From sle-updates at lists.suse.com Mon Jul 1 10:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 18:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1110-1: Recommended update for sm-ncc-sync-data Message-ID: <20130701160410.D1CE732047@maintenance.suse.de> SUSE Recommended Update: Recommended update for sm-ncc-sync-data ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1110-1 Rating: low References: #806839 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update add support for the following products: * SLES11-SP3 * SLED11-SP3 * SLES4VMware-11-SP3 * SLE11-SDK-SP3 * SLE11-HAE-SP3 * SUSE Studio Onsite 1.3 * SLMS 1.3 * WebYaST 1.3 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-sm-ncc-sync-data-7840 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.12]: sm-ncc-sync-data-1.7.12-0.5.1 References: https://bugzilla.novell.com/806839 http://download.novell.com/patch/finder/?keywords=49eb96bd8eea6fbee36d9587cb39ec61 From sle-updates at lists.suse.com Mon Jul 1 10:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 18:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1111-1: important: Recommended update for irqbalance Message-ID: <20130701160414.8BA7332047@maintenance.suse.de> SUSE Recommended Update: Recommended update for irqbalance ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1111-1 Rating: important References: #823378 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for irqbalance fixes support for NUMA platforms by linking the program against libnuma. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-irqbalance-7913 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-irqbalance-7913 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-irqbalance-7913 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): irqbalance-1.0.4-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): irqbalance-1.0.4-0.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): irqbalance-1.0.4-0.11.1 References: https://bugzilla.novell.com/823378 http://download.novell.com/patch/finder/?keywords=3a1e6f43b84178dbc420581306ab6fd0 From sle-updates at lists.suse.com Mon Jul 1 11:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 19:04:09 +0200 (CEST) Subject: SUSE-SU-2013:1059-2: moderate: Security update for clamav Message-ID: <20130701170409.D21E43213B@maintenance.suse.de> SUSE Security Update: Security update for clamav ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1059-2 Rating: moderate References: #816865 Cross-References: CVE-2013-2020 CVE-2013-2021 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: This release of clamav provides version 0.97.8 and fixes several potential security issues (bnc#816865): * CVE-2013-2020: Fix heap corruption * CVE-2013-2021: Fix overflow due to PDF key length computation. Security Issue references: * CVE-2013-2020 * CVE-2013-2021 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-clamav-7915 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-clamav-7915 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-clamav-7915 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.97.8]: clamav-0.97.8-0.2.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.97.8]: clamav-0.97.8-0.2.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.97.8]: clamav-0.97.8-0.2.1 References: http://support.novell.com/security/cve/CVE-2013-2020.html http://support.novell.com/security/cve/CVE-2013-2021.html https://bugzilla.novell.com/816865 http://download.novell.com/patch/finder/?keywords=6da024ec050086bf133f786c65c215cc From sle-updates at lists.suse.com Mon Jul 1 11:04:13 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 19:04:13 +0200 (CEST) Subject: SUSE-SU-2013:1112-1: moderate: Security update for openstack-swift Message-ID: <20130701170413.3258032139@maintenance.suse.de> SUSE Security Update: Security update for openstack-swift ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1112-1 Rating: moderate References: #824286 Cross-References: CVE-2013-2161 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of openstack-swift fixes a vulnerability in XML handling within the Swift account server (bnc#824286 / CVE-2013-2161) Security Issue reference: * CVE-2013-2161 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-swift-7864 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-swift-1.4.8+git.1332408124.4a6fead-0.13.1 openstack-swift-account-1.4.8+git.1332408124.4a6fead-0.13.1 openstack-swift-container-1.4.8+git.1332408124.4a6fead-0.13.1 openstack-swift-doc-1.4.8+git.1332408124.4a6fead-0.13.1 openstack-swift-object-1.4.8+git.1332408124.4a6fead-0.13.1 openstack-swift-proxy-1.4.8+git.1332408124.4a6fead-0.13.1 python-swift-1.4.8+git.1332408124.4a6fead-0.13.1 References: http://support.novell.com/security/cve/CVE-2013-2161.html https://bugzilla.novell.com/824286 http://download.novell.com/patch/finder/?keywords=47e9ab2536215cb233a5fa8322820291 From sle-updates at lists.suse.com Mon Jul 1 11:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 19:04:16 +0200 (CEST) Subject: SUSE-SU-2013:1113-1: moderate: Security update for openstack-keystone Message-ID: <20130701170416.5E1B632025@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1113-1 Rating: moderate References: #818596 #823783 Cross-References: CVE-2013-2059 CVE-2013-2157 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes security vulnerabilities within openstack-keystone. * Vulnerable Keystone LDAP backend authentication (bnc#823783 / CVE-2013-2157) * Keystone tokens were not immediately invalidated when user was deleted (bnc#818596 / CVE-2013-2059) Security Issue references: * CVE-2013-2157 * CVE-2013-2059 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-keystone-7863 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-keystone-2012.1+git.1361360075.f48dd0f-0.5.1 openstack-keystone-doc-2012.1+git.1361360075.f48dd0f-0.5.1 python-keystone-2012.1+git.1361360075.f48dd0f-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-2059.html http://support.novell.com/security/cve/CVE-2013-2157.html https://bugzilla.novell.com/818596 https://bugzilla.novell.com/823783 http://download.novell.com/patch/finder/?keywords=d80cf71c4dbecaa6df6fc448eea5bbbd From sle-updates at lists.suse.com Mon Jul 1 12:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 20:04:12 +0200 (CEST) Subject: SUSE-SU-2013:1039-2: important: Security update for flash-player Message-ID: <20130701180412.9C0D232047@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1039-2 Rating: important References: #824512 Cross-References: CVE-2013-3343 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Adobe flash-player has been updated to the 11.2.202.291 security update which fixes security issues (bnc#824512, CVE-2013-3343, APSB13-16). Security Issue reference: * CVE-2013-3343 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-7917 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.291]: flash-player-11.2.202.291-0.3.1 flash-player-gnome-11.2.202.291-0.3.1 flash-player-kde4-11.2.202.291-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-3343.html https://bugzilla.novell.com/824512 http://download.novell.com/patch/finder/?keywords=ecac9ef0850e33c0354dc97e8e47c86f From sle-updates at lists.suse.com Mon Jul 1 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 22:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1114-1: important: Recommended update for rsh Message-ID: <20130701200411.1BDC732020@maintenance.suse.de> SUSE Recommended Update: Recommended update for rsh ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1114-1 Rating: important References: #816514 #822721 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes an error handling issue in rlogind that could make it fail to accept connections from rlogin clients. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-rsh-7923 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-rsh-7923 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-rsh-7909 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-rsh-7909 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-rsh-7923 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-rsh-7909 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): rsh-0.17-706.20.1 rsh-server-0.17-706.20.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): rsh-0.17-706.20.1 rsh-server-0.17-706.20.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): rsh-0.17-706.20.1 rsh-server-0.17-706.20.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): rsh-0.17-706.20.1 rsh-server-0.17-706.20.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): rsh-0.17-706.20.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): rsh-0.17-706.20.1 References: https://bugzilla.novell.com/816514 https://bugzilla.novell.com/822721 http://download.novell.com/patch/finder/?keywords=9fcefffcd69bf27381efc308b8ee08dc http://download.novell.com/patch/finder/?keywords=aff9db21baf52159ce238f812074a623 From sle-updates at lists.suse.com Mon Jul 1 14:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 22:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1115-1: moderate: Recommended update for ksh Message-ID: <20130701200414.A035032139@maintenance.suse.de> SUSE Recommended Update: Recommended update for ksh ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1115-1 Rating: moderate References: #808449 #814135 #824187 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for Korn Shell provides fixes for the following issues: * #808449: set -k does not work properly with ksh-93t-13.17 and higher * #814135: crash in bestreclaim() after traversing a memory block with a very large size * #824187: set -k breaks aliases with ksh-93u. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-ksh-7905 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ksh-7865 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ksh-7905 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ksh-7905 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ksh-7865 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ksh-7865 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-ksh-7905 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ksh-7865 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): ksh-devel-93u-0.22.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ksh-devel-93u-0.22.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-93u-0.27.5 ksh-devel-93u-0.27.5 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ksh-93u-0.22.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 93u]: ksh-93u-0.27.5 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 93u]: ksh-devel-93u-0.27.5 References: https://bugzilla.novell.com/808449 https://bugzilla.novell.com/814135 https://bugzilla.novell.com/824187 http://download.novell.com/patch/finder/?keywords=2cfe09f9102e196a2446bf3838a3c94c http://download.novell.com/patch/finder/?keywords=75c4a44739ca1fb4445752cb3a505ff3 http://download.novell.com/patch/finder/?keywords=cbb4a040d70cda979f4402c702eb8a16 From sle-updates at lists.suse.com Mon Jul 1 14:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jul 2013 22:04:18 +0200 (CEST) Subject: SUSE-RU-2013:1116-1: Recommended update for sles-release Message-ID: <20130701200418.6D7D932020@maintenance.suse.de> SUSE Recommended Update: Recommended update for sles-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1116-1 Rating: low References: #817859 Affected Products: WebYaST 1.3 Subscription Management Tool 11 SP2 SUSE Linux Enterprise Real Time 11 SP2 SUSE Lifecycle Management Server 1.3 SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update ensures that SUSE Linux Enterprise Real Time 11 SP2 stays on SUSE Linux Enterprise 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.3: zypper in -t patch slewyst13-sles-release-7788 - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-sles-release-7789 - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-sles-release-7783 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-sles-release-7782 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-sles-release-7784 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.3 (i586 ia64 ppc64 s390x x86_64): sles-release-11.2-2.1 - Subscription Management Tool 11 SP2 (i586 s390x x86_64): sles-release-11.2-2.1 - SUSE Linux Enterprise Real Time 11 SP2 (x86_64): sles-release-11.2-2.1 - SUSE Lifecycle Management Server 1.3 (x86_64): sles-release-11.2-2.1 - SUSE Cloud 1.0 (x86_64): sles-release-11.2-2.1 References: https://bugzilla.novell.com/817859 http://download.novell.com/patch/finder/?keywords=005513961d744319c946996a79d97ee6 http://download.novell.com/patch/finder/?keywords=af1d892a6ac3888d2b4754175d927086 http://download.novell.com/patch/finder/?keywords=d0f969ce3bbe597c127be5f0ebd995df http://download.novell.com/patch/finder/?keywords=e23adf7dbc6624503c6f1df0c2f4b23f http://download.novell.com/patch/finder/?keywords=e2b79f7c7b2905e17396af4306e823de From sle-updates at lists.suse.com Tue Jul 2 11:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jul 2013 19:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1124-1: Recommended update for suse-ami-tools Message-ID: <20130702170412.71ADF32015@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-ami-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1124-1 Rating: low References: #815457 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the following fixes and enhancements: * Fix the OBS and IBS targets for suse-ami-tools * Add motd files for openSUSE 13.1, 12.3 and 12.2 * Remove motd files for no longer supported openSUSE 11.4 * Fix the repo path for WebYaST for SLE 11 SP3 * Create repo setup for 32 bit SLE 11 SP3 * Add OBS target to Makefile to update the OBS project * Add support for SLE11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-suse-ami-tools-7971 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 1.0.8]: suse-ami-tools-1.0.8-0.6.2.1 References: https://bugzilla.novell.com/815457 http://download.novell.com/patch/finder/?keywords=eb34a296ae8ef9db81393eac3f36c22f From sle-updates at lists.suse.com Tue Jul 2 11:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jul 2013 19:04:16 +0200 (CEST) Subject: SUSE-OU-2013:1125-1: Optional update for WALinuxAgent Message-ID: <20130702170416.72CE132068@maintenance.suse.de> SUSE Optional Update: Optional update for WALinuxAgent ______________________________________________________________________________ Announcement ID: SUSE-OU-2013:1125-1 Rating: low References: #815457 Affected Products: SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: The Windows Azure Linux Agent supports the provisioning and running of Linux VMs in the Windows Azure cloud. This package should be installed on Linux disk images that are built to run in the Windows Azure environment. Indications: Every Windows Azure user should install this update. Contraindications: Indications: Every Windows Azure user should install this update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-WALinuxAgent-7927 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (noarch): WALinuxAgent-1.3.2-0.5.28 References: https://bugzilla.novell.com/815457 http://download.novell.com/patch/finder/?keywords=2c1b35449689e995d10f7ee81f6d70ea From sle-updates at lists.suse.com Tue Jul 2 11:04:20 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jul 2013 19:04:20 +0200 (CEST) Subject: SUSE-SU-2013:0835-3: important: Security update for IBM Java Message-ID: <20130702170420.39A4A32068@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0835-3 Rating: important References: #592934 #819288 Cross-References: CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: IBM Java 1.6.0 has been updated to SR13-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Security Issue references: * CVE-2013-2422 * CVE-2013-1491 * CVE-2013-2435 * CVE-2013-2420 * CVE-2013-2432 * CVE-2013-1569 * CVE-2013-2384 * CVE-2013-2383 * CVE-2013-1557 * CVE-2013-1537 * CVE-2013-2440 * CVE-2013-2429 * CVE-2013-2430 * CVE-2013-1563 * CVE-2013-2394 * CVE-2013-0401 * CVE-2013-2424 * CVE-2013-2419 * CVE-2013-2417 * CVE-2013-2418 * CVE-2013-1540 * CVE-2013-2433 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-7920 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-7920 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-7920 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr13.2-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.2-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-0401.html http://support.novell.com/security/cve/CVE-2013-1491.html http://support.novell.com/security/cve/CVE-2013-1537.html http://support.novell.com/security/cve/CVE-2013-1540.html http://support.novell.com/security/cve/CVE-2013-1557.html http://support.novell.com/security/cve/CVE-2013-1563.html http://support.novell.com/security/cve/CVE-2013-1569.html http://support.novell.com/security/cve/CVE-2013-2383.html http://support.novell.com/security/cve/CVE-2013-2384.html http://support.novell.com/security/cve/CVE-2013-2394.html http://support.novell.com/security/cve/CVE-2013-2417.html http://support.novell.com/security/cve/CVE-2013-2418.html http://support.novell.com/security/cve/CVE-2013-2419.html http://support.novell.com/security/cve/CVE-2013-2420.html http://support.novell.com/security/cve/CVE-2013-2422.html http://support.novell.com/security/cve/CVE-2013-2424.html http://support.novell.com/security/cve/CVE-2013-2429.html http://support.novell.com/security/cve/CVE-2013-2430.html http://support.novell.com/security/cve/CVE-2013-2432.html http://support.novell.com/security/cve/CVE-2013-2433.html http://support.novell.com/security/cve/CVE-2013-2435.html http://support.novell.com/security/cve/CVE-2013-2440.html https://bugzilla.novell.com/592934 https://bugzilla.novell.com/819288 http://download.novell.com/patch/finder/?keywords=62974895920e0150fbefc2d3825d8cf3 From sle-updates at lists.suse.com Tue Jul 2 13:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jul 2013 21:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1126-1: important: Recommended update for supportutils-plugin-susecloud Message-ID: <20130702190414.7ED8332020@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils-plugin-susecloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1126-1 Rating: important References: #794552 #808887 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update contains: * Update to latest git (997cdb9) o Refactor plog_files and pconf_files o Censor passwords in collected files (bnc#808887) * Automate inclusion of git commit id and timestamp in version number * Update to latest git * Include git commit id and timestamp in version number * Capture /srv/tftpboot/discovery/pxelinux.cfg (bnc#794552) * Cosmetic output tweak * Make Makefile always rebuild .tar.gz, since there is no way it can tell whether the upstream git repo changed or not. * Fix for a packaging issue Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-supportutils-plugin-susecloud-7934 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch) [New Version: 1.0.1371809865.997cdb9]: supportutils-plugin-susecloud-1.0.1371809865.997cdb9-0.5.1 References: https://bugzilla.novell.com/794552 https://bugzilla.novell.com/808887 http://download.novell.com/patch/finder/?keywords=4f74e896d5a6d43620e9c6cfcc94fbc6 From sle-updates at lists.suse.com Wed Jul 3 07:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jul 2013 15:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1130-1: important: Recommended update for multipath-tools Message-ID: <20130703130411.C0C0332020@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1130-1 Rating: important References: #821419 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for multipath-tools fixes a potential thread stack overflow when using some functions from libudev. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kpartx-7902 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kpartx-7902 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kpartx-7902 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): kpartx-0.4.9-0.85.3 multipath-tools-0.4.9-0.85.3 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): kpartx-0.4.9-0.85.3 multipath-tools-0.4.9-0.85.3 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): kpartx-0.4.9-0.85.3 multipath-tools-0.4.9-0.85.3 References: https://bugzilla.novell.com/821419 http://download.novell.com/patch/finder/?keywords=ffb8c5173292b249db3db41633116a11 From sle-updates at lists.suse.com Wed Jul 3 07:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jul 2013 15:04:15 +0200 (CEST) Subject: SUSE-SU-2013:0871-2: important: Security update for IBM Java Message-ID: <20130703130415.57BCF32020@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0871-2 Rating: important References: #592934 #819285 #819288 Cross-References: CVE-2013-0401 CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2433 CVE-2013-2435 CVE-2013-2440 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: IBM Java 1.7.0 has been updated to SR4-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ Security Issue references: * CVE-2013-2422 * CVE-2013-1491 * CVE-2013-2435 * CVE-2013-2420 * CVE-2013-2432 * CVE-2013-1569 * CVE-2013-2384 * CVE-2013-2383 * CVE-2013-1557 * CVE-2013-1537 * CVE-2013-2440 * CVE-2013-2429 * CVE-2013-2430 * CVE-2013-1563 * CVE-2013-2394 * CVE-2013-0401 * CVE-2013-2424 * CVE-2013-2419 * CVE-2013-2417 * CVE-2013-2418 * CVE-2013-1540 * CVE-2013-2433 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_7_0-ibm-7921 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_7_0-ibm-7921 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_7_0-ibm-7921 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-alsa-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.2-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr4.2-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.2-0.6.1 References: http://support.novell.com/security/cve/CVE-2013-0401.html http://support.novell.com/security/cve/CVE-2013-1491.html http://support.novell.com/security/cve/CVE-2013-1537.html http://support.novell.com/security/cve/CVE-2013-1540.html http://support.novell.com/security/cve/CVE-2013-1557.html http://support.novell.com/security/cve/CVE-2013-1563.html http://support.novell.com/security/cve/CVE-2013-1569.html http://support.novell.com/security/cve/CVE-2013-2383.html http://support.novell.com/security/cve/CVE-2013-2384.html http://support.novell.com/security/cve/CVE-2013-2394.html http://support.novell.com/security/cve/CVE-2013-2417.html http://support.novell.com/security/cve/CVE-2013-2418.html http://support.novell.com/security/cve/CVE-2013-2419.html http://support.novell.com/security/cve/CVE-2013-2420.html http://support.novell.com/security/cve/CVE-2013-2422.html http://support.novell.com/security/cve/CVE-2013-2424.html http://support.novell.com/security/cve/CVE-2013-2429.html http://support.novell.com/security/cve/CVE-2013-2430.html http://support.novell.com/security/cve/CVE-2013-2432.html http://support.novell.com/security/cve/CVE-2013-2433.html http://support.novell.com/security/cve/CVE-2013-2435.html http://support.novell.com/security/cve/CVE-2013-2440.html https://bugzilla.novell.com/592934 https://bugzilla.novell.com/819285 https://bugzilla.novell.com/819288 http://download.novell.com/patch/finder/?keywords=735ff60a60ece53569a56a53ea726bcd From sle-updates at lists.suse.com Wed Jul 3 07:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jul 2013 15:04:19 +0200 (CEST) Subject: SUSE-RU-2013:1131-1: Recommended update for studio-help Message-ID: <20130703130419.4AAE632139@maintenance.suse.de> SUSE Recommended Update: Recommended update for studio-help ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1131-1 Rating: low References: #792839 #806795 #819110 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of SUSE Studio documentation. The changes in detail are: * Document workaround for "tap:aio" disk protocol issue on Xen guests. (bnc#792839) * Fix broken link. (bnc#806795) * Review studio help package. (bnc#819110) * Add configuration for Azure * Add support overview page * Review pae configuration * Add missing elements in appliance configuration * PUT /api/v2/user/appliances//configuration result corrected * Added a beta notice on the appliance importing page * Fixed parameters for gallery appliance search. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-studio-help-7877 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (noarch) [New Version: 1.3.4]: studio-help-1.3.4-0.5.1 References: https://bugzilla.novell.com/792839 https://bugzilla.novell.com/806795 https://bugzilla.novell.com/819110 http://download.novell.com/patch/finder/?keywords=b8c1f94a791dde2db0fc0ccca422f5e3 From sle-updates at lists.suse.com Wed Jul 3 11:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jul 2013 19:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1058-2: Security update for gpg2 Message-ID: <20130703170411.23C5E320E8@maintenance.suse.de> SUSE Security Update: Security update for gpg2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1058-2 Rating: low References: #780943 #798465 #808958 Cross-References: CVE-2012-6085 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for gpg2 provides the following fixes: * #780943: Set proper file permissions when en/de-crypting files. * #798465: Fix an issue that could cause corruption of the public keys database. (CVE-2012-6085) * #808958: Select proper ciphers when running in FIPS mode. Security Issue reference: * CVE-2012-6085 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gpg2-7919 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gpg2-7919 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gpg2-7919 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gpg2-2.0.9-25.33.33.5 gpg2-lang-2.0.9-25.33.33.5 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gpg2-2.0.9-25.33.33.5 gpg2-lang-2.0.9-25.33.33.5 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gpg2-2.0.9-25.33.33.5 gpg2-lang-2.0.9-25.33.33.5 References: http://support.novell.com/security/cve/CVE-2012-6085.html https://bugzilla.novell.com/780943 https://bugzilla.novell.com/798465 https://bugzilla.novell.com/808958 http://download.novell.com/patch/finder/?keywords=fa49b353b606098b10b9beb0800c9c56 From sle-updates at lists.suse.com Wed Jul 3 12:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jul 2013 20:04:11 +0200 (CEST) Subject: SUSE-OU-2013:1125-2: Optional update for suse-ami-tools Message-ID: <20130703180411.A7E843201E@maintenance.suse.de> SUSE Optional Update: Optional update for suse-ami-tools ______________________________________________________________________________ Announcement ID: SUSE-OU-2013:1125-2 Rating: low References: #815457 Affected Products: SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides the necessary tools for running SUSE Linux Enterprise Server on Amazon Elastic Cloud Computing Services. For more information, please visit http://aws.amazon.com/suse/ . Indications: Every Amazon EC2 user should install this update. Contraindications: Indications: Every Amazon EC2 user should install this update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kernel-ec2-7946 slessp3-suse-ami-tools-7945 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): kernel-ec2-3.0.76-0.11.1 kernel-ec2-base-3.0.76-0.11.1 kernel-ec2-devel-3.0.76-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): suse-ami-tools-1.0.8-0.7.1 References: https://bugzilla.novell.com/815457 http://download.novell.com/patch/finder/?keywords=97b1df94261477e655f723208e3b633c http://download.novell.com/patch/finder/?keywords=dad03b03866ce1bb731fbad581f78cd8 From sle-updates at lists.suse.com Wed Jul 3 17:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jul 2013 01:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1135-1: Recommended update for crowbar Message-ID: <20130703230411.50EC232015@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1135-1 Rating: low References: #825449 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issue: * .ssh/authorized_keys is overwritten (bnc#825449) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-7916 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch): crowbar-1.2+git.1371020029.2e9cddc-0.5.4 References: https://bugzilla.novell.com/825449 http://download.novell.com/patch/finder/?keywords=a32aa6a17ee178318bdfde0b09252643 From sle-updates at lists.suse.com Wed Jul 3 17:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jul 2013 01:04:15 +0200 (CEST) Subject: SUSE-RU-2013:1136-1: Recommended update for yast2-crowbar Message-ID: <20130703230415.36FA5320DB@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1136-1 Rating: low References: #787533 #788161 #788945 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update fixes the following issues: * for admin password, /etc/crowbar/crowbar.json is now changed, not bc-template-crowbar.json (bnc#788161) * fixed a typo in pop-up text (bnc#788945) * enable viewing table items even when changes are not allowed (bnc#787533) * check for broken JSON file. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-yast2-crowbar-7941 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch) [New Version: 2.17.29]: yast2-crowbar-2.17.29-0.6.2.1 References: https://bugzilla.novell.com/787533 https://bugzilla.novell.com/788161 https://bugzilla.novell.com/788945 http://download.novell.com/patch/finder/?keywords=baeeca1e78224d15e9462b6508c4e761 From sle-updates at lists.suse.com Wed Jul 3 17:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jul 2013 01:04:18 +0200 (CEST) Subject: SUSE-RU-2013:1137-1: Recommended update for crowbar-barclamp-crowbar Message-ID: <20130703230418.D78A832015@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1137-1 Rating: low References: #826420 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an issue with logrotate (bnc#826420). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-barclamp-crowbar-8002 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch): crowbar-barclamp-crowbar-1.2+git.1368790381.d349fcf-0.9.1 References: https://bugzilla.novell.com/826420 http://download.novell.com/patch/finder/?keywords=5202df8272e56cfd8cad8da7c6e2172e From sle-updates at lists.suse.com Wed Jul 3 18:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jul 2013 02:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1138-1: moderate: Recommended update for release-notes-sles Message-ID: <20130704000410.8CC3B32000@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1138-1 Rating: moderate References: #802764 #815270 #818299 #818303 #825298 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes one version update. Description: * Version 11.2.0.46 (bnc#815270) contains the following: o Updated entries: + Video and Stream Processing (bnc#818303, via fate#314884) + Major advances in supporting iSCSI and FCoE (bnc#818299, via fate#311801) + Automated LUN scanning (NPIV only) (bnc#825298, via fate) o New entry: Lustre kernel support (bnc#802764, via fate#314679) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-201306-7988 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-201306-7988 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.46]: release-notes-SLES-for-VMware-11.2.0.46-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.46]: release-notes-sles-11.2.0.46-0.14.1 References: https://bugzilla.novell.com/802764 https://bugzilla.novell.com/815270 https://bugzilla.novell.com/818299 https://bugzilla.novell.com/818303 https://bugzilla.novell.com/825298 http://download.novell.com/patch/finder/?keywords=72088f4da54b9be78a78c556c43b683a From sle-updates at lists.suse.com Thu Jul 4 14:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jul 2013 22:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1060-2: important: Security update for GnuTLS Message-ID: <20130704200410.715C132023@maintenance.suse.de> SUSE Security Update: Security update for GnuTLS ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1060-2 Rating: important References: #821818 Cross-References: CVE-2013-2116 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of GnuTLS fixes a regression introduced by the previous update that could have resulted in a Denial of Service (application crash). Security Issue reference: * CVE-2013-2116 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gnutls-7918 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gnutls-7918 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gnutls-7918 - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-gnutls-7918 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gnutls-7918 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgnutls-devel-2.4.1-24.39.47.1 libgnutls-extra-devel-2.4.1-24.39.47.1 libgnutls-extra26-2.4.1-24.39.47.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gnutls-2.4.1-24.39.47.1 libgnutls-extra26-2.4.1-24.39.47.1 libgnutls26-2.4.1-24.39.47.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libgnutls26-32bit-2.4.1-24.39.47.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gnutls-2.4.1-24.39.47.1 libgnutls-extra26-2.4.1-24.39.47.1 libgnutls26-2.4.1-24.39.47.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libgnutls26-32bit-2.4.1-24.39.47.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libgnutls26-x86-2.4.1-24.39.47.1 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgnutls-extra26-2.4.1-24.39.47.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gnutls-2.4.1-24.39.47.1 libgnutls26-2.4.1-24.39.47.