From sle-updates at lists.suse.com Fri Mar 1 13:04:25 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Mar 2013 21:04:25 +0100 (CET) Subject: SUSE-RU-2013:0379-1: Recommended update for pam_krb5 Message-ID: <20130301200426.0B68D32148@maintenance.suse.de> SUSE Recommended Update: Recommended update for pam_krb5 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0379-1 Rating: low References: #798586 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the PAM module for Kerberos Authentication (pam_krb5) fixes a file descriptor leak. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-pam_krb5-7243 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-pam_krb5-7243 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-pam_krb5-7243 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): pam_krb5-2.3.1-47.12.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): pam_krb5-32bit-2.3.1-47.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): pam_krb5-2.3.1-47.12.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): pam_krb5-32bit-2.3.1-47.12.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): pam_krb5-x86-2.3.1-47.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): pam_krb5-2.3.1-47.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): pam_krb5-32bit-2.3.1-47.12.1 References: https://bugzilla.novell.com/798586 http://download.novell.com/patch/finder/?keywords=5f1421940d6e37174e8d3af282dfe084 From sle-updates at lists.suse.com Fri Mar 1 15:04:40 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Mar 2013 23:04:40 +0100 (CET) Subject: SUSE-RU-2013:0383-1: Recommended update for gnome-packagekit Message-ID: <20130301220440.B66EE320EE@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-packagekit ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0383-1 Rating: low References: #713333 #752487 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the conflicting id in OMF of gnome-packagekit so that both gnome-packagekit and gnome-power-manager are shown properly in GNOME help. Additionally, it allows the resizing of message dialogs when error details are shown. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gnome-packagekit-7420 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gnome-packagekit-7420 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gnome-packagekit-7420 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gnome-packagekit-0.3.14-2.86.10 gnome-packagekit-lang-0.3.14-2.86.10 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gnome-packagekit-0.3.14-2.86.10 gnome-packagekit-lang-0.3.14-2.86.10 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gnome-packagekit-0.3.14-2.86.10 gnome-packagekit-lang-0.3.14-2.86.10 References: https://bugzilla.novell.com/713333 https://bugzilla.novell.com/752487 http://download.novell.com/patch/finder/?keywords=8bc7a620b68f98d25fc41e95a95d001b From sle-updates at lists.suse.com Fri Mar 1 15:04:45 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Mar 2013 23:04:45 +0100 (CET) Subject: SUSE-SU-2013:0384-1: moderate: Security update for rubygem-rdoc Message-ID: <20130301220445.343DD32164@maintenance.suse.de> SUSE Security Update: Security update for rubygem-rdoc ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0384-1 Rating: moderate References: #802406 Cross-References: CVE-2013-0256 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: rubygem rdoc had a incorrect piece of javascript in darkfish.js, which allowed cross site scripting attacks (XSS). This was possible only if the darkfish.js or rdoc generated documentation is exposed on the webserver, which is not a common use case. (CVE-2013-0256) Security Issue reference: * CVE-2013-0256 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-rdoc-7394 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-rdoc-7394 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-rdoc-7390 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64): rubygem-rdoc-2.5.11-0.7.3 - SUSE Studio Standard Edition 1.2 (x86_64): rubygem-rdoc-2.5.11-0.7.3 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-rdoc-3.9.1-0.8.3 References: http://support.novell.com/security/cve/CVE-2013-0256.html https://bugzilla.novell.com/802406 http://download.novell.com/patch/finder/?keywords=28614c91632c04e3da98e369501199a9 http://download.novell.com/patch/finder/?keywords=7107cb53f74618fbe8991eaabc4121c6 From sle-updates at lists.suse.com Fri Mar 1 17:04:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 2 Mar 2013 01:04:57 +0100 (CET) Subject: SUSE-RU-2013:0385-1: Recommended update for nautilus Message-ID: <20130302000457.AAD88320EE@maintenance.suse.de> SUSE Recommended Update: Recommended update for nautilus ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0385-1 Rating: low References: #776187 #800124 #800818 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for the Nautilus desktop file manager improves visibility of SUSE Linux Enterprise documentation showing a desktop shortcut to the SUSE manual if present and desired. In addition, it also fixes alignment of newly added icons to avoid overlapping. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-nautilus-7414 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nautilus-7414 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nautilus-7414 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-nautilus-7414 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): nautilus-devel-2.28.4-1.16.16.4 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nautilus-2.28.4-1.16.16.4 nautilus-lang-2.28.4-1.16.16.4 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): nautilus-32bit-2.28.4-1.16.16.4 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nautilus-2.28.4-1.16.16.4 nautilus-lang-2.28.4-1.16.16.4 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): nautilus-32bit-2.28.4-1.16.16.4 - SUSE Linux Enterprise Server 11 SP2 (ia64): nautilus-x86-2.28.4-1.16.16.4 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): nautilus-2.28.4-1.16.16.4 nautilus-lang-2.28.4-1.16.16.4 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): nautilus-32bit-2.28.4-1.16.16.4 References: https://bugzilla.novell.com/776187 https://bugzilla.novell.com/800124 https://bugzilla.novell.com/800818 http://download.novell.com/patch/finder/?keywords=e0b7eb7a579e0292bead51cc67bb2fb1 From sle-updates at lists.suse.com Mon Mar 4 14:04:24 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Mar 2013 22:04:24 +0100 (CET) Subject: SUSE-SU-2013:0387-1: Security update for apache2 Message-ID: <20130304210424.E3CA927FF2@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0387-1 Rating: low References: #722545 #757710 #777260 Cross-References: CVE-2012-0883 CVE-2012-2687 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update fixes the following security issues with apache2 httpd: * Improper LD_LIBRARY_PATH handling (CVE-2012-0883 ) * Filename escaping problem (CVE-2012-2687 ) Additionally, some non-security bugs have been fixed as enumerated in the changelog of the RPM. Indications: Everyone using apache2 httpd should update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-2.2.3-16.46.1 apache2-devel-2.2.3-16.46.1 apache2-doc-2.2.3-16.46.1 apache2-example-pages-2.2.3-16.46.1 apache2-prefork-2.2.3-16.46.1 apache2-worker-2.2.3-16.46.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-2.2.3-16.46.1 apache2-devel-2.2.3-16.46.1 apache2-doc-2.2.3-16.46.1 apache2-example-pages-2.2.3-16.46.1 apache2-prefork-2.2.3-16.46.1 apache2-worker-2.2.3-16.46.1 References: http://support.novell.com/security/cve/CVE-2012-0883.html http://support.novell.com/security/cve/CVE-2012-2687.html https://bugzilla.novell.com/722545 https://bugzilla.novell.com/757710 https://bugzilla.novell.com/777260 http://download.novell.com/patch/finder/?keywords=f43eb058005728c7f0f35af643e86652 From sle-updates at lists.suse.com Mon Mar 4 15:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Mar 2013 23:04:28 +0100 (CET) Subject: SUSE-SU-2013:0388-1: important: Security update for pidgin Message-ID: <20130304220429.219EC27FF4@maintenance.suse.de> SUSE Security Update: Security update for pidgin ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0388-1 Rating: important References: #804742 Cross-References: CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: pidgin was updated to fix 4 security issues: * Fixed a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274, bnc#804742) * Fixed a crash in Sametime protocol when a malicious server sends us an abnormally long user ID. (CVE-2013-0273, bnc#804742) * Fixed a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272, bnc#804742) * Fixed a bug where a remote MXit user could possibly specify a local file path to be written to. (CVE-2013-0271, bnc#804742) Security Issue references: * CVE-2013-0271 * CVE-2013-0272 * CVE-2013-0273 * CVE-2013-0274 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-finch-7429 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-finch-7429 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): finch-2.6.6-0.19.1 finch-devel-2.6.6-0.19.1 libpurple-2.6.6-0.19.1 libpurple-devel-2.6.6-0.19.1 libpurple-lang-2.6.6-0.19.1 pidgin-2.6.6-0.19.1 pidgin-devel-2.6.6-0.19.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): finch-2.6.6-0.19.1 libpurple-2.6.6-0.19.1 libpurple-lang-2.6.6-0.19.1 libpurple-meanwhile-2.6.6-0.19.1 libpurple-tcl-2.6.6-0.19.1 pidgin-2.6.6-0.19.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): finch-2.6.6-0.20.1 libpurple-2.6.6-0.20.1 pidgin-2.6.6-0.20.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): finch-2.6.6-0.20.1 finch-devel-2.6.6-0.20.1 libpurple-2.6.6-0.20.1 libpurple-devel-2.6.6-0.20.1 pidgin-2.6.6-0.20.1 pidgin-devel-2.6.6-0.20.1 References: http://support.novell.com/security/cve/CVE-2013-0271.html http://support.novell.com/security/cve/CVE-2013-0272.html http://support.novell.com/security/cve/CVE-2013-0273.html http://support.novell.com/security/cve/CVE-2013-0274.html https://bugzilla.novell.com/804742 http://download.novell.com/patch/finder/?keywords=18e124b7db8b5f6aa5744f916ed16466 http://download.novell.com/patch/finder/?keywords=51b5f7c142afdeafafca33c1a4681683 From sle-updates at lists.suse.com Mon Mar 4 15:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Mar 2013 23:04:33 +0100 (CET) Subject: SUSE-SU-2013:0389-1: Security update for Apache Message-ID: <20130304220433.7A13827FF2@maintenance.suse.de> SUSE Security Update: Security update for Apache ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0389-1 Rating: low References: #722545 #757710 #774045 #777260 #782956 #788121 #793004 #798733 Cross-References: CVE-2012-0021 CVE-2012-0883 CVE-2012-2687 CVE-2012-4557 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that solves four vulnerabilities and has four fixes is now available. Description: This update fixes the following issues: * CVE-2012-4557: Denial of Service via special requests in mod_proxy_ajp * CVE-2012-0883: improper LD_LIBRARY_PATH handling * CVE-2012-2687: filename escaping problem Additionally, some non-security bugs have been fixed: * ignore case when checking against SNI server names. [bnc#798733] * httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff reworked to reflect the upstream changes. This will prevent the "Invalid URI in request OPTIONS *" messages in the error log. [bnc#722545] * new sysconfig variable APACHE_DISABLE_SSL_COMPRESSION; if set to on, OPENSSL_NO_DEFAULT_ZLIB will be inherited to the apache process; openssl will then transparently disable compression. This change affects start script and sysconfig fillup template. Default is on, SSL compression disabled. Please see mod_deflate for compressed transfer at http layer. [bnc#782956] Security Issue references: * CVE-2012-4557 * CVE-2012-2687 * CVE-2012-0883 * CVE-2012-0021 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-apache2-7409 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apache2-7409 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apache2-7409 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-devel-2.2.12-1.36.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): apache2-2.2.12-1.36.1 apache2-doc-2.2.12-1.36.1 apache2-example-pages-2.2.12-1.36.1 apache2-prefork-2.2.12-1.36.1 apache2-utils-2.2.12-1.36.1 apache2-worker-2.2.12-1.36.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): apache2-2.2.12-1.36.1 apache2-doc-2.2.12-1.36.1 apache2-example-pages-2.2.12-1.36.1 apache2-prefork-2.2.12-1.36.1 apache2-utils-2.2.12-1.36.1 apache2-worker-2.2.12-1.36.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-2.2.12-1.36.1 apache2-doc-2.2.12-1.36.1 apache2-example-pages-2.2.12-1.36.1 apache2-prefork-2.2.12-1.36.1 apache2-utils-2.2.12-1.36.1 apache2-worker-2.2.12-1.36.1 References: http://support.novell.com/security/cve/CVE-2012-0021.html http://support.novell.com/security/cve/CVE-2012-0883.html http://support.novell.com/security/cve/CVE-2012-2687.html http://support.novell.com/security/cve/CVE-2012-4557.html https://bugzilla.novell.com/722545 https://bugzilla.novell.com/757710 https://bugzilla.novell.com/774045 https://bugzilla.novell.com/777260 https://bugzilla.novell.com/782956 https://bugzilla.novell.com/788121 https://bugzilla.novell.com/793004 https://bugzilla.novell.com/798733 http://download.novell.com/patch/finder/?keywords=faf6f499f41597d750ce0aecd251ed2e From sle-updates at lists.suse.com Mon Mar 4 17:04:20 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Mar 2013 01:04:20 +0100 (CET) Subject: SUSE-RU-2013:0390-1: Recommended update for mdadm Message-ID: <20130305000421.14BE93212B@maintenance.suse.de> SUSE Recommended Update: Recommended update for mdadm ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0390-1 Rating: low References: #746717 #763402 #764916 #766368 #770885 #773010 #785581 #786526 #787819 #787826 #789202 #789535 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. Description: This collective update for mdadm provides the following features: * Add md_monitor 4.16 (FATE#313624), with fixes included from bnc#787826, bnc#770885, bnc#789202, bnc#787819 and bnc#789535 In addition, the following changes for issue reports are included: * allow --incremental mode to add an old device as a spare if policy permits (bnc#773010) * allow IMSM arrays to be assembled even if platform information is not visible (bnc#785581) * mkinitrd-boot.sh: If multipath is in use, md is always on top of it. Therefore, the root is always an md device (bnc#786526) * fix SIGSEGV when there is an error during --create (bnc#766368) * fix up device reporting in --monitor mode * select the correct device when sending a "FailSpare" event (bnc#764916) * report the "timeout" flag set by the kernel (bnc#763402) * enhance "mdadm --detail" to report which "set" each device in a RAID10 is a member of, in case where that makes sense * allow devices to be re-added to a failed array. Thus if both legs of a RAID1/RAID0 are removed, it is still possible to put one back (bnc#746717) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mdadm-7143 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mdadm-7143 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mdadm-7143 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): mdadm-3.2.2-0.39.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): mdadm-3.2.2-0.39.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): mdadm-3.2.2-0.39.1 References: https://bugzilla.novell.com/746717 https://bugzilla.novell.com/763402 https://bugzilla.novell.com/764916 https://bugzilla.novell.com/766368 https://bugzilla.novell.com/770885 https://bugzilla.novell.com/773010 https://bugzilla.novell.com/785581 https://bugzilla.novell.com/786526 https://bugzilla.novell.com/787819 https://bugzilla.novell.com/787826 https://bugzilla.novell.com/789202 https://bugzilla.novell.com/789535 http://download.novell.com/patch/finder/?keywords=82407e2d7113cfde72f65d81e4ffee61 From sle-updates at lists.suse.com Tue Mar 5 05:07:44 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Mar 2013 13:07:44 +0100 (CET) Subject: SUSE-SU-2013:0394-1: moderate: Security update for Linux kernel Message-ID: <20130305120744.0C46B321CE@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0394-1 Rating: moderate References: #698102 #705551 #708296 #715635 #718910 #720946 #722560 #723776 #725152 #725355 #729854 #730660 #731035 #731387 #731739 #736255 #739728 #740291 #741814 #744198 #744314 #744655 #744692 #745876 #746509 #748896 #749651 #752067 #752544 #753172 #754391 #754670 #754898 #755546 #755620 #756585 #758104 #758703 #760833 #761774 #761775 #762099 #762158 #762214 #762259 #762366 #762693 #763198 #763463 #763628 #763654 #763858 #763954 #763968 #764209 #764900 #766156 #766410 #766445 #766654 #766733 #767281 #767469 #767610 #767612 #767684 #767983 #768052 #768084 #768470 #768504 #768632 #769035 #769195 #769251 #769407 #769685 #769784 #769896 #770034 #770238 #770269 #770695 #770763 #771102 #771242 #771361 #771398 #771428 #771706 #771778 #772407 #772420 #772427 #772454 #772473 #772483 #772566 #772786 #772831 #772893 #773006 #773007 #773251 #773267 #773319 #773320 #773383 #773406 #773487 #773606 #773699 #773831 #773878 #774073 #774285 #774289 #774500 #774523 #774612 #774859 #774902 #774964 #774973 #775182 #775373 #775394 #775577 #775685 #775984 #776019 #776044 #776081 #776095 #776127 #776144 #776787 #776896 #777024 #777269 #777283 #778082 #778136 #778334 #778630 #778822 #779294 #779330 #779461 #779462 #779577 #779699 #779750 #779969 #780008 #780012 #780216 #780461 #780876 #781018 #781134 #781327 #781484 #781574 #782369 #782721 #783965 #784192 #784334 #784576 #785100 #785496 #785554 #785851 #786976 #787168 #787202 #787348 #787821 #787848 #788277 #788452 #789010 #789115 #789235 #789648 #789703 #789836 #789993 #790457 #790498 #790867 #790920 #790935 #791498 #791853 #791904 #792270 #792500 #792656 #792834 #793104 #793139 #793593 #793671 #794231 #795354 #795928 #796823 #797042 #798960 #799209 #799275 #799909 Cross-References: CVE-2012-1601 CVE-2012-2137 CVE-2012-2372 CVE-2012-2745 CVE-2012-3412 CVE-2012-3430 CVE-2012-4461 CVE-2012-5517 Affected Products: SUSE Linux Enterprise Real Time 11 SP2 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 206 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise Server 11 SP2 Realtime kernel was updated to 3.0.61 which fixes various bugs and security issues. The RT realtime patchset has been updated to "rt85". The following security issues have been fixed: * CVE-2012-4565: A division by zero in the TCP Illinois algorithm was fixed. * CVE-2012-0957: The UNAME26 personality leaked kernel memory information. * CVE-2012-4530: Kernel stack content was disclosed via binfmt_script load_script(). * CVE-2012-1601: The KVM implementation in the Linux kernel allowed host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. * CVE-2012-2137: Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel allowed local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function. * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel allowed local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping. * CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux kernel provided an invalid replacement session keyring to a child process, which allowed local users to cause a denial of service (panic) via a crafted application that uses the fork system call. * CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux kernel allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. * CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. * CVE-2012-4461: The KVM subsystem in the Linux kernel, when running on hosts that use qemu userspace without XSAVE, allowed local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl. * CVE-2012-5517: The online_pages function in mm/memory_hotplug.