintenance.suse.de> SUSE Security Update: Security update for dbus-1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1155-1 Rating: important References: #697105 #764047 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update fixes a vulnerability in the DBUS auto-launching feature that allowed local users to execute arbitrary programs as root. CVE-2012-3524 has been assigned to this issue. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-dbus-1-6733 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-dbus-1-6733 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-dbus-1-6733 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-dbus-1-6733 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): dbus-1-devel-1.2.10-3.25.1 dbus-1-devel-doc-1.2.10-3.25.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): dbus-1-1.2.10-3.25.1 dbus-1-x11-1.2.10-3.25.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): dbus-1-32bit-1.2.10-3.25.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): dbus-1-1.2.10-3.25.1 dbus-1-x11-1.2.10-3.25.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): dbus-1-32bit-1.2.10-3.25.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): dbus-1-x86-1.2.10-3.25.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): dbus-1-1.2.10-3.25.1 dbus-1-x11-1.2.10-3.25.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): dbus-1-32bit-1.2.10-3.25.1 References: https://bugzilla.novell.com/697105 https://bugzilla.novell.com/764047 http://download.novell.com/patch/finder/?keywords=67554744e53055e253dbe3ef2cceb035 From sle-updates at lists.suse.com Wed Sep 12 16:09:05 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 00:09:05 +0200 (CEST) Subject: SUSE-SU-2012:1156-1: important: Security update for PHP5 Message-ID: <20120912220905.CEA7832262@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1156-1 Rating: important References: #775852 #778003 Cross-References: CVE-2011-1398 CVE-2011-4388 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes CVE-2011-1398 and CVE-2011-4388 (header injection via CR). This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. Security Issue references: * CVE-2011-1398 * CVE-2011-4388 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-apache2-mod_php53-6778 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apache2-mod_php53-6778 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apache2-mod_php53-6778 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): php53-devel-5.3.8-0.39.1 php53-imap-5.3.8-0.39.1 php53-posix-5.3.8-0.39.1 php53-readline-5.3.8-0.39.1 php53-sockets-5.3.8-0.39.1 php53-sqlite-5.3.8-0.39.1 php53-tidy-5.3.8-0.39.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): apache2-mod_php53-5.3.8-0.39.1 php53-5.3.8-0.39.1 php53-bcmath-5.3.8-0.39.1 php53-bz2-5.3.8-0.39.1 php53-calendar-5.3.8-0.39.1 php53-ctype-5.3.8-0.39.1 php53-curl-5.3.8-0.39.1 php53-dba-5.3.8-0.39.1 php53-dom-5.3.8-0.39.1 php53-exif-5.3.8-0.39.1 php53-fastcgi-5.3.8-0.39.1 php53-fileinfo-5.3.8-0.39.1 php53-ftp-5.3.8-0.39.1 php53-gd-5.3.8-0.39.1 php53-gettext-5.3.8-0.39.1 php53-gmp-5.3.8-0.39.1 php53-iconv-5.3.8-0.39.1 php53-intl-5.3.8-0.39.1 php53-json-5.3.8-0.39.1 php53-ldap-5.3.8-0.39.1 php53-mbstring-5.3.8-0.39.1 php53-mcrypt-5.3.8-0.39.1 php53-mysql-5.3.8-0.39.1 php53-odbc-5.3.8-0.39.1 php53-openssl-5.3.8-0.39.1 php53-pcntl-5.3.8-0.39.1 php53-pdo-5.3.8-0.39.1 php53-pear-5.3.8-0.39.1 php53-pgsql-5.3.8-0.39.1 php53-pspell-5.3.8-0.39.1 php53-shmop-5.3.8-0.39.1 php53-snmp-5.3.8-0.39.1 php53-soap-5.3.8-0.39.1 php53-suhosin-5.3.8-0.39.1 php53-sysvmsg-5.3.8-0.39.1 php53-sysvsem-5.3.8-0.39.1 php53-sysvshm-5.3.8-0.39.1 php53-tokenizer-5.3.8-0.39.1 php53-wddx-5.3.8-0.39.1 php53-xmlreader-5.3.8-0.39.1 php53-xmlrpc-5.3.8-0.39.1 php53-xmlwriter-5.3.8-0.39.1 php53-xsl-5.3.8-0.39.1 php53-zip-5.3.8-0.39.1 php53-zlib-5.3.8-0.39.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php53-5.3.8-0.39.1 php53-5.3.8-0.39.1 php53-bcmath-5.3.8-0.39.1 php53-bz2-5.3.8-0.39.1 php53-calendar-5.3.8-0.39.1 php53-ctype-5.3.8-0.39.1 php53-curl-5.3.8-0.39.1 php53-dba-5.3.8-0.39.1 php53-dom-5.3.8-0.39.1 php53-exif-5.3.8-0.39.1 php53-fastcgi-5.3.8-0.39.1 php53-fileinfo-5.3.8-0.39.1 php53-ftp-5.3.8-0.39.1 php53-gd-5.3.8-0.39.1 php53-gettext-5.3.8-0.39.1 php53-gmp-5.3.8-0.39.1 php53-iconv-5.3.8-0.39.1 php53-intl-5.3.8-0.39.1 php53-json-5.3.8-0.39.1 php53-ldap-5.3.8-0.39.1 php53-mbstring-5.3.8-0.39.1 php53-mcrypt-5.3.8-0.39.1 php53-mysql-5.3.8-0.39.1 php53-odbc-5.3.8-0.39.1 php53-openssl-5.3.8-0.39.1 php53-pcntl-5.3.8-0.39.1 php53-pdo-5.3.8-0.39.1 php53-pear-5.3.8-0.39.1 php53-pgsql-5.3.8-0.39.1 php53-pspell-5.3.8-0.39.1 php53-shmop-5.3.8-0.39.1 php53-snmp-5.3.8-0.39.1 php53-soap-5.3.8-0.39.1 php53-suhosin-5.3.8-0.39.1 php53-sysvmsg-5.3.8-0.39.1 php53-sysvsem-5.3.8-0.39.1 php53-sysvshm-5.3.8-0.39.1 php53-tokenizer-5.3.8-0.39.1 php53-wddx-5.3.8-0.39.1 php53-xmlreader-5.3.8-0.39.1 php53-xmlrpc-5.3.8-0.39.1 php53-xmlwriter-5.3.8-0.39.1 php53-xsl-5.3.8-0.39.1 php53-zip-5.3.8-0.39.1 php53-zlib-5.3.8-0.39.1 References: http://support.novell.com/security/cve/CVE-2011-1398.html http://support.novell.com/security/cve/CVE-2011-4388.html https://bugzilla.novell.com/775852 https://bugzilla.novell.com/778003 http://download.novell.com/patch/finder/?keywords=196b574ae446447dd5589365670d4c11 From sle-updates at lists.suse.com Wed Sep 12 17:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 01:08:38 +0200 (CEST) Subject: SUSE-SU-2012:1157-1: important: Security update for Mozilla Firefox Message-ID: <20120912230838.8DA9832261@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1157-1 Rating: important References: #777588 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes three new package versions. Description: MozillaFirefox was updated to 10.0.7ESR release, fixing a lot of bugs and security problems. The following security issues have been addressed: * MFSA 2012-57: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * CVE-2012-1971: Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, and Jason Smith reported memory safety problems and crashes that affect Firefox 14. * CVE-2012-1970: Gary Kwong, Christian Holler, Jesse Ruderman, John Schoenick, Vladimir Vukicevic and Daniel Holbert reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 14. * MFSA 2012-58: Security researcher Abhishek Arya (Inferno) of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. o Heap-use-after-free in nsHTMLEditor::CollapseAdjacentTextNodes CVE-2012-1972 o Heap-use-after-free in nsObjectLoadingContent::LoadObject CVE-2012-1973 o Heap-use-after-free in gfxTextRun::CanBreakLineBefore CVE-2012-1974 o Heap-use-after-free in PresShell::CompleteMove CVE-2012-1975 o Heap-use-after-free in nsHTMLSelectElement::SubmitNamesValues CVE-2012-1976 o Heap-use-after-free in MediaStreamGraphThreadRunnable::Run() CVE-2012-3956 o Heap-buffer-overflow in nsBlockFrame::MarkLineDirty CVE-2012-3957 o Heap-use-after-free in nsHTMLEditRules::DeleteNonTableElements CVE-2012-3958 o Heap-use-after-free in nsRangeUpdater::SelAdjDeleteNode CVE-2012-3959 o Heap-use-after-free in mozSpellChecker::SetCurrentDictionary CVE-2012-3960 o Heap-use-after-free in RangeData::~RangeData CVE-2012-3961 o Bad iterator in text runs CVE-2012-3962 o use after free in js::gc::MapAllocToTraceKind CVE-2012-3963 o Heap-use-after-free READ 8 in gfxTextRun::GetUserData CVE-2012-3964 * MFSA 2012-59 / CVE-2012-1956: Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting (XSS) attacks. * MFSA 2012-60 / CVE-2012-3965: Security researcher Mariusz Mlynski reported that when a page opens a new tab, a subsequent window can then be opened that can be navigated to about:newtab, a chrome privileged page. Once about:newtab is loaded, the special context can potentially be used to escalate privilege, allowing for arbitrary code execution on the local system in a maliciously crafted attack. * MFSA 2012-61 / CVE-2012-3966: Security researcher Frederic Hoguin reported two related issues with the decoding of bitmap (.BMP) format images embedded in icon (.ICO) format files. When processing a negative "height" header value for the bitmap image, a memory corruption can be induced, allowing an attacker to write random memory and cause a crash. This crash may be potentially exploitable. * MFSA 2012-62: Security researcher miaubiz used the Address Sanitizer tool to discover two WebGL issues. The first issue is a use-after-free when WebGL shaders are called after being destroyed. The second issue exposes a problem with Mesa drivers on Linux, leading to a potentially exploitable crash. o use after free, webgl fragment shader deleted by accessor CVE-2012-3968 o stack scribbling with 4-byte values choosable among a few values, when using more than 16 sampler uniforms, on Mesa, with all drivers CVE-2012-3967 * MFSA 2012-63: Security researcher Arthur Gerkis used the Address Sanitizer tool to find two issues involving Scalable Vector Graphics (SVG) files. The first issue is a buffer overflow in Gecko's SVG filter code when the sum of two values is too large to be stored as a signed 32-bit integer, causing the function to write past the end of an array. The second issue is a use-after-free when an element with a "requiredFeatures" attribute is moved between documents. In that situation, the internal representation of the "requiredFeatures" value could be freed prematurely. Both issues are potentially exploitable. o Heap-buffer-overflow in nsSVGFEMorphologyElement::Filter CVE-2012-3969 o Heap-use-after-free in nsTArray_base::Length() CVE-2012-3970 * MFSA 2012-64 / CVE-2012-3971: Using the Address Sanitizer tool, Mozilla security researcher Christoph Diehl discovered two memory corruption issues involving the Graphite 2 library used in Mozilla products. Both of these issues can cause a potentially exploitable crash. These problems were fixed in the Graphite 2 library, which has been updated for Mozilla products. * MFSA 2012-65 / CVE-2012-3972: Security research Nicolas Gregoire used the Address Sanitizer tool to discover an out-of-bounds read in the format-number feature of XSLT, which can cause inaccurate formatting of numbers and information leakage. This is not directly exploitable. * MFSA 2012-66 / CVE-2012-3973: Mozilla security researcher Mark Goodwin discovered an issue with the Firefox developer tools' debugger. If remote debugging is disabled, but the experimental HTTPMonitor extension has been installed and enabled, a remote user can connect to and use the remote debugging service through the port used by HTTPMonitor. A remote-enabled flag has been added to resolve this problem and close the port unless debugging is explicitly enabled. * MFSA 2012-67 / CVE-2012-3974: Security researcher Masato Kinugawa reported that if a crafted executable is placed in the root partition on a Windows file system, the Firefox and Thunderbird installer will launch this program after a standard installation instead of Firefox or Thunderbird, running this program with the user's privileges. * MFSA 2012-68 / CVE-2012-3975: Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be combined with other attacks to become exploitable. * MFSA 2012-69 / CVE-2012-3976: Security researcher Mark Poticha reported an issue where incorrect SSL certificate information can be displayed on the addressbar, showing the SSL data for a previous site while another has been loaded. This is caused by two onLocationChange events being fired out of the expected order, leading to the displayed certificate data to not be updated. This can be used for phishing attacks by allowing the user to input form or other data on a newer, attacking, site while the credentials of an older site appear on the addressbar. * MFSA 2012-70 / CVE-2012-3978: Mozilla security researcher moz_bug_r_a4 reported that certain security checks in the location object can be bypassed if chrome code is called content in a specific manner. This allowed for the loading of restricted content. This can be combined with other issues to become potentially exploitable. * MFSA 2012-71 / CVE-2012-3979: Mozilla developer Blake Kaplan reported that __android_log_print is called insecurely in places. If a malicious web page used a dump() statement with a specially crafted string, it can trigger a potentially exploitable crash. This vulnerability only affects Firefox for Android. * MFSA 2012-72 / CVE-2012-3980: Security researcher Colby Russell discovered that eval in the web console can execute injected code with chrome privileges, leading to the running of malicious code in a privileged context. This allows for arbitrary code execution through a malicious web page if the web console is invoked by the user. Indications: Please install this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-firefox-201208-6763 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201208-6763 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201208-6763 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201208-6763 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.13.6 and 4.9.2]: mozilla-nspr-devel-4.9.2-0.6.1 mozilla-nss-devel-3.13.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 10.0.7,3.13.6 and 4.9.2]: MozillaFirefox-10.0.7-0.3.1 MozillaFirefox-translations-10.0.7-0.3.1 libfreebl3-3.13.6-0.5.1 mozilla-nspr-4.9.2-0.6.1 mozilla-nss-3.13.6-0.5.1 mozilla-nss-tools-3.13.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.13.6 and 4.9.2]: libfreebl3-32bit-3.13.6-0.5.1 mozilla-nspr-32bit-4.9.2-0.6.1 mozilla-nss-32bit-3.13.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.7,3.13.6 and 4.9.2]: MozillaFirefox-10.0.7-0.3.1 MozillaFirefox-branding-SLED-7-0.6.7.80 MozillaFirefox-translations-10.0.7-0.3.1 libfreebl3-3.13.6-0.5.1 mozilla-nspr-4.9.2-0.6.1 mozilla-nss-3.13.6-0.5.1 mozilla-nss-tools-3.13.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.13.6 and 4.9.2]: libfreebl3-32bit-3.13.6-0.5.1 mozilla-nspr-32bit-4.9.2-0.6.1 mozilla-nss-32bit-3.13.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.13.6 and 4.9.2]: libfreebl3-x86-3.13.6-0.5.1 mozilla-nspr-x86-4.9.2-0.6.1 mozilla-nss-x86-3.13.6-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.7,3.13.6 and 4.9.2]: MozillaFirefox-10.0.7-0.3.1 MozillaFirefox-branding-SLED-7-0.6.7.80 MozillaFirefox-translations-10.0.7-0.3.1 libfreebl3-3.13.6-0.5.1 mozilla-nspr-4.9.2-0.6.1 mozilla-nss-3.13.6-0.5.1 mozilla-nss-tools-3.13.6-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.13.6 and 4.9.2]: libfreebl3-32bit-3.13.6-0.5.1 mozilla-nspr-32bit-4.9.2-0.6.1 mozilla-nss-32bit-3.13.6-0.5.1 References: https://bugzilla.novell.com/777588 http://download.novell.com/patch/finder/?keywords=eb74965ce2354d47597681ee9cf49621 From sle-updates at lists.suse.com Thu Sep 13 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 22:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1161-1: Recommended update for osasnmpd and s390-tools Message-ID: <20120913200828.3E10032263@maintenance.suse.de> SUSE Recommended Update: Recommended update for osasnmpd and s390-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1161-1 Rating: low References: #760339 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to s390-tools provides the following fixes: * ziomon: Fix handling of multiple multipath devices * lsluns: Fix checks for scsi generic (sg) functionality. * lsluns: Check SCSI registration in loop, after LUN0&WLUN unit_add Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-osasnmpd-6582 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (s390x): osasnmpd-1.15.0-0.107.1 s390-tools-1.15.0-0.107.1 References: https://bugzilla.novell.com/760339 http://download.novell.com/patch/finder/?keywords=4768155b59faa4bd025ee34a8d7aac68 From sle-updates at lists.suse.com Thu Sep 13 14:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 22:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1162-1: important: Security update for Xen Message-ID: <20120913200829.CF48532264@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1162-1 Rating: important References: #776995 #777084 #777090 #777091 Cross-References: CVE-2012-3494 CVE-2012-3496 CVE-2012-3515 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: XEN was updated to fix multiple bugs and security issues. The following security issues have been fixed: * CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) * CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability (XSA-14) * CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) Also the following bugs have been fixed: * pvscsi support of attaching Luns - bnc#776995 Security Issue references: * CVE-2012-3496 * CVE-2012-3494 * CVE-2012-3515 Indications: Everyone using XEN should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-xen-201209-6746 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): xen-4.0.3_21548_10-0.5.1 xen-doc-html-4.0.3_21548_10-0.5.1 xen-doc-pdf-4.0.3_21548_10-0.5.1 xen-kmp-default-4.0.3_21548_10_2.6.32.59_0.7-0.5.1 xen-kmp-trace-4.0.3_21548_10_2.6.32.59_0.7-0.5.1 xen-libs-4.0.3_21548_10-0.5.1 xen-tools-4.0.3_21548_10-0.5.1 xen-tools-domU-4.0.3_21548_10-0.5.