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgnutls26-32bit-2.4.1-24.39.47.1 References: http://support.novell.com/security/cve/CVE-2013-2116.html https://bugzilla.novell.com/821818 http://download.novell.com/patch/finder/?keywords=adf9719f0b0ed0da7989b5e53af8854c From sle-updates at lists.suse.com Thu Jul 4 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 00:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1144-1: Recommended update for LibreOffice Message-ID: <20130704220410.867E832020@maintenance.suse.de> SUSE Recommended Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1144-1 Rating: low References: #404221 #437516 #492440 #590020 #592908 #615357 #657905 #699334 #705982 #719988 #734733 #734735 #753462 #758621 #769448 #777788 #779630 #779642 #780645 #780748 #780830 #793414 #795857 #796875 #798268 #798271 #798309 #801152 #802350 #805071 #805901 #809017 #809449 #810508 #812793 #813291 #813528 #816516 #816583 #816603 #817250 #818997 #819614 #819882 #820196 #820385 #820786 #820792 #821586 #823111 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 50 recommended fixes can now be installed. It includes three new package versions. Description: LibreOffice 4.0 provides significant improvements mainly in interoperability with Microsoft Office, and other areas: General * Visio and MS Publisher document import * Integration Content Management Systems via CMIS standard * Improvements in OOXML and RTF import and export filters Writer * Different header and footer on first page * Extra word boundary characters and word count options Calc * Conditional formatting improvements * Increased size limit of ODF documents from 2GB to 4GB * Export single charts as PNG or JPEG pictures * New functions as defined in ODF OpenFormula UI * New templates manager * Support for Firefox Personas Performance * Faster ODS, XLSX, and RTF import The updated version also provides many bug fixes, including but not limited to: * WebDAV locking (bnc#805901) * EMF transparency handling (bnc#820385) * Black background in PDF export (bnc#795857) * Base reports crasher (fdo#64279, bnc#821586) * Invalidated java setting (bnc#820196) * Line alignment in DOCX import (bnc#820792) * Missing picture in DOCX import (bnc#819882) * Missing text boxes in PPT import (bnc#758621) * Better size guessing in DOCX import (bnc#779630) * Correct sizes for EMF+ bitmap rendering (bnc#795857) * Page breaks between shapes in RTF import (bnc#818997) * Broken rotated Draw objects in PDF export (bnc#817250) * Text and graphics overlapping in DOC import (bnc#816603) * Missing chart boxes and lines in PPTX import (bnc#819614) * Best effort mapping of the OOXML patterns to our hatches (bnc#820786) * Legacy diagram PPTX import (bnc#699334) * Animations inside SmartArt (bnc#705982) * Table layout in DOCX import (bnc#780645) * VBA macro fails in PageSetUp (bnc#813528) * Shapes location in DOCX import (bnc#816583) * Wrong bullet color in PPTX import (bnc#719988) * Pull-down selections in DOCX import (bnc#779630) * Shape with background in XLSX import (bnc#798309) * Import of scattered and bubble charts (bnc#810508) * Transparent background in EMF+ import (bnc#812793) * Wrong background color in PPTX import (bnc#734733) * Frame's background color in DOCX import (bnc#592908) * Bullet points are not indented correctly (bnc#793414) * Axis labels with percentage in PPTX import (bnc#813291) * Better fix for default PDF export directory (bnc#777788) * Implement easy access to the recent documents (bnc#816516) * VBA macro fails with error "Incorrect Property Value" (bnc#809017) * VBA macro fails with "objCmd.ActiveConnection = Nothing" (bnc#805071) * Left margin of bullet (bnc#793414) * Color issue in PPTX import (bnc#780830) * Rehash basic unit test framework (bnc#805071) * Display the scaled font size in the toolbar (bnc#657905) * Use number format, if available, for charts (bnc#734735) * Shape with background are missed in XLSX import (bnc#798309) * Detect follow-on default member of default member object (bnc#809017) * Fix filtering of provides and requires (bnc#809449) * Floating tables in DOCX import (bnc#779642) * Basic EMF+ implementation (bnc#780748) * Sort data points (bnc#590020) * Sort autofilter popup items correctly (bnc#492440) * Cell validation is not a special content (bnc#802350) * Default paths for exporting documents and PDFs (bnc#777788) * Drawing text with font size 0 causes artifacts (bnc#753462) * Scan all columns to determine the first data row (bnc#801152) * Hide minimum password info in the password dialog (bnc#437516) * Text rotation in shapes in PPTX export (fdo#34897, bnc#404221, fdo#58204) * Recompile cells with #NAME! for English function name option (bnc#615357) * Enable startup notification (bnc#796875) * Remove obsolete unopkg calls from post install scripts; the cache is removed by the main package and not longer used (bnc#769448) * Use libreoffice-branding >= 4.0 build requires; we need the optimized one (bnc#798268) * Enable startup notification (bnc#796875) * Do not delete PropertyMapEntry instance (bnc#798271). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libreoffice-40-8006 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libreoffice-40-8006 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 4.0.3.3.5]: libreoffice-4.0.3.3.5-0.5.1 libreoffice-base-4.0.3.3.5-0.5.1 libreoffice-base-drivers-postgresql-4.0.3.3.5-0.5.1 libreoffice-base-extensions-4.0.3.3.5-0.5.1 libreoffice-calc-4.0.3.3.5-0.5.1 libreoffice-calc-extensions-4.0.3.3.5-0.5.1 libreoffice-draw-4.0.3.3.5-0.5.1 libreoffice-draw-extensions-4.0.3.3.5-0.5.1 libreoffice-filters-optional-4.0.3.3.5-0.5.1 libreoffice-gnome-4.0.3.3.5-0.5.1 libreoffice-impress-4.0.3.3.5-0.5.1 libreoffice-impress-extensions-4.0.3.3.5-0.5.1 libreoffice-kde-4.0.3.3.5-0.5.1 libreoffice-kde4-4.0.3.3.5-0.5.1 libreoffice-l10n-prebuilt-4.0.3.3.5-0.5.1 libreoffice-mailmerge-4.0.3.3.5-0.5.1 libreoffice-math-4.0.3.3.5-0.5.1 libreoffice-mono-4.0.3.3.5-0.5.1 libreoffice-officebean-4.0.3.3.5-0.5.1 libreoffice-pyuno-4.0.3.3.5-0.5.1 libreoffice-sdk-4.0.3.3.5-0.5.1 libreoffice-writer-4.0.3.3.5-0.5.1 libreoffice-writer-extensions-4.0.3.3.5-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch) [New Version: 2.0,4.0 and 4.0.3.3.5]: libreoffice-branding-SLED-4.0-0.3.2 libreoffice-branding-upstream-4.0.3.3.5-0.5.1 libreoffice-help-cs-4.0.3.3.5-0.5.1 libreoffice-help-da-4.0.3.3.5-0.5.1 libreoffice-help-de-4.0.3.3.5-0.5.1 libreoffice-help-en-GB-4.0.3.3.5-0.5.1 libreoffice-help-en-US-4.0.3.3.5-0.5.1 libreoffice-help-es-4.0.3.3.5-0.5.1 libreoffice-help-fr-4.0.3.3.5-0.5.1 libreoffice-help-gu-IN-4.0.3.3.5-0.5.1 libreoffice-help-hi-IN-4.0.3.3.5-0.5.1 libreoffice-help-hu-4.0.3.3.5-0.5.1 libreoffice-help-it-4.0.3.3.5-0.5.1 libreoffice-help-ja-4.0.3.3.5-0.5.1 libreoffice-help-ko-4.0.3.3.5-0.5.1 libreoffice-help-nl-4.0.3.3.5-0.5.1 libreoffice-help-pl-4.0.3.3.5-0.5.1 libreoffice-help-pt-4.0.3.3.5-0.5.1 libreoffice-help-pt-BR-4.0.3.3.5-0.5.1 libreoffice-help-ru-4.0.3.3.5-0.5.1 libreoffice-help-sv-4.0.3.3.5-0.5.1 libreoffice-help-zh-CN-4.0.3.3.5-0.5.1 libreoffice-help-zh-TW-4.0.3.3.5-0.5.1 libreoffice-icon-themes-4.0.3.3.5-0.5.1 libreoffice-l10n-af-4.0.3.3.5-0.5.1 libreoffice-l10n-ar-4.0.3.3.5-0.5.1 libreoffice-l10n-ca-4.0.3.3.5-0.5.1 libreoffice-l10n-cs-4.0.3.3.5-0.5.1 libreoffice-l10n-da-4.0.3.3.5-0.5.1 libreoffice-l10n-de-4.0.3.3.5-0.5.1 libreoffice-l10n-el-4.0.3.3.5-0.5.1 libreoffice-l10n-en-GB-4.0.3.3.5-0.5.1 libreoffice-l10n-es-4.0.3.3.5-0.5.1 libreoffice-l10n-fi-4.0.3.3.5-0.5.1 libreoffice-l10n-fr-4.0.3.3.5-0.5.1 libreoffice-l10n-gu-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hi-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hu-4.0.3.3.5-0.5.1 libreoffice-l10n-it-4.0.3.3.5-0.5.1 libreoffice-l10n-ja-4.0.3.3.5-0.5.1 libreoffice-l10n-ko-4.0.3.3.5-0.5.1 libreoffice-l10n-nb-4.0.3.3.5-0.5.1 libreoffice-l10n-nl-4.0.3.3.5-0.5.1 libreoffice-l10n-nn-4.0.3.3.5-0.5.1 libreoffice-l10n-pl-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-BR-4.0.3.3.5-0.5.1 libreoffice-l10n-ru-4.0.3.3.5-0.5.1 libreoffice-l10n-sk-4.0.3.3.5-0.5.1 libreoffice-l10n-sv-4.0.3.3.5-0.5.1 libreoffice-l10n-xh-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-CN-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-TW-4.0.3.3.5-0.5.1 libreoffice-l10n-zu-4.0.3.3.5-0.5.1 libreoffice-languagetool-2.0-0.3.7 libreoffice-languagetool-de-2.0-0.3.7 libreoffice-languagetool-en-2.0-0.3.7 libreoffice-languagetool-es-2.0-0.3.7 libreoffice-languagetool-fr-2.0-0.3.7 libreoffice-languagetool-it-2.0-0.3.7 libreoffice-languagetool-nl-2.0-0.3.7 libreoffice-languagetool-pl-2.0-0.3.7 libreoffice-languagetool-sv-2.0-0.3.7 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 4.0.3.3.5]: libreoffice-4.0.3.3.5-0.5.1 libreoffice-base-4.0.3.3.5-0.5.1 libreoffice-base-drivers-postgresql-4.0.3.3.5-0.5.1 libreoffice-base-extensions-4.0.3.3.5-0.5.1 libreoffice-calc-4.0.3.3.5-0.5.1 libreoffice-calc-extensions-4.0.3.3.5-0.5.1 libreoffice-draw-4.0.3.3.5-0.5.1 libreoffice-draw-extensions-4.0.3.3.5-0.5.1 libreoffice-filters-optional-4.0.3.3.5-0.5.1 libreoffice-gnome-4.0.3.3.5-0.5.1 libreoffice-impress-4.0.3.3.5-0.5.1 libreoffice-impress-extensions-4.0.3.3.5-0.5.1 libreoffice-kde-4.0.3.3.5-0.5.1 libreoffice-kde4-4.0.3.3.5-0.5.1 libreoffice-mailmerge-4.0.3.3.5-0.5.1 libreoffice-math-4.0.3.3.5-0.5.1 libreoffice-mono-4.0.3.3.5-0.5.1 libreoffice-officebean-4.0.3.3.5-0.5.1 libreoffice-pyuno-4.0.3.3.5-0.5.1 libreoffice-writer-4.0.3.3.5-0.5.1 libreoffice-writer-extensions-4.0.3.3.5-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 2.0,4.0 and 4.0.3.3.5]: libreoffice-branding-SLED-4.0-0.3.2 libreoffice-help-cs-4.0.3.3.5-0.5.1 libreoffice-help-da-4.0.3.3.5-0.5.1 libreoffice-help-de-4.0.3.3.5-0.5.1 libreoffice-help-en-GB-4.0.3.3.5-0.5.1 libreoffice-help-en-US-4.0.3.3.5-0.5.1 libreoffice-help-es-4.0.3.3.5-0.5.1 libreoffice-help-fr-4.0.3.3.5-0.5.1 libreoffice-help-gu-IN-4.0.3.3.5-0.5.1 libreoffice-help-hi-IN-4.0.3.3.5-0.5.1 libreoffice-help-hu-4.0.3.3.5-0.5.1 libreoffice-help-it-4.0.3.3.5-0.5.1 libreoffice-help-ja-4.0.3.3.5-0.5.1 libreoffice-help-ko-4.0.3.3.5-0.5.1 libreoffice-help-nl-4.0.3.3.5-0.5.1 libreoffice-help-pl-4.0.3.3.5-0.5.1 libreoffice-help-pt-4.0.3.3.5-0.5.1 libreoffice-help-pt-BR-4.0.3.3.5-0.5.1 libreoffice-help-ru-4.0.3.3.5-0.5.1 libreoffice-help-sv-4.0.3.3.5-0.5.1 libreoffice-help-zh-CN-4.0.3.3.5-0.5.1 libreoffice-help-zh-TW-4.0.3.3.5-0.5.1 libreoffice-icon-themes-4.0.3.3.5-0.5.1 libreoffice-l10n-af-4.0.3.3.5-0.5.1 libreoffice-l10n-ar-4.0.3.3.5-0.5.1 libreoffice-l10n-ca-4.0.3.3.5-0.5.1 libreoffice-l10n-cs-4.0.3.3.5-0.5.1 libreoffice-l10n-da-4.0.3.3.5-0.5.1 libreoffice-l10n-de-4.0.3.3.5-0.5.1 libreoffice-l10n-en-GB-4.0.3.3.5-0.5.1 libreoffice-l10n-es-4.0.3.3.5-0.5.1 libreoffice-l10n-fi-4.0.3.3.5-0.5.1 libreoffice-l10n-fr-4.0.3.3.5-0.5.1 libreoffice-l10n-gu-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hi-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hu-4.0.3.3.5-0.5.1 libreoffice-l10n-it-4.0.3.3.5-0.5.1 libreoffice-l10n-ja-4.0.3.3.5-0.5.1 libreoffice-l10n-ko-4.0.3.3.5-0.5.1 libreoffice-l10n-nb-4.0.3.3.5-0.5.1 libreoffice-l10n-nl-4.0.3.3.5-0.5.1 libreoffice-l10n-nn-4.0.3.3.5-0.5.1 libreoffice-l10n-pl-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-BR-4.0.3.3.5-0.5.1 libreoffice-l10n-ru-4.0.3.3.5-0.5.1 libreoffice-l10n-sk-4.0.3.3.5-0.5.1 libreoffice-l10n-sv-4.0.3.3.5-0.5.1 libreoffice-l10n-xh-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-CN-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-TW-4.0.3.3.5-0.5.1 libreoffice-l10n-zu-4.0.3.3.5-0.5.1 libreoffice-languagetool-2.0-0.3.7 libreoffice-languagetool-de-2.0-0.3.7 libreoffice-languagetool-en-2.0-0.3.7 libreoffice-languagetool-es-2.0-0.3.7 libreoffice-languagetool-fr-2.0-0.3.7 libreoffice-languagetool-it-2.0-0.3.7 libreoffice-languagetool-nl-2.0-0.3.7 libreoffice-languagetool-pl-2.0-0.3.7 libreoffice-languagetool-sv-2.0-0.3.7 References: https://bugzilla.novell.com/404221 https://bugzilla.novell.com/437516 https://bugzilla.novell.com/492440 https://bugzilla.novell.com/590020 https://bugzilla.novell.com/592908 https://bugzilla.novell.com/615357 https://bugzilla.novell.com/657905 https://bugzilla.novell.com/699334 https://bugzilla.novell.com/705982 https://bugzilla.novell.com/719988 https://bugzilla.novell.com/734733 https://bugzilla.novell.com/734735 https://bugzilla.novell.com/753462 https://bugzilla.novell.com/758621 https://bugzilla.novell.com/769448 https://bugzilla.novell.com/777788 https://bugzilla.novell.com/779630 https://bugzilla.novell.com/779642 https://bugzilla.novell.com/780645 https://bugzilla.novell.com/780748 https://bugzilla.novell.com/780830 https://bugzilla.novell.com/793414 https://bugzilla.novell.com/795857 https://bugzilla.novell.com/796875 https://bugzilla.novell.com/798268 https://bugzilla.novell.com/798271 https://bugzilla.novell.com/798309 https://bugzilla.novell.com/801152 https://bugzilla.novell.com/802350 https://bugzilla.novell.com/805071 https://bugzilla.novell.com/805901 https://bugzilla.novell.com/809017 https://bugzilla.novell.com/809449 https://bugzilla.novell.com/810508 https://bugzilla.novell.com/812793 https://bugzilla.novell.com/813291 https://bugzilla.novell.com/813528 https://bugzilla.novell.com/816516 https://bugzilla.novell.com/816583 https://bugzilla.novell.com/816603 https://bugzilla.novell.com/817250 https://bugzilla.novell.com/818997 https://bugzilla.novell.com/819614 https://bugzilla.novell.com/819882 https://bugzilla.novell.com/820196 https://bugzilla.novell.com/820385 https://bugzilla.novell.com/820786 https://bugzilla.novell.com/820792 https://bugzilla.novell.com/821586 https://bugzilla.novell.com/823111 http://download.novell.com/patch/finder/?keywords=f9d61ff78803cca5f25b9244b212185e From sle-updates at lists.suse.com Thu Jul 4 20:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 04:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1144-2: Recommended update for LibreOffice Message-ID: <20130705020410.D14BD31FF8@maintenance.suse.de> SUSE Recommended Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1144-2 Rating: low References: #404221 #437516 #492440 #590020 #592908 #615357 #657905 #699334 #705982 #719988 #734733 #734735 #753462 #758621 #769448 #777788 #779630 #779642 #780645 #780748 #780830 #793414 #795857 #796875 #798268 #798271 #798309 #801152 #802350 #805071 #805901 #809017 #809449 #810508 #812793 #813291 #813528 #816516 #816583 #816603 #817250 #818997 #819614 #819882 #820196 #820385 #820786 #820792 #821586 #823111 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 50 recommended fixes can now be installed. It includes three new package versions. Description: LibreOffice 4.0 provides significant improvements mainly in interoperability with Microsoft Office, and other areas: General * Visio and MS Publisher document import * Integration Content Management Systems via CMIS standard * Improvements in OOXML and RTF import and export filters Writer * Different header and footer on first page * Extra word boundary characters and word count options Calc * Conditional formatting improvements * Increased size limit of ODF documents from 2GB to 4GB * Export single charts as PNG or JPEG pictures * New functions as defined in ODF OpenFormula UI * New templates manager * Support for Firefox Personas Performance * Faster ODS, XLSX, and RTF import The updated version also provides many bug fixes, including but not limited to: * WebDAV locking (bnc#805901) * EMF transparency handling (bnc#820385) * Black background in PDF export (bnc#795857) * Base reports crasher (fdo#64279, bnc#821586) * Invalidated java setting (bnc#820196) * Line alignment in DOCX import (bnc#820792) * Missing picture in DOCX import (bnc#819882) * Missing text boxes in PPT import (bnc#758621) * Better size guessing in DOCX import (bnc#779630) * Correct sizes for EMF+ bitmap rendering (bnc#795857) * Page breaks between shapes in RTF import (bnc#818997) * Broken rotated Draw objects in PDF export (bnc#817250) * Text and graphics overlapping in DOC import (bnc#816603) * Missing chart boxes and lines in PPTX import (bnc#819614) * Best effort mapping of the OOXML patterns to our hatches (bnc#820786) * Legacy diagram PPTX import (bnc#699334) * Animations inside SmartArt (bnc#705982) * Table layout in DOCX import (bnc#780645) * VBA macro fails in PageSetUp (bnc#813528) * Shapes location in DOCX import (bnc#816583) * Wrong bullet color in PPTX import (bnc#719988) * Pull-down selections in DOCX import (bnc#779630) * Shape with background in XLSX import (bnc#798309) * Import of scattered and bubble charts (bnc#810508) * Transparent background in EMF+ import (bnc#812793) * Wrong background color in PPTX import (bnc#734733) * Frame's background color in DOCX import (bnc#592908) * Bullet points are not indented correctly (bnc#793414) * Axis labels with percentage in PPTX import (bnc#813291) * Better fix for default PDF export directory (bnc#777788) * Implement easy access to the recent documents (bnc#816516) * VBA macro fails with error "Incorrect Property Value" (bnc#809017) * VBA macro fails with "objCmd.ActiveConnection = Nothing" (bnc#805071) * Left margin of bullet (bnc#793414) * Color issue in PPTX import (bnc#780830) * Rehash basic unit test framework (bnc#805071) * Display the scaled font size in the toolbar (bnc#657905) * Use number format, if available, for charts (bnc#734735) * Shape with background are missed in XLSX import (bnc#798309) * Detect follow-on default member of default member object (bnc#809017) * Fix filtering of provides and requires (bnc#809449) * Floating tables in DOCX import (bnc#779642) * Basic EMF+ implementation (bnc#780748) * Sort data points (bnc#590020) * Sort autofilter popup items correctly (bnc#492440) * Cell validation is not a special content (bnc#802350) * Default paths for exporting documents and PDFs (bnc#777788) * Drawing text with font size 0 causes artifacts (bnc#753462) * Scan all columns to determine the first data row (bnc#801152) * Hide minimum password info in the password dialog (bnc#437516) * Text rotation in shapes in PPTX export (fdo#34897, bnc#404221, fdo#58204) * Recompile cells with #NAME! for English function name option (bnc#615357) * Enable startup notification (bnc#796875) * Remove obsolete unopkg calls from post install scripts; the cache is removed by the main package and not longer used (bnc#769448) * Use libreoffice-branding >= 4.0 build requires; we need the optimized one (bnc#798268) * Enable startup notification (bnc#796875) * Do not delete PropertyMapEntry instance (bnc#798271). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libreoffice-40-8005 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libreoffice-40-8005 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 4.0.3.3.5]: libreoffice-4.0.3.3.5-0.5.1 libreoffice-base-4.0.3.3.5-0.5.1 libreoffice-base-drivers-postgresql-4.0.3.3.5-0.5.1 libreoffice-base-extensions-4.0.3.3.5-0.5.1 libreoffice-calc-4.0.3.3.5-0.5.1 libreoffice-calc-extensions-4.0.3.3.5-0.5.1 libreoffice-draw-4.0.3.3.5-0.5.1 libreoffice-draw-extensions-4.0.3.3.5-0.5.1 libreoffice-filters-optional-4.0.3.3.5-0.5.1 libreoffice-gnome-4.0.3.3.5-0.5.1 libreoffice-impress-4.0.3.3.5-0.5.1 libreoffice-impress-extensions-4.0.3.3.5-0.5.1 libreoffice-kde-4.0.3.3.5-0.5.1 libreoffice-kde4-4.0.3.3.5-0.5.1 libreoffice-l10n-prebuilt-4.0.3.3.5-0.5.1 libreoffice-mailmerge-4.0.3.3.5-0.5.1 libreoffice-math-4.0.3.3.5-0.5.1 libreoffice-mono-4.0.3.3.5-0.5.1 libreoffice-officebean-4.0.3.3.5-0.5.1 libreoffice-pyuno-4.0.3.3.5-0.5.1 libreoffice-sdk-4.0.3.3.5-0.5.1 libreoffice-writer-4.0.3.3.5-0.5.1 libreoffice-writer-extensions-4.0.3.3.5-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.0,4.0 and 4.0.3.3.5]: libreoffice-branding-SLED-4.0-0.3.2 libreoffice-branding-upstream-4.0.3.3.5-0.5.1 libreoffice-help-cs-4.0.3.3.5-0.5.1 libreoffice-help-da-4.0.3.3.5-0.5.1 libreoffice-help-de-4.0.3.3.5-0.5.1 libreoffice-help-en-GB-4.0.3.3.5-0.5.1 libreoffice-help-en-US-4.0.3.3.5-0.5.1 libreoffice-help-es-4.0.3.3.5-0.5.1 libreoffice-help-fr-4.0.3.3.5-0.5.1 libreoffice-help-gu-IN-4.0.3.3.5-0.5.1 libreoffice-help-hi-IN-4.0.3.3.5-0.5.1 libreoffice-help-hu-4.0.3.3.5-0.5.1 libreoffice-help-it-4.0.3.3.5-0.5.1 libreoffice-help-ja-4.0.3.3.5-0.5.1 libreoffice-help-ko-4.0.3.3.5-0.5.1 libreoffice-help-nl-4.0.3.3.5-0.5.1 libreoffice-help-pl-4.0.3.3.5-0.5.1 libreoffice-help-pt-4.0.3.3.5-0.5.1 libreoffice-help-pt-BR-4.0.3.3.5-0.5.1 libreoffice-help-ru-4.0.3.3.5-0.5.1 libreoffice-help-sv-4.0.3.3.5-0.5.1 libreoffice-help-zh-CN-4.0.3.3.5-0.5.1 libreoffice-help-zh-TW-4.0.3.3.5-0.5.1 libreoffice-icon-themes-4.0.3.3.5-0.5.1 libreoffice-l10n-af-4.0.3.3.5-0.5.1 libreoffice-l10n-ar-4.0.3.3.5-0.5.1 libreoffice-l10n-ca-4.0.3.3.5-0.5.1 libreoffice-l10n-cs-4.0.3.3.5-0.5.1 libreoffice-l10n-da-4.0.3.3.5-0.5.1 libreoffice-l10n-de-4.0.3.3.5-0.5.1 libreoffice-l10n-el-4.0.3.3.5-0.5.1 libreoffice-l10n-en-GB-4.0.3.3.5-0.5.1 libreoffice-l10n-es-4.0.3.3.5-0.5.1 libreoffice-l10n-fi-4.0.3.3.5-0.5.1 libreoffice-l10n-fr-4.0.3.3.5-0.5.1 libreoffice-l10n-gu-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hi-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hu-4.0.3.3.5-0.5.1 libreoffice-l10n-it-4.0.3.3.5-0.5.1 libreoffice-l10n-ja-4.0.3.3.5-0.5.1 libreoffice-l10n-ko-4.0.3.3.5-0.5.1 libreoffice-l10n-nb-4.0.3.3.5-0.5.1 libreoffice-l10n-nl-4.0.3.3.5-0.5.1 libreoffice-l10n-nn-4.0.3.3.5-0.5.1 libreoffice-l10n-pl-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-BR-4.0.3.3.5-0.5.1 libreoffice-l10n-ru-4.0.3.3.5-0.5.1 libreoffice-l10n-sk-4.0.3.3.5-0.5.1 libreoffice-l10n-sv-4.0.3.3.5-0.5.1 libreoffice-l10n-xh-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-CN-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-TW-4.0.3.3.5-0.5.1 libreoffice-l10n-zu-4.0.3.3.5-0.5.1 libreoffice-languagetool-2.0-0.3.7 libreoffice-languagetool-de-2.0-0.3.7 libreoffice-languagetool-en-2.0-0.3.7 libreoffice-languagetool-es-2.0-0.3.7 libreoffice-languagetool-fr-2.0-0.3.7 libreoffice-languagetool-it-2.0-0.3.7 libreoffice-languagetool-nl-2.0-0.3.7 libreoffice-languagetool-pl-2.0-0.3.7 libreoffice-languagetool-sv-2.0-0.3.7 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.0.3.3.5]: libreoffice-4.0.3.3.5-0.5.1 libreoffice-base-4.0.3.3.5-0.5.1 libreoffice-base-drivers-postgresql-4.0.3.3.5-0.5.1 libreoffice-base-extensions-4.0.3.3.5-0.5.1 libreoffice-calc-4.0.3.3.5-0.5.1 libreoffice-calc-extensions-4.0.3.3.5-0.5.1 libreoffice-draw-4.0.3.3.5-0.5.1 libreoffice-draw-extensions-4.0.3.3.5-0.5.1 libreoffice-filters-optional-4.0.3.3.5-0.5.1 libreoffice-gnome-4.0.3.3.5-0.5.1 libreoffice-impress-4.0.3.3.5-0.5.1 libreoffice-impress-extensions-4.0.3.3.5-0.5.1 libreoffice-kde-4.0.3.3.5-0.5.1 libreoffice-kde4-4.0.3.3.5-0.5.1 libreoffice-mailmerge-4.0.3.3.5-0.5.1 libreoffice-math-4.0.3.3.5-0.5.1 libreoffice-mono-4.0.3.3.5-0.5.1 libreoffice-officebean-4.0.3.3.5-0.5.1 libreoffice-pyuno-4.0.3.3.5-0.5.1 libreoffice-writer-4.0.3.3.5-0.5.1 libreoffice-writer-extensions-4.0.3.3.5-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.0,4.0 and 4.0.3.3.5]: libreoffice-branding-SLED-4.0-0.3.2 libreoffice-help-cs-4.0.3.3.5-0.5.1 libreoffice-help-da-4.0.3.3.5-0.5.1 libreoffice-help-de-4.0.3.3.5-0.5.1 libreoffice-help-en-GB-4.0.3.3.5-0.5.1 libreoffice-help-en-US-4.0.3.3.5-0.5.1 libreoffice-help-es-4.0.3.3.5-0.5.1 libreoffice-help-fr-4.0.3.3.5-0.5.1 libreoffice-help-gu-IN-4.0.3.3.5-0.5.1 libreoffice-help-hi-IN-4.0.3.3.5-0.5.1 libreoffice-help-hu-4.0.3.3.5-0.5.1 libreoffice-help-it-4.0.3.3.5-0.5.1 libreoffice-help-ja-4.0.3.3.5-0.5.1 libreoffice-help-ko-4.0.3.3.5-0.5.1 libreoffice-help-nl-4.0.3.3.5-0.5.1 libreoffice-help-pl-4.0.3.3.5-0.5.1 libreoffice-help-pt-4.0.3.3.5-0.5.1 libreoffice-help-pt-BR-4.0.3.3.5-0.5.1 libreoffice-help-ru-4.0.3.3.5-0.5.1 libreoffice-help-sv-4.0.3.3.5-0.5.1 libreoffice-help-zh-CN-4.0.3.3.5-0.5.1 libreoffice-help-zh-TW-4.0.3.3.5-0.5.1 libreoffice-icon-themes-4.0.3.3.5-0.5.1 libreoffice-l10n-af-4.0.3.3.5-0.5.1 libreoffice-l10n-ar-4.0.3.3.5-0.5.1 libreoffice-l10n-ca-4.0.3.3.5-0.5.1 libreoffice-l10n-cs-4.0.3.3.5-0.5.1 libreoffice-l10n-da-4.0.3.3.5-0.5.1 libreoffice-l10n-de-4.0.3.3.5-0.5.1 libreoffice-l10n-en-GB-4.0.3.3.5-0.5.1 libreoffice-l10n-es-4.0.3.3.5-0.5.1 libreoffice-l10n-fi-4.0.3.3.5-0.5.1 libreoffice-l10n-fr-4.0.3.3.5-0.5.1 libreoffice-l10n-gu-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hi-IN-4.0.3.3.5-0.5.1 libreoffice-l10n-hu-4.0.3.3.5-0.5.1 libreoffice-l10n-it-4.0.3.3.5-0.5.1 libreoffice-l10n-ja-4.0.3.3.5-0.5.1 libreoffice-l10n-ko-4.0.3.3.5-0.5.1 libreoffice-l10n-nb-4.0.3.3.5-0.5.1 libreoffice-l10n-nl-4.0.3.3.5-0.5.1 libreoffice-l10n-nn-4.0.3.3.5-0.5.1 libreoffice-l10n-pl-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-4.0.3.3.5-0.5.1 libreoffice-l10n-pt-BR-4.0.3.3.5-0.5.1 libreoffice-l10n-ru-4.0.3.3.5-0.5.1 libreoffice-l10n-sk-4.0.3.3.5-0.5.1 libreoffice-l10n-sv-4.0.3.3.5-0.5.1 libreoffice-l10n-xh-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-CN-4.0.3.3.5-0.5.1 libreoffice-l10n-zh-TW-4.0.3.3.5-0.5.1 libreoffice-l10n-zu-4.0.3.3.5-0.5.1 libreoffice-languagetool-2.0-0.3.7 libreoffice-languagetool-de-2.0-0.3.7 libreoffice-languagetool-en-2.0-0.3.7 libreoffice-languagetool-es-2.0-0.3.7 libreoffice-languagetool-fr-2.0-0.3.7 libreoffice-languagetool-it-2.0-0.3.7 libreoffice-languagetool-nl-2.0-0.3.7 libreoffice-languagetool-pl-2.0-0.3.7 libreoffice-languagetool-sv-2.0-0.3.7 References: https://bugzilla.novell.com/404221 https://bugzilla.novell.com/437516 https://bugzilla.novell.com/492440 https://bugzilla.novell.com/590020 https://bugzilla.novell.com/592908 https://bugzilla.novell.com/615357 https://bugzilla.novell.com/657905 https://bugzilla.novell.com/699334 https://bugzilla.novell.com/705982 https://bugzilla.novell.com/719988 https://bugzilla.novell.com/734733 https://bugzilla.novell.com/734735 https://bugzilla.novell.com/753462 https://bugzilla.novell.com/758621 https://bugzilla.novell.com/769448 https://bugzilla.novell.com/777788 https://bugzilla.novell.com/779630 https://bugzilla.novell.com/779642 https://bugzilla.novell.com/780645 https://bugzilla.novell.com/780748 https://bugzilla.novell.com/780830 https://bugzilla.novell.com/793414 https://bugzilla.novell.com/795857 https://bugzilla.novell.com/796875 https://bugzilla.novell.com/798268 https://bugzilla.novell.com/798271 https://bugzilla.novell.com/798309 https://bugzilla.novell.com/801152 https://bugzilla.novell.com/802350 https://bugzilla.novell.com/805071 https://bugzilla.novell.com/805901 https://bugzilla.novell.com/809017 https://bugzilla.novell.com/809449 https://bugzilla.novell.com/810508 https://bugzilla.novell.com/812793 https://bugzilla.novell.com/813291 https://bugzilla.novell.com/813528 https://bugzilla.novell.com/816516 https://bugzilla.novell.com/816583 https://bugzilla.novell.com/816603 https://bugzilla.novell.com/817250 https://bugzilla.novell.com/818997 https://bugzilla.novell.com/819614 https://bugzilla.novell.com/819882 https://bugzilla.novell.com/820196 https://bugzilla.novell.com/820385 https://bugzilla.novell.com/820786 https://bugzilla.novell.com/820792 https://bugzilla.novell.com/821586 https://bugzilla.novell.com/823111 http://download.novell.com/patch/finder/?keywords=529c6476ef1e73f1d012262411c82083 From sle-updates at lists.suse.com Fri Jul 5 10:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 18:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1150-1: important: Security update for openswan Message-ID: <20130705160411.786A232168@maintenance.suse.de> SUSE Security Update: Security update for openswan ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1150-1 Rating: important References: #824316 Cross-References: CVE-2013-2053 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This openswan update fixes a remote buffer overflow issue (bnc#824316 / CVE-2013-2053). Security Issue reference: * CVE-2013-2053 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-openswan-7925 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-openswan-7925 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): openswan-2.6.16-1.38.1 openswan-doc-2.6.16-1.38.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): openswan-2.6.16-1.38.1 openswan-doc-2.6.16-1.38.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): openswan-2.4.4-18.21.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): openswan-2.4.4-18.21.1 References: http://support.novell.com/security/cve/CVE-2013-2053.html https://bugzilla.novell.com/824316 http://download.novell.com/patch/finder/?keywords=4e623ae4a993ce51b1b6b7d9b96ebcb5 http://download.novell.com/patch/finder/?keywords=f043270acc009a30fe4516ffd47e47d9 From sle-updates at lists.suse.com Fri Jul 5 10:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 18:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1094-2: Recommended update for SUSE Manager client tools Message-ID: <20130705160414.D519332236@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager client tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1094-2 Rating: low References: #815460 #818325 #823917 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes three new package versions. Description: This update fixes the following issues: rhnlib: - Make timeout of yum-rhn-plugin calls through rhn-client-tools configurable - Make Proxy timeouts configurable. spacewalk-client-tools: - Create mgr* program symbolic links - Correctly handle a deactivated account error message - Require rhnlib with timeout option - Make timeout configurable. zypp-plugin-spacewalk: - Always disable gpgcheck for repositories in spacewalk service - Use timeout also for XMLRPC calls if possible - Read transfer_timeout from zypp.conf and provide it via URL. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-client-tools-201306-7948 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-client-tools-201306-7948 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-client-tools-201306-7948 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.9.2 and 2.5.51.4]: rhnlib-2.5.51.4-0.5.1 zypp-plugin-spacewalk-0.9.2-0.5.5 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 1.7.14.16]: spacewalk-check-1.7.14.16-0.5.2 spacewalk-client-setup-1.7.14.16-0.5.2 spacewalk-client-tools-1.7.14.16-0.5.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.9.2 and 2.5.51.4]: rhnlib-2.5.51.4-0.5.1 zypp-plugin-spacewalk-0.9.2-0.5.5 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 1.7.14.16]: spacewalk-check-1.7.14.16-0.5.2 spacewalk-client-setup-1.7.14.16-0.5.2 spacewalk-client-tools-1.7.14.16-0.5.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.9.2 and 2.5.51.4]: rhnlib-2.5.51.4-0.5.1 zypp-plugin-spacewalk-0.9.2-0.5.5 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 1.7.14.16]: spacewalk-check-1.7.14.16-0.5.2 spacewalk-client-setup-1.7.14.16-0.5.2 spacewalk-client-tools-1.7.14.16-0.5.2 References: https://bugzilla.novell.com/815460 https://bugzilla.novell.com/818325 https://bugzilla.novell.com/823917 http://download.novell.com/patch/finder/?keywords=333ae90257e1123f61dd577dfb6a69ed From sle-updates at lists.suse.com Fri Jul 5 13:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 21:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1151-1: important: Security update for Linux kernel Message-ID: <20130705190411.2B3DE321A1@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1151-1 Rating: important References: #825657 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 2 kernel was respun with the 3.0.80 update to fix a severe compatibility problem with kernel module packages (KMPs) like e.g. drbd. An incompatible ABI change could lead to those modules not correctly working or crashing on loading and is fixed by this update. Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-7954 slessp2-kernel-7960 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-7954 slessp2-kernel-7957 slessp2-kernel-7958 slessp2-kernel-7959 slessp2-kernel-7960 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-7954 sleshasp2-kernel-7957 sleshasp2-kernel-7958 sleshasp2-kernel-7959 sleshasp2-kernel-7960 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-7954 sledsp2-kernel-7960 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.80]: kernel-default-3.0.80-0.7.1 kernel-default-base-3.0.80-0.7.1 kernel-default-devel-3.0.80-0.7.1 kernel-source-3.0.80-0.7.1 kernel-syms-3.0.80-0.7.1 kernel-trace-3.0.80-0.7.1 kernel-trace-base-3.0.80-0.7.1 kernel-trace-devel-3.0.80-0.7.1 kernel-xen-devel-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): xen-kmp-trace-4.1.5_02_3.0.80_0.7-0.5.18 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.80]: kernel-pae-3.0.80-0.7.1 kernel-pae-base-3.0.80-0.7.1 kernel-pae-devel-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.80]: kernel-default-3.0.80-0.7.1 kernel-default-base-3.0.80-0.7.1 kernel-default-devel-3.0.80-0.7.1 kernel-source-3.0.80-0.7.1 kernel-syms-3.0.80-0.7.1 kernel-trace-3.0.80-0.7.1 kernel-trace-base-3.0.80-0.7.1 kernel-trace-devel-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.80]: kernel-ec2-3.0.80-0.7.1 kernel-ec2-base-3.0.80-0.7.1 kernel-ec2-devel-3.0.80-0.7.1 kernel-xen-3.0.80-0.7.1 kernel-xen-base-3.0.80-0.7.1 kernel-xen-devel-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): xen-kmp-default-4.1.5_02_3.0.80_0.7-0.5.18 xen-kmp-trace-4.1.5_02_3.0.80_0.7-0.5.18 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.80]: kernel-default-man-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.80]: kernel-ppc64-3.0.80-0.7.1 kernel-ppc64-base-3.0.80-0.7.1 kernel-ppc64-devel-3.0.80-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.80]: kernel-pae-3.0.80-0.7.1 kernel-pae-base-3.0.80-0.7.1 kernel-pae-devel-3.0.80-0.7.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.80_0.7-2.18.51 cluster-network-kmp-trace-1.4_3.0.80_0.7-2.18.51 gfs2-kmp-default-2_3.0.80_0.7-0.7.81 gfs2-kmp-trace-2_3.0.80_0.7-0.7.81 ocfs2-kmp-default-1.6_3.0.80_0.7-0.11.50 ocfs2-kmp-trace-1.6_3.0.80_0.7-0.11.50 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.80_0.7-2.18.51 gfs2-kmp-xen-2_3.0.80_0.7-0.7.81 ocfs2-kmp-xen-1.6_3.0.80_0.7-0.11.50 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.80_0.7-2.18.51 gfs2-kmp-ppc64-2_3.0.80_0.7-0.7.81 ocfs2-kmp-ppc64-1.6_3.0.80_0.7-0.11.50 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.80_0.7-2.18.51 gfs2-kmp-pae-2_3.0.80_0.7-0.7.81 ocfs2-kmp-pae-1.6_3.0.80_0.7-0.11.50 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.80]: kernel-default-3.0.80-0.7.1 kernel-default-base-3.0.80-0.7.1 kernel-default-devel-3.0.80-0.7.1 kernel-default-extra-3.0.80-0.7.1 kernel-source-3.0.80-0.7.1 kernel-syms-3.0.80-0.7.1 kernel-trace-3.0.80-0.7.1 kernel-trace-base-3.0.80-0.7.1 kernel-trace-devel-3.0.80-0.7.1 kernel-trace-extra-3.0.80-0.7.1 kernel-xen-3.0.80-0.7.1 kernel-xen-base-3.0.80-0.7.1 kernel-xen-devel-3.0.80-0.7.1 kernel-xen-extra-3.0.80-0.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): xen-kmp-default-4.1.5_02_3.0.80_0.7-0.5.18 xen-kmp-trace-4.1.5_02_3.0.80_0.7-0.5.18 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.80]: kernel-pae-3.0.80-0.7.1 kernel-pae-base-3.0.80-0.7.1 kernel-pae-devel-3.0.80-0.7.1 kernel-pae-extra-3.0.80-0.7.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.80_0.7-0.14.62 ext4-writeable-kmp-trace-0_3.0.80_0.7-0.14.62 kernel-default-extra-3.0.80-0.7.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.80_0.7-0.14.62 kernel-xen-extra-3.0.80-0.7.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.80_0.7-0.14.62 kernel-ppc64-extra-3.0.80-0.7.