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator. A long list of other bugs have been fixed in this update that were merged from regular SUSE Linux Enterprise 11 SP2 and are too many to list here. Check the kernel changelog (rpm -q --changelog kernel-rt ) for a detailed list. Other Realtime / scheduling related bugfixes that have been applied: * kernel: broken interrupt statistics (bnc#799275, LTC#87893). * kernel: sched_clock() overflow (bnc#799275, LTC#87978). * mm: call sleep_on_page_killable from __wait_on_page_locked_killable (bnc#799909). * sched, rt: Unthrottle rt runqueues in __disable_runtime(). * Add upstream group scheduling starvation fix. * sched/rt: Fix SCHED_RR across cgroups. * sched/rt: Do not throttle when PI boosting. * sched/rt: Keep period timer ticking when rt throttling is active. * sched/rt: Prevent idle task boosting. * mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT (bnc#791904). * kabi fixup for mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT (bnc#791904). * mm: compaction: Abort async compaction if locks are contended or taking too long. * mm: compaction: abort compaction loop if lock is contended or run too long. * mm: compaction: acquire the zone->lock as late as possible. * mm: compaction: acquire the zone->lru_lock as late as possible. * mm: compaction: move fatal signal check out of compact_checklock_irqsave. Reduce LRU and zone lock contention when compacting memory for THP (bnc#796823). * Update to -rt82 * sched: Adjust sched_reset_on_fork when nothing else changes. * sched: Queue RT tasks to head when prio drops. * sched: Consider pi boosting in setscheduler. * workqueue: exit rescuer_thread() as TASK_RUNNING (bnc#789993). * Update to -rt74 * softirq: Init softirq local lock after per cpu section is set up. * mm: slab: Fix potential deadlock. * mm: page_alloc: Use local_lock_on() instead of plain spinlock. * rt: rwsem/rwlock: lockdep annotations. * hrtimer: Raise softirq if hrtimer irq stalled. * rcu: Disable RCU_FAST_NO_HZ on RT. * net: netfilter: Serialize xt_write_recseq sections on RT. * Change 'goto' target to avoid pointless 'bug' messages in normal error cases. (bnc#787848) * intel_idle: IVB support (fate#313719). * perf: Do no try to schedule task events if there are none (bnc#781574). * perf: Do not set task_ctx pointer in cpuctx if there are no events in the context (bnc#781574). * hpwdt: Only BYTE reads/writes to WD Timer port 0x72. * Merge SLE11-SP2 rpm-3.0.38-0.5-122-g2890aac, and update to -rt65 * New rt patches: * patches.rt/0408-fix-printk-flush-of-messages.patch: fix printk flush of messages. * patches.rt/0411-fix-printk-flush-of-messages.patch: fix printk flush of messages. * sched: Fix ancient race in do_exit() (bnc#781018). * Merge SLE11-SP2, and update -rt version to rt61. No rt changes this merge. * Kill apply/revert dance below that evolved over 3.0-rt development. It's all in history, and now just gets in the way of stable comit b1c7ba1bab7363fee6dc5d4ee5be4e916adcf691: workqueue: perform cpu down operations from low priority cpu_notifier() * Freezer / sunrpc / NFS: don't allow TASK_KILLABLE sleeps to block the freezer (bnc#775182). * Merge SP2 and update rt version to -rt59 to match rt-mainline. * sched: fix divide by zero in thread_group/task_times() (bnc#761774). * sched: fix migration thread runtime bogosity (bnc#773699, bnc#769251). * Silence useless NOHZ: local_softirq_pending warning. If the local_softirq_lock for a softirq is held, don't gripe, there's nothing to be done about it. The nohz code will prevent shutting down the tick, with the same result as nohz=off, the pending softirq will be run when it can be. What we _can_ do is wake the appropriate softirq thread to potentially PI boost the lock holder, so do that. * mm: use cpu_chill() in spin_trylock_page() and cancel on immediately RT. (bnc#768470) * Update config files. o Unset CONFIG_WATCHDOG_NOWAYOUT to prevent reboot of openais on service stop. (bnc#756585) * sched: Make sure to not re-read variables after validation (bnc#769685). Security Issue references: * CVE-2012-1601 * CVE-2012-2137 * CVE-2012-2372 * CVE-2012-2745 * CVE-2012-3412 * CVE-2012-3430 * CVE-2012-4461 * CVE-2012-5517 Indications: Everyone using the Real Time Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-kernel-7433 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP2 (x86_64) [New Version: 3.0.61.rt85]: cluster-network-kmp-rt-1.4_3.0.61_rt85_0.7-2.18.23 cluster-network-kmp-rt_trace-1.4_3.0.61_rt85_0.7-2.18.23 drbd-kmp-rt-8.4.2_3.0.61_rt85_0.7-0.6.6.14 drbd-kmp-rt_trace-8.4.2_3.0.61_rt85_0.7-0.6.6.14 iscsitarget-kmp-rt-1.4.20_3.0.61_rt85_0.7-0.23.20 iscsitarget-kmp-rt_trace-1.4.20_3.0.61_rt85_0.7-0.23.20 kernel-rt-3.0.61.rt85-0.7.1 kernel-rt-base-3.0.61.rt85-0.7.1 kernel-rt-devel-3.0.61.rt85-0.7.1 kernel-rt_trace-3.0.61.rt85-0.7.1 kernel-rt_trace-base-3.0.61.rt85-0.7.1 kernel-rt_trace-devel-3.0.61.rt85-0.7.1 kernel-source-rt-3.0.61.rt85-0.7.1 kernel-syms-rt-3.0.61.rt85-0.7.1 lttng-modules-kmp-rt-2.0.4_3.0.61_rt85_0.7-0.7.19 lttng-modules-kmp-rt_trace-2.0.4_3.0.61_rt85_0.7-0.7.19 ocfs2-kmp-rt-1.6_3.0.61_rt85_0.7-0.11.22 ocfs2-kmp-rt_trace-1.6_3.0.61_rt85_0.7-0.11.22 ofed-kmp-rt-1.5.2_3.0.61_rt85_0.7-0.26.22 ofed-kmp-rt_trace-1.5.2_3.0.61_rt85_0.7-0.26.22 References: http://support.novell.com/security/cve/CVE-2012-1601.html http://support.novell.com/security/cve/CVE-2012-2137.html http://support.novell.com/security/cve/CVE-2012-2372.html http://support.novell.com/security/cve/CVE-2012-2745.html http://support.novell.com/security/cve/CVE-2012-3412.html http://support.novell.com/security/cve/CVE-2012-3430.html http://support.novell.com/security/cve/CVE-2012-4461.html http://support.novell.com/security/cve/CVE-2012-5517.html https://bugzilla.novell.com/698102 https://bugzilla.novell.com/705551 https://bugzilla.novell.com/708296 https://bugzilla.novell.com/715635 https://bugzilla.novell.com/718910 https://bugzilla.novell.com/720946 https://bugzilla.novell.com/722560 https://bugzilla.novell.com/723776 https://bugzilla.novell.com/725152 https://bugzilla.novell.com/725355 https://bugzilla.novell.com/729854 https://bugzilla.novell.com/730660 https://bugzilla.novell.com/731035 https://bugzilla.novell.com/731387 https://bugzilla.novell.com/731739 https://bugzilla.novell.com/736255 https://bugzilla.novell.com/739728 https://bugzilla.novell.com/740291 https://bugzilla.novell.com/741814 https://bugzilla.novell.com/744198 https://bugzilla.novell.com/744314 https://bugzilla.novell.com/744655 https://bugzilla.novell.com/744692 https://bugzilla.novell.com/745876 https://bugzilla.novell.com/746509 https://bugzilla.novell.com/748896 https://bugzilla.novell.com/749651 https://bugzilla.novell.com/752067 https://bugzilla.novell.com/752544 https://bugzilla.novell.com/753172 https://bugzilla.novell.com/754391 https://bugzilla.novell.com/754670 https://bugzilla.novell.com/754898 https://bugzilla.novell.com/755546 https://bugzilla.novell.com/755620 https://bugzilla.novell.com/756585 https://bugzilla.novell.com/758104 https://bugzilla.novell.com/758703 https://bugzilla.novell.com/760833 https://bugzilla.novell.com/761774 https://bugzilla.novell.com/761775 https://bugzilla.novell.com/762099 https://bugzilla.novell.com/762158 https://bugzilla.novell.com/762214 https://bugzilla.novell.com/762259 https://bugzilla.novell.com/762366 https://bugzilla.novell.com/762693 https://bugzilla.novell.com/763198 https://bugzilla.novell.com/763463 https://bugzilla.novell.com/763628 https://bugzilla.novell.com/763654 https://bugzilla.novell.com/763858 https://bugzilla.novell.com/763954 https://bugzilla.novell.com/763968 https://bugzilla.novell.com/764209 https://bugzilla.novell.com/764900 https://bugzilla.novell.com/766156 https://bugzilla.novell.com/766410 https://bugzilla.novell.com/766445 https://bugzilla.novell.com/766654 https://bugzilla.novell.com/766733 https://bugzilla.novell.com/767281 https://bugzilla.novell.com/767469 https://bugzilla.novell.com/767610 https://bugzilla.novell.com/767612 https://bugzilla.novell.com/767684 https://bugzilla.novell.com/767983 https://bugzilla.novell.com/768052 https://bugzilla.novell.com/768084 https://bugzilla.novell.com/768470 https://bugzilla.novell.com/768504 https://bugzilla.novell.com/768632 https://bugzilla.novell.com/769035 https://bugzilla.novell.com/769195 https://bugzilla.novell.com/769251 https://bugzilla.novell.com/769407 https://bugzilla.novell.com/769685 https://bugzilla.novell.com/769784 https://bugzilla.novell.com/769896 https://bugzilla.novell.com/770034 https://bugzilla.novell.com/770238 https://bugzilla.novell.com/770269 https://bugzilla.novell.com/770695 https://bugzilla.novell.com/770763 https://bugzilla.novell.com/771102 https://bugzilla.novell.com/771242 https://bugzilla.novell.com/771361 https://bugzilla.novell.com/771398 https://bugzilla.novell.com/771428 https://bugzilla.novell.com/771706 https://bugzilla.novell.com/771778 https://bugzilla.novell.com/772407 https://bugzilla.novell.com/772420 https://bugzilla.novell.com/772427 https://bugzilla.novell.com/772454 https://bugzilla.novell.com/772473 https://bugzilla.novell.com/772483 https://bugzilla.novell.com/772566 https://bugzilla.novell.com/772786 https://bugzilla.novell.com/772831 https://bugzilla.novell.com/772893 https://bugzilla.novell.com/773006 https://bugzilla.novell.com/773007 https://bugzilla.novell.com/773251 https://bugzilla.novell.com/773267 https://bugzilla.novell.com/773319 https://bugzilla.novell.com/773320 https://bugzilla.novell.com/773383 https://bugzilla.novell.com/773406 https://bugzilla.novell.com/773487 https://bugzilla.novell.com/773606 https://bugzilla.novell.com/773699 https://bugzilla.novell.com/773831 https://bugzilla.novell.com/773878 https://bugzilla.novell.com/774073 https://bugzilla.novell.com/774285 https://bugzilla.novell.com/774289 https://bugzilla.novell.com/774500 https://bugzilla.novell.com/774523 https://bugzilla.novell.com/774612 https://bugzilla.novell.com/774859 https://bugzilla.novell.com/774902 https://bugzilla.novell.com/774964 https://bugzilla.novell.com/774973 https://bugzilla.novell.com/775182 https://bugzilla.novell.com/775373 https://bugzilla.novell.com/775394 https://bugzilla.novell.com/775577 https://bugzilla.novell.com/775685 https://bugzilla.novell.com/775984 https://bugzilla.novell.com/776019 https://bugzilla.novell.com/776044 https://bugzilla.novell.com/776081 https://bugzilla.novell.com/776095 https://bugzilla.novell.com/776127 https://bugzilla.novell.com/776144 https://bugzilla.novell.com/776787 https://bugzilla.novell.com/776896 https://bugzilla.novell.com/777024 https://bugzilla.novell.com/777269 https://bugzilla.novell.com/777283 https://bugzilla.novell.com/778082 https://bugzilla.novell.com/778136 https://bugzilla.novell.com/778334 https://bugzilla.novell.com/778630 https://bugzilla.novell.com/778822 https://bugzilla.novell.com/779294 https://bugzilla.novell.com/779330 https://bugzilla.novell.com/779461 https://bugzilla.novell.com/779462 https://bugzilla.novell.com/779577 https://bugzilla.novell.com/779699 https://bugzilla.novell.com/779750 https://bugzilla.novell.com/779969 https://bugzilla.novell.com/780008 https://bugzilla.novell.com/780012 https://bugzilla.novell.com/780216 https://bugzilla.novell.com/780461 https://bugzilla.novell.com/780876 https://bugzilla.novell.com/781018 https://bugzilla.novell.com/781134 https://bugzilla.novell.com/781327 https://bugzilla.novell.com/781484 https://bugzilla.novell.com/781574 https://bugzilla.novell.com/782369 https://bugzilla.novell.com/782721 https://bugzilla.novell.com/783965 https://bugzilla.novell.com/784192 https://bugzilla.novell.com/784334 https://bugzilla.novell.com/784576 https://bugzilla.novell.com/785100 https://bugzilla.novell.com/785496 https://bugzilla.novell.com/785554 https://bugzilla.novell.com/785851 https://bugzilla.novell.com/786976 https://bugzilla.novell.com/787168 https://bugzilla.novell.com/787202 https://bugzilla.novell.com/787348 https://bugzilla.novell.com/787821 https://bugzilla.novell.com/787848 https://bugzilla.novell.com/788277 https://bugzilla.novell.com/788452 https://bugzilla.novell.com/789010 https://bugzilla.novell.com/789115 https://bugzilla.novell.com/789235 https://bugzilla.novell.com/789648 https://bugzilla.novell.com/789703 https://bugzilla.novell.com/789836 https://bugzilla.novell.com/789993 https://bugzilla.novell.com/790457 https://bugzilla.novell.com/790498 https://bugzilla.novell.com/790867 https://bugzilla.novell.com/790920 https://bugzilla.novell.com/790935 https://bugzilla.novell.com/791498 https://bugzilla.novell.com/791853 https://bugzilla.novell.com/791904 https://bugzilla.novell.com/792270 https://bugzilla.novell.com/792500 https://bugzilla.novell.com/792656 https://bugzilla.novell.com/792834 https://bugzilla.novell.com/793104 https://bugzilla.novell.com/793139 https://bugzilla.novell.com/793593 https://bugzilla.novell.com/793671 https://bugzilla.novell.com/794231 https://bugzilla.novell.com/795354 https://bugzilla.novell.com/795928 https://bugzilla.novell.com/796823 https://bugzilla.novell.com/797042 https://bugzilla.novell.com/798960 https://bugzilla.novell.com/799209 https://bugzilla.novell.com/799275 https://bugzilla.novell.com/799909 http://download.novell.com/patch/finder/?keywords=bb0aa1dbfea22b088bd77c648de9ca4e From sle-updates at lists.suse.com Tue Mar 5 23:05:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 07:05:16 +0100 (CET) Subject: SUSE-FU-2013:0397-1: Feature update for certification-sles-eal4 Message-ID: <20130306060516.82CB632070@maintenance.suse.de> SUSE Feature Update: Feature update for certification-sles-eal4 ______________________________________________________________________________ Announcement ID: SUSE-FU-2013:0397-1 Rating: low References: #784243 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one feature fix can now be installed. Description: This package is made available to all SUSE Linux Enterprise Server 11 Service Pack 2 systems to allow a Common Criteria evaluated configuration of the system through the installation using AutoYaST profiles. Have a look at the files in /usr/share/doc/packages/certification-sles-eal4, or use "man SLES11SP2-EAL4-Configuration-Guide" for details. For more information, please have a look at http://www.suse.com/security/ Indications: Install for Common Criteria Evaluated Configuration. Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-certification-sles-eal4-7403 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch): certification-sles-eal4-11.2-0.9.1 References: https://bugzilla.novell.com/784243 http://download.novell.com/patch/finder/?keywords=969d88200f42e819b38b949340a9d508 From sle-updates at lists.suse.com Wed Mar 6 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 18:04:29 +0100 (CET) Subject: SUSE-RU-2013:0398-1: important: Recommended update for yast2-backup Message-ID: <20130306170429.528C73213F@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-backup ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0398-1 Rating: important References: #801714 #803291 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for YaST's Backup module replaces calls to Perl functions that are only available in newer versions of the language. This dependency was erroneously added by the previous update. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-backup-7383 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-backup-7383 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-backup-7383 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.14]: yast2-backup-2.17.14-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.14]: yast2-backup-2.17.14-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.14]: yast2-backup-2.17.14-0.5.1 References: https://bugzilla.novell.com/801714 https://bugzilla.novell.com/803291 http://download.novell.com/patch/finder/?keywords=546b7efa1a6582bf286d8b368918007b From sle-updates at lists.suse.com Wed Mar 6 11:04:53 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 19:04:53 +0100 (CET) Subject: SUSE-RU-2013:0399-1: Recommended update for microcode_ctl Message-ID: <20130306180453.5D6CC3213F@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0399-1 Rating: low References: #806259 #806270 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides Intel's CPU microcode version 20130222. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-microcode_ctl-7443 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-microcode_ctl-7443 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-microcode_ctl-7443 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): microcode_ctl-1.17-102.55.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.55.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.55.1 References: https://bugzilla.novell.com/806259 https://bugzilla.novell.com/806270 http://download.novell.com/patch/finder/?keywords=a7547046407047b07335352e5aacffc7 From sle-updates at lists.suse.com Wed Mar 6 15:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 23:04:28 +0100 (CET) Subject: SUSE-SU-2013:0400-1: moderate: Security update for openstack-nova Message-ID: <20130306220429.310013216A@maintenance.suse.de> SUSE Security Update: Security update for openstack-nova ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0400-1 Rating: moderate References: #799785 Cross-References: CVE-2013-0208 CVE-2013-0212 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: OpenStack Nova has been updated to fix booting from not allowed volumes: * Phil Day from HP reported a vulnerability in volume attachment in nova-volume, affecting the boot-from-volume feature. By passing a specific volume ID, an authenticated user may be able to boot from a volume he doesn't own, potentially resulting in full access to that 3rd-party volume contents. (CVE-2013-0208) Security Issue references: * CVE-2013-0208 * CVE-2013-0212 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-nova-7315 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-nova-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-api-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-cert-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-compute-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-network-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-objectstore-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-scheduler-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-vncproxy-2012.1+git.1351668974.0edd3cb-0.7.1 openstack-nova-volume-2012.1+git.1351668974.0edd3cb-0.7.1 python-nova-2012.1+git.1351668974.0edd3cb-0.7.1 References: http://support.novell.com/security/cve/CVE-2013-0208.html http://support.novell.com/security/cve/CVE-2013-0212.html https://bugzilla.novell.com/799785 http://download.novell.com/patch/finder/?keywords=beb33f4486b001718a6b6f5c9bcb6daa From sle-updates at lists.suse.com Wed Mar 6 15:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 23:04:33 +0100 (CET) Subject: SUSE-SU-2013:0401-1: moderate: Security update for openstack-glance Message-ID: <20130306220433.BEADD3213D@maintenance.suse.de> SUSE Security Update: Security update for openstack-glance ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0401-1 Rating: moderate References: #787814 #800023 Cross-References: CVE-2013-0208 CVE-2013-0212 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: OpenStack Glance has been updated to fix a password leak. (CVE-2013-0212) It has also been updated to the latest git version (efd7e75) which includes: * pin sqlalchemy to the 0.7 series * Ensure image owned by user before delayed_deletion Security Issue references: * CVE-2013-0208 * CVE-2013-0212 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-glance-7313 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-glance-2012.1+git.1352338057.efd7e75-0.5.1 python-glance-2012.1+git.1352338057.efd7e75-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0208.html http://support.novell.com/security/cve/CVE-2013-0212.html https://bugzilla.novell.com/787814 https://bugzilla.novell.com/800023 http://download.novell.com/patch/finder/?keywords=0954d4d233c11eb02f7bf4024cd71bb9 From sle-updates at lists.suse.com Wed Mar 6 15:04:38 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Mar 2013 23:04:38 +0100 (CET) Subject: SUSE-SU-2013:0402-1: moderate: Security update for openstack-keystone Message-ID: <20130306220438.52D5D32161@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0402-1 Rating: moderate References: #801289 Cross-References: CVE-2013-0247 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: OpenStack Keystone has been updated to fix a security problem: * Dan Prince of Red Hat reported a vulnerability in token creation error handling in Keystone. By requesting lots of invalid tokens, an unauthenticated user may fill up logs on Keystone API servers disks, potentially resulting in a denial of service attack against Keystone. (CVE-2013-0247) Security Issue reference: * CVE-2013-0247 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-keystone-7314 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-keystone-2012.1+git.1353613280.c17a999-0.7.1 openstack-keystone-doc-2012.1+git.1353613280.c17a999-0.7.1 python-keystone-2012.1+git.1353613280.c17a999-0.7.1 References: http://support.novell.com/security/cve/CVE-2013-0247.html https://bugzilla.novell.com/801289 http://download.novell.com/patch/finder/?keywords=08f520d613c55ed089a408cb68b2e876 From sle-updates at lists.suse.com Thu Mar 7 11:04:55 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Mar 2013 19:04:55 +0100 (CET) Subject: SUSE-RU-2013:0408-1: Recommended update for metacity Message-ID: <20130307180455.4ACEC3213E@maintenance.suse.de> SUSE Recommended Update: Recommended update for metacity ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0408-1 Rating: low References: #779777 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the Metacity window manager fixes a segmentation fault when more than 16 virtual desktops are used. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-metacity-7293 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-metacity-7293 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-metacity-7293 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-metacity-7293 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): metacity-devel-2.28.1-0.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): metacity-2.28.1-0.16.1 metacity-lang-2.28.1-0.16.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): metacity-2.28.1-0.16.1 metacity-lang-2.28.1-0.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): metacity-2.28.1-0.16.1 metacity-lang-2.28.1-0.16.1 References: https://bugzilla.novell.com/779777 http://download.novell.com/patch/finder/?keywords=3c5139d20971959b1e483fc374209403 From sle-updates at lists.suse.com Fri Mar 8 10:04:43 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Mar 2013 18:04:43 +0100 (CET) Subject: SUSE-RU-2013:0409-1: important: Recommended update for timezone Message-ID: <20130308170443.587BD3213E@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0409-1 Rating: important References: #807909 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Chile is changing its DST rules * Estimate Morocco 2013-2038 transitions for Ramadan * New alias Europe/Busingen for Europe/Zurich * New zones Asia/Khandyga, Asia/Ust-Nera * Libya moving to CET, but with DST. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-timezone-2013a-7456 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-timezone-2013a-7456 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-timezone-2013a-7456 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-timezone-2013a-7456 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): timezone-java-2013a-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2013a]: timezone-2013a-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2013a]: timezone-java-2013a-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2013a]: timezone-2013a-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2013a]: timezone-java-2013a-0.4.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2013a]: timezone-2013a-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2013a]: timezone-2013a-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2013a]: timezone-java-2013a-0.4.