From sle-updates at lists.suse.com Fri Aug 1 12:04:17 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Aug 2014 20:04:17 +0200 (CEST) Subject: SUSE-RU-2014:0958-1: Recommended update for crowbar-barclamp-neutron Message-ID: <20140801180417.F229A32089@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-neutron ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0958-1 Rating: low References: #875800 #882584 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Cloud3 provides the following fixes for crowbar-barclamp-neutron: * Update to version 1.7+git.1401090501.b2c796e: o ha: Make neutron-ha-tool start after haproxy and neutron-server (bnc#882584) o Honor the :use_vlan flag when creating the floating network (bnc#875800) o Re-arranged generation of provider network options o Minor cleanup Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-neutron-9460 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-neutron-1.7+git.1401090501.b2c796e-0.7.2 References: https://bugzilla.novell.com/875800 https://bugzilla.novell.com/882584 http://download.suse.com/patch/finder/?keywords=929b4260cc81eca315ea2907aca34ece From sle-updates at lists.suse.com Fri Aug 1 14:04:10 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Aug 2014 22:04:10 +0200 (CEST) Subject: SUSE-RU-2014:0959-1: Recommended update for mcelog Message-ID: <20140801200410.3938D32089@maintenance.suse.de> SUSE Recommended Update: Recommended update for mcelog ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0959-1 Rating: low References: #829862 #849124 #882730 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for mcelog provides the following fixes: * Add model number of Haswell Server (0x3f). (bnc#882730) * Add missing entry to Ivy Bridge memory controller decode table. (bnc#849124) * Continue without DMI when there's no SMBIOS or SMBIOS=0x0 in /sys/firmware/efi/systab. (bnc#829862) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-mcelog-9509 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-mcelog-9509 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-mcelog-9509 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): mcelog-1.0.2013.01.18-0.19.1 - SUSE Linux Enterprise Server 11 SP3 (x86_64): mcelog-1.0.2013.01.18-0.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): mcelog-1.0.2013.01.18-0.19.1 References: https://bugzilla.novell.com/829862 https://bugzilla.novell.com/849124 https://bugzilla.novell.com/882730 http://download.suse.com/patch/finder/?keywords=22edd5bc762b65ff82f728fc18c98ea0 From sle-updates at lists.suse.com Fri Aug 1 17:04:19 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 2 Aug 2014 01:04:19 +0200 (CEST) Subject: SUSE-SU-2014:0960-1: important: Security update for Mozilla Firefox Message-ID: <20140801230419.3336332068@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0960-1 Rating: important References: #887746 Cross-References: CVE-2014-1544 CVE-2014-1547 CVE-2014-1548 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 LTSS SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. It includes two new package versions. Description: Mozilla Firefox has been updated to the 24.7ESR security release. Security issues fixed in this release: * CVE-2014-1544 - https://www.mozilla.org/security/announce/2014/mfsa2014-63.html * CVE-2014-1548 - https://www.mozilla.org/security/announce/2014/mfsa2014-56.html * CVE-2014-1549 - https://www.mozilla.org/security/announce/2014/mfsa2014-57.html * CVE-2014-1550 - https://www.mozilla.org/security/announce/2014/mfsa2014-58.html * CVE-2014-1551 - https://www.mozilla.org/security/announce/2014/mfsa2014-59.html * CVE-2014-1552 - https://www.mozilla.org/security/announce/2014/mfsa2014-66.html * CVE-2014-1555 - https://www.mozilla.org/security/announce/2014/mfsa2014-61.html * CVE-2014-1556 - https://www.mozilla.org/security/announce/2014/mfsa2014-62.html * CVE-2014-1557 - https://www.mozilla.org/security/announce/2014/mfsa2014-64.html * CVE-2014-1558, CVE-2014-1559, CVE-2014-1560 - https://www.mozilla.org/security/announce/2014/mfsa2014-65.html * CVE-2014-1561 - https://www.mozilla.org/security/announce/2014/mfsa2014-60.html Security Issues: * CVE-2014-1557 * CVE-2014-1547 * CVE-2014-1548 * CVE-2014-1556 * CVE-2014-1544 * CVE-2014-1555 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox-201407-9569 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-firefox-201407-9555 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-firefox-201407-9554 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox-201407-9569 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.16.2]: MozillaFirefox-devel-24.7.0esr-0.8.2 mozilla-nss-devel-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 3.16.2]: libfreebl3-x86-3.16.2-0.8.1 libsoftokn3-x86-3.16.2-0.8.1 mozilla-nss-x86-3.16.2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.3.1 MozillaFirefox-translations-24.7.0esr-0.3.1 libfreebl3-3.16.2-0.3.1 mozilla-nss-3.16.2-0.3.1 mozilla-nss-devel-3.16.2-0.3.1 mozilla-nss-tools-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.3.1 mozilla-nss-32bit-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.3.1 MozillaFirefox-translations-24.7.0esr-0.3.1 libfreebl3-3.16.2-0.3.1 mozilla-nss-3.16.2-0.3.1 mozilla-nss-tools-3.16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.3.1 mozilla-nss-32bit-3.16.2-0.3.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 3.16.2]: mozilla-nss-3.16.2-0.5.1 mozilla-nss-devel-3.16.2-0.5.1 mozilla-nss-tools-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 3.16.2]: mozilla-nss-32bit-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x): MozillaFirefox-24.7.0esr-0.5.1 MozillaFirefox-translations-24.7.0esr-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64) [New Version: 3.16.2]: mozilla-nss-3.16.2-0.5.1 mozilla-nss-devel-3.16.2-0.5.1 mozilla-nss-tools-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64) [New Version: 3.16.2]: mozilla-nss-32bit-3.16.2-0.5.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x): MozillaFirefox-24.7.0esr-0.5.1 MozillaFirefox-translations-24.7.0esr-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 24.7.0esr and 3.16.2]: MozillaFirefox-24.7.0esr-0.8.2 MozillaFirefox-translations-24.7.0esr-0.8.2 libfreebl3-3.16.2-0.8.1 libsoftokn3-3.16.2-0.8.1 mozilla-nss-3.16.2-0.8.1 mozilla-nss-tools-3.16.2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 3.16.2]: libfreebl3-32bit-3.16.2-0.8.1 libsoftokn3-32bit-3.16.2-0.8.1 mozilla-nss-32bit-3.16.2-0.8.1 References: http://support.novell.com/security/cve/CVE-2014-1544.html http://support.novell.com/security/cve/CVE-2014-1547.html http://support.novell.com/security/cve/CVE-2014-1548.html http://support.novell.com/security/cve/CVE-2014-1555.html http://support.novell.com/security/cve/CVE-2014-1556.html http://support.novell.com/security/cve/CVE-2014-1557.html https://bugzilla.novell.com/887746 http://download.suse.com/patch/finder/?keywords=196914b4be33c9d122303fc5b0d25025 http://download.suse.com/patch/finder/?keywords=2d6344b3abcf62e1e68e8c9dda3fd4c4 http://download.suse.com/patch/finder/?keywords=a771192da5dca3c7e01bde7b62b1e0fd http://download.suse.com/patch/finder/?keywords=aeabea2b6efdbb9fcccb116e66006d7c http://download.suse.com/patch/finder/?keywords=f2f8ae117761a6715e1f6766fd35660f From sle-updates at lists.suse.com Mon Aug 4 11:04:19 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Aug 2014 19:04:19 +0200 (CEST) Subject: SUSE-SU-2014:0961-1: important: Security update for openjdk Message-ID: <20140804170419.E799B3208D@maintenance.suse.de> SUSE Security Update: Security update for openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0961-1 Rating: important References: #887530 Cross-References: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. It includes one version update. Description: This Critical Patch Update contains 20 new security fixes for Oracle Java SE. All of these vulnerabilities could have been remotely exploitable without authentication, i.e., could be exploited over a network without the need for a username and password. Security Issues: * CVE-2014-4227 * CVE-2014-4219 * CVE-2014-2490 * CVE-2014-4216 * CVE-2014-4247 * CVE-2014-2483 * CVE-2014-4223 * CVE-2014-4262 * CVE-2014-4209 * CVE-2014-4265 * CVE-2014-4220 * CVE-2014-4218 * CVE-2014-4252 * CVE-2014-4266 * CVE-2014-4268 * CVE-2014-4264 * CVE-2014-4221 * CVE-2014-4244 * CVE-2014-4263 * CVE-2014-4208 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-9543 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.65]: java-1_7_0-openjdk-1.7.0.65-0.7.4 java-1_7_0-openjdk-demo-1.7.0.65-0.7.4 java-1_7_0-openjdk-devel-1.7.0.65-0.7.4 References: http://support.novell.com/security/cve/CVE-2014-2483.html http://support.novell.com/security/cve/CVE-2014-2490.html http://support.novell.com/security/cve/CVE-2014-4208.html http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4216.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4220.html http://support.novell.com/security/cve/CVE-2014-4221.html http://support.novell.com/security/cve/CVE-2014-4223.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4247.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4264.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4266.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/887530 http://download.suse.com/patch/finder/?keywords=74138caa13d284bb5cbd73e4f768e2e8 From sle-updates at lists.suse.com Tue Aug 5 17:04:17 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Aug 2014 01:04:17 +0200 (CEST) Subject: SUSE-RU-2014:0963-1: important: Recommended update for crowbar-barclamp-neutron Message-ID: <20140805230417.DE97F32072@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-neutron ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0963-1 Rating: important References: #889939 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issues with crowbar-barclamp-neutron: * Update to version 1.7+git.1406100294.e1c1c72: o Fix handling of multiple DNS servers o Fix check of ha enablement of l3 agent o Fixup! neutron-server run fix for Ubuntu. o Fix for Ubuntu six pip package, added to the crowbar.yml for downloading the latest version via pip o metering_agent service name is fixed for Ubuntu. o Missing cache directory creation is added for Ubuntu. o Missing ml2 plugin directory creation is created for Ubuntu o Missing package name is added for Ubuntu installation process. o neutron-server run fix for Ubuntu. o Handle multiple DNS forwarders correctly Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-neutron-9575 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-neutron-1.7+git.1406100294.e1c1c72-0.7.1 References: https://bugzilla.novell.com/889939 http://download.suse.com/patch/finder/?keywords=01185200191788f652e9f98115c92601 From sle-updates at lists.suse.com Tue Aug 5 19:04:35 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Aug 2014 03:04:35 +0200 (CEST) Subject: SUSE-RU-2014:0964-1: Recommended update for dnsmasq Message-ID: <20140806010435.5145A32072@maintenance.suse.de> SUSE Recommended Update: Recommended update for dnsmasq ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0964-1 Rating: low References: #883708 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides dnsmasq version 2.71, which brings several fixes and enhancements. For a comprehensive list of changes, please refer to the package change log. (FATE#317370) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-dnsmasq-9481 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-dnsmasq-9481 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-dnsmasq-9481 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.71]: dnsmasq-2.71-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.71]: dnsmasq-2.71-0.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.71]: dnsmasq-2.71-0.11.1 References: https://bugzilla.novell.com/883708 http://download.suse.com/patch/finder/?keywords=4fe9268dc3fb1ec61e3f25e3fc65038d From sle-updates at lists.suse.com Wed Aug 6 11:04:21 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Aug 2014 19:04:21 +0200 (CEST) Subject: SUSE-RU-2014:0966-1: Recommended update for pmtools Message-ID: <20140806170421.59765320B5@maintenance.suse.de> SUSE Recommended Update: Recommended update for pmtools ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0966-1 Rating: low References: #886251 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pmtools includes dmidecode 2.12, which brings many fixes and enhancements. (fate#317261, bnc#886251) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-pmtools-9582 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-pmtools-9582 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-pmtools-9582 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): pmtools-20071116-44.33.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 x86_64): pmtools-20071116-44.33.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): pmtools-20071116-44.33.1 References: https://bugzilla.novell.com/886251 http://download.suse.com/patch/finder/?keywords=5e8480325e566a226cd24eec6e656b33 From sle-updates at lists.suse.com Wed Aug 6 17:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Aug 2014 01:04:14 +0200 (CEST) Subject: SUSE-SU-2014:0967-1: important: Security update for the Apache Web Server Message-ID: <20140806230414.57A4D32085@maintenance.suse.de> SUSE Security Update: Security update for the Apache Web Server ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0967-1 Rating: important References: #859916 #869105 #869106 #887765 #887768 Cross-References: CVE-2013-6438 CVE-2014-0098 CVE-2014-0226 CVE-2014-0231 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Apache Web Server provides the following fixes: * Fixed a heap-based buffer overflow on apache module mod_status. (bnc#887765, CVE-2014-0226) * Properly remove whitespace characters from CDATA sections to avoid remote denial of service by crashing the Apache Server process. (bnc#869105, CVE-2013-6438) * Correction to parsing of cookie content; this can lead to a crash with a specially designed cookie sent to the server. (bnc#869106, CVE-2014-0098) * ECC support should not be missing. (bnc#859916) This update also introduces a new configuration parameter CGIDScriptTimeout, which defaults to the value of parameter Timeout. CGIDScriptTimeout is set to 60s if mod_cgid is loaded/active, via /etc/apache2/conf.d/cgid-timeout.conf. The new directive and its effect prevent request workers to be eaten until starvation if cgi programs do not send output back to the server within the timeout set by CGIDScriptTimeout. (bnc#887768, CVE-2014-0231) Security Issues references: * CVE-2014-0226 * CVE-2013-6438 * CVE-2014-0098 * CVE-2014-0231 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-apache2-9542 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-9542 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-apache2-9542 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-devel-2.2.12-1.46.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): apache2-2.2.12-1.46.1 apache2-doc-2.2.12-1.46.1 apache2-example-pages-2.2.12-1.46.1 apache2-prefork-2.2.12-1.46.1 apache2-utils-2.2.12-1.46.1 apache2-worker-2.2.12-1.46.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): apache2-2.2.12-1.46.1 apache2-doc-2.2.12-1.46.1 apache2-example-pages-2.2.12-1.46.1 apache2-prefork-2.2.12-1.46.1 apache2-utils-2.2.12-1.46.1 apache2-worker-2.2.12-1.46.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-2.2.12-1.46.1 apache2-doc-2.2.12-1.46.1 apache2-example-pages-2.2.12-1.46.1 apache2-prefork-2.2.12-1.46.1 apache2-utils-2.2.12-1.46.1 apache2-worker-2.2.12-1.46.1 References: http://support.novell.com/security/cve/CVE-2013-6438.html http://support.novell.com/security/cve/CVE-2014-0098.html http://support.novell.com/security/cve/CVE-2014-0226.html http://support.novell.com/security/cve/CVE-2014-0231.html https://bugzilla.novell.com/859916 https://bugzilla.novell.com/869105 https://bugzilla.novell.com/869106 https://bugzilla.novell.com/887765 https://bugzilla.novell.com/887768 http://download.suse.com/patch/finder/?keywords=829ba0775cf41b675d6b37e956e1fda6 From sle-updates at lists.suse.com Thu Aug 7 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-YU-2014:0968-1: YOU update for popt Message-ID: <20140807170414.B58D2320B5@maintenance.suse.de> SUSE YOU Update: YOU update for popt ______________________________________________________________________________ Announcement ID: SUSE-YU-2014:0968-1 Rating: low References: #725478 #870358 #882489 #884373 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has four YOU fixes can now be installed. Description: This update for RPM provides the following fixes and enhancements: * Add query support for the new weak dependency tags used in SLE 12. (bnc#884373) * Remove harmful --target option passing from the configure macro. (bnc#870358) * Disable broken ldconfig skipping code. (bnc#725478) Additionally, one issue was fixed in the rpm-python sub-package: * Return a PyLong for installsize and archivesize if a PyInt would be negative. This could make createrepo(8) generate repository metadata with negative sizes for some packages. (bnc#882489) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-rpm-201406-9435 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-rpm-201406-9435 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-rpm-201406-9435 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-rpm-201406-9435 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): popt-devel-1.7-37.58.1 rpm-devel-4.4.2.3-37.58.