From sle-updates at lists.suse.com Mon Jun 1 01:05:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 09:05:03 +0200 (CEST) Subject: SUSE-SU-2015:0974-1: moderate: Security update for apache2 Message-ID: <20150601070503.6AA0D3204C@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0974-1 Rating: moderate References: #792309 #871310 #899836 #909715 #918352 #923090 Cross-References: CVE-2013-5704 CVE-2014-3581 CVE-2014-8109 CVE-2015-0228 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that solves four vulnerabilities and has two fixes is now available. Description: Apache2 updated to fix four security issues and one non-security bug. The following vulnerabilities have been fixed: - mod_headers rules could be bypassed via chunked requests. Adds "MergeTrailers" directive to restore legacy behavior. (bsc#871310, CVE-2013-5704) - An empty value in Content-Type could lead to a crash through a null pointer dereference and a denial of service. (bsc#899836, CVE-2014-3581) - Remote attackers could bypass intended access restrictions in mod_lua LuaAuthzProvider when multiple Require directives with different arguments are used. (bsc#909715, CVE-2014-8109) - Remote attackers could cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. (bsc#918352, CVE-2015-0228) The following non-security issues have been fixed: - The Apache2 systemd service file was changed to fix situation where apache wouldn't start at boot when using an encrypted certificate because the user wasn't prompted for password during boot. (bsc#792309) Additionally, mod_imagemap is now included by default in the package. (bsc#923090) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-226=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-226=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): apache2-debuginfo-2.4.10-12.1 apache2-debugsource-2.4.10-12.1 apache2-devel-2.4.10-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): apache2-2.4.10-12.1 apache2-debuginfo-2.4.10-12.1 apache2-debugsource-2.4.10-12.1 apache2-example-pages-2.4.10-12.1 apache2-prefork-2.4.10-12.1 apache2-prefork-debuginfo-2.4.10-12.1 apache2-utils-2.4.10-12.1 apache2-utils-debuginfo-2.4.10-12.1 apache2-worker-2.4.10-12.1 apache2-worker-debuginfo-2.4.10-12.1 - SUSE Linux Enterprise Server 12 (noarch): apache2-doc-2.4.10-12.1 References: https://www.suse.com/security/cve/CVE-2013-5704.html https://www.suse.com/security/cve/CVE-2014-3581.html https://www.suse.com/security/cve/CVE-2014-8109.html https://www.suse.com/security/cve/CVE-2015-0228.html https://bugzilla.suse.com/792309 https://bugzilla.suse.com/871310 https://bugzilla.suse.com/899836 https://bugzilla.suse.com/909715 https://bugzilla.suse.com/918352 https://bugzilla.suse.com/923090 From sle-updates at lists.suse.com Mon Jun 1 01:06:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 09:06:55 +0200 (CEST) Subject: SUSE-RU-2015:0975-1: moderate: Recommended update for grub2 Message-ID: <20150601070656.11B633204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for grub2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0975-1 Rating: moderate References: #891946 #892811 #892852 #894178 #898198 #901487 #909359 #913667 #914514 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: This update for grub2 provides many fixes and enhancements: - Add UEFI IPv6 PXE booting support. (bsc#894178) - Fix the script grub2-snapper-plugin.sh to properly cleanup grub-snapshot.cfg files which don't refer to any snapshot. (bsc#909359, bsc#914514) - Streamline and simplify boot to Grub menu on s390x. (bsc#898198) - Command 'grub2-once --enum' now enumerates boot-entries in a way actually understood by 'grub2'. (bsc#892852, bsc#892811) - Allow user to specify via LOADPARM which kernel/initrd should be booted. (bsc#891946, bsc#892852) - Fix CAS reboot on PowerPC. (bsc#913667) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-227=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-227=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): grub2-2.02~beta2-54.1 grub2-debuginfo-2.02~beta2-54.1 - SUSE Linux Enterprise Server 12 (ppc64le): grub2-powerpc-ieee1275-2.02~beta2-54.1 - SUSE Linux Enterprise Server 12 (x86_64): grub2-i386-pc-2.02~beta2-54.1 grub2-x86_64-efi-2.02~beta2-54.1 grub2-x86_64-xen-2.02~beta2-54.1 - SUSE Linux Enterprise Server 12 (noarch): grub2-snapper-plugin-2.02~beta2-54.1 - SUSE Linux Enterprise Server 12 (s390x): grub2-debugsource-2.02~beta2-54.1 grub2-s390x-emu-2.02~beta2-54.1 - SUSE Linux Enterprise Desktop 12 (x86_64): grub2-2.02~beta2-54.1 grub2-debuginfo-2.02~beta2-54.1 grub2-i386-pc-2.02~beta2-54.1 grub2-x86_64-efi-2.02~beta2-54.1 grub2-x86_64-xen-2.02~beta2-54.1 - SUSE Linux Enterprise Desktop 12 (noarch): grub2-snapper-plugin-2.02~beta2-54.1 References: https://bugzilla.suse.com/891946 https://bugzilla.suse.com/892811 https://bugzilla.suse.com/892852 https://bugzilla.suse.com/894178 https://bugzilla.suse.com/898198 https://bugzilla.suse.com/901487 https://bugzilla.suse.com/909359 https://bugzilla.suse.com/913667 https://bugzilla.suse.com/914514 From sle-updates at lists.suse.com Mon Jun 1 06:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 14:04:57 +0200 (CEST) Subject: SUSE-RU-2015:0976-1: moderate: Recommended update for btrfsprogs Message-ID: <20150601120457.158A532063@maintenance.suse.de> SUSE Recommended Update: Recommended update for btrfsprogs ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0976-1 Rating: moderate References: #929668 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides btrfsprogs 3.18.2, which brings several fixes and enhancements. A comprehensive list of changes is available at https://btrfs.wiki.kernel.org/index.php/Changelog. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-228=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-228=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-228=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): btrfsprogs-debuginfo-3.18.2-10.1 btrfsprogs-debugsource-3.18.2-10.1 libbtrfs-devel-3.18.2-10.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): btrfsprogs-3.18.2-10.1 btrfsprogs-debuginfo-3.18.2-10.1 btrfsprogs-debugsource-3.18.2-10.1 libbtrfs0-3.18.2-10.1 libbtrfs0-debuginfo-3.18.2-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): btrfsprogs-3.18.2-10.1 btrfsprogs-debuginfo-3.18.2-10.1 btrfsprogs-debugsource-3.18.2-10.1 libbtrfs0-3.18.2-10.1 libbtrfs0-debuginfo-3.18.2-10.1 References: https://bugzilla.suse.com/929668 From sle-updates at lists.suse.com Mon Jun 1 07:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 15:04:57 +0200 (CEST) Subject: SUSE-SU-2015:0977-1: moderate: Security update for libqt4 Message-ID: <20150601130457.0722632063@maintenance.suse.de> SUSE Security Update: Security update for libqt4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0977-1 Rating: moderate References: #921999 #927806 #927807 #927808 Cross-References: CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: The libqt4 library was updated to fix several security issues: * CVE-2015-0295: Division by zero when processing malformed BMP files. (bsc#921999) * CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling. (bsc#927806) * CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling. (bsc#927807) * CVE-2015-1860: Segmentation fault in GIF Qt Image Format Handling. (bsc#927808) Security Issues: * CVE-2015-1858 * CVE-2015-1859 * CVE-2015-1860 * CVE-2015-0295 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libqt4-201505=10690 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libqt4-201505=10690 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libqt4-201505=10690 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libqt4-201505=10690 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libQtWebKit-devel-4.6.3-5.34.2 libqt4-devel-4.6.3-5.34.2 libqt4-devel-doc-4.6.3-5.34.2 libqt4-sql-postgresql-4.6.3-5.34.2 libqt4-sql-unixODBC-4.6.3-5.34.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.34.2 libqt4-sql-mysql-32bit-4.6.3-5.34.2 libqt4-sql-postgresql-32bit-4.6.3-5.34.2 libqt4-sql-sqlite-32bit-4.6.3-5.34.2 libqt4-sql-unixODBC-32bit-4.6.3-5.34.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): libqt4-devel-doc-data-4.6.3-5.34.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libQtWebKit4-x86-4.6.3-5.34.2 libqt4-sql-mysql-x86-4.6.3-5.34.2 libqt4-sql-postgresql-x86-4.6.3-5.34.2 libqt4-sql-sqlite-x86-4.6.3-5.34.2 libqt4-sql-unixODBC-x86-4.6.3-5.34.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libQtWebKit4-4.6.3-5.34.2 libqt4-4.6.3-5.34.2 libqt4-qt3support-4.6.3-5.34.2 libqt4-sql-4.6.3-5.34.2 libqt4-sql-mysql-4.6.3-5.34.2 libqt4-sql-sqlite-4.6.3-5.34.2 libqt4-x11-4.6.3-5.34.2 qt4-x11-tools-4.6.3-5.34.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libQtWebKit4-32bit-4.6.3-5.34.2 libqt4-32bit-4.6.3-5.34.2 libqt4-qt3support-32bit-4.6.3-5.34.2 libqt4-sql-32bit-4.6.3-5.34.2 libqt4-x11-32bit-4.6.3-5.34.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libQtWebKit4-4.6.3-5.34.2 libqt4-4.6.3-5.34.2 libqt4-qt3support-4.6.3-5.34.2 libqt4-sql-4.6.3-5.34.2 libqt4-sql-mysql-4.6.3-5.34.2 libqt4-sql-sqlite-4.6.3-5.34.2 libqt4-x11-4.6.3-5.34.2 qt4-x11-tools-4.6.3-5.34.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libQtWebKit4-32bit-4.6.3-5.34.2 libqt4-32bit-4.6.3-5.34.2 libqt4-qt3support-32bit-4.6.3-5.34.2 libqt4-sql-32bit-4.6.3-5.34.2 libqt4-x11-32bit-4.6.3-5.34.2 - SUSE Linux Enterprise Server 11 SP3 (ia64): libQtWebKit4-x86-4.6.3-5.34.2 libqt4-qt3support-x86-4.6.3-5.34.2 libqt4-sql-x86-4.6.3-5.34.2 libqt4-x11-x86-4.6.3-5.34.2 libqt4-x86-4.6.3-5.34.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libQtWebKit4-4.6.3-5.34.2 libqt4-4.6.3-5.34.2 libqt4-qt3support-4.6.3-5.34.2 libqt4-sql-4.6.3-5.34.2 libqt4-sql-mysql-4.6.3-5.34.2 libqt4-sql-postgresql-4.6.3-5.34.2 libqt4-sql-sqlite-4.6.3-5.34.2 libqt4-sql-unixODBC-4.6.3-5.34.2 libqt4-x11-4.6.3-5.34.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libQtWebKit4-32bit-4.6.3-5.34.2 libqt4-32bit-4.6.3-5.34.2 libqt4-qt3support-32bit-4.6.3-5.34.2 libqt4-sql-32bit-4.6.3-5.34.2 libqt4-sql-mysql-32bit-4.6.3-5.34.2 libqt4-sql-postgresql-32bit-4.6.3-5.34.2 libqt4-sql-sqlite-32bit-4.6.3-5.34.2 libqt4-sql-unixODBC-32bit-4.6.3-5.34.2 libqt4-x11-32bit-4.6.3-5.34.2 References: https://www.suse.com/security/cve/CVE-2015-0295.html https://www.suse.com/security/cve/CVE-2015-1858.html https://www.suse.com/security/cve/CVE-2015-1859.html https://www.suse.com/security/cve/CVE-2015-1860.html https://bugzilla.suse.com/921999 https://bugzilla.suse.com/927806 https://bugzilla.suse.com/927807 https://bugzilla.suse.com/927808 https://download.suse.com/patch/finder/?keywords=9689c635e31524ec167e859d445097b5 From sle-updates at lists.suse.com Mon Jun 1 07:05:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 15:05:50 +0200 (CEST) Subject: SUSE-SU-2015:0978-1: important: Security update for MozillaFirefox Message-ID: <20150601130550.9FE9632063@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0978-1 Rating: important References: #930622 Cross-References: CVE-2015-0797 CVE-2015-2708 CVE-2015-2709 CVE-2015-2710 CVE-2015-2713 CVE-2015-2716 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. It includes one version update. Description: This update to Firefox 31.7.0 ESR fixes the following issues: * MFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474. * MFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video with Linux Gstreamer. Upstream references: bmo#1080995. * MFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and CSS. Upstream references: bmo#1149542. * MFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing with vertical text enabled. Upstream references: bmo#1153478. * MFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed XML. Upstream references: bmo#1140537. Security Issues: * CVE-2015-0797 * CVE-2015-2708 * CVE-2015-2709 * CVE-2015-2710 * CVE-2015-2713 * CVE-2015-2716 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox-20150510=10691 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox-20150510=10691 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox-20150510=10691 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox-20150510=10691 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-31.7.0esr-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 31.7.0esr]: MozillaFirefox-31.7.0esr-0.8.1 MozillaFirefox-translations-31.7.0esr-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 31.7.0esr]: MozillaFirefox-31.7.0esr-0.8.1 MozillaFirefox-translations-31.7.0esr-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 31.7.0esr]: MozillaFirefox-31.7.0esr-0.8.1 MozillaFirefox-translations-31.7.0esr-0.8.1 References: https://www.suse.com/security/cve/CVE-2015-0797.html https://www.suse.com/security/cve/CVE-2015-2708.html https://www.suse.com/security/cve/CVE-2015-2709.html https://www.suse.com/security/cve/CVE-2015-2710.html https://www.suse.com/security/cve/CVE-2015-2713.html https://www.suse.com/security/cve/CVE-2015-2716.html https://bugzilla.suse.com/930622 https://download.suse.com/patch/finder/?keywords=ab9c724c1f8dad58c3aecf28fa855174 From sle-updates at lists.suse.com Mon Jun 1 07:06:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 15:06:10 +0200 (CEST) Subject: SUSE-SU-2015:0979-1: moderate: Security update for dnsmasq Message-ID: <20150601130610.0837132063@maintenance.suse.de> SUSE Security Update: Security update for dnsmasq ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0979-1 Rating: moderate References: #923144 #928867 Cross-References: CVE-2015-3294 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: The DNS server dnsmasq was updated to fix one security issue and one non-security bug. The following vulnerability was fixed: * CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867) The following bug was fixed: * bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-229=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-229=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): dnsmasq-2.71-4.1 dnsmasq-debuginfo-2.71-4.1 dnsmasq-debugsource-2.71-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): dnsmasq-2.71-4.1 dnsmasq-debuginfo-2.71-4.1 dnsmasq-debugsource-2.71-4.1 References: https://www.suse.com/security/cve/CVE-2015-3294.html https://bugzilla.suse.com/923144 https://bugzilla.suse.com/928867 From sle-updates at lists.suse.com Mon Jun 1 08:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 16:04:52 +0200 (CEST) Subject: SUSE-RU-2015:0980-1: Recommended update for crowbar Message-ID: <20150601140452.9806E32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0980-1 Rating: low References: #926605 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar provides the following stability fixes and improvements: * Backup /etc/crowbar.install.key too * Clean up DNS test * Add logging to the crowbar-backup script * Rework logging implementation as old way caused issues when running within mkcloud * Remove mention that crowbar-backup is unsupported Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar=10610 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-1.8+git.1411390919.f59b3ae-0.13.1 References: https://bugzilla.suse.com/926605 https://download.suse.com/patch/finder/?keywords=8f3eb8b1b6fbbaf8f2d789d6590df492 From sle-updates at lists.suse.com Mon Jun 1 08:05:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 16:05:11 +0200 (CEST) Subject: SUSE-RU-2015:0981-1: Recommended update for crowbar-barclamp-ceph, crowbar-barclamp-cinder and crowbar-barclamp-glance Message-ID: <20150601140511.0DF8332063@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-ceph, crowbar-barclamp-cinder and crowbar-barclamp-glance ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0981-1 Rating: low References: #886795 #916440 #916441 #918831 #923224 #923862 #926549 #930542 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update for crowbar-barclamp-ceph, crowbar-barclamp-cinder and crowbar-barclamp-glance provides several fixes and enhancements. crowbar-barclamp-ceph: * Fix deployment of radosgw when on a non-osd/mon node (bsc#930542) * Fixing missing mon[ceph][admin-secret] keyring on radosgw node (bsc#930542) * Never use our own fsid attribute if we're in crowbar (bsc#923224) * Correctly handle changing libvirt secrets (bsc#923224) * Do not redefine the libvirt secret if it's correct * Avoid invalid search query when no mon or osd roles are found * Add full escaping for shell commands usage * Do not install the kvm-rbd-plugin package on SLES11 * Only use disks bigger than 20GB (bnc#886795) * Add auto discovering pg_num from existing pools * Remove unneeded recipes for glance and cinder integration * Default to disk_mode: all * Don't try to use separate journals with disk_mode: first (bnc#916441) * Disable SSD journals if only one disk type available (bnc#916440, bnc#918831) * Don't use mon user and secret anymore for managing auth settings * Define ceph.conf and admin keyring for ceph_client LWRP * Check nodes without suitable disks during saving proposal crowbar-barclamp-cinder: * Finish proper integration of ceph recipe * Remove pool_name from ceph_pool resource * Configure worker count the same way like other daemons * For external ceph cluster also admin keyring file path should be provided * Create Ceph pool/user even when barclamp-ceph is not used * Fix check for nfs storage protocol (bsc#923862) * Fix broken 033_add_max_min_size_timeout_pool.rb migration * HA: Set Optional ordering for Cinder startup crowbar-barclamp-glance: * Fix ceph recipe * Add store_admin_keyring and improve external ceph integration * Remove pool_name from ceph_pool resource * Create Ceph pool/user even when barclamp-ceph is not used * Warn on file backend + HA selection * HA: Set Optional ordering for Glance startup. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-ceph-cinder-glance-201505=10708 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-ceph-1.9+git.1432222240.c5ac76f-0.7.1 crowbar-barclamp-cinder-1.9+git.1427119396.716524c-0.7.28 crowbar-barclamp-glance-1.9+git.1427795988.8416df5-0.7.28 References: https://bugzilla.suse.com/886795 https://bugzilla.suse.com/916440 https://bugzilla.suse.com/916441 https://bugzilla.suse.com/918831 https://bugzilla.suse.com/923224 https://bugzilla.suse.com/923862 https://bugzilla.suse.com/926549 https://bugzilla.suse.com/930542 https://download.suse.com/patch/finder/?keywords=3df11f949b53f754b53c24c911aebaea From sle-updates at lists.suse.com Mon Jun 1 13:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 1 Jun 2015 21:04:52 +0200 (CEST) Subject: SUSE-RU-2015:0982-1: Recommended update for lio-utils Message-ID: <20150601190452.B43473205C@maintenance.suse.de> SUSE Recommended Update: Recommended update for lio-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0982-1 Rating: low References: #878533 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for lio-utils provide the following fixes: * Do not fail if target port is already disabled. (bsc#878533) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-lio-mibs=10477 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-lio-mibs=10477 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): lio-mibs-4.0-0.17.18.1 lio-utils-4.0-0.17.18.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): lio-mibs-4.0-0.17.18.1 lio-utils-4.0-0.17.18.1 References: https://bugzilla.suse.com/878533 https://download.suse.com/patch/finder/?keywords=e9f43747c9a9504a8f85cbdac56419d3 From sle-updates at lists.suse.com Tue Jun 2 03:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 11:04:53 +0200 (CEST) Subject: SUSE-SU-2015:0984-1: moderate: Security update for docker Message-ID: <20150602090453.D01DE32067@maintenance.suse.de> SUSE Security Update: Security update for docker ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0984-1 Rating: moderate References: #930235 #931301 Cross-References: CVE-2015-3627 CVE-2015-3629 CVE-2015-3630 CVE-2015-3631 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: The Linux container runtime environment Docker was updated to version 1.6.2 to fix several security and non-security issues. - Security: - Fix read/write /proc paths. (CVE-2015-3630) - Prohibit VOLUME /proc and VOLUME /. (CVE-2015-3631) - Fix opening of file-descriptor 1. (CVE-2015-3627) - Fix symlink traversal on container respawn allowing local privilege escalation. (CVE-2015-3629) - Runtime: - Update Apparmor policy to not allow mounts. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-230=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): docker-1.6.2-31.2 docker-debuginfo-1.6.2-31.2 docker-debugsource-1.6.2-31.2 References: https://www.suse.com/security/cve/CVE-2015-3627.html https://www.suse.com/security/cve/CVE-2015-3629.html https://www.suse.com/security/cve/CVE-2015-3630.html https://www.suse.com/security/cve/CVE-2015-3631.html https://bugzilla.suse.com/930235 https://bugzilla.suse.com/931301 From sle-updates at lists.suse.com Tue Jun 2 04:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 12:04:53 +0200 (CEST) Subject: SUSE-SU-2015:0985-1: moderate: Security update for sudo Message-ID: <20150602100453.1A44232067@maintenance.suse.de> SUSE Security Update: Security update for sudo ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0985-1 Rating: moderate References: #880764 #901145 #904694 #917806 Cross-References: CVE-2014-9680 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for sudo provides the following fixes: * Handle TZ environment variable safely. (CVE-2014-9680, bnc#917806) * Do not truncate long commands (131072 or more characters) without any warning. (bnc#901145) * Create log files with ownership set to user and group 'root'. (bnc#904694) * Close PAM session properly. (bnc#880764) Security Issues: * CVE-2014-9680 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-sudo=10686 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-sudo=10686 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-sudo=10686 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): sudo-1.7.6p2-0.23.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): sudo-1.7.6p2-0.23.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): sudo-1.7.6p2-0.23.1 References: https://www.suse.com/security/cve/CVE-2014-9680.html https://bugzilla.suse.com/880764 https://bugzilla.suse.com/901145 https://bugzilla.suse.com/904694 https://bugzilla.suse.com/917806 https://download.suse.com/patch/finder/?keywords=3f29625c93073c1ed3b6a38fb74296cb From sle-updates at lists.suse.com Tue Jun 2 05:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 13:04:52 +0200 (CEST) Subject: SUSE-RU-2015:0986-1: moderate: Recommended update for crmsh Message-ID: <20150602110452.BBF5532067@maintenance.suse.de> SUSE Recommended Update: Recommended update for crmsh ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0986-1 Rating: moderate References: #889914 #900271 #900654 #901453 #902993 Affected Products: SUSE Linux Enterprise High Availability 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This collective update for the High Availability Extension provides fixes and enhancements. crmsh (updated to version 2.1.1): - ui_resource: Use correct name for error function (bsc#901453) - ui_resource: Resource trace failed if operation existed (bsc#901453) - hb_report: Collect logs from journald (bsc#900654) - report: Find nodes for any log type (bsc#900654) - cibconfig: Delay reinitialization after commit (bsc#900271) resource-agents: - Xen: Log domain status in debug mode for xl and xen-list (bsc#901453) - Xen: Use xl list $domain return code in status check (bsc#901453) - VirtualDomain: For Xen, prefer xl to xen-list (bsc#901453) - Add support for text strings in exit reasons (bsc#889914) For a comprehensive list of changes please refer to the packages' change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2015-232=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12 (s390x x86_64): crmsh-2.1.1-4.39 ldirectord-3.9.5+git633-6.1 monitoring-plugins-metadata-3.9.5+git633-6.1 resource-agents-3.9.5+git633-6.1 resource-agents-debuginfo-3.9.5+git633-6.1 resource-agents-debugsource-3.9.5+git633-6.1 References: https://bugzilla.suse.com/889914 https://bugzilla.suse.com/900271 https://bugzilla.suse.com/900654 https://bugzilla.suse.com/901453 https://bugzilla.suse.com/902993 From sle-updates at lists.suse.com Tue Jun 2 10:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 18:04:52 +0200 (CEST) Subject: SUSE-YU-2015:0987-1: YOU update for libzypp, zypper Message-ID: <20150602160452.DE2F332067@maintenance.suse.de> SUSE YOU Update: YOU update for libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-YU-2015:0987-1 Rating: low References: #928945 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one YOU fix can now be installed. It includes two new package versions. Description: This update for zypper and libzypp fixes output of help texts from command line utilities in non-English languages. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-softwaremgmt-201505-2=10699 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-softwaremgmt-201505-2=10699 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-softwaremgmt-201505-2=10699 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-softwaremgmt-201505-2=10699 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.38.8]: libzypp-devel-9.38.8-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.6.326 and 9.38.8]: libzypp-9.38.8-0.7.1 zypper-1.6.326-0.7.2 zypper-log-1.6.326-0.7.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.6.326 and 9.38.8]: libzypp-9.38.8-0.7.1 zypper-1.6.326-0.7.2 zypper-log-1.6.326-0.7.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.6.326 and 9.38.8]: libzypp-9.38.8-0.7.1 zypper-1.6.326-0.7.2 zypper-log-1.6.326-0.7.2 References: https://bugzilla.suse.com/928945 https://download.suse.com/patch/finder/?keywords=b2cb0bb6e5ad97f65b9230fe68731666 From sle-updates at lists.suse.com Tue Jun 2 10:05:14 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 18:05:14 +0200 (CEST) Subject: SUSE-RU-2015:0988-1: Recommended update for release-notes-sles Message-ID: <20150602160514.80F4632084@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0988-1 Rating: low References: #899495 #908342 #913282 #919672 #921171 #922978 #924703 #926388 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update provides the latest revision of the release notes for SUSE Linux Enterprise Server 12: - Updated: kernel-extra belongs to SLE Workstation Extension (bsc#922978). - Updated: KVM Limits (max vcpus is 160) (bsc#921171). - Updated: TPM/Trusted Computing (fate#315468). - Updated: Remote Login with XDMCP (fate#317876). - New: Xen: Non-standard PCI device functionality may render pass-through insecure (bsc#924703 via fate#318861). - New: NFSv2 Support (fate#318496). - New: Developing and running 32bit applications on SLE12 (fate#317890). - New: XEN watchdog causes restart (bsc#899495 via fate#318439). - New: "Parallel" implementations of compression software (fate#316220). - Fix spelling errors (bsc#913282). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-233=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): release-notes-sles-12.0.20150504-22.2 References: https://bugzilla.suse.com/899495 https://bugzilla.suse.com/908342 https://bugzilla.suse.com/913282 https://bugzilla.suse.com/919672 https://bugzilla.suse.com/921171 https://bugzilla.suse.com/922978 https://bugzilla.suse.com/924703 https://bugzilla.suse.com/926388 From sle-updates at lists.suse.com Tue Jun 2 10:06:58 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 18:06:58 +0200 (CEST) Subject: SUSE-RU-2015:0989-1: Recommended update for yp-tools Message-ID: <20150602160658.BE29832068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yp-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0989-1 Rating: low References: #902507 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yp-tools provides the following fixes: - Add a workround for a Solaris ypbind bug, which let NIS use a french server as NIS server. - ypchfn/ypchsh are not deprecated and should not call the chfn/chsh variants. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-234=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x): yp-tools-2.14-6.1 yp-tools-debuginfo-2.14-6.1 yp-tools-debugsource-2.14-6.1 References: https://bugzilla.suse.com/902507 From sle-updates at lists.suse.com Tue Jun 2 12:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 20:04:56 +0200 (CEST) Subject: SUSE-RU-2015:0988-2: Recommended update for release-notes-sles Message-ID: <20150602180456.2845532063@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0988-2 Rating: low References: #899495 #908342 #913282 #919672 #921171 #922978 #924703 #926388 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update provides the latest revision of the release notes for SUSE Linux Enterprise Server 12: - Updated: kernel-extra belongs to SLE Workstation Extension (bsc#922978). - Updated: KVM Limits (max vcpus is 160) (bsc#921171). - Updated: TPM/Trusted Computing (fate#315468). - Updated: Remote Login with XDMCP (fate#317876). - New: Xen: Non-standard PCI device functionality may render pass-through insecure (bsc#924703 via fate#318861). - New: NFSv2 Support (fate#318496). - New: Developing and running 32bit applications on SLE12 (fate#317890). - New: XEN watchdog causes restart (bsc#899495 via fate#318439). - New: "Parallel" implementations of compression software (fate#316220). - Fix spelling errors (bsc#913282). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-233=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): release-notes-sles-12.0.20150504-22.2 References: https://bugzilla.suse.com/899495 https://bugzilla.suse.com/908342 https://bugzilla.suse.com/913282 https://bugzilla.suse.com/919672 https://bugzilla.suse.com/921171 https://bugzilla.suse.com/922978 https://bugzilla.suse.com/924703 https://bugzilla.suse.com/926388 From sle-updates at lists.suse.com Tue Jun 2 12:06:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 2 Jun 2015 20:06:29 +0200 (CEST) Subject: SUSE-RU-2015:0989-2: Recommended update for yp-tools Message-ID: <20150602180629.8A08132068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yp-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0989-2 Rating: low References: #902507 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yp-tools provides the following fixes: - Add a workround for a Solaris ypbind bug, which let NIS use a french server as NIS server. - ypchfn/ypchsh are not deprecated and should not call the chfn/chsh variants. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-234=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-234=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): yp-tools-2.14-6.1 yp-tools-debuginfo-2.14-6.1 yp-tools-debugsource-2.14-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yp-tools-2.14-6.1 yp-tools-debuginfo-2.14-6.1 yp-tools-debugsource-2.14-6.1 References: https://bugzilla.suse.com/902507 From sle-updates at lists.suse.com Wed Jun 3 01:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jun 2015 09:04:55 +0200 (CEST) Subject: SUSE-SU-2015:0990-1: moderate: Security update for curl Message-ID: <20150603070455.AC76F32063@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0990-1 Rating: moderate References: #927556 #927607 #927608 #927746 #928533 Cross-References: CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: curl was updated to fix five security issues. The following vulnerabilities were fixed: * CVE-2015-3143: curl could re-use NTML authenticateds connections * CVE-2015-3144: curl could access memory out of bounds with zero length host names * CVE-2015-3145: curl cookie parser could access memory out of boundary * CVE-2015-3148: curl could treat Negotiate as not connection-oriented * CVE-2015-3153: curl could have sent sensitive HTTP headers also to proxies Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-235=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-235=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-235=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): curl-debuginfo-7.37.0-15.1 curl-debugsource-7.37.0-15.1 libcurl-devel-7.37.0-15.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): curl-7.37.0-15.1 curl-debuginfo-7.37.0-15.1 curl-debugsource-7.37.0-15.1 libcurl4-7.37.0-15.1 libcurl4-debuginfo-7.37.0-15.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libcurl4-32bit-7.37.0-15.1 libcurl4-debuginfo-32bit-7.37.0-15.1 - SUSE Linux Enterprise Desktop 12 (x86_64): curl-7.37.0-15.1 curl-debuginfo-7.37.0-15.1 curl-debugsource-7.37.0-15.1 libcurl4-32bit-7.37.0-15.1 libcurl4-7.37.0-15.1 libcurl4-debuginfo-32bit-7.37.0-15.1 libcurl4-debuginfo-7.37.0-15.1 References: https://www.suse.com/security/cve/CVE-2015-3143.html https://www.suse.com/security/cve/CVE-2015-3144.html https://www.suse.com/security/cve/CVE-2015-3145.html https://www.suse.com/security/cve/CVE-2015-3148.html https://www.suse.com/security/cve/CVE-2015-3153.html https://bugzilla.suse.com/927556 https://bugzilla.suse.com/927607 https://bugzilla.suse.com/927608 https://bugzilla.suse.com/927746 https://bugzilla.suse.com/928533 From sle-updates at lists.suse.com Wed Jun 3 09:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jun 2015 17:04:57 +0200 (CEST) Subject: SUSE-RU-2015:0992-1: Recommended update for LXC Message-ID: <20150603150457.F18B232063@maintenance.suse.de> SUSE Recommended Update: Recommended update for LXC ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0992-1 Rating: low References: #924891 #924892 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for LXC provides the following fixes: * Fix lxc-create man page to indicate the correct default file system (ext3). (bsc#924892) * Fix path to configuration file for LVM setups in lxc-create. (bsc#924891) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-lxc=10637 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-lxc=10637 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-lxc=10637 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-lxc=10637 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.8.0]: lxc-devel-0.8.0-0.23.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 0.8.0]: lxc-0.8.0-0.23.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): lxc-0.8.0-0.23.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): lxc-0.8.0-0.23.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): lxc-0.8.0-0.23.2 References: https://bugzilla.suse.com/924891 https://bugzilla.suse.com/924892 https://download.suse.com/patch/finder/?keywords=1d2ca088cbcdf3f683976e3865160607 From sle-updates at lists.suse.com Wed Jun 3 09:06:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jun 2015 17:06:59 +0200 (CEST) Subject: SUSE-RU-2015:0996-1: Recommended update for crowbar-barclamp-crowbar Message-ID: <20150603150659.B5D6F32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0996-1 Rating: low References: #918405 #919964 #926605 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for crowbar-barclamp-crowbar provides the following stability fixes and improvements from the upstream OpenStack project: * Wait not only until current chef-client is finished, but also check the running queue of chef clients. (bsc#919964) * Add some comments to explain how we wait for chef-client on state change * Avoid race between chef-client queue getting emptied and chef-client run * Make NodeObject.group_order return a unique value * Use haproxy public name for public URL when using a cluster (bsc#918405) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-crowbar=10606 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-crowbar-1.8+git.1427187341.19f5a2c-0.7.1 References: https://bugzilla.suse.com/918405 https://bugzilla.suse.com/919964 https://bugzilla.suse.com/926605 https://download.suse.com/patch/finder/?keywords=747168168629e936b44c7cb24d50abbe From sle-updates at lists.suse.com Wed Jun 3 12:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 3 Jun 2015 20:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0998-1: moderate: Recommended update for Machinery Message-ID: <20150603180453.ECFE932063@maintenance.suse.de> SUSE Recommended Update: Recommended update for Machinery ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0998-1 Rating: moderate References: #925732 #931277 #931701 Affected Products: SUSE Linux Enterprise Module for Advanced Systems Management 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for Machinery provides version 1.8.2 with various fixes and improvements: - Fixed repository inspection using a non-root user - Improve error message when user lacks sudo privileges - Add experimental option to show comparison of two system descriptions as HTML view - Support inspection of Red Hat Enterprise Linux 5 systems - Enable inspection of openSUSE Tumbleweed systems - Make HTML export more robust (bsc#925732) - Implement inspection of remote systems without root login using sudo - Inspection shows used filters only with `--verbose` - Add experimental `--exclude` option to exclude elements from inspection (Run `machinery config experimental-features on` to enable the option) - Support global `--exclude` option for `show` command. (Run `machinery config experimental-features on` to enable the option) - Add `--verbose` option to `inspect` command to display the filters which were used during inspection - Add `--verbose` option to `show` command to display the filters which were applied before showing the system description - Show progress on upgrading the system description format - Improve help for users when upgrading system descriptions - Fix piping output of Machinery to less - Better help for users when upgrading format of system descriptions - Add option to show command to display filters used during inspection - Support negated filter expressions in --exclude option - Show filters used during inspection in HTML view. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2015-237=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): machinery-1.8.2-25.1 machinery-debuginfo-1.8.2-25.1 machinery-debugsource-1.8.2-25.1 References: https://bugzilla.suse.com/925732 https://bugzilla.suse.com/931277 https://bugzilla.suse.com/931701 From sle-updates at lists.suse.com Thu Jun 4 09:04:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jun 2015 17:04:59 +0200 (CEST) Subject: SUSE-RU-2015:0999-1: moderate: Recommended update for iprutils Message-ID: <20150604150459.BE00E32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for iprutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0999-1 Rating: moderate References: #923181 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for iprutils fixes selection of different RAID options when creating disk arrays. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-238=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le x86_64): iprutils-2.4.1-14.1 iprutils-debuginfo-2.4.1-14.1 iprutils-debugsource-2.4.1-14.1 References: https://bugzilla.suse.com/923181 From sle-updates at lists.suse.com Thu Jun 4 09:05:17 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jun 2015 17:05:17 +0200 (CEST) Subject: SUSE-RU-2015:1000-1: moderate: Recommended update for ppc64-diag Message-ID: <20150604150517.D688932068@maintenance.suse.de> SUSE Recommended Update: Recommended update for ppc64-diag ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1000-1 Rating: moderate References: #931001 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ppc64-diag fixes a memory leak in the PRRN event handler. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-239=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le): ppc64-diag-2.6.7-4.1 ppc64-diag-debuginfo-2.6.7-4.1 ppc64-diag-debugsource-2.6.7-4.1 References: https://bugzilla.suse.com/931001 From sle-updates at lists.suse.com Thu Jun 4 12:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 4 Jun 2015 20:04:53 +0200 (CEST) Subject: SUSE-RU-2015:1001-1: moderate: Recommended update for powerpc-utils Message-ID: <20150604180453.A0AE032063@maintenance.suse.de> SUSE Recommended Update: Recommended update for powerpc-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1001-1 Rating: moderate References: #926348 #930153 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This powerpc-utils update provides the following fixes: - Use sysfs migration store to initiate migration. (bsc#926348) - Fix handling of drmgr's replace (-R) option. (bsc#930153) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-240=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le): powerpc-utils-1.2.22-12.1 powerpc-utils-debuginfo-1.2.22-12.1 powerpc-utils-debugsource-1.2.22-12.1 References: https://bugzilla.suse.com/926348 https://bugzilla.suse.com/930153 From sle-updates at lists.suse.com Mon Jun 8 07:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jun 2015 15:04:55 +0200 (CEST) Subject: SUSE-SU-2015:1011-1: critical: Security update for cups Message-ID: <20150608130455.AADD632063@maintenance.suse.de> SUSE Security Update: Security update for cups ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1011-1 Rating: critical References: #924208 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update fixes a privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on the server. This combination of issues could lead to remote code execution. CERT-VU-810572 has been assigned to this issue. Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-cups=10707 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-cups=10707 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-cups=10707 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-cups=10707 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): cups-devel-1.3.9-8.46.56.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): cups-1.3.9-8.46.56.1 cups-client-1.3.9-8.46.56.1 cups-libs-1.3.9-8.46.56.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): cups-libs-32bit-1.3.9-8.46.56.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): cups-1.3.9-8.46.56.1 cups-client-1.3.9-8.46.56.1 cups-libs-1.3.9-8.46.56.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): cups-libs-32bit-1.3.9-8.46.56.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): cups-libs-x86-1.3.9-8.46.56.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): cups-1.3.9-8.46.56.1 cups-client-1.3.9-8.46.56.1 cups-libs-1.3.9-8.46.56.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): cups-libs-32bit-1.3.9-8.46.56.1 References: https://bugzilla.suse.com/924208 https://download.suse.com/patch/finder/?keywords=cfe8bb7d17a9116bd37d397cd41c000f From sle-updates at lists.suse.com Mon Jun 8 09:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jun 2015 17:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0903-2: Recommended update for python-oslo.db Message-ID: <20150608150453.4D4DD32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.db ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0903-2 Rating: low References: #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for python-oslo.db provides the following fixes: * Repair include_object to accommodate new objects * Ensure create_engine() retries the initial connection test * Move begin ping listener to a connect listener. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-python-oslo.db=10599 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (x86_64) [New Version: 1.0.3]: python-oslo.db-1.0.3-0.7.1 References: https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=1c59893aa254a9d814a7bb082fafdaef From sle-updates at lists.suse.com Mon Jun 8 09:05:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 8 Jun 2015 17:05:11 +0200 (CEST) Subject: SUSE-RU-2015:1012-1: Recommended update for python-oslo.messaging Message-ID: <20150608150511.2EA9632068@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.messaging ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1012-1 Rating: low References: #917373 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for python-oslo.messaging provides the following fixes: * Rabbit uses kombu instead of builtin stuffs * Rabbit iterconsume must honor timeout * Have the timeout decrement inside the wait method * Ensure kombu channels are closed * Declare DirectPublisher exchanges with passive True. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-python-oslo.messaging=10600 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (x86_64): python-oslo.messaging-1.4.1-0.9.1 References: https://bugzilla.suse.com/917373 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=a433dffb1fdc095017b1aa629b666409 From sle-updates at lists.suse.com Tue Jun 9 02:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 10:04:57 +0200 (CEST) Subject: SUSE-SU-2015:1013-1: moderate: Security update for wpa_supplicant Message-ID: <20150609080457.25CC632063@maintenance.suse.de> SUSE Security Update: Security update for wpa_supplicant ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1013-1 Rating: moderate References: #900611 #915323 #927558 Cross-References: CVE-2014-3686 CVE-2015-0210 CVE-2015-1863 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: wpa_supplicant was updated to fix three security issues: - CVE-2015-0210: wpa_supplicant: broken certificate subject check this adds the "domain_match" config option from upstream (additional to the already existing domain_suffix_match) - CVE-2014-3686: hostapd command execution - CVE-2015-1863: P2P SSID processing vulnerability Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-244=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-244=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): wpa_supplicant-2.2-8.1 wpa_supplicant-debuginfo-2.2-8.1 wpa_supplicant-debugsource-2.2-8.1 - SUSE Linux Enterprise Desktop 12 (x86_64): wpa_supplicant-2.2-8.1 wpa_supplicant-debuginfo-2.2-8.1 wpa_supplicant-debugsource-2.2-8.1 References: https://www.suse.com/security/cve/CVE-2014-3686.html https://www.suse.com/security/cve/CVE-2015-0210.html https://www.suse.com/security/cve/CVE-2015-1863.html https://bugzilla.suse.com/900611 https://bugzilla.suse.com/915323 https://bugzilla.suse.com/927558 From sle-updates at lists.suse.com Tue Jun 9 02:05:46 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 10:05:46 +0200 (CEST) Subject: SUSE-SU-2015:1014-1: moderate: Security update for vorbis-tools Message-ID: <20150609080547.2BA9032063@maintenance.suse.de> SUSE Security Update: Security update for vorbis-tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1014-1 Rating: moderate References: #914439 #914441 Cross-References: CVE-2014-9638 CVE-2014-9639 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Vorbis tools was updated to fix division by zero and integer overflows by crafted WAV files (CVE-2014-9638, CVE-2014-9639, bnc#914439, bnc#914441), that would allow attackers to crash the vorbis tools processes. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-245=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-245=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): vorbis-tools-1.4.0-23.1 vorbis-tools-debuginfo-1.4.0-23.1 vorbis-tools-debugsource-1.4.0-23.1 - SUSE Linux Enterprise Server 12 (noarch): vorbis-tools-lang-1.4.0-23.1 - SUSE Linux Enterprise Desktop 12 (x86_64): vorbis-tools-1.4.0-23.1 vorbis-tools-debuginfo-1.4.0-23.1 vorbis-tools-debugsource-1.4.0-23.1 - SUSE Linux Enterprise Desktop 12 (noarch): vorbis-tools-lang-1.4.0-23.1 References: https://www.suse.com/security/cve/CVE-2014-9638.html https://www.suse.com/security/cve/CVE-2014-9639.html https://bugzilla.suse.com/914439 https://bugzilla.suse.com/914441 From sle-updates at lists.suse.com Tue Jun 9 02:06:17 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 10:06:17 +0200 (CEST) Subject: SUSE-SU-2015:1015-1: moderate: Security update for dnsmasq Message-ID: <20150609080617.95A2432068@maintenance.suse.de> SUSE Security Update: Security update for dnsmasq ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1015-1 Rating: moderate References: #923144 #928867 Cross-References: CVE-2015-3294 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: The DNS server dnsmasq was updated to fix one security issue and one non-security bug: * CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read memory from the heap, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867) * bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value. Security Issues: * CVE-2015-3294 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-dnsmasq=10650 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-dnsmasq=10650 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-dnsmasq=10650 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.71]: dnsmasq-2.71-0.12.13.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.71]: dnsmasq-2.71-0.12.13.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.71]: dnsmasq-2.71-0.12.13.1 References: https://www.suse.com/security/cve/CVE-2015-3294.html https://bugzilla.suse.com/923144 https://bugzilla.suse.com/928867 https://download.suse.com/patch/finder/?keywords=304ffac9847406592e7dae5b253b7965 From sle-updates at lists.suse.com Tue Jun 9 05:05:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 13:05:01 +0200 (CEST) Subject: SUSE-RU-2015:1017-1: moderate: Recommended update for MyODBC-unixODBC Message-ID: <20150609110501.BD01F32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for MyODBC-unixODBC ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1017-1 Rating: moderate References: #881624 #909554 #922866 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for MyODBC-unixODBC fixes the following issues: - Fix a segmentation fault in myodbc-installer. - Fix symbol lookup error due to undefined test() macro in libmyodbc5.so and libmysqlclient. - Fix incorrect implementation of is_minimum_version(). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-246=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-246=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-246=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): MyODBC-unixODBC-5.1.8-20.1 MyODBC-unixODBC-debuginfo-5.1.8-20.1 MyODBC-unixODBC-debugsource-5.1.8-20.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): MyODBC-unixODBC-5.1.8-20.1 MyODBC-unixODBC-debuginfo-5.1.8-20.1 MyODBC-unixODBC-debugsource-5.1.8-20.1 - SUSE Linux Enterprise Desktop 12 (x86_64): MyODBC-unixODBC-5.1.8-20.1 MyODBC-unixODBC-debuginfo-5.1.8-20.1 MyODBC-unixODBC-debugsource-5.1.8-20.1 References: https://bugzilla.suse.com/881624 https://bugzilla.suse.com/909554 https://bugzilla.suse.com/922866 From sle-updates at lists.suse.com Tue Jun 9 06:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 14:04:57 +0200 (CEST) Subject: SUSE-SU-2015:1018-1: moderate: Security update for php53 Message-ID: <20150609120457.B978932068@maintenance.suse.de> SUSE Security Update: Security update for php53 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1018-1 Rating: moderate References: #922022 #922451 #922452 #923946 #924972 #925109 #928506 #928511 #931421 #931769 #931772 #931776 Cross-References: CVE-2014-9705 CVE-2014-9709 CVE-2015-2301 CVE-2015-2305 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4026 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that solves 11 vulnerabilities and has one errata is now available. Description: PHP 5.3 was updated to fix multiple security issues: * bnc#931776: pcntl_exec() does not check path validity (CVE-2015-4026) * bnc#931772: overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4022) * bnc#931769: memory corruption in phar_parse_tarfile when entry filename starts with NULL (CVE-2015-4021) * bnc#931421: multipart/form-data remote denial-of-service vulnerability (CVE-2015-4024) * bnc#928511: buffer over-read in unserialize when parsing Phar (CVE-2015-2783) * bnc#928506: buffer over flow when parsing tar/zip/phar in phar_set_inode() (CVE-2015-3329) * bnc#925109: SoapClient's __call() type confusion through unserialize() * bnc#924972: use-after-free vulnerability in the process_nested_data function (CVE-2015-2787) * bnc#923946: embedded gd copy: buffer read overflow in gd_gif_in.c (CVE-2014-9709) * bnc#922452: built-in regular expression (regex) library contains a heap overflow vulnerability (CVE-2015-2305) * bnc#922451: heap buffer overflow in enchant_broker_request_dict() (CVE-2014-9705) * bnc#922022: php's built-in regular expression (regex) library contains a heap overflow vulnerability (CVE-2015-2301) Security Issues: * CVE-2015-4026 * CVE-2015-4022 * CVE-2015-4021 * CVE-2015-4024 * CVE-2015-2783 * CVE-2015-3329 * CVE-2015-2787 * CVE-2014-9709 * CVE-2015-2305 * CVE-2014-9705 * CVE-2015-2301 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-apache2-mod_php53=10716 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-mod_php53=10716 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-apache2-mod_php53=10716 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): php53-devel-5.3.17-0.41.1 php53-imap-5.3.17-0.41.1 php53-posix-5.3.17-0.41.1 php53-readline-5.3.17-0.41.1 php53-sockets-5.3.17-0.41.1 php53-sqlite-5.3.17-0.41.1 php53-tidy-5.3.17-0.41.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): apache2-mod_php53-5.3.17-0.41.1 php53-5.3.17-0.41.1 php53-bcmath-5.3.17-0.41.1 php53-bz2-5.3.17-0.41.1 php53-calendar-5.3.17-0.41.1 php53-ctype-5.3.17-0.41.1 php53-curl-5.3.17-0.41.1 php53-dba-5.3.17-0.41.1 php53-dom-5.3.17-0.41.1 php53-exif-5.3.17-0.41.1 php53-fastcgi-5.3.17-0.41.1 php53-fileinfo-5.3.17-0.41.1 php53-ftp-5.3.17-0.41.1 php53-gd-5.3.17-0.41.1 php53-gettext-5.3.17-0.41.1 php53-gmp-5.3.17-0.41.1 php53-iconv-5.3.17-0.41.1 php53-intl-5.3.17-0.41.1 php53-json-5.3.17-0.41.1 php53-ldap-5.3.17-0.41.1 php53-mbstring-5.3.17-0.41.1 php53-mcrypt-5.3.17-0.41.1 php53-mysql-5.3.17-0.41.1 php53-odbc-5.3.17-0.41.1 php53-openssl-5.3.17-0.41.1 php53-pcntl-5.3.17-0.41.1 php53-pdo-5.3.17-0.41.1 php53-pear-5.3.17-0.41.1 php53-pgsql-5.3.17-0.41.1 php53-pspell-5.3.17-0.41.1 php53-shmop-5.3.17-0.41.1 php53-snmp-5.3.17-0.41.1 php53-soap-5.3.17-0.41.1 php53-suhosin-5.3.17-0.41.1 php53-sysvmsg-5.3.17-0.41.1 php53-sysvsem-5.3.17-0.41.1 php53-sysvshm-5.3.17-0.41.1 php53-tokenizer-5.3.17-0.41.1 php53-wddx-5.3.17-0.41.1 php53-xmlreader-5.3.17-0.41.1 php53-xmlrpc-5.3.17-0.41.1 php53-xmlwriter-5.3.17-0.41.1 php53-xsl-5.3.17-0.41.1 php53-zip-5.3.17-0.41.1 php53-zlib-5.3.17-0.41.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php53-5.3.17-0.41.1 php53-5.3.17-0.41.1 php53-bcmath-5.3.17-0.41.1 php53-bz2-5.3.17-0.41.1 php53-calendar-5.3.17-0.41.1 php53-ctype-5.3.17-0.41.1 php53-curl-5.3.17-0.41.1 php53-dba-5.3.17-0.41.1 php53-dom-5.3.17-0.41.1 php53-exif-5.3.17-0.41.1 php53-fastcgi-5.3.17-0.41.1 php53-fileinfo-5.3.17-0.41.1 php53-ftp-5.3.17-0.41.1 php53-gd-5.3.17-0.41.1 php53-gettext-5.3.17-0.41.1 php53-gmp-5.3.17-0.41.1 php53-iconv-5.3.17-0.41.1 php53-intl-5.3.17-0.41.1 php53-json-5.3.17-0.41.1 php53-ldap-5.3.17-0.41.1 php53-mbstring-5.3.17-0.41.1 php53-mcrypt-5.3.17-0.41.1 php53-mysql-5.3.17-0.41.1 php53-odbc-5.3.17-0.41.1 php53-openssl-5.3.17-0.41.1 php53-pcntl-5.3.17-0.41.1 php53-pdo-5.3.17-0.41.1 php53-pear-5.3.17-0.41.1 php53-pgsql-5.3.17-0.41.1 php53-pspell-5.3.17-0.41.1 php53-shmop-5.3.17-0.41.1 php53-snmp-5.3.17-0.41.1 php53-soap-5.3.17-0.41.1 php53-suhosin-5.3.17-0.41.1 php53-sysvmsg-5.3.17-0.41.1 php53-sysvsem-5.3.17-0.41.1 php53-sysvshm-5.3.17-0.41.1 php53-tokenizer-5.3.17-0.41.1 php53-wddx-5.3.17-0.41.1 php53-xmlreader-5.3.17-0.41.1 php53-xmlrpc-5.3.17-0.41.1 php53-xmlwriter-5.3.17-0.41.1 php53-xsl-5.3.17-0.41.1 php53-zip-5.3.17-0.41.1 php53-zlib-5.3.17-0.41.1 References: https://www.suse.com/security/cve/CVE-2014-9705.html https://www.suse.com/security/cve/CVE-2014-9709.html https://www.suse.com/security/cve/CVE-2015-2301.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2783.html https://www.suse.com/security/cve/CVE-2015-2787.html https://www.suse.com/security/cve/CVE-2015-3329.html https://www.suse.com/security/cve/CVE-2015-4021.html https://www.suse.com/security/cve/CVE-2015-4022.html https://www.suse.com/security/cve/CVE-2015-4024.html https://www.suse.com/security/cve/CVE-2015-4026.html https://bugzilla.suse.com/922022 https://bugzilla.suse.com/922451 https://bugzilla.suse.com/922452 https://bugzilla.suse.com/923946 https://bugzilla.suse.com/924972 https://bugzilla.suse.com/925109 https://bugzilla.suse.com/928506 https://bugzilla.suse.com/928511 https://bugzilla.suse.com/931421 https://bugzilla.suse.com/931769 https://bugzilla.suse.com/931772 https://bugzilla.suse.com/931776 https://download.suse.com/patch/finder/?keywords=50901ea397c43cdc72e7b8b864450cd7 From sle-updates at lists.suse.com Tue Jun 9 08:05:00 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 16:05:00 +0200 (CEST) Subject: SUSE-SU-2015:1019-1: moderate: Security update for patch Message-ID: <20150609140500.B39EE32063@maintenance.suse.de> SUSE Security Update: Security update for patch ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1019-1 Rating: moderate References: #904519 #913678 #915328 #915329 Cross-References: CVE-2015-1196 CVE-2015-1395 CVE-2015-1396 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: The GNU patch utility was updated to 2.7.5 to fix three security issues and one non-security bug. The following vulnerabilities were fixed: * CVE-2015-1196: directory traversal flaw when handling git-style patches. This could allow an attacker to overwrite arbitrary files by tricking the user into applying a specially crafted patch. (bsc#913678) * CVE-2015-1395: directory traversal flaw when handling patches which rename files. This could allow an attacker to overwrite arbitrary files by tricking the user into applying a specially crafted patch. (bsc#915328) * CVE-2015-1396: directory traversal flaw via symbolic links. This could allow an attacker to overwrite arbitrary files by tricking the user into applying a by applying a specially crafted patch. (bsc#915329) The following bug was fixed: * bsc#904519: Function names in hunks (from diff -p) are now preserved in reject files. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-247=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-247=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): patch-2.7.5-7.1 patch-debuginfo-2.7.5-7.1 patch-debugsource-2.7.5-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): patch-2.7.5-7.1 patch-debuginfo-2.7.5-7.1 patch-debugsource-2.7.5-7.1 References: https://www.suse.com/security/cve/CVE-2015-1196.html https://www.suse.com/security/cve/CVE-2015-1395.html https://www.suse.com/security/cve/CVE-2015-1396.html https://bugzilla.suse.com/904519 https://bugzilla.suse.com/913678 https://bugzilla.suse.com/915328 https://bugzilla.suse.com/915329 From sle-updates at lists.suse.com Tue Jun 9 08:05:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 16:05:54 +0200 (CEST) Subject: SUSE-SU-2015:1020-1: moderate: Security update for autofs Message-ID: <20150609140554.3BBA132068@maintenance.suse.de> SUSE Security Update: Security update for autofs ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1020-1 Rating: moderate References: #901448 #909472 #913376 #916203 #917977 Cross-References: CVE-2014-8169 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: autofs was updated to fix one security issue. This security issue was fixed: - CVE-2014-8169: Prevent potential privilege escalation via interpreter load path for program-based automount maps (bnc#917977). These non-security issues were fixed: - Dont pass sloppy option for other than nfs mounts (bnc#901448, bnc#916203) - Fix insserv warning at postinstall (bnc#913376) - Fix autofs.service so that multiple options passed through sysconfig AUTOFS_OPTIONS work correctly (bnc#909472) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-248=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-248=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): autofs-5.0.9-8.1 autofs-debuginfo-5.0.9-8.1 autofs-debugsource-5.0.9-8.1 - SUSE Linux Enterprise Desktop 12 (x86_64): autofs-5.0.9-8.1 autofs-debuginfo-5.0.9-8.1 autofs-debugsource-5.0.9-8.1 References: https://www.suse.com/security/cve/CVE-2014-8169.html https://bugzilla.suse.com/901448 https://bugzilla.suse.com/909472 https://bugzilla.suse.com/913376 https://bugzilla.suse.com/916203 https://bugzilla.suse.com/917977 From sle-updates at lists.suse.com Tue Jun 9 14:04:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 9 Jun 2015 22:04:51 +0200 (CEST) Subject: SUSE-RU-2015:1021-1: Recommended update for freetype2 Message-ID: <20150609200451.8121F32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1021-1 Rating: low References: #930711 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for freetype2 adjusts the patch that fixed CVE-2014-9671 for better backwards compatibility. As the PCF format doesn't have an official specification, we have to exactly follow X11's pcfWriteFont and pcfReadFont functions' behavior. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-freetype2-201506=10746 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-freetype2-201506=10746 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-freetype2-201506=10746 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-freetype2-201506=10746 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): freetype2-devel-2.3.7-25.35.36.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): freetype2-devel-32bit-2.3.7-25.35.36.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): freetype2-2.3.7-25.35.36.1 ft2demos-2.3.7-25.35.36.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): freetype2-32bit-2.3.7-25.35.36.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): freetype2-2.3.7-25.35.36.1 ft2demos-2.3.7-25.35.36.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): freetype2-32bit-2.3.7-25.35.36.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): freetype2-x86-2.3.7-25.35.36.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): freetype2-2.3.7-25.35.36.1 ft2demos-2.3.7-25.35.36.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): freetype2-32bit-2.3.7-25.35.36.1 References: https://bugzilla.suse.com/930711 https://download.suse.com/patch/finder/?keywords=ad517554bc456a7a4b67d561c2f9d248 From sle-updates at lists.suse.com Wed Jun 10 06:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jun 2015 14:04:55 +0200 (CEST) Subject: SUSE-SU-2015:1024-1: moderate: Security update for FUSE Message-ID: <20150610120455.6D81332063@maintenance.suse.de> SUSE Security Update: Security update for FUSE ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1024-1 Rating: moderate References: #931452 Cross-References: CVE-2015-3202 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for FUSE fixes the following security issue: * CVE-2015-3202: FUSE did not clear the environment upon execution of external programs. Security Issues: * CVE-2015-3202 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-fuse=10694 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-fuse=10694 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-fuse=10694 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-fuse=10694 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): fuse-devel-2.8.7-0.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): fuse-2.8.7-0.11.1 libfuse2-2.8.7-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): fuse-2.8.7-0.11.1 libfuse2-2.8.7-0.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): fuse-2.8.7-0.11.1 libfuse2-2.8.7-0.11.1 References: https://www.suse.com/security/cve/CVE-2015-3202.html https://bugzilla.suse.com/931452 https://download.suse.com/patch/finder/?keywords=361642762ee51e4f3081c74ab3d188b5 From sle-updates at lists.suse.com Wed Jun 10 06:05:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jun 2015 14:05:13 +0200 (CEST) Subject: SUSE-SU-2015:1025-1: moderate: Security update for xorg-x11-server Message-ID: <20150610120513.C981032068@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1025-1 Rating: moderate References: #928520 Cross-References: CVE-2015-3418 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xorg-x11-server fixes a regression introduced with the fix for CVE-2014-8092: * CVE-2015-3418: Xserver: PutImage crashes Server when called with 0 height. (bsc#928520) Security Issues: * CVE-2015-3418 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xorg-x11-Xvnc=10702 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-Xvnc=10702 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-Xvnc=10702 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-Xvnc=10702 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-sdk-7.4-27.105.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-Xvnc-7.4-27.105.1 xorg-x11-server-7.4-27.105.1 xorg-x11-server-extra-7.4-27.105.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-Xvnc-7.4-27.105.1 xorg-x11-server-7.4-27.105.1 xorg-x11-server-extra-7.4-27.105.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-Xvnc-7.4-27.105.1 xorg-x11-server-7.4-27.105.1 xorg-x11-server-extra-7.4-27.105.1 References: https://www.suse.com/security/cve/CVE-2015-3418.html https://bugzilla.suse.com/928520 https://download.suse.com/patch/finder/?keywords=9653b407c32d8e7616ca032ca22bda45 From sle-updates at lists.suse.com Wed Jun 10 10:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jun 2015 18:04:52 +0200 (CEST) Subject: SUSE-RU-2015:1026-1: important: Recommended update for ceph Message-ID: <20150610160452.421F232063@maintenance.suse.de> SUSE Recommended Update: Recommended update for ceph ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1026-1 Rating: important References: #907510 #915567 #919091 #919313 #922219 #922476 #924269 #924894 #927862 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: The Ceph client has been updated to version 0.80.9, bringing several fixes and enhancements: - librbd: Complete pending operations before losing image. (#10299) - librbd: Fix read caching performance regression. (#9854) - librbd: Gracefully handle deleted/renamed pools. (#10270) - Move udev rules for rbd devices to the client package ceph-common. - Fix ceph-devel requirements to not pull in the full ceph package. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-249=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-249=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-249=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (x86_64): ceph-devel-0.80.9-5.1 - SUSE Linux Enterprise Server 12 (x86_64): ceph-common-0.80.9-5.1 ceph-common-debuginfo-0.80.9-5.1 libcephfs1-0.80.9-5.1 libcephfs1-debuginfo-0.80.9-5.1 librados2-0.80.9-5.1 librados2-debuginfo-0.80.9-5.1 librbd1-0.80.9-5.1 librbd1-debuginfo-0.80.9-5.1 python-ceph-0.80.9-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): librados2-0.80.9-5.1 librados2-debuginfo-0.80.9-5.1 librbd1-0.80.9-5.1 librbd1-debuginfo-0.80.9-5.1 References: https://bugzilla.suse.com/907510 https://bugzilla.suse.com/915567 https://bugzilla.suse.com/919091 https://bugzilla.suse.com/919313 https://bugzilla.suse.com/922219 https://bugzilla.suse.com/922476 https://bugzilla.suse.com/924269 https://bugzilla.suse.com/924894 https://bugzilla.suse.com/927862 From sle-updates at lists.suse.com Wed Jun 10 12:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jun 2015 20:04:54 +0200 (CEST) Subject: SUSE-RU-2015:1027-1: Recommended update for WALinuxAgent Message-ID: <20150610180454.EEC3132063@maintenance.suse.de> SUSE Recommended Update: Recommended update for WALinuxAgent ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1027-1 Rating: low References: #919244 #924135 #924137 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for WALinuxAgent adds support for page blob status report and ensures the daemon is restarted after an update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-252=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): WALinuxAgent-2.0.12-9.1 References: https://bugzilla.suse.com/919244 https://bugzilla.suse.com/924135 https://bugzilla.suse.com/924137 From sle-updates at lists.suse.com Wed Jun 10 13:05:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 10 Jun 2015 21:05:29 +0200 (CEST) Subject: SUSE-RU-2015:1029-1: important: Recommended update for crowbar-barclamp-ceph Message-ID: <20150610190529.249B232068@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-ceph ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1029-1 Rating: important References: #931284 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended udpate fixes a regression introduced with the latest update of crowbar-barclamp-ceph: * Fix parsing of "virsh secret-list" header. (bnc#931284) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-ceph=10737 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-ceph-1.9+git.1432222240.c5ac76f-0.9.1 References: https://bugzilla.suse.com/931284 https://download.suse.com/patch/finder/?keywords=23b0ec3c0fee8f5b3a23b037b74532fa From sle-updates at lists.suse.com Thu Jun 11 07:05:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 15:05:04 +0200 (CEST) Subject: SUSE-RU-2015:1032-1: Recommended update for couchdb Message-ID: <20150611130504.8DB4732068@maintenance.suse.de> SUSE Recommended Update: Recommended update for couchdb ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1032-1 Rating: low References: #920064 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for couchdb provides the following fix: * add -w option to startproc call (bnc#920064) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-couchdb=10588 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (x86_64): couchdb-1.6.1-0.11.1 References: https://bugzilla.suse.com/920064 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=aabba146630d7a7da57d1ae7547cc753 From sle-updates at lists.suse.com Thu Jun 11 07:05:36 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 15:05:36 +0200 (CEST) Subject: SUSE-RU-2015:1033-1: Recommended update for yast2-hardware-detection Message-ID: <20150611130536.E80A632068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-hardware-detection ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1033-1 Rating: low References: #773323 #903069 #915938 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-hardware-detection provides the following fixes: - Fix configuration of ZFCP devices. (bsc#903069) - Added VMware and VirtualBox VM detection. (bsc#773323) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-253=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-253=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-hardware-detection-3.1.7-6.1 yast2-hardware-detection-debuginfo-3.1.7-6.1 yast2-hardware-detection-debugsource-3.1.7-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-hardware-detection-3.1.7-6.1 yast2-hardware-detection-debuginfo-3.1.7-6.1 yast2-hardware-detection-debugsource-3.1.7-6.1 References: https://bugzilla.suse.com/773323 https://bugzilla.suse.com/903069 https://bugzilla.suse.com/915938 From sle-updates at lists.suse.com Thu Jun 11 07:06:33 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 15:06:33 +0200 (CEST) Subject: SUSE-RU-2015:1034-1: Recommended update for yast2-s390 Message-ID: <20150611130633.680C632068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-s390 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1034-1 Rating: low References: #899104 #928388 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-s390 provides the following fixes: - Fix installation on unformatted DASD devices via AutoYaST. (bsc#928388) - Remove X-KDE-Library from .desktop file. (bsc#899104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-254=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (s390x): yast2-s390-3.1.22-6.1 References: https://bugzilla.suse.com/899104 https://bugzilla.suse.com/928388 From sle-updates at lists.suse.com Thu Jun 11 07:07:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 15:07:08 +0200 (CEST) Subject: SUSE-RU-2015:1035-1: Recommended update for yast2-users Message-ID: <20150611130708.BEC7732063@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-users ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1035-1 Rating: low References: #881396 #899104 #904645 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-users provides the following fixes: - Set F9 function key binding correctly in text mode. (bsc#881396) - Remove X-KDE-Library from .desktop file. (bsc#899104) - Allow changing of CN value if the LDAP user is not saved yet. (bsc#904645) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-255=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-255=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-255=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-users-debuginfo-3.1.37-10.1 yast2-users-debugsource-3.1.37-10.1 yast2-users-devel-doc-3.1.37-10.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-users-3.1.37-10.1 yast2-users-debuginfo-3.1.37-10.1 yast2-users-debugsource-3.1.37-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-users-3.1.37-10.1 yast2-users-debuginfo-3.1.37-10.1 yast2-users-debugsource-3.1.37-10.1 References: https://bugzilla.suse.com/881396 https://bugzilla.suse.com/899104 https://bugzilla.suse.com/904645 From sle-updates at lists.suse.com Thu Jun 11 07:07:58 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 15:07:58 +0200 (CEST) Subject: SUSE-RU-2015:1036-1: Recommended update for yast2-ftp-server Message-ID: <20150611130758.5168432063@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-ftp-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1036-1 Rating: low References: #897470 #899104 #907354 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-ftp-server fixes the following issues: - A configuration problem which prevented xinetd from handling vsftp, since it was always configured as standalone. (bnc#897470) - Remove X-KDE-Library from .desktop file. (bnc#899104) - AutoYaST import: Initialize the correct ftpserver which will be used for configuration. (bnc#907354) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-257=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-ftp-server-3.1.8-6.1 References: https://bugzilla.suse.com/897470 https://bugzilla.suse.com/899104 https://bugzilla.suse.com/907354 From sle-updates at lists.suse.com Thu Jun 11 08:05:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 16:05:03 +0200 (CEST) Subject: SUSE-RU-2015:1037-1: Recommended update for yast2-inetd Message-ID: <20150611140503.1369932063@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-inetd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1037-1 Rating: low References: #898745 #899104 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-inetd fixes an internal error that could happen during installation via AutoYaST. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-258=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-258=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-258=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (noarch): yast2-inetd-doc-3.1.10-6.1 - SUSE Linux Enterprise Server 12 (noarch): yast2-inetd-3.1.10-6.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-inetd-3.1.10-6.1 References: https://bugzilla.suse.com/898745 https://bugzilla.suse.com/899104 From sle-updates at lists.suse.com Thu Jun 11 08:05:31 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 16:05:31 +0200 (CEST) Subject: SUSE-RU-2015:1038-1: Recommended update for yast2-samba-client Message-ID: <20150611140531.9492F32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-samba-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1038-1 Rating: low References: #873922 #899104 #902302 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-samba-client provides the following fixes: - When joining domain, provide osName and osVer arguments to "net ads join". (bsc#873922) - Don't update Workgroup with realm name when invoking yast samba-client winbind enable. (bsc#902302) - Remove X-KDE-Library from .desktop file. (bsc#899104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-260=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-260=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-samba-client-3.1.15-8.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-samba-client-3.1.15-8.1 References: https://bugzilla.suse.com/873922 https://bugzilla.suse.com/899104 https://bugzilla.suse.com/902302 From sle-updates at lists.suse.com Thu Jun 11 08:06:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 16:06:13 +0200 (CEST) Subject: SUSE-RU-2015:1039-1: Recommended update for yast2-multipath Message-ID: <20150611140613.5625832068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-multipath ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1039-1 Rating: low References: #899104 #900822 #925864 Affected Products: SUSE Linux Enterprise High Availability 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-multipath provides the following fixes: - Allow "service-time 0" and "queue-length 0" as parameters for the path selector configuration. (bsc#925864) - Remove handling of the now obsolete "boot.multipath" service. (bsc#900822) - Remove X-KDE-Library from .desktop file. (bsc#899104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2015-259=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12 (noarch): yast2-multipath-3.1.6-6.1 References: https://bugzilla.suse.com/899104 https://bugzilla.suse.com/900822 https://bugzilla.suse.com/925864 From sle-updates at lists.suse.com Thu Jun 11 08:06:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 16:06:53 +0200 (CEST) Subject: SUSE-RU-2015:1040-1: Recommended update for yast2-samba-server Message-ID: <20150611140653.B4BEF32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-samba-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1040-1 Rating: low References: #873922 #899104 #901597 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-samba-server provides the following fixes: - When joining domain, provide osName and osVer arguments to "net ads join". (bsc#873922) - Squash "Possible precedence issue with control flow operator" warning. (bsc#901597) - Remove X-KDE-Library from .desktop file. (bsc#899104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-261=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-261=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-samba-server-3.1.12-8.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-samba-server-3.1.12-8.1 References: https://bugzilla.suse.com/873922 https://bugzilla.suse.com/899104 https://bugzilla.suse.com/901597 From sle-updates at lists.suse.com Thu Jun 11 09:05:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 17:05:02 +0200 (CEST) Subject: SUSE-SU-2015:1041-1: critical: Security update for cups Message-ID: <20150611150502.F194D32063@maintenance.suse.de> SUSE Security Update: Security update for cups ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1041-1 Rating: critical References: #924208 Cross-References: CVE-2012-5519 CVE-2015-1158 CVE-2015-1159 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The following issues are fixed by this update: * CVE-2012-5519: privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server (bsc#924208). * CVE-2015-1158: Improper Update of Reference Count * CVE-2015-1159: Cross-Site Scripting Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-264=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-264=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-264=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): cups-debuginfo-1.7.5-9.1 cups-debugsource-1.7.5-9.1 cups-devel-1.7.5-9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cups-1.7.5-9.1 cups-client-1.7.5-9.1 cups-client-debuginfo-1.7.5-9.1 cups-debuginfo-1.7.5-9.1 cups-debugsource-1.7.5-9.1 cups-libs-1.7.5-9.1 cups-libs-debuginfo-1.7.5-9.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): cups-libs-32bit-1.7.5-9.1 cups-libs-debuginfo-32bit-1.7.5-9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cups-1.7.5-9.1 cups-client-1.7.5-9.1 cups-client-debuginfo-1.7.5-9.1 cups-debuginfo-1.7.5-9.1 cups-debugsource-1.7.5-9.1 cups-libs-1.7.5-9.1 cups-libs-32bit-1.7.5-9.1 cups-libs-debuginfo-1.7.5-9.1 cups-libs-debuginfo-32bit-1.7.5-9.1 References: https://www.suse.com/security/cve/CVE-2012-5519.html https://www.suse.com/security/cve/CVE-2015-1158.html https://www.suse.com/security/cve/CVE-2015-1159.html https://bugzilla.suse.com/924208 From sle-updates at lists.suse.com Thu Jun 11 09:05:26 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 17:05:26 +0200 (CEST) Subject: SUSE-SU-2015:1042-1: important: Security update for xen Message-ID: <20150611150526.9C3E532063@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1042-1 Rating: important References: #906689 #931625 #931626 #931627 #931628 #932770 #932790 #932996 Cross-References: CVE-2015-3209 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-4163 CVE-2015-4164 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: Xen was updated to fix seven security issues and one non-security bug. The following vulnerabilities were fixed: * CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu (XSA-128) (bnc#931625) * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests (XSA-129) (bnc#931626) * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages (XSA-130) (bnc#931627) * CVE-2015-4106: Unmediated PCI register access in qemu (XSA-131) (bnc#931628) * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior (XSA-134) (bnc#932790) * CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to host escape (XSA-135) (bnc#932770) * CVE-2015-4164: DoS through iret hypercall handler (XSA-136) (bnc#932996) The following non-security bug was fixed: * bnc#906689: let systemd schedule xencommons after network-online.target and remote-fs.target so that xendomains has access to remote shares Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-262=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-262=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-262=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (x86_64): xen-debugsource-4.4.2_06-21.1 xen-devel-4.4.2_06-21.1 - SUSE Linux Enterprise Server 12 (x86_64): xen-4.4.2_06-21.1 xen-debugsource-4.4.2_06-21.1 xen-doc-html-4.4.2_06-21.1 xen-kmp-default-4.4.2_06_k3.12.39_47-21.1 xen-kmp-default-debuginfo-4.4.2_06_k3.12.39_47-21.1 xen-libs-32bit-4.4.2_06-21.1 xen-libs-4.4.2_06-21.1 xen-libs-debuginfo-32bit-4.4.2_06-21.1 xen-libs-debuginfo-4.4.2_06-21.1 xen-tools-4.4.2_06-21.1 xen-tools-debuginfo-4.4.2_06-21.1 xen-tools-domU-4.4.2_06-21.1 xen-tools-domU-debuginfo-4.4.2_06-21.1 - SUSE Linux Enterprise Desktop 12 (x86_64): xen-4.4.2_06-21.1 xen-debugsource-4.4.2_06-21.1 xen-kmp-default-4.4.2_06_k3.12.39_47-21.1 xen-kmp-default-debuginfo-4.4.2_06_k3.12.39_47-21.1 xen-libs-32bit-4.4.2_06-21.1 xen-libs-4.4.2_06-21.1 xen-libs-debuginfo-32bit-4.4.2_06-21.1 xen-libs-debuginfo-4.4.2_06-21.1 References: https://www.suse.com/security/cve/CVE-2015-3209.html https://www.suse.com/security/cve/CVE-2015-4103.html https://www.suse.com/security/cve/CVE-2015-4104.html https://www.suse.com/security/cve/CVE-2015-4105.html https://www.suse.com/security/cve/CVE-2015-4106.html https://www.suse.com/security/cve/CVE-2015-4163.html https://www.suse.com/security/cve/CVE-2015-4164.html https://bugzilla.suse.com/906689 https://bugzilla.suse.com/931625 https://bugzilla.suse.com/931626 https://bugzilla.suse.com/931627 https://bugzilla.suse.com/931628 https://bugzilla.suse.com/932770 https://bugzilla.suse.com/932790 https://bugzilla.suse.com/932996 From sle-updates at lists.suse.com Thu Jun 11 09:07:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 17:07:16 +0200 (CEST) Subject: SUSE-SU-2015:1043-1: important: Security update for flash-player Message-ID: <20150611150716.0E63127FF2@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1043-1 Rating: important References: #934088 Cross-References: CVE-2015-3096 CVE-2015-3098 CVE-2015-3099 CVE-2015-3100 CVE-2015-3102 CVE-2015-3103 CVE-2015-3104 CVE-2015-3105 CVE-2015-3106 CVE-2015-3107 CVE-2015-3108 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: The following issues are fixed by this updated: * CVE-2015-3096: These updates resolve a vulnerability that could be exploited to bypass the fix for CVE-2014-5333. * CVE-2015-3098, CVE-2015-3099, CVE-2015-3102:These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure. * CVE-2015-3100: These updates resolve a stack overflow vulnerability that could lead to code execution. * CVE-2015-3103, CVE-2015-3106, CVE-2015-3107: These updates resolve use-after-free vulnerabilities that could lead to code execution. * CVE-2015-3104: These updates resolve an integer overflow vulnerability that could lead to code execution. * CVE-2015-3105: These updates resolve a memory corruption vulnerability that could lead to code execution. * CVE-2015-3108: These updates resolve a memory leak vulnerability that could be used to bypass ASLR (CVE-2015-3108). (bsc#934088) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-263=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-263=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (i586 x86_64): flash-player-11.2.202.466-86.1 flash-player-gnome-11.2.202.466-86.1 - SUSE Linux Enterprise Desktop 12 (i586 x86_64): flash-player-11.2.202.466-86.1 flash-player-gnome-11.2.202.466-86.1 References: https://www.suse.com/security/cve/CVE-2015-3096.html https://www.suse.com/security/cve/CVE-2015-3098.html https://www.suse.com/security/cve/CVE-2015-3099.html https://www.suse.com/security/cve/CVE-2015-3100.html https://www.suse.com/security/cve/CVE-2015-3102.html https://www.suse.com/security/cve/CVE-2015-3103.html https://www.suse.com/security/cve/CVE-2015-3104.html https://www.suse.com/security/cve/CVE-2015-3105.html https://www.suse.com/security/cve/CVE-2015-3106.html https://www.suse.com/security/cve/CVE-2015-3107.html https://www.suse.com/security/cve/CVE-2015-3108.html https://bugzilla.suse.com/934088 From sle-updates at lists.suse.com Thu Jun 11 11:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 19:04:56 +0200 (CEST) Subject: SUSE-SU-2015:1044-1: critical: Security update for cups154 Message-ID: <20150611170456.E2E6731FB8@maintenance.suse.de> SUSE Security Update: Security update for cups154 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1044-1 Rating: critical References: #924208 Cross-References: CVE-2012-5519 CVE-2015-1158 CVE-2015-1159 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The following issues are fixed by this update: * CVE-2012-5519: privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server (bsc#924208). * CVE-2015-1158: Improper Update of Reference Count * CVE-2015-1159: Cross-Site Scripting Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-265=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (ppc64le x86_64): cups154-1.5.4-9.1 cups154-client-1.5.4-9.1 cups154-client-debuginfo-1.5.4-9.1 cups154-debuginfo-1.5.4-9.1 cups154-debugsource-1.5.4-9.1 cups154-filters-1.5.4-9.1 cups154-filters-debuginfo-1.5.4-9.1 cups154-libs-1.5.4-9.1 cups154-libs-debuginfo-1.5.4-9.1 References: https://www.suse.com/security/cve/CVE-2012-5519.html https://www.suse.com/security/cve/CVE-2015-1158.html https://www.suse.com/security/cve/CVE-2015-1159.html https://bugzilla.suse.com/924208 From sle-updates at lists.suse.com Thu Jun 11 12:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 20:04:56 +0200 (CEST) Subject: SUSE-SU-2015:1045-1: important: Security update for Xen Message-ID: <20150611180456.F0BA732063@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1045-1 Rating: important References: #931625 #931626 #931627 #931628 #932770 #932790 #932996 Cross-References: CVE-2015-3209 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-4163 CVE-2015-4164 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: Xen was updated to fix seven security vulnerabilities: * CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. (XSA-128, bnc#931625) * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. (XSA-129, bnc#931626) * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages. (XSA-130, bnc#931627) * CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131, bnc#931628) * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior. (XSA-134, bnc#932790) * CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest to host escape. (XSA-135, bnc#932770) * CVE-2015-4164: DoS through iret hypercall handler. (XSA-136, bnc#932996) Security Issues: * CVE-2015-4103 * CVE-2015-4104 * CVE-2015-4105 * CVE-2015-4106 * CVE-2015-4163 * CVE-2015-4164 * CVE-2015-3209 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xen-201506=10727 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xen-201506=10727 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xen-201506=10727 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): xen-devel-4.2.5_08-0.9.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): xen-kmp-default-4.2.5_08_3.0.101_0.47.55-0.9.1 xen-libs-4.2.5_08-0.9.1 xen-tools-domU-4.2.5_08-0.9.1 - SUSE Linux Enterprise Server 11 SP3 (x86_64): xen-4.2.5_08-0.9.1 xen-doc-html-4.2.5_08-0.9.1 xen-doc-pdf-4.2.5_08-0.9.1 xen-libs-32bit-4.2.5_08-0.9.1 xen-tools-4.2.5_08-0.9.1 - SUSE Linux Enterprise Server 11 SP3 (i586): xen-kmp-pae-4.2.5_08_3.0.101_0.47.55-0.9.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xen-kmp-default-4.2.5_08_3.0.101_0.47.55-0.9.1 xen-libs-4.2.5_08-0.9.1 xen-tools-domU-4.2.5_08-0.9.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xen-4.2.5_08-0.9.1 xen-doc-html-4.2.5_08-0.9.1 xen-doc-pdf-4.2.5_08-0.9.1 xen-libs-32bit-4.2.5_08-0.9.1 xen-tools-4.2.5_08-0.9.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586): xen-kmp-pae-4.2.5_08_3.0.101_0.47.55-0.9.1 References: https://www.suse.com/security/cve/CVE-2015-3209.html https://www.suse.com/security/cve/CVE-2015-4103.html https://www.suse.com/security/cve/CVE-2015-4104.html https://www.suse.com/security/cve/CVE-2015-4105.html https://www.suse.com/security/cve/CVE-2015-4106.html https://www.suse.com/security/cve/CVE-2015-4163.html https://www.suse.com/security/cve/CVE-2015-4164.html https://bugzilla.suse.com/931625 https://bugzilla.suse.com/931626 https://bugzilla.suse.com/931627 https://bugzilla.suse.com/931628 https://bugzilla.suse.com/932770 https://bugzilla.suse.com/932790 https://bugzilla.suse.com/932996 https://download.suse.com/patch/finder/?keywords=3ae6793ddbacaa600cc65649e1e37a48 From sle-updates at lists.suse.com Thu Jun 11 12:06:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 20:06:20 +0200 (CEST) Subject: SUSE-SU-2015:1044-2: critical: Security update for cups154 Message-ID: <20150611180620.B618F32068@maintenance.suse.de> SUSE Security Update: Security update for cups154 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1044-2 Rating: critical References: #924208 Cross-References: CVE-2012-5519 CVE-2015-1158 CVE-2015-1159 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The following issues are fixed by this update: * CVE-2012-5519: privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server (bsc#924208). * CVE-2015-1158: Improper Update of Reference Count * CVE-2015-1159: Cross-Site Scripting Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-265=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x): cups154-1.5.4-9.1 cups154-client-1.5.4-9.1 cups154-client-debuginfo-1.5.4-9.1 cups154-debuginfo-1.5.4-9.1 cups154-debugsource-1.5.4-9.1 cups154-filters-1.5.4-9.1 cups154-filters-debuginfo-1.5.4-9.1 cups154-libs-1.5.4-9.1 cups154-libs-debuginfo-1.5.4-9.1 References: https://www.suse.com/security/cve/CVE-2012-5519.html https://www.suse.com/security/cve/CVE-2015-1158.html https://www.suse.com/security/cve/CVE-2015-1159.html https://bugzilla.suse.com/924208 From sle-updates at lists.suse.com Thu Jun 11 12:06:42 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 11 Jun 2015 20:06:42 +0200 (CEST) Subject: SUSE-SU-2015:1046-1: moderate: Security update for wireshark Message-ID: <20150611180642.5B82E32068@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1046-1 Rating: moderate References: #930689 #930691 Cross-References: CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: Wireshark was updated to 1.10.14 to fix four security issues. The following vulnerabilities have been fixed: * CVE-2015-3811: The WCP dissector could crash while decompressing data. (wnpa-sec-2015-14) * CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15) * CVE-2015-3813: The packet reassembly code could leak memory. (wnpa-sec-2015-16) * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop. (wnpa-sec-2015-17) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-266=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-266=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-266=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): wireshark-debuginfo-1.10.14-12.1 wireshark-debugsource-1.10.14-12.1 wireshark-devel-1.10.14-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): wireshark-1.10.14-12.1 wireshark-debuginfo-1.10.14-12.1 wireshark-debugsource-1.10.14-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): wireshark-1.10.14-12.1 wireshark-debuginfo-1.10.14-12.1 wireshark-debugsource-1.10.14-12.1 References: https://www.suse.com/security/cve/CVE-2015-3811.html https://www.suse.com/security/cve/CVE-2015-3812.html https://www.suse.com/security/cve/CVE-2015-3813.html https://www.suse.com/security/cve/CVE-2015-3814.html https://bugzilla.suse.com/930689 https://bugzilla.suse.com/930691 From sle-updates at lists.suse.com Fri Jun 12 02:05:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jun 2015 10:05:02 +0200 (CEST) Subject: SUSE-SU-2015:1053-1: moderate: Security update for fuse Message-ID: <20150612080502.0C09032063@maintenance.suse.de> SUSE Security Update: Security update for fuse ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1053-1 Rating: moderate References: #931452 Cross-References: CVE-2015-3202 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a vulnerability in fuse that did not clear the environment upon execution of external programs. CVE-2015-3202 has been assigned to this issue Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-267=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-267=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-267=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): fuse-debuginfo-2.9.3-5.1 fuse-debugsource-2.9.3-5.1 fuse-devel-2.9.3-5.1 fuse-devel-static-2.9.3-5.1 libulockmgr1-2.9.3-5.1 libulockmgr1-debuginfo-2.9.3-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): fuse-2.9.3-5.1 fuse-debuginfo-2.9.3-5.1 fuse-debugsource-2.9.3-5.1 libfuse2-2.9.3-5.1 libfuse2-debuginfo-2.9.3-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): fuse-2.9.3-5.1 fuse-debuginfo-2.9.3-5.1 fuse-debugsource-2.9.3-5.1 libfuse2-2.9.3-5.1 libfuse2-debuginfo-2.9.3-5.1 References: https://www.suse.com/security/cve/CVE-2015-3202.html https://bugzilla.suse.com/931452 From sle-updates at lists.suse.com Fri Jun 12 09:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jun 2015 17:04:54 +0200 (CEST) Subject: SUSE-RU-2015:1054-1: moderate: Recommended update for xorg-x11-driver-video Message-ID: <20150612150454.7845232063@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-driver-video ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1054-1 Rating: moderate References: #853228 #878477 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for xorg-x11-driver-video fixes the following issues: * Fix crash when Intel driver sets gamma value and Xinerama is active. (bsc#878477) * Add support for the latest Intel graphics hardware/Haswell chipsets to intel-gpu-tools. (bsc#853228) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-driver-video=10693 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-driver-video=10693 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-driver-video=10693 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-driver-video-7.4.0.1-0.86.87.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 x86_64): xorg-x11-driver-video-7.4.0.1-0.86.87.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-driver-video-7.4.0.1-0.86.87.1 References: https://bugzilla.suse.com/853228 https://bugzilla.suse.com/878477 https://download.suse.com/patch/finder/?keywords=2fa03be0f4f4b2a98ca25bee00b229aa From sle-updates at lists.suse.com Fri Jun 12 09:05:26 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 12 Jun 2015 17:05:26 +0200 (CEST) Subject: SUSE-RU-2015:1055-1: important: Recommended update for microcode_ctl Message-ID: <20150612150526.BDAB532068@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1055-1 Rating: important References: #932708 #934181 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides Intel's CPU microcode version 20150121. The previous update included an older release of the microcode (20150107) which could lead to system resets in some circumstances. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-microcode_ctl=10756 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-microcode_ctl=10756 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-microcode_ctl=10756 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): microcode_ctl-1.17-102.80.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): microcode_ctl-1.17-102.80.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): microcode_ctl-1.17-102.80.1 References: https://bugzilla.suse.com/932708 https://bugzilla.suse.com/934181 https://download.suse.com/patch/finder/?keywords=7ea072be71ffefb259e79ab0c63df8a6 From sle-updates at lists.suse.com Mon Jun 15 03:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 15 Jun 2015 11:04:55 +0200 (CEST) Subject: SUSE-SU-2015:1062-1: moderate: Security update for stunnel Message-ID: <20150615090455.E218732068@maintenance.suse.de> SUSE Security Update: Security update for stunnel ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1062-1 Rating: moderate References: #931517 Cross-References: CVE-2015-3644 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes an authentication bypass when using the "redirect" option (CVE-2015-3644, bsc#931517, backport from v5.17). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-268=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): stunnel-5.00-3.1 stunnel-debuginfo-5.00-3.1 stunnel-debugsource-5.00-3.1 References: https://www.suse.com/security/cve/CVE-2015-3644.html https://bugzilla.suse.com/931517 From sle-updates at lists.suse.com Mon Jun 15 09:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 15 Jun 2015 17:04:53 +0200 (CEST) Subject: SUSE-SU-2015:1064-1: moderate: Security update for flash-player Message-ID: <20150615150453.D728932068@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1064-1 Rating: moderate References: #934088 Cross-References: CVE-2015-3096 CVE-2015-3098 CVE-2015-3099 CVE-2015-3100 CVE-2015-3102 CVE-2015-3103 CVE-2015-3106 CVE-2015-3107 CVE-2015-3108 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes one version update. Description: Adobe Flash Player was updated to 11.2.202.466 to fix multiple security issues. The following vulnerabilities were fixed: * CVE-2015-3096: bypass for CVE-2014-5333 * CVE-2015-3098: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3099: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3100: stack overflow vulnerability that could lead to code execution * CVE-2015-3102: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3103: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3104: integer overflow vulnerability that could lead to code execution * CVE-2015-3105: memory corruption vulnerability that could lead to code execution * CVE-2015-3106: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3107: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3108: memory leak vulnerability that could be used to bypass ASLR More information can be found on: https://helpx.adobe.com/security/products/flash-player/apsb15-11.html Security Issues: * CVE-2015-3096 * CVE-2015-3098 * CVE-2015-3099 * CVE-2015-3100 * CVE-2015-3102 * CVE-2015-3103 * CVE-2015-3106 * CVE-2015-3107 * CVE-2015-3108 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player=10762 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.466]: flash-player-11.2.202.466-0.6.1 flash-player-gnome-11.2.202.466-0.6.1 flash-player-kde4-11.2.202.466-0.6.1 References: https://www.suse.com/security/cve/CVE-2015-3096.html https://www.suse.com/security/cve/CVE-2015-3098.html https://www.suse.com/security/cve/CVE-2015-3099.html https://www.suse.com/security/cve/CVE-2015-3100.html https://www.suse.com/security/cve/CVE-2015-3102.html https://www.suse.com/security/cve/CVE-2015-3103.html https://www.suse.com/security/cve/CVE-2015-3106.html https://www.suse.com/security/cve/CVE-2015-3107.html https://www.suse.com/security/cve/CVE-2015-3108.html https://bugzilla.suse.com/934088 https://download.suse.com/patch/finder/?keywords=54458c18e1bae698ba1e29aba887242a From sle-updates at lists.suse.com Mon Jun 15 11:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 15 Jun 2015 19:04:56 +0200 (CEST) Subject: SUSE-RU-2015:1065-1: Recommended update for aaa_base Message-ID: <20150615170456.CB85A32063@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1065-1 Rating: low References: #924104 #928447 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for aaa_base provides the following fixes: * Specify file system when remounting /proc and /sys in boot.localfs. This prevents errors when additional bind mounts are present. (bsc#928447) * Correct output if there is a "noauto" bind mount for / in /etc/fstab. (bsc#924104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-aaa_base=10750 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-aaa_base=10750 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-aaa_base=10750 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): aaa_base-11-6.99.100.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.99.100.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): aaa_base-11-6.99.100.1 References: https://bugzilla.suse.com/924104 https://bugzilla.suse.com/928447 https://download.suse.com/patch/finder/?keywords=15ed73cd338494ed365dd341f31e0e6c From sle-updates at lists.suse.com Tue Jun 16 06:05:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Jun 2015 14:05:01 +0200 (CEST) Subject: SUSE-SU-2015:1071-1: important: Security update for the Linux Kernel Message-ID: <20150616120501.D845A32067@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1071-1 Rating: important References: #899192 #900881 #909312 #913232 #914742 #915540 #916225 #917125 #919007 #919018 #920262 #921769 #922583 #922734 #922944 #924664 #924803 #924809 #925567 #926156 #926240 #926314 #927084 #927115 #927116 #927257 #927285 #927308 #927455 #928122 #928130 #928135 #928141 #928708 #929092 #929145 #929525 #929883 #930224 #930226 #930669 #930786 #931014 #931130 Cross-References: CVE-2014-3647 CVE-2014-8086 CVE-2014-8159 CVE-2015-1465 CVE-2015-2041 CVE-2015-2042 CVE-2015-2666 CVE-2015-2830 CVE-2015-2922 CVE-2015-3331 CVE-2015-3332 CVE-2015-3339 CVE-2015-3636 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 13 vulnerabilities and has 31 fixes is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to version 3.12.43 to receive various security and bugfixes. Following security bugs were fixed: - CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 did not properly perform RIP changes, which allowed guest OS users to cause a denial of service (guest OS crash) via a crafted application (bsc#899192). - CVE-2014-8086: Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allowed local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag (bsc#900881). - CVE-2014-8159: The InfiniBand (IB) implementation did not properly restrict use of User Verbs for registration of memory regions, which allowed local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/ (bsc#914742). - CVE-2015-1465: The IPv4 implementation in the Linux kernel before 3.18.8 did not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allowed remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets (bsc#916225). - CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 used an incorrect data type in a sysctl table, which allowed local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry (bsc#919007). - CVE-2015-2042: net/rds/sysctl.c in the Linux kernel before 3.19 used an incorrect data type in a sysctl table, which allowed local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry (bsc#919018). - CVE-2015-2666: Fixed a flaw that allowed crafted microcode to overflow the kernel stack (bsc#922944). - CVE-2015-2830: Fixed int80 fork from 64-bit tasks mishandling (bsc#926240). - CVE-2015-2922: Fixed possible denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements (bsc#922583). - CVE-2015-3331: Fixed buffer overruns in RFC4106 implementation using AESNI (bsc#927257). - CVE-2015-3332: Fixed TCP Fast Open local DoS (bsc#928135). - CVE-2015-3339: Fixed race condition flaw between the chown() and execve() system calls which could have lead to local privilege escalation (bsc#928130). - CVE-2015-3636: Fixed use-after-free in ping sockets which could have lead to local privilege escalation (bsc#929525). The following non-security bugs were fixed: - /proc/stat: convert to single_open_size() (bsc#928122). - ACPI / sysfs: Treat the count field of counter_show() as unsigned (bsc#909312). - Automatically Provide/Obsolete all subpackages of old flavors (bsc#925567) - Btrfs: btrfs_release_extent_buffer_page did not free pages of dummy extent (bsc#930226). - Btrfs: fix inode eviction infinite loop after cloning into it (bsc#930224). - Btrfs: fix inode eviction infinite loop after extent_same ioctl (bsc#930224). - Btrfs: fix log tree corruption when fs mounted with -o discard (bsc#927116). - Btrfs: fix up bounds checking in lseek (bsc#927115). - Fix rtworkqueues crash. Calling __sched_setscheduler() in interrupt context is forbidden, and destroy_worker() did so in the timer interrupt with a nohz_full config. Preclude that possibility for both boot options. - Input: psmouse - add psmouse_matches_pnp_id helper function (bsc#929092). - Input: synaptics - fix middle button on Lenovo 2015 products (bsc#929092). - Input: synaptics - handle spurious release of trackstick buttons (bsc#929092). - Input: synaptics - re-route tracksticks buttons on the Lenovo 2015 series (bsc#929092). - Input: synaptics - remove TOPBUTTONPAD property for Lenovos 2015 (bsc#929092). - Input: synaptics - retrieve the extended capabilities in query $10 (bsc#929092). - NFS: Add attribute update barriers to nfs_setattr_update_inode() (bsc#920262). - NFS: restore kabi after change to nfs_setattr_update_inode (bsc#920262). - af_iucv: fix AF_IUCV sendmsg() errno (bsc#927308, LTC#123304). - audit: do not reject all AUDIT_INODE filter types (bsc#927455). - bnx2x: Fix kdump when iommu=on (bsc#921769). - cpufreq: fix a NULL pointer dereference in __cpufreq_governor() (bsc#924664). - dasd: Fix device having no paths after suspend/resume (bsc#927308, LTC#123896). - dasd: Fix inability to set a DASD device offline (bsc#927308, LTC#123905). - dasd: Fix unresumed device after suspend/resume (bsc#927308, LTC#123892). - dasd: Missing partition after online processing (bsc#917125, LTC#120565). - drm/radeon/cik: Add macrotile mode array query (bsc#927285). - drm/radeon: fix display tiling setup on SI (bsc#927285). - drm/radeon: set correct number of banks for CIK chips in DCE (bsc#927285). - iommu/amd: Correctly encode huge pages in iommu page tables (bsc#931014). - iommu/amd: Optimize alloc_new_range for new fetch_pte interface (bsc#931014). - iommu/amd: Optimize amd_iommu_iova_to_phys for new fetch_pte interface (bsc#931014). - iommu/amd: Optimize iommu_unmap_page for new fetch_pte interface (bsc#931014). - iommu/amd: Return the pte page-size in fetch_pte (bsc#931014). - ipc/shm.c: fix overly aggressive shmdt() when calls span multiple segments (ipc fixes). - ipmi: Turn off all activity on an idle ipmi interface (bsc#915540). - ixgbe: fix detection of SFP+ capable interfaces (bsc#922734). - kgr: add error code to the message in kgr_revert_replaced_funs. - kgr: add kgraft annotations to kthreads wait_event_freezable() API calls. - kgr: correct error handling of the first patching stage. - kgr: handle the delayed patching of the modules. - kgr: handle the failure of finalization stage. - kgr: return error in kgr_init if notifier registration fails. - kgr: take switching of the fops out of kgr_patch_code to new function. - kgr: use for_each_process_thread (bsc#929883). - kgr: use kgr_in_progress for all threads (bnc#929883). - libata: Blacklist queued TRIM on Samsung SSD 850 Pro (bsc#926156). - mlx4: Call dev_kfree_skby_any instead of dev_kfree_skb (bsc#928708). - mm, numa: really disable NUMA balancing by default on single node machines (Automatic NUMA Balancing). - mm: vmscan: do not throttle based on pfmemalloc reserves if node has no reclaimable pages (bsc#924803, VM Functionality). - net/mlx4: Cache line CQE/EQE stride fixes (bsc#927084). - net/mlx4_core: Cache line EQE size support (bsc#927084). - net/mlx4_core: Enable CQE/EQE stride support (bsc#927084). - net/mlx4_en: Add mlx4_en_get_cqe helper (bsc#927084). - perf/x86/amd/ibs: Update IBS MSRs and feature definitions. - powerpc/mm: Fix mmap errno when MAP_FIXED is set and mapping exceeds the allowed address space (bsc#930669). - powerpc/numa: Add ability to disable and debug topology updates (bsc#924809). - powerpc/numa: Enable CONFIG_HAVE_MEMORYLESS_NODES (bsc#924809). - powerpc/numa: Enable USE_PERCPU_NUMA_NODE_ID (bsc#924809). - powerpc/numa: check error return from proc_create (bsc#924809). - powerpc/numa: ensure per-cpu NUMA mappings are correct on topology update (bsc#924809). - powerpc/numa: use cached value of update->cpu in update_cpu_topology (bsc#924809). - powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH (bsc#928141). - powerpc/pseries: Introduce api_version to migration sysfs interface (bsc#926314). - powerpc/pseries: Little endian fixes for post mobility device tree update (bsc#926314). - powerpc/pseries: Simplify check for suspendability during suspend/migration (bsc#926314). - powerpc: Fix sys_call_table declaration to enable syscall tracing. - powerpc: Fix warning reported by verify_cpu_node_mapping() (bsc#924809). - powerpc: Only set numa node information for present cpus at boottime (bsc#924809). - powerpc: reorder per-cpu NUMA information initialization (bsc#924809). - powerpc: some changes in numa_setup_cpu() (bsc#924809). - quota: Fix use of units in quota getting / setting interfaces (bsc#913232). - rpm/kernel-binary.spec.in: Fix build if there is no *.crt file - rpm/kernel-obs-qa.spec.in: Do not fail if the kernel versions do not match - s390/bpf: Fix ALU_NEG (A = -A) (bsc#917125, LTC#121759). - s390/bpf: Fix JMP_JGE_K (A >= K) and JMP_JGT_K (A > K) (bsc#917125, LTC#121759). - s390/bpf: Fix JMP_JGE_X (A > X) and JMP_JGT_X (A >= X) (bsc#917125, LTC#121759). - s390/bpf: Fix offset parameter for skb_copy_bits() (bsc#917125, LTC#121759). - s390/bpf: Fix sk_load_byte_msh() (bsc#917125, LTC#121759). - s390/bpf: Fix skb_copy_bits() parameter passing (bsc#917125, LTC#121759). - s390/bpf: Zero extend parameters before calling C function (bsc#917125, LTC#121759). - s390/sclp: Consolidate early sclp init calls to sclp_early_detect() (bsc#917125, LTC#122429). - s390/sclp: Determine HSA size dynamically for zfcpdump (bsc#917125, LTC#122429). - s390/sclp: Move declarations for sclp_sdias into separate header file (bsc#917125, LTC#122429). - s390/sclp: Move early code from sclp_cmd.c to sclp_early.c (bsc#917125, LTC#122429). - s390/sclp: replace uninitialized early_event_mask_sccb variable with sccb_early (bsc#917125, LTC#122429). - s390/sclp: revert smp-detect-possible-cpus.patch (bsc#917125, LTC#122429). - s390/sclp_early: Add function to detect sclp console capabilities (bsc#917125, LTC#122429). - s390/sclp_early: Get rid of sclp_early_read_info_sccb_valid (bsc#917125, LTC#122429). - s390/sclp_early: Pass sccb pointer to every *_detect() function (bsc#917125, LTC#122429). - s390/sclp_early: Replace early_read_info_sccb with sccb_early (bsc#917125, LTC#122429). - s390/sclp_early: Return correct HSA block count also for zero (bsc#917125, LTC#122429). - s390/smp: limit number of cpus in possible cpu mask (bsc#917125, LTC#122429). - s390: kgr, change the kgraft state only if enabled. - sched, time: Fix lock inversion in thread_group_cputime() - sched: Fix potential near-infinite distribute_cfs_runtime() loop (bsc#930786) - sched: Robustify topology setup (bsc#924809). - seqlock: Add irqsave variant of read_seqbegin_or_lock() (Time scalability). - storvsc: Set the SRB flags correctly when no data transfer is needed (bsc#931130). - x86/apic/uv: Update the APIC UV OEM check (bsc#929145). - x86/apic/uv: Update the UV APIC HUB check (bsc#929145). - x86/apic/uv: Update the UV APIC driver check (bsc#929145). - x86/microcode/intel: Guard against stack overflow in the loader (bsc#922944). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-269=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-269=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-269=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-269=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-269=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-269=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): kernel-default-debuginfo-3.12.43-52.6.1 kernel-default-debugsource-3.12.43-52.6.1 kernel-default-extra-3.12.43-52.6.1 kernel-default-extra-debuginfo-3.12.43-52.6.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): kernel-obs-build-3.12.43-52.6.2 kernel-obs-build-debugsource-3.12.43-52.6.2 - SUSE Linux Enterprise Software Development Kit 12 (noarch): kernel-docs-3.12.43-52.6.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): kernel-default-3.12.43-52.6.1 kernel-default-base-3.12.43-52.6.1 kernel-default-base-debuginfo-3.12.43-52.6.1 kernel-default-debuginfo-3.12.43-52.6.1 kernel-default-debugsource-3.12.43-52.6.1 kernel-default-devel-3.12.43-52.6.1 kernel-syms-3.12.43-52.6.1 - SUSE Linux Enterprise Server 12 (x86_64): kernel-xen-3.12.43-52.6.1 kernel-xen-base-3.12.43-52.6.1 kernel-xen-base-debuginfo-3.12.43-52.6.1 kernel-xen-debuginfo-3.12.43-52.6.1 kernel-xen-debugsource-3.12.43-52.6.1 kernel-xen-devel-3.12.43-52.6.1 - SUSE Linux Enterprise Server 12 (noarch): kernel-devel-3.12.43-52.6.1 kernel-macros-3.12.43-52.6.1 kernel-source-3.12.43-52.6.1 - SUSE Linux Enterprise Server 12 (s390x): kernel-default-man-3.12.43-52.6.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.43-52.6.1 kernel-ec2-debuginfo-3.12.43-52.6.1 kernel-ec2-debugsource-3.12.43-52.6.1 kernel-ec2-devel-3.12.43-52.6.1 kernel-ec2-extra-3.12.43-52.6.1 kernel-ec2-extra-debuginfo-3.12.43-52.6.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_43-52_6-default-1-2.3 kgraft-patch-3_12_43-52_6-xen-1-2.3 - SUSE Linux Enterprise Desktop 12 (x86_64): kernel-default-3.12.43-52.6.1 kernel-default-debuginfo-3.12.43-52.6.1 kernel-default-debugsource-3.12.43-52.6.1 kernel-default-devel-3.12.43-52.6.1 kernel-default-extra-3.12.43-52.6.1 kernel-default-extra-debuginfo-3.12.43-52.6.1 kernel-syms-3.12.43-52.6.1 kernel-xen-3.12.43-52.6.1 kernel-xen-debuginfo-3.12.43-52.6.1 kernel-xen-debugsource-3.12.43-52.6.1 kernel-xen-devel-3.12.43-52.6.1 - SUSE Linux Enterprise Desktop 12 (noarch): kernel-devel-3.12.43-52.6.1 kernel-macros-3.12.43-52.6.1 kernel-source-3.12.43-52.6.1 References: https://www.suse.com/security/cve/CVE-2014-3647.html https://www.suse.com/security/cve/CVE-2014-8086.html https://www.suse.com/security/cve/CVE-2014-8159.html https://www.suse.com/security/cve/CVE-2015-1465.html https://www.suse.com/security/cve/CVE-2015-2041.html https://www.suse.com/security/cve/CVE-2015-2042.html https://www.suse.com/security/cve/CVE-2015-2666.html https://www.suse.com/security/cve/CVE-2015-2830.html https://www.suse.com/security/cve/CVE-2015-2922.html https://www.suse.com/security/cve/CVE-2015-3331.html https://www.suse.com/security/cve/CVE-2015-3332.html https://www.suse.com/security/cve/CVE-2015-3339.html https://www.suse.com/security/cve/CVE-2015-3636.html https://bugzilla.suse.com/899192 https://bugzilla.suse.com/900881 https://bugzilla.suse.com/909312 https://bugzilla.suse.com/913232 https://bugzilla.suse.com/914742 https://bugzilla.suse.com/915540 https://bugzilla.suse.com/916225 https://bugzilla.suse.com/917125 https://bugzilla.suse.com/919007 https://bugzilla.suse.com/919018 https://bugzilla.suse.com/920262 https://bugzilla.suse.com/921769 https://bugzilla.suse.com/922583 https://bugzilla.suse.com/922734 https://bugzilla.suse.com/922944 https://bugzilla.suse.com/924664 https://bugzilla.suse.com/924803 https://bugzilla.suse.com/924809 https://bugzilla.suse.com/925567 https://bugzilla.suse.com/926156 https://bugzilla.suse.com/926240 https://bugzilla.suse.com/926314 https://bugzilla.suse.com/927084 https://bugzilla.suse.com/927115 https://bugzilla.suse.com/927116 https://bugzilla.suse.com/927257 https://bugzilla.suse.com/927285 https://bugzilla.suse.com/927308 https://bugzilla.suse.com/927455 https://bugzilla.suse.com/928122 https://bugzilla.suse.com/928130 https://bugzilla.suse.com/928135 https://bugzilla.suse.com/928141 https://bugzilla.suse.com/928708 https://bugzilla.suse.com/929092 https://bugzilla.suse.com/929145 https://bugzilla.suse.com/929525 https://bugzilla.suse.com/929883 https://bugzilla.suse.com/930224 https://bugzilla.suse.com/930226 https://bugzilla.suse.com/930669 https://bugzilla.suse.com/930786 https://bugzilla.suse.com/931014 https://bugzilla.suse.com/931130 From sle-updates at lists.suse.com Tue Jun 16 14:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Jun 2015 22:04:57 +0200 (CEST) Subject: SUSE-RU-2015:1072-1: moderate: Recommended update for yast2, yast2-network Message-ID: <20150616200457.7CF8C32084@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2, yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1072-1 Rating: moderate References: #551310 #695262 #809053 #874259 #900383 #923788 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. It includes two new package versions. Description: This collective update provides fixes for yast2 and yast2-network. yast2: * Port several fixes for device renaming, add net device type detection based on sysfs and fix type detection workflow. (bsc#900383) * Fixed device type detection when committing new device into NetworkInterfaces' cache. (bsc#809053) yast2-network: * Write also --noproxy to .curlrc otherwise it is ignored even if set in the environment. (bsc#923788) * Keep device configuration provided via linuxrc when AutoYaST's keep_install_network is set. (bsc#874259) * Adapt to new device type detection API provided by yast2. (bsc#900383) * Fix problem with not matching udev rule. (bsc#551310) * Fix write sequence to enable device renaming. (bsc#695262) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-yast2-network-201506=10755 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-yast2-network-201506=10755 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-yast2-network-201506=10755 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-yast2-network-201506=10755 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.135.1 and 2.17.199.3]: yast2-devel-doc-2.17.135.1-0.7.1 yast2-network-devel-doc-2.17.199.3-0.7.4 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.17.135.1 and 2.17.199.3]: yast2-2.17.135.1-0.7.1 yast2-network-2.17.199.3-0.7.4 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.135.1 and 2.17.199.3]: yast2-2.17.135.1-0.7.1 yast2-network-2.17.199.3-0.7.4 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.17.135.1 and 2.17.199.3]: yast2-2.17.135.1-0.7.1 yast2-network-2.17.199.3-0.7.4 References: https://bugzilla.suse.com/551310 https://bugzilla.suse.com/695262 https://bugzilla.suse.com/809053 https://bugzilla.suse.com/874259 https://bugzilla.suse.com/900383 https://bugzilla.suse.com/923788 https://download.suse.com/patch/finder/?keywords=036f9cd8a4b1aa4eca3e863950204184 From sle-updates at lists.suse.com Tue Jun 16 14:06:37 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Jun 2015 22:06:37 +0200 (CEST) Subject: SUSE-SU-2015:1073-1: important: Message-ID: <20150616200637.3721C32067@maintenance.suse.de> Security update for java-1_7_0-ibm SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1073-1 Rating: important References: #912434 #912447 #930365 #931693 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update fixes the following security issues: - Version bump to 7.1-3.0 release bnc#930365 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 - Fix removeing links before update-alternatives run. bnc#931702 - Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives - Fix bnc#912447, use system cacerts - Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-270=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-270=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr3.0-11.1 java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1 - SUSE Linux Enterprise Server 12 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1 java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931693 https://bugzilla.suse.com/931702 From sle-updates at lists.suse.com Tue Jun 16 15:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 16 Jun 2015 23:04:52 +0200 (CEST) Subject: SUSE-RU-2015:1074-1: Recommended update for Mesa, libdrm Message-ID: <20150616210452.E0C0032067@maintenance.suse.de> SUSE Recommended Update: Recommended update for Mesa, libdrm ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1074-1 Rating: low References: #930085 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for Mesa and libdrm adds preliminary support for selected Intel Bay Trail CPUs. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libdrm-baytrail=10668 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libdrm-baytrail=10668 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libdrm-baytrail=10668 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libdrm-baytrail=10668 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.52]: Mesa-devel-9.0.3-0.28.29.2 libdrm-devel-2.4.52-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64) [New Version: 2.4.52]: Mesa-devel-32bit-9.0.3-0.28.29.2 libdrm-devel-32bit-2.4.52-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.4.52]: Mesa-9.0.3-0.28.29.2 libdrm-2.4.52-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.4.52]: Mesa-32bit-9.0.3-0.28.29.2 libdrm-32bit-2.4.52-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.4.52]: Mesa-9.0.3-0.28.29.2 libdrm-2.4.52-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.4.52]: Mesa-32bit-9.0.3-0.28.29.2 libdrm-32bit-2.4.52-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.4.52]: Mesa-x86-9.0.3-0.28.29.2 libdrm-x86-2.4.52-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.4.52]: Mesa-9.0.3-0.28.29.2 libdrm-2.4.52-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.4.52]: Mesa-32bit-9.0.3-0.28.29.2 libdrm-32bit-2.4.52-0.7.1 References: https://bugzilla.suse.com/930085 https://download.suse.com/patch/finder/?keywords=6cbc4e0e1fabcee84877442d3958b3e2 From sle-updates at lists.suse.com Wed Jun 17 02:05:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 17 Jun 2015 10:05:01 +0200 (CEST) Subject: SUSE-RU-2015:1075-1: Recommended update for python-urlgrabber Message-ID: <20150617080501.49FAA32067@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-urlgrabber ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1075-1 Rating: low References: #902416 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for python-urlgrabber provides the following fixes: - Declare $ sign as a safe character in URL paths to prevent escaping of /$RCE/, which could lead to problems with token auth. (bsc#902416) - Set curl option SSL_VERIFYHOST correct. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-272=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-272=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): python-urlgrabber-3.9.1-15.2 - SUSE Linux Enterprise Desktop 12 (noarch): python-urlgrabber-3.9.1-15.2 References: https://bugzilla.suse.com/902416 From sle-updates at lists.suse.com Thu Jun 18 01:04:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 09:04:59 +0200 (CEST) Subject: SUSE-SU-2015:1077-1: moderate: Security update for openldap2 Message-ID: <20150618070459.1435E32068@maintenance.suse.de> SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1077-1 Rating: moderate References: #905959 #916897 #916914 Cross-References: CVE-2015-1545 CVE-2015-1546 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: openldap2 was updated to fix two security issues and one non-security bug. The following vulnerabilities were fixed: * A remote attacker could cause a denial of service through a NULL pointer dereference and crash via an empty attribute list in a deref control in a search request. (bnc#916897 CVE-2015-1545) * A remote attacker could cause a denial of service (crash) via a crafted search query with a matched values control. (bnc#916914 CVE-2015-1546) The following non-security issue was fixed: * Prevent connection-0 (internal connection) from showing up in the monitor backend (bnc#905959) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-273=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-273=1 - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-273=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-273=1 - 12: zypper in -t patch SUSE-SLE-SAP-12-2015-273=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (s390x x86_64): openldap2-back-perl-2.4.39-16.1 openldap2-back-perl-debuginfo-2.4.39-16.1 openldap2-client-debuginfo-2.4.39-16.1 openldap2-client-debugsource-2.4.39-16.1 openldap2-debuginfo-2.4.39-16.1 openldap2-debugsource-2.4.39-16.1 openldap2-devel-2.4.39-16.1 openldap2-devel-static-2.4.39-16.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le): openldap2-back-perl-2.4.39-15.1 openldap2-back-perl-debuginfo-2.4.39-15.1 openldap2-client-debuginfo-2.4.39-15.1 openldap2-client-debugsource-2.4.39-15.1 openldap2-debuginfo-2.4.39-15.1 openldap2-debugsource-2.4.39-15.1 openldap2-devel-2.4.39-15.1 openldap2-devel-static-2.4.39-15.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libldap-2_4-2-2.4.39-16.1 libldap-2_4-2-32bit-2.4.39-16.1 libldap-2_4-2-debuginfo-2.4.39-16.1 libldap-2_4-2-debuginfo-32bit-2.4.39-16.1 openldap2-2.4.39-16.1 openldap2-back-meta-2.4.39-16.1 openldap2-back-meta-debuginfo-2.4.39-16.1 openldap2-client-2.4.39-16.1 openldap2-client-debuginfo-2.4.39-16.1 openldap2-client-debugsource-2.4.39-16.1 openldap2-debuginfo-2.4.39-16.1 openldap2-debugsource-2.4.39-16.1 - SUSE Linux Enterprise Server 12 (ppc64le): libldap-2_4-2-2.4.39-15.1 libldap-2_4-2-debuginfo-2.4.39-15.1 openldap2-2.4.39-15.1 openldap2-back-meta-2.4.39-15.1 openldap2-back-meta-debuginfo-2.4.39-15.1 openldap2-client-2.4.39-15.1 openldap2-client-debuginfo-2.4.39-15.1 openldap2-client-debugsource-2.4.39-15.1 openldap2-debuginfo-2.4.39-15.1 openldap2-debugsource-2.4.39-15.1 - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): compat-libldap-2_3-0-2.3.37-16.1 compat-libldap-2_3-0-debuginfo-2.3.37-16.1 - SUSE Linux Enterprise Module for Legacy Software 12 (ppc64le): compat-libldap-2_3-0-2.3.37-15.1 compat-libldap-2_3-0-debuginfo-2.3.37-15.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libldap-2_4-2-2.4.39-16.1 libldap-2_4-2-32bit-2.4.39-16.1 libldap-2_4-2-debuginfo-2.4.39-16.1 libldap-2_4-2-debuginfo-32bit-2.4.39-16.1 openldap2-client-2.4.39-16.1 openldap2-client-debuginfo-2.4.39-16.1 openldap2-client-debugsource-2.4.39-16.1 - 12 (x86_64): compat-libldap-2_3-0-2.3.37-16.1 compat-libldap-2_3-0-debuginfo-2.3.37-16.1 References: https://www.suse.com/security/cve/CVE-2015-1545.html https://www.suse.com/security/cve/CVE-2015-1546.html https://bugzilla.suse.com/905959 https://bugzilla.suse.com/916897 https://bugzilla.suse.com/916914 From sle-updates at lists.suse.com Thu Jun 18 03:05:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 11:05:02 +0200 (CEST) Subject: SUSE-RU-2015:1079-1: moderate: Recommended update for openslp Message-ID: <20150618090502.F0B1D32089@maintenance.suse.de> SUSE Recommended Update: Recommended update for openslp ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1079-1 Rating: moderate References: #909195 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openslp provides the following fixes: - Fix storage handling in predicate code. It clashed with gcc's fortify_source extension and this could cause a segmentation fault. - Bring back allowDoubleEqualInPredicate option. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-274=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-274=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-274=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): openslp-debuginfo-2.0.0-5.1 openslp-debugsource-2.0.0-5.1 openslp-devel-2.0.0-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): openslp-2.0.0-5.1 openslp-debuginfo-2.0.0-5.1 openslp-debugsource-2.0.0-5.1 openslp-server-2.0.0-5.1 openslp-server-debuginfo-2.0.0-5.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): openslp-32bit-2.0.0-5.1 openslp-debuginfo-32bit-2.0.0-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): openslp-2.0.0-5.1 openslp-32bit-2.0.0-5.1 openslp-debuginfo-2.0.0-5.1 openslp-debuginfo-32bit-2.0.0-5.1 openslp-debugsource-2.0.0-5.1 References: https://bugzilla.suse.com/909195 From sle-updates at lists.suse.com Thu Jun 18 03:05:32 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 11:05:32 +0200 (CEST) Subject: SUSE-RU-2015:1081-1: Recommended update for procps Message-ID: <20150618090532.277A732089@maintenance.suse.de> SUSE Recommended Update: Recommended update for procps ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1081-1 Rating: low References: #901202 #908516 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for procps provides the following fixes: - Add description of pgrep's --list-full parameter to usage instructions (--help). (bsc#901202) - Fix handling of arguments to -s option in free(1). (bsc#908516) - Correct package name in descriptions: procps, not props. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-275=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-275=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-275=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): procps-debuginfo-3.3.9-4.2 procps-debugsource-3.3.9-4.2 procps-devel-3.3.9-4.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libprocps3-3.3.9-4.2 libprocps3-debuginfo-3.3.9-4.2 procps-3.3.9-4.2 procps-debuginfo-3.3.9-4.2 procps-debugsource-3.3.9-4.2 - SUSE Linux Enterprise Desktop 12 (x86_64): libprocps3-3.3.9-4.2 libprocps3-debuginfo-3.3.9-4.2 procps-3.3.9-4.2 procps-debuginfo-3.3.9-4.2 procps-debugsource-3.3.9-4.2 References: https://bugzilla.suse.com/901202 https://bugzilla.suse.com/908516 From sle-updates at lists.suse.com Thu Jun 18 08:04:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 16:04:59 +0200 (CEST) Subject: SUSE-RU-2015:1084-1: Recommended update for release-notes-susemanager Message-ID: <20150618140459.0E57F32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1084-1 Rating: low References: #922744 Affected Products: SUSE Manager Server ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest revision of the Release Notes for SUSE Manager 2.1, documenting: * Update of certificate required on systems upgraded from 1.7. * New channels available: o SAP-Updates and AMD and NVidia channels to WE-SAP. o SLE12-SAP product. o SUSE Enterprise Storage 1. o SUSE Cloud 5. o Advanced Systems Management Module for s390x and ppc64le. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-release-notes-susemanager=10692 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (s390x x86_64): release-notes-susemanager-2.1.0-0.34.1 References: https://bugzilla.suse.com/922744 https://download.suse.com/patch/finder/?keywords=b79cdda5685d7b4523a42fe3a0ee140b From sle-updates at lists.suse.com Thu Jun 18 08:05:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 16:05:18 +0200 (CEST) Subject: SUSE-SU-2015:1085-1: important: Security update for IBM Java Message-ID: <20150618140518.43C7932089@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1085-1 Rating: important References: #930365 #931702 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.5.0 was updated to SR16-FP10 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): java-1_5_0-ibm-1.5.0_sr16.10-0.6.1 java-1_5_0-ibm-devel-1.5.0_sr16.10-0.6.1 java-1_5_0-ibm-fonts-1.5.0_sr16.10-0.6.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): java-1_5_0-ibm-32bit-1.5.0_sr16.10-0.6.1 java-1_5_0-ibm-devel-32bit-1.5.0_sr16.10-0.6.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64): java-1_5_0-ibm-alsa-32bit-1.5.0_sr16.10-0.6.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586): java-1_5_0-ibm-alsa-1.5.0_sr16.10-0.6.1 java-1_5_0-ibm-jdbc-1.5.0_sr16.10-0.6.1 java-1_5_0-ibm-plugin-1.5.0_sr16.10-0.6.1 References: https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702 https://download.suse.com/patch/finder/?keywords=75c7c1e62322e337b7527c52591a9e20 From sle-updates at lists.suse.com Thu Jun 18 08:05:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 16:05:47 +0200 (CEST) Subject: SUSE-SU-2015:1086-1: important: Security update for IBM Java Message-ID: <20150618140547.2661732089@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1086-1 Rating: important References: #912434 #912447 #930365 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: IBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-java-1_6_0-ibm=10765 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-java-1_6_0-ibm=10767 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-java-1_6_0-ibm=10766 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-devel-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.4-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702 https://download.suse.com/patch/finder/?keywords=6f9a706de68429847056a5fac89d2fd8 https://download.suse.com/patch/finder/?keywords=8e0b4a662058afb89ec5495af0c8e3db https://download.suse.com/patch/finder/?keywords=cfac8b8406c0b7db38257f6caed57376 From sle-updates at lists.suse.com Thu Jun 18 09:05:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 17:05:02 +0200 (CEST) Subject: SUSE-RU-2015:1087-1: Recommended update for ebtables Message-ID: <20150618150502.16C2232068@maintenance.suse.de> SUSE Recommended Update: Recommended update for ebtables ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1087-1 Rating: low References: #934680 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: ebtables was updated to add one feature. - Added option audit-type to support auditing of rules (bnc#934680). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-276=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-276=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): ebtables-2.0.10.4-12.1 ebtables-debuginfo-2.0.10.4-12.1 ebtables-debugsource-2.0.10.4-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): ebtables-2.0.10.4-12.1 ebtables-debuginfo-2.0.10.4-12.1 ebtables-debugsource-2.0.10.4-12.1 References: https://bugzilla.suse.com/934680 From sle-updates at lists.suse.com Thu Jun 18 10:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 18 Jun 2015 18:04:55 +0200 (CEST) Subject: SUSE-RU-2015:1088-1: Recommended update for crowbar-barclamp-neutron and crowbar-barclamp-nova Message-ID: <20150618160455.C6EAB32068@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-neutron and crowbar-barclamp-nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1088-1 Rating: low References: #922695 #923206 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for crowbar-barclamp-neutron and crowbar-barclamp-nova provides the following fixes and improvements from the upstream OpenStack project: * crowbar-barclamp-neutron o webui: Automatically enable/disable l2pop depending on used types o Use sysconfig file to figure out the db-migrate arguments o Fix "neutron-db-manage migrate" code to not be SUSE-specific o Fix "neutron-db-manage migrate" code for Ubuntu case o Enable L2 population mechanism driver o Add a use_l2pop attribute to enable/disable L2 population o Make awk regexp more specific when fetching id of tenant (bsc#922695) o Add support for VXLAN when using OVS (bsc#923206) o Add attributes for the GRE tunnel ID range o Add UI for GRE tunnel range o Add a VLAN header to the UI o Adjust neutron-l3 role constraint to allow deployment in SLE12 platforms. o Adjust l3 recipe to be applied in SLES12 machines. o Use SSL to talk to nova-metadata when SSL is enabled for nova o Avoid hard-coding nova-metadata port o Make metadata agent look at internalURL endpoints o Remove outdated comment o Added badges and dummy rspec o Watch specific branches with travis o HA: Set Optional ordering for Neutron startup o Change neutron-ha-tool order constraint to use new helper * crowbar-barclamp-nova o Add KVM on Power o Use os_sdn network on compute nodes when using VXLAN (bsc#923206) o Use SSL for nova-metadata when SSL is enabled o Added badges and dummy rspec o Watch specific branches with travis o HA: Set Optional ordering for Nova startup Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-neutron-nova-0415=10593 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-neutron-1.9+git.1427503543.7fb38bb-0.7.2 crowbar-barclamp-nova-1.9+git.1427504276.5b2c30b-0.7.2 References: https://bugzilla.suse.com/922695 https://bugzilla.suse.com/923206 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=3a18abe09b0acd2a8def5bdd7fb9d58b From sle-updates at lists.suse.com Fri Jun 19 15:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 19 Jun 2015 23:04:52 +0200 (CEST) Subject: SUSE-RU-2015:1089-1: Recommended update for susemanager-sync-data Message-ID: <20150619210452.0A7FA31FCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for susemanager-sync-data ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1089-1 Rating: low References: #914606 #931873 Affected Products: SUSE Manager Server ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides the channels and data for: * SUSE Linux Enterprise 11 SP4 products. * Public Cloud Module for SLE 11. Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-susemanager-sync-data=10736 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (noarch) [New Version: 2.1.7]: susemanager-sync-data-2.1.7-0.7.1 References: https://bugzilla.suse.com/914606 https://bugzilla.suse.com/931873 https://download.suse.com/patch/finder/?keywords=1d3cc72f1dece893839dd79900ad6aa0 From sle-updates at lists.suse.com Fri Jun 19 16:04:48 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 20 Jun 2015 00:04:48 +0200 (CEST) Subject: SUSE-OU-2015:1090-1: Optional update for PostgreSQL Message-ID: <20150619220448.5D16131FCE@maintenance.suse.de> SUSE Optional Update: Optional update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:1090-1 Rating: low References: #907651 Affected Products: SUSE Manager Server SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one optional fix can now be installed. It includes one version update. Description: This update provides PostgreSQL 9.4.4 as an additional package for SUSE Linux Enterprise 11 SP3. The new version brings several new features, enhancements and bug fixes. For a comprehensive list of changes, refer to the release notes available at http://www.postgresql.org/docs/9.4/static/release-9-4-4.html . Please refer to the Release Notes for SUSE Linux Enterprise Server for details on how to migrate from PostgreSQL 9.1 to PostgreSQL 9.4. Indications: Any user can install this update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-postgresql94-201505=10786 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-postgresql94-201505=10786 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-postgresql94-201505=10786 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-postgresql94-201505=10786 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-postgresql94-201505=10786 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (s390x x86_64): postgresql94-pltcl-9.4.4-0.6.2 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): postgresql94-devel-9.4.4-0.6.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 9.4.4]: libecpg6-9.4.4-0.6.2 libpq5-9.4.4-0.6.2 postgresql94-9.4.4-0.6.2 postgresql94-contrib-9.4.4-0.6.2 postgresql94-docs-9.4.4-0.6.2 postgresql94-server-9.4.4-0.6.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 9.4.4]: libpq5-32bit-9.4.4-0.6.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): postgresql-init-9.4-0.2.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.4.4]: libecpg6-9.4.4-0.6.2 libpq5-9.4.4-0.6.2 postgresql94-9.4.4-0.6.2 postgresql94-contrib-9.4.4-0.6.2 postgresql94-docs-9.4.4-0.6.2 postgresql94-server-9.4.4-0.6.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 9.4.4]: libpq5-32bit-9.4.4-0.6.2 - SUSE Linux Enterprise Server 11 SP3 (noarch): postgresql-init-9.4-0.2.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 9.4.4]: libecpg6-9.4.4-0.6.2 libpq5-9.4.4-0.6.2 postgresql94-9.4.4-0.6.2 postgresql94-docs-9.4.4-0.6.2 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 9.4.4]: libpq5-32bit-9.4.4-0.6.2 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): postgresql-init-9.4-0.2.1 References: https://bugzilla.suse.com/907651 https://download.suse.com/patch/finder/?keywords=b37f0462ca77cbcd739e308e5cd1d4bd From sle-updates at lists.suse.com Fri Jun 19 16:05:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 20 Jun 2015 00:05:06 +0200 (CEST) Subject: SUSE-SU-2015:1091-1: moderate: Security update for postgresql91 Message-ID: <20150619220506.92A6A31FD0@maintenance.suse.de> SUSE Security Update: Security update for postgresql91 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1091-1 Rating: moderate References: #907651 #931972 #931973 #931974 #932040 Cross-References: CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 Affected Products: SUSE Manager Server SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. It includes one version update. Description: This update provides PostgreSQL 9.1.18, which brings fixes for security issues and other enhancements. The following vulnerabilities have been fixed: * CVE-2015-3165: Avoid possible crash when client disconnects. (bsc#931972) * CVE-2015-3166: Consistently check for failure of the *printf(). (bsc#931973) * CVE-2015-3167: In contrib/pgcrypto, uniformly report decryption failures. (bsc#931974) For a comprehensive list of changes, please refer to http://www.postgresql.org/docs/9.1/static/release-9-1-18.html . This update also includes changes in PostgreSQL's packaging to prepare for the migration to the new major version 9.4. (FATE#316970, bsc#907651) Security Issues: * CVE-2015-3165 * CVE-2015-3166 * CVE-2015-3167 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-postgresql91-201505=10760 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-postgresql91-201505=10760 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-postgresql91-201505=10760 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-postgresql91-201505=10760 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-postgresql91-201505=10760 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (s390x x86_64) [New Version: 9.1.18]: postgresql91-pltcl-9.1.18-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.1.18]: postgresql91-devel-9.1.18-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 9.1.18]: postgresql91-9.1.18-0.3.1 postgresql91-contrib-9.1.18-0.3.1 postgresql91-docs-9.1.18-0.3.1 postgresql91-server-9.1.18-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.1.18]: postgresql91-9.1.18-0.3.1 postgresql91-contrib-9.1.18-0.3.1 postgresql91-docs-9.1.18-0.3.1 postgresql91-server-9.1.18-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 9.1.18]: postgresql91-9.1.18-0.3.1 postgresql91-docs-9.1.18-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-3165.html https://www.suse.com/security/cve/CVE-2015-3166.html https://www.suse.com/security/cve/CVE-2015-3167.html https://bugzilla.suse.com/907651 https://bugzilla.suse.com/931972 https://bugzilla.suse.com/931973 https://bugzilla.suse.com/931974 https://bugzilla.suse.com/932040 https://download.suse.com/patch/finder/?keywords=00fcb88ab431584bc7bf32ba75396dee From sle-updates at lists.suse.com Mon Jun 22 04:11:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Jun 2015 12:11:06 +0200 (CEST) Subject: SUSE-RU-2015:1093-1: moderate: Recommended update for star Message-ID: <20150622101106.179F231FD2@maintenance.suse.de> SUSE Recommended Update: Recommended update for star ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1093-1 Rating: moderate References: #918021 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for star fixes the following issue: - star(1) outputs contents of an archive to standard error instead of standard output. (bsc#918021) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-277=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-277=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): star-1.5final-65.4.1 star-debuginfo-1.5final-65.4.1 star-debugsource-1.5final-65.4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): star-1.5final-65.4.1 star-debuginfo-1.5final-65.4.1 star-debugsource-1.5final-65.4.1 References: https://bugzilla.suse.com/918021 From sle-updates at lists.suse.com Mon Jun 22 08:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Jun 2015 16:04:53 +0200 (CEST) Subject: SUSE-SU-2015:1086-2: important: Security update for IBM Java Message-ID: <20150622140453.D3C1531FF8@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1086-2 Rating: important References: #912434 #912447 #930365 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: IBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm=10761 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm=10761 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm=10761 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.4-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702 https://download.suse.com/patch/finder/?keywords=224547d04b097be81efdd550de500459 From sle-updates at lists.suse.com Mon Jun 22 13:04:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 22 Jun 2015 21:04:50 +0200 (CEST) Subject: SUSE-SU-2015:1098-1: moderate: Security update for wireshark Message-ID: <20150622190450.4D4FB31FF8@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1098-1 Rating: moderate References: #930691 Cross-References: CVE-2015-3811 CVE-2015-3812 CVE-2015-3814 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: Wireshark was updated and fixes the following issues: * CVE-2015-3811: The WCP dissector could crash while decompressing data. * CVE-2015-3812: The X11 dissector could leak memory * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop. Security Issues: * CVE-2015-3811 * CVE-2015-3812 * CVE-2015-3814 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-wireshark=10771 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wireshark=10771 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wireshark=10771 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wireshark=10771 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.10.14]: wireshark-devel-1.10.14-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 1.10.14]: wireshark-1.10.14-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.10.14]: wireshark-1.10.14-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.10.14]: wireshark-1.10.14-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.10.14]: wireshark-1.10.14-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-3811.html https://www.suse.com/security/cve/CVE-2015-3812.html https://www.suse.com/security/cve/CVE-2015-3814.html https://bugzilla.suse.com/930691 https://download.suse.com/patch/finder/?keywords=36aa94401b00b061228c5708edabe8b7 From sle-updates at lists.suse.com Tue Jun 23 07:58:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 15:58:50 +0200 (CEST) Subject: SUSE-RU-2015:1101-1: important: Recommended update for dmraid Message-ID: <20150623135850.50A7531FF8@maintenance.suse.de> SUSE Recommended Update: Recommended update for dmraid ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1101-1 Rating: important References: #470696 #930487 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for dmraid fixes the following issues: - handle_spaces: cope with arrays with spaces in the name stored in the metadata (bsc#470696, bsc#930487) - Teach dmraid not to create devices - leave that to udev (bsc#930487) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-dmraid-223=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-dmraid-223=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-dmraid-223=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): dmraid-1.0.0.rc16-0.14.