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): xen-kmp-pae-4.0.3_21548_10_2.6.32.59_0.7-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3494.html http://support.novell.com/security/cve/CVE-2012-3496.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/776995 https://bugzilla.novell.com/777084 https://bugzilla.novell.com/777090 https://bugzilla.novell.com/777091 http://download.novell.com/patch/finder/?keywords=60ffb0200ab44cd2c5b21cf2c325f4a5 From sle-updates at lists.suse.com Thu Sep 13 15:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 23:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1163-1: moderate: Recommended update for cron Message-ID: <20120913210835.7707732263@maintenance.suse.de> SUSE Recommended Update: Recommended update for cron ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1163-1 Rating: moderate References: #775460 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression over SLE10 where system crontabs were no longer properly reloaded when being modified (bnc#775460). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cron-6785 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cron-6785 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cron-6785 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): cron-4.1-194.203.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): cron-4.1-194.203.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): cron-4.1-194.203.1 References: https://bugzilla.novell.com/775460 http://download.novell.com/patch/finder/?keywords=6e07a48a3f8c6e1bf84bf4629ba53caa From sle-updates at lists.suse.com Thu Sep 13 15:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Sep 2012 23:08:40 +0200 (CEST) Subject: SUSE-RU-2012:1164-1: Recommended update for scim Message-ID: <20120913210840.BEC7E32264@maintenance.suse.de> SUSE Recommended Update: Recommended update for scim ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1164-1 Rating: low References: #610324 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds support for multi-head setups (bnc#610324) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-scim-6739 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-scim-6739 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-scim-6739 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-scim-6739 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): scim-devel-1.4.7-166.34.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): scim-32bit-1.4.7-166.34.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): scim-1.4.7-166.34.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): scim-32bit-1.4.7-166.34.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): scim-1.4.7-166.34.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): scim-32bit-1.4.7-166.34.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): scim-x86-1.4.7-166.34.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): scim-1.4.7-166.34.1 References: https://bugzilla.novell.com/610324 http://download.novell.com/patch/finder/?keywords=8c6d978cf5af4452714c85044bad405a From sle-updates at lists.suse.com Thu Sep 13 16:09:00 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 00:09:00 +0200 (CEST) Subject: SUSE-RU-2012:1165-1: Recommended update for ISDN for Linux Message-ID: <20120913220900.E00E732263@maintenance.suse.de> SUSE Recommended Update: Recommended update for ISDN for Linux ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1165-1 Rating: low References: #757487 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update to ISDN for Linux changes the order of CAPI rules in udev which fixes an initialization problem. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ant-phone-6728 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ant-phone-6728 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ant-phone-6728 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ant-phone-6728 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2012.5.31]: capi4linux-devel-2012.5.31-0.2.6 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 2012.5.31]: i4l-vbox-2012.5.31-0.2.6 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2012.5.31]: capi4linux-2012.5.31-0.2.6 i4l-base-2012.5.31-0.2.6 i4l-isdnlog-2012.5.31-0.2.6 i4l-vbox-2012.5.31-0.2.6 i4lfirm-2012.5.31-0.2.6 ppp-userpass-2012.5.31-0.2.6 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 2012.5.31]: capi4linux-32bit-2012.5.31-0.2.6 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2012.5.31]: capi4linux-2012.5.31-0.2.6 i4l-base-2012.5.31-0.2.6 i4l-isdnlog-2012.5.31-0.2.6 i4l-vbox-2012.5.31-0.2.6 i4lfirm-2012.5.31-0.2.6 ppp-userpass-2012.5.31-0.2.6 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 2012.5.31]: capi4linux-32bit-2012.5.31-0.2.6 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 2012.5.31]: capi4linux-x86-2012.5.31-0.2.6 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2012.5.31]: capi4linux-2012.5.31-0.2.6 i4l-base-2012.5.31-0.2.6 i4l-isdnlog-2012.5.31-0.2.6 i4lfirm-2012.5.31-0.2.6 ppp-userpass-2012.5.31-0.2.6 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 2012.5.31]: capi4linux-32bit-2012.5.31-0.2.6 References: https://bugzilla.novell.com/757487 http://download.novell.com/patch/finder/?keywords=dfb9a27846f2daca84bf8bc1fd239bd2 From sle-updates at lists.suse.com Thu Sep 13 18:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 02:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1167-1: important: Security update for Mozilla Firefox Message-ID: <20120914000829.C997832237@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1167-1 Rating: important References: #684069 #769762 #777588 Cross-References: CVE-2012-1956 CVE-2012-1970 CVE-2012-1971 CVE-2012-1972 CVE-2012-1973 CVE-2012-1974 CVE-2012-1975 CVE-2012-1976 CVE-2012-3956 CVE-2012-3957 CVE-2012-3958 CVE-2012-3959 CVE-2012-3960 CVE-2012-3961 CVE-2012-3962 CVE-2012-3963 CVE-2012-3964 CVE-2012-3965 CVE-2012-3966 CVE-2012-3967 CVE-2012-3968 CVE-2012-3969 CVE-2012-3970 CVE-2012-3971 CVE-2012-3972 CVE-2012-3973 CVE-2012-3974 CVE-2012-3975 CVE-2012-3976 CVE-2012-3978 CVE-2012-3979 CVE-2012-3980 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 32 vulnerabilities is now available. It includes three new package versions. Description: MozillaFirefox was updated to 10.0.7ESR release, fixing a lot of bugs and security problems. The following security issues have been addressed: * MFSA 2012-57: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. * CVE-2012-1971: Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, and Jason Smith reported memory safety problems and crashes that affect Firefox 14. * CVE-2012-1970: Gary Kwong, Christian Holler, Jesse Ruderman, John Schoenick, Vladimir Vukicevic and Daniel Holbert reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 14. * MFSA 2012-58: Security researcher Abhishek Arya (Inferno) of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. o Heap-use-after-free in nsHTMLEditor::CollapseAdjacentTextNodes CVE-2012-1972 o Heap-use-after-free in nsObjectLoadingContent::LoadObject CVE-2012-1973 o Heap-use-after-free in gfxTextRun::CanBreakLineBefore CVE-2012-1974 o Heap-use-after-free in PresShell::CompleteMove CVE-2012-1975 o Heap-use-after-free in nsHTMLSelectElement::SubmitNamesValues CVE-2012-1976 o Heap-use-after-free in MediaStreamGraphThreadRunnable::Run() CVE-2012-3956 o Heap-buffer-overflow in nsBlockFrame::MarkLineDirty CVE-2012-3957 o Heap-use-after-free in nsHTMLEditRules::DeleteNonTableElements CVE-2012-3958 o Heap-use-after-free in nsRangeUpdater::SelAdjDeleteNode CVE-2012-3959 o Heap-use-after-free in mozSpellChecker::SetCurrentDictionary CVE-2012-3960 o Heap-use-after-free in RangeData::~RangeData CVE-2012-3961 o Bad iterator in text runs CVE-2012-3962 o use after free in js::gc::MapAllocToTraceKind CVE-2012-3963 o Heap-use-after-free READ 8 in gfxTextRun::GetUserData CVE-2012-3964 * MFSA 2012-59 / CVE-2012-1956: Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting (XSS) attacks. * MFSA 2012-60 / CVE-2012-3965: Security researcher Mariusz Mlynski reported that when a page opens a new tab, a subsequent window can then be opened that can be navigated to about:newtab, a chrome privileged page. Once about:newtab is loaded, the special context can potentially be used to escalate privilege, allowing for arbitrary code execution on the local system in a maliciously crafted attack. * MFSA 2012-61 / CVE-2012-3966: Security researcher Frederic Hoguin reported two related issues with the decoding of bitmap (.BMP) format images embedded in icon (.ICO) format files. When processing a negative "height" header value for the bitmap image, a memory corruption can be induced, allowing an attacker to write random memory and cause a crash. This crash may be potentially exploitable. * MFSA 2012-62: Security researcher miaubiz used the Address Sanitizer tool to discover two WebGL issues. The first issue is a use-after-free when WebGL shaders are called after being destroyed. The second issue exposes a problem with Mesa drivers on Linux, leading to a potentially exploitable crash. o use after free, webgl fragment shader deleted by accessor CVE-2012-3968 o stack scribbling with 4-byte values choosable among a few values, when using more than 16 sampler uniforms, on Mesa, with all drivers CVE-2012-3967 * MFSA 2012-63: Security researcher Arthur Gerkis used the Address Sanitizer tool to find two issues involving Scalable Vector Graphics (SVG) files. The first issue is a buffer overflow in Gecko's SVG filter code when the sum of two values is too large to be stored as a signed 32-bit integer, causing the function to write past the end of an array. The second issue is a use-after-free when an element with a "requiredFeatures" attribute is moved between documents. In that situation, the internal representation of the "requiredFeatures" value could be freed prematurely. Both issues are potentially exploitable. o Heap-buffer-overflow in nsSVGFEMorphologyElement::Filter CVE-2012-3969 o Heap-use-after-free in nsTArray_base::Length() CVE-2012-3970 * MFSA 2012-64 / CVE-2012-3971: Using the Address Sanitizer tool, Mozilla security researcher Christoph Diehl discovered two memory corruption issues involving the Graphite 2 library used in Mozilla products. Both of these issues can cause a potentially exploitable crash. These problems were fixed in the Graphite 2 library, which has been updated for Mozilla products. * MFSA 2012-65 / CVE-2012-3972: Security research Nicolas Gregoire used the Address Sanitizer tool to discover an out-of-bounds read in the format-number feature of XSLT, which can cause inaccurate formatting of numbers and information leakage. This is not directly exploitable. * MFSA 2012-66 / CVE-2012-3973: Mozilla security researcher Mark Goodwin discovered an issue with the Firefox developer tools' debugger. If remote debugging is disabled, but the experimental HTTPMonitor extension has been installed and enabled, a remote user can connect to and use the remote debugging service through the port used by HTTPMonitor. A remote-enabled flag has been added to resolve this problem and close the port unless debugging is explicitly enabled. * MFSA 2012-67 / CVE-2012-3974: Security researcher Masato Kinugawa reported that if a crafted executable is placed in the root partition on a Windows file system, the Firefox and Thunderbird installer will launch this program after a standard installation instead of Firefox or Thunderbird, running this program with the user's privileges. * MFSA 2012-68 / CVE-2012-3975: Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be combined with other attacks to become exploitable. * MFSA 2012-69 / CVE-2012-3976: Security researcher Mark Poticha reported an issue where incorrect SSL certificate information can be displayed on the addressbar, showing the SSL data for a previous site while another has been loaded. This is caused by two onLocationChange events being fired out of the expected order, leading to the displayed certificate data to not be updated. This can be used for phishing attacks by allowing the user to input form or other data on a newer, attacking, site while the credentials of an older site appear on the addressbar. * MFSA 2012-70 / CVE-2012-3978: Mozilla security researcher moz_bug_r_a4 reported that certain security checks in the location object can be bypassed if chrome code is called content in a specific manner. This allowed for the loading of restricted content. This can be combined with other issues to become potentially exploitable. * MFSA 2012-71 / CVE-2012-3979: Mozilla developer Blake Kaplan reported that __android_log_print is called insecurely in places. If a malicious web page used a dump() statement with a specially crafted string, it can trigger a potentially exploitable crash. This vulnerability only affects Firefox for Android. * MFSA 2012-72 / CVE-2012-3980: Security researcher Colby Russell discovered that eval in the web console can execute injected code with chrome privileges, leading to the running of malicious code in a privileged context. This allows for arbitrary code execution through a malicious web page if the web console is invoked by the user. Security Issue references: * CVE-2012-1971 * CVE-2012-1970 * CVE-2012-1972 * CVE-2012-1973 * CVE-2012-1974 * CVE-2012-1975 * CVE-2012-1976 * CVE-2012-3956 * CVE-2012-3957 * CVE-2012-3958 * CVE-2012-3959 * CVE-2012-3960 * CVE-2012-3961 * CVE-2012-3962 * CVE-2012-3963 * CVE-2012-3964 * CVE-2012-1956 * CVE-2012-3965 * CVE-2012-3966 * CVE-2012-3968 * CVE-2012-3967 * CVE-2012-3969 * CVE-2012-3970 * CVE-2012-3971 * CVE-2012-3972 * CVE-2012-3973 * CVE-2012-3974 * CVE-2012-3975 * CVE-2012-3976 * CVE-2012-3978 * CVE-2012-3979 * CVE-2012-3980 Indications: Please install this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.6 and 4.9.2]: firefox3-cairo-1.2.4-0.8.1 mozilla-nspr-4.9.2-0.9.1 mozilla-nspr-devel-4.9.2-0.9.1 mozilla-nss-3.13.6-0.8.1 mozilla-nss-devel-3.13.6-0.8.1 mozilla-nss-tools-3.13.6-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 7]: MozillaFirefox-10.0.7-0.5.1 MozillaFirefox-branding-SLED-7-0.8.31 MozillaFirefox-translations-10.0.7-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.13.6 and 4.9.2]: firefox3-cairo-32bit-1.2.4-0.8.1 mozilla-nspr-32bit-4.9.2-0.9.1 mozilla-nss-32bit-3.13.6-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.13.6 and 4.9.2]: mozilla-nspr-x86-4.9.2-0.9.1 mozilla-nss-x86-3.13.6-0.8.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.13.6 and 4.9.2]: mozilla-nspr-64bit-4.9.2-0.9.1 mozilla-nss-64bit-3.13.6-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.13.6 and 4.9.2]: firefox3-cairo-1.2.4-0.8.1 mozilla-nspr-4.9.2-0.9.1 mozilla-nspr-devel-4.9.2-0.9.1 mozilla-nss-3.13.6-0.8.1 mozilla-nss-devel-3.13.6-0.8.1 mozilla-nss-tools-3.13.6-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.13.6 and 4.9.2]: firefox3-cairo-32bit-1.2.4-0.8.1 mozilla-nspr-32bit-4.9.2-0.9.1 mozilla-nss-32bit-3.13.6-0.8.