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): rpm-32bit-4.4.2.3-37.58.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64): popt-devel-32bit-1.7-37.58.1 rpm-devel-32bit-4.4.2.3-37.58.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): rpm-x86-4.4.2.3-37.58.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): popt-1.7-37.58.1 rpm-4.4.2.3-37.58.1 rpm-python-4.4.2.3-37.58.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): popt-32bit-1.7-37.58.1 rpm-32bit-4.4.2.3-37.58.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): popt-1.7-37.58.1 rpm-4.4.2.3-37.58.1 rpm-python-4.4.2.3-37.58.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): popt-32bit-1.7-37.58.1 rpm-32bit-4.4.2.3-37.58.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): popt-x86-1.7-37.58.1 rpm-x86-4.4.2.3-37.58.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): popt-1.7-37.58.1 rpm-4.4.2.3-37.58.1 rpm-python-4.4.2.3-37.58.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): popt-32bit-1.7-37.58.1 rpm-32bit-4.4.2.3-37.58.1 References: https://bugzilla.novell.com/725478 https://bugzilla.novell.com/870358 https://bugzilla.novell.com/882489 https://bugzilla.novell.com/884373 http://download.suse.com/patch/finder/?keywords=84d68a15fe61f32c9ab5310d27812b31 From sle-updates at lists.suse.com Thu Aug 7 17:04:16 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Aug 2014 01:04:16 +0200 (CEST) Subject: SUSE-RU-2014:0970-1: Recommended update for release-notes-sles Message-ID: <20140807230416.51FC132085@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0970-1 Rating: low References: #837456 #878036 #878333 #880251 #886256 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the release notes for SUSE Linux Enterprise Server 11 SP3. The changes in detail are: * Xen: Kernel Dom0 and Raw Hardware Characteristics. (bnc#878036 via fate#317638) * Firefox update to version 24 ESR. (bnc#886256 via fate#316623) * More information about MySQL migration. (bnc#837456 via fate#314322) * Fix some typos. (bnc#878333 via fate) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-release-notes-sles-201407-9549 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-release-notes-sles-201407-9549 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 11.3.34]: release-notes-SLES-for-VMware-11.3.34-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.3.34]: release-notes-sles-11.3.34-0.7.1 References: https://bugzilla.novell.com/837456 https://bugzilla.novell.com/878036 https://bugzilla.novell.com/878333 https://bugzilla.novell.com/880251 https://bugzilla.novell.com/886256 http://download.suse.com/patch/finder/?keywords=7aac66547dbf6c6601f05673620f6fb2 From sle-updates at lists.suse.com Fri Aug 8 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-SU-2014:0972-1: moderate: Security update for apache2-mod_security2 Message-ID: <20140808170414.0A1C0320B5@maintenance.suse.de> SUSE Security Update: Security update for apache2-mod_security2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0972-1 Rating: moderate References: #871309 Cross-References: CVE-2013-5705 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This apache2-mod_security2 update fixes the following security issue: * bnc#871309: bypass of intended rules via chunked requests (CVE-2013-5705) Security Issues: * CVE-2013-5705 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-mod_security2-9585 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-apache2-mod_security2-9585 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): apache2-mod_security2-2.7.1-0.2.18.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-mod_security2-2.7.1-0.2.18.1 References: http://support.novell.com/security/cve/CVE-2013-5705.html https://bugzilla.novell.com/871309 http://download.suse.com/patch/finder/?keywords=99a5035c2783430758850ba4494fa2a6 From sle-updates at lists.suse.com Fri Aug 8 17:04:24 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 Aug 2014 01:04:24 +0200 (CEST) Subject: SUSE-RU-2014:0973-1: Recommended update for yast2-crowbar Message-ID: <20140808230424.9529432085@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0973-1 Rating: low References: #881380 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for yast2-crowbar provides the following fix: * Do not write mode value into the bastion network map. (bnc#881380) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-yast2-crowbar-9476 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch) [New Version: 2.17.35.1]: yast2-crowbar-2.17.35.1-0.7.1 References: https://bugzilla.novell.com/881380 http://download.suse.com/patch/finder/?keywords=1a6dcf072b2c57dd0e58b5571b994aba From sle-updates at lists.suse.com Mon Aug 11 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-SU-2014:0988-1: moderate: Security update for openstack-keystone Message-ID: <20140811170414.134063218D@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0988-1 Rating: moderate References: #885798 Cross-References: CVE-2014-3520 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update for openstack-keystone includes the following fixes: * Ensure that in v2 auth tenant_id matches trust. (bnc#885798, CVE-2014-352) Security Issues: * CVE-2014-3520 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-openstack-keystone-9513 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64) [New Version: 2013.2.4.dev6.g96d9bcf]: openstack-keystone-2013.2.4.dev6.g96d9bcf-0.7.1 python-keystone-2013.2.4.dev6.g96d9bcf-0.7.1 - SUSE Cloud 3 (noarch) [New Version: 2013.2.4.dev6.g96d9bcf]: openstack-keystone-doc-2013.2.4.dev6.g96d9bcf-0.7.1 References: http://support.novell.com/security/cve/CVE-2014-3520.html https://bugzilla.novell.com/885798 http://download.suse.com/patch/finder/?keywords=e7353fd44c2f1f2d24e594febb27d44f From sle-updates at lists.suse.com Mon Aug 11 11:04:29 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Aug 2014 19:04:29 +0200 (CEST) Subject: SUSE-SU-2014:0989-1: moderate: Security update for krb5 Message-ID: <20140811170429.077BF32192@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0989-1 Rating: moderate References: #886016 #888697 Cross-References: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: The following security issues have been fixed in kerberos 5: * CVE-2014-4341, CVE-2014-4342: Two denial of service flaws when handling RFC 1964 tokens. * CVE-2014-4343, CVE-2014-4344: Multiple flaws in SPNEGO. Security Issues: * CVE-2014-4341 * CVE-2014-4342 * CVE-2014-4343 * CVE-2014-4344 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-krb5-9564 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-krb5-9564 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-krb5-9564 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-krb5-9564 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.60.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.60.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): krb5-server-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): krb5-1.6.3-133.49.60.1 krb5-apps-clients-1.6.3-133.49.60.1 krb5-apps-servers-1.6.3-133.49.60.1 krb5-client-1.6.3-133.49.60.1 krb5-plugin-kdb-ldap-1.6.3-133.49.60.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.60.1 krb5-server-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): krb5-32bit-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): krb5-doc-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.60.1 krb5-apps-clients-1.6.3-133.49.60.1 krb5-apps-servers-1.6.3-133.49.60.1 krb5-client-1.6.3-133.49.60.1 krb5-plugin-kdb-ldap-1.6.3-133.49.60.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.60.1 krb5-server-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): krb5-doc-1.6.3-133.49.60.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): krb5-x86-1.6.3-133.49.60.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): krb5-1.6.3-133.49.60.1 krb5-client-1.6.3-133.49.60.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): krb5-32bit-1.6.3-133.49.60.1 References: http://support.novell.com/security/cve/CVE-2014-4341.html http://support.novell.com/security/cve/CVE-2014-4342.html http://support.novell.com/security/cve/CVE-2014-4343.html http://support.novell.com/security/cve/CVE-2014-4344.html https://bugzilla.novell.com/886016 https://bugzilla.novell.com/888697 http://download.suse.com/patch/finder/?keywords=2e70ab20e66d9d98f150b323082a1ad8 From sle-updates at lists.suse.com Mon Aug 11 17:04:20 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Aug 2014 01:04:20 +0200 (CEST) Subject: SUSE-RU-2014:0990-1: Recommended update for pesign-obs-integration Message-ID: <20140811230420.C87A23205C@maintenance.suse.de> SUSE Recommended Update: Recommended update for pesign-obs-integration ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0990-1 Rating: low References: #889626 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pesign-obs-integration includes the following fixes: * Accept also rpmlintrc files without any - prefix. (bnc#889626) * Use package's rpmlintrc files in the second build. (bnc#889626) * Set BRP_PESIGN_FILES="" in the repackage build to avoid loops. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-pesign-obs-integration-9583 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-pesign-obs-integration-9583 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-pesign-obs-integration-9583 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): pesign-obs-integration-10.0-0.22.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): pesign-obs-integration-10.0-0.22.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): pesign-obs-integration-10.0-0.22.1 References: https://bugzilla.novell.com/889626 http://download.suse.com/patch/finder/?keywords=5b1911dbad432e2c98b057c6b167b06b From sle-updates at lists.suse.com Tue Aug 12 11:04:18 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Aug 2014 19:04:18 +0200 (CEST) Subject: SUSE-RU-2014:0991-1: Recommended update for crowbar-barclamp-crowbar Message-ID: <20140812170418.CA01A3218E@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0991-1 Rating: low References: #882582 #882583 #883408 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for SUSE Cloud 3 provides the following fixes for crowbar-barclamp-crowbar: * Update to version 1.7+git.1403250320.d9fb7e7: o Fixed form field name for deployment dsl (bnc#883408) o avoid use of /dev/disk/by-id in VirtualBox (bnc#882582) o apache2: Fix the status.conf template for SUSE (bnc#882583) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-crowbar-9456 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-crowbar-1.7+git.1403250320.d9fb7e7-0.7.2 References: https://bugzilla.novell.com/882582 https://bugzilla.novell.com/882583 https://bugzilla.novell.com/883408 http://download.suse.com/patch/finder/?keywords=4cfa53e5f4dea4d573e43f5bfdc15fec From sle-updates at lists.suse.com Tue Aug 12 17:04:19 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 01:04:19 +0200 (CEST) Subject: SUSE-RU-2014:0992-1: Recommended update for crowbar-barclamp-provisioner Message-ID: <20140812230419.B073A32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-provisioner ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0992-1 Rating: low References: #882582 #882585 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Cloud3 provides the following fixes for crowbar-barclamp-provisioner: * Update to version 1.7+git.1402565462.0db33f7: o bnc#882585: + crowbar_join: Reduce time of loop for hostname + crowbar_register: Do not keep sledgehammer-specific configuration + Avoid crowbar_register exiting prematurely o avoid use of /dev/disk/by-id in VirtualBox (bnc#882582) o Revert "crowbar_join: Get the hostname before pinging the admin server" o add missing -n to zypper o crowbar_join: Fix syntax error Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-provisioner-9463 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-provisioner-1.7+git.1402565462.0db33f7-0.7.2 References: https://bugzilla.novell.com/882582 https://bugzilla.novell.com/882585 http://download.suse.com/patch/finder/?keywords=244307d4bb087afbb4ee75caf1db43c9 From sle-updates at lists.suse.com Tue Aug 12 17:04:48 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 01:04:48 +0200 (CEST) Subject: SUSE-SU-2014:0993-1: moderate: Security update for oracle-update Message-ID: <20140812230448.895F83218E@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0993-1 Rating: moderate References: #887569 Cross-References: CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245 Affected Products: SUSE Manager Server SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This critical patch update contains 5 security fixes for the Oracle Database Server. One of the vulnerabilities could have been exploited over the network without a valid username and password. Security Issues: * CVE-2013-3751 * CVE-2013-3774 * CVE-2014-4236 * CVE-2014-4237 * CVE-2014-4245 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-oracle-update-9527 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-oracle-update-9526 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (x86_64): oracle-update-1.7-0.27.3 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): oracle-update-1.7-0.27.1 References: http://support.novell.com/security/cve/CVE-2013-3751.html http://support.novell.com/security/cve/CVE-2013-3774.html http://support.novell.com/security/cve/CVE-2014-4236.html http://support.novell.com/security/cve/CVE-2014-4237.html http://support.novell.com/security/cve/CVE-2014-4245.html https://bugzilla.novell.com/887569 http://download.suse.com/patch/finder/?keywords=088373f58bac47df3488d15a3ee58d2f http://download.suse.com/patch/finder/?keywords=62ab2041714cf67cc34ef0ee1c6ff211 From sle-updates at lists.suse.com Tue Aug 12 17:05:06 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 01:05:06 +0200 (CEST) Subject: SUSE-SU-2014:0994-1: moderate: Security update for rubygem-activerecord-2_3 Message-ID: <20140812230506.5E1A73218E@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activerecord-2_3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0994-1 Rating: moderate References: #885636 Cross-References: CVE-2014-3482 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-activerecord-2_3 fixes the following security issue: * The PostgreSQL adapter for Active Record in Ruby on Rails 2.x allowed remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. (CVE-2014-3482) Security Issue references: * CVE-2014-3482 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-rubygem-activerecord-2_3-9529 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64): rubygem-activerecord-2_3-2.3.17-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3482.html https://bugzilla.novell.com/885636 http://download.suse.com/patch/finder/?keywords=1eb2a68f415a0a8df5775b6aa2f7bfcb From sle-updates at lists.suse.com Tue Aug 12 18:04:16 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 02:04:16 +0200 (CEST) Subject: SUSE-RU-2014:0995-1: Recommended update for High Availability Extension 11 SP3 Message-ID: <20140813000416.0F52E3205C@maintenance.suse.de> SUSE Recommended Update: Recommended update for High Availability Extension 11 SP3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:0995-1 Rating: low References: #695440 #804763 #821124 #845525 #846449 #847005 #850589 #851990 #853345 #854039 #854050 #854172 #854423 #856135 #856353 #858721 #859683 #860169 #862319 #862383 #862572 #863071 #863527 #865260 #866618 #867039 #867048 #868986 #870696 #871098 #871175 #872287 #872290 #872655 #873970 #877484 #877640 #878128 #878362 #878597 #878662 #879034 #879934 #880258 #880520 #881321 #881884 #884079 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has 48 recommended fixes can now be installed. It includes 5 new package versions. Description: This collective update for the High Availability Extension 11 SP3 provides many fixes and enhancements. cluster-glue: * external/vcenter: Add parameter to disable hostname verification. (bnc#851990) * hb_report: A dot (.) is not illegal in file names. (bnc#884079) corosync: * Updated to official 1.4.7 upstream release. crmsh: * cibconfig: Disable patching if groups changed. (bnc#881321) * xmlutil: Implement patching for commit_rsc. (bnc#877640) * parse: Handle location role assignment. (bnc#878128) * report: Make regexp groups non-capturing to avoid