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2013a]: timezone-2013a-0.6.1 References: https://bugzilla.novell.com/807909 http://download.novell.com/patch/finder/?keywords=6c2b1c7422ce3cacfddaa00c92e39923 http://download.novell.com/patch/finder/?keywords=cf864d0ced6a623f1a4e81dc3180ceec From sle-updates at lists.suse.com Fri Mar 8 14:04:41 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Mar 2013 22:04:41 +0100 (CET) Subject: SUSE-SU-2013:0410-1: important: Security update for Mozilla Firefox Message-ID: <20130308210441.25FA332172@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0410-1 Rating: important References: #804248 #806669 Cross-References: CVE-2013-0765 CVE-2013-0772 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes three new package versions. Description: MozillaFirefox has been updated to the 17.0.3ESR release. Important: due to compatibility issues, the Beagle plug-in for MozillaFirefox is temporarily disabled by this update. Besides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes: * MFSA 2013-28: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and buffer overflow problems rated as low to critical security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting four additional use-after-free and out of bounds write flaws introduced during Firefox development that were fixed before general release. * The following issues have been fixed in Firefox 19 and ESR 17.0.3: o Heap-use-after-free in nsOverflowContinuationTracker::Finish, with -moz-columns (CVE-2013-0780) o Heap-buffer-overflow WRITE in nsSaveAsCharset::DoCharsetConversion (CVE-2013-0782) * MFSA 2013-27 / CVE-2013-0776: Google security researcher Michal Zalewski reported an issue where the browser displayed the content of a proxy's 407 response if a user canceled the proxy's authentication prompt. In this circumstance, the addressbar will continue to show the requested site's address, including HTTPS addresses that appear to be secure. This spoofing of addresses can be used for phishing attacks by fooling users into entering credentials, for example. * MFSA 2013-26 / CVE-2013-0775: Security researcher Nils reported a use-after-free in nsImageLoadingContent when content script is executed. This could allow for arbitrary code execution. * MFSA 2013-25 / CVE-2013-0774: Mozilla security researcher Frederik Braun discovered that since Firefox 15 the file system location of the active browser profile was available to JavaScript workers. While not dangerous by itself, this could potentially be combined with other vulnerabilities to target the profile in an attack. * MFSA 2013-24 / CVE-2013-0773: Mozilla developer Bobby Holley discovered that it was possible to bypass some protections in Chrome Object Wrappers (COW) and System Only Wrappers (SOW), making their prototypes mutable by web content. This could be used leak information from chrome objects and possibly allow for arbitrary code execution. * MFSA 2013-23 / CVE-2013-0765: Mozilla developer Boris Zbarsky reported that in some circumstances a wrapped WebIDL object can be wrapped multiple times, overwriting the existing wrapped state. This could lead to an exploitable condition in rare cases. * MFSA 2013-22 / CVE-2013-0772: Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found an out-of-bounds read while rendering GIF format images. This could cause a non-exploitable crash and could also attempt to render normally inaccesible data as part of the image. * MFSA 2013-21: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 18. * Memory safety bugs fixed in Firefox ESR 17.0.3, and Firefox 19 (CVE-2013-0783). Security Issue references: * CVE-2013-0780 * CVE-2013-0782 * CVE-2013-0776 * CVE-2013-0775 * CVE-2013-0774 * CVE-2013-0773 * CVE-2013-0765 * CVE-2013-0772 * CVE-2013-0783 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-firefox-201303-7447 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201303-7447 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201303-7447 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201303-7447 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.14.2 and 4.9.5]: mozilla-nspr-devel-4.9.5-0.3.2 mozilla-nss-devel-3.14.2-0.4.3.2 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 s390x x86_64): beagle-0.3.8-56.51.1 beagle-lang-0.3.8-56.44.45.129 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): beagle-devel-0.3.8-56.51.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 17.0.3esr,3.14.2 and 4.9.5]: MozillaFirefox-17.0.3esr-0.4.4.1 MozillaFirefox-translations-17.0.3esr-0.4.4.1 libfreebl3-3.14.2-0.4.3.2 mozilla-nspr-4.9.5-0.3.2 mozilla-nss-3.14.2-0.4.3.2 mozilla-nss-tools-3.14.2-0.4.3.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.14.2 and 4.9.5]: libfreebl3-32bit-3.14.2-0.4.3.2 mozilla-nspr-32bit-4.9.5-0.3.2 mozilla-nss-32bit-3.14.2-0.4.3.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.3esr,3.14.2 and 4.9.5]: MozillaFirefox-17.0.3esr-0.4.4.1 MozillaFirefox-branding-SLED-7-0.6.9.5 MozillaFirefox-translations-17.0.3esr-0.4.4.1 libfreebl3-3.14.2-0.4.3.2 mozilla-nspr-4.9.5-0.3.2 mozilla-nss-3.14.2-0.4.3.2 mozilla-nss-tools-3.14.2-0.4.3.2 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.14.2 and 4.9.5]: libfreebl3-32bit-3.14.2-0.4.3.2 mozilla-nspr-32bit-4.9.5-0.3.2 mozilla-nss-32bit-3.14.2-0.4.3.2 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.14.2 and 4.9.5]: libfreebl3-x86-3.14.2-0.4.3.2 mozilla-nspr-x86-4.9.5-0.3.2 mozilla-nss-x86-3.14.2-0.4.3.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 17.0.3esr,3.14.2 and 4.9.5]: MozillaFirefox-17.0.3esr-0.4.4.1 MozillaFirefox-branding-SLED-7-0.6.9.5 MozillaFirefox-translations-17.0.3esr-0.4.4.1 beagle-0.3.8-56.51.1 beagle-evolution-0.3.8-56.51.1 beagle-firefox-0.3.8-56.51.1 beagle-gui-0.3.8-56.51.1 beagle-lang-0.3.8-56.51.1 libfreebl3-3.14.2-0.4.3.2 mhtml-firefox-0.5-1.47.51.5 mozilla-nspr-4.9.5-0.3.2 mozilla-nss-3.14.2-0.4.3.2 mozilla-nss-tools-3.14.2-0.4.3.2 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.14.2 and 4.9.5]: libfreebl3-32bit-3.14.2-0.4.3.2 mozilla-nspr-32bit-4.9.5-0.3.2 mozilla-nss-32bit-3.14.2-0.4.3.2 References: http://support.novell.com/security/cve/CVE-2013-0765.html http://support.novell.com/security/cve/CVE-2013-0772.html http://support.novell.com/security/cve/CVE-2013-0773.html http://support.novell.com/security/cve/CVE-2013-0774.html http://support.novell.com/security/cve/CVE-2013-0775.html http://support.novell.com/security/cve/CVE-2013-0776.html http://support.novell.com/security/cve/CVE-2013-0780.html http://support.novell.com/security/cve/CVE-2013-0782.html http://support.novell.com/security/cve/CVE-2013-0783.html https://bugzilla.novell.com/804248 https://bugzilla.novell.com/806669 http://download.novell.com/patch/finder/?keywords=8807d796dff1dcb5ceabc4ae693cc9c4 From sle-updates at lists.suse.com Tue Mar 12 11:04:40 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Mar 2013 18:04:40 +0100 (CET) Subject: SUSE-SU-2013:0434-1: critical: Security update for Java Message-ID: <20130312170440.227AE27F12@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0434-1 Rating: critical References: #807487 Cross-References: CVE-2013-0809 CVE-2013-1493 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This release of Icedtea6-1.12.4 fixes the following two issues that allowed a remote attacker to execute arbitrary code remotely by providing crafted images to the affected code. * CVE-2013-0809: CVSS v2 Base Score: 6.8 (critical) (AV:N/AC:M/Au:N/C:P/I:P/A:P): Insufficient Information (CWE-noinfo) * CVE-2013-1493: CVSS v2 Base Score: 6.8 (critical) (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) Security Issue references: * CVE-2013-0809 * CVE-2013-1493 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-java-1_6_0-openjdk-7457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-0.2.1 java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-0.2.1 java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-0.2.1 References: http://support.novell.com/security/cve/CVE-2013-0809.html http://support.novell.com/security/cve/CVE-2013-1493.html https://bugzilla.novell.com/807487 http://download.novell.com/patch/finder/?keywords=b123f43a2f91b6662161836877dd2663 From sle-updates at lists.suse.com Tue Mar 12 11:04:48 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Mar 2013 18:04:48 +0100 (CET) Subject: SUSE-SU-2013:0435-1: moderate: Security update for ruby Message-ID: <20130312170448.F0A9627F12@maintenance.suse.de> SUSE Security Update: Security update for ruby ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0435-1 Rating: moderate References: #783525 Cross-References: CVE-2012-4522 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The ruby interpreter received a fix for a security issue: * CVE-2012-4466: Ruby's $SAFE mechanism enables untrusted user codes to run in $SAFE >= 4 mode. This is a kind of sandboxing so some operations are restricted in that mode to protect other data outside the sandbox. The problem found was around this mechanism. Exception#to_s, NameError#to_s, and name_err_mesg_to_s() interpreter-internal API was not correctly handling the $SAFE bits so a String object which is not tainted can destructively be marked as tainted using them. By using this an untrusted code in a sandbox can modify a formerly-untainted string destructively. http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cv e-2012-4466/ Security Issue references: * CVE-2012-4522 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ruby-7386 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ruby-7386 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ruby-7386 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ruby-7386 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): ruby-devel-1.8.7.p357-0.9.9.1 ruby-doc-html-1.8.7.p357-0.9.9.1 ruby-doc-ri-1.8.7.p357-0.9.9.1 ruby-examples-1.8.7.p357-0.9.9.1 ruby-test-suite-1.8.7.p357-0.9.9.1 ruby-tk-1.8.7.p357-0.9.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ruby-1.8.7.p357-0.9.9.1 ruby-doc-html-1.8.7.p357-0.9.9.1 ruby-tk-1.8.7.p357-0.9.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ruby-1.8.7.p357-0.9.9.1 ruby-doc-html-1.8.7.p357-0.9.9.1 ruby-tk-1.8.7.p357-0.9.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ruby-1.8.7.p357-0.9.9.1 References: http://support.novell.com/security/cve/CVE-2012-4522.html https://bugzilla.novell.com/783525 http://download.novell.com/patch/finder/?keywords=5ac69a022ffa717bb70bba9bdcbc60ca From sle-updates at lists.suse.com Tue Mar 12 11:04:52 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Mar 2013 18:04:52 +0100 (CET) Subject: SUSE-RU-2013:0436-1: Recommended update for WALinuxAgent Message-ID: <20130312170452.158F427F12@maintenance.suse.de> SUSE Recommended Update: Recommended update for WALinuxAgent ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0436-1 Rating: low References: #805648 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides WALinuxAgent 1.3.2, which includes the following fixes and enhancements: * Capture all system command output if an error has occurred * Normalization of shell commands on Python subprocess module * Add support to serial logging from boot when console=/dev/ttyS0 is set in the kernel boot options * Fix typo in DVD mounting procedure * Change default filesystem to ext3 * Fix name error in _HttpGet/HttpPost exception handlers. Indications: Every Windows Azure user should install this update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-WALinuxAgent-7432 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 1.3.2]: WALinuxAgent-1.3.2-0.5.1 References: https://bugzilla.novell.com/805648 http://download.novell.com/patch/finder/?keywords=9fd2952c54378ba1290156975e3d2f83 From sle-updates at lists.suse.com Tue Mar 12 11:04:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Mar 2013 18:04:57 +0100 (CET) Subject: SUSE-RU-2013:0437-1: Recommended update for parted Message-ID: <20130312170457.EB87727F12@maintenance.suse.de> SUSE Recommended Update: Recommended update for parted ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0437-1 Rating: low References: #436825 #639579 #687353 #696366 #716080 #796337 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This collective update for parted provides the following fixes: * Fix automatic correcting of GPT label which can cause problems on systems which use dmraid * Fix issues while resizing ReiserFS file systems with YaST2, when parted could either hang or fail to resize the file system. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): parted-1.6.25.1-15.37.1 parted-devel-1.6.25.1-15.37.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): parted-32bit-1.6.25.1-15.37.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): parted-x86-1.6.25.1-15.37.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): parted-64bit-1.6.25.1-15.37.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): parted-1.6.25.1-15.37.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): parted-32bit-1.6.25.1-15.37.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): parted-devel-1.6.25.1-15.37.1 References: https://bugzilla.novell.com/436825 https://bugzilla.novell.com/639579 https://bugzilla.novell.com/687353 https://bugzilla.novell.com/696366 https://bugzilla.novell.com/716080 https://bugzilla.novell.com/796337 http://download.novell.com/patch/finder/?keywords=95eb8b3a8b9b993d8881773fd517d062 From sle-updates at lists.suse.com Tue Mar 12 17:05:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 00:05:21 +0100 (CET) Subject: SUSE-RU-2013:0439-1: Recommended update for qscintilla Message-ID: <20130312230521.C717632158@maintenance.suse.de> SUSE Recommended Update: Recommended update for qscintilla ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0439-1 Rating: low References: #803338 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes python-qscintilla's compatibility to newer versions of python-sip. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libqscintilla-devel-7404 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libqscintilla-devel-7404 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libqscintilla-devel-2.3.2-1.34.1 libqscintilla2-5-2.3.2-1.34.1 python-qscintilla-2.3.2-1.34.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libqscintilla2-5-2.3.2-1.34.1 References: https://bugzilla.novell.com/803338 http://download.novell.com/patch/finder/?keywords=4df84c4fcc8f0895aef656199e550eec From sle-updates at lists.suse.com Tue Mar 12 17:05:27 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 00:05:27 +0100 (CET) Subject: SUSE-SU-2013:0440-1: important: Security update for Java Message-ID: <20130312230527.E4F2B32158@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-1 Rating: important References: #798535 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 7 was updated to SR4, fixing various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1487, CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0442, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-0419, CVE-2013-0423, CVE-2013-0351, CVE-2013-0432, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443, CVE-2013-1484, CVE-2013-1485, CVE-2013-0437, CVE-2013-0444, CVE-2013-0449, CVE-2013-0431, CVE-2013-0422, CVE-2012-3174. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_7_0-ibm-7454 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_7_0-ibm-7454 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_7_0-ibm-7454 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_7_0-ibm-7454 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_7_0-ibm-alsa-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_7_0-ibm-plugin-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_7_0-ibm-alsa-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-devel-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-jdbc-1.7.0_sr4.0-0.6.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr4.0-0.6.1 java-1_7_0-ibm-plugin-1.7.0_sr4.0-0.6.1 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=ec2cc97511073c725601f4d834445d63 From sle-updates at lists.suse.com Tue Mar 12 17:05:32 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 00:05:32 +0100 (CET) Subject: SUSE-SU-2013:0441-1: important: Security update for Perl Message-ID: <20130312230532.36C6F32174@maintenance.suse.de> SUSE Security Update: Security update for Perl ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0441-1 Rating: important References: #789994 #796014 #797060 #804415 Cross-References: CVE-2013-1667 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update of Perl 5 fixes the following security issues: * fix rehash DoS [bnc#804415] [CVE-2013-1667] * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] * fix glob denial of service [bnc#796014] [CVE-2011-2728] * sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329] Security Issue references: * CVE-2013-1667 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-perl-7439 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-perl-7439 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-perl-7439 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-perl-7439 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): perl-base-32bit-5.10.0-64.61.61.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): perl-base-x86-5.10.0-64.61.61.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): perl-5.10.0-64.61.61.1 perl-base-5.10.0-64.61.61.1 perl-doc-5.10.0-64.61.61.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): perl-32bit-5.10.0-64.61.61.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): perl-5.10.0-64.61.61.1 perl-base-5.10.0-64.61.61.1 perl-doc-5.10.0-64.61.61.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): perl-32bit-5.10.0-64.61.61.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): perl-x86-5.10.0-64.61.61.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): perl-5.10.0-64.61.61.1 perl-base-5.10.0-64.61.61.1 perl-doc-5.10.0-64.61.61.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): perl-32bit-5.10.0-64.61.61.1 References: http://support.novell.com/security/cve/CVE-2013-1667.html https://bugzilla.novell.com/789994 https://bugzilla.novell.com/796014 https://bugzilla.novell.com/797060 https://bugzilla.novell.com/804415 http://download.novell.com/patch/finder/?keywords=3663b3a5fb6a8f33323d36be1a8dda9d From sle-updates at lists.suse.com Tue Mar 12 17:05:37 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 00:05:37 +0100 (CET) Subject: SUSE-SU-2013:0442-1: important: Security update for Perl Message-ID: <20130312230537.7C01232174@maintenance.suse.de> SUSE Security Update: Security update for Perl ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0442-1 Rating: important References: #788388 #789994 #796014 #797060 #804415 Cross-References: CVE-2013-1667 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update of Perl 5 fixes the following security issues: * fix rehash DoS [bnc#804415] [CVE-2013-1667] * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] * fix glob denial of service [bnc#796014] [CVE-2011-2728] * sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329] * make getgrent work with long group entries [bnc#788388] Security Issue reference: * CVE-2013-1667 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): perl-5.8.8-14.21.3 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): perl-32bit-5.8.8-14.21.3 - SUSE Linux Enterprise Server 10 SP4 (ia64): perl-x86-5.8.8-14.21.3 - SUSE Linux Enterprise Server 10 SP4 (ppc): perl-64bit-5.8.8-14.21.3 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): perl-5.8.8-14.21.3 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): perl-32bit-5.8.8-14.21.3 References: http://support.novell.com/security/cve/CVE-2013-1667.html https://bugzilla.novell.com/788388 https://bugzilla.novell.com/789994 https://bugzilla.novell.com/796014 https://bugzilla.novell.com/797060 https://bugzilla.novell.com/804415 http://download.novell.com/patch/finder/?keywords=ed1929d51b82752f08399dada0ae2769 From sle-updates at lists.suse.com Wed Mar 13 11:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 18:04:26 +0100 (CET) Subject: SUSE-SU-2013:0440-2: important: Security update for Java Message-ID: <20130313170426.DEA7D32049@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-2 Rating: important References: #798535 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 11 SP2 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1478, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_4_2-ibm-7450 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_4_2-ibm-7450 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_4_2-ibm-7450 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_4_2-ibm-7450 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-devel-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.3.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.3.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.6.1 java-1_4_2-ibm-devel-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.3.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ia64 ppc s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.6.1 java-1_4_2-ibm-devel-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Java 10 SP4 (i586): java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.6.1 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=93cb6121fadaf694135bd63c1f9156b6 http://download.novell.com/patch/finder/?keywords=ec9d22c393a1ca0adfb36328a12130ef From sle-updates at lists.suse.com Wed Mar 13 11:04:32 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 18:04:32 +0100 (CET) Subject: SUSE-YU-2013:0444-1: moderate: YOU update for Software Update Stack Message-ID: <20130313170432.B7B1632174@maintenance.suse.de> SUSE YOU Update: YOU update for Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:0444-1 Rating: moderate References: #722551 #742633 #785832 #788863 #795076 #795267 #803941 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 SUSE Manager Client Tools for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 7 YOU fixes can now be installed. It includes 5 new package versions. Description: This update for the software update stack 2013/02 provides the following fixes: zypper: * Add '--oldpackage' to allow rollback without --force (bnc#795076) * Add missing --recommends to verify command (bnc#722551) * Fix source-install to accept package names and lookup their source package (bnc#785832) * Command line arguments must not silently overrule locks (bnc#742633, bnc#788863). libsatsolver: * Fix handling of installable requires (bnc#795267). zypp-plugin-spacewalk: * Use new zypper option --oldpackage to support package downgrades (bnc#795076) * Prevent some future actions to be executed immediately (bnc#803941). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-softwaremgmt-201302-7358 - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-softwaremgmt-201302-7358 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-softwaremgmt-201302-7358 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-softwaremgmt-201302-7358 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-softwaremgmt-201302-7358 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-softwaremgmt-201302-7358 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64) [New Version: 0.9.1]: zypp-plugin-spacewalk-0.9.1-0.7.1 - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): zypp-plugin-spacewalk-0.9.1-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.7,0.44.5 and 9.12.11]: libsatsolver-devel-0.17.7-0.6.2.1 libzypp-devel-9.12.11-0.5.9 ruby-satsolver-0.44.5-0.5.68 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.17.7,0.44.5,0.9.1,1.6.170 and 9.12.11]: libzypp-9.12.11-0.5.9 perl-satsolver-0.44.5-0.5.68 python-satsolver-0.44.5-0.5.68 satsolver-tools-0.17.7-0.6.2.1 zypp-plugin-spacewalk-0.9.1-0.7.1 zypper-1.6.170-0.5.2 zypper-log-1.6.170-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.7,0.44.5,0.9.1,1.6.170 and 9.12.11]: libzypp-9.12.11-0.5.9 perl-satsolver-0.44.5-0.5.68 python-satsolver-0.44.5-0.5.68 satsolver-tools-0.17.7-0.6.2.1 zypp-plugin-spacewalk-0.9.1-0.7.1 zypper-1.6.170-0.5.2 zypper-log-1.6.170-0.5.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.17.7,0.44.5,0.9.1,1.6.170 and 9.12.11]: libzypp-9.12.11-0.5.9 perl-satsolver-0.44.5-0.5.68 python-satsolver-0.44.5-0.5.68 satsolver-tools-0.17.7-0.6.2.1 zypp-plugin-spacewalk-0.9.1-0.7.1 zypper-1.6.170-0.5.2 zypper-log-1.6.170-0.5.2 References: https://bugzilla.novell.com/722551 https://bugzilla.novell.com/742633 https://bugzilla.novell.com/785832 https://bugzilla.novell.com/788863 https://bugzilla.novell.com/795076 https://bugzilla.novell.com/795267 https://bugzilla.novell.com/803941 http://download.novell.com/patch/finder/?keywords=f3726fcaab837ae7526cae6f5755b89f From sle-updates at lists.suse.com Wed Mar 13 12:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 19:04:31 +0100 (CET) Subject: SUSE-YU-2013:0445-1: moderate: YOU update for Software Update Stack Message-ID: <20130313180431.1663D32158@maintenance.suse.de> SUSE YOU Update: YOU update for Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:0445-1 Rating: moderate References: #665327 #722551 #769819 #785832 #795076 #803941 Affected Products: SUSE Manager Client Tools for SLE 11 SP1 ______________________________________________________________________________ An update that has 6 YOU fixes can now be installed. Description: This update for the software update stack 2013/02 provides the following fixes: libzypp: * Filter zero sized devices in disk usage counter (bnc#769819) * Fix possibly reporting timeout as "aborted by user" (bnc#665327). zypper: * Add '--oldpackage' to allow rollback without --force (bnc#795076) * Add missing --recommends to verify command (bnc#722551) * Fix source-install to accept package names and lookup their source package (bnc#785832). zypp-plugin-spacewalk: * Use new zypper option --oldpackage to support package downgrades (bnc#795076) * Prevent some future actions to be executed immediately (bnc#803941). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP1: zypper in -t patch slesctsp1-softwaremgmt-201302-7360 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP1 (i586 ia64 ppc64 s390x x86_64): libzypp-6.37.11-0.3.2 zypp-plugin-spacewalk-0.9.1-0.4.1 zypper-1.3.23-0.3.3 References: https://bugzilla.novell.com/665327 https://bugzilla.novell.com/722551 https://bugzilla.novell.com/769819 https://bugzilla.novell.com/785832 https://bugzilla.novell.com/795076 https://bugzilla.novell.com/803941 http://download.novell.com/patch/finder/?keywords=3436af9f93ba4b7d9e5ffcbfd6bf5ac0 From sle-updates at lists.suse.com Wed Mar 13 12:04:35 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 19:04:35 +0100 (CET) Subject: SUSE-RU-2013:0446-1: Recommended update for SUSE Manager Message-ID: <20130313180436.0BFEC32158@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0446-1 Rating: low References: #785462 #786341 #791905 #792676 #793415 #794155 #794293 #794299 #794848 #795308 #795360 #796391 #797057 #797884 #797890 #798131 #798342 #798807 #799530 #800758 #801189 #801758 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 22 recommended fixes can now be installed. It includes 12 new package versions. Description: This collective update for SUSE Manager 1.7 provides the following fixes and enhancements: sm-ncc-sync-data: * Add possibility to migrate from SLED 11 SP1 to SP2 * Add support for SUSE Cloud 1.0. spacewalk-backend: * reposync: send patch notifications only for new patches * reposync: collect download errors and send error mail * reposync: compare patch version as integers * Do not send null values for new products via XMLRPC. spacewalk-branding: * Add missing strings for SUSE-only taskomatic jobs. spacewalk-certs-tools: * Use https in the bootstrap script as described in the comment. spacewalk-client-tools: * Fix reading cpuinfo on s390x * Try to get the FQDN as hostname. spacewalk-java: * Fix branding of API example scripts * Fix the 'Replace Existing Subscriptions' SSM config channel option * Prevent NPE when package description might be null * Added email field to user list csv * Support for Australia EST/EDT timezones * Remove restrictions on proxy channel subscriptions * Make images of type 'kvm' show up on the UI * Resolve FQDN of hostname taken from the request * Add missing strings for configuration management * Use proxy host for kickstarting virtual guest if available * Try to determine localhost's FQDN * Check for zypp-plugin-spacewalk if testing autoinstall capability * Preserve product name when cloning channels using API. spacewalk-reports: * Add OSAD status report * Add report of package upgrades available for systems * Add system custom info report * Add spacewalk-report inactive-systems RFE * Add spacewalk-report system-packages-installed * Add additional column in spacewalk-report inventory. spacewalk-search: * Fix errata search by CVE. spacewalk-web: * Fix duplicate headline for virtual guests * Fix navigation items for perl pages. susemanager-schema: * Take care that all migrations will be applied * Fix schema upgrade for rhnPackageCapability. susemanager: * Fix mgr-ncc-sync if --from-dir is used. How to apply this update: 1. Log in as root user to the SUSE Manager server 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start. Indications: Everybody should update. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-suse-manager17-201302-7337 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.1.7,1.7.21 and 1.7.38.23]: spacewalk-backend-1.7.38.23-0.5.5 spacewalk-backend-app-1.7.38.23-0.5.5 spacewalk-backend-applet-1.7.38.23-0.5.5 spacewalk-backend-config-files-1.7.38.23-0.5.5 spacewalk-backend-config-files-common-1.7.38.23-0.5.5 spacewalk-backend-config-files-tool-1.7.38.23-0.5.5 spacewalk-backend-iss-1.7.38.23-0.5.5 spacewalk-backend-iss-export-1.7.38.23-0.5.5 spacewalk-backend-libs-1.7.38.23-0.5.5 spacewalk-backend-package-push-server-1.7.38.23-0.5.5 spacewalk-backend-server-1.7.38.23-0.5.5 spacewalk-backend-sql-1.7.38.23-0.5.5 spacewalk-backend-sql-oracle-1.7.38.23-0.5.5 spacewalk-backend-sql-postgresql-1.7.38.23-0.5.5 spacewalk-backend-tools-1.7.38.23-0.5.5 spacewalk-backend-xml-export-libs-1.7.38.23-0.5.5 spacewalk-backend-xmlrpc-1.7.38.23-0.5.5 spacewalk-backend-xp-1.7.38.23-0.5.5 spacewalk-branding-1.7.1.7-0.5.2 susemanager-1.7.21-0.5.5 susemanager-tools-1.7.21-0.5.5 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.1.5,1.7.14.14,1.7.28.15,1.7.3.7,1.7.3.9,1.7.54.23,1.7.56.17,1.7.8 and 5.10.41.8]: osa-dispatcher-5.10.41.8-0.5.1 sm-ncc-sync-data-1.7.8-0.5.1 spacewalk-base-1.7.28.15-0.5.1 spacewalk-base-minimal-1.7.28.15-0.5.1 spacewalk-certs-tools-1.7.3.7-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 spacewalk-grail-1.7.28.15-0.5.1 spacewalk-html-1.7.28.15-0.5.1 spacewalk-java-1.7.54.23-0.5.3 spacewalk-java-config-1.7.54.23-0.5.3 spacewalk-java-lib-1.7.54.23-0.5.3 spacewalk-java-oracle-1.7.54.23-0.5.3 spacewalk-java-postgresql-1.7.54.23-0.5.3 spacewalk-pxt-1.7.28.15-0.5.1 spacewalk-reports-1.7.1.5-0.5.1 spacewalk-search-1.7.3.9-0.5.2 spacewalk-sniglets-1.7.28.15-0.5.1 spacewalk-taskomatic-1.7.54.23-0.5.3 susemanager-client-config_en-pdf-1.7-0.15.4 susemanager-install_en-pdf-1.7-0.15.4 susemanager-jsp_en-1.7-0.15.4 susemanager-manuals_en-1.7-0.15.4 susemanager-proxy-quick_en-pdf-1.7-0.15.4 susemanager-quick_en-pdf-1.7-0.15.4 susemanager-reference_en-pdf-1.7-0.15.4 susemanager-schema-1.7.56.17-0.5.1 References: https://bugzilla.novell.com/785462 https://bugzilla.novell.com/786341 https://bugzilla.novell.com/791905 https://bugzilla.novell.com/792676 https://bugzilla.novell.com/793415 https://bugzilla.novell.com/794155 https://bugzilla.novell.com/794293 https://bugzilla.novell.com/794299 https://bugzilla.novell.com/794848 https://bugzilla.novell.com/795308 https://bugzilla.novell.com/795360 https://bugzilla.novell.com/796391 https://bugzilla.novell.com/797057 https://bugzilla.novell.com/797884 https://bugzilla.novell.com/797890 https://bugzilla.novell.com/798131 https://bugzilla.novell.com/798342 https://bugzilla.novell.com/798807 https://bugzilla.novell.com/799530 https://bugzilla.novell.com/800758 https://bugzilla.novell.com/801189 https://bugzilla.novell.com/801758 http://download.novell.com/patch/finder/?keywords=c19358433c52014ddf735d77c8db9b7f From sle-updates at lists.suse.com Wed Mar 13 12:04:42 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 19:04:42 +0100 (CET) Subject: SUSE-YU-2013:0447-1: moderate: YOU update for Software Update Stack Message-ID: <20130313180442.929E132158@maintenance.suse.de> SUSE YOU Update: YOU update for Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:0447-1 Rating: moderate References: #614646 #665327 #687530 #722551 #745404 #748144 #749418 #751976 #761985 #765164 #765267 #769819 #770630 #785832 #795076 #803941 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has 16 YOU fixes can now be installed. Description: This update for the software update stack 2013/02 provides the following fixes: libzypp: * Filter zero sized devices in disk usage counter (bnc#769819) * Fix possibly reporting timeout as "aborted by user" (bnc#665327) * Allow libcurl to take proxy from environment if proxy is not configured or disallowed (bnc#745404) * Fix processing of weak locks (bnc#749418, bnc#765164) * Fix typos in zypp.conf (bnc#761985). zypper: * Add '--oldpackage' to allow rollback without --force (bnc#795076) * Add missing --recommends to verify command (bnc#722551) * Fix source-install to accept package names and lookup their source package (bnc#785832) * Don't link setuid wrapper against libzypp (bnc#770630) * Backport zypper.conf parser fixes (bnc#765267) * Fix augeas lens enforcing a non empty anonymous section (bnc#748144) * At least warn if config file can not be parsed * Fix zypp.conf lens (bnc#687530) * Eat trailing whitespace in zypper.conf (bnc#687530) * Fix zypp.conf lens to ignore commented option values * Fix crashing zypper when there are double config entrys in zypper.conf (bnc#614646) * Let zypper remove lock follow addlock with respect to args and behavior (bnc#751976). zypp-plugin-spacewalk: * Use new zypper option --oldpackage to support package downgrades (bnc#795076) * Prevent some future actions to be executed immediately (bnc#803941). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): libzypp-6.37.11-0.5.1 zypp-plugin-spacewalk-0.9.1-0.5.1 zypper-1.3.23-0.5.2 - SLE CLIENT TOOLS 10 for s390x (s390x): libzypp-6.37.11-0.5.1 zypp-plugin-spacewalk-0.9.1-0.5.1 zypper-1.3.23-0.5.2 - SLE CLIENT TOOLS 10 for ia64 (ia64): libzypp-6.37.11-0.5.1 zypp-plugin-spacewalk-0.9.1-0.5.1 zypper-1.3.23-0.5.2 - SLE CLIENT TOOLS 10 for PPC (ppc): libzypp-6.37.11-0.5.2 zypp-plugin-spacewalk-0.9.1-0.5.2 zypper-1.3.23-0.5.3 - SLE CLIENT TOOLS 10 (i586): libzypp-6.37.11-0.5.1 zypp-plugin-spacewalk-0.9.1-0.5.1 zypper-1.3.23-0.5.2 References: https://bugzilla.novell.com/614646 https://bugzilla.novell.com/665327 https://bugzilla.novell.com/687530 https://bugzilla.novell.com/722551 https://bugzilla.novell.com/745404 https://bugzilla.novell.com/748144 https://bugzilla.novell.com/749418 https://bugzilla.novell.com/751976 https://bugzilla.novell.com/761985 https://bugzilla.novell.com/765164 https://bugzilla.novell.com/765267 https://bugzilla.novell.com/769819 https://bugzilla.novell.com/770630 https://bugzilla.novell.com/785832 https://bugzilla.novell.com/795076 https://bugzilla.novell.com/803941 http://download.novell.com/patch/finder/?keywords=323049399cce40141b8877322fa58786 From sle-updates at lists.suse.com Wed Mar 13 12:04:48 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 19:04:48 +0100 (CET) Subject: SUSE-RU-2013:0448-1: Recommended update for SUSE Manager Proxy Message-ID: <20130313180448.93F9532158@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0448-1 Rating: low References: #794293 #794299 #796581 #798131 #799530 #799684 #800821 #801189 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes 9 new package versions. Description: This collective update for SUSE Manager Proxy 1.7 provides the following fixes and enhancements: rhncfg: * Fix web user interface config diff, which always shows 'binary files differ' * Make rhncfg diff output configurable. rhnmd: * Start rhnmd as user nocpulse and move PID file to writable directory. spacewalk-certs-tools: * Use https in the bootstrap script as described in the comment. spacewalk-client-tools: * Fix reading cpuinfo on s390x * Try to get the FQDN as hostname. spacewalk-proxy-installer: * Remove superfluous settings from cobbler-proxy.conf. spacewalk-proxy: * Raise NotLocalError if package is not in cache file. How to apply this update: 1. Log in as root user to the SUSE Manager proxy 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update 4. Start the Spacewalk service: spacewalk-proxy start. Indications: Everybody should update. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-suse-manager-proxy17-201302-7333 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.38.23]: spacewalk-backend-1.7.38.23-0.5.5 spacewalk-backend-libs-1.7.38.23-0.5.5 - SUSE Manager Proxy 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.12.9,1.7.14.14,1.7.28.15,1.7.3.7,1.7.6.8,5.10.27.9,5.10.41.8 and 5.3.10.5]: osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-base-minimal-1.7.28.15-0.5.1 spacewalk-certs-tools-1.7.3.7-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 spacewalk-proxy-broker-1.7.12.9-0.5.1 spacewalk-proxy-common-1.7.12.9-0.5.1 spacewalk-proxy-installer-1.7.6.8-0.5.2 spacewalk-proxy-management-1.7.12.9-0.5.1 spacewalk-proxy-package-manager-1.7.12.9-0.5.1 spacewalk-proxy-redirect-1.7.12.9-0.5.1 References: https://bugzilla.novell.com/794293 https://bugzilla.novell.com/794299 https://bugzilla.novell.com/796581 https://bugzilla.novell.com/798131 https://bugzilla.novell.com/799530 https://bugzilla.novell.com/799684 https://bugzilla.novell.com/800821 https://bugzilla.novell.com/801189 http://download.novell.com/patch/finder/?keywords=ac9f342376eabd0ed6731fc738d4ebba From sle-updates at lists.suse.com Wed Mar 13 14:04:27 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 21:04:27 +0100 (CET) Subject: SUSE-RU-2013:0450-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130313200427.EC17832049@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0450-1 Rating: low References: #797057 #799530 #800821 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update provides the following fixes and enhancements: rhncfg: * Fix web user interface config diff, which always shows 'binary files differ' * Make rhncfg diff output configurable. rhnmd: * Start rhnmd as user nocpulse and move PID file to writable directory. rhn-virtualization: * Support SUSE Studio KVM image type. spacewalk-client-tools: * Fix reading cpuinfo on s390x * Try to get the FQDN as hostname. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-client-tools-201302-7334 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): spacewalk-backend-libs-1.7.38.23-0.5.5 - SUSE Manager Client Tools for SLE 11 SP2 (noarch): osad-5.10.41.8-0.5.1 rhn-virtualization-common-5.4.34.11-0.5.1 rhn-virtualization-host-5.4.34.11-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 References: https://bugzilla.novell.com/797057 https://bugzilla.novell.com/799530 https://bugzilla.novell.com/800821 http://download.novell.com/patch/finder/?keywords=c471015f07ee01446d0bb33ca03ea9a0 From sle-updates at lists.suse.com Wed Mar 13 14:04:32 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 21:04:32 +0100 (CET) Subject: SUSE-RU-2013:0451-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130313200432.A366932148@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0451-1 Rating: low References: #799530 #800821 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update provides the following fixes and enhancements: rhncfg: * Fix web user interface config diff, which always shows 'binary files differ' * Make rhncfg diff output configurable. rhnmd: * Start rhnmd as user nocpulse and move PID file to writable directory. spacewalk-client-tools: * Fix reading cpuinfo on s390x * Try to get the FQDN as hostname. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): spacewalk-backend-libs-1.7.38.23-0.5.1 - SLE CLIENT TOOLS 10 for x86_64 (noarch): osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SLE CLIENT TOOLS 10 for s390x (noarch): osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SLE CLIENT TOOLS 10 for s390x (s390x): spacewalk-backend-libs-1.7.38.23-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (ia64): spacewalk-backend-libs-1.7.38.23-0.5.1 - SLE CLIENT TOOLS 10 for PPC (noarch): osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SLE CLIENT TOOLS 10 for PPC (ppc): spacewalk-backend-libs-1.7.38.23-0.5.1 - SLE CLIENT TOOLS 10 (noarch): osad-5.10.41.8-0.5.1 rhncfg-5.10.27.9-0.5.1 rhncfg-actions-5.10.27.9-0.5.1 rhncfg-client-5.10.27.9-0.5.1 rhncfg-management-5.10.27.9-0.5.1 rhnmd-5.3.10.5-0.5.1 spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SLE CLIENT TOOLS 10 (i586): spacewalk-backend-libs-1.7.38.23-0.5.1 References: https://bugzilla.novell.com/799530 https://bugzilla.novell.com/800821 http://download.novell.com/patch/finder/?keywords=97410597fcd8c907a3e72c7ec22a0290 From sle-updates at lists.suse.com Wed Mar 13 14:04:38 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Mar 2013 21:04:38 +0100 (CET) Subject: SUSE-RU-2013:0452-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130313200438.D001132049@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0452-1 Rating: low References: #722052 #776356 #787156 #799530 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes three new package versions. Description: This collective update provides SUSE Manager Client Tools version 1.7. The updated packages include many fixes and enhancements: spacewalk-client-tools: * Fix reading cpuinfo on s390x * Try to get the FQDN as hostname * Check CA certificate files only when needed * rhn-channel: add new option to list base channel of a system * Fix leaking file descriptor * Add new script rhn-update-status to update the uptime and kernel version on the server * Do not change channels during upgrade_version * Fix getOSVersionAndRelease for multiple products * Keep permissions and owner of systemid file * Make multi-line lists in conf files parse correctly * rhn-profile-sync exits with status 1 if libvirtd is not running * Read memory information on kernels 3.x * Allow linking against OpenSSL * Feclace YumBaseError the same way as yum did * Fix package dependency on newt. rhnlib: * Allow linking against OpenSSL. suseRegisterInfo: * Pre-compile Python code to prevent verification issues. Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-client-tools-201302-7346 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-client-tools-201302-7346 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-client-tools-201302-7346 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.7.3 and 2.5.51.3]: rhnlib-2.5.51.3-0.7.10 suseRegisterInfo-1.7.3-0.5.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 1.7.14.14]: spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.7.3 and 2.5.51.3]: rhnlib-2.5.51.3-0.7.10 suseRegisterInfo-1.7.3-0.5.3 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 1.7.14.14]: spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.7.3 and 2.5.51.3]: rhnlib-2.5.51.3-0.7.10 suseRegisterInfo-1.7.3-0.5.3 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 1.7.14.14]: spacewalk-check-1.7.14.14-0.5.1 spacewalk-client-setup-1.7.14.14-0.5.1 spacewalk-client-tools-1.7.14.14-0.5.1 References: https://bugzilla.novell.com/722052 https://bugzilla.novell.com/776356 https://bugzilla.novell.com/787156 https://bugzilla.novell.com/799530 http://download.novell.com/patch/finder/?keywords=fcf48747b40ea748725976bd2e7ae86a From sle-updates at lists.suse.com Wed Mar 13 21:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 04:04:26 +0100 (CET) Subject: SUSE-RU-2013:0453-1: Recommended update for cpupower Message-ID: <20130314030426.9759B32049@maintenance.suse.de> SUSE Recommended Update: Recommended update for cpupower ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0453-1 Rating: low References: #784469 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for cpupower adds support for Intel IvyBridge and Haswell CPUs. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cpupower-7422 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cpupower-7422 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cpupower-7422 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): cpupower-2.6.39-2.12.18.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): cpupower-2.6.39-2.12.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): cpupower-2.6.39-2.12.18.1 References: https://bugzilla.novell.com/784469 http://download.novell.com/patch/finder/?keywords=f8fea35745f320a870999f7cfc89b4ef From sle-updates at lists.suse.com Thu Mar 14 10:04:53 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 17:04:53 +0100 (CET) Subject: SUSE-SU-2013:0456-1: important: Security update for Java Message-ID: <20130314160453.1F6C027FA2@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0456-1 Rating: important References: #798535 #808625 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1487, CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0442, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0419, CVE-2013-0423, CVE-2013-0351, CVE-2013-0432, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-devel-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-devel-32bit-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-plugin-32bit-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_6_0-ibm-64bit-1.6.0_sr13.0-0.13.3 - SUSE Linux Enterprise Java 10 SP4 (x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-devel-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.13.3 java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.13.3 References: https://bugzilla.novell.com/798535 https://bugzilla.novell.com/808625 http://download.novell.com/patch/finder/?keywords=78075f3faaadfb1d4a70cc040d243ecc From sle-updates at lists.suse.com Thu Mar 14 10:04:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 17:04:57 +0100 (CET) Subject: SUSE-SU-2013:0457-1: moderate: Security update for libqt4 Message-ID: <20130314160457.95D9D27FA2@maintenance.suse.de> SUSE Security Update: Security update for libqt4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0457-1 Rating: moderate References: #784197 #797006 #802634 Cross-References: CVE-2013-0254 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: libqt4 has been updated to fix several security issues. * An information disclosure via QSharedMemory was fixed which allowed local attackers to read information (e.g. bitmap content) from the attacked user (CVE-2013-0254). * openssl-incompatibility-fix.diff: Fix wrong error reporting when using a binary incompatible version of openSSL (bnc#797006, CVE-2012-6093) * Various compromised SSL root certificates were blacklisted. Also a non-security bugfix has been applied: * Add fix for qdbusviewer not matching args (bnc#784197) Security Issue reference: * CVE-2013-0254 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libQtWebKit-devel-7441 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libQtWebKit-devel-7441 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libQtWebKit-devel-7441 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libQtWebKit-devel-7441 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libQtWebKit-devel-4.6.3-5.20.23.1 libqt4-devel-4.6.3-5.20.23.1 libqt4-devel-doc-4.6.3-5.20.23.1 libqt4-sql-postgresql-4.6.3-5.20.23.1 libqt4-sql-unixODBC-4.6.3-5.20.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.20.23.1 libqt4-sql-mysql-32bit-4.6.3-5.20.23.1 libqt4-sql-postgresql-32bit-4.6.3-5.20.23.1 libqt4-sql-sqlite-32bit-4.6.3-5.20.23.1 libqt4-sql-unixODBC-32bit-4.6.3-5.20.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): libqt4-devel-doc-data-4.6.3-5.20.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): libQtWebKit4-x86-4.6.3-5.20.23.1 libqt4-sql-mysql-x86-4.6.3-5.20.23.1 libqt4-sql-postgresql-x86-4.6.3-5.20.23.1 libqt4-sql-sqlite-x86-4.6.3-5.20.23.1 libqt4-sql-unixODBC-x86-4.6.3-5.20.23.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libQtWebKit4-4.6.3-5.20.23.1 libqt4-4.6.3-5.20.23.1 libqt4-qt3support-4.6.3-5.20.23.1 libqt4-sql-4.6.3-5.20.23.1 libqt4-sql-mysql-4.6.3-5.20.23.1 libqt4-sql-sqlite-4.6.3-5.20.23.1 libqt4-x11-4.6.3-5.20.23.1 qt4-x11-tools-4.6.3-5.20.23.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libQtWebKit4-32bit-4.6.3-5.20.23.1 libqt4-32bit-4.6.3-5.20.23.1 libqt4-qt3support-32bit-4.6.3-5.20.23.1 libqt4-sql-32bit-4.6.3-5.20.23.1 libqt4-x11-32bit-4.6.3-5.20.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libQtWebKit4-4.6.3-5.20.23.1 libqt4-4.6.3-5.20.23.1 libqt4-qt3support-4.6.3-5.20.23.1 libqt4-sql-4.6.3-5.20.23.1 libqt4-sql-mysql-4.6.3-5.20.23.1 libqt4-sql-sqlite-4.6.3-5.20.23.1 libqt4-x11-4.6.3-5.20.23.1 qt4-x11-tools-4.6.3-5.20.23.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.20.23.1 libqt4-32bit-4.6.3-5.20.23.1 libqt4-qt3support-32bit-4.6.3-5.20.23.1 libqt4-sql-32bit-4.6.3-5.20.23.1 libqt4-x11-32bit-4.6.3-5.20.23.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libQtWebKit4-x86-4.6.3-5.20.23.1 libqt4-qt3support-x86-4.6.3-5.20.23.1 libqt4-sql-x86-4.6.3-5.20.23.1 libqt4-x11-x86-4.6.3-5.20.23.1 libqt4-x86-4.6.3-5.20.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libQtWebKit4-4.6.3-5.20.23.1 libqt4-4.6.3-5.20.23.1 libqt4-qt3support-4.6.3-5.20.23.1 libqt4-sql-4.6.3-5.20.23.1 libqt4-sql-mysql-4.6.3-5.20.23.1 libqt4-sql-postgresql-4.6.3-5.20.23.1 libqt4-sql-sqlite-4.6.3-5.20.23.1 libqt4-sql-unixODBC-4.6.3-5.20.23.1 libqt4-x11-4.6.3-5.20.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libQtWebKit4-32bit-4.6.3-5.20.23.1 libqt4-32bit-4.6.3-5.20.23.1 libqt4-qt3support-32bit-4.6.3-5.20.23.1 libqt4-sql-32bit-4.6.3-5.20.23.1 libqt4-sql-mysql-32bit-4.6.3-5.20.23.1 libqt4-sql-postgresql-32bit-4.6.3-5.20.23.1 libqt4-sql-sqlite-32bit-4.6.3-5.20.23.1 libqt4-sql-unixODBC-32bit-4.6.3-5.20.23.1 libqt4-x11-32bit-4.6.3-5.20.23.1 References: http://support.novell.com/security/cve/CVE-2013-0254.html https://bugzilla.novell.com/784197 https://bugzilla.novell.com/797006 https://bugzilla.novell.com/802634 http://download.novell.com/patch/finder/?keywords=319695c0369c1600598cb3ff3f78d73a From sle-updates at lists.suse.com Thu Mar 14 10:05:04 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 17:05:04 +0100 (CET) Subject: SUSE-SU-2013:0458-1: critical: Security update for flash-player Message-ID: <20130314160504.2C29627FA2@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0458-1 Rating: critical References: #808973 Cross-References: CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: Adobe Flash Player has been updated to security release 11.2.202.275 (APSB13-09), fixing severe security issues. (CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375) More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.ht ml Security Issue references: * CVE-2013-0646 * CVE-2013-0650 * CVE-2013-1371 * CVE-2013-1375 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-7491 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.275]: flash-player-11.2.202.275-0.3.1 flash-player-gnome-11.2.202.275-0.3.1 flash-player-kde4-11.2.202.275-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.275]: flash-player-11.2.202.275-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0646.html http://support.novell.com/security/cve/CVE-2013-0650.html http://support.novell.com/security/cve/CVE-2013-1371.html http://support.novell.com/security/cve/CVE-2013-1375.html https://bugzilla.novell.com/808973 http://download.novell.com/patch/finder/?keywords=a590b251093353c9a532d47fac07b211 http://download.novell.com/patch/finder/?keywords=ced16d4be49bc3ca3c262247f4abcd7e From sle-updates at lists.suse.com Thu Mar 14 11:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 18:04:28 +0100 (CET) Subject: SUSE-RU-2013:0460-1: Recommended update for Modules Message-ID: <20130314170428.AD06132049@maintenance.suse.de> SUSE Recommended Update: Recommended update for Modules ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0460-1 Rating: low References: #794182 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the Modules package provides one fix for Python support. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-Modules-7320 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): Modules-3.1.6-39.11.1 References: https://bugzilla.novell.com/794182 http://download.novell.com/patch/finder/?keywords=2acf096b3bcd81ed156b99af81971dfc From sle-updates at lists.suse.com Thu Mar 14 12:04:53 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 19:04:53 +0100 (CET) Subject: SUSE-RU-2013:0461-1: moderate: Recommended update for virt-utils Message-ID: <20130314180453.4A6792BFA9@maintenance.suse.de> SUSE Recommended Update: Recommended update for virt-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0461-1 Rating: moderate References: #793271 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for virt-utils fixes a syntactical error in vm-snapshot-disk and provides a minor version update for qemu-nbd and qemu-img utilities. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-virt-utils-7470 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-virt-utils-7470 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.1.8]: virt-utils-1.1.8-0.14.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.1.8]: virt-utils-1.1.8-0.14.1 References: https://bugzilla.novell.com/793271 http://download.novell.com/patch/finder/?keywords=cb80b181bac38f16c00d15b7dc446220 From sle-updates at lists.suse.com Thu Mar 14 15:04:19 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 22:04:19 +0100 (CET) Subject: SUSE-SU-2013:0456-2: important: Security update for Java Message-ID: <20130314210419.41B6232172@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0456-2 Rating: important References: #798535 #808625 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1487, CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0442, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0419, CVE-2013-0423, CVE-2013-0351, CVE-2013-0432, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443. Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.7.7.1 java-1_6_0-ibm-devel-1.6.0_sr13.0-0.7.7.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.7.7.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.7.7.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr13.0-0.7.7.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr13.0-0.7.7.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.7.7.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr13.0-0.7.7.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr13.0-0.7.7.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.7.7.1 References: https://bugzilla.novell.com/798535 https://bugzilla.novell.com/808625 http://download.novell.com/patch/finder/?keywords=219c5ead437be21a7209a3563ce35c71 From sle-updates at lists.suse.com Thu Mar 14 16:04:43 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Mar 2013 23:04:43 +0100 (CET) Subject: SUSE-SU-2013:0440-3: important: Security update for Java Message-ID: <20130314220443.B2DD72BFA8@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-3 Rating: important References: #798535 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1478, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-java-1_4_2-ibm-7479 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_4_2-ibm-7479 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.3.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.3.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.3.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): java-1_4_2-ibm-1.4.2_sr13.15-0.6.1 java-1_4_2-ibm-devel-1.4.2_sr13.15-0.6.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): java-1_4_2-ibm-jdbc-1.4.2_sr13.15-0.6.1 java-1_4_2-ibm-plugin-1.4.2_sr13.15-0.6.1 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=7014ea77ffe5c5f4f2e593888baa766b http://download.novell.com/patch/finder/?keywords=fc8b17df6be0cc8370eff53d8c702e02 From sle-updates at lists.suse.com Fri Mar 15 09:04:20 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 16:04:20 +0100 (CET) Subject: SUSE-SU-2013:0456-3: important: Security update for Java Message-ID: <20130315150420.178E332025@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0456-3 Rating: important References: #798535 #808625 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1487, CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0442, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0419, CVE-2013-0423, CVE-2013-0351, CVE-2013-0432, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-7482 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_6_0-ibm-7482 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.8.1 References: https://bugzilla.novell.com/798535 https://bugzilla.novell.com/808625 http://download.novell.com/patch/finder/?keywords=56a53806f2b9b8ace0893e899300698c From sle-updates at lists.suse.com Fri Mar 15 10:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 17:04:28 +0100 (CET) Subject: SUSE-SU-2013:0469-1: Security update for apache2 Message-ID: <20130315160428.ABFF23213E@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0469-1 Rating: low References: #688472 #719236 #722545 #727071 #727993 #729181 #736706 #738855 #741243 #743743 #757710 #777260 Cross-References: CVE-2012-0021 CVE-2012-0883 CVE-2012-2687 CVE-2012-4557 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has 8 fixes is now available. Description: This Apache2 LTSS roll-up update for SUSE Linux Enterprise 10 SP3 LTSS fixes the following security issues and bugs: * CVE-2012-4557: Denial of Service via special requests in mod_proxy_ajp * CVE-2012-0883: improper LD_LIBRARY_PATH handling * CVE-2012-2687: filename escaping problem * CVE-2012-0031: Fixed a scoreboard corruption (shared mem segment) by child causes crash of privileged parent (invalid free()) during shutdown. * CVE-2012-0053: Fixed an issue in error responses that could expose "httpOnly" cookies when no custom ErrorDocument is specified for status code 400". * The SSL configuration template has been adjusted not to suggested weak ciphers * CVE-2007-6750: The "mod_reqtimeout" module was backported from Apache 2.2.21 to help mitigate the "Slowloris" Denial of Service attack. You need to enable the "mod_reqtimeout" module in your existing apache configuration to make it effective, e.g. in the APACHE_MODULES line in /etc/sysconfig/apache2. * CVE-2011-3639, CVE-2011-3368, CVE-2011-4317: This update also includes several fixes for a mod_proxy reverse exposure via RewriteRule or ProxyPassMatch directives. * CVE-2011-1473: Fixed the SSL renegotiation DoS by disabling renegotiation by default. * CVE-2011-3607: Integer overflow in ap_pregsub function resulting in a heap based buffer overflow could potentially allow local attackers to gain privileges Additionally, some non-security bugs have been fixed which are listed in the changelog file. Security Issue references: * CVE-2012-4557 * CVE-2012-2687 * CVE-2012-0883 * CVE-2012-0021 Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): apache2-2.2.3-16.32.45.1 apache2-devel-2.2.3-16.32.45.1 apache2-doc-2.2.3-16.32.45.1 apache2-example-pages-2.2.3-16.32.45.1 apache2-prefork-2.2.3-16.32.45.1 apache2-worker-2.2.3-16.32.45.1 References: http://support.novell.com/security/cve/CVE-2012-0021.html http://support.novell.com/security/cve/CVE-2012-0883.html http://support.novell.com/security/cve/CVE-2012-2687.html http://support.novell.com/security/cve/CVE-2012-4557.html https://bugzilla.novell.com/688472 https://bugzilla.novell.com/719236 https://bugzilla.novell.com/722545 https://bugzilla.novell.com/727071 https://bugzilla.novell.com/727993 https://bugzilla.novell.com/729181 https://bugzilla.novell.com/736706 https://bugzilla.novell.com/738855 https://bugzilla.novell.com/741243 https://bugzilla.novell.com/743743 https://bugzilla.novell.com/757710 https://bugzilla.novell.com/777260 http://download.novell.com/patch/finder/?keywords=25e42b7bd84d54954a51c9fe38e777e0 From sle-updates at lists.suse.com Fri Mar 15 11:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 18:04:28 +0100 (CET) Subject: SUSE-SU-2013:0470-1: important: Security update for Mozilla Firefox Message-ID: <20130315170428.428933213F@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0470-1 Rating: important References: #808243 Cross-References: CVE-2013-0787 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: MozillaFirefox has been updated to the 17.0.4ESR release which fixes one important security issue: * MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. Security Issue reference: * CVE-2013-0787 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201303-7464 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201303-7464 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201303-7464 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 17.0.4esr]: MozillaFirefox-17.0.4esr-0.5.1 MozillaFirefox-translations-17.0.4esr-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.4esr]: MozillaFirefox-17.0.4esr-0.5.1 MozillaFirefox-translations-17.0.4esr-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 17.0.4esr]: MozillaFirefox-17.0.4esr-0.5.1 MozillaFirefox-translations-17.0.4esr-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0787.html https://bugzilla.novell.com/808243 http://download.novell.com/patch/finder/?keywords=80cb5f45bf32ac42965b90fa93bccfbc From sle-updates at lists.suse.com Fri Mar 15 12:04:42 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 19:04:42 +0100 (CET) Subject: SUSE-SU-2013:0471-1: important: Security update for Mozilla Firefox Message-ID: <20130315180442.7FE393213D@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0471-1 Rating: important References: #804248 #808243 Cross-References: CVE-2013-0787 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes four new package versions. Description: MozillaFirefox has been updated to the 17.0.4ESR release. Besides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes: * MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. The Firefox 17.0.3ESR release also contains lots of security fixes: * MFSA 2013-28: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and buffer overflow problems rated as low to critical security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting four additional use-after-free and out of bounds write flaws introduced during Firefox development that were fixed before general release. The following issues have been fixed in Firefox 19 and ESR 17.0.3: * Heap-use-after-free in nsOverflowContinuationTracker::Finish, with -moz-columns (CVE-2013-0780) * Heap-buffer-overflow WRITE in nsSaveAsCharset::DoCharsetConversion (CVE-2013-0782) * MFSA 2013-27 / CVE-2013-0776: Google security researcher Michal Zalewski reported an issue where the browser displayed the content of a proxy's 407 response if a user canceled the proxy's authentication prompt. In this circumstance, the addressbar will continue to show the requested site's address, including HTTPS addresses that appear to be secure. This spoofing of addresses can be used for phishing attacks by fooling users into entering credentials, for example. * MFSA 2013-26 / CVE-2013-0775: Security researcher Nils reported a use-after-free in nsImageLoadingContent when content script is executed. This could allow for arbitrary code execution. * MFSA 2013-25 / CVE-2013-0774: Mozilla security researcher Frederik Braun discovered that since Firefox 15 the file system location of the active browser profile was available to JavaScript workers. While not dangerous by itself, this could potentially be combined with other vulnerabilities to target the profile in an attack. * MFSA 2013-24 / CVE-2013-0773: Mozilla developer Bobby Holley discovered that it was possible to bypass some protections in Chrome Object Wrappers (COW) and System Only Wrappers (SOW), making their prototypes mutable by web content. This could be used leak information from chrome objects and possibly allow for arbitrary code execution. * MFSA 2013-23 / CVE-2013-0765: Mozilla developer Boris Zbarsky reported that in some circumstances a wrapped WebIDL object can be wrapped multiple times, overwriting the existing wrapped state. This could lead to an exploitable condition in rare cases. * MFSA 2013-22 / CVE-2013-0772: Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found an out-of-bounds read while rendering GIF format images. This could cause a non-exploitable crash and could also attempt to render normally inaccesible data as part of the image. * MFSA 2013-21: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 18. * Memory safety bugs fixed in Firefox ESR 17.0.3, and Firefox 19 (CVE-2013-0783) Security Issue references: * CVE-2013-0787 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-4.9.4-0.6.3 mozilla-nspr-devel-4.9.4-0.6.3 mozilla-nss-3.14.1-0.6.3 mozilla-nss-devel-3.14.1-0.6.3 mozilla-nss-tools-3.14.1-0.6.3 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 17.0.4esr and 7]: MozillaFirefox-17.0.4esr-0.7.1 MozillaFirefox-branding-SLED-7-0.10.4 MozillaFirefox-translations-17.0.4esr-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-32bit-4.9.4-0.6.3 mozilla-nss-32bit-3.14.1-0.6.3 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-x86-4.9.4-0.6.3 mozilla-nss-x86-3.14.1-0.6.3 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-64bit-4.9.4-0.6.3 mozilla-nss-64bit-3.14.1-0.6.3 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.14.1 and 4.9.4]: mhtml-firefox-0.5-1.13.4 mozilla-nspr-4.9.4-0.6.3 mozilla-nspr-devel-4.9.4-0.6.3 mozilla-nss-3.14.1-0.6.3 mozilla-nss-devel-3.14.1-0.6.3 mozilla-nss-tools-3.14.1-0.6.3 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-32bit-4.9.4-0.6.3 mozilla-nss-32bit-3.14.1-0.6.3 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 17.0.4esr and 7]: MozillaFirefox-17.0.4esr-0.7.1 MozillaFirefox-branding-SLED-7-0.10.4 MozillaFirefox-translations-17.0.4esr-0.7.