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 7]: MozillaFirefox-10.0.7-0.5.1 MozillaFirefox-branding-SLED-7-0.8.31 MozillaFirefox-translations-10.0.7-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.13.6]: firefox3-cairo-devel-1.2.4-0.8.1 firefox3-cairo-doc-1.2.4-0.8.1 mozilla-nss-tools-3.13.6-0.8.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.7-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-1956.html http://support.novell.com/security/cve/CVE-2012-1970.html http://support.novell.com/security/cve/CVE-2012-1971.html http://support.novell.com/security/cve/CVE-2012-1972.html http://support.novell.com/security/cve/CVE-2012-1973.html http://support.novell.com/security/cve/CVE-2012-1974.html http://support.novell.com/security/cve/CVE-2012-1975.html http://support.novell.com/security/cve/CVE-2012-1976.html http://support.novell.com/security/cve/CVE-2012-3956.html http://support.novell.com/security/cve/CVE-2012-3957.html http://support.novell.com/security/cve/CVE-2012-3958.html http://support.novell.com/security/cve/CVE-2012-3959.html http://support.novell.com/security/cve/CVE-2012-3960.html http://support.novell.com/security/cve/CVE-2012-3961.html http://support.novell.com/security/cve/CVE-2012-3962.html http://support.novell.com/security/cve/CVE-2012-3963.html http://support.novell.com/security/cve/CVE-2012-3964.html http://support.novell.com/security/cve/CVE-2012-3965.html http://support.novell.com/security/cve/CVE-2012-3966.html http://support.novell.com/security/cve/CVE-2012-3967.html http://support.novell.com/security/cve/CVE-2012-3968.html http://support.novell.com/security/cve/CVE-2012-3969.html http://support.novell.com/security/cve/CVE-2012-3970.html http://support.novell.com/security/cve/CVE-2012-3971.html http://support.novell.com/security/cve/CVE-2012-3972.html http://support.novell.com/security/cve/CVE-2012-3973.html http://support.novell.com/security/cve/CVE-2012-3974.html http://support.novell.com/security/cve/CVE-2012-3975.html http://support.novell.com/security/cve/CVE-2012-3976.html http://support.novell.com/security/cve/CVE-2012-3978.html http://support.novell.com/security/cve/CVE-2012-3979.html http://support.novell.com/security/cve/CVE-2012-3980.html https://bugzilla.novell.com/684069 https://bugzilla.novell.com/769762 https://bugzilla.novell.com/777588 http://download.novell.com/patch/finder/?keywords=3d961c9ba7250844680b248327a712ac From sle-updates at lists.suse.com Thu Sep 13 18:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 02:08:26 +0200 (CEST) Subject: SUSE-RU-2012:1166-1: Recommended update for tftp Message-ID: <20120914000826.12EAC3225E@maintenance.suse.de> SUSE Recommended Update: Recommended update for tftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1166-1 Rating: low References: #609413 #729793 #774861 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update to tftp resolves the following issues: * tftp server's data connection uses wrong source address (bnc#774861) * tftp server doesn't provide support for SuSEfirewall2 (bnc#609413, bnc#729793). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-tftp-6769 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-tftp-6769 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-tftp-6769 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): tftp-0.48-101.22.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): tftp-0.48-101.22.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): tftp-0.48-101.22.1 References: https://bugzilla.novell.com/609413 https://bugzilla.novell.com/729793 https://bugzilla.novell.com/774861 http://download.novell.com/patch/finder/?keywords=599c40e24ec64fadb0d764080fad7f0c From sle-updates at lists.suse.com Thu Sep 13 18:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 02:08:27 +0200 (CEST) Subject: SUSE-SU-2012:1156-2: important: Security update for PHP5 Message-ID: <20120914000827.CD2433225E@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1156-2 Rating: important References: #775852 #778003 Cross-References: CVE-2011-1398 CVE-2011-4388 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes CVE-2011-1398 and CVE-2011-4388 (header injection via CR). This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. Security Issue references: * CVE-2011-1398 * CVE-2011-4388 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-apache2-mod_php5-6777 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apache2-mod_php5-6777 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apache2-mod_php5-6777 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): php5-devel-5.2.14-0.7.30.46.1 php5-imap-5.2.14-0.7.30.46.1 php5-ncurses-5.2.14-0.7.30.46.1 php5-posix-5.2.14-0.7.30.46.1 php5-readline-5.2.14-0.7.30.46.1 php5-sockets-5.2.14-0.7.30.46.1 php5-sqlite-5.2.14-0.7.30.46.1 php5-tidy-5.2.14-0.7.30.46.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): apache2-mod_php5-5.2.14-0.7.30.46.1 php5-5.2.14-0.7.30.46.1 php5-bcmath-5.2.14-0.7.30.46.1 php5-bz2-5.2.14-0.7.30.46.1 php5-calendar-5.2.14-0.7.30.46.1 php5-ctype-5.2.14-0.7.30.46.1 php5-curl-5.2.14-0.7.30.46.1 php5-dba-5.2.14-0.7.30.46.1 php5-dbase-5.2.14-0.7.30.46.1 php5-dom-5.2.14-0.7.30.46.1 php5-exif-5.2.14-0.7.30.46.1 php5-fastcgi-5.2.14-0.7.30.46.1 php5-ftp-5.2.14-0.7.30.46.1 php5-gd-5.2.14-0.7.30.46.1 php5-gettext-5.2.14-0.7.30.46.1 php5-gmp-5.2.14-0.7.30.46.1 php5-hash-5.2.14-0.7.30.46.1 php5-iconv-5.2.14-0.7.30.46.1 php5-json-5.2.14-0.7.30.46.1 php5-ldap-5.2.14-0.7.30.46.1 php5-mbstring-5.2.14-0.7.30.46.1 php5-mcrypt-5.2.14-0.7.30.46.1 php5-mysql-5.2.14-0.7.30.46.1 php5-odbc-5.2.14-0.7.30.46.1 php5-openssl-5.2.14-0.7.30.46.1 php5-pcntl-5.2.14-0.7.30.46.1 php5-pdo-5.2.14-0.7.30.46.1 php5-pear-5.2.14-0.7.30.46.1 php5-pgsql-5.2.14-0.7.30.46.1 php5-pspell-5.2.14-0.7.30.46.1 php5-shmop-5.2.14-0.7.30.46.1 php5-snmp-5.2.14-0.7.30.46.1 php5-soap-5.2.14-0.7.30.46.1 php5-suhosin-5.2.14-0.7.30.46.1 php5-sysvmsg-5.2.14-0.7.30.46.1 php5-sysvsem-5.2.14-0.7.30.46.1 php5-sysvshm-5.2.14-0.7.30.46.1 php5-tokenizer-5.2.14-0.7.30.46.1 php5-wddx-5.2.14-0.7.30.46.1 php5-xmlreader-5.2.14-0.7.30.46.1 php5-xmlrpc-5.2.14-0.7.30.46.1 php5-xmlwriter-5.2.14-0.7.30.46.1 php5-xsl-5.2.14-0.7.30.46.1 php5-zip-5.2.14-0.7.30.46.1 php5-zlib-5.2.14-0.7.30.46.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): apache2-mod_php5-5.2.14-0.7.30.46.1 php5-5.2.14-0.7.30.46.1 php5-bcmath-5.2.14-0.7.30.46.1 php5-bz2-5.2.14-0.7.30.46.1 php5-calendar-5.2.14-0.7.30.46.1 php5-ctype-5.2.14-0.7.30.46.1 php5-curl-5.2.14-0.7.30.46.1 php5-dba-5.2.14-0.7.30.46.1 php5-dbase-5.2.14-0.7.30.46.1 php5-dom-5.2.14-0.7.30.46.1 php5-exif-5.2.14-0.7.30.46.1 php5-fastcgi-5.2.14-0.7.30.46.1 php5-ftp-5.2.14-0.7.30.46.1 php5-gd-5.2.14-0.7.30.46.1 php5-gettext-5.2.14-0.7.30.46.1 php5-gmp-5.2.14-0.7.30.46.1 php5-hash-5.2.14-0.7.30.46.1 php5-iconv-5.2.14-0.7.30.46.1 php5-json-5.2.14-0.7.30.46.1 php5-ldap-5.2.14-0.7.30.46.1 php5-mbstring-5.2.14-0.7.30.46.1 php5-mcrypt-5.2.14-0.7.30.46.1 php5-mysql-5.2.14-0.7.30.46.1 php5-odbc-5.2.14-0.7.30.46.1 php5-openssl-5.2.14-0.7.30.46.1 php5-pcntl-5.2.14-0.7.30.46.1 php5-pdo-5.2.14-0.7.30.46.1 php5-pear-5.2.14-0.7.30.46.1 php5-pgsql-5.2.14-0.7.30.46.1 php5-pspell-5.2.14-0.7.30.46.1 php5-shmop-5.2.14-0.7.30.46.1 php5-snmp-5.2.14-0.7.30.46.1 php5-soap-5.2.14-0.7.30.46.1 php5-suhosin-5.2.14-0.7.30.46.1 php5-sysvmsg-5.2.14-0.7.30.46.1 php5-sysvsem-5.2.14-0.7.30.46.1 php5-sysvshm-5.2.14-0.7.30.46.1 php5-tokenizer-5.2.14-0.7.30.46.1 php5-wddx-5.2.14-0.7.30.46.1 php5-xmlreader-5.2.14-0.7.30.46.1 php5-xmlrpc-5.2.14-0.7.30.46.1 php5-xmlwriter-5.2.14-0.7.30.46.1 php5-xsl-5.2.14-0.7.30.46.1 php5-zip-5.2.14-0.7.30.46.1 php5-zlib-5.2.14-0.7.30.46.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php5-5.2.14-0.7.30.46.1 php5-5.2.14-0.7.30.46.1 php5-bcmath-5.2.14-0.7.30.46.1 php5-bz2-5.2.14-0.7.30.46.1 php5-calendar-5.2.14-0.7.30.46.1 php5-ctype-5.2.14-0.7.30.46.1 php5-curl-5.2.14-0.7.30.46.1 php5-dba-5.2.14-0.7.30.46.1 php5-dbase-5.2.14-0.7.30.46.1 php5-dom-5.2.14-0.7.30.46.1 php5-exif-5.2.14-0.7.30.46.1 php5-fastcgi-5.2.14-0.7.30.46.1 php5-ftp-5.2.14-0.7.30.46.1 php5-gd-5.2.14-0.7.30.46.1 php5-gettext-5.2.14-0.7.30.46.1 php5-gmp-5.2.14-0.7.30.46.1 php5-hash-5.2.14-0.7.30.46.1 php5-iconv-5.2.14-0.7.30.46.1 php5-json-5.2.14-0.7.30.46.1 php5-ldap-5.2.14-0.7.30.46.1 php5-mbstring-5.2.14-0.7.30.46.1 php5-mcrypt-5.2.14-0.7.30.46.1 php5-mysql-5.2.14-0.7.30.46.1 php5-odbc-5.2.14-0.7.30.46.1 php5-openssl-5.2.14-0.7.30.46.1 php5-pcntl-5.2.14-0.7.30.46.1 php5-pdo-5.2.14-0.7.30.46.1 php5-pear-5.2.14-0.7.30.46.1 php5-pgsql-5.2.14-0.7.30.46.1 php5-pspell-5.2.14-0.7.30.46.1 php5-shmop-5.2.14-0.7.30.46.1 php5-snmp-5.2.14-0.7.30.46.1 php5-soap-5.2.14-0.7.30.46.1 php5-suhosin-5.2.14-0.7.30.46.1 php5-sysvmsg-5.2.14-0.7.30.46.1 php5-sysvsem-5.2.14-0.7.30.46.1 php5-sysvshm-5.2.14-0.7.30.46.1 php5-tokenizer-5.2.14-0.7.30.46.1 php5-wddx-5.2.14-0.7.30.46.1 php5-xmlreader-5.2.14-0.7.30.46.1 php5-xmlrpc-5.2.14-0.7.30.46.1 php5-xmlwriter-5.2.14-0.7.30.46.1 php5-xsl-5.2.14-0.7.30.46.1 php5-zip-5.2.14-0.7.30.46.1 php5-zlib-5.2.14-0.7.30.46.1 References: http://support.novell.com/security/cve/CVE-2011-1398.html http://support.novell.com/security/cve/CVE-2011-4388.html https://bugzilla.novell.com/775852 https://bugzilla.novell.com/778003 http://download.novell.com/patch/finder/?keywords=0759510e67ebbcbf558fe4298c9251a6 From sle-updates at lists.suse.com Thu Sep 13 18:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 02:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1155-2: important: Security update for dbus-1 Message-ID: <20120914000831.9C9F432260@maintenance.suse.de> SUSE Security Update: Security update for dbus-1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1155-2 Rating: important References: #697105 #764047 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update fixes a vulnerability in the DBUS auto-launching feature that allowed local users to execute arbitrary programs as root. CVE-2012-3524 has been assigned to this issue. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-dbus-1-6750 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): dbus-1-1.2.10-3.25.2 dbus-1-x11-1.2.10-3.25.2 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64): dbus-1-32bit-1.2.10-3.25.2 References: https://bugzilla.novell.com/697105 https://bugzilla.novell.com/764047 http://download.novell.com/patch/finder/?keywords=31465364238b4fa9b84b97edb4ca39c4 From sle-updates at lists.suse.com Thu Sep 13 19:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 03:08:28 +0200 (CEST) Subject: SUSE-SU-2012:1168-1: moderate: Security update for wireshark Message-ID: <20120914010828.8DEB132264@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1168-1 Rating: moderate References: #772738 #776083 Cross-References: CVE-2012-4048 CVE-2012-4049 CVE-2012-4285 CVE-2012-4288 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4296 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes one version update. Description: wireshark was updated to 1.4.15 to fix multiple security issues. Issues fixed: * fix bnc#776038(CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290), bnc#772738 (CVE-2012-4048, CVE-2012-4049)(fixed upstream) * Security fixes: o wnpa-sec-2012-13 The DCP ETSI dissector could trigger a zero division. Reported by Laurent Butti. (Bug 7566) o wnpa-sec-2012-15 The XTP dissector could go into an infinite loop. Reported by Ben Schmidt. (Bug 7571) o wnpa-sec-2012-17 The AFP dissector could go into a large loop. Reported by Stefan Cornelius. (Bug 7603) o wnpa-sec-2012-18 The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7568) o wnpa-sec-2012-20 The CIP dissector could exhaust system memory. Reported y Ben Schmidt. (Bug 7570) o wnpa-sec-2012-21 The STUN dissector could crash. Reported by Laurent Butti. (Bug 7569) o wnpa-sec-2012-22 The EtherCAT Mailbox dissector could abort. Reported by Laurent Butti. (Bug 7562) o wnpa-sec-2012-23 The CTDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7573) * Bug fixes: o Wireshark crashes on opening very short NFS pcap file. (Bug 7498) * Updated Protocol Support o AFP, Bluetooth L2CAP, CIP, CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control LISP, NFS, RTPS2, SCTP, STUN, XTP Security Issue references: * CVE-2012-4048 * CVE-2012-4049 * CVE-2012-4285 * CVE-2012-4288 * CVE-2012-4289 * CVE-2012-4296 * CVE-2012-4291 * CVE-2012-4292 * CVE-2012-4293 * CVE-2012-4290CVE-2012-4048 * CVE-2012-4049 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-wireshark-6760 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-wireshark-6760 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-wireshark-6760 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-wireshark-6760 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.15]: wireshark-devel-1.4.15-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.4.15]: wireshark-1.4.15-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.4.15]: wireshark-1.4.15-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.15]: wireshark-1.4.15-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-1.4.15-0.5.1 wireshark-devel-1.4.15-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.15]: wireshark-1.4.15-0.2.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): wireshark-1.4.15-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-devel-1.4.15-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-4048.html http://support.novell.com/security/cve/CVE-2012-4049.html http://support.novell.com/security/cve/CVE-2012-4285.html http://support.novell.com/security/cve/CVE-2012-4288.html http://support.novell.com/security/cve/CVE-2012-4289.html http://support.novell.com/security/cve/CVE-2012-4290.html http://support.novell.com/security/cve/CVE-2012-4291.html http://support.novell.com/security/cve/CVE-2012-4292.html http://support.novell.com/security/cve/CVE-2012-4293.html http://support.novell.com/security/cve/CVE-2012-4296.html https://bugzilla.novell.com/772738 https://bugzilla.novell.com/776083 http://download.novell.com/patch/finder/?keywords=75d97363523ecd7bd6791dfb7f73ba84 http://download.novell.com/patch/finder/?keywords=8c97d5c98c64afe228e7a248367ecd19 From sle-updates at lists.suse.com Fri Sep 14 14:08:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Sep 2012 22:08:22 +0200 (CEST) Subject: SUSE-SU-2012:1177-1: important: Security update for IBM Java Message-ID: <20120914200822.CF83132263@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1177-1 Rating: important References: #666744 #778629 Cross-References: CVE-2012-1713 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP2 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: IBM Java 1.4.2 was updated to SR13 FP13 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bug has been fixed: * fix bnc#666744: mark all configuration files as %config(noreplace) Security Issue references: * CVE-2012-1717 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_4_2-ibm-6791 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_4_2-ibm-6791 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_4_2-ibm-6791 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_4_2-ibm-6791 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.13-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.5.1 java-1_4_2-ibm-devel-1.4.2_sr13.13-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html https://bugzilla.novell.com/666744 https://bugzilla.novell.com/778629 http://download.novell.com/patch/finder/?keywords=1178840a855fef3bb3fdb1b51b3e979e http://download.novell.com/patch/finder/?keywords=e7a13fdccafdcc81cd4c6d1340a24a02 From sle-updates at lists.suse.com Sun Sep 16 23:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 07:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1178-1: Recommended update for tftp Message-ID: <20120917050830.C12D132265@maintenance.suse.de> SUSE Recommended Update: Recommended update for tftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1178-1 Rating: low References: #774861 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to tftp resolves the following issue: * tftp server's data connection uses wrong source address (bnc#774861). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): tftp-0.48-1.15.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): tftp-0.48-1.15.1 References: https://bugzilla.novell.com/774861 http://download.novell.com/patch/finder/?keywords=0c1cebdba789fcba5b1f48caaf4ad5e6 From sle-updates at lists.suse.com Mon Sep 17 00:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 08:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1179-1: Recommended update for kernel-firmware Message-ID: <20120917060830.6FB4532265@maintenance.suse.de> SUSE Recommended Update: Recommended update for kernel-firmware ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1179-1 Rating: low References: #776864 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to kernel-firmware adds the microcode for Intel Taylor Peak wireless adapter. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-firmware-6705 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-firmware-6705 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-firmware-6705 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): kernel-firmware-20110923-0.17.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): kernel-firmware-20110923-0.17.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): kernel-firmware-20110923-0.17.1 References: https://bugzilla.novell.com/776864 http://download.novell.com/patch/finder/?keywords=c97cd8a079bb8e5087f6a232f18e79b9 From sle-updates at lists.suse.com Mon Sep 17 00:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 08:08:32 +0200 (CEST) Subject: SUSE-RU-2012:1180-1: Recommended update for file-roller Message-ID: <20120917060832.11E2332265@maintenance.suse.de> SUSE Recommended Update: Recommended update for file-roller ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1180-1 Rating: low References: #477933 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an issue in file-roller where the "enter" key is not handled when the focus is in the password field. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-file-roller-6783 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-file-roller-6783 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-file-roller-6783 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): file-roller-2.28.2-0.3.1 file-roller-lang-2.28.2-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): file-roller-2.28.2-0.3.1 file-roller-lang-2.28.2-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): file-roller-2.28.2-0.3.1 file-roller-lang-2.28.2-0.3.1 References: https://bugzilla.novell.com/477933 http://download.novell.com/patch/finder/?keywords=61954c2154d75e0c3d121f45815c03e1 From sle-updates at lists.suse.com Mon Sep 17 13:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 21:08:32 +0200 (CEST) Subject: SUSE-RU-2012:1193-1: Recommended update for backup-manager Message-ID: <20120917190832.A8ED332265@maintenance.suse.de> SUSE Recommended Update: Recommended update for backup-manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1193-1 Rating: low References: #774699 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to backup-manager resolves a problem that prevented backups of home directories. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-backup-manager-6721 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): backup-manager-0.1.0-18.39.1 backup-manager-lang-0.1.0-18.39.1 References: https://bugzilla.novell.com/774699 http://download.novell.com/patch/finder/?keywords=bb6e6838e0f4dbb14be4e80e7509b726 From sle-updates at lists.suse.com Mon Sep 17 13:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 21:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1194-1: Recommended update for gnome-panel Message-ID: <20120917190834.6602B32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-panel ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1194-1 Rating: low References: #627443 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an issue where the panel clock would not immediately update after a time zone change (bnc#627443). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-gnome-panel-6814 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gnome-panel-6814 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gnome-panel-6814 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gnome-panel-6814 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gnome-panel-devel-2.28.0-2.8.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gnome-panel-2.28.0-2.8.2 gnome-panel-lang-2.28.0-2.8.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): gnome-panel-32bit-2.28.0-2.8.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gnome-panel-2.28.0-2.8.2 gnome-panel-lang-2.28.0-2.8.2 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): gnome-panel-32bit-2.28.0-2.8.2 - SUSE Linux Enterprise Server 11 SP2 (ia64): gnome-panel-x86-2.28.0-2.8.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gnome-panel-2.28.0-2.8.2 gnome-panel-lang-2.28.0-2.8.2 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): gnome-panel-32bit-2.28.0-2.8.2 References: https://bugzilla.novell.com/627443 http://download.novell.com/patch/finder/?keywords=90992960a11f33e496a579280eec1664 From sle-updates at lists.suse.com Mon Sep 17 13:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 21:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1195-1: Recommended update for syslog-ng Message-ID: <20120917190835.F177232265@maintenance.suse.de> SUSE Recommended Update: Recommended update for syslog-ng ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1195-1 Rating: low References: #761635 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This is a collective update for syslog-ng which fixes: * a potential segfault when trying to open non-existing optional source files * always consider destination pipes as optional and try to reopen as specified in time_reopen seconds. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-syslog-ng-6742 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-syslog-ng-6742 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-syslog-ng-6742 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): syslog-ng-2.0.9-27.34.36.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): syslog-ng-2.0.9-27.34.36.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): syslog-ng-2.0.9-27.34.36.1 References: https://bugzilla.novell.com/761635 http://download.novell.com/patch/finder/?keywords=b0b9613fe5ff90d9ee100045b741818a From sle-updates at lists.suse.com Mon Sep 17 14:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 22:08:31 +0200 (CEST) Subject: SUSE-FU-2012:1196-1: Feature update for ICAClient Message-ID: <20120917200831.3343332264@maintenance.suse.de> SUSE Feature Update: Feature update for ICAClient ______________________________________________________________________________ Announcement ID: SUSE-FU-2012:1196-1 Rating: low References: #751537 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one feature fix can now be installed. It includes one version update. Description: This update provides the Citrix ICA Client 12.1.0.20306. Indications: Interested users can update the ICA Client to version 12. Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ICAClient-12-6809 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 12.1]: ICAClient-12.1-0.3.5 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libspeex-32bit-1.1.99.91-2.12 References: https://bugzilla.novell.com/751537 http://download.novell.com/patch/finder/?keywords=7f3e941ea019ff45ad4f980e51907ee3 From sle-updates at lists.suse.com Mon Sep 17 14:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Sep 2012 22:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1197-1: moderate: Recommended update for icedtea-web Message-ID: <20120917200833.1375532265@maintenance.suse.de> SUSE Recommended Update: Recommended update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1197-1 Rating: moderate References: #779001 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides icedtea-web 1.3, which delivers the following enhancements: * New features: o Web Start launch errors are now printed to give proper indication as to the cause o Significant performance improvement when loading applets that refer to missing classes o Support for latest versions of Chromium o Security warning dialog improvements to better clarify security request o Support build with GTK2 and GTK3 o Cookie write support (i.e set cookies in browser via Java/Applet) * Common: o Applet window icon improved * Plug-in: o PR975: Ignore classpaths specified in jar manifests when using jnlp_href o PR1011: Treat folders as such when specified in archive tags o PR855: AppletStub getDocumentBase() now returns full URL o PR722: Unsigned META-INF entries are ignored o PR861: Jars can now load from non codebase hosts o PR1106: Icedtea 1.2.1 crashes Firefox 14 * Web Start: o PR898: Large signed JNLP files now supported o PR811: URLs with spaces now handled correctly Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icedtea-web-6800 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.3]: icedtea-web-1.3-0.5.1 References: https://bugzilla.novell.com/779001 http://download.novell.com/patch/finder/?keywords=ebdac44094c9f1b55b6b5ffe6651606c From sle-updates at lists.suse.com Mon Sep 17 18:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 02:08:25 +0200 (CEST) Subject: SUSE-RU-2012:1198-1: Recommended update for multipath-tools Message-ID: <20120918000825.0B9C432260@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1198-1 Rating: low References: #719449 #735174 #735414 #738340 #738865 #743469 #743692 #744271 #746396 #747587 #747891 #747905 #749584 #749631 #749921 #760148 #763632 #767802 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 18 recommended fixes can now be installed. Description: This collective update to multipath-tools resolves the following issues: * Backport fast_io_fail definitions from upstream (bnc#749631, bnc#747891) * Do not try to set timeout on non-SCSI devices (bnc#747891) * Clarify messages when updating dev_loss_tmo * Document new path_selectors (bnc#735174) * Fix prio merging of prioritizers with different args (bnc#760148) * Add definitions for HP P6300 (bnc#763632) * Increase parameter buffer (bnc#767802) * Update NetApp device parameter * Check port state before updating timeouts (bnc#749631) * Fix typo in mp_prio_handler (bnc#760148) * Remove duplicate calls from verify_paths (bnc#749631) * Fix inconsistent hwtable entries (bnc#735414) * Do not update rport timeouts on failed paths (bnc#749631) * Fix up fast_io_fail settings (bnc#743692) * VPD 0x83 processing fixes (bnc#749921) * Add Datacore SANSymphony to hwtable (bnc#749584) * Fix copying bindings_file to initrd (bnc#738340, bnc#747905) * Add Fujitsu Eternus defaults (bnc#746396) * Add Intel Multi-Flex defaults (bnc#743469) * Check for accessible device-mapper device in kpartx (bnc#719449) * Use blkid in kpartx rules (bnc#747587) * Call 'reconfigure' during startup (bnc#744271) * Skip netlink uevents (bnc#719449) * Disable queueing when flushing maps (bnc#719449) * Print out uevent sequence number (bnc#719449) * Allow separate kdump configuration (bnc#738865). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kpartx-6694 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kpartx-6694 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kpartx-6694 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): kpartx-0.4.9-0.66.1 multipath-tools-0.4.9-0.66.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): kpartx-0.4.9-0.66.1 multipath-tools-0.4.9-0.66.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kpartx-0.4.9-0.66.1 multipath-tools-0.4.9-0.66.1 References: https://bugzilla.novell.com/719449 https://bugzilla.novell.com/735174 https://bugzilla.novell.com/735414 https://bugzilla.novell.com/738340 https://bugzilla.novell.com/738865 https://bugzilla.novell.com/743469 https://bugzilla.novell.com/743692 https://bugzilla.novell.com/744271 https://bugzilla.novell.com/746396 https://bugzilla.novell.com/747587 https://bugzilla.novell.com/747891 https://bugzilla.novell.com/747905 https://bugzilla.novell.com/749584 https://bugzilla.novell.com/749631 https://bugzilla.novell.com/749921 https://bugzilla.novell.com/760148 https://bugzilla.novell.com/763632 https://bugzilla.novell.com/767802 http://download.novell.com/patch/finder/?keywords=68e9e6b1d493f543010d43d4b77344dd From sle-updates at lists.suse.com Mon Sep 17 18:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 02:08:26 +0200 (CEST) Subject: SUSE-SU-2012:1199-1: critical: Security update for bind Message-ID: <20120918000826.AEFB132263@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1199-1 Rating: critical References: #780157 Cross-References: CVE-2012-4244 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The bind nameserver was updated to version 9.6-ESV-R7-P3 to fix a single security problem, where loading a zone file could have caused an assertion (abort) of the named service. (CVE-2012-4244) Security Issue reference: * CVE-2012-4244 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-bind-6830 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bind-6830 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bind-6830 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-bind-6829 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bind-6830 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P3]: bind-devel-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64) [New Version: 9.6ESVR7P3]: bind-devel-32bit-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.6ESVR7P3]: bind-9.6ESVR7P3-0.9.1 bind-chrootenv-9.6ESVR7P3-0.9.1 bind-doc-9.6ESVR7P3-0.9.1 bind-libs-9.6ESVR7P3-0.9.1 bind-utils-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P3]: bind-9.6ESVR7P3-0.9.1 bind-chrootenv-9.6ESVR7P3-0.9.1 bind-doc-9.6ESVR7P3-0.9.1 bind-libs-9.6ESVR7P3-0.9.1 bind-utils-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.6ESVR7P3]: bind-libs-x86-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 9.6ESVR7P3]: bind-9.6ESVR7P3-0.2.1 bind-chrootenv-9.6ESVR7P3-0.2.1 bind-doc-9.6ESVR7P3-0.2.1 bind-libs-9.6ESVR7P3-0.2.1 bind-utils-9.6ESVR7P3-0.2.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.2.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P3]: bind-9.6ESVR7P3-0.7.1 bind-chrootenv-9.6ESVR7P3-0.7.1 bind-devel-9.6ESVR7P3-0.7.1 bind-doc-9.6ESVR7P3-0.7.1 bind-libs-9.6ESVR7P3-0.7.1 bind-utils-9.6ESVR7P3-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P3]: bind-libs-x86-9.6ESVR7P3-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P3]: bind-devel-64bit-9.6ESVR7P3-0.7.1 bind-libs-64bit-9.6ESVR7P3-0.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.6ESVR7P3]: bind-libs-9.6ESVR7P3-0.9.1 bind-utils-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P3]: bind-libs-9.6ESVR7P3-0.7.1 bind-utils-9.6ESVR7P3-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P3]: bind-libs-32bit-9.6ESVR7P3-0.7.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P3]: bind-9.6ESVR7P3-0.7.1 bind-chrootenv-9.6ESVR7P3-0.7.1 bind-devel-9.6ESVR7P3-0.7.1 bind-doc-9.6ESVR7P3-0.7.1 - SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P3]: bind-devel-64bit-9.6ESVR7P3-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-4244.html https://bugzilla.novell.com/780157 http://download.novell.com/patch/finder/?keywords=32ca5e50f79b64a5f382bb2f2821acc6 http://download.novell.com/patch/finder/?keywords=653f2615ead76ad071e80d02ed0eec68 http://download.novell.com/patch/finder/?keywords=bb3d26829ba24ee792a2ebab623e8edb From sle-updates at lists.suse.com Tue Sep 18 07:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1202-1: important: Security update for kvm Message-ID: <20120918130833.837E032264@maintenance.suse.de> SUSE Security Update: Security update for kvm ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1202-1 Rating: important References: #764526 #777084 Cross-References: CVE-2012-2652 CVE-2012-3515 Affected Products: SUSE Studio Extension for System z 1.