limit. (bnc#877484) hawk: * gui/status: Ensure monitor requests aren't cached. (bnc#854423) * gui/status: Show resources with failed stop as 'failed', in red. (bnc#879034) * gui/status: Display resources as unmanaged if per-resource maintenance mode set. (bnc#863071) * gui: Linebreak crmsh error output when manipulating resources. (bnc#872287) * gui: Use --force when deleting resources, constraints, etc. (bnc#872290) * misc/cib model: Handle stale pending stop ops. (bnc#879034) * misc/crm_config: Check properties exist before flagging readonly (bnc#853345) * misc/crm_config editor: Don't create empty property sets. (bnc#871098) * misc/node model: Find nodes by uname. (bnc#854039) * misc/wizard: Allow multiple instances of the same template. (fate#314396) * misc: Replace popen3 invocations with capture3 to avoid deadlocks when dealing with excessively large STDERR output. (bnc#878597) * misc: Drop explicit "commit" from crmsh invocations. (bnc#872287) * misc: Theme 404, 422 and 500 error pages. (bnc#872655) * misc: Use crm_simulate instead of ptest. (bnc#854050) libqb: * Updated to official 0.17.0 upstream release. openais: * init script: Correct force-stop handling. (bnc#873970) pacemaker: * cib: Correctly handle configuration ordering changes. (bnc#881321) * xml: Prevent incorrect xml diffs from corrupting the cib. (bnc#878362) * cluster: Prevent search of unames from attempting to create node entries for unknown nodes. (bnc#881884) * crm_simulate: Clean up temporary shadow files on exit. (bnc#879934) * pengine: Before migrating utilization-using resources to a node, take off the load that will no longer run there if it's not introducing transition loop. (bnc#695440) * pengine: Correctly search failcount. (bnc#880520) * pengine: Prevent possible segfault. (bnc#880258) * pengine: Block restart of resources if any dependent resource in a group is unmanaged. (bnc#878662) * pengine: Mark unrunnable stop actions as "blocked" and show the correct current locations. (bnc#878662) * Ensure pending probes that ultimately fail are correctly updated. (bnc#804763, bnc#879034) * pengine: Ignore failure-timeout only if the failed operation has on-fail="block". (bnc#871175) * cts: Automatically determine whether to run RemoteBaremetal. (bnc#856353) * crm_attribute: Default --lifetime to forever when using --node. (bnc#870696) * cib: Check if on-disk cib is corrupt in the separate on_disk_cib_corrupt() rather than in validate_on_disk_cib(). (bnc#866618) * cib: Do not disable cib disk writes if on-disk cib is corrupt. (bnc#866618) * pengine: Support per-resource maintenance mode. (bnc#863071) * pengine: Prevent resources in an anti-colocation from even temporarily running on a same node. (bnc#856135, bnc#862319) * tools: Display pending state in crm_mon/crm_resource/crm_simulate if --pending/-j is supplied. (FATE#315159) * crmd: Prevent message relay from attempting to create node entries for unknown nodes. (bnc#862383) * crmd: Prevent manual fencing confirmations from attempting to create node entries for unknown nodes. (bnc#860169) * crm_mon: Display brief output if "-b/--brief" is supplied or 'b' is toggled. (FATE#314757) * ipc: Convince clang that our casting is intended. (bnc#845525) pacemaker-mgmt: * crm_gui: Correctly clear migration constraints for pacemaker >= 1.1.10. (bnc#858721) resource-agents: * oracle: Try as sysdba if monitor as MONUSR fails. (bnc#850589) * oracle: Reset MONUSR password if it expired. (bnc#850589) * pgsql: Support for non-standard port and library locations. (bnc#846449) * ldirectord: Fix the list output to include ops flag. (bnc#847005) * oracle: Make monitoring user configurable. (bnc#859683, bnc#850589) * oracle: Make monitoring profile configurable. (bnc#859683) * oracle: Make monuser parameter case-insensitive. (bnc#859683) * oracle: Make monitoring user configurable. (bnc#859683) * oracle: Create custom profile for OCFMON user. (bnc#850589) sleha-bootstrap: * Don't set sbd_device in crm config. (bnc#863527) * Update firewall rules correctly for corosync.conf. (bnc#868986) * Use 'csync2 -R' to cleanup DB when removing node. (bnc#867039) * Sync all config files across all nodes when adding new node. (bnc#867048) * Use netstat to guess at the default route interface. (bnc#854172) * Correctly detect unconfigured SBD when SBD_DEVICE="". (bnc#865260) * Run removal commands in bash shell to avoid prompts from zsh. (bnc#862572) * Unify OCFS2 config with Hawk. (bnc#821124) The list above is not comprehensive. For details, please refer to the individual package change logs and Bugzilla. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-slehae-201406-9454 - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-slehae-201406-9454 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.0]: libqb-devel-0.17.0-0.7.6 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.0,0.6.3,1.1.11,1.2.6 and 1.4.7]: cluster-glue-1.0.11-0.23.1 corosync-1.4.7-0.19.6 crmsh-1.2.6-0.35.11 hawk-0.6.3-0.18.10 hawk-templates-0.6.3-0.18.10 ldirectord-3.9.5-0.34.57 libcorosync-devel-1.4.7-0.19.6 libcorosync4-1.4.7-0.19.6 libglue-devel-1.0.11-0.23.1 libglue2-1.0.11-0.23.1 libopenais-devel-1.1.4-5.19.7 libopenais3-1.1.4-5.19.7 libpacemaker-devel-1.1.11-0.7.53 libpacemaker3-1.1.11-0.7.53 libqb-devel-0.17.0-0.7.6 libqb0-0.17.0-0.7.6 nagios-plugins-metadata-3.9.5-0.34.57 openais-1.1.4-5.19.7 pacemaker-1.1.11-0.7.53 pacemaker-mgmt-2.1.2-0.15.12 pacemaker-mgmt-client-2.1.2-0.15.12 pacemaker-mgmt-devel-2.1.2-0.15.12 resource-agents-3.9.5-0.34.57 - SUSE Linux Enterprise High Availability Extension 11 SP3 (noarch): sleha-bootstrap-0.3-0.28.6 References: https://bugzilla.novell.com/695440 https://bugzilla.novell.com/804763 https://bugzilla.novell.com/821124 https://bugzilla.novell.com/845525 https://bugzilla.novell.com/846449 https://bugzilla.novell.com/847005 https://bugzilla.novell.com/850589 https://bugzilla.novell.com/851990 https://bugzilla.novell.com/853345 https://bugzilla.novell.com/854039 https://bugzilla.novell.com/854050 https://bugzilla.novell.com/854172 https://bugzilla.novell.com/854423 https://bugzilla.novell.com/856135 https://bugzilla.novell.com/856353 https://bugzilla.novell.com/858721 https://bugzilla.novell.com/859683 https://bugzilla.novell.com/860169 https://bugzilla.novell.com/862319 https://bugzilla.novell.com/862383 https://bugzilla.novell.com/862572 https://bugzilla.novell.com/863071 https://bugzilla.novell.com/863527 https://bugzilla.novell.com/865260 https://bugzilla.novell.com/866618 https://bugzilla.novell.com/867039 https://bugzilla.novell.com/867048 https://bugzilla.novell.com/868986 https://bugzilla.novell.com/870696 https://bugzilla.novell.com/871098 https://bugzilla.novell.com/871175 https://bugzilla.novell.com/872287 https://bugzilla.novell.com/872290 https://bugzilla.novell.com/872655 https://bugzilla.novell.com/873970 https://bugzilla.novell.com/877484 https://bugzilla.novell.com/877640 https://bugzilla.novell.com/878128 https://bugzilla.novell.com/878362 https://bugzilla.novell.com/878597 https://bugzilla.novell.com/878662 https://bugzilla.novell.com/879034 https://bugzilla.novell.com/879934 https://bugzilla.novell.com/880258 https://bugzilla.novell.com/880520 https://bugzilla.novell.com/881321 https://bugzilla.novell.com/881884 https://bugzilla.novell.com/884079 http://download.suse.com/patch/finder/?keywords=3ba774d467784c235b54b5b7e6866008 From sle-updates at lists.suse.com Tue Aug 12 19:04:15 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 03:04:15 +0200 (CEST) Subject: SUSE-SU-2014:0996-1: moderate: Security update for python-Jinja2 Message-ID: <20140813010415.AD84632067@maintenance.suse.de> SUSE Security Update: Security update for python-Jinja2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0996-1 Rating: moderate References: #858239 Cross-References: CVE-2014-1402 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue has been fixed: * #858239: CVE-2014-1402: python-Jinja2: arbitrary code execution vulnerability Security Issues: * CVE-2014-1402 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-python-Jinja2-9544 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64): python-Jinja2-2.6-2.14.1 References: http://support.novell.com/security/cve/CVE-2014-1402.html https://bugzilla.novell.com/858239 http://download.suse.com/patch/finder/?keywords=fdb6f29d73cd72c6e94f0df350346622 From sle-updates at lists.suse.com Tue Aug 12 20:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 04:04:14 +0200 (CEST) Subject: SUSE-SU-2014:0997-1: moderate: Security update for Python Message-ID: <20140813020414.0D7523218E@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0997-1 Rating: moderate References: #827982 #834601 #847135 #856836 #859068 #863741 #872848 #885882 Cross-References: CVE-2013-1752 CVE-2013-4238 CVE-2014-1912 CVE-2014-4650 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has four fixes is now available. It includes one version update. Description: Python has been updated to version 2.6.9, which brings many fixes for bugs and security issues: * SSL Root Certificate validation is now enabled by default. (bnc#827982) * Fixed a overflow in socket.recvfrom_into where incorrect python programs could have been exploited remotely via a buffer overrun. (CVE-2014-1912) * Multiple unbound readline() DoS flaws in python stdlib have been fixed. (CVE-2013-1752) * Handling of embedded \0 in SSL certificate fields has been fixed. (CVE-2013-4238) * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters has been fixed. (CVE-2014-4650) Additionally, the following non-security issues have been fixed: * Turn off OpenSSL's aggressive optimizations that conflict with Python's GC. (bnc#859068) * Fix usage of MD5 in hmac module when the cipher is not available in FIPS mode. (bnc#847135) * Update 'urlparse' module to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2013-4238 * CVE-2014-1912 * CVE-2013-1752 * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-python-201408-9580 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-python-201408-9578 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 References: http://support.novell.com/security/cve/CVE-2013-1752.html http://support.novell.com/security/cve/CVE-2013-4238.html http://support.novell.com/security/cve/CVE-2014-1912.html http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/827982 https://bugzilla.novell.com/834601 https://bugzilla.novell.com/847135 https://bugzilla.novell.com/856836 https://bugzilla.novell.com/859068 https://bugzilla.novell.com/863741 https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=3734a6c4dfebe291c8b56ac4755caac3 http://download.suse.com/patch/finder/?keywords=faa004881aeeffec0fab415382594ba8 From sle-updates at lists.suse.com Tue Aug 12 21:04:20 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 05:04:20 +0200 (CEST) Subject: SUSE-SU-2014:0998-1: moderate: Security update for Python Message-ID: <20140813030420.8D9383219A@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0998-1 Rating: moderate References: #872848 #885882 Cross-References: CVE-2014-4650 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update for Python provides fixes for the following issues: * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters. (CVE-2014-4650) * The 'urlparse' module has been updated to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-201408-9581 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: python-devel-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.6.9]: python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 2.6.9]: python-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.6.9]: libpython2_6-1_0-x86-2.6.9-0.31.1 python-base-x86-2.6.9-0.31.1 python-x86-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=a25e8571f7c3786aa6e0a05c8459a0dd From sle-updates at lists.suse.com Tue Aug 12 22:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 06:04:39 +0200 (CEST) Subject: SUSE-SU-2014:0999-1: Security update for pulseaudio Message-ID: <20140813040439.1500D3219A@maintenance.suse.de> SUSE Security Update: Security update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0999-1 Rating: low References: #881524 Cross-References: CVE-2014-3970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update: * CVE-2014-3970: Fixed a remote denial of service attack in module-rtp-recv. Security Issues: * CVE-2014-3970 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-browse0-9568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse0-x86-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-bluetooth-0.9.23-0.15.1 pulseaudio-module-gconf-0.9.23-0.15.1 pulseaudio-module-jack-0.9.23-0.15.1 pulseaudio-module-lirc-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse0-32bit-0.9.23-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3970.html https://bugzilla.novell.com/881524 http://download.suse.com/patch/finder/?keywords=3e53e4386106a97356ffe0050c757578 From sle-updates at lists.suse.com Tue Aug 12 23:04:44 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 07:04:44 +0200 (CEST) Subject: SUSE-RU-2014:1000-1: Recommended update for crowbar-barclamp-deployer Message-ID: <20140813050444.6E9A13219C@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1000-1 Rating: low References: #882582 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Cloud 3 provides the following fixes for crowbar-barclamp-deployer: * Avoid use of /dev/disk/by-id in VirtualBox. (bnc#882582) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-deployer-9457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-deployer-1.7+git.1402565484.1333133-0.7.1 References: https://bugzilla.novell.com/882582 http://download.suse.com/patch/finder/?keywords=f883b0bafb15795de37b9209fbb62ab7 From sle-updates at lists.suse.com Wed Aug 13 06:41:06 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:41:06 +0200 (CEST) Subject: SUSE-SU-2014:1001-1: Security update for pulseaudio Message-ID: <20140813124106.BD6F93218D@maintenance.suse.de> SUSE Security Update: Security update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1001-1 Rating: low References: #881524 Cross-References: CVE-2014-3970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update: * CVE-2014-3970: Fixed a remote denial of service attack in module-rtp-recv. Security Issues: * CVE-2014-3970 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-browse0-9568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse0-x86-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-bluetooth-0.9.23-0.15.1 pulseaudio-module-gconf-0.9.23-0.15.1 pulseaudio-module-jack-0.9.23-0.15.1 pulseaudio-module-lirc-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse0-32bit-0.9.23-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3970.html https://bugzilla.novell.com/881524 http://download.suse.com/patch/finder/?keywords=3e53e4386106a97356ffe0050c757578 From sle-updates at lists.suse.com Wed Aug 13 06:41:24 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:41:24 +0200 (CEST) Subject: SUSE-RU-2014:1002-1: Recommended update for crowbar-barclamp-deployer Message-ID: <20140813124124.22AA8321A4@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1002-1 Rating: low References: #882582 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Cloud 3 provides the following fixes for crowbar-barclamp-deployer: * Avoid use of /dev/disk/by-id in VirtualBox. (bnc#882582) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-deployer-9457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-deployer-1.7+git.1402565484.1333133-0.7.1 References: https://bugzilla.novell.com/882582 http://download.suse.com/patch/finder/?keywords=f883b0bafb15795de37b9209fbb62ab7 From sle-updates at lists.suse.com Wed Aug 13 06:43:46 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:43:46 +0200 (CEST) Subject: SUSE-SU-2014:1003-1: Security update for pulseaudio Message-ID: <20140813124346.4590F321A2@maintenance.suse.de> SUSE Security Update: Security update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1003-1 Rating: low References: #881524 Cross-References: CVE-2014-3970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update: * CVE-2014-3970: Fixed a remote denial of service attack in module-rtp-recv. Security Issues: * CVE-2014-3970 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-browse0-9568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse0-x86-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-bluetooth-0.9.23-0.15.1 pulseaudio-module-gconf-0.9.23-0.15.1 pulseaudio-module-jack-0.9.23-0.15.1 pulseaudio-module-lirc-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse0-32bit-0.9.23-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3970.html https://bugzilla.novell.com/881524 http://download.suse.com/patch/finder/?keywords=3e53e4386106a97356ffe0050c757578 From sle-updates at lists.suse.com Wed Aug 13 06:44:01 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:44:01 +0200 (CEST) Subject: SUSE-RU-2014:1004-1: Recommended update for crowbar-barclamp-deployer Message-ID: <20140813124401.E88BD321A2@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1004-1 Rating: low References: #882582 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Cloud 3 provides the following fixes for crowbar-barclamp-deployer: * Avoid use of /dev/disk/by-id in VirtualBox. (bnc#882582) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-deployer-9457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-deployer-1.7+git.1402565484.1333133-0.7.1 References: https://bugzilla.novell.com/882582 http://download.suse.com/patch/finder/?keywords=f883b0bafb15795de37b9209fbb62ab7 From sle-updates at lists.suse.com Wed Aug 13 06:44:18 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:44:18 +0200 (CEST) Subject: SUSE-SU-2014:1005-1: moderate: Security update for Python Message-ID: <20140813124418.3D24C321A2@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1005-1 Rating: moderate References: #872848 #885882 Cross-References: CVE-2014-4650 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update for Python provides fixes for the following issues: * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters. (CVE-2014-4650) * The 'urlparse' module has been updated to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-201408-9581 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: python-devel-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.6.9]: python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 2.6.9]: python-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.6.9]: libpython2_6-1_0-x86-2.6.9-0.31.1 python-base-x86-2.6.9-0.31.1 python-x86-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=a25e8571f7c3786aa6e0a05c8459a0dd From sle-updates at lists.suse.com Wed Aug 13 06:45:01 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:45:01 +0200 (CEST) Subject: SUSE-SU-2014:1006-1: moderate: Security update for Python Message-ID: <20140813124501.E342532195@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1006-1 Rating: moderate References: #827982 #834601 #847135 #856836 #859068 #863741 #872848 #885882 Cross-References: CVE-2013-1752 CVE-2013-4238 CVE-2014-1912 CVE-2014-4650 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has four fixes is now available. It includes one version update. Description: Python has been updated to version 2.6.9, which brings many fixes for bugs and security issues: * SSL Root Certificate validation is now enabled by default. (bnc#827982) * Fixed a overflow in socket.recvfrom_into where incorrect python programs could have been exploited remotely via a buffer overrun. (CVE-2014-1912) * Multiple unbound readline() DoS flaws in python stdlib have been fixed. (CVE-2013-1752) * Handling of embedded \0 in SSL certificate fields has been fixed. (CVE-2013-4238) * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters has been fixed. (CVE-2014-4650) Additionally, the following non-security issues have been fixed: * Turn off OpenSSL's aggressive optimizations that conflict with Python's GC. (bnc#859068) * Fix usage of MD5 in hmac module when the cipher is not available in FIPS mode. (bnc#847135) * Update 'urlparse' module to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2013-4238 * CVE-2014-1912 * CVE-2013-1752 * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-python-201408-9580 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-python-201408-9578 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 References: http://support.novell.com/security/cve/CVE-2013-1752.html http://support.novell.com/security/cve/CVE-2013-4238.html http://support.novell.com/security/cve/CVE-2014-1912.html http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/827982 https://bugzilla.novell.com/834601 https://bugzilla.novell.com/847135 https://bugzilla.novell.com/856836 https://bugzilla.novell.com/859068 https://bugzilla.novell.com/863741 https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=3734a6c4dfebe291c8b56ac4755caac3 http://download.suse.com/patch/finder/?keywords=faa004881aeeffec0fab415382594ba8 From sle-updates at lists.suse.com Wed Aug 13 06:46:25 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:46:25 +0200 (CEST) Subject: SUSE-SU-2014:1007-1: Security update for pulseaudio Message-ID: <20140813124625.114663218E@maintenance.suse.de> SUSE Security Update: Security update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1007-1 Rating: low References: #881524 Cross-References: CVE-2014-3970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update: * CVE-2014-3970: Fixed a remote denial of service attack in module-rtp-recv. Security Issues: * CVE-2014-3970 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-browse0-9568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse0-x86-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-bluetooth-0.9.23-0.15.1 pulseaudio-module-gconf-0.9.23-0.15.1 pulseaudio-module-jack-0.9.23-0.15.1 pulseaudio-module-lirc-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse0-32bit-0.9.23-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3970.html https://bugzilla.novell.com/881524 http://download.suse.com/patch/finder/?keywords=3e53e4386106a97356ffe0050c757578 From sle-updates at lists.suse.com Wed Aug 13 06:47:03 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:47:03 +0200 (CEST) Subject: SUSE-RU-2014:1008-1: Recommended update for crowbar-barclamp-deployer Message-ID: <20140813124703.DD9123218E@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1008-1 Rating: low References: #882582 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Cloud 3 provides the following fixes for crowbar-barclamp-deployer: * Avoid use of /dev/disk/by-id in VirtualBox. (bnc#882582) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-deployer-9457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-deployer-1.7+git.1402565484.1333133-0.7.1 References: https://bugzilla.novell.com/882582 http://download.suse.com/patch/finder/?keywords=f883b0bafb15795de37b9209fbb62ab7 From sle-updates at lists.suse.com Wed Aug 13 06:47:33 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:47:33 +0200 (CEST) Subject: SUSE-SU-2014:1009-1: moderate: Security update for Python Message-ID: <20140813124733.CE2933218E@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1009-1 Rating: moderate References: #872848 #885882 Cross-References: CVE-2014-4650 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update for Python provides fixes for the following issues: * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters. (CVE-2014-4650) * The 'urlparse' module has been updated to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-201408-9581 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: python-devel-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.6.9]: python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 2.6.9]: python-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.6.9]: libpython2_6-1_0-x86-2.6.9-0.31.1 python-base-x86-2.6.9-0.31.1 python-x86-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=a25e8571f7c3786aa6e0a05c8459a0dd From sle-updates at lists.suse.com Wed Aug 13 06:53:24 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:53:24 +0200 (CEST) Subject: SUSE-SU-2014:1010-1: moderate: Security update for python-Jinja2 Message-ID: <20140813125324.98C3131FE3@maintenance.suse.de> SUSE Security Update: Security update for python-Jinja2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1010-1 Rating: moderate References: #858239 Cross-References: CVE-2014-1402 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue has been fixed: * #858239: CVE-2014-1402: python-Jinja2: arbitrary code execution vulnerability Security Issues: * CVE-2014-1402 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-python-Jinja2-9544 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64): python-Jinja2-2.6-2.14.1 References: http://support.novell.com/security/cve/CVE-2014-1402.html https://bugzilla.novell.com/858239 http://download.suse.com/patch/finder/?keywords=fdb6f29d73cd72c6e94f0df350346622 From sle-updates at lists.suse.com Wed Aug 13 06:53:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:53:43 +0200 (CEST) Subject: SUSE-SU-2014:1011-1: moderate: Security update for Python Message-ID: <20140813125343.0CC2032063@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1011-1 Rating: moderate References: #872848 #885882 Cross-References: CVE-2014-4650 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update for Python provides fixes for the following issues: * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters. (CVE-2014-4650) * The 'urlparse' module has been updated to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-201408-9581 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-201408-9581 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: python-devel-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.6.9]: python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 2.6.9]: python-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.6.9]: libpython2_6-1_0-x86-2.6.9-0.31.1 python-base-x86-2.6.9-0.31.1 python-x86-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=a25e8571f7c3786aa6e0a05c8459a0dd From sle-updates at lists.suse.com Wed Aug 13 06:54:12 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 14:54:12 +0200 (CEST) Subject: SUSE-SU-2014:1012-1: moderate: Security update for Python Message-ID: <20140813125412.15F9532063@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1012-1 Rating: moderate References: #827982 #834601 #847135 #856836 #859068 #863741 #872848 #885882 Cross-References: CVE-2013-1752 CVE-2013-4238 CVE-2014-1912 CVE-2014-4650 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has four fixes is now available. It includes one version update. Description: Python has been updated to version 2.6.9, which brings many fixes for bugs and security issues: * SSL Root Certificate validation is now enabled by default. (bnc#827982) * Fixed a overflow in socket.recvfrom_into where incorrect python programs could have been exploited remotely via a buffer overrun. (CVE-2014-1912) * Multiple unbound readline() DoS flaws in python stdlib have been fixed. (CVE-2013-1752) * Handling of embedded \0 in SSL certificate fields has been fixed. (CVE-2013-4238) * CGIHTTPServer file disclosure and directory traversal through URL-encoded characters has been fixed. (CVE-2014-4650) Additionally, the following non-security issues have been fixed: * Turn off OpenSSL's aggressive optimizations that conflict with Python's GC. (bnc#859068) * Fix usage of MD5 in hmac module when the cipher is not available in FIPS mode. (bnc#847135) * Update 'urlparse' module to correctly parse IPv6 addresses. (bnc#872848) * Correctly enable IPv6 support. Security Issues: * CVE-2013-4238 * CVE-2014-1912 * CVE-2013-1752 * CVE-2014-4650 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-python-201408-9580 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-python-201408-9578 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.31.1 python-2.6.9-0.31.1 python-base-2.6.9-0.31.1 python-curses-2.6.9-0.31.1 python-demo-2.6.9-0.31.1 python-devel-2.6.9-0.31.1 python-gdbm-2.6.9-0.31.1 python-idle-2.6.9-0.31.1 python-tk-2.6.9-0.31.1 python-xml-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.31.1 python-32bit-2.6.9-0.31.1 python-base-32bit-2.6.9-0.31.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (noarch): python-doc-2.6-8.31.1 python-doc-pdf-2.6-8.31.1 References: http://support.novell.com/security/cve/CVE-2013-1752.html http://support.novell.com/security/cve/CVE-2013-4238.html http://support.novell.com/security/cve/CVE-2014-1912.html http://support.novell.com/security/cve/CVE-2014-4650.html https://bugzilla.novell.com/827982 https://bugzilla.novell.com/834601 https://bugzilla.novell.com/847135 https://bugzilla.novell.com/856836 https://bugzilla.novell.com/859068 https://bugzilla.novell.com/863741 https://bugzilla.novell.com/872848 https://bugzilla.novell.com/885882 http://download.suse.com/patch/finder/?keywords=3734a6c4dfebe291c8b56ac4755caac3 http://download.suse.com/patch/finder/?keywords=faa004881aeeffec0fab415382594ba8 From sle-updates at lists.suse.com Wed Aug 13 07:04:12 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 15:04:12 +0200 (CEST) Subject: SUSE-SU-2014:1013-1: Security update for pulseaudio Message-ID: <20140813130412.32F0132000@maintenance.suse.de> SUSE Security Update: Security update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1013-1 Rating: low References: #881524 Cross-References: CVE-2014-3970 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update: * CVE-2014-3970: Fixed a remote denial of service attack in module-rtp-recv. Security Issues: * CVE-2014-3970 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-browse0-9568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-browse0-9568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse0-32bit-0.9.23-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse0-x86-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.15.1 libpulse-mainloop-glib0-0.9.23-0.15.1 libpulse0-0.9.23-0.15.1 pulseaudio-0.9.23-0.15.1 pulseaudio-esound-compat-0.9.23-0.15.1 pulseaudio-gdm-hooks-0.9.23-0.15.1 pulseaudio-lang-0.9.23-0.15.1 pulseaudio-module-bluetooth-0.9.23-0.15.1 pulseaudio-module-gconf-0.9.23-0.15.1 pulseaudio-module-jack-0.9.23-0.15.1 pulseaudio-module-lirc-0.9.23-0.15.1 pulseaudio-module-x11-0.9.23-0.15.1 pulseaudio-module-zeroconf-0.9.23-0.15.1 pulseaudio-utils-0.9.23-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse0-32bit-0.9.23-0.15.1 References: http://support.novell.com/security/cve/CVE-2014-3970.html https://bugzilla.novell.com/881524 http://download.suse.com/patch/finder/?keywords=3e53e4386106a97356ffe0050c757578 From sle-updates at lists.suse.com Wed Aug 13 07:04:27 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 15:04:27 +0200 (CEST) Subject: SUSE-RU-2014:1014-1: Recommended update for crowbar-barclamp-deployer Message-ID: <20140813130427.7814F32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1014-1 Rating: low References: #882582 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Cloud 3 provides the following fixes for crowbar-barclamp-deployer: * Avoid use of /dev/disk/by-id in VirtualBox. (bnc#882582) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-crowbar-barclamp-deployer-9457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (noarch): crowbar-barclamp-deployer-1.7+git.1402565484.1333133-0.7.1 References: https://bugzilla.novell.com/882582 http://download.suse.com/patch/finder/?keywords=f883b0bafb15795de37b9209fbb62ab7 From sle-updates at lists.suse.com Wed Aug 13 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-SU-2014:1015-1: moderate: Security update for tomcat6 Message-ID: <20140813170414.33C6B3218D@maintenance.suse.de> SUSE Security Update: Security update for tomcat6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1015-1 Rating: moderate References: #844689 #865746 #880346 #880347 #880348 #881700 Cross-References: CVE-2012-3544 CVE-2013-4322 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. It includes two new package versions. Description: Tomcat has been updated to version 6.0.41, which brings security and bug fixes. The following security fixes have been fixed: * CVE-2014-0096: A XXE vulnerability via user supplied XSLTs. * CVE-2014-0099: Request smuggling via malicious content length header. * CVE-2014-0119: A XML parser hijack by malicious web application. Bugs fixed: * Socket bind fails on tomcat startup when using apr (IPV6) (bnc#881700) * classpath for org/apache/juli/logging/LogFactory (bnc#844689) Security Issues: * CVE-2013-4322 * CVE-2012-3544 * CVE-2014-0099 * CVE-2014-0096 * CVE-2014-0119 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-tomcat6-201407-9487 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-tomcat6-201407-9487 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.3.3]: libtcnative-1-0-1.3.3-12.2.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 6.0.41]: tomcat6-6.0.41-0.43.1 tomcat6-admin-webapps-6.0.41-0.43.1 tomcat6-docs-webapp-6.0.41-0.43.1 tomcat6-javadoc-6.0.41-0.43.1 tomcat6-jsp-2_1-api-6.0.41-0.43.1 tomcat6-lib-6.0.41-0.43.1 tomcat6-servlet-2_5-api-6.0.41-0.43.1 tomcat6-webapps-6.0.41-0.43.