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14.1]: firefox3-python-base-2.6.8-0.9.1 mozilla-nss-tools-3.14.1-0.6.3 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-17.0.4esr-0.7.1 References: http://support.novell.com/security/cve/CVE-2013-0787.html https://bugzilla.novell.com/804248 https://bugzilla.novell.com/808243 http://download.novell.com/patch/finder/?keywords=e8a17727b5ca4754a7c066ed49b6d2d9 From sle-updates at lists.suse.com Fri Mar 15 13:04:25 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 20:04:25 +0100 (CET) Subject: SUSE-SU-2013:0440-4: important: Security update for Java Message-ID: <20130315190426.207AE3216A@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-4 Rating: important References: #798535 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Java 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 5 has been updated to SR16 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-fonts-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc): java-1_5_0-ibm-jdbc-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-plugin-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): java-1_5_0-ibm-64bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Java 10 SP4 (i586 ppc s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-fonts-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Java 10 SP4 (ppc): java-1_5_0-ibm-jdbc-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-plugin-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): java-1_5_0-ibm-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-demo-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-fonts-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-src-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-jdbc-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-plugin-1.5.0_sr16.0-0.6.1 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=f3e49a4d1f2884a3b859fbf98da12261 From sle-updates at lists.suse.com Fri Mar 15 13:04:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 20:04:30 +0100 (CET) Subject: SUSE-RU-2013:0472-1: Recommended update for hwinfo Message-ID: <20130315190430.DE2FC3216A@maintenance.suse.de> SUSE Recommended Update: Recommended update for hwinfo ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0472-1 Rating: low References: #544269 #791200 #793928 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for hwinfo fixes the kernel log parser to correctly read time stamps prefixed to each logged line and adds support to a new model of fingerprint reader. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-hwinfo-7399 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-hwinfo-7399 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-hwinfo-7399 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-hwinfo-7399 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.48]: hwinfo-devel-15.48-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 15.48]: hwinfo-15.48-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 15.48]: hwinfo-15.48-0.6.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 15.48]: hwinfo-15.48-0.6.6.1 References: https://bugzilla.novell.com/544269 https://bugzilla.novell.com/791200 https://bugzilla.novell.com/793928 http://download.novell.com/patch/finder/?keywords=94525b55acc5f9c82833557edf9eb12b From sle-updates at lists.suse.com Fri Mar 15 15:05:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Mar 2013 22:05:21 +0100 (CET) Subject: SUSE-SU-2013:0456-4: important: Security update for Java Message-ID: <20130315210521.6375432148@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0456-4 Rating: important References: #798535 #808625 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1487, CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0442, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0419, CVE-2013-0423, CVE-2013-0351, CVE-2013-0432, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_6_0-ibm-7481 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_6_0-ibm-7481 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_6_0-ibm-7481 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_6_0-ibm-7481 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-devel-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr13.0-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr13.0-0.8.1 - SUSE Linux Enterprise Java 11 SP2 (i586): java-1_6_0-ibm-alsa-1.6.0_sr13.0-0.8.1 References: https://bugzilla.novell.com/798535 https://bugzilla.novell.com/808625 http://download.novell.com/patch/finder/?keywords=fe51aa0e7e0daa0213ed3b6dc25f3983 From sle-updates at lists.suse.com Sat Mar 16 10:06:54 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 Mar 2013 17:06:54 +0100 (CET) Subject: SUSE-SU-2013:0440-5: important: Security update for IBM Java5 JRE and SDK Message-ID: <20130316160654.C209A31FFF@maintenance.suse.de> SUSE Security Update: Security update for IBM Java5 JRE and SDK ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-5 Rating: important References: #798535 Affected Products: SUSE CORE 9 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 5 has been updated to SR16 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Package List: - SUSE CORE 9 (i586 s390 s390x x86_64): IBMJava5-JRE-1.5.0_sr16.0-0.4 IBMJava5-SDK-1.5.0_sr16.0-0.4 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=40a91b33dc9e5067426d661e5a9a76db From sle-updates at lists.suse.com Mon Mar 18 14:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Mar 2013 21:04:26 +0100 (CET) Subject: SUSE-SU-2013:0440-6: important: Security update for Java Message-ID: <20130318200426.CB2873219A@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0440-6 Rating: important References: #798535 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 5 has been updated to SR16 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1486, CVE-2013-1478, CVE-2013-0445, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0409, CVE-2013-0427, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-fonts-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.0-0.6.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-jdbc-1.5.0_sr16.0-0.6.1 java-1_5_0-ibm-plugin-1.5.0_sr16.0-0.6.1 References: https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=5ea58c1fb829cad73b10e123453189b1 From sle-updates at lists.suse.com Mon Mar 18 15:04:25 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Mar 2013 22:04:25 +0100 (CET) Subject: SUSE-SU-2013:0478-1: important: Security update for IBM Java2 JRE and SDK Message-ID: <20130318210425.CF49C32159@maintenance.suse.de> SUSE Security Update: Security update for IBM Java2 JRE and SDK ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0478-1 Rating: important References: #438695 #603353 #798535 Affected Products: SUSE CORE 9 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information: http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed: CVE-2013-1478, CVE-2013-1480, CVE-2013-1476, CVE-2013-0442, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-1481, CVE-2013-0432, CVE-2013-0434, CVE-2013-0424, CVE-2013-0440, CVE-2013-0443. Package List: - SUSE CORE 9 (i586 s390 s390x x86_64): IBMJava2-JRE-1.4.2_sr13.15-0.4 IBMJava2-SDK-1.4.2_sr13.15-0.4 References: https://bugzilla.novell.com/438695 https://bugzilla.novell.com/603353 https://bugzilla.novell.com/798535 http://download.novell.com/patch/finder/?keywords=514bd0c17c6dce42bd680235a566a928 From sle-updates at lists.suse.com Mon Mar 18 16:04:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Mar 2013 23:04:30 +0100 (CET) Subject: SUSE-RU-2013:0479-1: Recommended update for yast2-dns-server Message-ID: <20130318220430.3BD1A32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-dns-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0479-1 Rating: low References: #765445 #768708 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This collective update for YaST's DNS Server configuration module (yast2-dns-server) provides the following fixes: * Enhanced checking for errors while writing to LDAP (bnc#768708) * Checking for return values while writing into LDAP and reporting errors (bnc#768708) * Report errors correctly when the bind package is not installed (bnc#765445). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-dns-server-7284 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-dns-server-7284 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-dns-server-7284 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.22]: yast2-dns-server-2.17.22-0.6.2.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.22]: yast2-dns-server-2.17.22-0.6.2.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.22]: yast2-dns-server-2.17.22-0.6.2.1 References: https://bugzilla.novell.com/765445 https://bugzilla.novell.com/768708 http://download.novell.com/patch/finder/?keywords=b54449ce2b0c962561a5fea70800800c From sle-updates at lists.suse.com Tue Mar 19 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 17:04:29 +0100 (CET) Subject: SUSE-RU-2013:0460-2: Recommended update for Modules Message-ID: <20130319160429.9EC7432157@maintenance.suse.de> SUSE Recommended Update: Recommended update for Modules ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0460-2 Rating: low References: #794182 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the Modules package provides one fix for Python support. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): Modules-3.1.6-50.10.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): Modules-3.1.6-50.10.1 References: https://bugzilla.novell.com/794182 http://download.novell.com/patch/finder/?keywords=0a5507b8f92a36aba94b5920a5450632 From sle-updates at lists.suse.com Tue Mar 19 10:04:34 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 17:04:34 +0100 (CET) Subject: SUSE-SU-2013:0355-2: moderate: Security update for rubygem-rack Message-ID: <20130319160434.16A7A32183@maintenance.suse.de> SUSE Security Update: Security update for rubygem-rack ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0355-2 Rating: moderate References: #798452 #802794 Cross-References: CVE-2012-6109 CVE-2013-0183 CVE-2013-0184 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: Denial of service conditions in the Rack 1.1 rubygem have been fixed. Rack has been updated to 1.1.6: * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie Rack has been updated to 1.1.5: * Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings (CVE-2013-0184) * Add warnings when users do not provide a session secret * Security fix. http://www.ocert.org/advisories/ocert-2011-003.html Further information here: http://jruby.org/2011/12/27/jruby-1-6-5-1 Security Issue references: * CVE-2013-0184 * CVE-2013-0183 * CVE-2012-6109 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rack-201302-7388 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rack-201302-7388 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.1.6]: rubygem-rack-1.1.6-0.9.2 - SUSE Cloud 1.0 (x86_64) [New Version: 1.1.6]: rubygem-rack-1.1.6-0.9.2 References: http://support.novell.com/security/cve/CVE-2012-6109.html http://support.novell.com/security/cve/CVE-2013-0183.html http://support.novell.com/security/cve/CVE-2013-0184.html https://bugzilla.novell.com/798452 https://bugzilla.novell.com/802794 http://download.novell.com/patch/finder/?keywords=06a87ff3e927ed3dc1f888af3c9913a0 From sle-updates at lists.suse.com Tue Mar 19 11:04:44 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 18:04:44 +0100 (CET) Subject: SUSE-SU-2013:0486-1: important: Security update for Ruby On Rails Message-ID: <20130319170444.4F46032183@maintenance.suse.de> SUSE Security Update: Security update for Ruby On Rails ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0486-1 Rating: important References: #796712 #797449 #797452 #800320 #803336 #803339 Cross-References: CVE-2012-5664 CVE-2013-0155 CVE-2013-0156 CVE-2013-0276 CVE-2013-0277 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. It includes one version update. Description: The Ruby on Rails stack has been updated to 2.3.17 to fix various security issues and bugs. The rails gems have been updated to fix: * Unsafe Query Generation Risk in Ruby on Rails (CVE-2013-0155) * Multiple vulnerabilities in parameter parsing in Action Pack (CVE-2013-0156) * activerecord: SQL Injection (CVE-2012-5664) * rails: Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3 (CVE-2013-0333) * activerecord: Circumvention of attr_protected (CVE-2013-0276) * activerecord: Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0 (CVE-2013-0277) Security Issue references: * CVE-2012-5664 * CVE-2013-0155 * CVE-2013-0156 * CVE-2013-0277 * CVE-2013-0276 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-actionmailer-2_3-7363 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-actionmailer-2_3-7363 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.17]: rubygem-actionmailer-2_3-2.3.17-0.9.1 rubygem-actionpack-2_3-2.3.17-0.9.1 rubygem-activerecord-2_3-2.3.17-0.9.1 rubygem-activeresource-2_3-2.3.17-0.9.1 rubygem-activesupport-2_3-2.3.17-0.9.1 rubygem-rails-2_3-2.3.17-0.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.3.17]: rubygem-rails-2.3.17-0.8.1 - SUSE Cloud 1.0 (x86_64) [New Version: 2.3.17]: rubygem-actionmailer-2_3-2.3.17-0.9.1 rubygem-actionpack-2_3-2.3.17-0.9.1 rubygem-activerecord-2_3-2.3.17-0.9.1 rubygem-activeresource-2_3-2.3.17-0.9.1 rubygem-activesupport-2_3-2.3.17-0.9.1 rubygem-rails-2_3-2.3.17-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-5664.html http://support.novell.com/security/cve/CVE-2013-0155.html http://support.novell.com/security/cve/CVE-2013-0156.html http://support.novell.com/security/cve/CVE-2013-0276.html http://support.novell.com/security/cve/CVE-2013-0277.html https://bugzilla.novell.com/796712 https://bugzilla.novell.com/797449 https://bugzilla.novell.com/797452 https://bugzilla.novell.com/800320 https://bugzilla.novell.com/803336 https://bugzilla.novell.com/803339 http://download.novell.com/patch/finder/?keywords=262e345a7ecb482ffca687eedd6b610a From sle-updates at lists.suse.com Tue Mar 19 16:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 23:04:29 +0100 (CET) Subject: SUSE-RU-2013:0487-1: Recommended update for kernel-firmware Message-ID: <20130319220429.1751732158@maintenance.suse.de> SUSE Recommended Update: Recommended update for kernel-firmware ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0487-1 Rating: low References: #752406 #787192 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for the Linux Kernel firmware files (kernel-firmware) provides: * QLogic's ql2400_fw.bin and ql2500_fw.bin version 5.08.00. The updated firmware fixes I/O stalls when performing storage server controller reboots * New firmware version for fixing the missing support for Atheros MANGO and MANGO rev.2 Bluetooth module. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-firmware-7476 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-firmware-7476 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-firmware-7476 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): kernel-firmware-20110923-0.19.21.10 - SUSE Linux Enterprise Server 11 SP2 (noarch): kernel-firmware-20110923-0.19.21.10 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): kernel-firmware-20110923-0.19.21.10 References: https://bugzilla.novell.com/752406 https://bugzilla.novell.com/787192 http://download.novell.com/patch/finder/?keywords=0a54a0b9970963210ff10147e9256107 From sle-updates at lists.suse.com Tue Mar 19 16:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 23:04:33 +0100 (CET) Subject: SUSE-SU-2013:0488-1: moderate: Security update for openstack-keystone Message-ID: <20130319220433.7F64132183@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0488-1 Rating: moderate References: #803351 #803739 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Openstack Keystone has been updated to fix various bugs and security issues. The following security issues have been fixed: * CVE-2013-0282: EC2-style authentication accepts disabled user/tenants. * CVE-2013-0280: Jonathan Murray from NCC Group, Joshua Harlow from Yahoo! and Stuart Stent independently reported a vulnerability in the parsing of XML requests in Keystone, Nova and Cinder. By using entities in XML requests, an unauthenticated attacker may consume excessive resources on the Keystone, Nova or Cinder API servers, resulting in a denial of service and potentially a crash. Authenticated attackers may also leverage XML entities to read the content of a local file on the Keystone API server. This only affects servers with XML support enabled. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-keystone-7494 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-keystone-2012.1+git.1353613280.c17a999-0.9.1 openstack-keystone-doc-2012.1+git.1353613280.c17a999-0.9.1 python-keystone-2012.1+git.1353613280.c17a999-0.9.1 References: https://bugzilla.novell.com/803351 https://bugzilla.novell.com/803739 http://download.novell.com/patch/finder/?keywords=fc8cc45f60ac6f0e29e07fe6db3c82cd From sle-updates at lists.suse.com Tue Mar 19 16:04:37 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 23:04:37 +0100 (CET) Subject: SUSE-RU-2013:0489-1: Recommended update for aaa_base Message-ID: <20130319220437.E4A4732183@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0489-1 Rating: low References: #789893 #801037 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update for aaa_base provides the following fixes and enhancements: * Use of large UID numbers could cause the creation of a huge "faillog" file in /var/log. When logging in as root, the faillog(8) utility could read this file sequentially, introducing long delays. This update removes the call to faillog from the default login scripts. Users interested in keeping this functionality are advised to use the PAM module pam_tally2(8). (bnc#801037) * During system shutdown, blogd(8) could close the system console before all messages were printed. (bnc#789893) * Mime types for .docx, .dotx, .pptx, .xlsx and .xltx were added to /etc/mime.types. (FATE#313237) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-aaa_base-7311 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-aaa_base-7311 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-aaa_base-7311 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): aaa_base-11-6.77.77.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.77.77.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): aaa_base-11-6.77.77.1 References: https://bugzilla.novell.com/789893 https://bugzilla.novell.com/801037 http://download.novell.com/patch/finder/?keywords=b96c722fec1b15067a163b90ec293b64 From sle-updates at lists.suse.com Tue Mar 19 16:04:42 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 23:04:42 +0100 (CET) Subject: SUSE-RU-2013:0490-1: Recommended update for yum-metadata-parser Message-ID: <20130319220442.A557132183@maintenance.suse.de> SUSE Recommended Update: Recommended update for yum-metadata-parser ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0490-1 Rating: low References: #802576 Affected Products: Subscription Management Tool 11 SP2 SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yum-metadata-parser fixes the generation of metadata files for packages larger than 2GB. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-yum-metadata-parser-7359 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-yum-metadata-parser-7359 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yum-metadata-parser-7359 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-yum-metadata-parser-7359 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): yum-metadata-parser-1.1.2-107.20.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): yum-metadata-parser-1.1.2-107.20.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): yum-metadata-parser-1.1.2-107.20.1 - SUSE Cloud 1.0 (x86_64): yum-metadata-parser-1.1.2-107.20.1 References: https://bugzilla.novell.com/802576 http://download.novell.com/patch/finder/?keywords=9a660d714e94f367878a618c0dadbe99 From sle-updates at lists.suse.com Tue Mar 19 16:04:47 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Mar 2013 23:04:47 +0100 (CET) Subject: SUSE-SU-2013:0491-1: moderate: Security update for openstack-glance Message-ID: <20130319220447.7BF7A32158@maintenance.suse.de> SUSE Security Update: Security update for openstack-glance ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0491-1 Rating: moderate References: #808626 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Openstack Glance has been updated to fix security issues. The following security issue has been fixed: * CVE-2013-1840: Stuart McLaren from HP reported a vulnerability in the information potentially returned to the user in Glance v1 API. If an authenticated user requests, through the v1 API, an image that is already cached, the headers returned may disclose the Glance operator's backend credentials for that endpoint. Only setups accepting the Glance v1 API and using either the single-tenant Swift store or S3 store are affected. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-openstack-glance-7493 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-glance-2012.1+git.1352338057.efd7e75-0.7.1 python-glance-2012.1+git.1352338057.efd7e75-0.7.1 References: https://bugzilla.novell.com/808626 http://download.novell.com/patch/finder/?keywords=8ce969211306b6bb7632abba021db0d5 From sle-updates at lists.suse.com Tue Mar 19 17:05:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Mar 2013 00:05:11 +0100 (CET) Subject: SUSE-RU-2013:0492-1: moderate: Recommended update for createrepo, deltarpm and yum Message-ID: <20130319230511.E5C0B32007@maintenance.suse.de> SUSE Recommended Update: Recommended update for createrepo, deltarpm and yum ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0492-1 Rating: moderate References: #791684 #801100 #802001 #807499 #807506 #808044 Affected Products: Subscription Management Tool 11 SP2 SUSE Studio Onsite 1.3 SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Lifecycle Management Server 1.3 SUSE Cloud 1.0 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. It includes two new package versions. Description: This collective update provides newer versions of createrepo (v0.9.9), deltarpm (v3.5) and yum (v3.2.29). The updated packages bring many fixes and enhancements, including the capability of creating repositories with delta RPM support. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-deltarpm-201302-7467 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-deltarpm-201302-7467 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-deltarpm-201302-7467 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-deltarpm-201302-7467 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-deltarpm-201302-7467 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-deltarpm-201302-7467 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-deltarpm-201302-7467 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-deltarpm-201302-7467 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-deltarpm-201302-7467 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64): python-deltarpm-3.5.git-4.9.3 yum-common-3.2.29-0.8.6 - Subscription Management Tool 11 SP2 (noarch): createrepo-0.9.9-0.19.1 - SUSE Studio Onsite 1.3 (x86_64): python-deltarpm-3.5.git-4.9.3 yum-common-3.2.29-0.8.6 - SUSE Studio Onsite 1.3 (noarch): createrepo-0.9.9-0.19.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 3.2.29]: python-deltarpm-3.5.git-4.9.3 yum-3.2.29-0.8.6 yum-common-3.2.29-0.8.6 - SUSE Manager 1.7 for SLE 11 SP2 (noarch): createrepo-0.9.9-0.19.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): python-deltarpm-3.5.git-4.9.3 yum-common-3.2.29-0.8.6 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): createrepo-0.9.9-0.19.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.5.git]: deltarpm-3.5.git-4.9.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.5.git]: deltarpm-3.5.git-4.9.3 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.5.git]: deltarpm-3.5.git-4.9.3 - SUSE Lifecycle Management Server 1.3 (x86_64): python-deltarpm-3.5.git-4.9.3 yum-common-3.2.29-0.8.6 - SUSE Lifecycle Management Server 1.3 (noarch): createrepo-0.9.9-0.19.1 - SUSE Cloud 1.0 (x86_64): python-deltarpm-3.5.git-4.9.3 yum-common-3.2.29-0.8.6 - SUSE Cloud 1.0 (noarch): createrepo-0.4.11-9.22.76 References: https://bugzilla.novell.com/791684 https://bugzilla.novell.com/801100 https://bugzilla.novell.com/802001 https://bugzilla.novell.com/807499 https://bugzilla.novell.com/807506 https://bugzilla.novell.com/808044 http://download.novell.com/patch/finder/?keywords=cb316c0b16fb5b10d5cd8fcaa06e1d66 From sle-updates at lists.suse.com Tue Mar 19 17:05:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Mar 2013 00:05:16 +0100 (CET) Subject: SUSE-RU-2013:0493-1: Recommended update for release-notes-sles Message-ID: <20130319230517.0859232183@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0493-1 Rating: low References: #805838 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2. The changes in detail are: * Fix default value for vm.dirty_background_ratio (bnc#805838). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-sles-201303-7434 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-201303-7434 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.44]: release-notes-SLES-for-VMware-11.2.0.44-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.44]: release-notes-sles-11.2.0.44-0.5.1 References: https://bugzilla.novell.com/805838 http://download.novell.com/patch/finder/?keywords=d8ec8d97078a9f0b54b14be16f2353b5 From sle-updates at lists.suse.com Wed Mar 20 10:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Mar 2013 17:04:33 +0100 (CET) Subject: SUSE-RU-2013:0507-1: Recommended update for ekiga Message-ID: <20130320160433.6C86A32174@maintenance.suse.de> SUSE Recommended Update: Recommended update for ekiga ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0507-1 Rating: low References: #764471 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Ekiga adds an application icon to the desktop menus. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ekiga-7393 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ekiga-3.0.1-2.37.1 ekiga-lang-3.0.1-2.37.1 References: https://bugzilla.novell.com/764471 http://download.novell.com/patch/finder/?keywords=0ec5ec0a590735cb4f2e1005f2f872f3 From sle-updates at lists.suse.com Wed Mar 20 10:04:39 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Mar 2013 17:04:39 +0100 (CET) Subject: SUSE-SU-2013:0508-1: important: Security update for rubygem-merb-core Message-ID: <20130320160439.1D3D532183@maintenance.suse.de> SUSE Security Update: Security update for rubygem-merb-core ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0508-1 Rating: important References: #805759 Cross-References: CVE-2012-2695 CVE-2012-5664 CVE-2012-6109 CVE-2013-0155 CVE-2013-0156 CVE-2013-0183 CVE-2013-0184 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: rubygem-merb-core has been updated to change the rack version dependency. Now any rack 1.1 version is accepted. This update needs to be installed in parallel with the 2.3.17 rails update. Security Issue references: * CVE-2013-0184 * CVE-2012-6109 * CVE-2013-0183 * CVE-2012-5664 * CVE-2012-2695 * CVE-2013-0155 * CVE-2013-0156 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-merb-core-7405 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): rubygem-merb-core-1.1.3-0.9.1 References: http://support.novell.com/security/cve/CVE-2012-2695.html http://support.novell.com/security/cve/CVE-2012-5664.html http://support.novell.com/security/cve/CVE-2012-6109.html http://support.novell.com/security/cve/CVE-2013-0155.html http://support.novell.com/security/cve/CVE-2013-0156.html http://support.novell.com/security/cve/CVE-2013-0183.html http://support.novell.com/security/cve/CVE-2013-0184.html https://bugzilla.novell.com/805759 http://download.novell.com/patch/finder/?keywords=fe3baf16da4284805596caf983f71fcc From sle-updates at lists.suse.com Thu Mar 21 18:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Mar 2013 01:04:29 +0100 (CET) Subject: SUSE-SU-2013:0517-1: moderate: Security update for PostgreSQL Message-ID: <20130322000429.C396532174@maintenance.suse.de> SUSE Security Update: Security update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0517-1 Rating: moderate References: #802679 Cross-References: CVE-2013-0255 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes two new package versions. Description: PostgreSQL has been updated to version 9.1.8 which fixes various bugs and one security issue. The security issue fixed in this release, CVE-2013-0255, allowed a previously authenticated user to crash the server by calling an internal function with invalid arguments. This issue was discovered by the independent security researcher Sumit Soni this week and reported via Secunia SVCRP, and we are grateful for their efforts in making PostgreSQL more secure. More information can be found at http://www.postgresql.org/about/news/1446/ Security Issue reference: * CVE-2013-0255 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libecpg6-7342 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libecpg6-7342 slessp2-postgresql-7340 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libecpg6-7342 slessp2-postgresql-7340 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libecpg6-7342 sledsp2-postgresql-7340 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.1.8]: postgresql91-devel-9.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 8.3.23 and 9.1.8]: libecpg6-9.1.8-0.5.1 libpq5-9.1.8-0.5.1 postgresql-8.3.23-0.4.1 postgresql-contrib-8.3.23-0.4.1 postgresql-docs-8.3.23-0.4.1 postgresql-server-8.3.23-0.4.1 postgresql91-9.1.8-0.5.1 postgresql91-contrib-9.1.8-0.5.1 postgresql91-docs-9.1.8-0.5.1 postgresql91-server-9.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.1.8]: libpq5-32bit-9.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.23 and 9.1.8]: libecpg6-9.1.8-0.5.1 libpq5-9.1.8-0.5.1 postgresql-8.3.23-0.4.1 postgresql-contrib-8.3.23-0.4.1 postgresql-docs-8.3.23-0.4.1 postgresql-server-8.3.23-0.4.1 postgresql91-9.1.8-0.5.1 postgresql91-contrib-9.1.8-0.5.1 postgresql91-docs-9.1.8-0.5.1 postgresql91-server-9.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.1.8]: libpq5-32bit-9.1.8-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.1.8]: libpq5-x86-9.1.8-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 8.3.23 and 9.1.8]: libecpg6-9.1.8-0.5.1 libpq5-9.1.8-0.5.1 postgresql-8.3.23-0.4.1 postgresql91-9.1.8-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.1.8]: libpq5-32bit-9.1.8-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0255.html https://bugzilla.novell.com/802679 http://download.novell.com/patch/finder/?keywords=c3212d7df41878fb9f2807cfcf4855ee http://download.novell.com/patch/finder/?keywords=cd006fe2067b8aff8ca70a034368785a From sle-updates at lists.suse.com Fri Mar 22 08:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Mar 2013 15:04:28 +0100 (CET) Subject: SUSE-SU-2013:0519-1: important: Security update for Samba Message-ID: <20130322140428.13B6C3216A@maintenance.suse.de> SUSE Security Update: Security update for Samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0519-1 Rating: important References: #499233 #741623 #755663 #759731 #764577 #783384 #799641 #800982 Cross-References: CVE-2013-0213 CVE-2013-0214 Affected Products: SUSE Linux Enterprise Server 10 GPLv3 Extras ______________________________________________________________________________ An update that solves two vulnerabilities and has 6 fixes is now available. Description: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 was affected by a cross-site request forgery; CVE-2013-0214; (bnc#799641). The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 could possibly be used in clickjacking attacks; CVE-2013-0213; (bnc#800982). Also the following bugs have been fixed: * Don't clutter the spec file diff view; (bnc#783384). * s3: Fix uninitialized memory read in talloc_free(); (bnc#764577). * Attempt to use samlogon validation level 6; (bso#7945); (bnc#741623). * Add PreReq /etc/init.d/nscd to the winbind package; (bnc#759731). * Recover from ncacn_ip_tcp ACCESS_DENIED/SEC_PKG_ERROR lsa errors; (bso#7944); (bnc#755663). * Fix lsa_LookupSids3 and lsa_LookupNames4 arguments. Security Issue references: * CVE-2013-0213 * CVE-2013-0214 Package List: - SUSE Linux Enterprise Server 10 GPLv3 Extras (i586 ia64 ppc s390x x86_64): libnetapi-devel-3.4.3-0.47.3 libnetapi0-3.4.3-0.47.3 libtalloc-devel-3.4.3-0.47.3 libtalloc1-3.4.3-0.47.3 libtdb-devel-3.4.3-0.47.3 libtdb1-3.4.3-0.47.3 libwbclient-devel-3.4.3-0.47.3 libwbclient0-3.4.3-0.47.3 samba-gplv3-3.4.3-0.47.3 samba-gplv3-client-3.4.3-0.47.3 samba-gplv3-krb-printing-3.4.3-0.47.3 samba-gplv3-winbind-3.4.3-0.47.3 - SUSE Linux Enterprise Server 10 GPLv3 Extras (noarch): samba-gplv3-doc-3.4.3-0.47.3 References: http://support.novell.com/security/cve/CVE-2013-0213.html http://support.novell.com/security/cve/CVE-2013-0214.html https://bugzilla.novell.com/499233 https://bugzilla.novell.com/741623 https://bugzilla.novell.com/755663 https://bugzilla.novell.com/759731 https://bugzilla.novell.com/764577 https://bugzilla.novell.com/783384 https://bugzilla.novell.com/799641 https://bugzilla.novell.com/800982 http://download.novell.com/patch/finder/?keywords=2420a6d522645b2b55c7b8e17af958f1 From sle-updates at lists.suse.com Fri Mar 22 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Mar 2013 17:04:29 +0100 (CET) Subject: SUSE-SU-2013:0520-1: moderate: Security update for git Message-ID: <20130322160429.C888F3218B@maintenance.suse.de> SUSE Security Update: Security update for git ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0520-1 Rating: moderate References: #803874 #804730 Cross-References: CVE-2013-0308 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: git has been updated to fix a security issue and one bug: * CVE-2013-0308: git imap-send did not verify the SSL host certificate, allowing man in the middle attacks. This has been fixed. * The git-web frontend did not work after the last git update when AppArmor was active. The file path was adjusted so that this works again. Security Issue reference: * CVE-2013-0308 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-git-7398 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.7.12.4]: git-1.7.12.4-0.5.1 git-arch-1.7.12.4-0.5.1 git-core-1.7.12.4-0.5.1 git-cvs-1.7.12.4-0.5.1 git-daemon-1.7.12.4-0.5.1 git-email-1.7.12.4-0.5.1 git-gui-1.7.12.4-0.5.1 git-svn-1.7.12.4-0.5.1 git-web-1.7.12.4-0.5.1 gitk-1.7.12.4-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0308.html https://bugzilla.novell.com/803874 https://bugzilla.novell.com/804730 http://download.novell.com/patch/finder/?keywords=d38f0c60ef50e644dcd202cc30fa4bd3 From sle-updates at lists.suse.com Tue Mar 26 18:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 01:04:33 +0100 (CET) Subject: SUSE-SU-2013:0543-1: moderate: Security update for oracle-update Message-ID: <20130327000433.D2F6C32157@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0543-1 Rating: moderate References: #781730 #799056 Cross-References: CVE-2012-3137 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: Oracle Server has been updated via "oracle-update" to fix: * CVE-2012-3137: oracledb: stealth password cracking vulnerability and a bugfix has been added: * /etc/init.d/oracle status does not work (bnc#799056) Security Issue reference: * CVE-2012-3137 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-oracle-update-7417 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-oracle-update-7416 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): oracle-update-1.7-0.15.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): oracle-update-1.7-0.4.14.1 References: http://support.novell.com/security/cve/CVE-2012-3137.html https://bugzilla.novell.com/781730 https://bugzilla.novell.com/799056 http://download.novell.com/patch/finder/?keywords=563c5199ca7ebdcced208a0e2939ee3a http://download.novell.com/patch/finder/?keywords=91c5476f38f46e7542de00075b38ab80 From sle-updates at lists.suse.com Tue Mar 26 18:04:40 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 01:04:40 +0100 (CET) Subject: SUSE-RU-2013:0544-1: Recommended update for evolution Message-ID: <20130327000440.338B732176@maintenance.suse.de> SUSE Recommended Update: Recommended update for evolution ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0544-1 Rating: low References: #671699 #671703 #746314 #771483 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for Evolution provides fixes for the following issues: * Appointments entered into calendar are not saved when user is over quota. (bnc#671699, bnc#671703) * Expanding the time slot of a calendar entry downwards to alter the end time can cause a segmentation fault. (bnc#746314) * Evolution may crash when navigating the calendar with Orca running. (bnc#771483) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-evolution-7505 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-evolution-7505 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): evolution-2.28.2-0.30.1 evolution-devel-2.28.2-0.30.1 evolution-lang-2.28.2-0.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): evolution-2.28.2-0.30.1 evolution-lang-2.28.2-0.30.1 evolution-pilot-2.28.2-0.30.1 References: https://bugzilla.novell.com/671699 https://bugzilla.novell.com/671703 https://bugzilla.novell.com/746314 https://bugzilla.novell.com/771483 http://download.novell.com/patch/finder/?keywords=0de1aa93f0374e2916f39cf3264b62e5 From sle-updates at lists.suse.com Tue Mar 26 18:04:45 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 01:04:45 +0100 (CET) Subject: SUSE-RU-2013:0545-1: Recommended update for SUSE Linux Enterprise High Availability Extension 11 SP2 Message-ID: <20130327000445.9B56D32176@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0545-1 Rating: low References: #755671 #763447 #770210 #770250 #779259 #780224 #780973 #781137 #781141 #781151 #781207 #782482 #782486 #782688 #783353 #786701 #788577 #790695 #790711 #791068 #791690 #792124 #792350 #792704 #794479 #794679 #795636 #795638 #802307 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has 29 recommended fixes can now be installed. It includes 6 new package versions. Description: This collective update for SUSE Linux Enterprise High Availability Extension 11 SP2 provides fixes and enhancements. pacemaker: * PE: Reduce the error log to warning when on-fail is "stop" (bnc#790711) * Core: Avoid assertion error in iso8601 date code (bnc#792350) * RA: o2cb - Fix a typo (bnc#763447) * Fencing: Suppress logging for stonith monitor actions (bnc#792124) * Fencing: Fix passing of parameters containing '=' (bnc#791068) * Doc: Build the latest manuals with help2man (bnc#790695) * PE: Do not use obsolete lrm_resource sections to avoid fatal assert (bnc#786701) * crmd: Do not record pending cancel operations in the CIB (bnc#781151, bnc#788577) * crmd: Properly remove recurring status from cib when canceled (bnc#781151, bnc#788577) * PE: Fix memory leak on processing message (bnc#780224) * Core: Set to the minimum scheduling priority when using SCHED_RR policy (bnc#779259) * crmd: More actions for S_TRANSITION_ENGINE + I_FAIL (bnc#755671) * pengine: Process rsc_ticket dependencies earlier for correctly allocating resources (bnc#802307). pacemaker-mgmt (update to version 2.1.1) cluster-glue (update to version 1.0.11): * stonith: if debug is not set, do not send debug messages to the logger (bnc#792124) * stonith: log status message at the debug level (bnc#792124) * stonith: don't always log debug level messages (bnc#792124) * stonith: external/vcenter: fix gethosts to produce list of nodes not vms (bnc#792704). resource-agents (update to version 3.9.4): * nfsserver: add option -n for rpc.statd (bnc#794479) * exportfs: handle '' exportfs embellishment for '*' (bnc#791690) * Filesystem: using 4k block size for dd in monitor (bnc#781141) * Xen: fixed target_attr for Xen migration (bnc#782688) * IPaddr2: use better test for Infiniband (bnc#783353) * Raid1: discover block size for dd (bnc#781137) * SAPInstance: monitor-master not advertised (bnc#782482) * SAPInstance: fails on sapcontrol message Unauthorized (bnc#782486) * exportfs: cleanup exportfs cache on stop (bnc#770210) * oracle: ignore password expiry warning in monitor (bnc#770250). hawk: * GUI: Simulator: invoke crm_simulate with -S, not -R (fixes odd final state, bnc#781207) * Misc: Util: Use user's real $HOME with fallback to per-user temp (bnc#780973). sbd: * Logging: Reduce log level of the pengine runs (bnc#790711) * Increase sbd's scheduling priority to the maximum (bnc#779259). crmsh (update to version 1.2.4): * history: detailed transition output (FATE#314389) * history: add log sub-command to transition (FATE#314395) * cibconfig: support require-all in resource sets (bnc#795638) * cibconfig: support for fencing-topology (bnc#795636). The list above is not comprehensive. For details, please refer to the individual package change logs and Bugzilla. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-slehae-201301-7475 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.5.2,1.0.11,1.1.7,1.2.4,2.1.1 and 3.9.4]: cluster-glue-1.0.11-0.6.32.8 crmsh-1.2.4-0.6.42 hawk-0.5.2-0.40.42.25 hawk-templates-0.5.2-0.40.42.25 ldirectord-3.9.4-0.26.84 libglue-devel-1.0.11-0.6.32.8 libglue2-1.0.11-0.6.32.8 libpacemaker-devel-1.1.7-0.13.9 libpacemaker3-1.1.7-0.13.9 pacemaker-1.1.7-0.13.9 pacemaker-mgmt-2.1.1-0.6.2.17 pacemaker-mgmt-client-2.1.1-0.6.2.17 pacemaker-mgmt-devel-2.1.1-0.6.2.17 resource-agents-3.9.4-0.26.84 sbd-1.0-0.7.72 References: https://bugzilla.novell.com/755671 https://bugzilla.novell.com/763447 https://bugzilla.novell.com/770210 https://bugzilla.novell.com/770250 https://bugzilla.novell.com/779259 https://bugzilla.novell.com/780224 https://bugzilla.novell.com/780973 https://bugzilla.novell.com/781137 https://bugzilla.novell.com/781141 https://bugzilla.novell.com/781151 https://bugzilla.novell.com/781207 https://bugzilla.novell.com/782482 https://bugzilla.novell.com/782486 https://bugzilla.novell.com/782688 https://bugzilla.novell.com/783353 https://bugzilla.novell.com/786701 https://bugzilla.novell.com/788577 https://bugzilla.novell.com/790695 https://bugzilla.novell.com/790711 https://bugzilla.novell.com/791068 https://bugzilla.novell.com/791690 https://bugzilla.novell.com/792124 https://bugzilla.novell.com/792350 https://bugzilla.novell.com/792704 https://bugzilla.novell.com/794479 https://bugzilla.novell.com/794679 https://bugzilla.novell.com/795636 https://bugzilla.novell.com/795638 https://bugzilla.novell.com/802307 http://download.novell.com/patch/finder/?keywords=65d3efca047b118012e21df0e968b20a From sle-updates at lists.suse.com Tue Mar 26 18:04:50 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 01:04:50 +0100 (CET) Subject: SUSE-RU-2013:0546-1: Recommended update for coreutils Message-ID: <20130327000450.595AC32176@maintenance.suse.de> SUSE Recommended Update: Recommended update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0546-1 Rating: low References: #800908 #808907 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for GNU Core Utilities (coreutils) adds support for GPFS and PANFS file systems to tail(1) and stat(1). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-coreutils-7513 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-coreutils-7513 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-coreutils-7513 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): coreutils-8.12-6.25.27.1 coreutils-lang-8.12-6.25.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): coreutils-8.12-6.25.27.1 coreutils-lang-8.12-6.25.27.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): coreutils-x86-8.12-6.25.