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The kvm qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). Also a temp file race has been fixed. (CVE-2012-2652) Security Issue references: * CVE-2012-3515 * CVE-2012-2652 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-kvm-6757 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Extension for System z 1.2 (s390x): kvm-0.12.5-1.24.1 References: http://support.novell.com/security/cve/CVE-2012-2652.html http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/764526 https://bugzilla.novell.com/777084 http://download.novell.com/patch/finder/?keywords=6b43defa8e26ed8a89d3eb005dcc2e9d From sle-updates at lists.suse.com Tue Sep 18 07:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1149-2: important: Security update for compat-openssl097g Message-ID: <20120918130835.37DAE32266@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl097g ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1149-2 Rating: important References: #758060 Cross-References: CVE-2012-2110 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This compat-openssl097g rollup update contains various security fixes: * CVE-2012-2131,CVE-2012-2110: incorrect integer conversions in OpenSSL can result in memory corruption during buffer management operations. Security Issue reference: * CVE-2012-2110 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP1: zypper in -t patch slesapp1-compat-openssl097g-6759 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP1 (x86_64): compat-openssl097g-0.9.7g-146.22.1 compat-openssl097g-32bit-0.9.7g-146.22.1 References: http://support.novell.com/security/cve/CVE-2012-2110.html https://bugzilla.novell.com/758060 http://download.novell.com/patch/finder/?keywords=63d3bb985d9697c7284e64028ed49208 From sle-updates at lists.suse.com Tue Sep 18 07:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:36 +0200 (CEST) Subject: SUSE-SU-2012:1203-1: important: Security update for qemu Message-ID: <20120918130836.C38F732266@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1203-1 Rating: important References: #777084 Cross-References: CVE-2012-3515 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The qemu vt100 emulation is affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). Security Issue references: * CVE-2012-3515 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-qemu-6765 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-qemu-6765 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): qemu-0.10.1-0.5.7.1 - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64): qemu-0.10.1-0.5.7.1 References: http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/777084 http://download.novell.com/patch/finder/?keywords=45d591cd12cb693b0321ffa2839e5a66 From sle-updates at lists.suse.com Tue Sep 18 07:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:38 +0200 (CEST) Subject: SUSE-SU-2012:1204-1: important: Security update for IBM Java Message-ID: <20120918130838.6BB0732264@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1204-1 Rating: important References: #666744 #771808 #773021 #778629 Cross-References: CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1725 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: IBM Java 1.5.0 was updated to SR14 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Also three bugs have been fixed: * fix bnc#771808: create symlink /usr/bin/javaws properly * fix bnc#666744: mark all configuration files as %config(noreplace) * fix bnc#773021: add code removing fonts symlink to baselibs.conf Security Issue references: * CVE-2012-1717 * CVE-2012-1716 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 * CVE-2012-1725 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-devel-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-fonts-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_5_0-ibm-jdbc-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-plugin-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_5_0-ibm-64bit-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-devel-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-fonts-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Java 10 SP4 (ppc): java-1_5_0-ibm-jdbc-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-plugin-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): java-1_5_0-ibm-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-demo-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-devel-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-fonts-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-src-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): java-1_5_0-ibm-32bit-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-alsa-32bit-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr14.0-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-jdbc-1.5.0_sr14.0-0.9.1 java-1_5_0-ibm-plugin-1.5.0_sr14.0-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1716.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html http://support.novell.com/security/cve/CVE-2012-1725.html https://bugzilla.novell.com/666744 https://bugzilla.novell.com/771808 https://bugzilla.novell.com/773021 https://bugzilla.novell.com/778629 http://download.novell.com/patch/finder/?keywords=458527f9aa3426cff56a9eb352661d4a From sle-updates at lists.suse.com Tue Sep 18 07:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:40 +0200 (CEST) Subject: SUSE-SU-2012:1205-1: important: Security update for kvm Message-ID: <20120918130840.0ADDD32266@maintenance.suse.de> SUSE Security Update: Security update for kvm ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1205-1 Rating: important References: #770153 #772586 #777084 Cross-References: CVE-2012-3515 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: The kvm qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). Also the following non security bugs have been fixed: * permit qemu-kvm -device "?" even when no /dev/kvm (bnc#772586) * SLES11SP2 KVM Virtio: on kvm guest, scsi inquiry was still ok on the disabled subpaths. (bnc#770153) Security Issue reference: * CVE-2012-3515 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kvm-6755 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kvm-6755 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): kvm-0.15.1-0.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kvm-0.15.1-0.23.1 References: http://support.novell.com/security/cve/CVE-2012-3515.html https://bugzilla.novell.com/770153 https://bugzilla.novell.com/772586 https://bugzilla.novell.com/777084 http://download.novell.com/patch/finder/?keywords=b915637aa6799bbb7d5d889b2accf22e From sle-updates at lists.suse.com Tue Sep 18 07:08:41 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 15:08:41 +0200 (CEST) Subject: SUSE-SU-2012:1206-1: moderate: Security update for openstack-keystone Message-ID: <20120918130841.7FC0032264@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1206-1 Rating: moderate References: #779477 Cross-References: CVE-2012-4413 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The openstack Keystone component was updated to fix a security issue: * CVE-2012-4413: Fix that revoking of roles also invalidates already existing tokens. Security Issue reference: * CVE-2012-4413 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-keystone-6818 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-keystone-2012.1+git.1345702665.a16a0ab-0.7.1 openstack-keystone-doc-2012.1+git.1345702665.a16a0ab-0.7.1 python-keystone-2012.1+git.1345702665.a16a0ab-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-4413.html https://bugzilla.novell.com/779477 http://download.novell.com/patch/finder/?keywords=f7161c1467d10d3c4387b35fe8376f46 From sle-updates at lists.suse.com Tue Sep 18 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 19:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1208-1: Recommended update for iw Message-ID: <20120918170835.A6A7132266@maintenance.suse.de> SUSE Recommended Update: Recommended update for iw ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1208-1 Rating: low References: #699784 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds the man pages for iw. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-iw-6745 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): iw-0.9.22-2.7.1 References: https://bugzilla.novell.com/699784 http://download.novell.com/patch/finder/?keywords=34d44580aad50f30bf2a9a2f28c86e33 From sle-updates at lists.suse.com Tue Sep 18 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1209-1: important: Recommended update for pacemaker Message-ID: <20120918170837.95E2B32266@maintenance.suse.de> SUSE Recommended Update: Recommended update for pacemaker ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1209-1 Rating: important References: #769910 #778496 #779757 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update fixes a compatibility issue with pacemaker-mgmt in the last pacemaker update. In addition, the following fixes are included: * Core: Avoid list traverse restarts when stripping text nodes (bnc#769910) * pengine: Fix monitor op stopping after rsc promotion (bnc#778496) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-pacemaker-and-mgmt-6825 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.1.7]: libpacemaker-devel-1.1.7-0.9.1 libpacemaker3-1.1.7-0.9.1 pacemaker-1.1.7-0.9.1 pacemaker-mgmt-2.1.0-0.10.2 pacemaker-mgmt-client-2.1.0-0.10.2 pacemaker-mgmt-devel-2.1.0-0.10.2 References: https://bugzilla.novell.com/769910 https://bugzilla.novell.com/778496 https://bugzilla.novell.com/779757 http://download.novell.com/patch/finder/?keywords=fd3527d43b7917f7c34cd5f9d800bb96 From sle-updates at lists.suse.com Tue Sep 18 13:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Sep 2012 21:08:25 +0200 (CEST) Subject: SUSE-SU-2012:1210-1: important: Security update for PHP5 Message-ID: <20120918190825.6744432264@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1210-1 Rating: important References: #778003 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update fixes header code injection issues in PHP5 (CVE-2011-1398 and CVE-2011-4388). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.40.1 php5-5.2.14-0.40.1 php5-bcmath-5.2.14-0.40.1 php5-bz2-5.2.14-0.40.1 php5-calendar-5.2.14-0.40.1 php5-ctype-5.2.14-0.40.1 php5-curl-5.2.14-0.40.1 php5-dba-5.2.14-0.40.1 php5-dbase-5.2.14-0.40.1 php5-devel-5.2.14-0.40.1 php5-dom-5.2.14-0.40.1 php5-exif-5.2.14-0.40.1 php5-fastcgi-5.2.14-0.40.1 php5-ftp-5.2.14-0.40.1 php5-gd-5.2.14-0.40.1 php5-gettext-5.2.14-0.40.1 php5-gmp-5.2.14-0.40.1 php5-hash-5.2.14-0.40.1 php5-iconv-5.2.14-0.40.1 php5-imap-5.2.14-0.40.1 php5-json-5.2.14-0.40.1 php5-ldap-5.2.14-0.40.1 php5-mbstring-5.2.14-0.40.1 php5-mcrypt-5.2.14-0.40.1 php5-mhash-5.2.14-0.40.1 php5-mysql-5.2.14-0.40.1 php5-ncurses-5.2.14-0.40.1 php5-odbc-5.2.14-0.40.1 php5-openssl-5.2.14-0.40.1 php5-pcntl-5.2.14-0.40.1 php5-pdo-5.2.14-0.40.1 php5-pear-5.2.14-0.40.1 php5-pgsql-5.2.14-0.40.1 php5-posix-5.2.14-0.40.1 php5-pspell-5.2.14-0.40.1 php5-shmop-5.2.14-0.40.1 php5-snmp-5.2.14-0.40.1 php5-soap-5.2.14-0.40.1 php5-sockets-5.2.14-0.40.1 php5-sqlite-5.2.14-0.40.1 php5-suhosin-5.2.14-0.40.1 php5-sysvmsg-5.2.14-0.40.1 php5-sysvsem-5.2.14-0.40.1 php5-sysvshm-5.2.14-0.40.1 php5-tokenizer-5.2.14-0.40.1 php5-wddx-5.2.14-0.40.1 php5-xmlreader-5.2.14-0.40.1 php5-xmlrpc-5.2.14-0.40.1 php5-xsl-5.2.14-0.40.1 php5-zlib-5.2.14-0.40.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.40.1 php5-5.2.14-0.40.1 php5-bcmath-5.2.14-0.40.1 php5-bz2-5.2.14-0.40.1 php5-calendar-5.2.14-0.40.1 php5-ctype-5.2.14-0.40.1 php5-curl-5.2.14-0.40.1 php5-dba-5.2.14-0.40.1 php5-dbase-5.2.14-0.40.1 php5-devel-5.2.14-0.40.1 php5-dom-5.2.14-0.40.1 php5-exif-5.2.14-0.40.1 php5-fastcgi-5.2.14-0.40.1 php5-ftp-5.2.14-0.40.1 php5-gd-5.2.14-0.40.1 php5-gettext-5.2.14-0.40.1 php5-gmp-5.2.14-0.40.1 php5-hash-5.2.14-0.40.1 php5-iconv-5.2.14-0.40.1 php5-imap-5.2.14-0.40.1 php5-ldap-5.2.14-0.40.1 php5-mbstring-5.2.14-0.40.1 php5-mcrypt-5.2.14-0.40.1 php5-mhash-5.2.14-0.40.1 php5-mysql-5.2.14-0.40.1 php5-ncurses-5.2.14-0.40.1 php5-odbc-5.2.14-0.40.1 php5-openssl-5.2.14-0.40.1 php5-pcntl-5.2.14-0.40.1 php5-pdo-5.2.14-0.40.1 php5-pear-5.2.14-0.40.1 php5-pgsql-5.2.14-0.40.1 php5-posix-5.2.14-0.40.1 php5-pspell-5.2.14-0.40.1 php5-shmop-5.2.14-0.40.1 php5-snmp-5.2.14-0.40.1 php5-soap-5.2.14-0.40.1 php5-sockets-5.2.14-0.40.1 php5-sqlite-5.2.14-0.40.1 php5-suhosin-5.2.14-0.40.1 php5-sysvmsg-5.2.14-0.40.1 php5-sysvsem-5.2.14-0.40.1 php5-sysvshm-5.2.14-0.40.1 php5-tidy-5.2.14-0.40.1 php5-tokenizer-5.2.14-0.40.1 php5-wddx-5.2.14-0.40.1 php5-xmlreader-5.2.14-0.40.1 php5-xmlrpc-5.2.14-0.40.1 php5-xsl-5.2.14-0.40.1 php5-zlib-5.2.14-0.40.1 References: https://bugzilla.novell.com/778003 http://download.novell.com/patch/finder/?keywords=fc148b307277a068b432ffd08c765241 From sle-updates at lists.suse.com Tue Sep 18 22:08:23 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 06:08:23 +0200 (CEST) Subject: SUSE-RU-2012:1211-1: Recommended update for multipath-tools Message-ID: <20120919040823.162BA32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1211-1 Rating: low References: #699350 #724373 #735174 #735414 #736334 #738295 #738340 #743469 #744271 #749584 #763632 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. Description: This collective update to multipath-tools resolves the following issues: * Duplicate entries in 'multipath -t' (bnc#735414) * Ignore PATH_FAILED/PATH_REINSTATE events (bnc#738295) * Fix copying bindigs_file to initrd (bnc#738340) * Clarify dev_loss_tmo settings (bnc#736334) * Add hardware entry for Intel Multi-Flex (bnc#743469) * Set rdac TAS bit if changeable (bnc#724373) * Report PATH_UP for both paths for rdac if io-shipping is enabled (bnc#724373) * Report different priority values for rdac if io-shipping is enabled (bnc#724373) * Return PATH_DOWN if a device has disappeared from sysfs (bnc#699350) * Add Datacore SANSymphony to hwtable (bnc#749584) * Fix inconsistent entries after merging hwtable (bnc#735414) * Document new path_selectors (bnc#735174) * Add definitions for HP P6300 (bnc#763632) * Handle slow FC startup (bnc#744271). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-kpartx-6706 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-kpartx-6706 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): kpartx-0.4.8-40.50.1 multipath-tools-0.4.8-40.50.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): kpartx-0.4.8-40.50.1 multipath-tools-0.4.8-40.50.1 References: https://bugzilla.novell.com/699350 https://bugzilla.novell.com/724373 https://bugzilla.novell.com/735174 https://bugzilla.novell.com/735414 https://bugzilla.novell.com/736334 https://bugzilla.novell.com/738295 https://bugzilla.novell.com/738340 https://bugzilla.novell.com/743469 https://bugzilla.novell.com/744271 https://bugzilla.novell.com/749584 https://bugzilla.novell.com/763632 http://download.novell.com/patch/finder/?keywords=f4db5ad374cfcfcc515e5f2b10a43b7f From sle-updates at lists.suse.com Tue Sep 18 22:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 06:08:24 +0200 (CEST) Subject: SUSE-RU-2012:1212-1: Recommended update for mkinitrd Message-ID: <20120919040824.8507B32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for mkinitrd ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1212-1 Rating: low References: #731317 #755924 #759623 #760364 #769627 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update to mkinitrd resolves the following issues: * Do not copy firmware files of all kernel packages installed * Fix error messages when setting up lvm devices * Properly support bridge interfaces with only one underlying physical interface * Require SLE 11-SP2 udev * Recreate the initrd for all installed kernels after update * Fix accidental tilde expansion when parsing parameters. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mkinitrd-6717 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mkinitrd-6717 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mkinitrd-6717 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): mkinitrd-2.4.2-0.55.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): mkinitrd-2.4.2-0.55.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): mkinitrd-2.4.2-0.55.1 References: https://bugzilla.novell.com/731317 https://bugzilla.novell.com/755924 https://bugzilla.novell.com/759623 https://bugzilla.novell.com/760364 https://bugzilla.novell.com/769627 http://download.novell.com/patch/finder/?keywords=01ffd7838db4854e334940376cbd6766 From sle-updates at lists.suse.com Tue Sep 18 22:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 06:08:25 +0200 (CEST) Subject: SUSE-RU-2012:1213-1: Recommended update for scim-anthy Message-ID: <20120919040825.E5BB232265@maintenance.suse.de> SUSE Recommended Update: Recommended update for scim-anthy ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1213-1 Rating: low References: #703949 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an issue where wide-latin letters appeared twice (bnc#703949). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): scim-anthy-0.8.0-14.10.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): scim-anthy-0.8.0-14.10.1 References: https://bugzilla.novell.com/703949 http://download.novell.com/patch/finder/?keywords=768f09d9fa0f3748c0ac602877140764 From sle-updates at lists.suse.com Wed Sep 19 13:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 21:08:26 +0200 (CEST) Subject: SUSE-RU-2012:1220-1: Recommended update for x11-tools Message-ID: <20120919190826.A369F32264@maintenance.suse.de> SUSE Recommended Update: Recommended update for x11-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1220-1 Rating: low References: #473511 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to x11-tools changes the wmlist script to return icewm-session as the start up binary for icewm. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-x11-tools-6743 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-x11-tools-6743 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-x11-tools-6743 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): x11-tools-0.1-167.24.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): x11-tools-0.1-167.24.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): x11-tools-0.1-167.24.1 References: https://bugzilla.novell.com/473511 http://download.novell.com/patch/finder/?keywords=0512ea9cb7e19a7f42a829209180efc7 From sle-updates at lists.suse.com Wed Sep 19 15:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 23:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1221-1: Recommended update for yast2-nfs Message-ID: <20120919210830.6111B32266@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-nfs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1221-1 Rating: low References: #775814 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update adds support for handling options with colons in nfs mounts. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-nfs-common-6782 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-nfs-common-6782 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-nfs-common-6782 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-nfs-common-6782 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.8]: yast2-nfs-server-2.17.8-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.8]: yast2-nfs-common-2.17.8-0.2.1 yast2-nfs-server-2.17.8-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.8]: yast2-nfs-common-2.17.8-0.2.1 yast2-nfs-server-2.17.8-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.8]: yast2-nfs-common-2.17.8-0.2.1 References: https://bugzilla.novell.com/775814 http://download.novell.com/patch/finder/?keywords=faa282fa07580f2202ff251b6c6b0a97 From sle-updates at lists.suse.com Wed Sep 19 15:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 23:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1222-1: important: Security update for ghostscript Message-ID: <20120919210832.0EBF63224A@maintenance.suse.de> SUSE Security Update: Security update for ghostscript ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1222-1 Rating: important References: #779700 Cross-References: CVE-2012-4405 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue. Security Issue reference: * CVE-2012-4405 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ghostscript-devel-6813 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ghostscript-devel-6813 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ghostscript-devel-6813 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ghostscript-devel-6813 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ghostscript-devel-8.62-32.34.1 ghostscript-ijs-devel-8.62-32.34.1 libgimpprint-devel-4.2.7-32.34.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ghostscript-fonts-other-8.62-32.34.1 ghostscript-fonts-rus-8.62-32.34.1 ghostscript-fonts-std-8.62-32.34.1 ghostscript-library-8.62-32.34.1 ghostscript-omni-8.62-32.34.1 ghostscript-x11-8.62-32.34.1 libgimpprint-4.2.7-32.34.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ghostscript-fonts-other-8.62-32.34.1 ghostscript-fonts-rus-8.62-32.34.1 ghostscript-fonts-std-8.62-32.34.1 ghostscript-library-8.62-32.34.1 ghostscript-omni-8.62-32.34.1 ghostscript-x11-8.62-32.34.1 libgimpprint-4.2.7-32.34.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): ghostscript-fonts-other-8.15.4-16.28.1 ghostscript-fonts-rus-8.15.4-16.28.1 ghostscript-fonts-std-8.15.4-16.28.1 ghostscript-library-8.15.4-16.28.1 ghostscript-omni-8.15.4-16.28.1 ghostscript-x11-8.15.4-16.28.1 libgimpprint-4.2.7-62.28.1 libgimpprint-devel-4.2.7-62.28.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ghostscript-fonts-other-8.62-32.34.1 ghostscript-fonts-rus-8.62-32.34.1 ghostscript-fonts-std-8.62-32.34.1 ghostscript-library-8.62-32.34.1 ghostscript-omni-8.62-32.34.1 ghostscript-x11-8.62-32.34.1 libgimpprint-4.2.7-32.34.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): ghostscript-fonts-other-8.15.4-16.28.1 ghostscript-fonts-std-8.15.4-16.28.1 ghostscript-library-8.15.4-16.28.1 ghostscript-x11-8.15.4-16.28.1 libgimpprint-4.2.7-62.28.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): ghostscript-fonts-rus-8.15.4-16.28.1 ghostscript-omni-8.15.4-16.28.1 libgimpprint-devel-4.2.7-62.28.1 References: http://support.novell.com/security/cve/CVE-2012-4405.html https://bugzilla.novell.com/779700 http://download.novell.com/patch/finder/?keywords=16655a319f6c06a08b5e85f00894fcfd http://download.novell.com/patch/finder/?keywords=1dee9fbca1f306bbda3c4a660608088a From sle-updates at lists.suse.com Wed Sep 19 15:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Sep 2012 23:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1223-1: moderate: Recommended update for reiserfs Message-ID: <20120919210833.B9D5432266@maintenance.suse.de> SUSE Recommended Update: Recommended update for reiserfs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1223-1 Rating: moderate References: #774768 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes signedness issues on large filesystems (bnc#774768), which could cause reiserfsck to not work properly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-reiserfs-6738 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-reiserfs-6738 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-reiserfs-6738 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): reiserfs-3.6.21-1.15.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): reiserfs-3.6.21-1.15.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): reiserfs-3.6.21-1.15.1 References: https://bugzilla.novell.com/774768 http://download.novell.com/patch/finder/?keywords=54bd34d813c81d0630dcd86948ee03ff From sle-updates at lists.suse.com Fri Sep 21 16:09:01 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 22 Sep 2012 00:09:01 +0200 (CEST) Subject: SUSE-RU-2012:1224-1: important: Recommended update for strongswan Message-ID: <20120921220901.941D532265@maintenance.suse.de> SUSE Recommended Update: Recommended update for strongswan ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1224-1 Rating: important References: #779038 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression where the charon keying daemon did not start anymore when OpenSSL is running in FIPS mode. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-strongswan-6795 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-strongswan-6795 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-strongswan-6795 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): strongswan-4.4.0-6.15.1 strongswan-doc-4.4.0-6.15.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): strongswan-4.4.0-6.15.1 strongswan-doc-4.4.0-6.15.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): strongswan-4.4.0-6.11.1 strongswan-doc-4.4.0-6.11.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): strongswan-4.4.0-6.15.1 strongswan-doc-4.4.0-6.15.1 References: https://bugzilla.novell.com/779038 http://download.novell.com/patch/finder/?keywords=c78bac74b43685f5966a1503ff93f90c http://download.novell.com/patch/finder/?keywords=f63f59821375d5799eccb48e320e0b2c From sle-updates at lists.suse.com Sat Sep 22 21:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sun, 23 Sep 2012 05:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1225-1: Recommended update for SUSE Manager Client Tools Message-ID: <20120923030828.5F63D32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1225-1 Rating: low References: #771382 #772584 Affected Products: SUSE Manager Client Tools for SLE 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the following issues: * fix osad to prevent 'notifying clients' starvation * deployed file create new directory structure fixed in rhncfg Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP1: zypper in -t patch slesctsp1-client-tools-201209-6764 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP1 (noarch): osad-5.9.44-0.20.2 rhncfg-5.9.33-0.22.2 rhncfg-actions-5.9.33-0.22.2 rhncfg-client-5.9.33-0.22.2 rhncfg-management-5.9.33-0.22.2 References: https://bugzilla.novell.com/771382 https://bugzilla.novell.com/772584 http://download.novell.com/patch/finder/?keywords=a5cad97cfbe9ab7ba6dff0f35de5e6e8 From sle-updates at lists.suse.com Mon Sep 24 15:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 24 Sep 2012 23:08:26 +0200 (CEST) Subject: SUSE-RU-2012:1229-1: Recommended update for SUSE Manager Server 1.2 Message-ID: <20120924210826.6872D32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 1.2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1229-1 Rating: low References: #764679 #768099 #768771 #768856 #769106 #769108 #773244 #773767 #774097 Affected Products: SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. It includes one version update. Description: This update fixes the following issues: * add channels for SLES for SAP SP2 and SUSE Manager Tools SP2 * spacecmd: Fix help text for command line parameter for "distribution path" * spacecmd: "suse" was missing in the helptext of the CLI for distributions * spacecmd: fix user_create when using the --pam option * fix kernel options in the web UI are not added to the xen distri * Construct GMT ms value if DB does not store timezone * ignore 127.0.0.2 IP addresses * Do not automatically subscribe to virt channels * fix syntax error in schema upgrade files * fix mgr-ncc-sync --migrate_res How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop If the SUSE Manager database is running on the same machine as the SUSE Manager server, this command also stops the SUSE Manager database instance. 3. Apply the patch using either zypper patch or YaST Online Update. 4. If the SUSE Manager database is running on the same machine as your SUSE Manager server, start the database instance with /etc/init.d/oracle-xe start or /etc/init.d/oracle start 5. Upgrade the database schema with spacewalk-schema-upgrade 6. Start the Spacewalk service: spacewalk-service start Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-susemanager-201209-6740 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): spacecmd-1.2.2-0.8.1 susemanager-1.2.0-0.60.1 susemanager-tools-1.2.0-0.60.1 - SUSE Manager 1.2 for SLE 11 SP1 (noarch) [New Version: 1.2.75]: sm-ncc-sync-data-1.2.0-0.38.1 spacewalk-java-1.2.115-0.62.1 spacewalk-java-config-1.2.115-0.62.1 spacewalk-java-lib-1.2.115-0.62.1 spacewalk-java-oracle-1.2.115-0.62.1 spacewalk-taskomatic-1.2.115-0.62.1 susemanager-schema-1.2.75-0.7.1 References: https://bugzilla.novell.com/764679 https://bugzilla.novell.com/768099 https://bugzilla.novell.com/768771 https://bugzilla.novell.com/768856 https://bugzilla.novell.com/769106 https://bugzilla.novell.com/769108 https://bugzilla.novell.com/773244 https://bugzilla.novell.com/773767 https://bugzilla.novell.com/774097 http://download.novell.com/patch/finder/?keywords=2c92d7c0ac2f241b28011f6c28e9c069 From sle-updates at lists.suse.com Mon Sep 24 15:08:43 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 24 Sep 2012 23:08:43 +0200 (CEST) Subject: SUSE-RU-2012:1225-2: Recommended update for SUSE Manager Proxy 1.2 Message-ID: <20120924210843.29B3932266@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 1.2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1225-2 Rating: low References: #771382 #772584 Affected Products: SUSE Manager Proxy 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the following issues: * fix osad to prevent 'notifying clients' starvation * deployed file create new directory structure fixed in rhncfg * proxy-installer should pre-require proxy-common to ensure correct order of apache modules How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Indications: Every SUSE Manager Proxy User should update Contraindications: Indications: Every SUSE Manager Proxy User should update Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.2 for SLE 11 SP1: zypper in -t patch slemap12sp1-suse-manager-proxy-201209-6736 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.2 for SLE 11 SP1 (noarch): osad-5.9.44-0.20.1 rhncfg-5.9.33-0.22.1 rhncfg-actions-5.9.33-0.22.1 rhncfg-client-5.9.33-0.22.1 rhncfg-management-5.9.33-0.22.1 spacewalk-proxy-installer-1.2.3-0.22.1 References: https://bugzilla.novell.com/771382 https://bugzilla.novell.com/772584 http://download.novell.com/patch/finder/?keywords=571d1eddc03bd52869ace4fb53892ad8 From sle-updates at lists.suse.com Mon Sep 24 15:08:59 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 24 Sep 2012 23:08:59 +0200 (CEST) Subject: SUSE-RU-2012:1230-1: Recommended update for spacewalk-client-setup Message-ID: <20120924210859.E56A732265@maintenance.suse.de> SUSE Recommended Update: Recommended update for spacewalk-client-setup ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1230-1 Rating: low References: #768771 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issue: All IP addresses which start with 127. are localhost addresses. When searching for the IP address to contact SUSE Manager try to find a better one. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-spacewalk-check-6741 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-spacewalk-check-6741 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-spacewalk-check-6741 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-spacewalk-check-6741 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (noarch): spacewalk-check-1.7.14.9-0.7.2 spacewalk-client-setup-1.7.14.9-0.7.2 spacewalk-client-tools-1.7.14.9-0.7.