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.3.3]: libtcnative-1-0-1.3.3-12.2.1 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 6.0.41]: tomcat6-6.0.41-0.43.1 tomcat6-admin-webapps-6.0.41-0.43.1 tomcat6-docs-webapp-6.0.41-0.43.1 tomcat6-javadoc-6.0.41-0.43.1 tomcat6-jsp-2_1-api-6.0.41-0.43.1 tomcat6-lib-6.0.41-0.43.1 tomcat6-servlet-2_5-api-6.0.41-0.43.1 tomcat6-webapps-6.0.41-0.43.1 References: http://support.novell.com/security/cve/CVE-2012-3544.html http://support.novell.com/security/cve/CVE-2013-4322.html http://support.novell.com/security/cve/CVE-2014-0096.html http://support.novell.com/security/cve/CVE-2014-0099.html http://support.novell.com/security/cve/CVE-2014-0119.html https://bugzilla.novell.com/844689 https://bugzilla.novell.com/865746 https://bugzilla.novell.com/880346 https://bugzilla.novell.com/880347 https://bugzilla.novell.com/880348 https://bugzilla.novell.com/881700 http://download.suse.com/patch/finder/?keywords=51ab03c9eb3160df8b474d58f755825c From sle-updates at lists.suse.com Wed Aug 13 13:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 21:04:13 +0200 (CEST) Subject: SUSE-RU-2014:1016-1: Recommended update for libgphoto2 Message-ID: <20140813190413.681063218D@maintenance.suse.de> SUSE Recommended Update: Recommended update for libgphoto2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1016-1 Rating: low References: #878311 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update of libgphoto2 fixes an issue where daemonized usage of libgphoto2 like in gphotofs could have affected devices attached to unrelated serial ports. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libgphoto2-9516 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libgphoto2-9516 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libgphoto2-9516 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libgphoto2-9516 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgphoto2-devel-2.4.3-3.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libgphoto2-32bit-2.4.3-3.27.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libgphoto2-x86-2.4.3-3.27.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libgphoto2-2.4.3-3.27.1 libgphoto2-lang-2.4.3-3.27.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgphoto2-2.4.3-3.27.1 libgphoto2-lang-2.4.3-3.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libgphoto2-2.4.3-3.27.1 libgphoto2-lang-2.4.3-3.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgphoto2-32bit-2.4.3-3.27.1 References: https://bugzilla.novell.com/878311 http://download.suse.com/patch/finder/?keywords=1ba4bf2b1a0fb23e473e0313d1e345d1 From sle-updates at lists.suse.com Wed Aug 13 15:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Aug 2014 23:04:13 +0200 (CEST) Subject: SUSE-SU-2014:1017-1: moderate: Security update for augeas Message-ID: <20140813210413.4ED9A3218D@maintenance.suse.de> SUSE Security Update: Security update for augeas ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1017-1 Rating: moderate References: #853044 #871323 #876044 #885003 Cross-References: CVE-2012-0786 CVE-2013-6412 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: Augeas has been updated to fix a symlink overwrite problem (CVE-2012-0786, CVE-2013-6412). Also a bug has been fixed where "augtool -s set was failing" (bnc#876044) Additionally parsing the multipath configuration has been fixed. bnc#871323 Security Issues: * CVE-2012-0786 * CVE-2013-6412 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-augeas-9574 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-augeas-9574 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-augeas-9574 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-augeas-9574 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): augeas-devel-0.9.0-3.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): augeas-0.9.0-3.15.1 augeas-lenses-0.9.0-3.15.1 libaugeas0-0.9.0-3.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): augeas-0.9.0-3.15.1 augeas-lenses-0.9.0-3.15.1 libaugeas0-0.9.0-3.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libaugeas0-0.9.0-3.15.1 References: http://support.novell.com/security/cve/CVE-2012-0786.html http://support.novell.com/security/cve/CVE-2013-6412.html https://bugzilla.novell.com/853044 https://bugzilla.novell.com/871323 https://bugzilla.novell.com/876044 https://bugzilla.novell.com/885003 http://download.suse.com/patch/finder/?keywords=106ec01bfdf9d6744262858fc5103f7b From sle-updates at lists.suse.com Wed Aug 13 16:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Aug 2014 00:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1018-1: Recommended update for openssl-ibmca Message-ID: <20140813220414.DC85E320A4@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl-ibmca ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1018-1 Rating: low References: #879649 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openssl-ibmca fixes the message digest length definition in the SHA-256 template. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-openssl-ibmca-9538 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-openssl-ibmca-9538 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): openssl-ibmca-1.0.0-141.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64): openssl-ibmca-1.0.0-141.15.1 - SUSE Linux Enterprise Server 11 SP3 (s390x): openssl-ibmca-1.2.0-141.15.1 openssl-ibmca-32bit-1.2.0-141.15.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64): openssl-ibmca-32bit-1.0.0-141.15.1 References: https://bugzilla.novell.com/879649 http://download.suse.com/patch/finder/?keywords=c9a7cdb60a64122f8bb3bbc7ad6a75ac From sle-updates at lists.suse.com Wed Aug 13 18:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Aug 2014 02:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1019-1: Recommended update for sleshammer Message-ID: <20140814000414.E39093218D@maintenance.suse.de> SUSE Recommended Update: Recommended update for sleshammer ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1019-1 Rating: low References: #864888 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds the package efibootmgr to sleshammer. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-sleshammer-9475 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64): sleshammer-0.3-0.14.1 References: https://bugzilla.novell.com/864888 http://download.suse.com/patch/finder/?keywords=fd38142ed638ac496df961e299efc0f5 From sle-updates at lists.suse.com Thu Aug 14 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-YU-2014:1021-1: moderate: YOU update for Software Update Stack Message-ID: <20140814170414.CD93232192@maintenance.suse.de> SUSE YOU Update: YOU update for Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2014:1021-1 Rating: moderate References: #575096 #862471 #876297 #883411 #885254 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 5 YOU fixes can now be installed. It includes three new package versions. Description: This update for the Software Update Stack provides the following fixes and enhancements: libsatsolver: * Use sed instead of grep to remove the line from files with no newlines. (bnc#876297) libzypp: * Fix wrong '//' when extending URLs with an empty path. (bnc#885254) * Use dummy licenses in test data. (bnc#862471) * Install zypp-NameReqPrv helper for evaluating testcases. zypper: * Fix 'zypper --root sh' creating the zypp lockfile outside chroot. (bnc#575096,bnc#883411) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-softwaremgmt-201407-9588 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-softwaremgmt-201407-9588 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-softwaremgmt-201407-9588 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-softwaremgmt-201407-9588 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.8 and 9.37.8]: libsatsolver-devel-0.17.8-0.5.1 libzypp-devel-9.37.8-0.7.10 ruby-satsolver-0.44.5-0.5.148 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.17.8,1.6.315 and 9.37.8]: libzypp-9.37.8-0.7.10 perl-satsolver-0.44.5-0.5.148 python-satsolver-0.44.5-0.5.148 satsolver-tools-0.17.8-0.5.1 zypper-1.6.315-0.7.15 zypper-log-1.6.315-0.7.15 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.8,1.6.315 and 9.37.8]: libzypp-9.37.8-0.7.10 perl-satsolver-0.44.5-0.5.148 python-satsolver-0.44.5-0.5.148 satsolver-tools-0.17.8-0.5.1 zypper-1.6.315-0.7.15 zypper-log-1.6.315-0.7.15 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.17.8,1.6.315 and 9.37.8]: libzypp-9.37.8-0.7.10 perl-satsolver-0.44.5-0.5.148 python-satsolver-0.44.5-0.5.148 satsolver-tools-0.17.8-0.5.1 zypper-1.6.315-0.7.15 zypper-log-1.6.315-0.7.15 References: https://bugzilla.novell.com/575096 https://bugzilla.novell.com/862471 https://bugzilla.novell.com/876297 https://bugzilla.novell.com/883411 https://bugzilla.novell.com/885254 http://download.suse.com/patch/finder/?keywords=5678a2591f6a4b860528030557292213 From sle-updates at lists.suse.com Thu Aug 14 17:04:15 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Aug 2014 01:04:15 +0200 (CEST) Subject: SUSE-SU-2014:1022-1: Security update for CUPS Message-ID: <20140814230415.A9B183218D@maintenance.suse.de> SUSE Security Update: Security update for CUPS ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1022-1 Rating: low References: #887240 Cross-References: CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update fixes various issues in CUPS. * CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031: Various insufficient symbolic link checking could have lead to privilege escalation from the lp user to root. Security Issues: * CVE-2014-3537 * CVE-2014-5029 * CVE-2014-5030 * CVE-2014-5031 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-cups-9561 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-cups-9561 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-cups-9561 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-cups-9561 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): cups-devel-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): cups-1.3.9-8.46.52.2 cups-client-1.3.9-8.46.52.2 cups-libs-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): cups-libs-32bit-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): cups-1.3.9-8.46.52.2 cups-client-1.3.9-8.46.52.2 cups-libs-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): cups-libs-32bit-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): cups-libs-x86-1.3.9-8.46.52.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): cups-1.3.9-8.46.52.2 cups-client-1.3.9-8.46.52.2 cups-libs-1.3.9-8.46.52.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): cups-libs-32bit-1.3.9-8.46.52.2 References: http://support.novell.com/security/cve/CVE-2014-3537.html http://support.novell.com/security/cve/CVE-2014-5029.html http://support.novell.com/security/cve/CVE-2014-5030.html http://support.novell.com/security/cve/CVE-2014-5031.html https://bugzilla.novell.com/887240 http://download.suse.com/patch/finder/?keywords=fa7cdc0f2ddd300c47dbfe3a29f13b51 From sle-updates at lists.suse.com Thu Aug 14 17:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Aug 2014 01:04:39 +0200 (CEST) Subject: SUSE-SU-2014:1023-1: Security update for CUPS Message-ID: <20140814230439.AC60C32194@maintenance.suse.de> SUSE Security Update: Security update for CUPS ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1023-1 Rating: low References: #789566 #802408 #827109 #887240 Cross-References: CVE-2014-3537 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update fixes various issues in CUPS. * CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031: Various insufficient symbolic link checking could lead to privilege escalation from the lp user to root. * Similar to that, this update hardens various permissions of CUPS, which could have been used by users allowed to administrate the CUPS Server to escalate privileges to "root". * CVE-2012-5519: The patch adds better default protection against misuse of privileges by normal users who have been specifically allowed by root to do cupsd configuration changes The new ConfigurationChangeRestriction cupsd.conf directive specifies the level of restriction for cupsd.conf changes that happen via HTTP/IPP requests to the running cupsd (e.g. via CUPS web interface or via the cupsctl command). By default certain cupsd.conf directives that deal with filenames, paths, and users can no longer be changed via requests to the running cupsd but only by manual editing the cupsd.conf file and its default file permissions permit only root to write the cupsd.conf file. Those directives are: ConfigurationChangeRestriction, AccessLog, BrowseLDAPCACertFile, CacheDir, ConfigFilePerm, DataDir, DocumentRoot, ErrorLog, FileDevice, FontPath, Group, LogFilePerm, PageLog, Printcap, PrintcapFormat, PrintcapGUI, RemoteRoot, RequestRoot, ServerBin, ServerCertificate, ServerKey, ServerRoot, StateDir, SystemGroup, SystemGroupAuthKey, TempDir, User. The default group of users who are allowed to do cupsd configuration changes via requests to the running cupsd (i.e. the SystemGroup directive in cupsd.conf) is set to 'root' only. Additional bugfixes: * A trailing "@REALM" is stripped from the username for Kerberos authentication (CUPS STR#3972 bnc#827109). * The hardcoded printing delay of 5 seconds for the "socket" backend conditional only on Mac OS X which is the only platform that needs it (CUPS STR#3495 bnc#802408). Security Issues: * CVE-2014-3537 * CVE-2012-5519 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-cups-9560 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): cups-1.3.9-8.46.52.2 cups-client-1.3.9-8.46.52.2 cups-libs-1.3.9-8.46.52.2 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64): cups-libs-32bit-1.3.9-8.46.52.2 References: http://support.novell.com/security/cve/CVE-2014-3537.html https://bugzilla.novell.com/789566 https://bugzilla.novell.com/802408 https://bugzilla.novell.com/827109 https://bugzilla.novell.com/887240 http://download.suse.com/patch/finder/?keywords=9fa4ff390778044cbd28b976bb279a78 From sle-updates at lists.suse.com Fri Aug 15 13:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Aug 2014 21:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1026-1: moderate: Recommended update for cron Message-ID: <20140815190414.6EFF2321A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for cron ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1026-1 Rating: moderate References: #853010 #879734 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for cron provides the following fixes: * Fix wrong mtime when re-running cron scripts. (bnc#879734) * Fix ambiguity in the crontab(5) man page. (bnc#853010) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-cron-9586 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-cron-9586 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-cron-9586 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): cron-4.1-194.209.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): cron-4.1-194.209.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): cron-4.1-194.209.1 References: https://bugzilla.novell.com/853010 https://bugzilla.novell.com/879734 http://download.suse.com/patch/finder/?keywords=639829d13e45548d472c95f7f6a514a3 From sle-updates at lists.suse.com Fri Aug 15 14:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Aug 2014 22:04:14 +0200 (CEST) Subject: SUSE-SU-2014:1027-1: moderate: Security update for glibc Message-ID: <20140815200414.BAB20321A1@maintenance.suse.de> SUSE Security Update: Security update for glibc ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1027-1 Rating: moderate References: #882028 #886416 #887022 Cross-References: CVE-2014-0475 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This glibc update contains one security and two non security fixes: * bnc#887022: directory traversal in LC_* locale handling (CVE-2014-0475) * bnc#882028: nscd gets activated upon upgrade * bnc#886416: iconv command inserts a extra control code "0F" Security Issues: * CVE-2014-0475 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-glibc-9587 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-glibc-9587 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-glibc-9587 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-glibc-9587 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): glibc-html-2.11.3-17.68.1 glibc-info-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): glibc-2.11.3-17.68.1 glibc-devel-2.11.3-17.68.1 glibc-html-2.11.3-17.68.1 glibc-i18ndata-2.11.3-17.68.1 glibc-info-2.11.3-17.68.1 glibc-locale-2.11.3-17.68.1 glibc-profile-2.11.3-17.68.1 nscd-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): glibc-32bit-2.11.3-17.68.1 glibc-devel-32bit-2.11.3-17.68.1 glibc-locale-32bit-2.11.3-17.68.1 glibc-profile-32bit-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 (i586 i686 ia64 ppc64 s390x x86_64): glibc-2.11.3-17.68.1 glibc-devel-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): glibc-html-2.11.3-17.68.1 glibc-i18ndata-2.11.3-17.68.1 glibc-info-2.11.3-17.68.1 glibc-locale-2.11.3-17.68.1 glibc-profile-2.11.3-17.68.1 nscd-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): glibc-32bit-2.11.3-17.68.1 glibc-devel-32bit-2.11.3-17.68.1 glibc-locale-32bit-2.11.3-17.68.1 glibc-profile-32bit-2.11.3-17.68.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): glibc-locale-x86-2.11.3-17.68.1 glibc-profile-x86-2.11.3-17.68.1 glibc-x86-2.11.3-17.68.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 i686 x86_64): glibc-2.11.3-17.68.1 glibc-devel-2.11.3-17.68.