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.80_0.7-0.14.62 kernel-pae-extra-3.0.80-0.7.1 References: https://bugzilla.novell.com/825657 http://download.novell.com/patch/finder/?keywords=2933fc1d318570fd29fc9c882118e2f9 http://download.novell.com/patch/finder/?keywords=3979393609bc7fc0060c84d8f6c614c9 http://download.novell.com/patch/finder/?keywords=42ff2be8ec2fb21f7d494600848c4ad6 http://download.novell.com/patch/finder/?keywords=511f063f92e4fd065bc4f18cd512dd97 http://download.novell.com/patch/finder/?keywords=75d8104813f10db3bb35f4b6cf167e3b http://download.novell.com/patch/finder/?keywords=8e023846e9b2123c71d7008b4f22b419 http://download.novell.com/patch/finder/?keywords=94d76106e50952487c5aea15fedb7f6b http://download.novell.com/patch/finder/?keywords=af79d110bc75684f84ac6baab338862e http://download.novell.com/patch/finder/?keywords=b60e1d289121ae78ca5a36000a3bcd58 http://download.novell.com/patch/finder/?keywords=f868176ad335455918aedbb9666e1a3c From sle-updates at lists.suse.com Fri Jul 5 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 22:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1152-1: important: Security update for Mozilla Firefox Message-ID: <20130705200411.09EAA3213D@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1152-1 Rating: important References: #792432 #813026 #819204 #825935 Cross-References: CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1697 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes one version update. Description: Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes bugs and security fixes. * MFSA 2013-49: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 21. (CVE-2013-1682) * MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting additional use-after-free and buffer overflow flaws in code introduced during Firefox development. These were fixed before general release. o Heap-use-after-free in mozilla::dom::HTMLMediaElement::LookupMediaElementURITable (CVE-2013-1684) o Heap-use-after-free in nsIDocument::GetRootElement (CVE-2013-1685) o Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686) * MFSA 2013-51 / CVE-2013-1687: Security researcher Mariusz Mlynski reported that it is possible to compile a user-defined function in the XBL scope of a specific element and then trigger an event within this scope to run code. In some circumstances, when this code is run, it can access content protected by System Only Wrappers (SOW) and chrome-privileged pages. This could potentially lead to arbitrary code execution. Additionally, Chrome Object Wrappers (COW) can be bypassed by web content to access privileged methods, leading to a cross-site scripting (XSS) attack from privileged pages. * MFSA 2013-53 / CVE-2013-1690: Security researcher Nils reported that specially crafted web content using the onreadystatechange event and reloading of pages could sometimes cause a crash when unmapped memory is executed. This crash is potentially exploitable. * MFSA 2013-54 / CVE-2013-1692: Security researcher Johnathan Kuskos reported that Firefox is sending data in the body of XMLHttpRequest (XHR) HEAD requests, which goes agains the XHR specification. This can potentially be used for Cross-Site Request Forgery (CSRF) attacks against sites which do not distinguish between HEAD and POST requests. * MFSA 2013-55 / CVE-2013-1693: Security researcher Paul Stone of Context Information Security discovered that timing differences in the processing of SVG format images with filters could allow for pixel values to be read. This could potentially allow for text values to be read across domains, leading to information disclosure. * MFSA 2013-59 / CVE-2013-1697: Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue. This can lead to unexpected behavior when privileged code acts on the incorrect values. * MFSA 2013-30: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, and Joe Drew reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788) * MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an out-of-bounds write in Cairo graphics library. When certain values are passed to it during rendering, Cairo attempts to use negative boundaries or sizes for boxes, leading to a potentially exploitable crash in some instances. * MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin discovered that the Mozilla Maintenance Service on Windows was vulnerable to a buffer overflow. This system is used to update software without invoking the User Account Control (UAC) prompt. The Mozilla Maintenance Service is configured to allow unprivileged users to start it with arbitrary arguments. By manipulating the data passed in these arguments, an attacker can execute arbitrary code with the system privileges used by the service. This issue requires local file system access to be exploitable. * MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an issue with the Mozilla Updater. The Mozilla Updater can be made to load a malicious local DLL file in a privileged context through either the Mozilla Maintenance Service or independently on systems that do not use the service. This occurs when the DLL file is placed in a specific location on the local system before the Mozilla Updater is run. Local file system access is necessary in order for this issue to be exploitable. * MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the Address Sanitizer tool to discover a crash in WebGL rendering when memory is freed that has not previously been allocated. This issue only affects Linux users who have Intel Mesa graphics drivers. The resulting crash could be potentially exploitable. * MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported a mechanism to use the cloneNode method to bypass System Only Wrappers (SOW) and clone a protected node. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code. * MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a method for removing the origin indication on tab-modal dialog boxes in combination with browser navigation. This could allow an attacker's dialog to overlay a page and show another site's content. This can be used for phishing by allowing users to enter data into a modal prompt dialog on an attacking, site while appearing to be from the displayed site. * MFSA 2013-38 / CVE-2013-0793: Security researcher Mariusz Mlynski reported a method to use browser navigations through history to load an arbitrary website with that page's baseURI property pointing to another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the browser. This allows for a cross-site scripting (XSS) attack or the theft of data through a phishing attack. * MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula reported that if gfx.color_management.enablev4 preference is enabled manually in about:config, some grayscale PNG images will be rendered incorrectly and cause memory corruption during PNG decoding when certain color profiles are in use. A crafted PNG image could use this flaw to leak data through rendered images drawing from random memory. By default, this preference is not enabled. * MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak reported an out-of-bounds array read in the CERT_DecodeCertPackage function of the Network Security Services (NSS) libary when decoding a certificate. When this occurs, it will lead to memory corruption and a non-exploitable crash. * MFSA 2013-41: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References o Christoph Diehl, Christian Holler, Jesse Ruderman, Timothy Nikkel, and Jeff Walden reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 20. o Bob Clary, Ben Turner, Benoit Jacob, Bobby Holley, Christoph Diehl, Christian Holler, Andrew McCreight, Gary Kwong, Jason Orendorff, Jesse Ruderman, Matt Wobensmith, and Mats Palmgren reported memory safety problems and crashes that affect Firefox 20. * MFSA 2013-42 / CVE-2013-1670: Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged accesss. This affects chrome object wrappers (COW) and allows for write actions on objects when only read actions should be allowed. This can lead to cross-site scripting (XSS) attacks. * MFSA 2013-43 / CVE-2013-1671: Mozilla security researcher moz_bug_r_a4 reported a mechanism to exploit the control when set to the file type in order to get the full path. This can lead to information leakage and could be combined with other exploits to target attacks on the local file system. * MFSA 2013-44 / CVE-2013-1672: Security researcher Seb Patane reported an issue with the Mozilla Maintenance Service on Windows. This issue allows unprivileged users to local privilege escalation through the system privileges used by the service when interacting with local malicious software. This allows the user to bypass integrity checks leading to local privilege escalation. Local file system access is necessary in order for this issue to be exploitable and it cannot be triggered through web content. * MFSA 2013-45: Security researcher Robert Kugler discovered that in some instances the Mozilla Maintenance Service on Windows will be vulnerable to some previously fixed privilege escalation attacks that allowed for local privilege escalation. This was caused by the Mozilla Updater not updating Windows Registry entries for the Mozilla Maintenance Service, which fixed the earlier issues present if Firefox 12 had been installed. New installations of Firefox after version 12 are not affected by this issue. Local file system access is necessary in order for this issue to be exploitable and it cannot be triggered through web content. References: - old MozillaMaintenance Service registry entry not updated leading to Trusted Path Privilege Escalation (CVE-2013-1673) - Possible Arbitrary Code Execution by Update Service (CVE-2012-1942) * MFSA 2013-46 / CVE-2013-1674: Security researcher Nils reported a use-after-free when resizing video while playing. This could allow for arbitrary code execution. * MFSA 2013-47 / CVE-2013-1675: Mozilla community member Ms2ger discovered that some DOMSVGZoomEvent functions are used without being properly initialized, causing uninitialized memory to be used when they are called by web content. This could lead to a information leakage to sites depending on the contents of this uninitialized memory. * MFSA 2013-48: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and invalid write problems rated as moderate to critical as security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting additional use-after-free flaws in dir=auto code introduced during Firefox development. These were fixed before general release. References o Out of Bounds Read in SelectionIterator::GetNextSegment (CVE-2013-1676) o Out-of-bound read in gfxSkipCharsIterator::SetOffsets (CVE-2013-1677)) o Invalid write in _cairo_xlib_surface_add_glyph (CVE-2013-1678) o Heap-use-after-free in mozilla::plugins::child::_geturlnotify (CVE-2013-1679) o Heap-use-after-free in nsFrameList::FirstChild (CVE-2013-1680) o Heap-use-after-free in nsContentUtils::RemoveScriptBlocker (CVE-2013-1681) * CVE-2012-1942 * CVE-2013-0788 * CVE-2013-0791 * CVE-2013-0792 * CVE-2013-0793 * CVE-2013-0794 * CVE-2013-0795 * CVE-2013-0796 * CVE-2013-0797 * CVE-2013-0798 * CVE-2013-0799 * CVE-2013-0800 * CVE-2013-0801 * CVE-2013-1669 * CVE-2013-1670 * CVE-2013-1671 * CVE-2013-1672 * CVE-2013-1673 * CVE-2013-1674 * CVE-2013-1675 * CVE-2013-1676 * CVE-2013-1677 * CVE-2013-1678 * CVE-2013-1679 * CVE-2013-1680 * CVE-2013-1681 * CVE-2013-1682 * CVE-2013-1684 * CVE-2013-1685 * CVE-2013-1686 * CVE-2013-1687 * CVE-2013-1690 * CVE-2013-1692 * CVE-2013-1693 * CVE-2013-1697 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox-20130628-8001 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox-20130628-8001 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox-20130628-8001 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox-20130628-8001 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-17.0.7esr-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.8.1 MozillaFirefox-translations-17.0.7esr-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.8.1 MozillaFirefox-branding-SLED-7-0.12.1 MozillaFirefox-translations-17.0.7esr-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.8.1 MozillaFirefox-branding-SLED-7-0.12.1 MozillaFirefox-translations-17.0.7esr-0.8.1 References: http://support.novell.com/security/cve/CVE-2013-1682.html http://support.novell.com/security/cve/CVE-2013-1684.html http://support.novell.com/security/cve/CVE-2013-1685.html http://support.novell.com/security/cve/CVE-2013-1686.html http://support.novell.com/security/cve/CVE-2013-1687.html http://support.novell.com/security/cve/CVE-2013-1690.html http://support.novell.com/security/cve/CVE-2013-1692.html http://support.novell.com/security/cve/CVE-2013-1693.html http://support.novell.com/security/cve/CVE-2013-1697.html https://bugzilla.novell.com/792432 https://bugzilla.novell.com/813026 https://bugzilla.novell.com/819204 https://bugzilla.novell.com/825935 http://download.novell.com/patch/finder/?keywords=2c55ef365e2022c62abed41b2a31ed0f From sle-updates at lists.suse.com Fri Jul 5 14:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 5 Jul 2013 22:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1153-1: important: Security update for Mozilla Firefox Message-ID: <20130705200415.7A0F032232@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1153-1 Rating: important References: #825935 Cross-References: CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1697 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes two new package versions. Description: Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes bugs and security issues. * MFSA 2013-49: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 21. (CVE-2013-1682) * MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting additional use-after-free and buffer overflow flaws in code introduced during Firefox development. These were fixed before general release. o Heap-use-after-free in mozilla::dom::HTMLMediaElement::LookupMediaElementURITable (CVE-2013-1684) o Heap-use-after-free in nsIDocument::GetRootElement (CVE-2013-1685) o Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686) * MFSA 2013-51 / CVE-2013-1687: Security researcher Mariusz Mlynski reported that it is possible to compile a user-defined function in the XBL scope of a specific element and then trigger an event within this scope to run code. In some circumstances, when this code is run, it can access content protected by System Only Wrappers (SOW) and chrome-privileged pages. This could potentially lead to arbitrary code execution. Additionally, Chrome Object Wrappers (COW) can be bypassed by web content to access privileged methods, leading to a cross-site scripting (XSS) attack from privileged pages. * MFSA 2013-53 / CVE-2013-1690: Security researcher Nils reported that specially crafted web content using the onreadystatechange event and reloading of pages could sometimes cause a crash when unmapped memory is executed. This crash is potentially exploitable. * MFSA 2013-54 / CVE-2013-1692: Security researcher Johnathan Kuskos reported that Firefox is sending data in the body of XMLHttpRequest (XHR) HEAD requests, which goes agains the XHR specification. This can potentially be used for Cross-Site Request Forgery (CSRF) attacks against sites which do not distinguish between HEAD and POST requests. * MFSA 2013-55 / CVE-2013-1693: Security researcher Paul Stone of Context Information Security discovered that timing differences in the processing of SVG format images with filters could allow for pixel values to be read. This could potentially allow for text values to be read across domains, leading to information disclosure. * MFSA 2013-59 / CVE-2013-1697: Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue. This can lead to unexpected behavior when privileged code acts on the incorrect values. Security Issue references: * CVE-2013-1682 * CVE-2013-1684 * CVE-2013-1685 * CVE-2013-1686 * CVE-2013-1687 * CVE-2013-1690 * CVE-2013-1692 * CVE-2013-1693 * CVE-2013-1697 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-20130628-7976 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-20130628-7976 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-firefox-20130628-7977 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-firefox-20130628-7977 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-20130628-7976 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.3.1 MozillaFirefox-translations-17.0.7esr-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.3.1 MozillaFirefox-branding-SLED-7-0.6.9.31 MozillaFirefox-translations-17.0.7esr-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.3.1 MozillaFirefox-translations-17.0.7esr-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 17.0.7esr and 7]: MozillaFirefox-17.0.7esr-0.3.1 MozillaFirefox-branding-SLED-7-0.6.9.31 MozillaFirefox-translations-17.0.7esr-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 17.0.7esr and 7]: MozillaFirefox-17.0.7esr-0.6.1 MozillaFirefox-branding-SLED-7-0.10.28 MozillaFirefox-translations-17.0.7esr-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 17.0.7esr]: MozillaFirefox-17.0.7esr-0.3.1 MozillaFirefox-branding-SLED-7-0.6.9.31 MozillaFirefox-translations-17.0.7esr-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 17.0.7esr and 7]: MozillaFirefox-17.0.7esr-0.6.1 MozillaFirefox-branding-SLED-7-0.10.28 MozillaFirefox-translations-17.0.7esr-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-17.0.7esr-0.6.1 References: http://support.novell.com/security/cve/CVE-2013-1682.html http://support.novell.com/security/cve/CVE-2013-1684.html http://support.novell.com/security/cve/CVE-2013-1685.html http://support.novell.com/security/cve/CVE-2013-1686.html http://support.novell.com/security/cve/CVE-2013-1687.html http://support.novell.com/security/cve/CVE-2013-1690.html http://support.novell.com/security/cve/CVE-2013-1692.html http://support.novell.com/security/cve/CVE-2013-1693.html http://support.novell.com/security/cve/CVE-2013-1697.html https://bugzilla.novell.com/825935 http://download.novell.com/patch/finder/?keywords=061026413fe3bb69a7f42e0b70363e4a http://download.novell.com/patch/finder/?keywords=1133af3aaf996a7684d227efbb12bd71 http://download.novell.com/patch/finder/?keywords=7d0f6003f49140e3d5ad8c675f178612 From sle-updates at lists.suse.com Mon Jul 8 12:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jul 2013 20:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1161-1: important: Security update for ceph-kmp Message-ID: <20130708180415.0CE5E3216C@maintenance.suse.de> SUSE Security Update: Security update for ceph-kmp ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1161-1 Rating: important References: #750047 #756193 #826350 Cross-References: CVE-2013-1059 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This ceph-kmp update fixes a libceph NULL function pointer dereference. Here is the full list of changes: * bug#826350 - libceph NULL function pointer dereference (CVE-2013-1059) * bug#750047 - marking ceph-kmp as supported * bug#756193 - fix for libceph crash Security Issue reference: * CVE-2013-1059 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-ceph-kmp-default-7980 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): ceph-kmp-default-0_3.0.80_0.7-0.12.3.1 ceph-kmp-xen-0_3.0.80_0.7-0.12.3.1 References: http://support.novell.com/security/cve/CVE-2013-1059.html https://bugzilla.novell.com/750047 https://bugzilla.novell.com/756193 https://bugzilla.novell.com/826350 http://download.novell.com/patch/finder/?keywords=ad2569858e79b7b06c24f42a786aaf32 From sle-updates at lists.suse.com Mon Jul 8 14:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jul 2013 22:04:10 +0200 (CEST) Subject: SUSE-YU-2013:1162-1: YOU update for libzypp Message-ID: <20130708200410.782A5320A9@maintenance.suse.de> SUSE YOU Update: YOU update for libzypp ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:1162-1 Rating: low References: #803316 #824110 #825490 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three YOU fixes can now be installed. It includes two new package versions. Description: This update for the Software Update Stack provides the following fixes and enhancements: libzypp: * Set log file permission upon file creation only. (bnc#825490) * Speedup scanning for modaliases, improving performance on machines with large amounts of RAM. (bnc#824110) * Implement retrieval of packages from tftp servers. (bnc#803316) * Fix file probing via tftp://. (bnc#803316) * Add modalias and multiversion spec to testcase. zypper: * Set default zypper.log mode to 0640. (bnc#825490) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-softwaremgmt-201306-8007 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-softwaremgmt-201306-8007 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-softwaremgmt-201306-8007 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-softwaremgmt-201306-8007 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.36.3]: libzypp-devel-9.36.3-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.6.308 and 9.36.3]: libzypp-9.36.3-0.7.1 zypper-1.6.308-0.9.16 zypper-log-1.6.308-0.9.16 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.6.308 and 9.36.3]: libzypp-9.36.3-0.7.1 zypper-1.6.308-0.9.16 zypper-log-1.6.308-0.9.16 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.6.308 and 9.36.3]: libzypp-9.36.3-0.7.1 zypper-1.6.308-0.9.16 zypper-log-1.6.308-0.9.16 References: https://bugzilla.novell.com/803316 https://bugzilla.novell.com/824110 https://bugzilla.novell.com/825490 http://download.novell.com/patch/finder/?keywords=75b665db4ae53801be35f4dc089a1654 From sle-updates at lists.suse.com Mon Jul 8 14:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jul 2013 22:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1163-1: Recommended update for SUSE Studio 1.3.2 Message-ID: <20130708200414.7261F320A9@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Studio 1.3.2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1163-1 Rating: low References: #782388 #790912 #796240 #802571 #803789 #807518 #808277 #808617 #810192 #813491 #816180 #816183 #819948 #823616 #824415 #825734 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that has 16 recommended fixes can now be installed. It includes one version update. Description: This update provides SUSE Studio 1.3.2, which includes many improvements and bug fixes. The changes in detail are: * #819948: Studio UI does not show build progress for 2 to 5 minutes after starting build * #806795: Fix broken link * #807518: Build assets on build time * #816180: No test-drive symbolic link when updating * #796240: Build fails on Preload-Iso with out of space error * #808277: When updating Onsite 1.3, services are not being restarted * #810192: Prevent duplicated user names in appliance configuration tab * #782388: UTC time displayed in Diary and Dashboard unless UTC checked in YaST * #813491: Drop requirements on -devel packages * #823616: Clicking on additional options checkboxes causes redundant POST requests * #790912: API: Export Kiwi configuration * #816183: Running setup before creating the package creates an extra link in the repositories folder * #808617: Error when looking at build logs of running builds * #802571: Error when trying to delete a repository * #803789: Packages added with Bootinclude don't show up in initrd * #825734: Studio is unavailable after changing packages on test system. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-susestudio-201306-7990 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64) [New Version: 1.3.2]: susestudio-1.3.2-0.17.2 susestudio-bundled-packages-1.3.2-0.17.2 susestudio-common-1.3.2-0.17.2 susestudio-runner-1.3.2-0.17.2 susestudio-sid-1.3.2-0.17.2 susestudio-ui-server-1.3.2-0.17.2 References: https://bugzilla.novell.com/782388 https://bugzilla.novell.com/790912 https://bugzilla.novell.com/796240 https://bugzilla.novell.com/802571 https://bugzilla.novell.com/803789 https://bugzilla.novell.com/807518 https://bugzilla.novell.com/808277 https://bugzilla.novell.com/808617 https://bugzilla.novell.com/810192 https://bugzilla.novell.com/813491 https://bugzilla.novell.com/816180 https://bugzilla.novell.com/816183 https://bugzilla.novell.com/819948 https://bugzilla.novell.com/823616 https://bugzilla.novell.com/824415 https://bugzilla.novell.com/825734 http://download.novell.com/patch/finder/?keywords=9591ac291f41e4ac9557e309c911bc9e From sle-updates at lists.suse.com Tue Jul 9 08:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jul 2013 16:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1164-1: Recommended update for pcsc-cyberjack Message-ID: <20130709140411.7A3E33213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for pcsc-cyberjack ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1164-1 Rating: low References: #814818 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pcsc-cyberjack adds support for new card reader devices from Reiner-SCT. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ctapi-cyberjack-7758 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ctapi-cyberjack-7758 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ctapi-cyberjack-7758 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ctapi-cyberjack-3.3.0-3.27.3.1 pcsc-cyberjack-3.3.0-3.27.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ctapi-cyberjack-3.3.0-3.27.3.1 pcsc-cyberjack-3.3.0-3.27.3.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ctapi-cyberjack-3.3.0-3.27.3.1 pcsc-cyberjack-3.3.0-3.27.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.1 References: https://bugzilla.novell.com/814818 http://download.novell.com/patch/finder/?keywords=c5487d2435e0cb5acaf6777c1c73aaad From sle-updates at lists.suse.com Tue Jul 9 12:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jul 2013 20:04:12 +0200 (CEST) Subject: SUSE-SU-2013:1165-1: moderate: Security update for libcurl4 Message-ID: <20130709180412.67D623213D@maintenance.suse.de> SUSE Security Update: Security update for libcurl4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1165-1 Rating: moderate References: #742306 #814655 #824517 Cross-References: CVE-2010-4180 CVE-2011-3389 CVE-2013-1944 CVE-2013-2174 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update of curl fixes several security issues: * libcurl URL decode buffer boundary flaw (bnc#824517 / CVE-2013-2174) * cookie domain tailmatch (bnc#814655 / CVE-2013-1944) * curl sets SSL_OP_ALL (bnc#742306 / CVE-2011-3389) * When SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier (CVE-2010-4180) Security Issue references: * CVE-2010-4180 * CVE-2011-3389 * CVE-2013-1944 * CVE-2013-2174 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libcurl4-32bit-7.19.0-11.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): libcurl4-7.19.0-11.6.1 References: http://support.novell.com/security/cve/CVE-2010-4180.html http://support.novell.com/security/cve/CVE-2011-3389.html http://support.novell.com/security/cve/CVE-2013-1944.html http://support.novell.com/security/cve/CVE-2013-2174.html https://bugzilla.novell.com/742306 https://bugzilla.novell.com/814655 https://bugzilla.novell.com/824517 http://download.novell.com/patch/finder/?keywords=e3950ab87a0b449a0d3d8313b4086042 From sle-updates at lists.suse.com Tue Jul 9 12:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jul 2013 20:04:16 +0200 (CEST) Subject: SUSE-SU-2013:1166-1: moderate: Security update for compat-curl2 Message-ID: <20130709180416.9192332245@maintenance.suse.de> SUSE Security Update: Security update for compat-curl2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1166-1 Rating: moderate References: #824517 Cross-References: CVE-2013-2174 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of compat-curl2 fixes a security vulnerability: * libcurl URL decode buffer boundary flaw (bnc#824517 / CVE-2013-2174) Security Issue reference: * CVE-2013-2174 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-curl-7932 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-curl-7867 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-curl-7932 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-curl-7932 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-curl-7867 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-curl-7867 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-curl-7932 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-curl-7867 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libcurl-devel-7.19.7-1.28.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libcurl-devel-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): curl-7.19.7-1.28.1 libcurl4-7.19.7-1.28.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libcurl4-32bit-7.19.7-1.28.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): curl-7.19.7-1.28.1 libcurl4-7.19.7-1.28.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libcurl4-32bit-7.19.7-1.28.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libcurl4-x86-7.19.7-1.28.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): curl-7.19.7-1.20.27.1 libcurl4-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libcurl4-32bit-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): curl-7.19.7-1.20.27.1 libcurl4-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libcurl4-32bit-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libcurl4-x86-7.19.7-1.20.27.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): compat-curl2-7.11.0-20.11.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): compat-curl2-32bit-7.11.0-20.11.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): compat-curl2-x86-7.11.0-20.11.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): compat-curl2-64bit-7.11.0-20.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): curl-7.19.7-1.28.1 libcurl4-7.19.7-1.28.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libcurl4-32bit-7.19.7-1.28.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): curl-7.19.7-1.20.27.1 libcurl4-7.19.7-1.20.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libcurl4-32bit-7.19.7-1.20.27.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): compat-curl2-7.11.0-20.11.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): compat-curl2-32bit-7.11.0-20.11.1 References: http://support.novell.com/security/cve/CVE-2013-2174.html https://bugzilla.novell.com/824517 http://download.novell.com/patch/finder/?keywords=08501b52d2872aa5cb15654bf0e2cc4b http://download.novell.com/patch/finder/?keywords=48e7e826323b1b9622eb2146f1b17768 http://download.novell.com/patch/finder/?keywords=ee2bedaf7e993baa8b03465c84047236 From sle-updates at lists.suse.com Tue Jul 9 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jul 2013 22:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1167-1: moderate: Recommended update for udev Message-ID: <20130709200411.CB9493208D@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1167-1 Rating: moderate References: #805059 #820930 #821419 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for udev provides the following fixes: * Rename virtual interfaces also in the guest. (bnc#820930) * Use SCSI_IDENT_LUN_T10 instead of ID_SERIAL for partition in 61-msft.rules. (bnc#805059) * Drop usage of ID_BUS in 61-msft.rules. (bnc#805059) * Revert 'udev: fix crash in libudev', now fixed in multipath-tools. (bnc#821419) * Add dependency on sg3_utils. (bnc#805059) * Add the full path of sg_inq, otherwise udev searches for the binary in /lib/udev. (bnc#805059) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libgudev-1_0-0-7969 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libgudev-1_0-0-7969 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libgudev-1_0-0-7969 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libgudev-1_0-0-7969 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.88.1 libudev-devel-147-0.88.1 libudev0-147-0.88.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libgudev-1_0-0-147-0.88.1 libudev0-147-0.88.1 udev-147-0.88.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.88.1 libudev0-32bit-147-0.88.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.88.1 libudev0-147-0.88.1 udev-147-0.88.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.88.1 libudev0-32bit-147-0.88.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libgudev-1_0-0-x86-147-0.88.1 libudev0-x86-147-0.88.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libgudev-1_0-0-147-0.88.1 libudev0-147-0.88.1 udev-147-0.88.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgudev-1_0-0-32bit-147-0.88.1 libudev0-32bit-147-0.88.1 References: https://bugzilla.novell.com/805059 https://bugzilla.novell.com/820930 https://bugzilla.novell.com/821419 http://download.novell.com/patch/finder/?keywords=839c1b56fa5b3fd5991cd6aa833bcbf6 From sle-updates at lists.suse.com Wed Jul 10 11:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jul 2013 19:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1173-1: important: Recommended update for icedtea-web Message-ID: <20130710170411.B7FB33213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1173-1 Rating: important References: #825880 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for icedtea-web fixes a regression introduced by the latest OpenJDK update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icedtea-web-7887 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4]: icedtea-web-1.4-0.7.1 References: https://bugzilla.novell.com/825880 http://download.novell.com/patch/finder/?keywords=6950ead5b07a6f6dbd831e7e4fdb878c From sle-updates at lists.suse.com Wed Jul 10 11:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jul 2013 19:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1166-2: moderate: Security update for curl Message-ID: <20130710170415.84A4232248@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1166-2 Rating: moderate References: #824517 Cross-References: CVE-2013-2174 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of curl fixes several security issues. * libcurl URL decode buffer boundary flaw (bnc#824517 / CVE-2013-2174) Security Issue reference: * CVE-2013-2174 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): curl-7.15.1-19.30.1 curl-devel-7.15.1-19.30.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): curl-32bit-7.15.1-19.30.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): curl-x86-7.15.1-19.30.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): curl-64bit-7.15.1-19.30.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): curl-7.15.1-19.30.1 curl-devel-7.15.1-19.30.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): curl-32bit-7.15.1-19.30.