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): spacewalk-check-1.2.15-0.25.1 spacewalk-client-setup-1.2.15-0.25.1 spacewalk-client-tools-1.2.15-0.25.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): spacewalk-check-1.2.15-0.25.1 spacewalk-client-setup-1.2.15-0.25.1 spacewalk-client-tools-1.2.15-0.25.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): spacewalk-check-1.2.15-0.25.1 spacewalk-client-setup-1.2.15-0.25.1 spacewalk-client-tools-1.2.15-0.25.1 References: https://bugzilla.novell.com/768771 http://download.novell.com/patch/finder/?keywords=1bcb390585b0ac1add3a401dad4a7562 From sle-updates at lists.suse.com Mon Sep 24 16:09:02 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Sep 2012 00:09:02 +0200 (CEST) Subject: SUSE-SU-2012:1231-1: important: Security update for IBM Java Message-ID: <20120924220902.897F332266@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1231-1 Rating: important References: #780897 Cross-References: CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: IBM Java 1.7.0 was updated to SR2 which fixes critical security issues. Security Issue references: * CVE-2012-4681 * CVE-2012-1682 * CVE-2012-3136 * CVE-2012-0547 * CVE-2012-0551 * CVE-2012-1717 * CVE-2012-1716 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 * CVE-2012-1722 * CVE-2012-1721 * CVE-2012-1725 * CVE-2012-1726 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_7_0-ibm-6839 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_7_0-ibm-6839 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_7_0-ibm-6839 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_7_0-ibm-6839 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_7_0-ibm-alsa-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_7_0-ibm-plugin-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_7_0-ibm-alsa-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr2.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr2.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr2.0-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-0547.html http://support.novell.com/security/cve/CVE-2012-0551.html http://support.novell.com/security/cve/CVE-2012-1682.html http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1716.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html http://support.novell.com/security/cve/CVE-2012-1721.html http://support.novell.com/security/cve/CVE-2012-1722.html http://support.novell.com/security/cve/CVE-2012-1725.html http://support.novell.com/security/cve/CVE-2012-1726.html http://support.novell.com/security/cve/CVE-2012-3136.html http://support.novell.com/security/cve/CVE-2012-4681.html https://bugzilla.novell.com/780897 http://download.novell.com/patch/finder/?keywords=aedfce1f6badae90c6426f24723192e1 From sle-updates at lists.suse.com Mon Sep 24 16:09:20 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Sep 2012 00:09:20 +0200 (CEST) Subject: SUSE-RU-2012:1232-1: moderate: Recommended update for atftp Message-ID: <20120924220920.EF92432266@maintenance.suse.de> SUSE Recommended Update: Recommended update for atftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1232-1 Rating: moderate References: #729793 #774376 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for atftp provides the following fixes: * 774376: The previous update that enabled RFC conform behavior for the "sorcerer's apprentice syndrome" situation caused timeouts for customers. This update reverts to the old, RFC incompatible behavior by default and adds a configuration option to enable the RFC behavior again upon request. * 729793: Add SUSEfirewall2 support Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-atftp-6815 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-atftp-6815 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): atftp-0.7.0-135.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): atftp-0.7.0-135.12.1 References: https://bugzilla.novell.com/729793 https://bugzilla.novell.com/774376 http://download.novell.com/patch/finder/?keywords=64569bae6bd5cb5a41d27734dee7fcdd From sle-updates at lists.suse.com Mon Sep 24 16:09:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Sep 2012 00:09:37 +0200 (CEST) Subject: SUSE-RU-2012:1233-1: Recommended update for auditlog-keeper Message-ID: <20120924220937.594C632266@maintenance.suse.de> SUSE Recommended Update: Recommended update for auditlog-keeper ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1233-1 Rating: low References: #776378 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes permissions in the rpm filelist. Indications: Everybody should update Contraindications: Indications: Everybody should update Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-auditlog-keeper-6824 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-auditlog-keeper-6821 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (noarch): auditlog-keeper-0.2.1-0.7.1 - SUSE Manager 1.2 for SLE 11 SP1 (noarch): auditlog-keeper-0.2.1-0.4.8.1 References: https://bugzilla.novell.com/776378 http://download.novell.com/patch/finder/?keywords=022fe2c0160bdaaddf75c92557917266 http://download.novell.com/patch/finder/?keywords=85e6ec732426745cfc8526663d3e6cce From sle-updates at lists.suse.com Tue Sep 25 12:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Sep 2012 20:08:25 +0200 (CEST) Subject: SUSE-RU-2012:1243-1: moderate: Recommended update for atftp Message-ID: <20120925180825.3808432266@maintenance.suse.de> SUSE Recommended Update: Recommended update for atftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1243-1 Rating: moderate References: #774376 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for atftp provides the following fix: * 774376: The previous update that enabled RFC conforming behavior for the "sorcerer's apprentice syndrome" situation caused timeouts for customers. This update reverts to the old, RFC incompatible behavior by default and adds a configuration option to enable the RFC behavior again upon request. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): atftp-0.7.0-1.26.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): atftp-0.7.0-1.26.1 References: https://bugzilla.novell.com/774376 http://download.novell.com/patch/finder/?keywords=bcdd476101226864b57e810965f27285 From sle-updates at lists.suse.com Tue Sep 25 14:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Sep 2012 22:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1244-1: moderate: Security update for jabberd Message-ID: <20120925200830.0B7A532268@maintenance.suse.de> SUSE Security Update: Security update for jabberd ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1244-1 Rating: moderate References: #777253 #777483 Cross-References: CVE-2012-3525 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 SUSE Manager Proxy 1.2 for SLE 11 SP1 SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update fixes the possibility of unsolicited XMPP Dialback attacks. CVE-2012-3525 has been assigned to this issue. Security Issue reference: * CVE-2012-3525 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-jabberd-6803 - SUSE Manager Proxy 1.2 for SLE 11 SP1: zypper in -t patch slemap12sp1-jabberd-6797 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-jabberd-6803 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-jabberd-6797 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64): jabberd-2.2.11-0.10.1 jabberd-db-2.2.11-0.10.1 - SUSE Manager Proxy 1.2 for SLE 11 SP1 (x86_64): jabberd-2.2.11-0.10.1 jabberd-db-2.2.11-0.10.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): jabberd-2.2.11-0.10.1 jabberd-db-2.2.11-0.10.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): jabberd-2.2.11-0.10.1 jabberd-db-2.2.11-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-3525.html https://bugzilla.novell.com/777253 https://bugzilla.novell.com/777483 http://download.novell.com/patch/finder/?keywords=42e4ae23f21cf28f30db562583e0098c http://download.novell.com/patch/finder/?keywords=fbec18a2dcd82c968399264eb58547bb From sle-updates at lists.suse.com Wed Sep 26 10:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 26 Sep 2012 18:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1258-1: Recommended update for timezone Message-ID: <20120926160828.8B2A932266@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1258-1 Rating: low References: #762210 #780276 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for timezone provides 2012f, which includes the following time zone changes: * Fiji DST is October 21st 2012 -> January 20th, 2013 * Pacific/Fakaofo: Tokelau is UTC+13, not UTC+14 It also includes a fix for cleaning up stale symlinks of posixrules to /etc/localtime confusing 3rd party applications, like Java. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-timezone-2012f-6827 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-timezone-2012f-6827 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-timezone-2012f-6827 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-timezone-2012f-6827 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): timezone-java-2012f-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2012f]: timezone-2012f-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2012f]: timezone-java-2012f-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2012f]: timezone-2012f-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2012f]: timezone-java-2012f-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2012f]: timezone-2012f-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2012f]: timezone-java-2012f-0.3.1 References: https://bugzilla.novell.com/762210 https://bugzilla.novell.com/780276 http://download.novell.com/patch/finder/?keywords=671e76473fad3351ef7e978126e84c47 From sle-updates at lists.suse.com Wed Sep 26 11:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 26 Sep 2012 19:08:39 +0200 (CEST) Subject: SUSE-RU-2012:1259-1: Recommended update for f-spot Message-ID: <20120926170839.79DD332266@maintenance.suse.de> SUSE Recommended Update: Recommended update for f-spot ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1259-1 Rating: low References: #738740 #768073 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes a thumbnail not being updated properly or shown at all after rotating an image (bnc#738740). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-f-spot-6806 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): f-spot-0.8.2-12.19.1 f-spot-extension-beagle-0.8.2-12.19.1 f-spot-lang-0.8.2-12.19.1 References: https://bugzilla.novell.com/738740 https://bugzilla.novell.com/768073 http://download.novell.com/patch/finder/?keywords=961cdadc915e917edd5d51e1efc08548 From sle-updates at lists.suse.com Wed Sep 26 12:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 26 Sep 2012 20:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1260-1: Recommended update for glib2 Message-ID: <20120926180831.0267632265@maintenance.suse.de> SUSE Recommended Update: Recommended update for glib2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1260-1 Rating: low References: #770886 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for glib2 provides a fix in SuSEconfig.glib2 which caused a hang when certain files did not exist on the system. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-glib2-6807 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-glib2-6807 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-glib2-6807 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-glib2-6807 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): glib2-devel-2.22.5-0.6.1 libgio-fam-2.22.5-0.6.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): glib2-doc-2.22.5-0.6.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64): glib2-devel-32bit-2.22.5-0.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): glib2-2.22.5-0.6.1 glib2-doc-2.22.5-0.6.1 glib2-lang-2.22.5-0.6.1 libgio-2_0-0-2.22.5-0.6.1 libglib-2_0-0-2.22.5-0.6.1 libgmodule-2_0-0-2.22.5-0.6.1 libgobject-2_0-0-2.22.5-0.6.1 libgthread-2_0-0-2.22.5-0.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libgio-2_0-0-32bit-2.22.5-0.6.1 libglib-2_0-0-32bit-2.22.5-0.6.1 libgmodule-2_0-0-32bit-2.22.5-0.6.1 libgobject-2_0-0-32bit-2.22.5-0.6.1 libgthread-2_0-0-32bit-2.22.5-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): glib2-2.22.5-0.6.1 glib2-doc-2.22.5-0.6.1 glib2-lang-2.22.5-0.6.1 libgio-2_0-0-2.22.5-0.6.1 libglib-2_0-0-2.22.5-0.6.1 libgmodule-2_0-0-2.22.5-0.6.1 libgobject-2_0-0-2.22.5-0.6.1 libgthread-2_0-0-2.22.5-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libgio-2_0-0-32bit-2.22.5-0.6.1 libglib-2_0-0-32bit-2.22.5-0.6.1 libgmodule-2_0-0-32bit-2.22.5-0.6.1 libgobject-2_0-0-32bit-2.22.5-0.6.1 libgthread-2_0-0-32bit-2.22.5-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libgio-2_0-0-x86-2.22.5-0.6.1 libglib-2_0-0-x86-2.22.5-0.6.1 libgmodule-2_0-0-x86-2.22.5-0.6.1 libgobject-2_0-0-x86-2.22.5-0.6.1 libgthread-2_0-0-x86-2.22.5-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): glib2-2.22.5-0.6.1 glib2-devel-2.22.5-0.6.1 glib2-lang-2.22.5-0.6.1 libgio-2_0-0-2.22.5-0.6.1 libgio-fam-2.22.5-0.6.1 libglib-2_0-0-2.22.5-0.6.1 libgmodule-2_0-0-2.22.5-0.6.1 libgobject-2_0-0-2.22.5-0.6.1 libgthread-2_0-0-2.22.5-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libgio-2_0-0-32bit-2.22.5-0.6.1 libglib-2_0-0-32bit-2.22.5-0.6.1 libgmodule-2_0-0-32bit-2.22.5-0.6.1 libgobject-2_0-0-32bit-2.22.5-0.6.1 libgthread-2_0-0-32bit-2.22.5-0.6.1 References: https://bugzilla.novell.com/770886 http://download.novell.com/patch/finder/?keywords=8e050fa34bc318f40f3747d932351369 From sle-updates at lists.suse.com Thu Sep 27 09:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Sep 2012 17:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1261-1: Recommended update for mailx Message-ID: <20120927150834.585B73226A@maintenance.suse.de> SUSE Recommended Update: Recommended update for mailx ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1261-1 Rating: low References: #753340 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides mailx 12.5, which contains the following fixes: * Better detection of base64 encoded text if acrossed a line * A null pointer dereference that lead to a segmentation fault when the user hit return at a yes/no question has been fixed * When both standard input and standard output refer to a terminal, ignore SIGPIPE * With the "-E" command line option or if the "skipemptybody" variable is set, outgoing messages that contain no text in their first or only part are not sent but silently discarded. * When an attachment that would have a "text/something" content type contains illegal byte sequences, it is now reliably sent out with the "application/octet-stream" content type instead * Fixed a bug that caused messages to be truncated with IMAP servers that use LF as line ending in message data, such as Google Mail (reported by Matthew L. Shobe). * Do not run filename expansion for IMAP or POP3 mailboxes names, making it possible to select mailboxes that contain both brackets and spaces in their names (reported by Matthew L. Shobe). * Fixed the format of the timezone in "Date" header fields for zones in the Western Hemisphere whose offsets are not an integral number of hours (patch by Matthew Fischer). * Fixed a message corruption that occurred when the "inc" command was used with a mbox format mailbox after encrypted messages had been viewed (reported by Martin Neitzel). * Fixed a condition that caused mailx to hang when looking at a message, copying that message, and issuing a "z" command evaluating an uncached portion of an IMAP folder. * When the ORGANIZATION variable has an empty value, do not generate an "Organization:" header field. Previously, this condition resulted in mailx refusing to send mail In addition, handling of encoding in non-UTF8 locales was improved (bnc#753340) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mailx-6787 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mailx-6787 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mailx-6787 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 12.5]: mailx-12.5-1.