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): glibc-i18ndata-2.11.3-17.68.1 glibc-locale-2.11.3-17.68.1 nscd-2.11.3-17.68.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): glibc-32bit-2.11.3-17.68.1 glibc-devel-32bit-2.11.3-17.68.1 glibc-locale-32bit-2.11.3-17.68.1 References: http://support.novell.com/security/cve/CVE-2014-0475.html https://bugzilla.novell.com/882028 https://bugzilla.novell.com/886416 https://bugzilla.novell.com/887022 http://download.suse.com/patch/finder/?keywords=ba7c8e7c417922fd7283df2106f9e011 From sle-updates at lists.suse.com Fri Aug 15 17:04:17 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 Aug 2014 01:04:17 +0200 (CEST) Subject: SUSE-SU-2014:1028-1: important: Security update for krb5 Message-ID: <20140815230417.645203218D@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1028-1 Rating: important References: #891082 Cross-References: CVE-2014-4345 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This MIT krb5 update fixes a buffer overrun problem in kadmind: * bnc#891082: buffer overrun in kadmind with LDAP back end (MITKRB5-SA-2014-001) (CVE-2014-4345) MIT krb5 Security Advisory 2014-001 * http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt Security Issues: * CVE-2014-4345 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-krb5-9606 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-krb5-9606 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-krb5-9606 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-krb5-9606 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.62.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.62.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): krb5-server-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): krb5-1.6.3-133.49.62.1 krb5-apps-clients-1.6.3-133.49.62.1 krb5-apps-servers-1.6.3-133.49.62.1 krb5-client-1.6.3-133.49.62.1 krb5-plugin-kdb-ldap-1.6.3-133.49.62.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.62.1 krb5-server-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): krb5-32bit-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): krb5-doc-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.62.1 krb5-apps-clients-1.6.3-133.49.62.1 krb5-apps-servers-1.6.3-133.49.62.1 krb5-client-1.6.3-133.49.62.1 krb5-plugin-kdb-ldap-1.6.3-133.49.62.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.62.1 krb5-server-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): krb5-doc-1.6.3-133.49.62.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): krb5-x86-1.6.3-133.49.62.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): krb5-1.6.3-133.49.62.1 krb5-client-1.6.3-133.49.62.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): krb5-32bit-1.6.3-133.49.62.1 References: http://support.novell.com/security/cve/CVE-2014-4345.html https://bugzilla.novell.com/891082 http://download.suse.com/patch/finder/?keywords=6d08c2f838c570a86cddae30d26cc867 From sle-updates at lists.suse.com Mon Aug 18 13:04:12 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Aug 2014 21:04:12 +0200 (CEST) Subject: SUSE-RU-2014:1032-1: Recommended update for Mesa Message-ID: <20140818190412.3B2E9321A4@maintenance.suse.de> SUSE Recommended Update: Recommended update for Mesa ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1032-1 Rating: low References: #838893 #874107 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Mesa provides the following fixes: * Re-enable build and packaging of OSMesa libs. (bnc#874107) * Build against fixed llvm, addressing a problem that prevented X from starting on some VIA cpus. (bnc#838893) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-Mesa-9594 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-Mesa-9594 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-Mesa-9594 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-Mesa-9594 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): Mesa-devel-9.0.3-0.27.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): Mesa-devel-32bit-9.0.3-0.27.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): Mesa-9.0.3-0.27.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): Mesa-32bit-9.0.3-0.27.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): Mesa-9.0.3-0.27.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): Mesa-32bit-9.0.3-0.27.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): Mesa-x86-9.0.3-0.27.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): Mesa-9.0.3-0.27.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): Mesa-32bit-9.0.3-0.27.2 References: https://bugzilla.novell.com/838893 https://bugzilla.novell.com/874107 http://download.suse.com/patch/finder/?keywords=c6fd07f12164c0f9f6feb515f2ae4c0b From sle-updates at lists.suse.com Mon Aug 18 16:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Aug 2014 00:04:13 +0200 (CEST) Subject: SUSE-SU-2014:1033-1: moderate: Security update for openssl1 Message-ID: <20140818220414.00C09321A1@maintenance.suse.de> SUSE Security Update: Security update for openssl1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1033-1 Rating: moderate References: #889812 #890764 #890767 #890768 #890769 #890770 Cross-References: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 Affected Products: SUSE Linux Enterprise Security Module 11 SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This openssl update fixes the following security issues: * bnc#890764: Information leak in pretty printing functions (CVE-2014-3508) * bnc#890767: Double Free when processing DTLS packets (CVE-2014-3505) * bnc#890768: DTLS memory exhaustion (CVE-2014-3506) * bnc#890769: DTLS memory leak from zero-length fragments (CVE-2014-3507) * bnc#890770: DTLS anonymous EC(DH) denial of service (CVE-2014-3510) README.SuSE has been updated to give some initial development guidance on how to use and compile with OpenSSL 1.0.1. Security Issues: * CVE-2014-5139 * CVE-2014-3505 * CVE-2014-3506 * CVE-2014-3507 * CVE-2014-3508 * CVE-2014-3509 * CVE-2014-3510 * CVE-2014-3511 * CVE-2014-3512 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Security Module 11 SP3: zypper in -t patch secsp3-libopenssl1-devel-9599 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl1-devel-1.0.1g-0.20.1 libopenssl1_0_0-1.0.1g-0.20.1 openssl1-1.0.1g-0.20.1 openssl1-doc-1.0.1g-0.20.1 - SUSE Linux Enterprise Security Module 11 SP3 (ppc64 s390x x86_64): libopenssl1_0_0-32bit-1.0.1g-0.20.1 - SUSE Linux Enterprise Security Module 11 SP3 (ia64): libopenssl1_0_0-x86-1.0.1g-0.20.1 References: http://support.novell.com/security/cve/CVE-2014-3505.html http://support.novell.com/security/cve/CVE-2014-3506.html http://support.novell.com/security/cve/CVE-2014-3507.html http://support.novell.com/security/cve/CVE-2014-3508.html http://support.novell.com/security/cve/CVE-2014-3509.html http://support.novell.com/security/cve/CVE-2014-3510.html http://support.novell.com/security/cve/CVE-2014-3511.html http://support.novell.com/security/cve/CVE-2014-3512.html http://support.novell.com/security/cve/CVE-2014-5139.html https://bugzilla.novell.com/889812 https://bugzilla.novell.com/890764 https://bugzilla.novell.com/890767 https://bugzilla.novell.com/890768 https://bugzilla.novell.com/890769 https://bugzilla.novell.com/890770 http://download.suse.com/patch/finder/?keywords=f511564183b6f13c2dc78cf5451408d0 From sle-updates at lists.suse.com Mon Aug 18 17:04:21 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Aug 2014 01:04:21 +0200 (CEST) Subject: SUSE-SU-2014:1034-1: moderate: Security update for openstack-neutron Message-ID: <20140818230421.DE88C32067@maintenance.suse.de> SUSE Security Update: Security update for openstack-neutron ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1034-1 Rating: moderate References: #887348 Cross-References: CVE-2014-3555 Affected Products: SUSE Cloud 3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: OpenStack Neutron has been updated to fix bugs and security issues: Security issue fixed: * CVE-2014-3555: openstack-neutron: Denial of Service in Neutron allowed address pair Bug Fixes and Enhancements: * Fixed dhcp & gateway ip conflict in PLUMgrid plug-in * Updated from global requirements * Ensure routing key is specified in the address for a direct producer * Improve handling of security group updates * Ensure that session is rolled back on bulk creates * Allow multiple DNS forwarders for dnsmasq * Fix get_vif_port_by_id to only return relevant ports * Remove explicit dependency on amqplib * LBaaS add missing rootwrap filter for route * NVP plugin:fix delete sec group when backend is out of sync * Kill 'Skipping unknown group key: firewall_driver' log trace * Added missing plugin .ini files to setup.cfg * OVS lib defer apply doesn't handle concurrency * Fixed floating IP logic in PLUMgrid plug-in * tests/unit: Initialize core plugin in TestL3GwModeMixin * Install SNAT rules for ipv4 only * Optionally delete name spaces when they are no longer needed * l2-population : send flooding entries when the last port goes down * l2-population/lb/vxlan : ip neigh add command failed * Fixes the Hyper-V agent individual ports metrics * Call policy.init() once per API request * Call _destroy_metadata_proxy from _destroy_router_name spaces * ml2: gre, vxlan type driver can leak segment_id Security Issues: * CVE-2014-3555 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 3: zypper in -t patch sleclo30sp3-openstack-neutron-9567 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 3 (x86_64) [New Version: 2013.2.4.dev93.gf569afd]: openstack-neutron-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-dhcp-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-ha-tool-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-l3-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-lbaas-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-linuxbridge-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-metadata-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-metering-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-mlnx-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-nec-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-openvswitch-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-plugin-cisco-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-ryu-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-server-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-vmware-agent-2013.2.4.dev93.gf569afd-0.7.1 openstack-neutron-vpn-agent-2013.2.4.dev93.gf569afd-0.7.1 python-neutron-2013.2.4.dev93.gf569afd-0.7.1 - SUSE Cloud 3 (noarch) [New Version: 2013.2.4.dev93.gf569afd]: openstack-neutron-doc-2013.2.4.dev93.gf569afd-0.7.1 References: http://support.novell.com/security/cve/CVE-2014-3555.html https://bugzilla.novell.com/887348 http://download.suse.com/patch/finder/?keywords=82fb0da16541b6f979190147212a9a2f From sle-updates at lists.suse.com Mon Aug 18 17:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Aug 2014 01:04:42 +0200 (CEST) Subject: SUSE-SU-2014:1035-1: important: Security update for flash-player Message-ID: <20140818230442.1724D32067@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1035-1 Rating: important References: #891688 Cross-References: CVE-2014-0538 CVE-2014-0540 CVE-2014-0541 CVE-2014-0542 CVE-2014-0543 CVE-2014-0544 CVE-2014-0545 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. It includes one version update. Description: This flash-player update fixes the following security issues: * These updates resolve memory leakage vulnerabilities that could have been used to bypass memory address randomization (CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545). * These updates resolve a security bypass vulnerability (CVE-2014-0541). * These updates resolve a use-after-free vulnerability that could have lead to code execution (CVE-2014-0538). Find more details under http://helpx.adobe.com/security/products/flash-player/apsb14-18.html Security Issues: * CVE-2014-0538 * CVE-2014-0540 * CVE-2014-0541 * CVE-2014-0542 * CVE-2014-0543 * CVE-2014-0544 * CVE-2014-0545 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-9612 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.400]: flash-player-11.2.202.400-0.3.1 flash-player-gnome-11.2.202.400-0.3.1 flash-player-kde4-11.2.202.400-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-0538.html http://support.novell.com/security/cve/CVE-2014-0540.html http://support.novell.com/security/cve/CVE-2014-0541.html http://support.novell.com/security/cve/CVE-2014-0542.html http://support.novell.com/security/cve/CVE-2014-0543.html http://support.novell.com/security/cve/CVE-2014-0544.html http://support.novell.com/security/cve/CVE-2014-0545.html https://bugzilla.novell.com/891688 http://download.suse.com/patch/finder/?keywords=45b3cfc443642a9e3f85e156ff8996b7 From sle-updates at lists.suse.com Tue Aug 19 15:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Aug 2014 23:04:13 +0200 (CEST) Subject: SUSE-OU-2014:1036-1: Optional update for pulseaudio Message-ID: <20140819210413.1E5F0321A5@maintenance.suse.de> SUSE Optional Update: Optional update for pulseaudio ______________________________________________________________________________ Announcement ID: SUSE-OU-2014:1036-1 Rating: low References: #892061 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This optional update provides 32-bit versions of libpulse-mainloop-glib0. Indications: Any user can install this package. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libpulse-mainloop-glib0-32bit-9617 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libpulse-mainloop-glib0-32bit-9617 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libpulse-mainloop-glib0-32bit-9617 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libpulse-mainloop-glib0-32bit-9617 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-devel-0.9.23-0.17.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libpulse-browse0-0.9.23-0.17.1 libpulse-mainloop-glib0-0.9.23-0.17.1 libpulse0-0.9.23-0.17.1 pulseaudio-0.9.23-0.17.1 pulseaudio-esound-compat-0.9.23-0.17.1 pulseaudio-gdm-hooks-0.9.23-0.17.1 pulseaudio-lang-0.9.23-0.17.1 pulseaudio-module-x11-0.9.23-0.17.1 pulseaudio-module-zeroconf-0.9.23-0.17.1 pulseaudio-utils-0.9.23-0.17.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libpulse-mainloop-glib0-32bit-0.9.23-0.17.1 libpulse0-32bit-0.9.23-0.17.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libpulse-browse0-0.9.23-0.17.1 libpulse-mainloop-glib0-0.9.23-0.17.1 libpulse0-0.9.23-0.17.1 pulseaudio-0.9.23-0.17.1 pulseaudio-esound-compat-0.9.23-0.17.1 pulseaudio-gdm-hooks-0.9.23-0.17.1 pulseaudio-lang-0.9.23-0.17.1 pulseaudio-module-x11-0.9.23-0.17.1 pulseaudio-module-zeroconf-0.9.23-0.17.1 pulseaudio-utils-0.9.23-0.17.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libpulse-mainloop-glib0-32bit-0.9.23-0.17.1 libpulse0-32bit-0.9.23-0.17.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libpulse-mainloop-glib0-x86-0.9.23-0.17.1 libpulse0-x86-0.9.23-0.17.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libpulse-browse0-0.9.23-0.17.1 libpulse-mainloop-glib0-0.9.23-0.17.1 libpulse0-0.9.23-0.17.1 pulseaudio-0.9.23-0.17.1 pulseaudio-esound-compat-0.9.23-0.17.1 pulseaudio-gdm-hooks-0.9.23-0.17.1 pulseaudio-lang-0.9.23-0.17.1 pulseaudio-module-bluetooth-0.9.23-0.17.1 pulseaudio-module-gconf-0.9.23-0.17.1 pulseaudio-module-jack-0.9.23-0.17.1 pulseaudio-module-lirc-0.9.23-0.17.1 pulseaudio-module-x11-0.9.23-0.17.1 pulseaudio-module-zeroconf-0.9.23-0.17.1 pulseaudio-utils-0.9.23-0.17.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libpulse-mainloop-glib0-32bit-0.9.23-0.17.1 libpulse0-32bit-0.9.23-0.17.1 References: https://bugzilla.novell.com/892061 http://download.suse.com/patch/finder/?keywords=eedfd66788ea60fb45f17844751a3455 From sle-updates at lists.suse.com Tue Aug 19 16:04:15 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Aug 2014 00:04:15 +0200 (CEST) Subject: SUSE-SU-2014:1037-1: moderate: Security update for IBM Java 1.7.0 Message-ID: <20140819220415.58C77321A5@maintenance.suse.de> SUSE Security Update: Security update for IBM Java 1.7.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1037-1 Rating: moderate References: #891701 Cross-References: CVE-2014-4208 CVE-2014-4209 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Java 11 SP3 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: IBM Java 1.7.0 has been updated to fix 14 security issues. Security Issues: * CVE-2014-4227 * CVE-2014-4262 * CVE-2014-4219 * CVE-2014-4209 * CVE-2014-4220 * CVE-2014-4268 * CVE-2014-4218 * CVE-2014-4252 * CVE-2014-4266 * CVE-2014-4265 * CVE-2014-4221 * CVE-2014-4263 * CVE-2014-4244 * CVE-2014-4208 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_7_0-ibm-9616 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_7_0-ibm-9616 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_7_0-ibm-9616 - SUSE Linux Enterprise Java 11 SP3: zypper in -t patch slejsp3-java-1_7_0-ibm-9616 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr7.1-0.