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): curl-devel-7.15.1-19.30.1 References: http://support.novell.com/security/cve/CVE-2013-2174.html https://bugzilla.novell.com/824517 http://download.novell.com/patch/finder/?keywords=36472a9fc55e64701eef885c5ac34ebd From sle-updates at lists.suse.com Wed Jul 10 11:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jul 2013 19:04:19 +0200 (CEST) Subject: SUSE-SU-2013:1174-1: important: Security update for icedtea-web Message-ID: <20130710170419.33F9232248@maintenance.suse.de> SUSE Security Update: Security update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1174-1 Rating: important References: #815596 #818768 #825880 Cross-References: CVE-2012-3422 CVE-2012-3423 CVE-2013-1926 CVE-2013-1927 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This update to IcedTea-Web 1.4 provides the following fixes and enhancements: * Security updates o CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path o CVE-2013-1927, RH884705: fixed gifar vulnerabilit o CVE-2012-3422, RH840592: Potential read from an uninitialized memory location o CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings o CVE-2013-1927, RH884705: fixed gifar vulnerability o CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. * NetX o PR1027: DownloadService is not supported by IcedTea-Web o PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run o PR1292: Javaws does not resolve versioned jar names with periods correctly o PR580: http://www.horaoficial.cl/ loads improperly. * Plugin o PR1106: Buffer overflow in plugin table- o PR1166: Embedded JNLP File is not supported in applet tag o PR1217: Add command line arguments for plugins o PR1189: Icedtea-plugin requires code attribute when using jnlp_href o PR1198: JSObject is not passed to javascript correctly o PR1260: IcedTea-Web should not rely on GTK o PR1157: Applets can hang browser after fatal exception o PR580: http://www.horaoficial.cl/ loads improperly o PR1260: IcedTea-Web should not rely on GTK o PR1157: Applets can hang browser after fatal exception. * Common o PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered o PR955: regression: SweetHome3D fails to run o PR1145: IcedTea-Web can cause ClassCircularityError o PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 o PR822: Applets fail to load if jars have different signers o PR1186: System.getProperty("deployment.user.security.trusted.cacerts ") is null o PR909: The Java applet at http://de.gosupermodel.com/games/wardrobegame.jsp fails o PR1299: WebStart doesn't read socket proxy settings from firefox correctly. * Added cs, de, pl localization * Splash screen for javaws and plugin * Better error reporting for plugin via Error-splash-screen * All IcedTea-Web dialogues are centered to middle of active screen * Download indicator made compact for more then one jar * User can select its own JVM via itw-settings and deploy.properties * Added extended applets security settings and dialogue * Added new option in itw-settings which allows users to set JVM arguments when plugin is initialized * Fixed a build failure with older xulrunner * Changed strict openjdk6 dependencies to anything java-openjdk >= 1.6.0. Security Issue references: * CVE-2013-1926 * CVE-2013-1927 * CVE-2012-3422 * CVE-2012-3423 * CVE-2013-1927 * CVE-2013-1926 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-icedtea-web-7981 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4]: icedtea-web-1.4-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-3422.html http://support.novell.com/security/cve/CVE-2012-3423.html http://support.novell.com/security/cve/CVE-2013-1926.html http://support.novell.com/security/cve/CVE-2013-1927.html https://bugzilla.novell.com/815596 https://bugzilla.novell.com/818768 https://bugzilla.novell.com/825880 http://download.novell.com/patch/finder/?keywords=e2d8b10b4253bb88de271814cd974a83 From sle-updates at lists.suse.com Wed Jul 10 16:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jul 2013 00:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1175-1: important: Security update for Mesa Message-ID: <20130710220411.E2FA6320AE@maintenance.suse.de> SUSE Security Update: Security update for Mesa ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1175-1 Rating: important References: #828007 Cross-References: CVE-2013-1872 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: A memory corruption in the Mesa Intel drivers (OOB read/write) has been fixed. (CVE-2013-1872) This could have been potentially exploited by remote attackers who would have been able to inject 3d graphics into the attacked desktop. Security Issue reference: * CVE-2013-1872 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-Mesa-8011 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-Mesa-8011 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-Mesa-8011 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-Mesa-8011 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): Mesa-devel-9.0.3-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): Mesa-devel-32bit-9.0.3-0.19.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): Mesa-9.0.3-0.19.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): Mesa-32bit-9.0.3-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): Mesa-9.0.3-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): Mesa-32bit-9.0.3-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): Mesa-x86-9.0.3-0.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): Mesa-9.0.3-0.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): Mesa-32bit-9.0.3-0.19.1 References: http://support.novell.com/security/cve/CVE-2013-1872.html https://bugzilla.novell.com/828007 http://download.novell.com/patch/finder/?keywords=550a68dfd6351cc111370056d69f61a0 From sle-updates at lists.suse.com Thu Jul 11 13:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jul 2013 21:04:12 +0200 (CEST) Subject: SUSE-SU-2013:1182-1: important: kernel update for SLE11 SP3 Message-ID: <20130711190412.45000321EA@maintenance.suse.de> SUSE Security Update: kernel update for SLE11 SP3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1182-1 Rating: important References: #763968 #773837 #785901 #797090 #797727 #801427 #803320 #804482 #804609 #805804 #806976 #808015 #808136 #808837 #808855 #809130 #809895 #809975 #810722 #812281 #812332 #812526 #812974 #813604 #813922 #815356 #816451 #817035 #817377 #818047 #818371 #818465 #819018 #819195 #819523 #819610 #819655 #820172 #820434 #821052 #821070 #821235 #821799 #821859 #821930 #822066 #822077 #822080 #822164 #822340 #822431 #822722 #822825 #823082 #823223 #823342 #823386 #823597 #823795 #824159 #825037 #825591 #825657 #825696 #826186 Cross-References: CVE-2013-0160 CVE-2013-1774 CVE-2013-1979 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235 Affected Products: SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 15 vulnerabilities and has 50 fixes is now available. Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to 3.0.82 and to fix various bugs and security issues. Following security issues were fixed: CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict keypresses like e.g. passwords. This has been fixed again by updating accessed/modified time on the pty devices in resolution of 8 seconds, so that idle time detection can still work. CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3223: The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3224: The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel did not properly initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3225: The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3227: The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3228: The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3229: The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3231: The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3232: The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3234: The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3235: net/tipc/socket.c in the Linux kernel did not initialize a certain data structure and a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3076: The crypto API in the Linux kernel did not initialize certain length variables, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. CVE-2013-1979: The scm_set_cred function in include/net/scm.h in the Linux kernel used incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application. A kernel information leak via tkill/tgkill was fixed. Following non security bugs were fixed: S/390: - af_iucv: Missing man page (bnc#825037, LTC#94825). - iucv: fix kernel panic at reboot (bnc#825037, LTC#93803). - kernel: lost IPIs on CPU hotplug (bnc#825037, LTC#94784). - dasd: Add missing descriptions for dasd timeout messages (bnc#825037, LTC#94762). - dasd: Fix hanging device after resume with internal error 13 (bnc#825037, LTC#94554). - cio: Suppress 2nd path verification during resume (bnc#825037, LTC#94554). - vmcp: Missing man page (bnc#825037, LTC#94453). - kernel: 3215 console crash (bnc#825037, LTC#94302). - netiucv: Hold rtnl between name allocation and device registration (bnc#824159). - s390/ftrace: fix mcount adjustment (bnc#809895). HyperV: - Drivers: hv: Fix a bug in get_vp_index(). - hyperv: Fix a compiler warning in netvsc_send(). - Tools: hv: Fix a checkpatch warning. - tools: hv: skip iso9660 mounts in hv_vss_daemon. - tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon. - tools: hv: use getmntent in hv_vss_daemon. - Tools: hv: Fix a checkpatch warning. - tools: hv: fix checks for origin of netlink message in hv_vss_daemon. - Tools: hv: fix warnings in hv_vss_daemon. - x86, hyperv: Handle Xen emulation of Hyper-V more gracefully. - hyperv: Fix a kernel warning from netvsc_linkstatus_callback(). - Drivers: hv: balloon: make local functions static. - tools: hv: daemon should check type of received Netlink msg. - tools: hv: daemon setsockopt should use options macros. - tools: hv: daemon should subscribe only to CN_KVP_IDX group. - driver: hv: remove cast for kmalloc return value. - hyperv: use 3.4 as LIC version string (bnc#822431). BTRFS: - btrfs: flush delayed inodes if we are short on space (bnc#801427). - btrfs: rework shrink_delalloc (bnc#801427). - btrfs: fix our overcommit math (bnc#801427). - btrfs: delay block group item insertion (bnc#801427). - btrfs: remove bytes argument from do_chunk_alloc (bnc#801427). - btrfs: run delayed refs first when out of space (bnc#801427). - btrfs: do not commit instead of overcommitting (bnc#801427). - btrfs: do not take inode delalloc mutex if we are a free space inode (bnc#801427). - btrfs: fix chunk allocation error handling (bnc#801427). - btrfs: remove extent mapping if we fail to add chunk (bnc#801427). - btrfs: do not overcommit if we do not have enough space for global rsv (bnc#801427). - btrfs: rework the overcommit logic to be based on the total size (bnc#801427). - btrfs: steal from global reserve if we are cleaning up orphans (bnc#801427). - btrfs: clear chunk_alloc flag on retryable failure (bnc#801427). - btrfs: use reserved space for creating a snapshot (bnc#801427). - btrfs: cleanup to make the function btrfs_delalloc_reserve_metadata more logic (bnc#801427). - btrfs: fix space leak when we fail to reserve metadata space (bnc#801427). - btrfs: fix space accounting for unlink and rename (bnc#801427). - btrfs: allocate new chunks if the space is not enough for global rsv (bnc#801427). - btrfs: various abort cleanups (bnc#812526 bnc#801427). - btrfs: simplify unlink reservations (bnc#801427). XFS: - xfs: Move allocation stack switch up to xfs_bmapi (bnc#815356). - xfs: introduce XFS_BMAPI_STACK_SWITCH (bnc#815356). - xfs: zero allocation_args on the kernel stack (bnc#815356). - xfs: fix debug_object WARN at xfs_alloc_vextent() (bnc#815356). - xfs: do not defer metadata allocation to the workqueue (bnc#815356). - xfs: introduce an allocation workqueue (bnc#815356). - xfs: fix race while discarding buffers [V4] (bnc#815356 (comment 36)). - xfs: Serialize file-extending direct IO (bnc#818371). - xfs: Do not allocate new buffers on every call to _xfs_buf_find (bnc#763968). - xfs: fix buffer lookup race on allocation failure (bnc#763968). ALSA: - Fix VT1708 jack detection on SLEPOS machines (bnc#813922). - ALSA: hda - Avoid choose same converter for unused pins (bnc#826186). - ALSA: hda - Cache the MUX selection for generic HDMI (bnc#826186). - ALSA: hda - Haswell converter power state D0 verify (bnc#826186). - ALSA: hda - Do not take unresponsive D3 transition too serious (bnc#823597). - ALSA: hda - Introduce bit flags to snd_hda_codec_read/write() (bnc#823597). - ALSA: hda - Check CORB overflow (bnc#823597). - ALSA: hda - Check validity of CORB/RIRB WP reads (bnc#823597). - ALSA: hda - Fix system panic when DMA > 40 bits for Nvidia audio controllers (bnc#818465). - ALSA: hda - Add hint for suppressing lower cap for IDT codecs (bnc#812332). - ALSA: hda - Enable mic-mute LED on more HP laptops (bnc#821859). Direct Rendering Manager (DRM): - drm/i915: Add wait_for in init_ring_common (bnc#813604). - drm/i915: Mark the ringbuffers as being in the GTT domain (bnc#813604). - drm/edid: Do not print messages regarding stereo or csync by default (bnc #821235). - drm/i915: force full modeset if the connector is in DPMS OFF mode (bnc #809975). - drm/i915/sdvo: Use &intel_sdvo->ddc instead of intel_sdvo->i2c for DDC (bnc #808855). - drm/mm: fix dump table BUG. (bnc#808837) - drm/i915: Clear the stolen fb before enabling (bnc#808015). XEN: - xen/netback: Update references (bnc#823342). - xen: Check for insane amounts of requests on the ring. - Update Xen patches to 3.0.82. - netback: do not disconnect frontend when seeing oversize packet. - netfront: reduce gso_max_size to account for max TCP header. - netfront: fix kABI after "reduce gso_max_size to account for max TCP header". Other: - x86, efi: retry ExitBootServices() on failure (bnc#823386). - x86/efi: Fix dummy variable buffer allocation (bnc#822080). - ext4: avoid hang when mounting non-journal filesystems with orphan list (bnc#817377). - mm: compaction: Scan PFN caching KABI workaround (Fix KABI breakage (bnc#825657)). - autofs4 - fix get_next_positive_subdir() (bnc#819523). - ocfs2: Add bits_wanted while calculating credits in ocfs2_calc_extend_credits (bnc#822077). - writeback: Avoid needless scanning of b_dirty list (bnc#819018). - writeback: Do not sort b_io list only because of block device inode (bnc#819018). - re-enable io tracing (bnc#785901). - pciehp: Corrected the old mismatching DMI strings. - SUNRPC: Prevent an rpc_task wakeup race (bnc#825591). - tg3: Prevent system hang during repeated EEH errors (bnc#822066). - scsi_dh_alua: multipath failover fails with error 15 (bnc#825696). - Do not switch camera on HP EB 8780 (bnc#797090). - Do not switch webcam for HP EB 8580w (bnc#797090). - mm: fixup compilation error due to an asm write through a const pointer. (bnc#823795) - do not switch cam port on HP EliteBook 840 (bnc#822164). - net/sunrpc: xpt_auth_cache should be ignored when expired (bnc#803320). - sunrpc/cache: ensure items removed from cache do not have pending upcalls (bnc#803320). - sunrpc/cache: remove races with queuing an upcall (bnc#803320). - sunrpc/cache: use cache_fresh_unlocked consistently and correctly (bnc#803320). - KVM: x86: emulate movdqa (bnc#821070). - KVM: x86: emulator: add support for vector alignment (bnc#821070). - KVM: x86: emulator: expand decode flags to 64 bits (bnc#821070). - xhci - correct comp_mode_recovery_timer on return from hibernate (bnc#808136). - md/raid10 enough fixes (bnc#773837). - lib/Makefile: Fix oid_registry build dependency (bnc#823223). - Update config files: disable IP_PNP (bnc#822825) - Fix kABI breakage for addition of snd_hda_bus.no_response_fallback (bnc#823597). - Disable efi pstore by default (bnc#804482 bnc#820172). - md: Fix problem with GET_BITMAP_FILE returning wrong status (bnc#812974). - bnx2x: Fix bridged GSO for 57710/57711 chips (bnc#819610). - USB: xHCI: override bogus bulk wMaxPacketSize values (bnc#823082). - BTUSB: Add MediaTek bluetooth MT76x0E support (bnc#797727 bnc#822340). - qlge: Update version to 1.00.00.32 (bnc#819195). - qlge: Fix ethtool autoneg advertising (bnc#819195). - qlge: Fix receive path to drop error frames (bnc#819195). - qlge: remove NETIF_F_TSO6 flag (bnc#819195). - remove init of dev->perm_addr in drivers (bnc#819195). - drivers/net: fix up function prototypes after __dev* removals (bnc#819195). - qlge: remove __dev* attributes (bnc#819195). - drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding style issue (bnc#819195). - cxgb4: Force uninitialized state if FW_ON_ADAPTER is < FW_VERSION and we are the MASTER_PF (bnc#809130). - USB: UHCI: fix for suspend of virtual HP controller (bnc#817035). - timer_list: Convert timer list to be a proper seq_file (bnc#818047). - timer_list: Split timer_list_show_tickdevices (bnc#818047). - sched: Fix /proc/sched_debug failure on very very large systems (bnc#818047). - sched: Fix /proc/sched_stat failure on very very large systems (bnc#818047). - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - libfc: do not exch_done() on invalid sequence ptr (bnc#810722). - netfilter: ip6t_LOG: fix logging of packet mark (bnc#821930). - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID (bnc#819655). - HWPOISON: fix misjudgement of page_action() for errors on mlocked pages (Memory failure RAS (bnc#821799)). - HWPOISON: check dirty flag to match against clean page (Memory failure RAS (bnc#821799)). - HWPOISON: change order of error_states elements (Memory failure RAS (bnc#821799)). - mm: hwpoison: fix action_result() to print out dirty/clean (Memory failure RAS (bnc#821799)). - mm: mmu_notifier: re-fix freed page still mapped in secondary MMU (bnc#821052). - Do not switch webcams in some HP ProBooks to XHCI (bnc#805804). - Do not switch BT on HP ProBook 4340 (bnc#812281). - mm: memory_dev_init make sure nmi watchdog does not trigger while registering memory sections (bnc#804609, bnc#820434). - mm: compaction: Restart compaction from near where it left off - mm: compaction: cache if a pageblock was scanned and no pages were isolated - mm: compaction: clear PG_migrate_skip based on compaction and reclaim activity - mm: compaction: Scan PFN caching KABI workaround - mm: page_allocator: Remove first_pass guard - mm: vmscan: do not stall on writeback during memory compaction Cache compaction restart points for faster compaction cycles (bnc#816451) Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SLE 11 SERVER Unsupported Extras (ppc64 s390x x86_64): kernel-default-extra-3.0.82-0.7.9 - SLE 11 SERVER Unsupported Extras (x86_64): kernel-xen-extra-3.0.82-0.7.9 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-3.0.82-0.7.9 References: http://support.novell.com/security/cve/CVE-2013-0160.html http://support.novell.com/security/cve/CVE-2013-1774.html http://support.novell.com/security/cve/CVE-2013-1979.html http://support.novell.com/security/cve/CVE-2013-3076.html http://support.novell.com/security/cve/CVE-2013-3222.html http://support.novell.com/security/cve/CVE-2013-3223.html http://support.novell.com/security/cve/CVE-2013-3224.html http://support.novell.com/security/cve/CVE-2013-3225.html http://support.novell.com/security/cve/CVE-2013-3227.html http://support.novell.com/security/cve/CVE-2013-3228.html http://support.novell.com/security/cve/CVE-2013-3229.html http://support.novell.com/security/cve/CVE-2013-3231.html http://support.novell.com/security/cve/CVE-2013-3232.html http://support.novell.com/security/cve/CVE-2013-3234.html http://support.novell.com/security/cve/CVE-2013-3235.html https://bugzilla.novell.com/763968 https://bugzilla.novell.com/773837 https://bugzilla.novell.com/785901 https://bugzilla.novell.com/797090 https://bugzilla.novell.com/797727 https://bugzilla.novell.com/801427 https://bugzilla.novell.com/803320 https://bugzilla.novell.com/804482 https://bugzilla.novell.com/804609 https://bugzilla.novell.com/805804 https://bugzilla.novell.com/806976 https://bugzilla.novell.com/808015 https://bugzilla.novell.com/808136 https://bugzilla.novell.com/808837 https://bugzilla.novell.com/808855 https://bugzilla.novell.com/809130 https://bugzilla.novell.com/809895 https://bugzilla.novell.com/809975 https://bugzilla.novell.com/810722 https://bugzilla.novell.com/812281 https://bugzilla.novell.com/812332 https://bugzilla.novell.com/812526 https://bugzilla.novell.com/812974 https://bugzilla.novell.com/813604 https://bugzilla.novell.com/813922 https://bugzilla.novell.com/815356 https://bugzilla.novell.com/816451 https://bugzilla.novell.com/817035 https://bugzilla.novell.com/817377 https://bugzilla.novell.com/818047 https://bugzilla.novell.com/818371 https://bugzilla.novell.com/818465 https://bugzilla.novell.com/819018 https://bugzilla.novell.com/819195 https://bugzilla.novell.com/819523 https://bugzilla.novell.com/819610 https://bugzilla.novell.com/819655 https://bugzilla.novell.com/820172 https://bugzilla.novell.com/820434 https://bugzilla.novell.com/821052 https://bugzilla.novell.com/821070 https://bugzilla.novell.com/821235 https://bugzilla.novell.com/821799 https://bugzilla.novell.com/821859 https://bugzilla.novell.com/821930 https://bugzilla.novell.com/822066 https://bugzilla.novell.com/822077 https://bugzilla.novell.com/822080 https://bugzilla.novell.com/822164 https://bugzilla.novell.com/822340 https://bugzilla.novell.com/822431 https://bugzilla.novell.com/822722 https://bugzilla.novell.com/822825 https://bugzilla.novell.com/823082 https://bugzilla.novell.com/823223 https://bugzilla.novell.com/823342 https://bugzilla.novell.com/823386 https://bugzilla.novell.com/823597 https://bugzilla.novell.com/823795 https://bugzilla.novell.com/824159 https://bugzilla.novell.com/825037 https://bugzilla.novell.com/825591 https://bugzilla.novell.com/825657 https://bugzilla.novell.com/825696 https://bugzilla.novell.com/826186 http://download.novell.com/patch/finder/?keywords=9deafe882b5e3b5f0df9f5075f0d6114 http://download.novell.com/patch/finder/?keywords=bdd1cc737ed1a109b28b077184acad08 http://download.novell.com/patch/finder/?keywords=ddd472e1f756fe2a224c4a247ce90bef From sle-updates at lists.suse.com Thu Jul 11 22:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 06:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1183-1: moderate: Security update for xorg-x11 Message-ID: <20130712040410.EC7E53208D@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1183-1 Rating: moderate References: #815451 #821663 #821664 #821665 #821667 #821668 #821669 #821670 #821671 #824294 Cross-References: CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2063 CVE-2013-2066 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. Description: This update of xorg-x11 fixes several security vulnerabilities. * Bug 815451- X.Org Security Advisory: May 23, 2013 * Bug 821664 - libX11 * Bug 821671 - libXv * Bug 821670 - libXt * Bug 821669 - libXrender * Bug 821668 - libXp * Bug 821667 - libXfixes * Bug 821665 - libXext * Bug 821663 - libFS, libXcursor, libXi, libXinerama, libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmx Security Issue references: * CVE-2013-1981 * CVE-2013-1982 * CVE-2013-1983 * CVE-2013-1984 * CVE-2013-1985 * CVE-2013-1987 * CVE-2013-1988 * CVE-2013-1989 * CVE-2013-1990 * CVE-2013-1991 * CVE-2013-1992 * CVE-2013-1995 * CVE-2013-1996 * CVE-2013-1997 * CVE-2013-1998 * CVE-2013-1999 * CVE-2013-2000 * CVE-2013-2001 * CVE-2013-2002 * CVE-2013-2003 * CVE-2013-2004 * CVE-2013-2005 * CVE-2013-2062 * CVE-2013-2063 * CVE-2013-2066 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): xorg-x11-6.9.0-50.84.4 xorg-x11-Xnest-6.9.0-50.84.4 xorg-x11-Xvfb-6.9.0-50.84.4 xorg-x11-Xvnc-6.9.0-50.84.4 xorg-x11-devel-6.9.0-50.84.4 xorg-x11-doc-6.9.0-50.84.4 xorg-x11-fonts-100dpi-6.9.0-50.84.4 xorg-x11-fonts-75dpi-6.9.0-50.84.4 xorg-x11-fonts-cyrillic-6.9.0-50.84.4 xorg-x11-fonts-scalable-6.9.0-50.84.4 xorg-x11-fonts-syriac-6.9.0-50.84.4 xorg-x11-libs-6.9.0-50.84.4 xorg-x11-man-6.9.0-50.84.4 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64): xorg-x11-sdk-6.9.0-50.84.4 xorg-x11-server-6.9.0-50.84.4 xorg-x11-server-glx-6.9.0-50.84.4 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): xorg-x11-devel-32bit-6.9.0-50.84.4 xorg-x11-libs-32bit-6.9.0-50.84.4 - SUSE Linux Enterprise Server 10 SP4 (ia64): xorg-x11-libs-x86-6.9.0-50.84.4 - SUSE Linux Enterprise Server 10 SP4 (ppc): xorg-x11-devel-64bit-6.9.0-50.84.4 xorg-x11-libs-64bit-6.9.0-50.84.4 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): xorg-x11-6.9.0-50.84.4 xorg-x11-Xnest-6.9.0-50.84.4 xorg-x11-Xvfb-6.9.0-50.84.4 xorg-x11-Xvnc-6.9.0-50.84.4 xorg-x11-devel-6.9.0-50.84.4 xorg-x11-fonts-100dpi-6.9.0-50.84.4 xorg-x11-fonts-75dpi-6.9.0-50.84.4 xorg-x11-fonts-cyrillic-6.9.0-50.84.4 xorg-x11-fonts-scalable-6.9.0-50.84.4 xorg-x11-fonts-syriac-6.9.0-50.84.4 xorg-x11-libs-6.9.0-50.84.4 xorg-x11-man-6.9.0-50.84.4 xorg-x11-server-6.9.0-50.84.4 xorg-x11-server-glx-6.9.0-50.84.4 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): xorg-x11-devel-32bit-6.9.0-50.84.4 xorg-x11-libs-32bit-6.9.0-50.84.4 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): xorg-x11-Xvfb-6.9.0-50.84.4 xorg-x11-doc-6.9.0-50.84.4 - SLE SDK 10 SP4 (i586 ia64 ppc x86_64): xorg-x11-sdk-6.9.0-50.84.4 References: http://support.novell.com/security/cve/CVE-2013-1981.html http://support.novell.com/security/cve/CVE-2013-1982.html http://support.novell.com/security/cve/CVE-2013-1983.html http://support.novell.com/security/cve/CVE-2013-1984.html http://support.novell.com/security/cve/CVE-2013-1985.html http://support.novell.com/security/cve/CVE-2013-1987.html http://support.novell.com/security/cve/CVE-2013-1988.html http://support.novell.com/security/cve/CVE-2013-1989.html http://support.novell.com/security/cve/CVE-2013-1990.html http://support.novell.com/security/cve/CVE-2013-1991.html http://support.novell.com/security/cve/CVE-2013-1992.html http://support.novell.com/security/cve/CVE-2013-1995.html http://support.novell.com/security/cve/CVE-2013-1996.html http://support.novell.com/security/cve/CVE-2013-1997.html http://support.novell.com/security/cve/CVE-2013-1998.html http://support.novell.com/security/cve/CVE-2013-1999.html http://support.novell.com/security/cve/CVE-2013-2000.html http://support.novell.com/security/cve/CVE-2013-2001.html http://support.novell.com/security/cve/CVE-2013-2002.html http://support.novell.com/security/cve/CVE-2013-2003.html http://support.novell.com/security/cve/CVE-2013-2004.html http://support.novell.com/security/cve/CVE-2013-2005.html http://support.novell.com/security/cve/CVE-2013-2062.html http://support.novell.com/security/cve/CVE-2013-2063.html http://support.novell.com/security/cve/CVE-2013-2066.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821663 https://bugzilla.novell.com/821664 https://bugzilla.novell.com/821665 https://bugzilla.novell.com/821667 https://bugzilla.novell.com/821668 https://bugzilla.novell.com/821669 https://bugzilla.novell.com/821670 https://bugzilla.novell.com/821671 https://bugzilla.novell.com/824294 http://download.novell.com/patch/finder/?keywords=0d0adbe855f0a576da72ba4a295c3364 From sle-updates at lists.suse.com Thu Jul 11 23:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 07:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1184-1: moderate: Recommended update for timezone Message-ID: <20130712050410.E87803213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1184-1 Rating: moderate References: #828372 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Morocco's midsummer transitions this year are July 7 and August 10 * Israel now falls back from DST on the last Sunday of October * Palestine observed DST starting March 29, 2013 * From 2013 on, Gaza and Hebron both observe DST. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-timezone-2013d-8023 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-timezone-2013d-8023 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-timezone-2013d-8023 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-timezone-2013d-8023 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2013d]: timezone-2013d-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.5.1 References: https://bugzilla.novell.com/828372 http://download.novell.com/patch/finder/?keywords=7f5d860312e57031d5069b6a4f368d98 http://download.novell.com/patch/finder/?keywords=c3ac2cd4a58aada4494dc89ceb2111da From sle-updates at lists.suse.com Fri Jul 12 00:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 08:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1182-2: important: Security update for Linux kernel Message-ID: <20130712060411.D14BE3208D@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1182-2 Rating: important References: #763968 #773837 #785901 #797090 #797727 #801427 #803320 #804482 #804609 #805804 #806976 #808015 #808136 #808837 #808855 #809130 #809895 #809975 #810722 #812281 #812332 #812526 #812974 #813604 #813922 #815356 #816451 #817035 #817377 #818047 #818371 #818465 #819018 #819195 #819523 #819610 #819655 #820172 #820434 #821052 #821070 #821235 #821799 #821859 #821930 #822066 #822077 #822080 #822164 #822340 #822431 #822722 #822825 #823082 #823223 #823342 #823386 #823597 #823795 #824159 #825037 #825591 #825657 #825696 #826186 Cross-References: CVE-2013-0160 CVE-2013-1774 CVE-2013-1979 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 15 vulnerabilities and has 50 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed: * CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. * CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict keypresses like e.g. passwords. This has been fixed again by updating accessed/modified time on the pty devices in resolution of 8 seconds, so that idle time detection can still work. * CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3223: The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3224: The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel did not properly initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3225: The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3227: The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3228: The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3229: The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3231: The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3232: The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3234: The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3235: net/tipc/socket.c in the Linux kernel did not initialize a certain data structure and a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. * CVE-2013-3076: The crypto API in the Linux kernel did not initialize certain length variables, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. * CVE-2013-1979: The scm_set_cred function in include/net/scm.h in the Linux kernel used incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application. * A kernel information leak via tkill/tgkill was fixed. The following non-security bugs have been fixed: S/390: * af_iucv: Missing man page (bnc#825037, LTC#94825). * iucv: fix kernel panic at reboot (bnc#825037, LTC#93803). * kernel: lost IPIs on CPU hotplug (bnc#825037, LTC#94784). * dasd: Add missing descriptions for dasd timeout messages (bnc#825037, LTC#94762). * dasd: Fix hanging device after resume with internal error 13 (bnc#825037, LTC#94554). * cio: Suppress 2nd path verification during resume (bnc#825037, LTC#94554). * vmcp: Missing man page (bnc#825037, LTC#94453). * kernel: 3215 console crash (bnc#825037, LTC#94302). * netiucv: Hold rtnl between name allocation and device registration (bnc#824159). * s390/ftrace: fix mcount adjustment (bnc#809895). HyperV: * Drivers: hv: Fix a bug in get_vp_index(). * hyperv: Fix a compiler warning in netvsc_send(). * Tools: hv: Fix a checkpatch warning. * tools: hv: skip iso9660 mounts in hv_vss_daemon. * tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon. * tools: hv: use getmntent in hv_vss_daemon. * Tools: hv: Fix a checkpatch warning. * tools: hv: fix checks for origin of netlink message in hv_vss_daemon. * Tools: hv: fix warnings in hv_vss_daemon. * x86, hyperv: Handle Xen emulation of Hyper-V more gracefully. * hyperv: Fix a kernel warning from netvsc_linkstatus_callback(). * Drivers: hv: balloon: make local functions static. * tools: hv: daemon should check type of received Netlink msg. * tools: hv: daemon setsockopt should use options macros. * tools: hv: daemon should subscribe only to CN_KVP_IDX group. * driver: hv: remove cast for kmalloc return value. * hyperv: use 3.4 as LIC version string (bnc#822431). BTRFS: * btrfs: flush delayed inodes if we are short on space (bnc#801427). * btrfs: rework shrink_delalloc (bnc#801427). * btrfs: fix our overcommit math (bnc#801427). * btrfs: delay block group item insertion (bnc#801427). * btrfs: remove bytes argument from do_chunk_alloc (bnc#801427). * btrfs: run delayed refs first when out of space (bnc#801427). * btrfs: do not commit instead of overcommitting (bnc#801427). * btrfs: do not take inode delalloc mutex if we are a free space inode (bnc#801427). * btrfs: fix chunk allocation error handling (bnc#801427). * btrfs: remove extent mapping if we fail to add chunk (bnc#801427). * btrfs: do not overcommit if we do not have enough space for global rsv (bnc#801427). * btrfs: rework the overcommit logic to be based on the total size (bnc#801427). * btrfs: steal from global reserve if we are cleaning up orphans (bnc#801427). * btrfs: clear chunk_alloc flag on retryable failure (bnc#801427). * btrfs: use reserved space for creating a snapshot (bnc#801427). * btrfs: cleanup to make the function btrfs_delalloc_reserve_metadata more logic (bnc#801427). * btrfs: fix space leak when we fail to reserve metadata space (bnc#801427). * btrfs: fix space accounting for unlink and rename (bnc#801427). * btrfs: allocate new chunks if the space is not enough for global rsv (bnc#801427). * btrfs: various abort cleanups (bnc#812526 bnc#801427). * btrfs: simplify unlink reservations (bnc#801427). XFS: * xfs: Move allocation stack switch up to xfs_bmapi (bnc#815356). * xfs: introduce XFS_BMAPI_STACK_SWITCH (bnc#815356). * xfs: zero allocation_args on the kernel stack (bnc#815356). * xfs: fix debug_object WARN at xfs_alloc_vextent() (bnc#815356). * xfs: do not defer metadata allocation to the workqueue (bnc#815356). * xfs: introduce an allocation workqueue (bnc#815356). * xfs: fix race while discarding buffers [V4] (bnc#815356 (comment 36)). * xfs: Serialize file-extending direct IO (bnc#818371). * xfs: Do not allocate new buffers on every call to _xfs_buf_find (bnc#763968). * xfs: fix buffer lookup race on allocation failure (bnc#763968). ALSA: * Fix VT1708 jack detection on SLEPOS machines (bnc#813922). * ALSA: hda - Avoid choose same converter for unused pins (bnc#826186). * ALSA: hda - Cache the MUX selection for generic HDMI (bnc#826186). * ALSA: hda - Haswell converter power state D0 verify (bnc#826186). * ALSA: hda - Do not take unresponsive D3 transition too serious (bnc#823597). * ALSA: hda - Introduce bit flags to snd_hda_codec_read/write() (bnc#823597). * ALSA: hda - Check CORB overflow (bnc#823597). * ALSA: hda - Check validity of CORB/RIRB WP reads (bnc#823597). * ALSA: hda - Fix system panic when DMA > 40 bits for Nvidia audio controllers (bnc#818465). * ALSA: hda - Add hint for suppressing lower cap for IDT codecs (bnc#812332). * ALSA: hda - Enable mic-mute LED on more HP laptops (bnc#821859). Direct Rendering Manager (DRM): * drm/i915: Add wait_for in init_ring_common (bnc#813604). * drm/i915: Mark the ringbuffers as being in the GTT domain (bnc#813604). * drm/edid: Do not print messages regarding stereo or csync by default (bnc #821235). * drm/i915: force full modeset if the connector is in DPMS OFF mode (bnc #809975). * drm/i915/sdvo: Use &intel_sdvo->ddc instead of intel_sdvo->i2c for DDC (bnc #808855). * drm/mm: fix dump table BUG. (bnc#808837) * drm/i915: Clear the stolen fb before enabling (bnc#808015). XEN: * xen/netback: Update references (bnc#823342). * xen: Check for insane amounts of requests on the ring. * Update Xen patches to 3.0.82. * netback: do not disconnect frontend when seeing oversize packet. * netfront: reduce gso_max_size to account for max TCP header. * netfront: fix kABI after "reduce gso_max_size to account for max TCP header". Other: * x86, efi: retry ExitBootServices() on failure (bnc#823386). * x86/efi: Fix dummy variable buffer allocation (bnc#822080). * ext4: avoid hang when mounting non-journal filesystems with orphan list (bnc#817377). * mm: compaction: Scan PFN caching KABI workaround (Fix KABI breakage (bnc#825657)). * autofs4 - fix get_next_positive_subdir() (bnc#819523). * ocfs2: Add bits_wanted while calculating credits in ocfs2_calc_extend_credits (bnc#822077). * writeback: Avoid needless scanning of b_dirty list (bnc#819018). * writeback: Do not sort b_io list only because of block device inode (bnc#819018). * re-enable