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 12.5]: mailx-12.5-1.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 12.5]: mailx-12.5-1.3.1 References: https://bugzilla.novell.com/753340 http://download.novell.com/patch/finder/?keywords=355db93a5fb07cf0f70ddcd3e98e7e02 From sle-updates at lists.suse.com Thu Sep 27 10:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Sep 2012 18:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1258-2: Recommended update for timezone Message-ID: <20120927160831.8932832269@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1258-2 Rating: low References: #762210 #780276 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for timezone provides 2012f, which includes the following time zone changes: * Fiji DST is October 21st 2012 -> January 20th, 2013 * Pacific/Fakaofo: Tokelau is UTC+13, not UTC+14 It also includes a fix for cleaning up stale symlinks of posixrules to /etc/localtime confusing 3rd party applications, like Java. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2012f]: timezone-2012f-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2012f]: timezone-2012f-0.5.1 References: https://bugzilla.novell.com/762210 https://bugzilla.novell.com/780276 http://download.novell.com/patch/finder/?keywords=de31a29f3551d6bd251d30396314c1fa From sle-updates at lists.suse.com Thu Sep 27 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Sep 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1262-1: Recommended update for net-snmp Message-ID: <20120927170837.DEAEA32268@maintenance.suse.de> SUSE Recommended Update: Recommended update for net-snmp ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1262-1 Rating: low References: #775661 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to net-snmp adjusts the libperl reference in the runtime library search path of libnetsnmpmibs and libnetsnmphelpers. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libsnmp15-6832 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libsnmp15-6832 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libsnmp15-6832 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libsnmp15-6832 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): net-snmp-devel-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libsnmp15-32bit-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64): net-snmp-devel-32bit-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libsnmp15-5.4.2.1-8.12.12.1 net-snmp-5.4.2.1-8.12.12.1 perl-SNMP-5.4.2.1-8.12.12.1 snmp-mibs-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libsnmp15-32bit-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libsnmp15-5.4.2.1-8.12.12.1 net-snmp-5.4.2.1-8.12.12.1 perl-SNMP-5.4.2.1-8.12.12.1 snmp-mibs-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libsnmp15-32bit-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libsnmp15-x86-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libsnmp15-5.4.2.1-8.12.12.1 net-snmp-5.4.2.1-8.12.12.1 perl-SNMP-5.4.2.1-8.12.12.1 snmp-mibs-5.4.2.1-8.12.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libsnmp15-32bit-5.4.2.1-8.12.12.1 References: https://bugzilla.novell.com/775661 http://download.novell.com/patch/finder/?keywords=0eb73fe26541775d61797c2b38524704 From sle-updates at lists.suse.com Thu Sep 27 16:09:04 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 00:09:04 +0200 (CEST) Subject: SUSE-RU-2012:1263-1: Recommended update for MySQL Message-ID: <20120927220904.985E032266@maintenance.suse.de> SUSE Recommended Update: Recommended update for MySQL ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1263-1 Rating: low References: #746208 #770216 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to Mono resolves the following issues: * Add locking to mono_image_create_token() to resolve a race that caused Mono to crash * Add support for wildcard (*) when matching the target host with the certificate. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): mono-core-1.2.2-12.34.1 mono-data-1.2.2-12.34.1 mono-data-firebird-1.2.2-12.34.1 mono-data-oracle-1.2.2-12.34.1 mono-data-postgresql-1.2.2-12.34.1 mono-data-sqlite-1.2.2-12.34.1 mono-data-sybase-1.2.2-12.34.1 mono-locale-extras-1.2.2-12.34.1 mono-nunit-1.2.2-12.34.1 mono-web-1.2.2-12.34.1 mono-winforms-1.2.2-12.34.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): mono-core-32bit-1.2.2-12.34.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): mono-core-x86-1.2.2-12.34.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): bytefx-data-mysql-1.2.2-12.34.1 ibm-data-db2-1.2.2-12.34.1 mono-core-1.2.2-12.34.1 mono-data-1.2.2-12.34.1 mono-data-firebird-1.2.2-12.34.1 mono-data-oracle-1.2.2-12.34.1 mono-data-postgresql-1.2.2-12.34.1 mono-data-sqlite-1.2.2-12.34.1 mono-data-sybase-1.2.2-12.34.1 mono-devel-1.2.2-12.34.1 mono-extras-1.2.2-12.34.1 mono-locale-extras-1.2.2-12.34.1 mono-nunit-1.2.2-12.34.1 mono-web-1.2.2-12.34.1 mono-winforms-1.2.2-12.34.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): mono-core-32bit-1.2.2-12.34.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): bytefx-data-mysql-1.2.2-12.34.1 ibm-data-db2-1.2.2-12.34.1 mono-core-1.2.2-12.34.1 mono-data-1.2.2-12.34.1 mono-data-firebird-1.2.2-12.34.1 mono-data-oracle-1.2.2-12.34.1 mono-data-postgresql-1.2.2-12.34.1 mono-data-sqlite-1.2.2-12.34.1 mono-data-sybase-1.2.2-12.34.1 mono-devel-1.2.2-12.34.1 mono-extras-1.2.2-12.34.1 mono-jscript-1.2.2-12.34.1 mono-locale-extras-1.2.2-12.34.1 mono-nunit-1.2.2-12.34.1 mono-web-1.2.2-12.34.1 mono-winforms-1.2.2-12.34.1 - SLE SDK 10 SP4 (s390x x86_64): mono-core-32bit-1.2.2-12.34.1 - SLE SDK 10 SP4 (ia64): mono-core-x86-1.2.2-12.34.1 References: https://bugzilla.novell.com/746208 https://bugzilla.novell.com/770216 http://download.novell.com/patch/finder/?keywords=d344e9cc1e009391a763224d7afe62f2 From sle-updates at lists.suse.com Fri Sep 28 04:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 12:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1264-1: important: Security update for IBM Java Message-ID: <20120928100831.5468E32266@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1264-1 Rating: important References: #666744 #771808 #773021 #778629 Affected Products: SUSE Linux Enterprise Java 11 SP1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.5.0 was updated to SR11 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Also three bugs have been fixed: * fix bnc#771808: create symlink /usr/bin/javaws properly * fix bnc#666744: mark all configuration files as %config(noreplace) * fix bnc#773021: add code removing fonts symlink to baselibs.conf Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Java 11 SP1: zypper in -t patch slejsp1-java-1_6_0-ibm-6792 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Java 11 SP1 (x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.3.1 References: https://bugzilla.novell.com/666744 https://bugzilla.novell.com/771808 https://bugzilla.novell.com/773021 https://bugzilla.novell.com/778629 http://download.novell.com/patch/finder/?keywords=1a64b31e8705db74af1e182bf67ab075 From sle-updates at lists.suse.com Fri Sep 28 07:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 15:08:32 +0200 (CEST) Subject: SUSE-SU-2012:1265-1: important: Security update for IBM Java Message-ID: <20120928130832.5BAA032268@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1265-1 Rating: important References: #666744 #771808 #773021 #778629 Cross-References: CVE-2012-0551 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP2 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: IBM Java 1.5.0 was updated to SR11 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Also three bugs have been fixed: * fix bnc#771808: create symlink /usr/bin/javaws properly * fix bnc#666744: mark all configuration files as %config(noreplace) * fix bnc#773021: add code removing fonts symlink to baselibs.conf Security Issue references: * CVE-2012-0551 * CVE-2012-1717 * CVE-2012-1716 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 * CVE-2012-1722 * CVE-2012-1721 * CVE-2012-1725 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_6_0-ibm-6793 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_6_0-ibm-6793 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_6_0-ibm-6793 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_6_0-ibm-6793 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-devel-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_6_0-ibm-alsa-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_6_0-ibm-64bit-1.6.0_sr11.0-0.12.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr11.0-0.3.1 - SUSE Linux Enterprise Java 10 SP4 (x86_64): java-1_6_0-ibm-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-devel-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-fonts-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-jdbc-1.6.0_sr11.0-0.12.1 java-1_6_0-ibm-plugin-1.6.0_sr11.0-0.12.1 References: http://support.novell.com/security/cve/CVE-2012-0551.html http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1716.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html http://support.novell.com/security/cve/CVE-2012-1721.html http://support.novell.com/security/cve/CVE-2012-1722.html http://support.novell.com/security/cve/CVE-2012-1725.html https://bugzilla.novell.com/666744 https://bugzilla.novell.com/771808 https://bugzilla.novell.com/773021 https://bugzilla.novell.com/778629 http://download.novell.com/patch/finder/?keywords=4fb1277536cb653f8dc14a0bfc04f1ed http://download.novell.com/patch/finder/?keywords=6c5cd876c149103233c3763ab3c16263 From sle-updates at lists.suse.com Fri Sep 28 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1269-1: Recommended update for openCryptoki Message-ID: <20120928170837.E35EE32268@maintenance.suse.de> SUSE Recommended Update: Recommended update for openCryptoki ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1269-1 Rating: low References: #633397 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds a download location for the CCA libraries (bnc#633397) to the README. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390): openCryptoki-2.2.4-0.14.1 openCryptoki-32bit-2.2.4-0.14.1 openCryptoki-devel-2.2.4-0.14.1 - SUSE Linux Enterprise Server 10 SP4 (ppc64 s390x): openCryptoki-64bit-2.2.4-0.14.1 - SLE SDK 10 SP4 (i586 ppc s390): openCryptoki-2.2.4-0.14.1 openCryptoki-32bit-2.2.4-0.14.1 openCryptoki-devel-2.2.4-0.14.1 - SLE SDK 10 SP4 (ppc64 s390x): openCryptoki-64bit-2.2.4-0.14.1 References: https://bugzilla.novell.com/633397 http://download.novell.com/patch/finder/?keywords=fc9aafbcca92912080105541e676de57 From sle-updates at lists.suse.com Fri Sep 28 11:08:55 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 19:08:55 +0200 (CEST) Subject: SUSE-SU-2012:1177-2: important: Security update for IBM Java Message-ID: <20120928170855.226DA3226B@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1177-2 Rating: important References: #666744 #778629 Cross-References: CVE-2012-1713 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 Affected Products: SUSE Linux Enterprise Java 11 SP1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: IBM Java 1.4.2 was updated to SR13-FP13 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Also one bug has been fixed: * fix bnc#771808: create symlink /usr/bin/javaws properly Security Issue reference: * CVE-2012-1717 * CVE-2012-1713 * CVE-2012-1719 * CVE-2012-1718 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Java 11 SP1: zypper in -t patch slejsp1-java-1_4_2-ibm-6790 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Java 11 SP1 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.13-0.2.1 - SUSE Linux Enterprise Java 11 SP1 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.13-0.2.1 java-1_4_2-ibm-plugin-1.4.2_sr13.13-0.2.1 References: http://support.novell.com/security/cve/CVE-2012-1713.html http://support.novell.com/security/cve/CVE-2012-1717.html http://support.novell.com/security/cve/CVE-2012-1718.html http://support.novell.com/security/cve/CVE-2012-1719.html https://bugzilla.novell.com/666744 https://bugzilla.novell.com/778629 http://download.novell.com/patch/finder/?keywords=88f0abae38503a32feb6c129bda878db From sle-updates at lists.suse.com Fri Sep 28 12:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Sep 2012 20:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1270-1: important: Recommended update for smt-client Message-ID: <20120928180830.6987E32268@maintenance.suse.de> SUSE Recommended Update: Recommended update for smt-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1270-1 Rating: important References: #768964 #777755 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update fixes the proxy configuration of smt-client that is configured in /etc/sysconfig/smt-client (bnc#777755). A missing compatibility flag was added to the package in order to prevent warnings when installed on the same machine as 'smt' (bnc#768964). Indications: smt-client can not connect to the smt server via proxy server Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-smt-client-6808 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-smt-client-6808 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-smt-client-6808 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.0.18]: smt-client-0.0.18-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.0.18]: smt-client-0.0.18-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.0.18]: smt-client-0.0.18-0.5.1 References: https://bugzilla.novell.com/768964 https://bugzilla.novell.com/777755 http://download.novell.com/patch/finder/?keywords=cb070f8004702692e734f4be9ada8b6a From sle-updates at lists.suse.com Fri Sep 28 17:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 29 Sep 2012 01:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1271-1: moderate: Recommended update for sysstat Message-ID: <20120928230837.1349F32265@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysstat ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1271-1 Rating: moderate References: #757993 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to sysstat prevents sar from running in a crash kernel (kdump) environment. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): sysstat-8.0.4-1.16.1 sysstat-isag-8.0.4-1.16.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): sysstat-8.0.4-1.16.1 sysstat-isag-8.0.4-1.16.1 References: https://bugzilla.novell.com/757993 http://download.novell.com/patch/finder/?keywords=158fd02d928d90655cfbd4bcaf8fdb3a From sle-updates at lists.suse.com Fri Sep 28 17:08:55 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 29 Sep 2012 01:08:55 +0200 (CEST) Subject: SUSE-RU-2012:1272-1: Recommended update for openssl-certs Message-ID: <20120928230855.0B18632265@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl-certs ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1272-1 Rating: low References: #760503 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This updates includes the latest SSL root certificates trusted by Mozilla as of 2012-04-25. * new: EC_ACC.pem * new: Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem * new: Security_Communication_RootCA2.pem * removed: TC_TrustCenter_Germany_Class_2_CA.pem * removed: TC_TrustCenter_Germany_Class_3_CA.pem * removed: Verisign_Class_1_Public_Primary_Certification_Authority.1.pe m * removed: Verisign_Class_2_Public_Primary_Certification_Authority.pem * removed: Verisign_Class_4_Public_Primary_Certification_Authority_G2.p em Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (noarch): openssl-certs-0.8.0-0.7.11.1 References: https://bugzilla.novell.com/760503 http://download.novell.com/patch/finder/?keywords=02fa3e71f2ddba6ad5ba923cced1984e