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-alsa-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr7.1-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr7.1-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr7.1-0.5.1 - SUSE Linux Enterprise Java 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr7.1-0.5.1 - SUSE Linux Enterprise Java 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr7.1-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr7.1-0.5.1 References: http://support.novell.com/security/cve/CVE-2014-4208.html http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4220.html http://support.novell.com/security/cve/CVE-2014-4221.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4266.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/891701 http://download.suse.com/patch/finder/?keywords=39767f436d50cb197ecce17413b1ad0c From sle-updates at lists.suse.com Wed Aug 20 16:05:20 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Aug 2014 00:05:20 +0200 (CEST) Subject: SUSE-RU-2014:1048-1: Recommended update for aaa_base Message-ID: <20140820220520.514F1321A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1048-1 Rating: low References: #761815 #832107 #862658 #875118 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for aaa_base provides the following fixes and enhancements: * In boot.localfs, if fsck supports the "-r" option, use that to create the /fsck_corrected_errors file for non-zero exit of fsck. (bnc#761815) * Add "-t noopts=_netdev" to boot.localfs to exclude netdev devices from global fsck. (bnc#832107) * Fix error message if zsh sources xdg-environment.sh if some paths do not exist. (bnc#875118) * Modify sysconfig.sysctl template to update IPV6_PRIVACY sysctl variable type and description on package update. (bnc#862658) * Fix handling of IPV6_PRIVACY in boot.ipconfig and introduce new values 1 and 2. (bnc#862658) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-aaa_base-9584 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-aaa_base-9584 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-aaa_base-9584 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): aaa_base-11-6.94.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.94.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): aaa_base-11-6.94.1 References: https://bugzilla.novell.com/761815 https://bugzilla.novell.com/832107 https://bugzilla.novell.com/862658 https://bugzilla.novell.com/875118 http://download.suse.com/patch/finder/?keywords=e07ac8d3f4783d4c13d8376f5fdef0dd From sle-updates at lists.suse.com Wed Aug 20 17:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Aug 2014 01:04:14 +0200 (CEST) Subject: SUSE-SU-2014:1049-1: moderate: Security update for OpenSSL Message-ID: <20140820230414.992BA3218E@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1049-1 Rating: moderate References: #890764 #890767 #890768 #890769 #890770 Cross-References: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This OpenSSL update fixes the following security issue: * bnc#890764: Information leak in pretty printing functions (CVE-2014-3508) * bnc#890767: Double Free when processing DTLS packets (CVE-2014-3505) * bnc#890768: DTLS memory exhaustion (CVE-2014-3506) * bnc#890769: DTLS memory leak from zero-length fragments (CVE-2014-3507) * bnc#890770: DTLS anonymous EC(DH) denial of service (CVE-2014-3510) Security Issues: * CVE-2014-3508 * CVE-2014-3505 * CVE-2014-3506 * CVE-2014-3507 * CVE-2014-3510 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libopenssl-devel-9598 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libopenssl-devel-9598 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libopenssl-devel-9598 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libopenssl-devel-9598 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.62.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libopenssl0_9_8-0.9.8j-0.62.1 libopenssl0_9_8-hmac-0.9.8j-0.62.1 openssl-0.9.8j-0.62.1 openssl-doc-0.9.8j-0.62.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.62.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.62.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.62.1 libopenssl0_9_8-hmac-0.9.8j-0.62.1 openssl-0.9.8j-0.62.1 openssl-doc-0.9.8j-0.62.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.62.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.62.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libopenssl0_9_8-x86-0.9.8j-0.62.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.62.1 openssl-0.9.8j-0.62.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.62.1 References: http://support.novell.com/security/cve/CVE-2014-3505.html http://support.novell.com/security/cve/CVE-2014-3506.html http://support.novell.com/security/cve/CVE-2014-3507.html http://support.novell.com/security/cve/CVE-2014-3508.html http://support.novell.com/security/cve/CVE-2014-3510.html https://bugzilla.novell.com/890764 https://bugzilla.novell.com/890767 https://bugzilla.novell.com/890768 https://bugzilla.novell.com/890769 https://bugzilla.novell.com/890770 http://download.suse.com/patch/finder/?keywords=30032dcfaed48d7e5c0c3457c07419da From sle-updates at lists.suse.com Wed Aug 20 17:05:17 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Aug 2014 01:05:17 +0200 (CEST) Subject: SUSE-OU-2014:1050-1: Optional update for grub2 Message-ID: <20140820230517.E6C2B321A1@maintenance.suse.de> SUSE Optional Update: Optional update for grub2 ______________________________________________________________________________ Announcement ID: SUSE-OU-2014:1050-1 Rating: low References: #882092 #892301 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two optional fixes can now be installed. Description: This patch provides grub2-x86_64-xen. This new package should be installed on Xen virtualization servers that host SUSE Linux Enterprise 12 virtual machines. Indications: Users deploying SLE 12 guests should install this package. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-grub2-9621 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-grub2-9621 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-grub2-9621 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): grub2-x86_64-efi-2.00-0.45.1 grub2-x86_64-xen-2.00-0.45.1 - SUSE Linux Enterprise Server 11 SP3 (x86_64): grub2-x86_64-efi-2.00-0.45.1 grub2-x86_64-xen-2.00-0.45.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): grub2-x86_64-efi-2.00-0.45.1 References: https://bugzilla.novell.com/882092 https://bugzilla.novell.com/892301 http://download.suse.com/patch/finder/?keywords=28d01e1e6a2d454d3d0713246db04698 From sle-updates at lists.suse.com Thu Aug 21 15:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Aug 2014 23:04:13 +0200 (CEST) Subject: SUSE-RU-2014:1053-1: Recommended update for KDE4 Message-ID: <20140821210413.0E5B6321AF@maintenance.suse.de> SUSE Recommended Update: Recommended update for KDE4 ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1053-1 Rating: low References: #808061 #853986 #855643 #867250 #879084 #880279 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This collective update for KDE4 provides the following fixes: kdebase4: * Konsole: On a new tab, set the shell's current working directory to the same directory as the current tab instead of $HOME. (bnc#880279) * Konsole: Add a --force-newprocess parameter that forces the creation of a new konsole process instead of reusing an already running one. (bnc#879084) * Konsole: On a new tab, start a new shell instead of cloning the the current tab. (bnc#867250) * Konsole: Add back Root_Shell.profile, fixing the creation of terminals in "Super User Mode". (bnc#808061) kdegraphics4: * Okular: Fix landscape printing. (bnc#855643) phonon: * When phonon has to fallback to another device and PulseAudio is used, change the device priority in the configuration so a notification is not shown in every desktop login. (bnc#853986) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-kde4-201408-9608 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kde4-201408-9608 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kde4-201408-9608 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kde4-201408-9608 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libkdcraw7-4.3.5-0.4.1 libkexiv2-7-4.3.5-0.4.1 libkexiv2-devel-4.3.5-0.4.1 libkipi-devel-4.3.5-0.4.1 libkonq-devel-4.3.5-0.14.1 okular-devel-4.3.5-0.4.1 phonon-devel-4.3.1-3.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): kdegraphics4-4.3.5-0.4.1 libksane0-4.3.5-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64): libphonon4-32bit-4.3.1-3.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): dolphin-4.3.5-0.14.1 gwenview-4.3.5-0.4.1 kcolorchooser-4.3.5-0.4.1 kdebase4-4.3.5-0.14.1 kdebase4-libkonq-4.3.5-0.14.1 kdepasswd-4.3.5-0.14.1 kdialog-4.3.5-0.14.1 keditbookmarks-4.3.5-0.14.1 kfind-4.3.5-0.14.1 kinfocenter-4.3.5-0.14.1 konqueror-4.3.5-0.14.1 konsole-4.3.5-0.14.1 kruler-4.3.5-0.4.1 ksnapshot-4.3.5-0.4.1 kwrite-4.3.5-0.14.1 libkexiv2-7-4.3.5-0.4.1 libkipi6-4.3.5-0.4.1 libkonq5-4.3.5-0.14.1 libphonon4-4.3.1-3.5.1 okular-4.3.5-0.4.1 phonon-4.3.1-3.5.1 phonon-backend-gstreamer-0_10-4.3.1-3.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libphonon4-32bit-4.3.1-3.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): dolphin-4.3.5-0.14.1 gwenview-4.3.5-0.4.1 kcolorchooser-4.3.5-0.4.1 kdebase4-4.3.5-0.14.1 kdebase4-libkonq-4.3.5-0.14.1 kdepasswd-4.3.5-0.14.1 kdialog-4.3.5-0.14.1 keditbookmarks-4.3.5-0.14.1 kfind-4.3.5-0.14.1 kinfocenter-4.3.5-0.14.1 konqueror-4.3.5-0.14.1 konsole-4.3.5-0.14.1 kruler-4.3.5-0.4.1 ksnapshot-4.3.5-0.4.1 kwrite-4.3.5-0.14.1 libkexiv2-7-4.3.5-0.4.1 libkipi6-4.3.5-0.4.1 libkonq5-4.3.5-0.14.1 libphonon4-4.3.1-3.5.1 okular-4.3.5-0.4.1 phonon-4.3.1-3.5.1 phonon-backend-gstreamer-0_10-4.3.1-3.5.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libphonon4-32bit-4.3.1-3.5.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libphonon4-x86-4.3.1-3.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): dolphin-4.3.5-0.14.1 gwenview-4.3.5-0.4.1 kcolorchooser-4.3.5-0.4.1 kdebase4-4.3.5-0.14.1 kdebase4-libkonq-4.3.5-0.14.1 kdebase4-nsplugin-4.3.5-0.14.1 kdegraphics4-4.3.5-0.4.1 kdepasswd-4.3.5-0.14.1 kdialog-4.3.5-0.14.1 keditbookmarks-4.3.5-0.14.1 kfind-4.3.5-0.14.1 kgamma-4.3.5-0.4.1 kinfocenter-4.3.5-0.14.1 kio_kamera-4.3.5-0.4.1 konqueror-4.3.5-0.14.1 konsole-4.3.5-0.14.1 kruler-4.3.5-0.4.1 ksnapshot-4.3.5-0.4.1 kwrite-4.3.5-0.14.1 libkdcraw7-4.3.5-0.4.1 libkexiv2-7-4.3.5-0.4.1 libkipi6-4.3.5-0.4.1 libkonq5-4.3.5-0.14.1 libksane0-4.3.5-0.4.1 libphonon4-4.3.1-3.5.1 okular-4.3.5-0.4.1 phonon-4.3.1-3.5.1 phonon-backend-gstreamer-0_10-4.3.1-3.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libphonon4-32bit-4.3.1-3.5.1 References: https://bugzilla.novell.com/808061 https://bugzilla.novell.com/853986 https://bugzilla.novell.com/855643 https://bugzilla.novell.com/867250 https://bugzilla.novell.com/879084 https://bugzilla.novell.com/880279 http://download.suse.com/patch/finder/?keywords=c27126f6b42842a72cd4a2957f16605f From sle-updates at lists.suse.com Thu Aug 21 16:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Aug 2014 00:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1054-1: Recommended update for gdm Message-ID: <20140821220414.46556320B4@maintenance.suse.de> SUSE Recommended Update: Recommended update for gdm ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1054-1 Rating: low References: #851664 #858135 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for gdm provides fixes for the following issues: * Remote connections using xdmcp causes gdm could have crashed when resolv.conf was not configured. (bnc#858135) * In some circumstances, when authentication was configured with pam_tally2, a warning message would have been logged every 20 minutes by gdm-session-worker. (bnc#851664) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gdm-9609 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gdm-9609 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gdm-9609 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gdm-2.24.0-24.96.3 gdm-branding-upstream-2.24.0-24.96.3 gdm-lang-2.24.0-24.96.3 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gdm-2.24.0-24.96.3 gdm-branding-upstream-2.24.0-24.96.3 gdm-lang-2.24.0-24.96.3 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gdm-2.24.0-24.96.3 gdm-branding-upstream-2.24.0-24.96.3 gdm-lang-2.24.0-24.96.3 References: https://bugzilla.novell.com/851664 https://bugzilla.novell.com/858135 http://download.suse.com/patch/finder/?keywords=14785bb59439f79e22fe3d31fd4251ea From sle-updates at lists.suse.com Thu Aug 21 16:04:48 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Aug 2014 00:04:48 +0200 (CEST) Subject: SUSE-SU-2014:1055-1: moderate: Security update for IBM Java Message-ID: <20140821220448.846CD321B7@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1055-1 Rating: moderate References: #891700 Cross-References: CVE-2014-4209 CVE-2014-4218 CVE-2014-4219 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4265 CVE-2014-4268 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: java-1_6_0-ibm has been updated to fix ten security issues. Security Issues: * CVE-2014-4227 * CVE-2014-4262 * CVE-2014-4219 * CVE-2014-4209 * CVE-2014-4268 * CVE-2014-4218 * CVE-2014-4252 * CVE-2014-4265 * CVE-2014-4263 * CVE-2014-4244 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-9615 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-9615 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-9615 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.1-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.1-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/891700 http://download.suse.com/patch/finder/?keywords=de91c30b9678a8b41a29b3124d9a2b83 From sle-updates at lists.suse.com Thu Aug 21 17:04:16 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Aug 2014 01:04:16 +0200 (CEST) Subject: SUSE-RU-2014:1056-1: Recommended update for kernel-firmware Message-ID: <20140821230416.A204D3218E@maintenance.suse.de> SUSE Recommended Update: Recommended update for kernel-firmware ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1056-1 Rating: low References: #842610 #845352 #850526 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for kernel-firmware provides the following fixes and enhancements: * Update QLogic's ql2400_fw.bin to version 7.03.00 MID. (bnc#850526) * Update QLogic's ql2500_fw.bin to version 7.03.00 MIDQ. (bnc#850526) * Add firmware for Realtek 8168G Ethernet. (bnc#845352) * Add a symlink to a firmware file name with a different chip revision for Intel WP BT. (bnc#842610) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kernel-firmware-9610 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kernel-firmware-9610 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kernel-firmware-9610 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): kernel-firmware-20110923-0.52.3 - SUSE Linux Enterprise Server 11 SP3 (noarch): kernel-firmware-20110923-0.52.3 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): kernel-firmware-20110923-0.52.3 References: https://bugzilla.novell.com/842610 https://bugzilla.novell.com/845352 https://bugzilla.novell.com/850526 http://download.suse.com/patch/finder/?keywords=8936b44d0ab968ebbb3e71a91083c825 From sle-updates at lists.suse.com Thu Aug 21 19:04:15 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Aug 2014 03:04:15 +0200 (CEST) Subject: SUSE-RU-2014:1057-1: Recommended update for sg3_utils Message-ID: <20140822010415.700A03218E@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1057-1 Rating: low References: #863357 #876454 #888826 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for sg3_utils provides the following fixes: * sg_inq: Suppress warning messages for --export. (bnc#876454) * sg_inq: Backport encode_whitespaces from upstream. (bnc#876454) * sg_inq: Fix overflow in encode_whitespaces. (bnc#876454) * Fix backwards compatibility with some applications by adding a libsgutils.so symbolic link. (bnc#888826) * Drop white spaces in inquiry fields. (bnc#863357) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-sg3_utils-9618 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-sg3_utils-9618 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-sg3_utils-9618 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-sg3_utils-9618 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): sg3_utils-devel-1.35-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): sg3_utils-1.35-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): sg3_utils-1.35-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): sg3_utils-1.35-0.15.1 References: https://bugzilla.novell.com/863357 https://bugzilla.novell.com/876454 https://bugzilla.novell.com/888826 http://download.suse.com/patch/finder/?keywords=91c7c09c6bf7c41d612fec76dd8627f3 From sle-updates at lists.suse.com