io tracing (bnc#785901). * pciehp: Corrected the old mismatching DMI strings. * SUNRPC: Prevent an rpc_task wakeup race (bnc#825591). * tg3: Prevent system hang during repeated EEH errors (bnc#822066). * scsi_dh_alua: multipath failover fails with error 15 (bnc#825696). * Do not switch camera on HP EB 8780 (bnc#797090). * Do not switch webcam for HP EB 8580w (bnc#797090). * mm: fixup compilation error due to an asm write through a const pointer. (bnc#823795) * do not switch cam port on HP EliteBook 840 (bnc#822164). * net/sunrpc: xpt_auth_cache should be ignored when expired (bnc#803320). * sunrpc/cache: ensure items removed from cache do not have pending upcalls (bnc#803320). * sunrpc/cache: remove races with queuing an upcall (bnc#803320). * sunrpc/cache: use cache_fresh_unlocked consistently and correctly (bnc#803320). * KVM: x86: emulate movdqa (bnc#821070). * KVM: x86: emulator: add support for vector alignment (bnc#821070). * KVM: x86: emulator: expand decode flags to 64 bits (bnc#821070). * xhci - correct comp_mode_recovery_timer on return from hibernate (bnc#808136). * md/raid10 enough fixes (bnc#773837). * lib/Makefile: Fix oid_registry build dependency (bnc#823223). * Update config files: disable IP_PNP (bnc#822825) * Fix kABI breakage for addition of snd_hda_bus.no_response_fallback (bnc#823597). * Disable efi pstore by default (bnc#804482 bnc#820172). * md: Fix problem with GET_BITMAP_FILE returning wrong status (bnc#812974). * bnx2x: Fix bridged GSO for 57710/57711 chips (bnc#819610). * USB: xHCI: override bogus bulk wMaxPacketSize values (bnc#823082). * BTUSB: Add MediaTek bluetooth MT76x0E support (bnc#797727 bnc#822340). * qlge: Update version to 1.00.00.32 (bnc#819195). * qlge: Fix ethtool autoneg advertising (bnc#819195). * qlge: Fix receive path to drop error frames (bnc#819195). * qlge: remove NETIF_F_TSO6 flag (bnc#819195). * remove init of dev->perm_addr in drivers (bnc#819195). * drivers/net: fix up function prototypes after __dev* removals (bnc#819195). * qlge: remove __dev* attributes (bnc#819195). * drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding style issue (bnc#819195). * cxgb4: Force uninitialized state if FW_ON_ADAPTER is < FW_VERSION and we are the MASTER_PF (bnc#809130). * USB: UHCI: fix for suspend of virtual HP controller (bnc#817035). * timer_list: Convert timer list to be a proper seq_file (bnc#818047). * timer_list: Split timer_list_show_tickdevices (bnc#818047). * sched: Fix /proc/sched_debug failure on very very large systems (bnc#818047). * sched: Fix /proc/sched_stat failure on very very large systems (bnc#818047). * reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). * libfc: do not exch_done() on invalid sequence ptr (bnc#810722). * netfilter: ip6t_LOG: fix logging of packet mark (bnc#821930). * virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID (bnc#819655). * HWPOISON: fix misjudgement of page_action() for errors on mlocked pages (Memory failure RAS (bnc#821799)). * HWPOISON: check dirty flag to match against clean page (Memory failure RAS (bnc#821799)). * HWPOISON: change order of error_states elements (Memory failure RAS (bnc#821799)). * mm: hwpoison: fix action_result() to print out dirty/clean (Memory failure RAS (bnc#821799)). * mm: mmu_notifier: re-fix freed page still mapped in secondary MMU (bnc#821052). * Do not switch webcams in some HP ProBooks to XHCI (bnc#805804). * Do not switch BT on HP ProBook 4340 (bnc#812281). * mm: memory_dev_init make sure nmi watchdog does not trigger while registering memory sections (bnc#804609, bnc#820434). * mm: compaction: Restart compaction from near where it left off * mm: compaction: cache if a pageblock was scanned and no pages were isolated * mm: compaction: clear PG_migrate_skip based on compaction and reclaim activity * mm: compaction: Scan PFN caching KABI workaround * mm: page_allocator: Remove first_pass guard * mm: vmscan: do not stall on writeback during memory compaction Cache compaction restart points for faster compaction cycles (bnc#816451) Security Issue references: * CVE-2013-0160 * CVE-2013-1774 * CVE-2013-1979 * CVE-2013-3076 * CVE-2013-3222 * CVE-2013-3223 * CVE-2013-3224 * CVE-2013-3225 * CVE-2013-3227 * CVE-2013-3228 * CVE-2013-3229 * CVE-2013-3231 * CVE-2013-3232 * CVE-2013-3234 * CVE-2013-3235 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kernel-7991 slessp3-kernel-7992 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kernel-7991 slessp3-kernel-7992 slessp3-kernel-7993 slessp3-kernel-7994 slessp3-kernel-8000 - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-kernel-7991 slehasp3-kernel-7992 slehasp3-kernel-7993 slehasp3-kernel-7994 slehasp3-kernel-8000 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kernel-7991 sledsp3-kernel-7992 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.82]: kernel-default-3.0.82-0.7.9 kernel-default-base-3.0.82-0.7.9 kernel-default-devel-3.0.82-0.7.9 kernel-source-3.0.82-0.7.9 kernel-syms-3.0.82-0.7.9 kernel-trace-3.0.82-0.7.9 kernel-trace-base-3.0.82-0.7.9 kernel-trace-devel-3.0.82-0.7.9 kernel-xen-devel-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.82]: kernel-pae-3.0.82-0.7.9 kernel-pae-base-3.0.82-0.7.9 kernel-pae-devel-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.82]: kernel-default-3.0.82-0.7.9 kernel-default-base-3.0.82-0.7.9 kernel-default-devel-3.0.82-0.7.9 kernel-source-3.0.82-0.7.9 kernel-syms-3.0.82-0.7.9 kernel-trace-3.0.82-0.7.9 kernel-trace-base-3.0.82-0.7.9 kernel-trace-devel-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.82]: kernel-ec2-3.0.82-0.7.9 kernel-ec2-base-3.0.82-0.7.9 kernel-ec2-devel-3.0.82-0.7.9 kernel-xen-3.0.82-0.7.9 kernel-xen-base-3.0.82-0.7.9 kernel-xen-devel-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 (x86_64): xen-kmp-default-4.2.2_04_3.0.82_0.7-0.9.3 - SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.82]: kernel-default-man-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.82]: kernel-ppc64-3.0.82-0.7.9 kernel-ppc64-base-3.0.82-0.7.9 kernel-ppc64-devel-3.0.82-0.7.9 - SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.82]: kernel-pae-3.0.82-0.7.9 kernel-pae-base-3.0.82-0.7.9 kernel-pae-devel-3.0.82-0.7.9 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.82_0.7-2.25.3 cluster-network-kmp-trace-1.4_3.0.82_0.7-2.25.3 gfs2-kmp-default-2_3.0.82_0.7-0.16.3 gfs2-kmp-trace-2_3.0.82_0.7-0.16.3 ocfs2-kmp-default-1.6_3.0.82_0.7-0.18.3 ocfs2-kmp-trace-1.6_3.0.82_0.7-0.18.3 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.82_0.7-2.25.3 gfs2-kmp-xen-2_3.0.82_0.7-0.16.3 ocfs2-kmp-xen-1.6_3.0.82_0.7-0.18.3 - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.82_0.7-2.25.3 gfs2-kmp-ppc64-2_3.0.82_0.7-0.16.3 ocfs2-kmp-ppc64-1.6_3.0.82_0.7-0.18.3 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586): cluster-network-kmp-pae-1.4_3.0.82_0.7-2.25.3 gfs2-kmp-pae-2_3.0.82_0.7-0.16.3 ocfs2-kmp-pae-1.6_3.0.82_0.7-0.18.3 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.82]: kernel-default-3.0.82-0.7.9 kernel-default-base-3.0.82-0.7.9 kernel-default-devel-3.0.82-0.7.9 kernel-default-extra-3.0.82-0.7.9 kernel-source-3.0.82-0.7.9 kernel-syms-3.0.82-0.7.9 kernel-trace-devel-3.0.82-0.7.9 kernel-xen-3.0.82-0.7.9 kernel-xen-base-3.0.82-0.7.9 kernel-xen-devel-3.0.82-0.7.9 kernel-xen-extra-3.0.82-0.7.9 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xen-kmp-default-4.2.2_04_3.0.82_0.7-0.9.3 - SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.82]: kernel-pae-3.0.82-0.7.9 kernel-pae-base-3.0.82-0.7.9 kernel-pae-devel-3.0.82-0.7.9 kernel-pae-extra-3.0.82-0.7.9 - SLE 11 SERVER Unsupported Extras (i586 ia64): kernel-default-extra-3.0.82-0.7.9 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-3.0.82-0.7.9 kernel-xen-extra-3.0.82-0.7.9 References: http://support.novell.com/security/cve/CVE-2013-0160.html http://support.novell.com/security/cve/CVE-2013-1774.html http://support.novell.com/security/cve/CVE-2013-1979.html http://support.novell.com/security/cve/CVE-2013-3076.html http://support.novell.com/security/cve/CVE-2013-3222.html http://support.novell.com/security/cve/CVE-2013-3223.html http://support.novell.com/security/cve/CVE-2013-3224.html http://support.novell.com/security/cve/CVE-2013-3225.html http://support.novell.com/security/cve/CVE-2013-3227.html http://support.novell.com/security/cve/CVE-2013-3228.html http://support.novell.com/security/cve/CVE-2013-3229.html http://support.novell.com/security/cve/CVE-2013-3231.html http://support.novell.com/security/cve/CVE-2013-3232.html http://support.novell.com/security/cve/CVE-2013-3234.html http://support.novell.com/security/cve/CVE-2013-3235.html https://bugzilla.novell.com/763968 https://bugzilla.novell.com/773837 https://bugzilla.novell.com/785901 https://bugzilla.novell.com/797090 https://bugzilla.novell.com/797727 https://bugzilla.novell.com/801427 https://bugzilla.novell.com/803320 https://bugzilla.novell.com/804482 https://bugzilla.novell.com/804609 https://bugzilla.novell.com/805804 https://bugzilla.novell.com/806976 https://bugzilla.novell.com/808015 https://bugzilla.novell.com/808136 https://bugzilla.novell.com/808837 https://bugzilla.novell.com/808855 https://bugzilla.novell.com/809130 https://bugzilla.novell.com/809895 https://bugzilla.novell.com/809975 https://bugzilla.novell.com/810722 https://bugzilla.novell.com/812281 https://bugzilla.novell.com/812332 https://bugzilla.novell.com/812526 https://bugzilla.novell.com/812974 https://bugzilla.novell.com/813604 https://bugzilla.novell.com/813922 https://bugzilla.novell.com/815356 https://bugzilla.novell.com/816451 https://bugzilla.novell.com/817035 https://bugzilla.novell.com/817377 https://bugzilla.novell.com/818047 https://bugzilla.novell.com/818371 https://bugzilla.novell.com/818465 https://bugzilla.novell.com/819018 https://bugzilla.novell.com/819195 https://bugzilla.novell.com/819523 https://bugzilla.novell.com/819610 https://bugzilla.novell.com/819655 https://bugzilla.novell.com/820172 https://bugzilla.novell.com/820434 https://bugzilla.novell.com/821052 https://bugzilla.novell.com/821070 https://bugzilla.novell.com/821235 https://bugzilla.novell.com/821799 https://bugzilla.novell.com/821859 https://bugzilla.novell.com/821930 https://bugzilla.novell.com/822066 https://bugzilla.novell.com/822077 https://bugzilla.novell.com/822080 https://bugzilla.novell.com/822164 https://bugzilla.novell.com/822340 https://bugzilla.novell.com/822431 https://bugzilla.novell.com/822722 https://bugzilla.novell.com/822825 https://bugzilla.novell.com/823082 https://bugzilla.novell.com/823223 https://bugzilla.novell.com/823342 https://bugzilla.novell.com/823386 https://bugzilla.novell.com/823597 https://bugzilla.novell.com/823795 https://bugzilla.novell.com/824159 https://bugzilla.novell.com/825037 https://bugzilla.novell.com/825591 https://bugzilla.novell.com/825657 https://bugzilla.novell.com/825696 https://bugzilla.novell.com/826186 http://download.novell.com/patch/finder/?keywords=49f7874a175529c59329baae054899e0 http://download.novell.com/patch/finder/?keywords=791cb1bb4aba7ca75e2e478593c653e9 http://download.novell.com/patch/finder/?keywords=7cb18c7bcebceb94dd2514f7fc68034b http://download.novell.com/patch/finder/?keywords=b2cd3e34903a77d5b7bee3e293386aec http://download.novell.com/patch/finder/?keywords=befc91a3baffe1e8ef34f3ebd0f9922b http://download.novell.com/patch/finder/?keywords=d52cf2180c196dd33a4180877ad434ff http://download.novell.com/patch/finder/?keywords=febfa3d8532573af9a9f2671f911e520 From sle-updates at lists.suse.com Fri Jul 12 00:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 08:04:16 +0200 (CEST) Subject: SUSE-SU-2013:1098-2: moderate: Security update for Mesa Message-ID: <20130712060416.383B83208D@maintenance.suse.de> SUSE Security Update: Security update for Mesa ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1098-2 Rating: moderate References: #815451 #821855 Cross-References: CVE-2013-1993 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update of Mesa fixes multiple integer overflows. Security Issue reference: * CVE-2013-1993 Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): Mesa-6.4.2-19.20.2 Mesa-devel-6.4.2-19.20.2 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): Mesa-32bit-6.4.2-19.20.2 Mesa-devel-32bit-6.4.2-19.20.2 - SUSE Linux Enterprise Server 10 SP4 (ia64): Mesa-x86-6.4.2-19.20.2 - SUSE Linux Enterprise Server 10 SP4 (ppc): Mesa-64bit-6.4.2-19.20.2 Mesa-devel-64bit-6.4.2-19.20.2 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): Mesa-6.4.2-19.20.2 Mesa-devel-6.4.2-19.20.2 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): Mesa-32bit-6.4.2-19.20.2 Mesa-devel-32bit-6.4.2-19.20.2 References: http://support.novell.com/security/cve/CVE-2013-1993.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821855 http://download.novell.com/patch/finder/?keywords=ead44002505a3c1d8f81d2f879ef6d0c From sle-updates at lists.suse.com Fri Jul 12 12:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 20:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1189-1: Recommended update for perf Message-ID: <20130712180412.499643208D@maintenance.suse.de> SUSE Recommended Update: Recommended update for perf ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1189-1 Rating: low References: #823891 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for perf fixes the following issue: * Perf top prints "Can't find guest" messages when kvm guest is running. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-perf-7890 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-perf-7890 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): perf-3.0.76-2.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): perf-3.0.76-2.11.1 References: https://bugzilla.novell.com/823891 http://download.novell.com/patch/finder/?keywords=7d168ab8fd65f3461316075f82ca6939 From sle-updates at lists.suse.com Fri Jul 12 13:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jul 2013 21:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1190-1: moderate: Security update for krb5 Message-ID: <20130712190410.8CC4F321EA@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1190-1 Rating: moderate References: #825985 Cross-References: CVE-2002-2443 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This krb5 update fixes a security issue. * kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443) Security Issue reference: * CVE-2002-2443 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-krb5-7962 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-krb5-7968 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-krb5-7962 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-krb5-7962 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-krb5-7968 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-krb5-7968 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-krb5-7962 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-krb5-7968 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.56.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.56.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): krb5-1.6.3-133.49.56.1 krb5-apps-clients-1.6.3-133.49.56.1 krb5-apps-servers-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.56.1 krb5-apps-clients-1.6.3-133.49.56.1 krb5-apps-servers-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): krb5-x86-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): krb5-1.6.3-133.49.56.1 krb5-apps-clients-1.6.3-133.49.56.1 krb5-apps-servers-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.56.1 krb5-apps-clients-1.6.3-133.49.56.1 krb5-apps-servers-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 krb5-server-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): krb5-x86-1.6.3-133.49.56.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): krb5-1.4.3-19.49.53.1 krb5-apps-clients-1.4.3-19.49.53.1 krb5-apps-servers-1.4.3-19.49.53.1 krb5-client-1.4.3-19.49.53.1 krb5-devel-1.4.3-19.49.53.1 krb5-server-1.4.3-19.49.53.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): krb5-32bit-1.4.3-19.49.53.1 krb5-devel-32bit-1.4.3-19.49.53.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): krb5-x86-1.4.3-19.49.53.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): krb5-64bit-1.4.3-19.49.53.1 krb5-devel-64bit-1.4.3-19.49.53.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): krb5-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): krb5-1.6.3-133.49.56.1 krb5-client-1.6.3-133.49.56.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): krb5-32bit-1.6.3-133.49.56.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): krb5-1.4.3-19.49.53.1 krb5-client-1.4.3-19.49.53.1 krb5-devel-1.4.3-19.49.53.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): krb5-32bit-1.4.3-19.49.53.1 krb5-devel-32bit-1.4.3-19.49.53.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): krb5-apps-clients-1.4.3-19.49.53.1 krb5-apps-servers-1.4.3-19.49.53.1 krb5-server-1.4.3-19.49.53.1 References: http://support.novell.com/security/cve/CVE-2002-2443.html https://bugzilla.novell.com/825985 http://download.novell.com/patch/finder/?keywords=3dfdef1b01c0a222b10532e9cbb10514 http://download.novell.com/patch/finder/?keywords=879ff6dd0e1bb99ce692a47131264157 http://download.novell.com/patch/finder/?keywords=c39bdbe610296d79e3993188cd5996f5 From sle-updates at lists.suse.com Fri Jul 12 16:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 13 Jul 2013 00:04:09 +0200 (CEST) Subject: SUSE-SU-2013:1193-1: moderate: Security update for ibutils Message-ID: <20130712220409.B5BCD3208D@maintenance.suse.de> SUSE Security Update: Security update for ibutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1193-1 Rating: moderate References: #811660 Cross-References: CVE-2013-1894 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Various tmp races in ibdiagnet of ibutils have been fixed that could have been used by local attackers on machines where infiband was debugged to gain privileges. Security Issue reference: * CVE-2013-1894 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-ibutils-8030 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ibutils-8029 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ibutils-8030 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ibutils-8030 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ibutils-8029 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ibutils-8029 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 x86_64): ibutils-devel-1.5.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 x86_64): ibutils-devel-32bit-1.5.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): ibutils-1.5.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64): ibutils-32bit-1.5.7-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 x86_64): ibutils-devel-1.5.4-0.7.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 x86_64): ibutils-devel-32bit-1.5.4-0.7.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): ibutils-1.5.4-0.7.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): ibutils-32bit-1.5.4-0.7.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ibutils-1.5.7-0.9.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): ibutils-32bit-1.5.7-0.9.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 x86_64): ibutils-1.5.7-0.9.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 x86_64): ibutils-32bit-1.5.7-0.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ibutils-1.5.4-0.7.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): ibutils-32bit-1.5.4-0.7.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): ibutils-1.5.4-0.7.7.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 x86_64): ibutils-32bit-1.5.4-0.7.7.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64): ibutils-1.5.4-0.13.1 ibutils-devel-1.5.4-0.13.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): ibutils-32bit-1.5.4-0.13.1 ibutils-devel-32bit-1.5.4-0.13.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): ibutils-x86-1.5.4-0.13.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): ibutils-64bit-1.5.4-0.13.1 ibutils-devel-64bit-1.5.4-0.13.1 References: http://support.novell.com/security/cve/CVE-2013-1894.html https://bugzilla.novell.com/811660 http://download.novell.com/patch/finder/?keywords=11524c8b32981c34ce1318862678fe36 http://download.novell.com/patch/finder/?keywords=8e5fb9360d3b7709308d0707088c7e0f http://download.novell.com/patch/finder/?keywords=da107ccc84270545004aae4885b15ce2 From sle-updates at lists.suse.com Tue Jul 16 10:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Jul 2013 18:04:10 +0200 (CEST) Subject: SUSE-YU-2013:1206-1: YOU update for libzypp Message-ID: <20130716160410.59915320AE@maintenance.suse.de> SUSE YOU Update: YOU update for libzypp ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:1206-1 Rating: low References: #825490 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one YOU fix can now be installed. It includes one version update. Description: This update for libzypp fixes a potential log file truncation introduced by the previous maintenance update. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libzypp-8051 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libzypp-8051 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libzypp-8051 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libzypp-8051 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.36.4]: libzypp-devel-9.36.4-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 9.36.4]: libzypp-9.36.4-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.36.4]: libzypp-9.36.4-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 9.36.4]: libzypp-9.36.4-0.7.1 References: https://bugzilla.novell.com/825490 http://download.novell.com/patch/finder/?keywords=2c81e4cd2325b2a9ca65732d322e4129 From sle-updates at lists.suse.com Thu Jul 18 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 22:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1209-1: moderate: Recommended update for yast2-mail Message-ID: <20130718200411.621CB32232@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-mail ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1209-1 Rating: moderate References: #800788 #818544 #821632 #822285 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update fixes the following issues: * ag_postfix_mastercf process freezed the system, when saving mail server settings with the YaST2 "Mail Server" module (bnc#800788) * AutoYaST configuration of mail services failed (bnc#822285) * automatic installation stopped with error during Postfix configuration (bnc#821632) * YaST2 mail server enhanced module was not able to detect mail domains (bnc#818544) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-mail-7870 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-mail-7870 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-mail-7870 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-mail-7870 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): yast2-mail-plugins-2.17.6-0.13.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): yast2-mail-2.17.6-0.13.1 yast2-mail-plugins-2.17.6-0.13.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): yast2-mail-2.17.6-0.13.1 yast2-mail-plugins-2.17.6-0.13.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): yast2-mail-2.17.6-0.13.1 References: https://bugzilla.novell.com/800788 https://bugzilla.novell.com/818544 https://bugzilla.novell.com/821632 https://bugzilla.novell.com/822285 http://download.novell.com/patch/finder/?keywords=b534846e6c0bfcdf150cc3c8363b380d From sle-updates at lists.suse.com Thu Jul 18 14:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 22:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1210-1: Recommended update for gvfs Message-ID: <20130718200414.E222F3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for gvfs ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1210-1 Rating: low References: #819859 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issue: * #819859: sftp bookmarks don't work in Nautilus Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gvfs-8050 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-gvfs-8049 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gvfs-8050 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gvfs-8050 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gvfs-8049 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gvfs-8049 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gvfs-8050 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gvfs-8049 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): gvfs-devel-1.4.3-0.17.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gvfs-devel-1.4.3-0.17.19.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gvfs-1.4.3-0.17.19.1 gvfs-backends-1.4.3-0.17.19.1 gvfs-fuse-1.4.3-0.17.19.1 gvfs-lang-1.4.3-0.17.19.1 libgvfscommon0-1.4.3-0.17.19.1 References: https://bugzilla.novell.com/819859 http://download.novell.com/patch/finder/?keywords=464557d75830b34f907e590f5b38dadc http://download.novell.com/patch/finder/?keywords=c6725e6d562acaead499253d0d04d57e From sle-updates at lists.suse.com Thu Jul 18 14:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 22:04:18 +0200 (CEST) Subject: SUSE-RU-2013:1211-1: important: Recommended update for yast2 Message-ID: <20130718200418.373363227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1211-1 Rating: important References: #817797 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes an issue in network setup that affects only automated installations of Open Enterprise Server. * bnc#817797: AutoYaST import can be overwritten by Read in NetworkInterfaces. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-yast2-8035 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-yast2-8035 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-yast2-8035 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-yast2-8035 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.130]: yast2-devel-doc-2.17.130-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.17.130]: yast2-2.17.130-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.130]: yast2-2.17.130-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.17.130]: yast2-2.17.130-0.7.1 References: https://bugzilla.novell.com/817797 http://download.novell.com/patch/finder/?keywords=c2be273e4c536a80d7209c74cc08a977 From sle-updates at lists.suse.com Thu Jul 18 14:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 22:04:21 +0200 (CEST) Subject: SUSE-RU-2013:1212-1: moderate: Recommended update for postfix Message-ID: <20130718200421.72DBE3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for postfix ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1212-1 Rating: moderate References: #768637 #821632 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the following issues: * bnc#821632 - automatic installation stops with error during Postfix configuration * bnc#768637 - chown: cannot access postfix-doc/README_FILES Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-postfix-8008 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-postfix-8008 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-postfix-8008 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-postfix-8008 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): postfix-devel-2.5.13-0.21.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): postfix-2.5.13-0.21.1 postfix-doc-2.5.13-0.21.1 postfix-mysql-2.5.13-0.21.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): postfix-2.5.13-0.21.1 postfix-doc-2.5.13-0.21.1 postfix-mysql-2.5.13-0.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): postfix-2.5.13-0.21.1 References: https://bugzilla.novell.com/768637 https://bugzilla.novell.com/821632 http://download.novell.com/patch/finder/?keywords=678fd82d2290dcef1e9b505c581c7966 From sle-updates at lists.suse.com Thu Jul 18 15:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1213-1: important: Security update for flash-player Message-ID: <20130718210410.B3C36321EA@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1213-1 Rating: important References: #828810 Cross-References: CVE-2013-3344 CVE-2013-3345 CVE-2013-3347 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: Adobe flash-player has been updated to version 11.2.202.291 (ABSP13-17) which fixes bugs and security issues. This update fixes the following security issues: * a heap buffer overflow vulnerability that could have lead to code execution (CVE-2013-3344). * a memory corruption vulnerability that could have lead to code execution (CVE-2013-3345). * an integer overflow when resampling a user-supplied PCM buffer (CVE-2013-3347). Official advisory can be found on http://www.adobe.com/support/security/bulletins/apsb13-17.ht ml Security Issue references: * CVE-2013-3344 * CVE-2013-3345 * CVE-2013-3347 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-8039 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-8038 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.297]: flash-player-11.2.202.297-0.3.1 flash-player-gnome-11.2.202.297-0.3.1 flash-player-kde4-11.2.202.297-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.297]: flash-player-11.2.202.297-0.3.1 flash-player-gnome-11.2.202.297-0.3.1 flash-player-kde4-11.2.202.297-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.297]: flash-player-11.2.202.297-0.5.2 References: http://support.novell.com/security/cve/CVE-2013-3344.html http://support.novell.com/security/cve/CVE-2013-3345.html http://support.novell.com/security/cve/CVE-2013-3347.html https://bugzilla.novell.com/828810 http://download.novell.com/patch/finder/?keywords=2a99ce6c544e43d5065f403d412927eb http://download.novell.com/patch/finder/?keywords=a62a96037c69a861417e569c4f78a0ff http://download.novell.com/patch/finder/?keywords=bda18521b2a6248c706df2f3b0650967 From sle-updates at lists.suse.com Thu Jul 18 15:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:14 +0200 (CEST) Subject: SUSE-SU-2013:1214-1: moderate: Security update for KVM Message-ID: <20130718210414.532B93227B@maintenance.suse.de> SUSE Security Update: Security update for KVM ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1214-1 Rating: moderate References: #712137 #725008 #786813 #818182 #824340 Cross-References: CVE-2013-2007 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update fixes a file permission issue with qga (the QEMU Guest Agent) from the qemu/kvm package and includes several bug-fixes. (bnc#818182) (CVE-2013-2007) (bnc#786813) (bnc#725008) (bnc#712137) (bnc#824340) Security Issues: * CVE-2013-2007 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kvm-7906 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kvm-7906 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): kvm-0.15.1-0.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kvm-0.15.1-0.27.1 References: http://support.novell.com/security/cve/CVE-2013-2007.html https://bugzilla.novell.com/712137 https://bugzilla.novell.com/725008 https://bugzilla.novell.com/786813 https://bugzilla.novell.com/818182 https://bugzilla.novell.com/824340 http://download.novell.com/patch/finder/?keywords=ddb145f19c5e9d74a91e6259aa616b70 From sle-updates at lists.suse.com Thu Jul 18 15:04:17 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:17 +0200 (CEST) Subject: SUSE-RU-2013:1184-2: moderate: Recommended update for timezone Message-ID: <20130718210417.C6B843227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1184-2 Rating: moderate References: #828372 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Morocco's midsummer transitions this year are July 7 and August 10 * Israel now falls back on the last Sunday of October * Palestine observed DST starting March 29, 2013 * From 2013 on, Gaza and Hebron both observe DST. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-timezone-2013d-8025 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-timezone-2013d-8025 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-timezone-2013d-8025 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-timezone-2013d-8025 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.1 References: https://bugzilla.novell.com/828372 http://download.novell.com/patch/finder/?keywords=4b06e7be35bf92d28c831bb0af8e8b72 From sle-updates at lists.suse.com Thu Jul 18 15:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:21 +0200 (CEST) Subject: SUSE-RU-2013:1215-1: Recommended update for SLES-for-VMware-SP3-migration and SLES-for-VMware-release Message-ID: <20130718210421.87387321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLES-for-VMware-SP3-migration and SLES-for-VMware-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1215-1 Rating: low References: #829094 Affected Products: WebYaST 1.3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update prepares the system for a System Upgrade to SUSE Linux Enterprise Server for VMware 11 SP3. Please follow the technical instruction document for the information on how to upgrade your system to SUSE Linux Enterprise Server for VMware 11 SP3: http://www.suse.com/support/documentLink.do?externalID=70123 68 Please have a look for more Information and Resources about SUSE Linux Enterprise Server 11 SP3 here: http://www.suse.com/promo/sle11sp3.html Indications: Enablement of Upgrade to SLES for VMware 11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.3: zypper in -t patch slewyst13-sles-release-8081 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-SDK-SP3-Migration-8061 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-SLES-for-VMware-SP3-Migration-8036 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-SLES-SP3-Migration-8065 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-SLE-HA-SP3-Migration-8060 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-SLED-SP3-Migration-8037 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.3 (i586 ia64 ppc64 s390x x86_64): sles-release-11.2-3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): sle-sdk-SP3-migration-11.2-1.14 sle-sdk-release-11.2-1.75 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): SLES-for-VMware-SP3-migration-11.2-1.6 SLES-for-VMware-release-11.2-1.267 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): SUSE_SLES-SP3-migration-11.2-1.24 sles-release-11.2-1.538 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): sle-hae-SP3-migration-11.2-1.15 sle-hae-release-11.2-1.89 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): SUSE_SLED-SP3-migration-11.2-1.27 sled-release-11.2-1.540 References: https://bugzilla.novell.com/829094 http://download.novell.com/patch/finder/?keywords=08d9b57dacadb5d34217f4de1ea6741c http://download.novell.com/patch/finder/?keywords=4110d062d1e51a41335c3091d7d97d1a http://download.novell.com/patch/finder/?keywords=97421c522a71458df230d940ceb912e9 http://download.novell.com/patch/finder/?keywords=bc903d921396236874fefa444abb7eea http://download.novell.com/patch/finder/?keywords=bcb2ceff2fd071ea3899af0fe3a7c58e http://download.novell.com/patch/finder/?keywords=df76f92eced54380138cf3d21f98c7da From sle-updates at lists.suse.com Thu Jul 18 15:04:25 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:25 +0200 (CEST) Subject: SUSE-SU-2013:1216-1: moderate: Security update for python-suds Message-ID: <20130718210425.2A6583227B@maintenance.suse.de> SUSE Security Update: Security update for python-suds ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1216-1 Rating: moderate References: #827568 Cross-References: CVE-2013-2217 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Insecure temporary directory usage in Python suds has been fixed. (CVE-2013-2217) Security Issue reference: * CVE-2013-2217 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-python-suds-8017 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): python-suds-0.4-0.13.13.1 References: http://support.novell.com/security/cve/CVE-2013-2217.html https://bugzilla.novell.com/827568 http://download.novell.com/patch/finder/?keywords=202789db57b6ad14f82e3c817e5cb288 From sle-updates at lists.suse.com Thu Jul 18 15:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jul 2013 23:04:29 +0200 (CEST) Subject: SUSE-SU-2013:1217-1: moderate: Security update for subversion Message-ID: <20130718210429.29C043227B@maintenance.suse.de> SUSE Security Update: Security update for subversion ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1217-1 Rating: moderate References: #821505 Cross-References: CVE-2013-1968 CVE-2013-2112 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of subversion fixes two potential DoS vulnerabilities (bug#821505, CVE-2013-1968, CVE-2013-2112). * Server-side bugfixes: o fix FSFS repository corruption due to newline in filename (issue #4340) o fix svnserve exiting when a client connection is aborted (r1482759) * Other tool improvements and bugfixes: o fix argument processing in contrib hook scripts (r1485350) Security Issues: * CVE-2013-1968 * CVE-2013-2112 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-subversion-7930 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-subversion-7933 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-subversion-7930 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): subversion-1.6.17-1.