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): coreutils-8.12-6.25.27.1 coreutils-lang-8.12-6.25.27.1 References: https://bugzilla.novell.com/800908 https://bugzilla.novell.com/808907 http://download.novell.com/patch/finder/?keywords=ba4b049d5378e98dbe69023fe7cfabc1 From sle-updates at lists.suse.com Tue Mar 26 19:04:24 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 02:04:24 +0100 (CET) Subject: SUSE-RU-2013:0547-1: moderate: Recommended update for timezone Message-ID: <20130327010424.65BF132176@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0547-1 Rating: moderate References: #808646 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Haiti uses US daylight-saving rules this year * Paraguay will end DST on March 24 this year * Morocco does not observe DST during Ramadan. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-timezone-2013b-7478 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-timezone-2013b-7478 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-timezone-2013b-7478 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-timezone-2013b-7478 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): timezone-java-2013b-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2013b]: timezone-2013b-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2013b]: timezone-java-2013b-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2013b]: timezone-2013b-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2013b]: timezone-java-2013b-0.4.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2013b]: timezone-2013b-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2013b]: timezone-2013b-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2013b]: timezone-java-2013b-0.4.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2013b]: timezone-2013b-0.5.1 References: https://bugzilla.novell.com/808646 http://download.novell.com/patch/finder/?keywords=c61594110dff4e6134c9ba9b782a7d3e http://download.novell.com/patch/finder/?keywords=d429c6780e5a0f5c03c6d3441eda690c From sle-updates at lists.suse.com Wed Mar 27 10:04:45 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 17:04:45 +0100 (CET) Subject: SUSE-SU-2013:0549-1: moderate: Security update for OpenSSL Message-ID: <20130327160445.7C71E32172@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0549-1 Rating: moderate References: #779952 #802648 #802746 Cross-References: CVE-2013-0166 CVE-2013-0169 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: OpenSSL has been updated to fix several security issues: * CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable "OPENSSL_NO_DEFAULT_ZLIB" to "no" enables compression again. * CVE-2013-0169: Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the "Lucky-13" issue. * CVE-2013-0166: A OCSP invalid key denial of service issue was fixed. Security Issue references: * CVE-2013-0169 * CVE-2013-0166 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libopenssl-devel-7548 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libopenssl-devel-7548 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libopenssl-devel-7548 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libopenssl-devel-7548 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.50.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libopenssl0_9_8-0.9.8j-0.50.1 libopenssl0_9_8-hmac-0.9.8j-0.50.1 openssl-0.9.8j-0.50.1 openssl-doc-0.9.8j-0.50.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.50.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.50.1 libopenssl0_9_8-hmac-0.9.8j-0.50.1 openssl-0.9.8j-0.50.1 openssl-doc-0.9.8j-0.50.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.50.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libopenssl0_9_8-hmac-x86-0.9.8j-0.50.1 libopenssl0_9_8-x86-0.9.8j-0.50.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.50.1 openssl-0.9.8j-0.50.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.50.1 References: http://support.novell.com/security/cve/CVE-2013-0166.html http://support.novell.com/security/cve/CVE-2013-0169.html https://bugzilla.novell.com/779952 https://bugzilla.novell.com/802648 https://bugzilla.novell.com/802746 http://download.novell.com/patch/finder/?keywords=7511bcbbd6f49b6c61d8a67f90be3c62 From sle-updates at lists.suse.com Wed Mar 27 10:05:44 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Mar 2013 17:05:44 +0100 (CET) Subject: SUSE-SU-2013:0554-1: moderate: Security update for OpenSSL Message-ID: <20130327160544.D1F4332172@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0554-1 Rating: moderate References: #733252 #779952 #802648 #802746 #808942 Cross-References: CVE-2013-0166 CVE-2013-0169 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: OpenSSL has been updated to fix several security issues: * CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable "OPENSSL_NO_DEFAULT_ZLIB" to "no" enables compression again. Please note that openssl on SUSE Linux Enterprise 10 is not built with compression support. * CVE-2013-0169: Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the "Lucky-13" issue. * CVE-2013-0166: A OCSP invalid key denial of service issue was fixed. Security Issue references: * CVE-2013-0169 * CVE-2013-0166 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): openssl-0.9.8a-18.76.1 openssl-devel-0.9.8a-18.76.1 openssl-doc-0.9.8a-18.76.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): openssl-32bit-0.9.8a-18.76.1 openssl-devel-32bit-0.9.8a-18.76.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): openssl-x86-0.9.8a-18.76.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): openssl-64bit-0.9.8a-18.76.1 openssl-devel-64bit-0.9.8a-18.76.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): openssl-0.9.8a-18.76.1 openssl-devel-0.9.8a-18.76.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): openssl-32bit-0.9.8a-18.76.1 openssl-devel-32bit-0.9.8a-18.76.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): openssl-doc-0.9.8a-18.76.1 References: http://support.novell.com/security/cve/CVE-2013-0166.html http://support.novell.com/security/cve/CVE-2013-0169.html https://bugzilla.novell.com/733252 https://bugzilla.novell.com/779952 https://bugzilla.novell.com/802648 https://bugzilla.novell.com/802746 https://bugzilla.novell.com/808942 http://download.novell.com/patch/finder/?keywords=42741ff95d9d4f1604b9b2d2fc5ec078 From sle-updates at lists.suse.com Wed Mar 27 19:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Mar 2013 02:04:29 +0100 (CET) Subject: SUSE-RU-2013:0556-1: Recommended update for LibreOffice Message-ID: <20130328010429.C594C32157@maintenance.suse.de> SUSE Recommended Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0556-1 Rating: low References: #404221 #437516 #492440 #590020 #615357 #681110 #753462 #777788 #779642 #782833 #787452 #789482 #791706 #791731 #791777 #791985 #792048 #792528 #792778 #793262 #793401 #793408 #793998 #793999 #794350 #797967 #798271 #801152 #802350 #802888 #807762 #807777 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 32 recommended fixes can now be installed. It includes one version update. Description: This collective update for LibreOffice provides many fixes and enhancements, including but not limited to: * Fix tabstop in DOC import (bnc#793998) * Sort data points stably (bnc#590020) * Use only bitmap scaling (bnc#797967) * Add some new ADO constants (bnc#787452) * Track change in DOCX export (bnc#789482) * Group shapes in DOCX import (bnc#792778) * Cell border line properties (bnc#793408) * Default directory for PDF export (bnc#777788) * Table positions in nested tables (bnc#779642) * Automatically rotate chart labels (bnc#791985) * Flip gradient fill in PPTX import (bnc#794350) * Charts are not visible after save (bnc#798271) * Non-English function names in Calc (bnc#615357) * Alert user when substituting fonts (fate#308255) * Sort autofilter popup items correctly (bnc#492440) * Font size at end of para in PPT import (bnc#782833) * Small table row spacing in DOCX import (bnc#793262) * Default values of the styles DOC import (bnc#793401) * Fields have priority over header/footer (bnc#802888) * Static data series labels in XLSX import (bnc#792528) * Empty password in PDF export security tab (bnc#437516) * Support multiple selection in page fields (bnc#791706) * Fix text rotation in shapes in PPTX export (bnc#404221) * Font-rendering defect in presentation mode (bnc#681110) * Cell validation is not a special cell content (bnc#802350) * Drawing text with font size 0 causes artifacts (bnc#753462) * Cell highlighting is not displayed in some cells (bnc#791731) * Warning when saving macro as a macro-free format (bnc#791777) * Scan all columns to determine the first data row (bnc#801152) * Squash VBA error accessing object for OLE property (bnc#792048) * Background image does not fit slide in PPTX export (bnc#793999) For a comprehensive list of changes, refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libreoffice-201303-7509 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libreoffice-201303-7509 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 3.6.5.2.15]: libreoffice-3.6.5.2.15-0.3.1 libreoffice-base-3.6.5.2.15-0.3.1 libreoffice-base-drivers-postgresql-3.6.5.2.15-0.3.1 libreoffice-base-extensions-3.6.5.2.15-0.3.1 libreoffice-calc-3.6.5.2.15-0.3.1 libreoffice-calc-extensions-3.6.5.2.15-0.3.1 libreoffice-draw-3.6.5.2.15-0.3.1 libreoffice-draw-extensions-3.6.5.2.15-0.3.1 libreoffice-filters-optional-3.6.5.2.15-0.3.1 libreoffice-gnome-3.6.5.2.15-0.3.1 libreoffice-impress-3.6.5.2.15-0.3.1 libreoffice-impress-extensions-3.6.5.2.15-0.3.1 libreoffice-kde-3.6.5.2.15-0.3.1 libreoffice-kde4-3.6.5.2.15-0.3.1 libreoffice-l10n-prebuilt-3.6.5.2.15-0.3.1 libreoffice-mailmerge-3.6.5.2.15-0.3.1 libreoffice-math-3.6.5.2.15-0.3.1 libreoffice-mono-3.6.5.2.15-0.3.1 libreoffice-officebean-3.6.5.2.15-0.3.1 libreoffice-pyuno-3.6.5.2.15-0.3.1 libreoffice-sdk-3.6.5.2.15-0.3.1 libreoffice-writer-3.6.5.2.15-0.3.1 libreoffice-writer-extensions-3.6.5.2.15-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 3.6.5.2.15]: libreoffice-branding-upstream-3.6.5.2.15-0.3.1 libreoffice-help-cs-3.6.5.2.15-0.3.1 libreoffice-help-da-3.6.5.2.15-0.3.1 libreoffice-help-de-3.6.5.2.15-0.3.1 libreoffice-help-en-GB-3.6.5.2.15-0.3.1 libreoffice-help-en-US-3.6.5.2.15-0.3.1 libreoffice-help-es-3.6.5.2.15-0.3.1 libreoffice-help-fr-3.6.5.2.15-0.3.1 libreoffice-help-gu-IN-3.6.5.2.15-0.3.1 libreoffice-help-hi-IN-3.6.5.2.15-0.3.1 libreoffice-help-hu-3.6.5.2.15-0.3.1 libreoffice-help-it-3.6.5.2.15-0.3.1 libreoffice-help-ja-3.6.5.2.15-0.3.1 libreoffice-help-ko-3.6.5.2.15-0.3.1 libreoffice-help-nl-3.6.5.2.15-0.3.1 libreoffice-help-pl-3.6.5.2.15-0.3.1 libreoffice-help-pt-3.6.5.2.15-0.3.1 libreoffice-help-pt-BR-3.6.5.2.15-0.3.1 libreoffice-help-ru-3.6.5.2.15-0.3.1 libreoffice-help-sv-3.6.5.2.15-0.3.1 libreoffice-help-zh-CN-3.6.5.2.15-0.3.1 libreoffice-help-zh-TW-3.6.5.2.15-0.3.1 libreoffice-icon-themes-3.6.5.2.15-0.3.1 libreoffice-l10n-af-3.6.5.2.15-0.3.1 libreoffice-l10n-ar-3.6.5.2.15-0.3.1 libreoffice-l10n-ca-3.6.5.2.15-0.3.1 libreoffice-l10n-cs-3.6.5.2.15-0.3.1 libreoffice-l10n-da-3.6.5.2.15-0.3.1 libreoffice-l10n-de-3.6.5.2.15-0.3.1 libreoffice-l10n-el-3.6.5.2.15-0.3.1 libreoffice-l10n-en-GB-3.6.5.2.15-0.3.1 libreoffice-l10n-es-3.6.5.2.15-0.3.1 libreoffice-l10n-fi-3.6.5.2.15-0.3.1 libreoffice-l10n-fr-3.6.5.2.15-0.3.1 libreoffice-l10n-gu-IN-3.6.5.2.15-0.3.1 libreoffice-l10n-hi-IN-3.6.5.2.15-0.3.1 libreoffice-l10n-hu-3.6.5.2.15-0.3.1 libreoffice-l10n-it-3.6.5.2.15-0.3.1 libreoffice-l10n-ja-3.6.5.2.15-0.3.1 libreoffice-l10n-ko-3.6.5.2.15-0.3.1 libreoffice-l10n-nb-3.6.5.2.15-0.3.1 libreoffice-l10n-nl-3.6.5.2.15-0.3.1 libreoffice-l10n-nn-3.6.5.2.15-0.3.1 libreoffice-l10n-pl-3.6.5.2.15-0.3.1 libreoffice-l10n-pt-3.6.5.2.15-0.3.1 libreoffice-l10n-pt-BR-3.6.5.2.15-0.3.1 libreoffice-l10n-ru-3.6.5.2.15-0.3.1 libreoffice-l10n-sk-3.6.5.2.15-0.3.1 libreoffice-l10n-sv-3.6.5.2.15-0.3.1 libreoffice-l10n-xh-3.6.5.2.15-0.3.1 libreoffice-l10n-zh-CN-3.6.5.2.15-0.3.1 libreoffice-l10n-zh-TW-3.6.5.2.15-0.3.1 libreoffice-l10n-zu-3.6.5.2.15-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.6.5.2.15]: libreoffice-3.6.5.2.15-0.3.1 libreoffice-base-3.6.5.2.15-0.3.1 libreoffice-base-drivers-postgresql-3.6.5.2.15-0.3.1 libreoffice-base-extensions-3.6.5.2.15-0.3.1 libreoffice-calc-3.6.5.2.15-0.3.1 libreoffice-calc-extensions-3.6.5.2.15-0.3.1 libreoffice-draw-3.6.5.2.15-0.3.1 libreoffice-draw-extensions-3.6.5.2.15-0.3.1 libreoffice-filters-optional-3.6.5.2.15-0.3.1 libreoffice-gnome-3.6.5.2.15-0.3.1 libreoffice-impress-3.6.5.2.15-0.3.1 libreoffice-impress-extensions-3.6.5.2.15-0.3.1 libreoffice-kde-3.6.5.2.15-0.3.1 libreoffice-kde4-3.6.5.2.15-0.3.1 libreoffice-mailmerge-3.6.5.2.15-0.3.1 libreoffice-math-3.6.5.2.15-0.3.1 libreoffice-mono-3.6.5.2.15-0.3.1 libreoffice-officebean-3.6.5.2.15-0.3.1 libreoffice-pyuno-3.6.5.2.15-0.3.1 libreoffice-writer-3.6.5.2.15-0.3.1 libreoffice-writer-extensions-3.6.5.2.15-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 3.6.5.2.15]: libreoffice-help-cs-3.6.5.2.15-0.3.1 libreoffice-help-da-3.6.5.2.15-0.3.1 libreoffice-help-de-3.6.5.2.15-0.3.1 libreoffice-help-en-GB-3.6.5.2.15-0.3.1 libreoffice-help-en-US-3.6.5.2.15-0.3.1 libreoffice-help-es-3.6.5.2.15-0.3.1 libreoffice-help-fr-3.6.5.2.15-0.3.1 libreoffice-help-gu-IN-3.6.5.2.15-0.3.1 libreoffice-help-hi-IN-3.6.5.2.15-0.3.1 libreoffice-help-hu-3.6.5.2.15-0.3.1 libreoffice-help-it-3.6.5.2.15-0.3.1 libreoffice-help-ja-3.6.5.2.15-0.3.1 libreoffice-help-ko-3.6.5.2.15-0.3.1 libreoffice-help-nl-3.6.5.2.15-0.3.1 libreoffice-help-pl-3.6.5.2.15-0.3.1 libreoffice-help-pt-3.6.5.2.15-0.3.1 libreoffice-help-pt-BR-3.6.5.2.15-0.3.1 libreoffice-help-ru-3.6.5.2.15-0.3.1 libreoffice-help-sv-3.6.5.2.15-0.3.1 libreoffice-help-zh-CN-3.6.5.2.15-0.3.1 libreoffice-help-zh-TW-3.6.5.2.15-0.3.1 libreoffice-icon-themes-3.6.5.2.15-0.3.1 libreoffice-l10n-af-3.6.5.2.15-0.3.1 libreoffice-l10n-ar-3.6.5.2.15-0.3.1 libreoffice-l10n-ca-3.6.5.2.15-0.3.1 libreoffice-l10n-cs-3.6.5.2.15-0.3.1 libreoffice-l10n-da-3.6.5.2.15-0.3.1 libreoffice-l10n-de-3.6.5.2.15-0.3.1 libreoffice-l10n-en-GB-3.6.5.2.15-0.3.1 libreoffice-l10n-es-3.6.5.2.15-0.3.1 libreoffice-l10n-fi-3.6.5.2.15-0.3.1 libreoffice-l10n-fr-3.6.5.2.15-0.3.1 libreoffice-l10n-gu-IN-3.6.5.2.15-0.3.1 libreoffice-l10n-hi-IN-3.6.5.2.15-0.3.1 libreoffice-l10n-hu-3.6.5.2.15-0.3.1 libreoffice-l10n-it-3.6.5.2.15-0.3.1 libreoffice-l10n-ja-3.6.5.2.15-0.3.1 libreoffice-l10n-ko-3.6.5.2.15-0.3.1 libreoffice-l10n-nb-3.6.5.2.15-0.3.1 libreoffice-l10n-nl-3.6.5.2.15-0.3.1 libreoffice-l10n-nn-3.6.5.2.15-0.3.1 libreoffice-l10n-pl-3.6.5.2.15-0.3.1 libreoffice-l10n-pt-3.6.5.2.15-0.3.1 libreoffice-l10n-pt-BR-3.6.5.2.15-0.3.1 libreoffice-l10n-ru-3.6.5.2.15-0.3.1 libreoffice-l10n-sk-3.6.5.2.15-0.3.1 libreoffice-l10n-sv-3.6.5.2.15-0.3.1 libreoffice-l10n-xh-3.6.5.2.15-0.3.1 libreoffice-l10n-zh-CN-3.6.5.2.15-0.3.1 libreoffice-l10n-zh-TW-3.6.5.2.15-0.3.1 libreoffice-l10n-zu-3.6.5.2.15-0.3.1 References: https://bugzilla.novell.com/404221 https://bugzilla.novell.com/437516 https://bugzilla.novell.com/492440 https://bugzilla.novell.com/590020 https://bugzilla.novell.com/615357 https://bugzilla.novell.com/681110 https://bugzilla.novell.com/753462 https://bugzilla.novell.com/777788 https://bugzilla.novell.com/779642 https://bugzilla.novell.com/782833 https://bugzilla.novell.com/787452 https://bugzilla.novell.com/789482 https://bugzilla.novell.com/791706 https://bugzilla.novell.com/791731 https://bugzilla.novell.com/791777 https://bugzilla.novell.com/791985 https://bugzilla.novell.com/792048 https://bugzilla.novell.com/792528 https://bugzilla.novell.com/792778 https://bugzilla.novell.com/793262 https://bugzilla.novell.com/793401 https://bugzilla.novell.com/793408 https://bugzilla.novell.com/793998 https://bugzilla.novell.com/793999 https://bugzilla.novell.com/794350 https://bugzilla.novell.com/797967 https://bugzilla.novell.com/798271 https://bugzilla.novell.com/801152 https://bugzilla.novell.com/802350 https://bugzilla.novell.com/802888 https://bugzilla.novell.com/807762 https://bugzilla.novell.com/807777 http://download.novell.com/patch/finder/?keywords=5226115731b9b693a2fabd998dc7571f From sle-updates at lists.suse.com Wed Mar 27 19:04:35 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Mar 2013 02:04:35 +0100 (CET) Subject: SUSE-RU-2013:0557-1: Recommended update for nfs-client Message-ID: <20130328010435.73FE332183@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfs-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0557-1 Rating: low References: #787272 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the NFS support utilities (nfs-client, nfs-kernel-server) enhances gssd to work with more than 1024 connections, respecting the 'nofile' resource limit. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nfs-client-7382 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nfs-client-7382 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-nfs-client-7382 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nfs-client-1.2.3-18.29.1 nfs-doc-1.2.3-18.29.1 nfs-kernel-server-1.2.3-18.29.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nfs-client-1.2.3-18.29.1 nfs-doc-1.2.3-18.29.1 nfs-kernel-server-1.2.3-18.29.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): nfs-utils-1.0.7-36.50.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): nfs-client-1.2.3-18.29.1 nfs-kernel-server-1.2.3-18.29.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): nfs-utils-1.0.7-36.50.1 References: https://bugzilla.novell.com/787272 http://download.novell.com/patch/finder/?keywords=2661e37fbce4b7e90768a429ea53674f http://download.novell.com/patch/finder/?keywords=5ae5094ab7e0ced365c574d7f45b6daa From sle-updates at lists.suse.com Wed Mar 27 20:04:20 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Mar 2013 03:04:20 +0100 (CET) Subject: SUSE-SU-2013:0558-1: Security update for Kerberos 5 Message-ID: <20130328020420.E23F832157@maintenance.suse.de> SUSE Security Update: Security update for Kerberos 5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0558-1 Rating: low References: #787272 #806715 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for Kerberos 5 fixes one security issue: The KDC plugin for PKINIT can dereference a null pointer when processing malformed packets, leading to a crash of the KDC process. (bnc#806715, CVE-2013-1415) Additionally, it improves compatibility with processes that handle large numbers of open files. (bnc#787272) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-krb5-7446 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-krb5-7446 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-krb5-7446 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-krb5-7446 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.54.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.54.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): krb5-server-1.6.3-133.49.54.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): krb5-1.6.3-133.49.54.1 krb5-apps-clients-1.6.3-133.49.54.1 krb5-apps-servers-1.6.3-133.49.54.1 krb5-client-1.6.3-133.49.54.1 krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.54.1 krb5-server-1.6.3-133.49.54.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): krb5-32bit-1.6.3-133.49.54.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.54.1 krb5-apps-clients-1.6.3-133.49.54.1 krb5-apps-servers-1.6.3-133.49.54.1 krb5-client-1.6.3-133.49.54.1 krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.54.1 krb5-server-1.6.3-133.49.54.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.54.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): krb5-x86-1.6.3-133.49.54.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): krb5-1.6.3-133.49.54.1 krb5-client-1.6.3-133.49.54.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): krb5-32bit-1.6.3-133.49.54.1 References: https://bugzilla.novell.com/787272 https://bugzilla.novell.com/806715 http://download.novell.com/patch/finder/?keywords=b65786aee61582aa40a251cace29337a From sle-updates at lists.suse.com Thu Mar 28 11:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Mar 2013 18:04:21 +0100 (CET) Subject: SUSE-RU-2013:0561-1: Recommended update for pidentd Message-ID: <20130328170421.4F58932174@maintenance.suse.de> SUSE Recommended Update: Recommended update for pidentd ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0561-1 Rating: low References: #796561 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pidentd fixes an issue that prevented the service from accepting IPv4 connections when IPv6 was disabled. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-pidentd-7288 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-pidentd-7288 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): pidentd-3.1a25-313.24.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): pidentd-3.1a25-313.24.3.1 References: https://bugzilla.novell.com/796561 http://download.novell.com/patch/finder/?keywords=3555a341c1d9ee9c451382006bf8898f From sle-updates at lists.suse.com Thu Mar 28 13:04:24 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Mar 2013 20:04:24 +0100 (CET) Subject: SUSE-RU-2013:0562-1: moderate: Recommended update for libvirt Message-ID: <20130328190424.BB53A32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0562-1 Rating: moderate References: #805843 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libvirt fixes an issue that made emulated interfaces on Xen VMs unusable when the interface configuration contains type=ioemu. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libvirt-7483 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libvirt-7483 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libvirt-7483 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libvirt-devel-0.9.6-0.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-32bit-0.9.6-0.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libvirt-0.9.6-0.27.1 libvirt-client-0.9.6-0.27.1 libvirt-doc-0.9.6-0.27.1 libvirt-python-0.9.6-0.27.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libvirt-client-32bit-0.9.6-0.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libvirt-0.9.6-0.27.1 libvirt-client-0.9.6-0.27.1 libvirt-doc-0.9.6-0.27.1 libvirt-python-0.9.6-0.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.27.1 References: https://bugzilla.novell.com/805843 http://download.novell.com/patch/finder/?keywords=5158ccff5c795cdb54d80c6ec7f570b7