Fri Aug 22 17:04:15 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 23 Aug 2014 01:04:15 +0200 (CEST) Subject: SUSE-SU-2014:1055-2: moderate: Security update for IBM Java Message-ID: <20140822230415.B4A673218E@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1055-2 Rating: moderate References: #891700 Cross-References: CVE-2014-4209 CVE-2014-4218 CVE-2014-4219 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4265 CVE-2014-4268 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: java-1_6_0-ibm has been updated to fix ten security issues. Security Issues: * CVE-2014-4227 * CVE-2014-4262 * CVE-2014-4219 * CVE-2014-4209 * CVE-2014-4268 * CVE-2014-4218 * CVE-2014-4252 * CVE-2014-4265 * CVE-2014-4263 * CVE-2014-4244 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-java-1_6_0-ibm-9614 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): java-1_6_0-ibm-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.1-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.1-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-4209.html http://support.novell.com/security/cve/CVE-2014-4218.html http://support.novell.com/security/cve/CVE-2014-4219.html http://support.novell.com/security/cve/CVE-2014-4227.html http://support.novell.com/security/cve/CVE-2014-4244.html http://support.novell.com/security/cve/CVE-2014-4252.html http://support.novell.com/security/cve/CVE-2014-4262.html http://support.novell.com/security/cve/CVE-2014-4263.html http://support.novell.com/security/cve/CVE-2014-4265.html http://support.novell.com/security/cve/CVE-2014-4268.html https://bugzilla.novell.com/891700 http://download.suse.com/patch/finder/?keywords=7a61b835a32429a85d3cce40a1b17ad6 From sle-updates at lists.suse.com Tue Aug 26 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1063-1: Recommended update for nss_ldap Message-ID: <20140826170414.D0B41321C5@maintenance.suse.de> SUSE Recommended Update: Recommended update for nss_ldap ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1063-1 Rating: low References: #842120 #866763 #879368 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for nss_ldap provides fixes for the following issues: * Reverse IPv6 host lookups fail when LDAP is used. (bnc#866763) * Bug in nss_ldap prevents Nomachine NX server to start. (bnc#879368) * nss_ldap crashes when running atfork() hooks. (bnc#842120) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nss_ldap-9592 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nss_ldap-9592 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-nss_ldap-9592 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nss_ldap-262-11.32.39.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): nss_ldap-32bit-262-11.32.39.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nss_ldap-262-11.32.39.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): nss_ldap-32bit-262-11.32.39.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): nss_ldap-x86-262-11.32.39.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): nss_ldap-262-11.32.39.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): nss_ldap-32bit-262-11.32.39.1 References: https://bugzilla.novell.com/842120 https://bugzilla.novell.com/866763 https://bugzilla.novell.com/879368 http://download.suse.com/patch/finder/?keywords=a33abddeae1fc37694cb98e6e3d8219e From sle-updates at lists.suse.com Tue Aug 26 13:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Aug 2014 21:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1064-1: Recommended update for yast2-country Message-ID: <20140826190414.837FE321C5@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-country ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1064-1 Rating: low References: #850571 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for YaST's Country Settings module (yast2-country) provides the following fix: * Do not try to save settings when the user did not change them. (bnc#850571) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-yast2-country-9629 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-yast2-country-9629 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-yast2-country-9629 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.17.55]: yast2-country-2.17.55-0.7.1 yast2-country-data-2.17.55-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.55]: yast2-country-2.17.55-0.7.1 yast2-country-data-2.17.55-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.17.55]: yast2-country-2.17.55-0.7.1 yast2-country-data-2.17.55-0.7.1 References: https://bugzilla.novell.com/850571 http://download.suse.com/patch/finder/?keywords=93fac17c621599eafddd826766c4da20 From sle-updates at lists.suse.com Wed Aug 27 11:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Aug 2014 19:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1065-1: Recommended update for zip Message-ID: <20140827170414.A669D321C7@maintenance.suse.de> SUSE Recommended Update: Recommended update for zip ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1065-1 Rating: low References: #785305 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for zip provides the following fix: * Don't clobber include/exclude pattern lists by removing path prefixes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-zip-9628 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-zip-9628 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-zip-9628 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): zip-3.0-4.9.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): zip-3.0-4.9.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): zip-3.0-4.9.1 References: https://bugzilla.novell.com/785305 http://download.suse.com/patch/finder/?keywords=50a7e9dcb4ffaf80876a8a873bed9983 From sle-updates at lists.suse.com Thu Aug 28 06:05:03 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Aug 2014 14:05:03 +0200 (CEST) Subject: SUSE-SU-2014:1010-2: moderate: Security update for python-Jinja2 Message-ID: <20140828120503.4ADEC321C7@maintenance.suse.de> SUSE Security Update: Security update for python-Jinja2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1010-2 Rating: moderate References: #858239 Cross-References: CVE-2014-1402 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-Jinja2 fixes the following security issue: * The default configuration for bccache.FileSystemBytecodeCache in Jinja2 did not properly create temporary files, which allowed local users to gain privileges via a crafted .cache file in /tmp. (CVE-2014-1402) Security Issues: * CVE-2014-1402 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-python-Jinja2-9602 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64): python-Jinja2-2.6-2.14.4 References: http://support.novell.com/security/cve/CVE-2014-1402.html https://bugzilla.novell.com/858239 http://download.suse.com/patch/finder/?keywords=acf4cc9b1f52498ef1fda68ec4ea15f8 From sle-updates at lists.suse.com Thu Aug 28 11:04:12 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Aug 2014 19:04:12 +0200 (CEST) Subject: SUSE-SU-2014:1071-1: moderate: Security update for subversion Message-ID: <20140828170412.84F47321C7@maintenance.suse.de> SUSE Security Update: Security update for subversion ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1071-1 Rating: moderate References: #889849 Cross-References: CVE-2014-3528 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: subversion has been updated to fix one security problem: * bnc#889849: Reveal authentication information through an md5 collision attack on authentication realm (CVE-2014-3528) Security Issues: * CVE-2014-3528 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-subversion-9626 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): subversion-1.6.17-1.29.1 subversion-devel-1.6.17-1.29.1 subversion-perl-1.6.17-1.29.1 subversion-python-1.6.17-1.29.1 subversion-server-1.6.17-1.29.1 subversion-tools-1.6.17-1.29.1 References: http://support.novell.com/security/cve/CVE-2014-3528.html https://bugzilla.novell.com/889849 http://download.suse.com/patch/finder/?keywords=1e78bd128a83d62383fff69c071a2768 From sle-updates at lists.suse.com Thu Aug 28 11:04:35 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Aug 2014 19:04:35 +0200 (CEST) Subject: SUSE-SU-2014:1072-1: important: Security update for MySQL Message-ID: <20140828170435.C0C4C321CC@maintenance.suse.de> SUSE Security Update: Security update for MySQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1072-1 Rating: important References: #887580 Cross-References: CVE-2014-2484 CVE-2014-2494 CVE-2014-4207 CVE-2014-4214 CVE-2014-4233 CVE-2014-4238 CVE-2014-4240 CVE-2014-4243 CVE-2014-4258 CVE-2014-4260 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes one version update. Description: This MySQL update provides the following: * upgrade to version 5.5.39, [bnc#887580] * CVE's fixed: CVE-2014-2484, CVE-2014-4258, CVE-2014-4260, CVE-2014-2494, CVE-2014-4238, CVE-2014-4207, CVE-2014-4233, CVE-2014-4240, CVE-2014-4214, CVE-2014-4243 See also: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Security Issues: * CVE-2014-2484 * CVE-2014-4258 * CVE-2014-4260 * CVE-2014-2494 * CVE-2014-4238 * CVE-2014-4207 * CVE-2014-4233 * CVE-2014-4240 * CVE-2014-4214 * CVE-2014-4243 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libmysql55client18-9624 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libmysql55client18-9624 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libmysql55client18-9624 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libmysql55client18-9624 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libmysql55client_r18-32bit-5.5.39-0.7.1 libmysqlclient_r15-32bit-5.0.96-0.6.13 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libmysql55client_r18-x86-5.5.39-0.7.1 libmysqlclient_r15-x86-5.0.96-0.6.13 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 5.5.39]: libmysql55client18-5.5.39-0.7.1 libmysql55client_r18-5.5.39-0.7.1 libmysqlclient15-5.0.96-0.6.13 libmysqlclient_r15-5.0.96-0.6.13 mysql-5.5.39-0.7.1 mysql-client-5.5.39-0.7.1 mysql-tools-5.5.39-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 5.5.39]: libmysql55client18-32bit-5.5.39-0.7.1 libmysqlclient15-32bit-5.0.96-0.6.13 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.5.39]: libmysql55client18-5.5.39-0.7.1 libmysql55client_r18-5.5.39-0.7.1 libmysqlclient15-5.0.96-0.6.13 libmysqlclient_r15-5.0.96-0.6.13 mysql-5.5.39-0.7.1 mysql-client-5.5.39-0.7.1 mysql-tools-5.5.39-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 5.5.39]: libmysql55client18-32bit-5.5.39-0.7.1 libmysqlclient15-32bit-5.0.96-0.6.13 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 5.5.39]: libmysql55client18-x86-5.5.39-0.7.1 libmysqlclient15-x86-5.0.96-0.6.13 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 5.5.39]: libmysql55client18-5.5.39-0.7.1 libmysql55client_r18-5.5.39-0.7.1 libmysqlclient15-5.0.96-0.6.13 libmysqlclient_r15-5.0.96-0.6.13 mysql-5.5.39-0.7.1 mysql-client-5.5.39-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 5.5.39]: libmysql55client18-32bit-5.5.39-0.7.1 libmysql55client_r18-32bit-5.5.39-0.7.1 libmysqlclient15-32bit-5.0.96-0.6.13 libmysqlclient_r15-32bit-5.0.96-0.6.13 References: http://support.novell.com/security/cve/CVE-2014-2484.html http://support.novell.com/security/cve/CVE-2014-2494.html http://support.novell.com/security/cve/CVE-2014-4207.html http://support.novell.com/security/cve/CVE-2014-4214.html http://support.novell.com/security/cve/CVE-2014-4233.html http://support.novell.com/security/cve/CVE-2014-4238.html http://support.novell.com/security/cve/CVE-2014-4240.html http://support.novell.com/security/cve/CVE-2014-4243.html http://support.novell.com/security/cve/CVE-2014-4258.html http://support.novell.com/security/cve/CVE-2014-4260.html https://bugzilla.novell.com/887580 http://download.suse.com/patch/finder/?keywords=8b3fd18dd93c87bd6dd0292986f6e140 From sle-updates at lists.suse.com Thu Aug 28 11:04:55 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Aug 2014 19:04:55 +0200 (CEST) Subject: SUSE-SU-2014:0994-2: moderate: Security update for rubygem-activerecord-2_3 Message-ID: <20140828170455.58B74321C7@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activerecord-2_3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0994-2 Rating: moderate References: #885636 Cross-References: CVE-2014-3482 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-activerecord-2_3 fixes the following security issue: * The PostgreSQL adapter for Active Record in Ruby on Rails 2.x allowed remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. (CVE-2014-3482) Security Issues: * CVE-2014-3482 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-rubygem-activerecord-2_3-9603 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64): rubygem-activerecord-2_3-2.3.17-0.15.3 References: http://support.novell.com/security/cve/CVE-2014-3482.html https://bugzilla.novell.com/885636 http://download.suse.com/patch/finder/?keywords=fdaefdb6bac0fffb18127a0158c4a52a From sle-updates at lists.suse.com Thu Aug 28 21:04:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Aug 2014 05:04:13 +0200 (CEST) Subject: SUSE-SU-2014:1073-1: moderate: Security update for gpgme Message-ID: <20140829030413.CEEFD321C7@maintenance.suse.de> SUSE Security Update: Security update for gpgme ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1073-1 Rating: moderate References: #890123 Cross-References: CVE-2014-3564 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This gpgme update fixes the following security issue: * bnc#890123: Fix possible overflow in gpgsm and uiserver engines (CVE-2014-3564) Security Issues: * CVE-2014-3564 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gpgme-9644 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gpgme-9644 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gpgme-9644 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gpgme-9644 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgpgme-devel-1.1.6-25.32.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libgpgme11-32bit-1.1.6-25.32.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libgpgme11-x86-1.1.6-25.32.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gpgme-1.1.6-25.32.1 libgpgme11-1.1.6-25.32.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gpgme-1.1.6-25.32.1 libgpgme11-1.1.6-25.32.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gpgme-1.1.6-25.32.1 libgpgme11-1.1.6-25.32.1 References: http://support.novell.com/security/cve/CVE-2014-3564.html https://bugzilla.novell.com/890123 http://download.suse.com/patch/finder/?keywords=baf4cccd2cf599d38b8f37ee948b2f83 From sle-updates at lists.suse.com Fri Aug 29 13:04:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Aug 2014 21:04:14 +0200 (CEST) Subject: SUSE-RU-2014:1075-1: Recommended update for tar Message-ID: <20140829190414.54602320BC@maintenance.suse.de> SUSE Recommended Update: Recommended update for tar ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1075-1 Rating: low References: #864302 #881863 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for tar provides the following fixes: * Don't print "lone zero blocks" warnings, as there are many tar implementations around that create invalid archives with a zero block in the middle. (bnc#881863) * Fix creation of archives with large UIDs and POSIX format. (bnc#864302) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-tar-9639 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-tar-9639 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-tar-9639 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): tar-1.26-1.2.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): tar-1.26-1.2.6.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): tar-1.26-1.2.6.1 References: https://bugzilla.novell.com/864302 https://bugzilla.novell.com/881863 http://download.suse.com/patch/finder/?keywords=4b3f5ffcf4f908db38712d1d85d84c05 From sle-updates at lists.suse.com Fri Aug 29 17:04:22 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 30 Aug 2014 01:04:22 +0200 (CEST) Subject: SUSE-SU-2014:1071-2: moderate: Security update for subversion Message-ID: <20140829230422.553F9320BC@maintenance.suse.de> SUSE Security Update: Security update for subversion ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1071-2 Rating: moderate References: #889849 Cross-References: CVE-2014-3528 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Subversion has been updated to fix a security problem: * bnc#889849: Reveal authentication information through an md5 collision attack on authentication realm (CVE-2014-3528) Security Issues: * CVE-2014-3528 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-subversion-9625 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): subversion-1.6.17-1.29.1 References: http://support.novell.com/security/cve/CVE-2014-3528.html https://bugzilla.novell.com/889849 http://download.suse.com/patch/finder/?keywords=84be0a1a7272f75ebbfdb78d911a6f73