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): subversion-1.6.17-1.17.1 subversion-devel-1.6.17-1.17.1 subversion-perl-1.6.17-1.17.1 subversion-python-1.6.17-1.17.1 subversion-server-1.6.17-1.17.1 subversion-tools-1.6.17-1.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): subversion-1.6.17-1.17.1 subversion-devel-1.6.17-1.17.1 subversion-perl-1.6.17-1.17.1 subversion-python-1.6.17-1.17.1 subversion-server-1.6.17-1.17.1 subversion-tools-1.6.17-1.17.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): subversion-1.3.1-1.24.1 subversion-devel-1.3.1-1.24.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): cvs2svn-1.3.0-30.24.1 subversion-1.3.1-1.24.1 subversion-devel-1.3.1-1.24.1 subversion-python-1.3.1-1.24.1 subversion-server-1.3.1-1.24.1 subversion-tools-1.3.1-1.24.1 viewcvs-1.0.5-0.24.1 References: http://support.novell.com/security/cve/CVE-2013-1968.html http://support.novell.com/security/cve/CVE-2013-2112.html https://bugzilla.novell.com/821505 http://download.novell.com/patch/finder/?keywords=36021bc879cc7c6cd3d36b5f76b9c22d http://download.novell.com/patch/finder/?keywords=64648aca6f33898d15cd8c0c4956232f http://download.novell.com/patch/finder/?keywords=f1e3ccee3d6965d85d10d4c4ff3e6746 From sle-updates at lists.suse.com Thu Jul 18 16:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Jul 2013 00:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1218-1: Recommended update for Subscription Management Tool SP2 to SP3 migration Message-ID: <20130718220411.15E22321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for Subscription Management Tool SP2 to SP3 migration ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1218-1 Rating: low References: #815330 Affected Products: Subscription Management Tool 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update enables Subscription Management Tool 11 SP2 to online migrate to Subscription Management Tool 11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-sle-smt-SP3-migration-7829 slesmtsp0-sles-release-8072 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): sle-smt-SP3-migration-11.2-1.11 sle-smt-release-11.2-1.14 sles-release-11.2-3.1 References: https://bugzilla.novell.com/815330 http://download.novell.com/patch/finder/?keywords=d6e494f8f3f2f474a99587ac96ab9fa0 http://download.novell.com/patch/finder/?keywords=fdeaca9e6bb62a59879fcb0a86af966f From sle-updates at lists.suse.com Thu Jul 18 16:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Jul 2013 00:04:14 +0200 (CEST) Subject: SUSE-SU-2013:1219-1: important: Security update for nagios-nrpe, nagios-plugins-nrpe Message-ID: <20130718220414.BFF723227B@maintenance.suse.de> SUSE Security Update: Security update for nagios-nrpe, nagios-plugins-nrpe ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1219-1 Rating: important References: #807241 Cross-References: CVE-2013-1362 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Nagios NRPE was updated to add more blacklisting to avoid shell injection via nagios request packets (CVE-2013-1362). Security Issues: * CVE-2013-1362 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nagios-nrpe-8033 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nagios-nrpe-8033 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nagios-nrpe-8032 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nagios-nrpe-8032 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nagios-nrpe-2.12-24.4.8.1 nagios-nrpe-doc-2.12-24.4.8.1 nagios-plugins-nrpe-2.12-24.4.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nagios-nrpe-2.12-24.4.8.1 nagios-nrpe-doc-2.12-24.4.8.1 nagios-plugins-nrpe-2.12-24.4.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nagios-nrpe-2.12-24.4.8.1 nagios-nrpe-doc-2.12-24.4.8.1 nagios-plugins-nrpe-2.12-24.4.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nagios-nrpe-2.12-24.4.8.1 nagios-nrpe-doc-2.12-24.4.8.1 nagios-plugins-nrpe-2.12-24.4.8.1 References: http://support.novell.com/security/cve/CVE-2013-1362.html https://bugzilla.novell.com/807241 http://download.novell.com/patch/finder/?keywords=c4f6ad63a4915b3a42859f58bb03e977 http://download.novell.com/patch/finder/?keywords=efb6b86f270013cd431764d840c290db From sle-updates at lists.suse.com Thu Jul 18 16:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Jul 2013 00:04:18 +0200 (CEST) Subject: SUSE-RU-2013:1220-1: Recommended update for Brasero Message-ID: <20130718220418.5CB6B3227B@maintenance.suse.de> SUSE Recommended Update: Recommended update for Brasero ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1220-1 Rating: low References: #711183 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Brasero fixes creation of mp3 audio projects. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-brasero-7951 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-brasero-7951 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-brasero-7950 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-brasero-7950 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-brasero-7951 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-brasero-7950 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): brasero-2.28.3-0.5.5.1 brasero-lang-2.28.3-0.5.5.1 libbrasero-burn0-2.28.3-0.5.5.1 libbrasero-media0-2.28.3-0.5.5.1 References: https://bugzilla.novell.com/711183 http://download.novell.com/patch/finder/?keywords=5f14c5dcf410b8306c240f20661fde1f http://download.novell.com/patch/finder/?keywords=d453e42cea48c3e0300c5a2bb844a3be From sle-updates at lists.suse.com Sat Jul 20 01:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 20 Jul 2013 09:04:11 +0200 (CEST) Subject: SUSE-YU-2013:1223-1: YOU update for PackageKit, libzypp, zypper Message-ID: <20130720070411.4A22832074@maintenance.suse.de> SUSE YOU Update: YOU update for PackageKit, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:1223-1 Rating: low References: #668891 #772965 #773575 #779740 #793809 #803316 #804219 #806568 #811997 #824110 #825490 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 11 YOU fixes can now be installed. It includes two new package versions. Description: This update for the Software Update Stack provides the following fixes and enhancements: libzypp: - Set log file permission upon file creation only. (bnc#825490) - Speedup scanning for modaliases, improving performance on machines with large amounts of RAM. (bnc#824110) - Implement retrieval of packages from tftp servers. (bnc#803316) - Fix file probing via tftp:// (bnc#803316) - Unify update-scripts with same content(md5sum). (bnc#773575) - Implement $ZYPP_LOCK_TIMEOUT. (bnc#772965) - Add new zypp.conf option to define the maximum allowed time for transfer operations. - Set $ZYPP_IS_RUNNING during commit. - Add modalias and multiversion spec to testcase. zypper: - Add -E, --show-enabled-only option to list repos/services command. (FATE#314994) - Set default zypper.log mode to 0640. (bnc#825490) - Show the right product in summary. (bnc#811997) - Fix 'zypper lu' also listing products. (bnc#779740) - Fix -x printing edition values for arch-old. (bnc#793809) - Allow re-install with different arch upon explicit request. (bnc#804219) - Fix zypper disregarding zypp.conf cache path settings. (bnc#806568) PackageKit: - Fix crash after attempting to install packages with EULAs. (bnc#668891) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-softwaremgmt-201306-8047 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-softwaremgmt-201306-8047 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-softwaremgmt-201306-8047 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-softwaremgmt-201306-8047 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.15.4]: PackageKit-devel-0.3.14-2.27.27.17 libpackagekit-glib10-devel-0.3.14-2.27.27.17 libpackagekit-qt10-0.3.14-2.27.27.17 libpackagekit-qt10-devel-0.3.14-2.27.27.17 libzypp-devel-9.15.4-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.6.175 and 9.15.4]: PackageKit-0.3.14-2.27.27.17 PackageKit-lang-0.3.14-2.27.27.17 libpackagekit-glib10-0.3.14-2.27.27.17 libzypp-9.15.4-0.5.1 zypper-1.6.175-0.5.11 zypper-log-1.6.175-0.5.11 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.6.175 and 9.15.4]: PackageKit-0.3.14-2.27.27.17 PackageKit-lang-0.3.14-2.27.27.17 libpackagekit-glib10-0.3.14-2.27.27.17 libzypp-9.15.4-0.5.1 zypper-1.6.175-0.5.11 zypper-log-1.6.175-0.5.11 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.6.175 and 9.15.4]: PackageKit-0.3.14-2.27.27.17 PackageKit-gstreamer-plugin-0.3.14-2.27.27.17 PackageKit-lang-0.3.14-2.27.27.17 libpackagekit-glib10-0.3.14-2.27.27.17 libzypp-9.15.4-0.5.1 zypper-1.6.175-0.5.11 zypper-log-1.6.175-0.5.11 References: https://bugzilla.novell.com/668891 https://bugzilla.novell.com/772965 https://bugzilla.novell.com/773575 https://bugzilla.novell.com/779740 https://bugzilla.novell.com/793809 https://bugzilla.novell.com/803316 https://bugzilla.novell.com/804219 https://bugzilla.novell.com/806568 https://bugzilla.novell.com/811997 https://bugzilla.novell.com/824110 https://bugzilla.novell.com/825490 http://download.novell.com/patch/finder/?keywords=3ef50861f881365bc94eae994aaab737 From sle-updates at lists.suse.com Sat Jul 20 01:04:13 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 20 Jul 2013 09:04:13 +0200 (CEST) Subject: SUSE-RU-2013:1164-2: Recommended update for pcsc-cyberjack Message-ID: <20130720070413.B9AC93227D@maintenance.suse.de> SUSE Recommended Update: Recommended update for pcsc-cyberjack ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1164-2 Rating: low References: #814818 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pcsc-cyberjack adds support to new card reader devices from Reiner-SCT. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ctapi-cyberjack-7911 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ctapi-cyberjack-7911 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-ctapi-cyberjack-7911 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ctapi-cyberjack-3.3.0-3.27.3.5 pcsc-cyberjack-3.3.0-3.27.3.5 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.5 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): ctapi-cyberjack-3.3.0-3.27.3.5 pcsc-cyberjack-3.3.0-3.27.3.5 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.5 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): ctapi-cyberjack-3.3.0-3.27.3.5 pcsc-cyberjack-3.3.0-3.27.3.5 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): ctapi-cyberjack-32bit-3.3.0-3.27.3.5 References: https://bugzilla.novell.com/814818 http://download.novell.com/patch/finder/?keywords=ab521bb7cdf3e82171877e631b95892b From sle-updates at lists.suse.com Mon Jul 22 15:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Jul 2013 23:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1231-1: moderate: Recommended update for kdump Message-ID: <20130722210410.DE79B32071@maintenance.suse.de> SUSE Recommended Update: Recommended update for kdump ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1231-1 Rating: moderate References: #824695 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Kdump fixes an issue that prevented mkdumprd from re-generating the kdump ramdisk after a configuration file modification. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kdump-7953 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kdump-7953 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kdump-7953 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): kdump-0.8.4-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): kdump-0.8.4-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): kdump-0.8.4-0.31.1 References: https://bugzilla.novell.com/824695 http://download.novell.com/patch/finder/?keywords=49c0aaec03260cdd82c62ed7211552ce From sle-updates at lists.suse.com Mon Jul 22 15:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Jul 2013 23:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1232-1: moderate: Recommended update for SLED release notes Message-ID: <20130722210414.B84D23227C@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLED release notes ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1232-1 Rating: moderate References: #824787 #825261 #827324 #827325 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Desktop 11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-release-notes-sled-8014 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 11.3.20]: release-notes-sled-11.3.20-0.9.3 release-notes-sled-11.3.20-0.9.4 References: https://bugzilla.novell.com/824787 https://bugzilla.novell.com/825261 https://bugzilla.novell.com/827324 https://bugzilla.novell.com/827325 http://download.novell.com/patch/finder/?keywords=ef6cffc5efee3322191ba3e9600ed1df From sle-updates at lists.suse.com Mon Jul 22 21:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jul 2013 05:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1233-1: Recommended update for kiwi Message-ID: <20130723030409.C92D03208D@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1233-1 Rating: low References: #813216 #819772 #822247 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update fixes the following issues: * fixed getSingleInstSourceSatSolvable() instead of relying on the suffix of a file it's better to actually check if it's compressed or non compressed data. Due to redirections and symlinks it might happen that a file name e.g 'packages' is resolved into 'packages.en.gz'. kiwi downloaded the file and failed to check if it's a compressed file (bnc #822247) * fixed fetchFile function. The variable $imageBlkSize is not initialized, so it is better to use $chunk * if a targetdevice is used instead of a loop we need to wait for udev to finish the event loop in the same way as it is done in bindDiskPartitions() when binding the partitions of a loop device (bnc #819772) * netboot: fixed setup of swap devices in $imageSwapDevice. If the partition table stays untouched the variable was not set which caused a broken fstab entry for swap. This patch makes sure the swap device variable is set in any case. * fixed SUSE product creation if specified MAIN_PRODUCT does not match the product name. In this case the collection of products is skipped with a warning message * netboot: The sum2 variable in the suse-linuxrc download code conflicts with the same variable set in the updateNeeded function Because of that the check for the first cycle in the download loop did not work in all cases. * fixed setupBootLoaderGrub to write the udev device name into /boot/grub/device.map instead of the UNIX kernel device name (bnc #813216) * make hybrid iso call for products non-fatal Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-kiwi-7830 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-kiwi-7830 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-kiwi-7830 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.85.108]: kiwi-4.85.108-0.5.1 kiwi-instsource-4.85.108-0.5.1 kiwi-tools-4.85.108-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 s390x x86_64) [New Version: 4.85.108]: kiwi-desc-oemboot-4.85.108-0.5.1 kiwi-desc-vmxboot-4.85.108-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 4.85.108]: kiwi-desc-isoboot-4.85.108-0.5.1 kiwi-desc-netboot-4.85.108-0.5.1 kiwi-doc-4.85.108-0.5.1 kiwi-pxeboot-4.85.108-0.5.1 - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64) [New Version: 4.85.108]: kiwi-4.85.108-0.5.1 kiwi-desc-isoboot-4.85.108-0.5.1 kiwi-desc-netboot-4.85.108-0.5.1 kiwi-desc-oemboot-4.85.108-0.5.1 kiwi-doc-4.85.108-0.5.1 kiwi-tools-4.85.108-0.5.1 - SUSE Lifecycle Management Server 1.3 (x86_64) [New Version: 4.85.108]: kiwi-4.85.108-0.5.1 kiwi-desc-isoboot-4.85.108-0.5.1 kiwi-desc-netboot-4.85.108-0.5.1 kiwi-desc-oemboot-4.85.108-0.5.1 kiwi-desc-vmxboot-4.85.108-0.5.1 kiwi-tools-4.85.108-0.5.1 References: https://bugzilla.novell.com/813216 https://bugzilla.novell.com/819772 https://bugzilla.novell.com/822247 http://download.novell.com/patch/finder/?keywords=c8d8c70fd390881676adc7bd47e7a31e From sle-updates at lists.suse.com Mon Jul 22 21:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jul 2013 05:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1234-1: Recommended update for kiwi Message-ID: <20130723030412.72D6E3227C@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1234-1 Rating: low References: #819772 #822247 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update fixes the following issues: * fixed handling of bootincluded items: packages and archives marked as bootinclude have to respect an optional arch setup like this example: * added build result meta data files each build now contains two additional files: The .packages file which contains a list of all installed packages The .verified file which contains the result of rpm -Va These files are only created on rpm based systems and should help to compare build results better * fixed getSingleInstSourceSatSolvable() instead of relying on the suffix of a file it's better to actually check if it's compressed or non compressed data. Due to redirections and symlinks it might happen that a file name e.g 'packages' is resolved into 'packages.en.gz'. kiwi downloaded the file and failed to check if it's a compressed file (bnc #822247) * fixed fetchFile function. The variable $imageBlkSize is not initialized, so it is better to use $chunk * if a targetdevice is used instead of a loop we need to wait for udev to finish the event loop in the same way as it is done in bindDiskPartitions() when binding the partitions of a loop device (bnc #819772) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-kiwi-8074 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.85.110]: kiwi-4.85.110-0.7.1 kiwi-instsource-4.85.110-0.7.1 kiwi-tools-4.85.110-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 s390x x86_64) [New Version: 4.85.110]: kiwi-desc-oemboot-4.85.110-0.7.1 kiwi-desc-vmxboot-4.85.110-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 4.85.110]: kiwi-desc-isoboot-4.85.110-0.7.1 kiwi-desc-netboot-4.85.110-0.7.1 kiwi-doc-4.85.110-0.7.1 kiwi-pxeboot-4.85.110-0.7.1 kiwi-pxeboot-prebuild-3.74.2-0.83.148 References: https://bugzilla.novell.com/819772 https://bugzilla.novell.com/822247 http://download.novell.com/patch/finder/?keywords=d7fa0537e0af720593bd37d2c57f7f55 From sle-updates at lists.suse.com Tue Jul 23 11:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jul 2013 19:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1237-1: moderate: Security update for strongswan Message-ID: <20130723170410.E5EEF32076@maintenance.suse.de> SUSE Security Update: Security update for strongswan ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1237-1 Rating: moderate References: #815236 Cross-References: CVE-2013-2944 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the ECDSA signature vulnerability in strongswan. CVE-2013-2944 has been assigned to this issue. Security Issue reference: * CVE-2013-2944 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-strongswan-7638 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-strongswan-7638 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-strongswan-7638 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): strongswan-4.4.0-6.17.2 strongswan-doc-4.4.0-6.17.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): strongswan-4.4.0-6.17.2 strongswan-doc-4.4.0-6.17.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): strongswan-4.4.0-6.17.2 strongswan-doc-4.4.0-6.17.2 References: http://support.novell.com/security/cve/CVE-2013-2944.html https://bugzilla.novell.com/815236 http://download.novell.com/patch/finder/?keywords=6135247f38554d1bc90baf3102f2b478 From sle-updates at lists.suse.com Tue Jul 23 14:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jul 2013 22:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1238-1: important: Security update for java-1_6_0-openjdk Message-ID: <20130723200410.AC47F321EA@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1238-1 Rating: important References: #829708 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 26 vulnerabilities is now available. Description: java-1_6_0-openjdk has been updated to Icedtea6-1.12.6 version. Security fixes: * S6741606, CVE-2013-2407: Integrate Apache Santuario * S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls * S7170730, CVE-2013-2451: Improve Windows network stack support. * S8000638, CVE-2013-2450: Improve deserialization * S8000642, CVE-2013-2446: Better handling of objects for transportation * S8001032: Restrict object access * S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers * S8001034, CVE-2013-1500: Memory management improvements * S8001038, CVE-2013-2444: Resourcefully handle resources * S8001043: Clarify definition restrictions * S8001309: Better handling of annotation interfaces * S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost * S8001330, CVE-2013-2443: Improve on checking order * S8003703, CVE-2013-2412: Update RMI connection dialog box * S8004584: Augment applet contextualization * S8005007: Better glyph processing * S8006328, CVE-2013-2448: Improve robustness of sound classes * S8006611: Improve scripting * S8007467: Improve robustness of JMX internal APIs * S8007471: Improve MBean notifications * S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes * S8008120, CVE-2013-2457: Improve JMX class checking * S8008124, CVE-2013-2453: Better compliance testing * S8008128: Better API coherence for JMX * S8008132, CVE-2013-2456: Better serialization support * S8008585: Better JMX data handling * S8008593: Better URLClassLoader resource management * S8008603: Improve provision of JMX providers Security Issue references: * CVE-2013-2407 * CVE-2013-2445 * CVE-2013-2451 * CVE-2013-2450 * CVE-2013-2446 * CVE-2013-2452 * CVE-2013-1500 * CVE-2013-2444 * CVE-2013-2447 * CVE-2013-2443 * CVE-2013-2412 * CVE-2013-2448 * CVE-2013-2455 * CVE-2013-2457 * CVE-2013-2453 * CVE-2013-2456 * CVE-2013-2459 * CVE-2013-2470 * CVE-2013-2471 * CVE-2013-2472 * CVE-2013-2473 * CVE-2013-1571 * CVE-2013-2463 * CVE-2013-2465 * CVE-2013-2469 * CVE-2013-2461 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-java-1_6_0-openjdk-8084 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b27.1.12.6-0.2.1 java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.6-0.2.1 java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.6-0.2.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2445.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2461.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html https://bugzilla.novell.com/829708 http://download.novell.com/patch/finder/?keywords=15c3233f1a27346b71f59d90b204e778 From sle-updates at lists.suse.com Tue Jul 23 16:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jul 2013 00:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1239-1: moderate: Recommended update for SLES release notes Message-ID: <20130723220409.A4F473208D@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLES release notes ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1239-1 Rating: moderate References: #817831 #825141 #826123 #827016 #827325 #828056 #828478 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP3. * Updated entries: o Service Pack for HP Linux ProLiant (bnc#826123) o Move UEFI section to a better location (bnc#828056) o Add pointer to fadump config (bnc#817831) o Update support statement (bnc#828478). * New entries: o Capturing kdump on a Target using Devicemapper (Incl. Multipath) (bnc#827016) o Lower Version Numbers in SUSE Linux Enterprise 11 SP3 than in SP2 (bnc#827325). * Removed entries: o iSCSI Installations with Multiple NICs Losing Network Connectivity (bnc#825141). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-release-notes-sles-201307-8057 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-release-notes-sles-201307-8057 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 11.3.24]: release-notes-SLES-for-VMware-11.3.24-0.10.3 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.3.24]: release-notes-sles-11.3.24-0.10.3 References: https://bugzilla.novell.com/817831 https://bugzilla.novell.com/825141 https://bugzilla.novell.com/826123 https://bugzilla.novell.com/827016 https://bugzilla.novell.com/827325 https://bugzilla.novell.com/828056 https://bugzilla.novell.com/828478 http://download.novell.com/patch/finder/?keywords=530705437fb9263d30c204d8bdaeef49 From sle-updates at lists.suse.com Tue Jul 23 17:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jul 2013 01:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1240-1: Recommended update for AutoYaST2 Message-ID: <20130723230412.94FAE32071@maintenance.suse.de> SUSE Recommended Update: Recommended update for AutoYaST2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1240-1 Rating: low References: #752318 #788593 #794403 #799725 #820499 #822009 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. It includes one version update. Description: This update fixes the following issues: * #820499: AutoYaST module creates a bad ask-list * #822009: AutoYaST module crashes while saving the profile * #799725: Problem reusing large number of partitions * #794403: Unattended upgrade dependency errors when update repos are present in 'autoupg.xml' * #788593: Problem handling script notifications in UI * #752318: Fix cloning of raids Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-autoyast2-7791 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-autoyast2-7791 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-autoyast2-7791 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.57.3]: autoyast2-2.17.57.3-0.5.1 autoyast2-installation-2.17.57.3-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.57.3]: autoyast2-2.17.57.3-0.5.1 autoyast2-installation-2.17.57.3-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.57.3]: autoyast2-2.17.57.3-0.5.1 autoyast2-installation-2.17.57.3-0.5.1 References: https://bugzilla.novell.com/752318 https://bugzilla.novell.com/788593 https://bugzilla.novell.com/794403 https://bugzilla.novell.com/799725 https://bugzilla.novell.com/820499 https://bugzilla.novell.com/822009 http://download.novell.com/patch/finder/?keywords=f9c04844b3845bf5c0db9b62833ecf3f From sle-updates at lists.suse.com Tue Jul 23 17:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jul 2013 01:04:16 +0200 (CEST) Subject: SUSE-RU-2013:1241-1: moderate: Recommended update for createrepo Message-ID: <20130723230416.7833F321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for createrepo ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1241-1 Rating: moderate References: #823652 Affected Products: Subscription Management Tool 11 SP2 SUSE Studio Onsite 1.3 SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Lifecycle Management Server 1.3 SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for createrepo fixes modifyrepo to no longer use sub-second resolution in timestamp attributes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-createrepo-7880 slesmtsp0-yum-7884 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-createrepo-7880 slestso13-yum-7884 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-createrepo-7880 sleman17sp2-yum-7884 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-createrepo-7892 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-createrepo-7880 sdksp2-yum-7884 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-createrepo-7892 slessp3-yum-7936 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-createrepo-7892 slessp3-yum-7936 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-createrepo-7880 sleslms13-yum-7884 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-createrepo-7880 sleclo10sp2-yum-7884 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): yum-common-3.2.29-0.12.1 - Subscription Management Tool 11 SP2 (noarch): createrepo-0.9.9-0.25.1 - SUSE Studio Onsite 1.3 (x86_64): yum-common-3.2.29-0.12.1 - SUSE Studio Onsite 1.3 (noarch): createrepo-0.9.9-0.25.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 3.2.29]: yum-3.2.29-0.12.1 yum-common-3.2.29-0.12.1 - SUSE Manager 1.7 for SLE 11 SP2 (noarch): createrepo-0.9.9-0.25.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): createrepo-0.9.9-0.25.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): yum-common-3.2.29-0.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): createrepo-0.9.9-0.25.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): yum-common-3.2.29-0.12.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): createrepo-0.9.9-0.25.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): yum-common-3.2.29-0.12.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): createrepo-0.9.9-0.25.1 - SUSE Lifecycle Management Server 1.3 (x86_64): yum-common-3.2.29-0.12.1 - SUSE Lifecycle Management Server 1.3 (noarch): createrepo-0.9.9-0.25.1 - SUSE Cloud 1.0 (x86_64): yum-common-3.2.29-0.12.1 - SUSE Cloud 1.0 (noarch): createrepo-0.9.9-0.25.1 References: https://bugzilla.novell.com/823652 http://download.novell.com/patch/finder/?keywords=cde243c3861f99b34571f3314b8f77ae http://download.novell.com/patch/finder/?keywords=d449d030dba14caeef4e72db3667da7d http://download.novell.com/patch/finder/?keywords=ea8f0100c4555ff2ed5b07c269994bdb http://download.novell.com/patch/finder/?keywords=f44fcee067483950fe47fd2a6946b587 From sle-updates at lists.suse.com Tue Jul 23 17:04:20 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jul 2013 01:04:20 +0200 (CEST) Subject: SUSE-RU-2013:1242-1: moderate: Recommended update for Python Message-ID: <20130723230420.30118321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for Python ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1242-1 Rating: moderate References: #824713 #827982 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The SSL module in Python has been adjusted to switch to default SSL certificate handling when no CA path is passed. Additionally, python-xml now explicitly obsoletes pyxml. * #827982: Python: Enable SSL default certificate validation. * #824713: python-xml should provide/obsolete pyxml. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-201307-8076 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-201307-8076 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-201307-8076 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-201307-8076 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): python-devel-2.6.8-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64): python-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpython2_6-1_0-32bit-2.6.8-0.19.1 python-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpython2_6-1_0-32bit-2.6.8-0.19.1 python-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpython2_6-1_0-x86-2.6.8-0.19.1 python-base-x86-2.6.8-0.19.1 python-x86-2.6.8-0.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-devel-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpython2_6-1_0-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 References: https://bugzilla.novell.com/824713 https://bugzilla.novell.com/827982 http://download.novell.com/patch/finder/?keywords=49363bfc66ad19aa9445a0241bcb61aa From sle-updates at lists.suse.com Wed Jul 24 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 00:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1250-1: moderate: Security update for lcms2 Message-ID: <20130724220410.F1E2F31FD7@maintenance.suse.de> SUSE Security Update: Security update for lcms2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1250-1 Rating: moderate References: #826097 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes one version update. Description: lcms2 has been updated to the version 2.5 which is a maintenance release to fix various security and other bugs. * User defined parametric curves can now be saved in ICC profiles. * RGB profiles using same tone curves for several channels are storing now only one copy of the curve * update black point detection algorithm to reflect ICC changes * Added new cmsPlugInTHR() and fixed some race conditions * Added error descriptions on cmsSmoothToneCurve * Several improvements in cgats parser. * Fixed devicelink generation for 8 bits * Added a reference for Mac MLU tag * Added a way to read the profile creator from header * Added identity curves support for write V2 LUT * Added TIFF Lab16 handling on tifficc * Fixed a bug in parametric curves * Rendering intent used when creating the transform is now propagated to profile header in cmsTransform2Devicelink. * Transform2Devicelink now keeps white point when guessing deviceclass is enabled * Added some checks for non-happy path, mostly failing mallocs (bnc#826097). For further changes please see the ChangeLog in the RPM. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-lcms2-8091 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-lcms2-8091 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.5]: liblcms2-devel-2.5-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.5]: lcms2-2.5-0.7.1 liblcms2-2-2.5-0.7.1 References: https://bugzilla.novell.com/826097 http://download.novell.com/patch/finder/?keywords=3746092820e850d9766ee08526b7fa10 From sle-updates at lists.suse.com Wed Jul 24 19:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 03:04:09 +0200 (CEST) Subject: SUSE-SU-2013:1237-2: moderate: Security update for strongswan Message-ID: <20130725010409.B4A7331FD7@maintenance.suse.de> SUSE Security Update: Security update for strongswan ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1237-2 Rating: moderate References: #815236 Cross-References: CVE-2013-2944 Affected Products: SUSE Linux Enterprise Server 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the ECDSA signature vulnerability in strongswan. CVE-2013-2944 was assigned to this issue. Security Issue reference: * CVE-2013-2944 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): strongswan-4.4.0-6.13.2 strongswan-doc-4.4.0-6.13.2 References: http://support.novell.com/security/cve/CVE-2013-2944.html https://bugzilla.novell.com/815236 http://download.novell.com/patch/finder/?keywords=2390874895a97b266f9742fe8b0b4570 From sle-updates at lists.suse.com Thu Jul 25 06:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 14:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1251-1: moderate: Security update for glibc Message-ID: <20130725120411.8314E3205F@maintenance.suse.de> SUSE Security Update: Security update for glibc ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1251-1 Rating: moderate References: #676178 #691365 #767266 #770891 #775690 #796982 #813121 #828637 Cross-References: CVE-2010-4756 CVE-2011-1089 CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2013-1914 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves 6 vulnerabilities and has two fixes is now available. Description: This collective update for the GNU C library (glibc) provides the following fixes and enhancements: Security issues fixed: * Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) * Fix a different stack overflow in getaddrinfo with many results. (bnc#828637) * Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) * Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) * Add patches for fix overflows in vfprintf. [bnc #770891, CVE-2012-3405, CVE-2012-3406] * Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) * Flush stream in addmntent, to catch errors like reached file size limits. [bnc #676178, CVE-2011-1089] Bugs fixed: * Fix locking in _IO_cleanup. (bnc#796982) * Fix resolver when first query fails, but seconds succeeds. [bnc #767266] Security Issue references: * CVE-2013-1914 * CVE-2010-4756 * CVE-2012-3480 * CVE-2012-3405 * CVE-2012-3406 * CVE-2011-1089 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-glibc-8082 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-glibc-8082 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 i686 x86_64): glibc-2.11.1-0.50.1 glibc-devel-2.11.1-0.50.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): glibc-html-2.11.1-0.50.1 glibc-i18ndata-2.11.1-0.50.1 glibc-info-2.11.1-0.50.1 glibc-locale-2.11.1-0.50.1 glibc-profile-2.11.1-0.50.1 nscd-2.11.1-0.50.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (x86_64): glibc-32bit-2.11.1-0.50.1 glibc-devel-32bit-2.11.1-0.50.1 glibc-locale-32bit-2.11.1-0.50.1 glibc-profile-32bit-2.11.1-0.50.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 i686 s390x x86_64): glibc-2.11.1-0.50.1 glibc-devel-2.11.1-0.50.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): glibc-html-2.11.1-0.50.1 glibc-i18ndata-2.11.1-0.50.1 glibc-info-2.11.1-0.50.1 glibc-locale-2.11.1-0.50.1 glibc-profile-2.11.1-0.50.1 nscd-2.11.1-0.50.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64): glibc-32bit-2.11.1-0.50.1 glibc-devel-32bit-2.11.1-0.50.1 glibc-locale-32bit-2.11.1-0.50.1 glibc-profile-32bit-2.11.1-0.50.1 References: http://support.novell.com/security/cve/CVE-2010-4756.html http://support.novell.com/security/cve/CVE-2011-1089.html http://support.novell.com/security/cve/CVE-2012-3405.html http://support.novell.com/security/cve/CVE-2012-3406.html http://support.novell.com/security/cve/CVE-2012-3480.html http://support.novell.com/security/cve/CVE-2013-1914.html https://bugzilla.novell.com/676178 https://bugzilla.novell.com/691365 https://bugzilla.novell.com/767266 https://bugzilla.novell.com/770891 https://bugzilla.novell.com/775690 https://bugzilla.novell.com/796982 https://bugzilla.novell.com/813121 https://bugzilla.novell.com/828637 http://download.novell.com/patch/finder/?keywords=0ed824f4616a590edd9c21331469673e From sle-updates at lists.suse.com Thu Jul 25 08:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 16:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1254-1: important: Security update for java-1_7_0-openjdk Message-ID: <20130725140411.BB26532071@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1254-1 Rating: important References: #828665 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 30 vulnerabilities is now available. Description: This update to icedtea-2.4.1 fixes various security issues: * S6741606, CVE-2013-2407: Integrate Apache Santuario * S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls * S7170730, CVE-2013-2451: Improve Windows network stack support. * S8000638, CVE-2013-2450: Improve deserialization * S8000642, CVE-2013-2446: Better handling of objects for transportation * S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers * S8001034, CVE-2013-1500: Memory management improvements * S8001038, CVE-2013-2444: Resourcefully handle resources * S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost * S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only) * S8003703, CVE-2013-2412: Update RMI connection dialog box * S8004288, CVE-2013-2449: (fs) Files.probeContentType problems * S8006328, CVE-2013-2448: Improve robustness of sound classes * S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes * S8008120, CVE-2013-2457: Improve JMX class checking * S8008124, CVE-2013-2453: Better compliance testing * S8008132, CVE-2013-2456: Better serialization support * S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606 * S8009057, CVE-2013-2448: Improve MIDI event handling * S8009071, CVE-2013-2459: Improve shape handling * S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change * S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields * S8010209, CVE-2013-2460: Better provision of factories * S8011243, CVE-2013-2470: Improve ImagingLib * S8011248, CVE-2013-2471: Better Component Rasters * S8011253, CVE-2013-2472: Better Short Component Rasters * S8011257, CVE-2013-2473: Better Byte Component Rasters * S8012375, CVE-2013-1571: Improve Javadoc framing * S8012438, CVE-2013-2463: Better image validation * S8012597, CVE-2013-2465: Better image channel verification * S8012601, CVE-2013-2469: Better validation of image layouts * S8014281, CVE-2013-2461: Better checking of XML signature Security Issue references: * CVE-2013-2407 * CVE-2013-2445 * CVE-2013-2451 * CVE-2013-2450 * CVE-2013-2446 * CVE-2013-2452 * CVE-2013-1500 * CVE-2013-2444 * CVE-2013-2447 * CVE-2013-2443 * CVE-2013-2412 * CVE-2013-2449 * CVE-2013-2448 * CVE-2013-2455 * CVE-2013-2457 * CVE-2013-2453 * CVE-2013-2456 * CVE-2013-2459 * CVE-2013-2458 * CVE-2013-2454 * CVE-2013-2460 * CVE-2013-2470 * CVE-2013-2471 * CVE-2013-2472 * CVE-2013-2473 * CVE-2013-1571 * CVE-2013-2463 * CVE-2013-2465 * CVE-2013-2469 * CVE-2013-2461 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-8090 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): java-1_7_0-openjdk-1.7.0.6-0.19.2 java-1_7_0-openjdk-demo-1.7.0.6-0.19.2 java-1_7_0-openjdk-devel-1.7.0.6-0.19.2 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2445.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2449.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2458.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2460.html http://support.novell.com/security/cve/CVE-2013-2461.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html https://bugzilla.novell.com/828665 http://download.novell.com/patch/finder/?keywords=562c8781d83d70fa81f9b3c9c3f93137 From sle-updates at lists.suse.com Thu Jul 25 12:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 20:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1255-1: important: Security update for java-1_6_0-ibm Message-ID: <20130725180411.01405321A1@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1255-1 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP3 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that fixes 35 vulnerabilities is now available. Description: IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2468 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2466 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2442 * CVE-2013-2407 * CVE-2013-2454 * CVE-2013-2456 * CVE-2013-2453 * CVE-2013-2457 * CVE-2013-2455 * CVE-2013-2412 * CVE-2013-2443 * CVE-2013-2447 * CVE-2013-2437 * CVE-2013-2444 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-2451 * CVE-2013-1500 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-8105 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-8105 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-8105 - SUSE Linux Enterprise Java 11 SP3: zypper in -t patch slejsp3-java-1_6_0-ibm-8105 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-devel-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_6_0-ibm-64bit-1.6.0_sr14.0-0.11.1 - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 10 SP4 (x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-devel-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.11.1 java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.11.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2437.html http://support.novell.com/security/cve/CVE-2013-2442.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2466.html http://support.novell.com/security/cve/CVE-2013-2468.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=2506266f7074154371238b0be5bf61f3 http://download.novell.com/patch/finder/?keywords=d4115b4339a15f88677fc83a534c4dc3 From sle-updates at lists.suse.com Thu Jul 25 12:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 20:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1256-1: important: Security update for java-1_7_0-ibm Message-ID: <20130725180415.51E42321A1@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1256-1 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-2400 CVE-2013-2407 CVE-2013-2442 CVE-2013-2448 CVE-2013-2453 CVE-2013-2454 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-3744 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Java 11 SP3 ______________________________________________________________________________ An update that fixes 32 vulnerabilities is now available. Description: IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3006 * CVE-2013-3007 * CVE-2013-3008 * CVE-2013-3009 * CVE-2013-3010 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2468 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2466 * CVE-2013-2462 * CVE-2013-2460 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2442 * CVE-2013-2407 * CVE-2013-2454 * CVE-2013-2458 * CVE-2013-3744 * CVE-2013-2400 * CVE-2013-2456 * CVE-2013-2453 * CVE-2013-2457 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_7_0-ibm-8106 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_7_0-ibm-8106 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_7_0-ibm-8106 - SUSE Linux Enterprise Java 11 SP3: zypper in -t patch slejsp3-java-1_7_0-ibm-8106 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-2400.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2442.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2458.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2460.html http://support.novell.com/security/cve/CVE-2013-2462.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2466.html http://support.novell.com/security/cve/CVE-2013-2468.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3006.html http://support.novell.com/security/cve/CVE-2013-3007.html http://support.novell.com/security/cve/CVE-2013-3008.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3010.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-3744.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=46b916003a346af0c68c6fa166dec2e7 From sle-updates at lists.suse.com Thu Jul 25 12:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 20:04:19 +0200 (CEST) Subject: SUSE-RU-2013:1242-2: moderate: Recommended update for Python Message-ID: <20130725180419.37835321A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for Python ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1242-2 Rating: moderate References: #824713 #827982 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: The SSL module in Python has been adjusted to switch to default SSL certificate handling when no CA path is passed (bnc#827982). Additionally, the python-xml RPM now explicitly obsoletes pyxml (bnc#824713). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-python-201307-8075 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-python-201307-8075 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-python-201307-8075 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-python-201307-8075 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: python-devel-2.6.8-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 2.6.8]: python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64) [New Version: 2.6.8]: python-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.19.1 python-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-demo-2.6.8-0.19.1 python-gdbm-2.6.8-0.19.1 python-idle-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.19.1 python-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 2.6.8]: libpython2_6-1_0-x86-2.6.8-0.19.1 python-base-x86-2.6.8-0.19.1 python-x86-2.6.8-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.8]: libpython2_6-1_0-2.6.8-0.19.1 python-2.6.8-0.19.1 python-base-2.6.8-0.19.1 python-curses-2.6.8-0.19.1 python-devel-2.6.8-0.19.1 python-tk-2.6.8-0.19.1 python-xml-2.6.8-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 2.6.8]: libpython2_6-1_0-32bit-2.6.8-0.19.1 python-base-32bit-2.6.8-0.19.1 References: https://bugzilla.novell.com/824713 https://bugzilla.novell.com/827982 http://download.novell.com/patch/finder/?keywords=8e9e5a43f7281c8719bbb6ac2472a451 From sle-updates at lists.suse.com Thu Jul 25 12:04:23 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jul 2013 20:04:23 +0200 (CEST) Subject: SUSE-SU-2013:1257-1: important: Security update for java-1_7_0-ibm Message-ID: <20130725180423.2CD4F321A1@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1257-1 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-3744 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that fixes 45 vulnerabilities is now available. Description: IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3006 * CVE-2013-3007 * CVE-2013-3008 * CVE-2013-3009 * CVE-2013-3010 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2468 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2466 * CVE-2013-2462 * CVE-2013-2460 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2442 * CVE-2013-2407 * CVE-2013-2454 * CVE-2013-2458 * CVE-2013-3744 * CVE-2013-2400 * CVE-2013-2456 * CVE-2013-2453 * CVE-2013-2457 * CVE-2013-2455 * CVE-2013-2412 * CVE-2013-2443 * CVE-2013-2447 * CVE-2013-2437 * CVE-2013-2444 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-2449 * CVE-2013-2451 * CVE-2013-1500 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_7_0-ibm-8108 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_7_0-ibm-8108 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_7_0-ibm-8108 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_7_0-ibm-8108 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr5.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr5.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr5.0-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2400.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2437.html http://support.novell.com/security/cve/CVE-2013-2442.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2449.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2458.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2460.html http://support.novell.com/security/cve/CVE-2013-2462.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2466.html http://support.novell.com/security/cve/CVE-2013-2468.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3006.html http://support.novell.com/security/cve/CVE-2013-3007.html http://support.novell.com/security/cve/CVE-2013-3008.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3010.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-3744.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=d33fe1389ae24456dea9f1571dec1536 From sle-updates at lists.suse.com Fri Jul 26 12:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jul 2013 20:04:12 +0200 (CEST) Subject: SUSE-SU-2013:1260-1: moderate: Security update for Ruby Message-ID: <20130726180412.BC7E032050@maintenance.suse.de> SUSE Security Update: Security update for Ruby ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1260-1 Rating: moderate References: #827265 Cross-References: CVE-2013-4073 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Ruby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue. Security Issue reference: * CVE-2013-4073 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-ruby19-8034 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64) [New Version: 1.9.3.p392]: ruby19-1.9.3.p392-0.11.1 ruby19-devel-1.9.3.p392-0.11.1 ruby19-devel-extra-1.9.3.p392-0.11.1 References: http://support.novell.com/security/cve/CVE-2013-4073.html https://bugzilla.novell.com/827265 http://download.novell.com/patch/finder/?keywords=29602d8d2a0529ad20f0ae53e3115f54 From sle-updates at lists.suse.com Fri Jul 26 15:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jul 2013 23:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1261-1: important: Recommended update for NetworkManager-openvpn Message-ID: <20130726210410.1B62631FD7@maintenance.suse.de> SUSE Recommended Update: Recommended update for NetworkManager-openvpn ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1261-1 Rating: important References: #831378 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The following issue has been fixed: * #831378: NetworkManager applet missing SHA512 in VPN HMAC authtification GUI Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-NetworkManager-openvpn-8116 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-NetworkManager-openvpn-8116 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-NetworkManager-openvpn-8115 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-NetworkManager-openvpn-8115 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-NetworkManager-openvpn-8116 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-NetworkManager-openvpn-8115 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): NetworkManager-openvpn-0.7.1-3.7.1 NetworkManager-openvpn-gnome-0.7.1-3.7.1 References: https://bugzilla.novell.com/831378 http://download.novell.com/patch/finder/?keywords=9e6c84cb72f44f82de146ff094f5f161 http://download.novell.com/patch/finder/?keywords=ec6e65213a0c488fd3bbb85ae4c28374 From sle-updates at lists.suse.com Fri Jul 26 16:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jul 2013 00:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1262-1: moderate: Recommended update for release-notes-hae Message-ID: <20130726220411.49EDE31FD7@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-hae ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1262-1 Rating: moderate References: #826887 #829060 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise High Availability Extension 11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-release-notes-hae-8058 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.3.16]: release-notes-hae-11.3.16-0.11.2 References: https://bugzilla.novell.com/826887 https://bugzilla.novell.com/829060 http://download.novell.com/patch/finder/?keywords=1879cdcd4e7613b441bbb0229db11cc0 From sle-updates at lists.suse.com Sat Jul 27 09:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jul 2013 17:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1263-1: important: Security update for java-1_5_0-ibm Message-ID: <20130727150410.4F2DB3205F@maintenance.suse.de> SUSE Security Update: Security update for java-1_5_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1263-1 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. Description: IBM Java 1.5.0 has been updated to SR16-FP3 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bug has been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2454 * CVE-2013-2456 * CVE-2013-2457 * CVE-2013-2455 * CVE-2013-2443 * CVE-2013-2447 * CVE-2013-2444 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-1500 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_5_0-ibm-jdbc-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_5_0-ibm-64bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Java 10 SP4 (ppc): java-1_5_0-ibm-jdbc-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): java-1_5_0-ibm-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-demo-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-src-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-jdbc-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr16.3-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=4ed92cf0de9b3b679aefd2605f9c3f66 From sle-updates at lists.suse.com Sat Jul 27 09:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jul 2013 17:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1255-2: important: Security update for java-1_6_0-ibm Message-ID: <20130727150415.A82BC32076@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1255-2 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that fixes 35 vulnerabilities is now available. Description: IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2468 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2466 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2442 * CVE-2013-2407 * CVE-2013-2454 * CVE-2013-2456 * CVE-2013-2453 * CVE-2013-2457 * CVE-2013-2455 * CVE-2013-2412 * CVE-2013-2443 * CVE-2013-2447 * CVE-2013-2437 * CVE-2013-2444 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-2451 * CVE-2013-1500 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_6_0-ibm-8107 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_6_0-ibm-8107 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_6_0-ibm-8107 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_6_0-ibm-8107 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2437.html http://support.novell.com/security/cve/CVE-2013-2442.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2466.html http://support.novell.com/security/cve/CVE-2013-2468.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=fb449952ea439a5cac5ed9583009a7ca From sle-updates at lists.suse.com Sat Jul 27 09:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jul 2013 17:04:19 +0200 (CEST) Subject: SUSE-SU-2013:1264-1: important: Security update for java-1_4_2-ibm Message-ID: <20130727150419.9223A32076@maintenance.suse.de> SUSE Security Update: Security update for java-1_4_2-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1264-1 Rating: important References: #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-2446 CVE-2013-2447 CVE-2013-2450 CVE-2013-2452 CVE-2013-2456 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP2 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that fixes 18 vulnerabilities is now available. Description: IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bug has been fixed: * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2456 * CVE-2013-2447 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1500 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_4_2-ibm-8109 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_4_2-ibm-8109 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_4_2-ibm-8109 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_4_2-ibm-8109 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.7.1 java-1_4_2-ibm-devel-1.4.2_sr13.18-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.7.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.4.1 java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.4.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.18-0.7.1 java-1_4_2-ibm-devel-1.4.2_sr13.18-0.7.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.18-0.7.1 - SUSE Linux Enterprise Java 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.18-0.7.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=399735ab8d205f1101d90585a46d9b56 http://download.novell.com/patch/finder/?keywords=cee913adfb40cb03092c372e3c78ba19 From sle-updates at lists.suse.com Sat Jul 27 09:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jul 2013 17:04:26 +0200 (CEST) Subject: SUSE-SU-2013:1265-1: moderate: Security update for wireshark Message-ID: <20130727150426.04E0532076@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1265-1 Rating: moderate References: #813217 #816517 #816887 #820973 #824900 Cross-References: CVE-2013-2486 CVE-2013-2487 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4074 CVE-2013-4075 CVE-2013-4076 CVE-2013-4077 CVE-2013-4078 CVE-2013-4079 CVE-2013-4080 CVE-2013-4081 CVE-2013-4082 CVE-2013-4083 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. It includes one version update. Description: This wireshark version update to 1.8.8 includes several security and general bug fixes. Version update to 1.8.8 [bnc#824900]: * vulnerabilities fixed: o The CAPWAP dissector could crash. wnpa-sec-2013-32 CVE-2013-4074 o The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 CVE-2013-4075 o The PPP dissector could crash. wnpa-sec-2013-34 CVE-2013-4076 o The NBAP dissector could crash. wnpa-sec-2013-35 CVE-2013-4077 o The RDP dissector could crash. wnpa-sec-2013-36 CVE-2013-4078 o The GSM CBCH dissector could crash. wnpa-sec-2013-37 CVE-2013-4079 o The Assa Abloy R3 dissector could consume excessive memory and CPU. wnpa-sec-2013-38 CVE-2013-4080 o The HTTP dissector could overrun the stack. wnpa-sec-2013-39 CVE-2013-4081 o The Ixia IxVeriWave file parser could overflow the heap. wnpa-sec-2013-40 CVE-2013-4082 o The DCP ETSI dissector could crash. wnpa-sec-2013-41 CVE-2013-4083 * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html Version update to 1.8.7 [bnc#813217, bnc#820973]: * vulnerabilities fixed: o The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 o The GTPv2 dissector could crash. wnpa-sec-2013-24 o The ASN.1 BER dissector could crash. wnpa-sec-2013-25 o The PPP CCP dissector could crash. wnpa-sec-2013-26 o The DCP ETSI dissector could crash. wnpa-sec-2013-27 o The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28 o The Websocket dissector could crash. wnpa-sec-2013-29 o The MySQL dissector could go into an infinite loop. wnpa-sec-2013-30 o The ETCH dissector could go into a large loop. wnpa-sec-2013-31 * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html Ohter bug fixes: * bnc#816517: 'Save As' Nokia libpcap corrupting the file * bnc#816887: wireshark crashed in 'SCTP' -> 'Prepare Filter for this Association' Security Issue references: * CVE-2013-2486 * CVE-2013-2487 * CVE-2013-3555 * CVE-2013-3556 * CVE-2013-3557 * CVE-2013-3558 * CVE-2013-3559 * CVE-2013-3560 * CVE-2013-3561 * CVE-2013-3562 * CVE-2013-3561 * CVE-2013-3561 * CVE-2013-4074 * CVE-2013-4075 * CVE-2013-4076 * CVE-2013-4077 * CVE-2013-4078 * CVE-2013-4079 * CVE-2013-4080 * CVE-2013-4081 * CVE-2013-4082 * CVE-2013-4083 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-wireshark-8045 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-wireshark-8044 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wireshark-8045 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wireshark-8045 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-wireshark-8044 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-wireshark-8044 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wireshark-8045 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-wireshark-8044 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.8]: wireshark-devel-1.8.8-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.8]: wireshark-devel-1.8.8-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.8.8]: wireshark-1.8.8-0.2.1 References: http://support.novell.com/security/cve/CVE-2013-2486.html http://support.novell.com/security/cve/CVE-2013-2487.html http://support.novell.com/security/cve/CVE-2013-3555.html http://support.novell.com/security/cve/CVE-2013-3556.html http://support.novell.com/security/cve/CVE-2013-3557.html http://support.novell.com/security/cve/CVE-2013-3558.html http://support.novell.com/security/cve/CVE-2013-3559.html http://support.novell.com/security/cve/CVE-2013-3560.html http://support.novell.com/security/cve/CVE-2013-3561.html http://support.novell.com/security/cve/CVE-2013-3562.html http://support.novell.com/security/cve/CVE-2013-4074.html http://support.novell.com/security/cve/CVE-2013-4075.html http://support.novell.com/security/cve/CVE-2013-4076.html http://support.novell.com/security/cve/CVE-2013-4077.html http://support.novell.com/security/cve/CVE-2013-4078.html http://support.novell.com/security/cve/CVE-2013-4079.html http://support.novell.com/security/cve/CVE-2013-4080.html http://support.novell.com/security/cve/CVE-2013-4081.html http://support.novell.com/security/cve/CVE-2013-4082.html http://support.novell.com/security/cve/CVE-2013-4083.html https://bugzilla.novell.com/813217 https://bugzilla.novell.com/816517 https://bugzilla.novell.com/816887 https://bugzilla.novell.com/820973 https://bugzilla.novell.com/824900 http://download.novell.com/patch/finder/?keywords=01bde4a9b83d054d421819162ba7b352 http://download.novell.com/patch/finder/?keywords=9e62de2dfb272343bbe45e5f61e345fa From sle-updates at lists.suse.com Mon Jul 29 14:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 29 Jul 2013 22:04:08 +0200 (CEST) Subject: SUSE-RU-2013:1273-1: Recommended update for open-iscsi Message-ID: <20130729200408.D9B8532056@maintenance.suse.de> SUSE Recommended Update: Recommended update for open-iscsi ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1273-1 Rating: low References: #751056 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: The Open-iSCSI Software Initiator has been updated to version 2.0.873, which brings improved IPv6 support and fixes many issues. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-open-iscsi-7835 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-open-iscsi-7835 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-open-iscsi-7835 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.0.873]: open-iscsi-2.0.873-0.6.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.0.873]: open-iscsi-2.0.873-0.6.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.0.873]: open-iscsi-2.0.873-0.6.3.1 References: https://bugzilla.novell.com/751056 http://download.novell.com/patch/finder/?keywords=7938643aca10d2d3966035f6e9a7cc28 From sle-updates at lists.suse.com Mon Jul 29 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 00:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1100-2: moderate: Security update for xorg-x11-libX11 Message-ID: <20130729220410.02B3732056@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libX11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1100-2 Rating: moderate References: #815451 #821664 Cross-References: CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update of xorg-x11-libX11 fixes several security issues. Bug 815451/821664 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 Security Issues: * CVE-2013-1981 * CVE-2013-1997 * CVE-2013-2004 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libX11-7935 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libX11-7935 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libX11-7935 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libX11-7935 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libX11-devel-7.4-5.11.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libX11-devel-32bit-7.4-5.11.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libX11-7.4-5.11.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libX11-32bit-7.4-5.11.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libX11-7.4-5.11.11.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libX11-32bit-7.4-5.11.11.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libX11-x86-7.4-5.11.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libX11-7.4-5.11.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libX11-32bit-7.4-5.11.11.1 References: http://support.novell.com/security/cve/CVE-2013-1981.html http://support.novell.com/security/cve/CVE-2013-1997.html http://support.novell.com/security/cve/CVE-2013-2004.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821664 http://download.novell.com/patch/finder/?keywords=18c09be3783b0f72c649ee4e9e8e7f42 From sle-updates at lists.suse.com Mon Jul 29 16:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 00:04:14 +0200 (CEST) Subject: SUSE-SU-2013:1099-2: moderate: Security update for xorg-x11-libXext Message-ID: <20130729220414.1A3A0321E7@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXext ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1099-2 Rating: moderate References: #815451 #821665 Cross-References: CVE-2013-1982 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update of xorg-x11-libXext fixes several integer overflow issues. Bug 815451/821665 CVE-2013-1982 Security Issues: * CVE-2013-1982 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXext-7931 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXext-7931 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXext-7931 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXext-7931 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXext-devel-7.4-1.18.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXext-devel-32bit-7.4-1.18.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXext-7.4-1.18.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXext-32bit-7.4-1.18.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXext-7.4-1.18.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXext-32bit-7.4-1.18.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXext-x86-7.4-1.18.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXext-7.4-1.18.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXext-32bit-7.4-1.18.2 References: http://support.novell.com/security/cve/CVE-2013-1982.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821665 http://download.novell.com/patch/finder/?keywords=2518d7a22ec20c4db41fa63abeae4f84 From sle-updates at lists.suse.com Mon Jul 29 16:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 00:04:19 +0200 (CEST) Subject: SUSE-SU-2013:1095-2: moderate: Security update for xorg-x11-libXrender Message-ID: <20130729220419.C1D17321E7@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXrender ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1095-2 Rating: moderate References: #815451 #821669 Cross-References: CVE-2013-1987 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update of xorg-x11-libXrender fixes several integer overflow issues. Bug 815451/821669 CVE-2013-1987 Security Issues: * CVE-2013-1987 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXrender-7939 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXrender-7939 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXrender-7939 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXrender-7939 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXrender-devel-7.4-1.16.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXrender-devel-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXrender-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXrender-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXrender-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXrender-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXrender-x86-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXrender-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXrender-32bit-7.4-1.16.2 References: http://support.novell.com/security/cve/CVE-2013-1987.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821669 http://download.novell.com/patch/finder/?keywords=2765be2a03c13e81cedf83e40ae62f8c From sle-updates at lists.suse.com Mon Jul 29 17:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1260-2: moderate: Security update for ruby Message-ID: <20130729230410.5BF1C32052@maintenance.suse.de> SUSE Security Update: Security update for ruby ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1260-2 Rating: moderate References: #827265 Cross-References: CVE-2013-4073 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Ruby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue. Security Issues: * CVE-2013-4073 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): ruby-1.8.6.p369-0.16.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): ruby-1.8.6.p369-0.16.1 ruby-devel-1.8.6.p369-0.16.1 ruby-doc-html-1.8.6.p369-0.16.1 ruby-doc-ri-1.8.6.p369-0.16.1 ruby-examples-1.8.6.p369-0.16.1 ruby-test-suite-1.8.6.p369-0.16.1 ruby-tk-1.8.6.p369-0.16.1 References: http://support.novell.com/security/cve/CVE-2013-4073.html https://bugzilla.novell.com/827265 http://download.novell.com/patch/finder/?keywords=5ac82f78b15c4acb20e9a4af1b508de8 From sle-updates at lists.suse.com Mon Jul 29 17:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:14 +0200 (CEST) Subject: SUSE-SU-2013:1097-2: moderate: Security update for xorg-x11-libXfixes Message-ID: <20130729230414.135CA32071@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXfixes ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1097-2 Rating: moderate References: #815451 #821667 Cross-References: CVE-2013-1983 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update of xorg-x11-libXfixes fixed a integer overflow issue. Bug 815451/821667 CVE-2013-1983 Security Issues: * CVE-2013-1983 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXfixes-7937 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXfixes-7937 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXfixes-7937 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXfixes-7937 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXfixes-devel-7.4-1.16.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXfixes-devel-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXfixes-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXfixes-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXfixes-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXfixes-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXfixes-x86-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXfixes-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXfixes-32bit-7.4-1.16.2 References: http://support.novell.com/security/cve/CVE-2013-1983.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821667 http://download.novell.com/patch/finder/?keywords=93c8b7ab05eafa7b08f144755368a71d From sle-updates at lists.suse.com Mon Jul 29 17:04:17 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:17 +0200 (CEST) Subject: SUSE-SU-2013:1104-2: moderate: Security update for xorg-x11-libXv Message-ID: <20130729230417.9F78732071@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXv ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1104-2 Rating: moderate References: #815451 #821671 Cross-References: CVE-2013-1989 CVE-2013-2066 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of xorg-x11-libXv fixes several integer and buffer overflow issues. Bug 815451/821671 CVE-2013-1989/CVE-2013-2066 Security Issues: * CVE-2013-1989 * CVE-2013-2066 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXv-7943 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXv-7943 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXv-7943 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXv-7943 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXv-devel-7.4-1.16.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXv-devel-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXv-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXv-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXv-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXv-32bit-7.4-1.16.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXv-x86-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXv-7.4-1.16.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXv-32bit-7.4-1.16.2 References: http://support.novell.com/security/cve/CVE-2013-1989.html http://support.novell.com/security/cve/CVE-2013-2066.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821671 http://download.novell.com/patch/finder/?keywords=37bcceb85480505f1de068e022d7408f From sle-updates at lists.suse.com Mon Jul 29 17:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:21 +0200 (CEST) Subject: SUSE-SU-2013:1101-2: moderate: Security update for xorg-x11-libXt Message-ID: <20130729230421.67FFA32071@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXt ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1101-2 Rating: moderate References: #815451 #821670 Cross-References: CVE-2013-2002 CVE-2013-2005 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of xorg-x11-libXt fixes several integer and buffer overflow issues. Bug 815451/821670 CVE-2013-2002/CVE-2013-2005 Security Issues: * CVE-2013-2002 * CVE-2013-2005 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXt-7940 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXt-7940 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXt-7940 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXt-7940 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXt-devel-7.4-1.19.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXt-devel-32bit-7.4-1.19.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXt-7.4-1.19.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXt-32bit-7.4-1.19.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXt-7.4-1.19.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXt-32bit-7.4-1.19.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXt-x86-7.4-1.19.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXt-7.4-1.19.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXt-32bit-7.4-1.19.2 References: http://support.novell.com/security/cve/CVE-2013-2002.html http://support.novell.com/security/cve/CVE-2013-2005.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821670 http://download.novell.com/patch/finder/?keywords=2941d40198f708a04aedc59caccba8ff From sle-updates at lists.suse.com Mon Jul 29 17:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:26 +0200 (CEST) Subject: SUSE-SU-2013:1102-2: moderate: Security update for xorg-x11-libXp Message-ID: <20130729230426.C8AD232071@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libXp ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1102-2 Rating: moderate References: #815451 #821668 Cross-References: CVE-2013-2062 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update of xorg-x11-libXp fixes several integer overflow issues. Bug 815451/821668 CVE-2013-2062 Security Issues: * CVE-2013-2062 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-libXp-7938 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-libXp-7938 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-libXp-7938 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-libXp-7938 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXp-devel-7.4-1.18.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXp-devel-32bit-7.4-1.18.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libXp-7.4-1.18.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libXp-32bit-7.4-1.18.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libXp-7.4-1.18.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libXp-32bit-7.4-1.18.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libXp-x86-7.4-1.18.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libXp-7.4-1.18.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libXp-32bit-7.4-1.18.1 References: http://support.novell.com/security/cve/CVE-2013-2062.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821668 http://download.novell.com/patch/finder/?keywords=972011b953bf640461cbba5d1cd82d4f From sle-updates at lists.suse.com Mon Jul 29 17:04:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 01:04:30 +0200 (CEST) Subject: SUSE-SU-2013:1103-2: moderate: Security update for xorg-x11-libs Message-ID: <20130729230430.8461332071@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libs ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1103-2 Rating: moderate References: #815451 #821663 Cross-References: CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1988 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2003 CVE-2013-2063 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: This update of xorg-x11-libs fixes several integer and buffer overflow issues. Bug 815451/821663 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1988 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2003 CVE-2013-2063 Security Issues: * CVE-2013-1984 * CVE-2013-1985 * CVE-2013-1986 * CVE-2013-1988 * CVE-2013-1990 * CVE-2013-1991 * CVE-2013-1992 * CVE-2013-1995 * CVE-2013-1996 * CVE-2013-1998 * CVE-2013-1999 * CVE-2013-2000 * CVE-2013-2001 * CVE-2013-2003 * CVE-2013-2063 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-devel-7944 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-devel-7944 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-devel-7944 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-devel-7944 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-devel-7.4-8.26.38.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): xorg-x11-devel-32bit-7.4-8.26.38.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-libs-7.4-8.26.38.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): xorg-x11-libs-32bit-7.4-8.26.38.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libs-7.4-8.26.38.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): xorg-x11-libs-32bit-7.4-8.26.38.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): xorg-x11-libs-x86-7.4-8.26.38.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-libs-7.4-8.26.38.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xorg-x11-libs-32bit-7.4-8.26.38.1 References: http://support.novell.com/security/cve/CVE-2013-1984.html http://support.novell.com/security/cve/CVE-2013-1985.html http://support.novell.com/security/cve/CVE-2013-1986.html http://support.novell.com/security/cve/CVE-2013-1988.html http://support.novell.com/security/cve/CVE-2013-1990.html http://support.novell.com/security/cve/CVE-2013-1991.html http://support.novell.com/security/cve/CVE-2013-1992.html http://support.novell.com/security/cve/CVE-2013-1995.html http://support.novell.com/security/cve/CVE-2013-1996.html http://support.novell.com/security/cve/CVE-2013-1998.html http://support.novell.com/security/cve/CVE-2013-1999.html http://support.novell.com/security/cve/CVE-2013-2000.html http://support.novell.com/security/cve/CVE-2013-2001.html http://support.novell.com/security/cve/CVE-2013-2003.html http://support.novell.com/security/cve/CVE-2013-2063.html https://bugzilla.novell.com/815451 https://bugzilla.novell.com/821663 http://download.novell.com/patch/finder/?keywords=2d5dcd5bd8bbc27c0d647108435ab8e3 From sle-updates at lists.suse.com Tue Jul 30 09:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 17:04:08 +0200 (CEST) Subject: SUSE-SU-2013:1263-2: important: Security update for java-1_5_0-ibm Message-ID: <20130730150408.A717E3208B@maintenance.suse.de> SUSE Security Update: Security update for java-1_5_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1263-2 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2452 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. Description: IBM Java 1.5.0 was updated to SR16-FP3 to fix bugs and security issues: CVE-2013-3009, CVE-2013-3011, CVE-2013-3012, CVE-2013-4002, CVE-2013-2469, CVE-2013-2465, CVE-2013-2464, CVE-2013-2463, CVE-2013-2473, CVE-2013-2472, CVE-2013-2471, CVE-2013-2470, CVE-2013-2459, CVE-2013-3743, CVE-2013-2448, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2455, CVE-2013-2443, CVE-2013-2447, CVE-2013-2444, CVE-2013-2452, CVE-2013-2446, CVE-2013-2450, CVE-2013-1571, CVE-2013-1500 Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Additionally, the following bugs have been fixed: - Add Europe/Busingen to tzmappings (bnc#817062) - Mark files in jre/bin and bin/ as executable (bnc#823034). Security Issues: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-2469 * CVE-2013-4002 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2454 * CVE-2013-2457 * CVE-2013-2456 * CVE-2013-2455 * CVE-2013-2443 * CVE-2013-2444 * CVE-2013-2447 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-1500 Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-fonts-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.3-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-jdbc-1.5.0_sr16.3-0.5.1 java-1_5_0-ibm-plugin-1.5.0_sr16.3-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=4829d9187c70595f2f4afabf4dcf6504 From sle-updates at lists.suse.com Tue Jul 30 10:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 18:04:08 +0200 (CEST) Subject: SUSE-RU-2013:1275-1: Recommended update for GStreamer plug-ins Message-ID: <20130730160408.1589132085@maintenance.suse.de> SUSE Recommended Update: Recommended update for GStreamer plug-ins ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1275-1 Rating: low References: #458213 #749974 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for the GStreamer plug-ins enhances detection of double-byte character sets in the meta-data of music files (bnc#458213). Additionally an issue has been fixed which avoids artifacts caused by the edge effect (bnc#749974). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gstreamer-plugins-7952 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gstreamer-plugins-7952 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gstreamer-plugins-7952 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gstreamer-0_10-plugins-good-0.10.30-5.12.15 gstreamer-0_10-plugins-good-doc-0.10.30-5.12.15 gstreamer-0_10-plugins-good-lang-0.10.30-5.12.15 gstreamer-0_10-plugins-v4l-0.10.30-0.12.14 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gstreamer-0_10-plugins-good-0.10.30-5.12.15 gstreamer-0_10-plugins-good-doc-0.10.30-5.12.15 gstreamer-0_10-plugins-good-lang-0.10.30-5.12.15 gstreamer-0_10-plugins-v4l-0.10.30-0.12.14 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gstreamer-0_10-plugins-good-0.10.30-5.12.15 gstreamer-0_10-plugins-good-lang-0.10.30-5.12.15 gstreamer-0_10-plugins-v4l-0.10.30-0.12.14 References: https://bugzilla.novell.com/458213 https://bugzilla.novell.com/749974 http://download.novell.com/patch/finder/?keywords=5d769b4248bb3f1852dbc1ea8b28e549 From sle-updates at lists.suse.com Tue Jul 30 11:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 19:04:09 +0200 (CEST) Subject: SUSE-SU-2013:1255-3: important: Security update for IBM Java 1.6.0 Message-ID: <20130730170409.2124432085@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.6.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1255-3 Rating: important References: #817062 #823034 #829212 Cross-References: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-4002 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes 35 vulnerabilities is now available. Description: IBM Java 1.6.0 was updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed: * add Europe/Busingen to tzmappings (bnc#817062) * mark files in jre/bin and bin/ as executable (bnc#823034) Security Issue references: * CVE-2013-3009 * CVE-2013-3011 * CVE-2013-3012 * CVE-2013-4002 * CVE-2013-2468 * CVE-2013-2469 * CVE-2013-2465 * CVE-2013-2464 * CVE-2013-2463 * CVE-2013-2473 * CVE-2013-2472 * CVE-2013-2471 * CVE-2013-2470 * CVE-2013-2459 * CVE-2013-2466 * CVE-2013-3743 * CVE-2013-2448 * CVE-2013-2442 * CVE-2013-2407 * CVE-2013-2454 * CVE-2013-2456 * CVE-2013-2453 * CVE-2013-2457 * CVE-2013-2455 * CVE-2013-2412 * CVE-2013-2443 * CVE-2013-2447 * CVE-2013-2437 * CVE-2013-2444 * CVE-2013-2452 * CVE-2013-2446 * CVE-2013-2450 * CVE-2013-1571 * CVE-2013-2451 * CVE-2013-1500 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-8114 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-8114 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr14.0-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr14.0-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr14.0-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-1500.html http://support.novell.com/security/cve/CVE-2013-1571.html http://support.novell.com/security/cve/CVE-2013-2407.html http://support.novell.com/security/cve/CVE-2013-2412.html http://support.novell.com/security/cve/CVE-2013-2437.html http://support.novell.com/security/cve/CVE-2013-2442.html http://support.novell.com/security/cve/CVE-2013-2443.html http://support.novell.com/security/cve/CVE-2013-2444.html http://support.novell.com/security/cve/CVE-2013-2446.html http://support.novell.com/security/cve/CVE-2013-2447.html http://support.novell.com/security/cve/CVE-2013-2448.html http://support.novell.com/security/cve/CVE-2013-2450.html http://support.novell.com/security/cve/CVE-2013-2451.html http://support.novell.com/security/cve/CVE-2013-2452.html http://support.novell.com/security/cve/CVE-2013-2453.html http://support.novell.com/security/cve/CVE-2013-2454.html http://support.novell.com/security/cve/CVE-2013-2455.html http://support.novell.com/security/cve/CVE-2013-2456.html http://support.novell.com/security/cve/CVE-2013-2457.html http://support.novell.com/security/cve/CVE-2013-2459.html http://support.novell.com/security/cve/CVE-2013-2463.html http://support.novell.com/security/cve/CVE-2013-2464.html http://support.novell.com/security/cve/CVE-2013-2465.html http://support.novell.com/security/cve/CVE-2013-2466.html http://support.novell.com/security/cve/CVE-2013-2468.html http://support.novell.com/security/cve/CVE-2013-2469.html http://support.novell.com/security/cve/CVE-2013-2470.html http://support.novell.com/security/cve/CVE-2013-2471.html http://support.novell.com/security/cve/CVE-2013-2472.html http://support.novell.com/security/cve/CVE-2013-2473.html http://support.novell.com/security/cve/CVE-2013-3009.html http://support.novell.com/security/cve/CVE-2013-3011.html http://support.novell.com/security/cve/CVE-2013-3012.html http://support.novell.com/security/cve/CVE-2013-3743.html http://support.novell.com/security/cve/CVE-2013-4002.html https://bugzilla.novell.com/817062 https://bugzilla.novell.com/823034 https://bugzilla.novell.com/829212 http://download.novell.com/patch/finder/?keywords=6c8543f9239e4d607bb2deb278b06a48 From sle-updates at lists.suse.com Tue Jul 30 12:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 20:04:08 +0200 (CEST) Subject: SUSE-SU-2013:1260-3: moderate: Security update for ruby Message-ID: <20130730180408.A22D832060@maintenance.suse.de> SUSE Security Update: Security update for ruby ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1260-3 Rating: moderate References: #827265 Cross-References: CVE-2013-4073 Affected Products: WebYaST 1.3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Ruby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue. Security Issue reference: * CVE-2013-4073 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.3: zypper in -t patch slewyst13-ruby-8026 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-ruby-8027 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ruby-8026 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ruby-8027 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ruby-8027 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ruby-8026 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ruby-8026 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-ruby-8027 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ruby-8026 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-ruby-8026 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.3 (i586 ia64 ppc64 s390x x86_64): ruby-devel-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): ruby-devel-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-doc-ri-1.8.7.p357-0.9.11.1 ruby-examples-1.8.7.p357-0.9.11.1 ruby-test-suite-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ruby-devel-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-doc-ri-1.8.7.p357-0.9.11.1 ruby-examples-1.8.7.p357-0.9.11.1 ruby-test-suite-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ruby-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): ruby-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ruby-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ruby-1.8.7.p357-0.9.11.1 ruby-doc-html-1.8.7.p357-0.9.11.1 ruby-tk-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): ruby-1.8.7.p357-0.9.11.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ruby-1.8.7.p357-0.9.11.1 - SUSE Lifecycle Management Server 1.3 (x86_64): ruby-devel-1.8.7.p357-0.9.11.1 References: http://support.novell.com/security/cve/CVE-2013-4073.html https://bugzilla.novell.com/827265 http://download.novell.com/patch/finder/?keywords=480d98ab926aa6d71214ec344385e860 http://download.novell.com/patch/finder/?keywords=dadfddbbfab29e11abd8155e45470f82 From sle-updates at lists.suse.com Tue Jul 30 14:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 22:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1276-1: moderate: Security update for wireshark Message-ID: <20130730200410.EFA433205F@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1276-1 Rating: moderate References: #816887 #820973 #824900 Cross-References: CVE-2013-2486 CVE-2013-2487 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4074 CVE-2013-4075 CVE-2013-4076 CVE-2013-4077 CVE-2013-4078 CVE-2013-4079 CVE-2013-4080 CVE-2013-4081 CVE-2013-4082 CVE-2013-4083 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. Description: This wireshark version update to 1.6.16 includes several security and general bug fixes. http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html * The CAPWAP dissector could crash. Discovered by Laurent Butti. (CVE-2013-4074) * The HTTP dissector could overrun the stack. Discovered by David Keeler. (CVE-2013-4081) * The DCP ETSI dissector could crash. (CVE-2013-4083) http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html * The ASN.1 BER dissector could crash. ( CVE-2013-3556 CVE-2013-3557 ) The releases also fix various non-security issues. Additionally, a crash in processing SCTP filters has been fixed. (bug#816887) Security Issue references: * CVE-2013-2486 * CVE-2013-2487 * CVE-2013-3555 * CVE-2013-3556 * CVE-2013-3557 * CVE-2013-3558 * CVE-2013-3559 * CVE-2013-3560 * CVE-2013-3561 * CVE-2013-3562 * CVE-2013-3561 * CVE-2013-3561 * CVE-2013-4074 * CVE-2013-4075 * CVE-2013-4076 * CVE-2013-4077 * CVE-2013-4078 * CVE-2013-4079 * CVE-2013-4080 * CVE-2013-4081 * CVE-2013-4082 * CVE-2013-4083 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-1.6.16-0.5.5 wireshark-devel-1.6.16-0.5.5 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): wireshark-1.6.16-0.5.5 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): wireshark-devel-1.6.16-0.5.5 References: http://support.novell.com/security/cve/CVE-2013-2486.html http://support.novell.com/security/cve/CVE-2013-2487.html http://support.novell.com/security/cve/CVE-2013-3555.html http://support.novell.com/security/cve/CVE-2013-3556.html http://support.novell.com/security/cve/CVE-2013-3557.html http://support.novell.com/security/cve/CVE-2013-3558.html http://support.novell.com/security/cve/CVE-2013-3559.html http://support.novell.com/security/cve/CVE-2013-3560.html http://support.novell.com/security/cve/CVE-2013-3561.html http://support.novell.com/security/cve/CVE-2013-3562.html http://support.novell.com/security/cve/CVE-2013-4074.html http://support.novell.com/security/cve/CVE-2013-4075.html http://support.novell.com/security/cve/CVE-2013-4076.html http://support.novell.com/security/cve/CVE-2013-4077.html http://support.novell.com/security/cve/CVE-2013-4078.html http://support.novell.com/security/cve/CVE-2013-4079.html http://support.novell.com/security/cve/CVE-2013-4080.html http://support.novell.com/security/cve/CVE-2013-4081.html http://support.novell.com/security/cve/CVE-2013-4082.html http://support.novell.com/security/cve/CVE-2013-4083.html https://bugzilla.novell.com/816887 https://bugzilla.novell.com/820973 https://bugzilla.novell.com/824900 http://download.novell.com/patch/finder/?keywords=cb4504a53f9b3d0625f514d688e2c947 From sle-updates at lists.suse.com Tue Jul 30 14:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 22:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1277-1: Recommended update for sleshammer Message-ID: <20130730200414.CA69B32240@maintenance.suse.de> SUSE Recommended Update: Recommended update for sleshammer ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1277-1 Rating: low References: #821024 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sleshammer provides the following enhancements: * Add kernel-firmware package to the default image (bnc#821024) * Use XZ compression for initrd to save up to 38% disk space. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-sleshammer-8098 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): sleshammer-0.1-0.15.1 References: https://bugzilla.novell.com/821024 http://download.novell.com/patch/finder/?keywords=ea8328e06bdbdf2413f1ece4e97d986a From sle-updates at lists.suse.com Tue Jul 30 15:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jul 2013 23:04:08 +0200 (CEST) Subject: SUSE-RU-2013:1278-1: important: Recommended update for python-xml Message-ID: <20130730210408.E48E032060@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-xml ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1278-1 Rating: important References: #824713 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes the python-xml package to no longer provide and obsolete PyXML. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-xml-8128 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-xml-8128 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-python-xml-8127 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-python-xml-8127 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-xml-8128 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-python-xml-8127 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): python-xml-2.6.8-0.21.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): python-xml-2.6.8-0.21.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.6.8]: python-xml-2.6.8-0.21.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.8]: python-xml-2.6.8-0.21.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): python-xml-2.6.8-0.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.8]: python-xml-2.6.8-0.21.1 References: https://bugzilla.novell.com/824713 http://download.novell.com/patch/finder/?keywords=36fc0013f14b13b32ec86594703e688f http://download.novell.com/patch/finder/?keywords=95922ad8cff177dd4eed4772f2aa245c From sle-updates at lists.suse.com Wed Jul 31 10:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Jul 2013 18:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1282-1: important: Recommended update for Kernel Module Packages Message-ID: <20130731160410.AB82D3205E@maintenance.suse.de> SUSE Recommended Update: Recommended update for Kernel Module Packages ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1282-1 Rating: important References: #830324 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides IP Virtual Server kernel modules signed for systems that use UEFI Secure Boot. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-cluster-network-8092 slehasp3-ocfs2-8093 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.82_0.7-2.27.1 cluster-network-kmp-trace-1.4_3.0.82_0.7-2.27.1 ocfs2-kmp-default-1.6_3.0.82_0.7-0.20.1 ocfs2-kmp-trace-1.6_3.0.82_0.7-0.20.1 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.82_0.7-2.27.1 ocfs2-kmp-xen-1.6_3.0.82_0.7-0.20.1 - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.82_0.7-2.27.1 ocfs2-kmp-ppc64-1.6_3.0.82_0.7-0.20.1 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586): cluster-network-kmp-pae-1.4_3.0.82_0.7-2.27.1 ocfs2-kmp-pae-1.6_3.0.82_0.7-0.20.1 References: https://bugzilla.novell.com/830324 http://download.novell.com/patch/finder/?keywords=c2fe839a5e0016b4cb8813d9b9aa9f3d http://download.novell.com/patch/finder/?keywords=f5bf66f6a62628edfeb22042901d38f6 From sle-updates at lists.suse.com Wed Jul 31 12:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Jul 2013 20:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1283-1: Recommended update for s390-tools Message-ID: <20130731180409.E62A232085@maintenance.suse.de> SUSE Recommended Update: Recommended update for s390-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1283-1 Rating: low References: #658453 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for s390-tools adds udev rules to create by-path links for DASD devices. Package List: - SUSE Linux Enterprise Server 10 SP4 (s390x): osasnmpd-1.6.3-0.46.1 s390-tools-1.6.3-0.46.1 - SLE SDK 10 SP4 (s390x): osasnmpd-1.6.3-0.46.1 s390-tools-1.6.3-0.46.1 References: https://bugzilla.novell.com/658453 http://download.novell.com/patch/finder/?keywords=237d898a702a3f555f60105e6896d4a5 From sle-updates at lists.suse.com Wed Jul 31 12:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 31 Jul 2013 20:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1284-1: moderate: Recommended update for release-notes-hae Message-ID: <20130731180414.129EE32246@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-hae ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1284-1 Rating: moderate References: #831635 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise High Availability Extension 11 SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-release-notes-hae-8139 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.3.17]: release-notes-hae-11.3.17-0.7.1 References: https://bugzilla.novell.com/831635 http://download.novell.com/patch/finder/?keywords=a1f633a8dc2f6f6144496c57a8c007de From sle-updates at lists.suse.com Wed Jul 31 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 1 Aug 2013 00:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1285-1: important: Security update for PHP5 Message-ID: <20130731220410.1D6B632058@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1285-1 Rating: important References: #807707 #828020 #829207 Cross-References: CVE-2013-1635 CVE-2013-1643 CVE-2013-4113 CVE-2013-4635 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: The following security issues have been fixed: * CVE-2013-4635 (bnc#828020): o Integer overflow in SdnToJewish() * CVE-2013-1635 and CVE-2013-1643 (bnc#807707): o reading system files via untrusted SOAP input o soap.wsdl_cache_dir function did not honour PHP open_basedir * CVE-2013-4113 (bnc#829207): o heap corruption due to badly formed xml Security Issue references: * CVE-2013-4113 * CVE-2013-4635 * CVE-2013-1635 * CVE-2013-1643 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.42.1 php5-5.2.14-0.42.1 php5-bcmath-5.2.14-0.42.1 php5-bz2-5.2.14-0.42.1 php5-calendar-5.2.14-0.42.1 php5-ctype-5.2.14-0.42.1 php5-curl-5.2.14-0.42.1 php5-dba-5.2.14-0.42.1 php5-dbase-5.2.14-0.42.1 php5-devel-5.2.14-0.42.1 php5-dom-5.2.14-0.42.1 php5-exif-5.2.14-0.42.1 php5-fastcgi-5.2.14-0.42.1 php5-ftp-5.2.14-0.42.1 php5-gd-5.2.14-0.42.1 php5-gettext-5.2.14-0.42.1 php5-gmp-5.2.14-0.42.1 php5-hash-5.2.14-0.42.1 php5-iconv-5.2.14-0.42.1 php5-imap-5.2.14-0.42.1 php5-json-5.2.14-0.42.1 php5-ldap-5.2.14-0.42.1 php5-mbstring-5.2.14-0.42.1 php5-mcrypt-5.2.14-0.42.1 php5-mhash-5.2.14-0.42.1 php5-mysql-5.2.14-0.42.1 php5-ncurses-5.2.14-0.42.1 php5-odbc-5.2.14-0.42.1 php5-openssl-5.2.14-0.42.1 php5-pcntl-5.2.14-0.42.1 php5-pdo-5.2.14-0.42.1 php5-pear-5.2.14-0.42.1 php5-pgsql-5.2.14-0.42.1 php5-posix-5.2.14-0.42.1 php5-pspell-5.2.14-0.42.1 php5-shmop-5.2.14-0.42.1 php5-snmp-5.2.14-0.42.1 php5-soap-5.2.14-0.42.1 php5-sockets-5.2.14-0.42.1 php5-sqlite-5.2.14-0.42.1 php5-suhosin-5.2.14-0.42.1 php5-sysvmsg-5.2.14-0.42.1 php5-sysvsem-5.2.14-0.42.1 php5-sysvshm-5.2.14-0.42.1 php5-tokenizer-5.2.14-0.42.1 php5-wddx-5.2.14-0.42.1 php5-xmlreader-5.2.14-0.42.1 php5-xmlrpc-5.2.14-0.42.1 php5-xsl-5.2.14-0.42.1 php5-zlib-5.2.14-0.42.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.42.1 php5-5.2.14-0.42.1 php5-bcmath-5.2.14-0.42.1 php5-bz2-5.2.14-0.42.1 php5-calendar-5.2.14-0.42.1 php5-ctype-5.2.14-0.42.1 php5-curl-5.2.14-0.42.1 php5-dba-5.2.14-0.42.1 php5-dbase-5.2.14-0.42.1 php5-devel-5.2.14-0.42.1 php5-dom-5.2.14-0.42.1 php5-exif-5.2.14-0.42.1 php5-fastcgi-5.2.14-0.42.1 php5-ftp-5.2.14-0.42.1 php5-gd-5.2.14-0.42.1 php5-gettext-5.2.14-0.42.1 php5-gmp-5.2.14-0.42.1 php5-hash-5.2.14-0.42.1 php5-iconv-5.2.14-0.42.1 php5-imap-5.2.14-0.42.1 php5-ldap-5.2.14-0.42.1 php5-mbstring-5.2.14-0.42.1 php5-mcrypt-5.2.14-0.42.1 php5-mhash-5.2.14-0.42.1 php5-mysql-5.2.14-0.42.1 php5-ncurses-5.2.14-0.42.1 php5-odbc-5.2.14-0.42.1 php5-openssl-5.2.14-0.42.1 php5-pcntl-5.2.14-0.42.1 php5-pdo-5.2.14-0.42.1 php5-pear-5.2.14-0.42.1 php5-pgsql-5.2.14-0.42.1 php5-posix-5.2.14-0.42.1 php5-pspell-5.2.14-0.42.1 php5-shmop-5.2.14-0.42.1 php5-snmp-5.2.14-0.42.1 php5-soap-5.2.14-0.42.1 php5-sockets-5.2.14-0.42.1 php5-sqlite-5.2.14-0.42.1 php5-suhosin-5.2.14-0.42.1 php5-sysvmsg-5.2.14-0.42.1 php5-sysvsem-5.2.14-0.42.1 php5-sysvshm-5.2.14-0.42.1 php5-tidy-5.2.14-0.42.1 php5-tokenizer-5.2.14-0.42.1 php5-wddx-5.2.14-0.42.1 php5-xmlreader-5.2.14-0.42.1 php5-xmlrpc-5.2.14-0.42.1 php5-xsl-5.2.14-0.42.1 php5-zlib-5.2.14-0.42.1 References: http://support.novell.com/security/cve/CVE-2013-1635.html http://support.novell.com/security/cve/CVE-2013-1643.html http://support.novell.com/security/cve/CVE-2013-4113.html http://support.novell.com/security/cve/CVE-2013-4635.html https://bugzilla.novell.com/807707 https://bugzilla.novell.com/828020 https://bugzilla.novell.com/829207 http://download.novell.com/patch/finder/?keywords=512092ac1a057c2d35c038267a87ab52