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): dmraid-1.0.0.rc16-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): dmraid-debuginfo-1.0.0.rc16-0.14.1 dmraid-debugsource-1.0.0.rc16-0.14.1 References: https://bugzilla.suse.com/470696 https://bugzilla.suse.com/930487 From sle-updates at lists.suse.com Tue Jun 23 07:59:31 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 15:59:31 +0200 (CEST) Subject: SUSE-SU-2015:0925-2: moderate: Security update for python-PyYAML Message-ID: <20150623135931.4AEC832000@maintenance.suse.de> SUSE Security Update: Security update for python-PyYAML ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0925-2 Rating: moderate References: #921588 Cross-References: CVE-2014-9130 Affected Products: SUSE OpenStack Cloud Compute 5 SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: python-PyYAML was updated to fix one security issue which could have allowed an attacker to cause a denial of service by supplying specially crafted strings The following issue was fixed: - #921588: python-PyYAML: assert failure when processing wrapped strings (equivalent to CVE-2014-9130 in LibYAML) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-208=1 - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-208=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (x86_64): python-PyYAML-3.10-15.1 python-PyYAML-debuginfo-3.10-15.1 python-PyYAML-debugsource-3.10-15.1 - SUSE Enterprise Storage 1.0 (x86_64): python-PyYAML-3.10-15.1 python-PyYAML-debuginfo-3.10-15.1 python-PyYAML-debugsource-3.10-15.1 References: https://www.suse.com/security/cve/CVE-2014-9130.html https://bugzilla.suse.com/921588 From sle-updates at lists.suse.com Tue Jun 23 07:59:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 15:59:49 +0200 (CEST) Subject: SUSE-SU-2015:1102-1: moderate: Security update for SES 1.0 Message-ID: <20150623135949.8CB0032000@maintenance.suse.de> SUSE Security Update: Security update for SES 1.0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1102-1 Rating: moderate References: #889053 #903007 #907510 #915567 #915783 #919091 #919313 #919965 #920926 #924269 #924894 #927862 #929553 #929886 #929914 Cross-References: CVE-2014-3589 CVE-2014-3598 CVE-2015-3010 Affected Products: SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that solves three vulnerabilities and has 12 fixes is now available. Description: This collective update for SUSE Enterprise Storage 1.0 provides fixes and enhancements. ceph (update to version 0.80.9): - Support non-ASCII characters. (bnc#907510) - Fixes issue with more than one OSD / MON on same node. (bnc#927862) - Reinstates Environment=CLUSTER=ceph lines removed by last patch. (bnc#915567) - Use same systemd service files for all cluster names. (bnc#915567) - In OSDMonitor fallback to json-pretty in case of invalid formatter. (bnc#919313) - Increase max files to 131072 for ceph-osd daemon. (bnc#924894) - Fix "OSDs shutdown during rados benchmark tests". (bnc#924269) - Add SuSEfirewall2 service files for Ceph MON, OSD and MDS. (bnc#919091) - Added support for multiple cluster names with systemd to ceph-disk. (bnc#915567) - Move udev rules for rbd devices to the client package ceph-common. - Several issues reported upstream have been fixed: #9973 #9918 #9907 #9877 #9854 #9587 #9479 #9478 #9254 #5595 #10978 #10965 #10907 #10553 #10471 #10421 #10307 #10299 #10271 #10271 #10270 #10262 #10103 #10095. ceph-deploy: - Drop support for multiple customer names on the same hardware. (bsc#915567) - Check for errors when generating rgw keys. (bsc#915783) - Do not import new repository keys automatically when installing packages with Zypper. (bsc#919965) - Improved detection of disk vs. OSD block devices with a simple set of tests. (bsc#889053) - Do not create keyring files as world-readable. (bsc#920926, CVE-2015-3010) - Added support for multiple cluster names with systemd to ceph-disk. (bnc#915567) calamari-clients: - Reduce krakenFailThreshold to 5 minutes. (bsc#903007) python-Pillow (update to version 2.7.0): - Fix issues in Jpeg2KImagePlugin and IcnsImagePlugin which could have allowed denial of service attacks. (CVE-2014-3598, CVE-2014-3589) python-djangorestframework: - Escape URLs when replacing format= query parameter, as used in dropdown on GET button in browsable API to allow explicit selection of JSON vs HTML output. (bsc#929914) - Escape request path when it is include as part of the login and logout links in the browsable API. (bsc#929886) For a comprehensive list of changes please refer to each package's change log. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-250=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 1.0 (x86_64): ceph-0.80.9-5.1 ceph-common-0.80.9-5.1 ceph-common-debuginfo-0.80.9-5.1 ceph-debuginfo-0.80.9-5.1 ceph-debugsource-0.80.9-5.1 ceph-fuse-0.80.9-5.1 ceph-fuse-debuginfo-0.80.9-5.1 ceph-radosgw-0.80.9-5.1 ceph-radosgw-debuginfo-0.80.9-5.1 ceph-test-0.80.9-5.1 ceph-test-debuginfo-0.80.9-5.1 libcephfs1-0.80.9-5.1 libcephfs1-debuginfo-0.80.9-5.1 librados2-0.80.9-5.1 librados2-debuginfo-0.80.9-5.1 librbd1-0.80.9-5.1 librbd1-debuginfo-0.80.9-5.1 python-Pillow-2.7.0-4.1 python-Pillow-debuginfo-2.7.0-4.1 python-Pillow-debugsource-2.7.0-4.1 python-ceph-0.80.9-5.1 rbd-fuse-0.80.9-5.1 rbd-fuse-debuginfo-0.80.9-5.1 - SUSE Enterprise Storage 1.0 (noarch): calamari-clients-1.2.2+git.1428648634.40dfe5b-3.1 ceph-deploy-1.5.19+git.1431355031.6178cf3-9.1 python-djangorestframework-2.3.12-4.2 References: https://www.suse.com/security/cve/CVE-2014-3589.html https://www.suse.com/security/cve/CVE-2014-3598.html https://www.suse.com/security/cve/CVE-2015-3010.html https://bugzilla.suse.com/889053 https://bugzilla.suse.com/903007 https://bugzilla.suse.com/907510 https://bugzilla.suse.com/915567 https://bugzilla.suse.com/915783 https://bugzilla.suse.com/919091 https://bugzilla.suse.com/919313 https://bugzilla.suse.com/919965 https://bugzilla.suse.com/920926 https://bugzilla.suse.com/924269 https://bugzilla.suse.com/924894 https://bugzilla.suse.com/927862 https://bugzilla.suse.com/929553 https://bugzilla.suse.com/929886 https://bugzilla.suse.com/929914 From sle-updates at lists.suse.com Tue Jun 23 08:03:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:03:02 +0200 (CEST) Subject: SUSE-SU-2015:1103-1: important: Security update for e2fsprogs Message-ID: <20150623140302.2F76231FF8@maintenance.suse.de> SUSE Security Update: Security update for e2fsprogs ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1103-1 Rating: important References: #915402 #918346 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update provides the following security-fixes for e2fsprogs: libext2fs: fix potential buffer overflow in closefs() (bsc#918346, CVE-2015-1572) libext2fs: avoid buffer overflow if s_first_meta_bg is too big (bsc#915402, CVE-2015-0247) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-e2fsprogs-219=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-e2fsprogs-219=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-e2fsprogs-219=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): e2fsprogs-devel-1.41.9-2.14.2 libcom_err-devel-1.41.9-2.14.2 libext2fs-devel-1.41.9-2.14.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libcom_err-devel-32bit-1.41.9-2.14.2 libext2fs-devel-32bit-1.41.9-2.14.2 libext2fs2-32bit-1.41.9-2.14.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64): libext2fs2-x86-1.41.9-2.14.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): e2fsprogs-1.41.9-2.14.2 libcom_err2-1.41.9-2.14.2 libext2fs2-1.41.9-2.14.2 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libcom_err2-32bit-1.41.9-2.14.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): libcom_err2-x86-1.41.9-2.14.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): e2fsprogs-1.41.9-2.14.2 libcom_err2-1.41.9-2.14.2 libext2fs2-1.41.9-2.14.2 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libcom_err2-32bit-1.41.9-2.14.2 References: https://bugzilla.suse.com/915402 https://bugzilla.suse.com/918346 From sle-updates at lists.suse.com Tue Jun 23 08:03:36 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:03:36 +0200 (CEST) Subject: SUSE-RU-2015:1104-1: Test-update for the Software-Stack Message-ID: <20150623140336.E229632000@maintenance.suse.de> SUSE Recommended Update: Test-update for the Software-Stack ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1104-1 Rating: low References: Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This is a test-update for the Software-Stack. It does not include any fixes or source-changes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-zypper-0415-180=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-zypper-0415-180=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-zypper-0415-180=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): zypper-1.6.323-3.3 zypper-log-1.6.323-3.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): zypper-1.6.323-3.3 zypper-log-1.6.323-3.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): zypper-debuginfo-1.6.323-3.3 zypper-debugsource-1.6.323-3.3 References: From sle-updates at lists.suse.com Tue Jun 23 08:03:46 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:03:46 +0200 (CEST) Subject: SUSE-RU-2015:1105-1: moderate: Recommended update for python-oslo.messaging Message-ID: <20150623140346.8F61332000@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.messaging ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1105-1 Rating: moderate References: #917373 #926549 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for python-oslo.messaging provides the following fixes: - bnc#917373 + Rabbit uses kombu instead of builtin stuffs + Rabbit iterconsume must honor timeout + Have the timeout decrement inside the wait method + Ensure kombu channels are closed + Declare DirectPublisher exchanges with passive True Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-242=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-oslo.messaging-1.4.1-4.1 References: https://bugzilla.suse.com/917373 https://bugzilla.suse.com/926549 From sle-updates at lists.suse.com Tue Jun 23 08:04:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:04:18 +0200 (CEST) Subject: SUSE-RU-2015:1106-1: important: Recommended update for open-iscsi Message-ID: <20150623140418.B7EA132000@maintenance.suse.de> SUSE Recommended Update: Recommended update for open-iscsi ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1106-1 Rating: important References: #920907 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended udpate for open-iscsi fixes the following issue: - enable IB/iser sendtargets (bsc#920907) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openiscsi-256=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-openiscsi-256=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openiscsi-256=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-2.0.873-0.34.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): open-iscsi-2.0.873-0.34.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-debuginfo-2.0.873-0.34.1 open-iscsi-debugsource-2.0.873-0.34.1 References: https://bugzilla.suse.com/920907 From sle-updates at lists.suse.com Tue Jun 23 08:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:04:52 +0200 (CEST) Subject: SUSE-RU-2015:1107-1: moderate: Recommended update for python-oslo.utils Message-ID: <20150623140452.035F332000@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1107-1 Rating: moderate References: #926549 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended update for python-oslo.utils provides the following fixes: - Disable deprecation warning Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-243=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-oslo.utils-1.2.1-3.1 References: https://bugzilla.suse.com/926549 From sle-updates at lists.suse.com Tue Jun 23 08:05:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:05:10 +0200 (CEST) Subject: SUSE-RU-2015:1108-1: important: Recommended update for open-iscsi Message-ID: <20150623140510.641E632006@maintenance.suse.de> SUSE Recommended Update: Recommended update for open-iscsi ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1108-1 Rating: important References: #920907 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended udpate for open-iscsi fixes the following issue: - enable IB/iser sendtargets (bsc#920907) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openiscsi-256=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-openiscsi-256=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openiscsi-256=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-2.0.873-0.34.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): open-iscsi-2.0.873-0.34.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-debuginfo-2.0.873-0.34.1 open-iscsi-debugsource-2.0.873-0.34.1 References: https://bugzilla.suse.com/920907 From sle-updates at lists.suse.com Tue Jun 23 08:05:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:05:11 +0200 (CEST) Subject: SUSE-SU-2015:1109-1: moderate: Security update for python-Django Message-ID: <20150623140511.4FFAD32006@maintenance.suse.de> SUSE Security Update: Security update for python-Django ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1109-1 Rating: moderate References: #913053 #913055 #913056 #923172 #923176 Cross-References: CVE-2015-0219 CVE-2015-0221 CVE-2015-0222 CVE-2015-2316 CVE-2015-2317 Affected Products: SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: python-django was updated to 1.6.11 to fix security issues and non-security bugs. The following vulnerabilities were fixed: * Made is_safe_url() reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs (bnc#923176, CVE-2015-2317) * Fixed an infinite loop possibility in strip_tags() (bnc#923172, CVE-2015-2316) * WSGI header spoofing via underscore/dash conflation (bnc#913053, CVE-2015-0219) * Mitigated possible XSS attack via user-supplied redirect URLs * Denial-of-service attack against ``django.views.static.serve`` (bnc#913056, CVE-2015-0221) * Database denial-of-service with ``ModelMultipleChoiceField`` (bnc#913055, CVE-2015-0222) The update also contains fixes for non-security bugs, functional and stability issues. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-271=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 1.0 (noarch): python-Django-1.6.11-4.1 References: https://www.suse.com/security/cve/CVE-2015-0219.html https://www.suse.com/security/cve/CVE-2015-0221.html https://www.suse.com/security/cve/CVE-2015-0222.html https://www.suse.com/security/cve/CVE-2015-2316.html https://www.suse.com/security/cve/CVE-2015-2317.html https://bugzilla.suse.com/913053 https://bugzilla.suse.com/913055 https://bugzilla.suse.com/913056 https://bugzilla.suse.com/923172 https://bugzilla.suse.com/923176 From sle-updates at lists.suse.com Tue Jun 23 08:05:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:05:51 +0200 (CEST) Subject: SUSE-RU-2015:1110-1: moderate: Recommended update for python-oslo.utils Message-ID: <20150623140551.0298E32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1110-1 Rating: moderate References: #926549 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended update for python-oslo.utils provides the following fixes: - Disable deprecation warning Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-243=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-oslo.utils-1.2.1-3.1 References: https://bugzilla.suse.com/926549 From sle-updates at lists.suse.com Tue Jun 23 08:06:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:06:24 +0200 (CEST) Subject: SUSE-OU-2015:1111-1: Optional update for supportutils-plugin-ses Message-ID: <20150623140624.88C3632006@maintenance.suse.de> SUSE Optional Update: Optional update for supportutils-plugin-ses ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:1111-1 Rating: low References: #924428 Affected Products: SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This patch adds supportutils-plugin-ses to SUSE Enterprise Storage 1.0. This plug-in extends supportconfig functionality to include system information about SUSE Enterprise Storage. The supportconfig saves the plugin output to plugin-ses.txt. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-236=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 1.0 (noarch): supportutils-plugin-ses-1.0+git.1427448112.db0f467-2.1 References: https://bugzilla.suse.com/924428 From sle-updates at lists.suse.com Tue Jun 23 08:06:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:06:24 +0200 (CEST) Subject: SUSE-SU-2015:1112-1: moderate: Security update for python-Django Message-ID: <20150623140624.99EB83205C@maintenance.suse.de> SUSE Security Update: Security update for python-Django ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1112-1 Rating: moderate References: #913053 #913055 #913056 #923172 #923176 Cross-References: CVE-2015-0219 CVE-2015-0221 CVE-2015-0222 CVE-2015-2316 CVE-2015-2317 Affected Products: SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: python-django was updated to 1.6.11 to fix security issues and non-security bugs. The following vulnerabilities were fixed: * Made is_safe_url() reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs (bnc#923176, CVE-2015-2317) * Fixed an infinite loop possibility in strip_tags() (bnc#923172, CVE-2015-2316) * WSGI header spoofing via underscore/dash conflation (bnc#913053, CVE-2015-0219) * Mitigated possible XSS attack via user-supplied redirect URLs * Denial-of-service attack against ``django.views.static.serve`` (bnc#913056, CVE-2015-0221) * Database denial-of-service with ``ModelMultipleChoiceField`` (bnc#913055, CVE-2015-0222) The update also contains fixes for non-security bugs, functional and stability issues. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-271=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 1.0 (noarch): python-Django-1.6.11-4.1 References: https://www.suse.com/security/cve/CVE-2015-0219.html https://www.suse.com/security/cve/CVE-2015-0221.html https://www.suse.com/security/cve/CVE-2015-0222.html https://www.suse.com/security/cve/CVE-2015-2316.html https://www.suse.com/security/cve/CVE-2015-2317.html https://bugzilla.suse.com/913053 https://bugzilla.suse.com/913055 https://bugzilla.suse.com/913056 https://bugzilla.suse.com/923172 https://bugzilla.suse.com/923176 From sle-updates at lists.suse.com Tue Jun 23 08:06:43 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:06:43 +0200 (CEST) Subject: SUSE-RU-2015:1113-1: moderate: Recommended update for python-oslo.db Message-ID: <20150623140643.ACE2532006@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.db ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1113-1 Rating: moderate References: #917373 #926549 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for python-oslo.db provides the following fixes: - Repair include_object to accommodate new objects - Ensure create_engine() retries the initial connection test - Move begin ping listener to a connect listener Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-241=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-oslo.db-1.0.3-5.1 References: https://bugzilla.suse.com/917373 https://bugzilla.suse.com/926549 From sle-updates at lists.suse.com Tue Jun 23 08:07:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:07:20 +0200 (CEST) Subject: SUSE-RU-2015:1114-1: moderate: Initial Update for kernel-ec2 on SLES11-SP4 Message-ID: <20150623140720.573BE32006@maintenance.suse.de> SUSE Recommended Update: Initial Update for kernel-ec2 on SLES11-SP4 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1114-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This recommended update provides kernel-ec2 for SLES11-SP4. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-ec2-231=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-ec2-231=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-kernel-ec2-231=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-ec2-231=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-64.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-64.1 kernel-default-base-3.0.101-64.1 kernel-default-devel-3.0.101-64.1 kernel-source-3.0.101-64.1 kernel-syms-3.0.101-64.1 kernel-trace-3.0.101-64.1 kernel-trace-base-3.0.101-64.1 kernel-trace-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-64.1 kernel-ec2-base-3.0.101-64.1 kernel-ec2-devel-3.0.101-64.1 kernel-xen-3.0.101-64.1 kernel-xen-base-3.0.101-64.1 kernel-xen-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-ppc64-3.0.101-64.1 kernel-ppc64-base-3.0.101-64.1 kernel-ppc64-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-64.1 kernel-pae-base-3.0.101-64.1 kernel-pae-devel-3.0.101-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): kernel-default-3.0.101-64.1 kernel-default-base-3.0.101-64.1 kernel-default-devel-3.0.101-64.1 kernel-default-extra-3.0.101-64.1 kernel-source-3.0.101-64.1 kernel-syms-3.0.101-64.1 kernel-trace-devel-3.0.101-64.1 kernel-xen-3.0.101-64.1 kernel-xen-base-3.0.101-64.1 kernel-xen-devel-3.0.101-64.1 kernel-xen-extra-3.0.101-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586): kernel-pae-3.0.101-64.1 kernel-pae-base-3.0.101-64.1 kernel-pae-devel-3.0.101-64.1 kernel-pae-extra-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-64.1 kernel-default-debugsource-3.0.101-64.1 kernel-trace-debuginfo-3.0.101-64.1 kernel-trace-debugsource-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-64.1 kernel-trace-devel-debuginfo-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-64.1 kernel-ec2-debugsource-3.0.101-64.1 kernel-xen-debuginfo-3.0.101-64.1 kernel-xen-debugsource-3.0.101-64.1 kernel-xen-devel-debuginfo-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-ppc64-debuginfo-3.0.101-64.1 kernel-ppc64-debugsource-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-64.1 kernel-pae-debugsource-3.0.101-64.1 kernel-pae-devel-debuginfo-3.0.101-64.1 References: From sle-updates at lists.suse.com Tue Jun 23 08:07:35 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:07:35 +0200 (CEST) Subject: SUSE-RU-2015:1115-1: Recommended update for lldpad Message-ID: <20150623140735.69C4832006@maintenance.suse.de> SUSE Recommended Update: Recommended update for lldpad ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1115-1 Rating: low References: #929171 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended update for lldpad fixes the following issues: - l2_linux_packet: correctly process return value of get_perm_hwaddr (bsc#929171) - lldpad: Only set Tx adminStatus if interface is not managed (bsc#929171) - mkinitrd-boot: avoid error messages during boot Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-lldpad-216=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-lldpad-216=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-lldpad-216=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-devel-0.9.46-5.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-0.9.46-5.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-debuginfo-0.9.46-5.1 lldpad-debugsource-0.9.46-5.1 References: https://bugzilla.suse.com/929171 From sle-updates at lists.suse.com Tue Jun 23 08:07:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:07:41 +0200 (CEST) Subject: SUSE-OU-2015:1116-1: Optional update for supportutils-plugin-ses Message-ID: <20150623140741.CF59932006@maintenance.suse.de> SUSE Optional Update: Optional update for supportutils-plugin-ses ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:1116-1 Rating: low References: #924428 Affected Products: SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This patch adds supportutils-plugin-ses to SUSE Enterprise Storage 1.0. This plug-in extends supportconfig functionality to include system information about SUSE Enterprise Storage. The supportconfig saves the plugin output to plugin-ses.txt. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-236=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 1.0 (noarch): supportutils-plugin-ses-1.0+git.1427448112.db0f467-2.1 References: https://bugzilla.suse.com/924428 From sle-updates at lists.suse.com Tue Jun 23 08:08:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:08:04 +0200 (CEST) Subject: SUSE-RU-2015:1117-1: moderate: Recommended update for util-linux Message-ID: <20150623140804.BACE732006@maintenance.suse.de> SUSE Recommended Update: Recommended update for util-linux ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1117-1 Rating: moderate References: #923904 #931607 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for util-linux fixes the following issues: - Fix recognition of /dev/dm-N partitions names (bsc#931607) - Fix util-linux-wholedisk-device-mapper (bsc#923904) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-util-linux-218=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-util-linux-218=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-util-linux-218=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libblkid-devel-2.19.1-6.70.1 libuuid-devel-2.19.1-6.70.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libblkid-devel-32bit-2.19.1-6.70.1 libuuid-devel-32bit-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libblkid1-2.19.1-6.70.1 libuuid1-2.19.1-6.70.1 util-linux-2.19.1-6.70.1 util-linux-lang-2.19.1-6.70.1 uuid-runtime-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libblkid1-32bit-2.19.1-6.70.1 libuuid1-32bit-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libblkid1-x86-2.19.1-6.70.1 libuuid1-x86-2.19.1-6.70.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libblkid1-2.19.1-6.70.1 libuuid-devel-2.19.1-6.70.1 libuuid1-2.19.1-6.70.1 util-linux-2.19.1-6.70.1 util-linux-lang-2.19.1-6.70.1 uuid-runtime-2.19.1-6.70.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libblkid1-32bit-2.19.1-6.70.1 libuuid1-32bit-2.19.1-6.70.1 References: https://bugzilla.suse.com/923904 https://bugzilla.suse.com/931607 From sle-updates at lists.suse.com Tue Jun 23 08:08:14 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:08:14 +0200 (CEST) Subject: SUSE-RU-2015:1118-1: moderate: Recommended update for python-oslo.db Message-ID: <20150623140814.0516E32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-oslo.db ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1118-1 Rating: moderate References: #917373 #926549 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for python-oslo.db provides the following fixes: - Repair include_object to accommodate new objects - Ensure create_engine() retries the initial connection test - Move begin ping listener to a connect listener Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-241=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-oslo.db-1.0.3-5.1 References: https://bugzilla.suse.com/917373 https://bugzilla.suse.com/926549 From sle-updates at lists.suse.com Tue Jun 23 08:08:44 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:08:44 +0200 (CEST) Subject: SUSE-SU-2015:0979-2: moderate: Security update for dnsmasq Message-ID: <20150623140844.4347D32006@maintenance.suse.de> SUSE Security Update: Security update for dnsmasq ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0979-2 Rating: moderate References: #923144 #928867 Cross-References: CVE-2015-3294 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: The DNS server dnsmasq was updated to fix one security issue and one non-security bug. The following vulnerability was fixed: * CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867) The following bug was fixed: * bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-229=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (x86_64): dnsmasq-debuginfo-2.71-4.1 dnsmasq-debugsource-2.71-4.1 dnsmasq-utils-2.71-4.1 dnsmasq-utils-debuginfo-2.71-4.1 References: https://www.suse.com/security/cve/CVE-2015-3294.html https://bugzilla.suse.com/923144 https://bugzilla.suse.com/928867 From sle-updates at lists.suse.com Tue Jun 23 08:08:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:08:57 +0200 (CEST) Subject: SUSE-RU-2015:1119-1: moderate: Initial Update for kernel-ec2 on SLES11-SP4 Message-ID: <20150623140857.D2A0C32006@maintenance.suse.de> SUSE Recommended Update: Initial Update for kernel-ec2 on SLES11-SP4 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1119-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This recommended update provides kernel-ec2 for SLES11-SP4. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-ec2-231=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-ec2-231=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-kernel-ec2-231=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-ec2-231=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-64.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-64.1 kernel-default-base-3.0.101-64.1 kernel-default-devel-3.0.101-64.1 kernel-source-3.0.101-64.1 kernel-syms-3.0.101-64.1 kernel-trace-3.0.101-64.1 kernel-trace-base-3.0.101-64.1 kernel-trace-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-64.1 kernel-ec2-base-3.0.101-64.1 kernel-ec2-devel-3.0.101-64.1 kernel-xen-3.0.101-64.1 kernel-xen-base-3.0.101-64.1 kernel-xen-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-ppc64-3.0.101-64.1 kernel-ppc64-base-3.0.101-64.1 kernel-ppc64-devel-3.0.101-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-64.1 kernel-pae-base-3.0.101-64.1 kernel-pae-devel-3.0.101-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): kernel-default-3.0.101-64.1 kernel-default-base-3.0.101-64.1 kernel-default-devel-3.0.101-64.1 kernel-default-extra-3.0.101-64.1 kernel-source-3.0.101-64.1 kernel-syms-3.0.101-64.1 kernel-trace-devel-3.0.101-64.1 kernel-xen-3.0.101-64.1 kernel-xen-base-3.0.101-64.1 kernel-xen-devel-3.0.101-64.1 kernel-xen-extra-3.0.101-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586): kernel-pae-3.0.101-64.1 kernel-pae-base-3.0.101-64.1 kernel-pae-devel-3.0.101-64.1 kernel-pae-extra-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-64.1 kernel-default-debugsource-3.0.101-64.1 kernel-trace-debuginfo-3.0.101-64.1 kernel-trace-debugsource-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-64.1 kernel-trace-devel-debuginfo-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-64.1 kernel-ec2-debugsource-3.0.101-64.1 kernel-xen-debuginfo-3.0.101-64.1 kernel-xen-debugsource-3.0.101-64.1 kernel-xen-devel-debuginfo-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-ppc64-debuginfo-3.0.101-64.1 kernel-ppc64-debugsource-3.0.101-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-64.1 kernel-pae-debugsource-3.0.101-64.1 kernel-pae-devel-debuginfo-3.0.101-64.1 References: From sle-updates at lists.suse.com Tue Jun 23 08:09:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:09:13 +0200 (CEST) Subject: SUSE-RU-2015:1120-1: Recommended update for lldpad Message-ID: <20150623140913.E102F32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for lldpad ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1120-1 Rating: low References: #929171 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This recommended update for lldpad fixes the following issues: - l2_linux_packet: correctly process return value of get_perm_hwaddr (bsc#929171) - lldpad: Only set Tx adminStatus if interface is not managed (bsc#929171) - mkinitrd-boot: avoid error messages during boot Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-lldpad-216=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-lldpad-216=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-lldpad-216=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-devel-0.9.46-5.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-0.9.46-5.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): lldpad-debuginfo-0.9.46-5.1 lldpad-debugsource-0.9.46-5.1 References: https://bugzilla.suse.com/929171 From sle-updates at lists.suse.com Tue Jun 23 08:09:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:09:20 +0200 (CEST) Subject: SUSE-RU-2015:1121-1: Recommended update for bluez Message-ID: <20150623140920.B667B32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for bluez ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1121-1 Rating: low References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This is a test-update for packages with multiple spec-files. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-bluez-251=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-bluez-251=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-bluez-251=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-bluez-251=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-devel-4.99-0.14.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-4.99-0.14.1 libbluetooth3-4.99-0.14.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): bluez-4.99-0.14.1 bluez-alsa-4.99-0.14.1 bluez-cups-4.99-0.14.1 bluez-gstreamer-4.99-0.14.1 bluez-sbc-4.99-0.14.1 libbluetooth3-4.99-0.14.1 libsbc0-4.99-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-debuginfo-4.99-0.14.1 bluez-debugsource-4.99-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): bluez-gstreamer-debuginfo-4.99-0.14.1 bluez-gstreamer-debugsource-4.99-0.14.1 References: From sle-updates at lists.suse.com Tue Jun 23 08:09:38 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:09:38 +0200 (CEST) Subject: SUSE-RU-2015:1122-1: moderate: Recommended update for sg3_utils Message-ID: <20150623140938.9321732006@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1122-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This recommended update for sg3_utils provides version 1.40 with various bugfixes and improvementes: - New utilities sg_write_verify, sg_ses_microcode, sg_sat_read_gplog, sg_rep_zones, sg_reset_wp, sg_compare_and_write - Update support for Xcopy/TPC, Conglomerate LUNs, and ZAC/ZBC - Add udev rules Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sg3_utils-0415-179=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-devel-1.40-0.17.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-1.40-0.17.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): sg3_utils-1.40-0.17.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-debuginfo-1.40-0.17.2 sg3_utils-debugsource-1.40-0.17.2 References: From sle-updates at lists.suse.com Tue Jun 23 08:09:42 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:09:42 +0200 (CEST) Subject: SUSE-RU-2015:1123-1: moderate: Recommended update for util-linux Message-ID: <20150623140942.CB74B32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for util-linux ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1123-1 Rating: moderate References: #923904 #931607 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This recommended update for util-linux fixes the following issues: - Fix recognition of /dev/dm-N partitions names (bsc#931607) - Fix util-linux-wholedisk-device-mapper (bsc#923904) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-util-linux-218=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-util-linux-218=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-util-linux-218=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libblkid-devel-2.19.1-6.70.1 libuuid-devel-2.19.1-6.70.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libblkid-devel-32bit-2.19.1-6.70.1 libuuid-devel-32bit-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libblkid1-2.19.1-6.70.1 libuuid1-2.19.1-6.70.1 util-linux-2.19.1-6.70.1 util-linux-lang-2.19.1-6.70.1 uuid-runtime-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libblkid1-32bit-2.19.1-6.70.1 libuuid1-32bit-2.19.1-6.70.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libblkid1-x86-2.19.1-6.70.1 libuuid1-x86-2.19.1-6.70.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libblkid1-2.19.1-6.70.1 libuuid-devel-2.19.1-6.70.1 libuuid1-2.19.1-6.70.1 util-linux-2.19.1-6.70.1 util-linux-lang-2.19.1-6.70.1 uuid-runtime-2.19.1-6.70.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libblkid1-32bit-2.19.1-6.70.1 libuuid1-32bit-2.19.1-6.70.1 References: https://bugzilla.suse.com/923904 https://bugzilla.suse.com/931607 From sle-updates at lists.suse.com Tue Jun 23 08:10:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:10:16 +0200 (CEST) Subject: SUSE-SU-2015:0979-2: moderate: Security update for dnsmasq Message-ID: <20150623141016.BD6AE32006@maintenance.suse.de> SUSE Security Update: Security update for dnsmasq ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0979-2 Rating: moderate References: #923144 #928867 Cross-References: CVE-2015-3294 Affected Products: SUSE OpenStack Cloud Compute 5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: The DNS server dnsmasq was updated to fix one security issue and one non-security bug. The following vulnerability was fixed: * CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867) The following bug was fixed: * bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2015-229=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (x86_64): dnsmasq-debuginfo-2.71-4.1 dnsmasq-debugsource-2.71-4.1 dnsmasq-utils-2.71-4.1 dnsmasq-utils-debuginfo-2.71-4.1 References: https://www.suse.com/security/cve/CVE-2015-3294.html https://bugzilla.suse.com/923144 https://bugzilla.suse.com/928867 From sle-updates at lists.suse.com Tue Jun 23 08:10:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:10:49 +0200 (CEST) Subject: SUSE-RU-2015:1124-1: Recommended update for bluez Message-ID: <20150623141049.DD85632006@maintenance.suse.de> SUSE Recommended Update: Recommended update for bluez ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1124-1 Rating: low References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This is a test-update for packages with multiple spec-files. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-bluez-251=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-bluez-251=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-bluez-251=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-bluez-251=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-devel-4.99-0.14.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-4.99-0.14.1 libbluetooth3-4.99-0.14.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): bluez-4.99-0.14.1 bluez-alsa-4.99-0.14.1 bluez-cups-4.99-0.14.1 bluez-gstreamer-4.99-0.14.1 bluez-sbc-4.99-0.14.1 libbluetooth3-4.99-0.14.1 libsbc0-4.99-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): bluez-debuginfo-4.99-0.14.1 bluez-debugsource-4.99-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): bluez-gstreamer-debuginfo-4.99-0.14.1 bluez-gstreamer-debugsource-4.99-0.14.1 References: From sle-updates at lists.suse.com Tue Jun 23 08:11:05 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 16:11:05 +0200 (CEST) Subject: SUSE-RU-2015:1125-1: moderate: Recommended update for sg3_utils Message-ID: <20150623141105.0829F32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1125-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This recommended update for sg3_utils provides version 1.40 with various bugfixes and improvementes: - New utilities sg_write_verify, sg_ses_microcode, sg_sat_read_gplog, sg_rep_zones, sg_reset_wp, sg_compare_and_write - Update support for Xcopy/TPC, Conglomerate LUNs, and ZAC/ZBC - Add udev rules Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-sg3_utils-0415-179=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sg3_utils-0415-179=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-devel-1.40-0.17.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-1.40-0.17.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): sg3_utils-1.40-0.17.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-debuginfo-1.40-0.17.2 sg3_utils-debugsource-1.40-0.17.2 References: From sle-updates at lists.suse.com Tue Jun 23 09:05:07 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 17:05:07 +0200 (CEST) Subject: SUSE-RU-2015:1126-1: Recommended update for crowbar-barclamp-hyperv, crowbar-barclamp-pacemaker Message-ID: <20150623150507.C3A8F31FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-hyperv, crowbar-barclamp-pacemaker ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1126-1 Rating: low References: #887944 #901309 #902688 #905273 #917357 #918104 #926605 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This update for crowbar-barclamp-hyperv and crowbar-barclamp-pacemaker provides the following fixes: crowbar-barclamp-hyperv: * Install missing dependency for Hyperv-V Management Console. (bnc#887944) * Fix HA cookbook for Windows instances. (bnc#901309) * Use KeystoneHelper.keystone_settings to fetch settings. (bnc#905273) * Install the Microsoft-Hyper-V-Management-Clients feature. * Updated windows cookbook to support /all and restart attributes. crowbar-barclamp-pacemaker: * Only deal with pacemaker resources on the founder node. (bnc#918104) * Fix proxying reload actions in Chef::Provider::CrowbarPacemakerService. * Use alternative Pacemaker service provider for haproxy service. (bnc#917357) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-hyperv-pacemaker-0415=10627 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-hyperv-1.8+git.1427187204.e2d0983-0.7.5 crowbar-barclamp-hyperv-data-1.8+git.1427187204.e2d0983-0.7.5 crowbar-barclamp-pacemaker-1.8+git.1427187166.86ca868-0.9.1 References: https://bugzilla.suse.com/887944 https://bugzilla.suse.com/901309 https://bugzilla.suse.com/902688 https://bugzilla.suse.com/905273 https://bugzilla.suse.com/917357 https://bugzilla.suse.com/918104 https://bugzilla.suse.com/926605 https://download.suse.com/patch/finder/?keywords=077f5f57861cdae4178536d7661abbb0 From sle-updates at lists.suse.com Tue Jun 23 10:05:07 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 23 Jun 2015 18:05:07 +0200 (CEST) Subject: SUSE-SU-2015:1127-1: moderate: Security update for xorg-x11-server Message-ID: <20150623160507.6B29732006@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1127-1 Rating: moderate References: #923229 #925019 #925021 #925022 #928520 Cross-References: CVE-2014-8092 CVE-2015-3418 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: The X Server was updated to fix 1 security issues and 4 bugs: Security issues: - CVE-2015-3418: Fixed a regression introduced by CVE-2014-8092 in PutImage that caused crashes when called with 0 height (bnc#928520). Bugs fixed: - Xephyr: Don't crash when no command line argument is specified The DDX specific command line parsing function only gets called if command line arguments are present. Therefore this function is not suitable to initialize mandatory global variables. Replace main() instead. (bnc#925022) - Xephyr: Print default server display number if none is specified (bnc#925022) - Xephyr: Fix broken image when endianess of client machine and host-Xserver differ The image is created in the native byte order of the machine Xephyr is rendered on however drawn in the image byte order of the Xephyr server. Correct byte order in the xcb_image_t structure and convert to native before updating the window. If depths of Xephyr and host server differ this is already taken care of by the depth conversion routine. (bnc#923229). - Xephyr: Fix compile when debugging is enabled (bnc#925021) - Xephyr: Fix screen image draw for the non-Glamor & non-XHSM case xcb_image_put() prints the entire image, therefore don't use an offset. (bnc#925019) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-278=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-278=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-278=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): xorg-x11-server-debuginfo-7.6_1.15.2-28.4 xorg-x11-server-debugsource-7.6_1.15.2-28.4 xorg-x11-server-sdk-7.6_1.15.2-28.4 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): xorg-x11-server-7.6_1.15.2-28.4 xorg-x11-server-debuginfo-7.6_1.15.2-28.4 xorg-x11-server-debugsource-7.6_1.15.2-28.4 xorg-x11-server-extra-7.6_1.15.2-28.4 xorg-x11-server-extra-debuginfo-7.6_1.15.2-28.4 - SUSE Linux Enterprise Desktop 12 (x86_64): xorg-x11-server-7.6_1.15.2-28.4 xorg-x11-server-debuginfo-7.6_1.15.2-28.4 xorg-x11-server-debugsource-7.6_1.15.2-28.4 xorg-x11-server-extra-7.6_1.15.2-28.4 xorg-x11-server-extra-debuginfo-7.6_1.15.2-28.4 References: https://www.suse.com/security/cve/CVE-2014-8092.html https://www.suse.com/security/cve/CVE-2015-3418.html https://bugzilla.suse.com/923229 https://bugzilla.suse.com/925019 https://bugzilla.suse.com/925021 https://bugzilla.suse.com/925022 https://bugzilla.suse.com/928520 From sle-updates at lists.suse.com Wed Jun 24 09:05:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jun 2015 17:05:08 +0200 (CEST) Subject: SUSE-SU-2015:1136-1: important: Security update for flash-player Message-ID: <20150624150508.644ED31FFD@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1136-1 Rating: important References: #935701 Cross-References: CVE-2015-3113 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Adobe Flash Player was updated to 11.2.202.468, fixing a security issue, where attackers could trigger a heap overflow and could execute code. https://helpx.adobe.com/security/products/flash-player/apsb15-14.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-279=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-279=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (i586 x86_64): flash-player-11.2.202.468-89.1 flash-player-gnome-11.2.202.468-89.1 - SUSE Linux Enterprise Desktop 12 (i586 x86_64): flash-player-11.2.202.468-89.1 flash-player-gnome-11.2.202.468-89.1 References: https://www.suse.com/security/cve/CVE-2015-3113.html https://bugzilla.suse.com/935701 From sle-updates at lists.suse.com Wed Jun 24 14:05:07 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jun 2015 22:05:07 +0200 (CEST) Subject: SUSE-SU-2015:1086-3: important: Security update for Java Message-ID: <20150624200507.8994C31FFD@maintenance.suse.de> SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1086-3 Rating: important References: #912434 #912447 #930365 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: IBM Java 1.7.0 was updated to SR9 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-java-1_7_0-ibm=10785 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): java-1_7_0-ibm-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-devel-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.0-0.7.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-plugin-1.7.0_sr9.0-0.7.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702 https://download.suse.com/patch/finder/?keywords=9ca57b921374626bc74b4dc6c6926af7 From sle-updates at lists.suse.com Wed Jun 24 14:06:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jun 2015 22:06:02 +0200 (CEST) Subject: SUSE-SU-2015:1137-1: moderate: Security update for flash-player Message-ID: <20150624200602.D5BDB32006@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1137-1 Rating: moderate References: #935701 Cross-References: CVE-2015-3113 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Adobe Flash Player was updated to 11.2.202.468, fixing a security issue, where attackers could have triggered a heap overflow and could have executed code. https://helpx.adobe.com/security/products/flash-player/apsb15-14.html Security Issues: * CVE-2015-3113 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player=10805 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.468]: flash-player-11.2.202.468-0.7.1 flash-player-gnome-11.2.202.468-0.7.1 flash-player-kde4-11.2.202.468-0.7.1 References: https://www.suse.com/security/cve/CVE-2015-3113.html https://bugzilla.suse.com/935701 https://download.suse.com/patch/finder/?keywords=e48696c554afb9305cb98005c94e9af7 From sle-updates at lists.suse.com Wed Jun 24 14:06:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 24 Jun 2015 22:06:20 +0200 (CEST) Subject: SUSE-SU-2015:1138-1: important: Security update for IBM Java Message-ID: <20150624200620.1C60D32006@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1138-1 Rating: important References: #930365 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.4-0.8.1 java-1_6_0-ibm-devel-1.6.0_sr16.4-0.8.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-0.8.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-0.8.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr16.4-0.8.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr16.4-0.8.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.4-0.8.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr16.4-0.8.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr16.4-0.8.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.4-0.8.1 References: https://bugzilla.suse.com/930365 https://download.suse.com/patch/finder/?keywords=c5428e2c57be4bc06608802e52f69888 From sle-updates at lists.suse.com Thu Jun 25 07:05:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jun 2015 15:05:02 +0200 (CEST) Subject: SUSE-SU-2015:1141-1: moderate: Security update for python-keystoneclient Message-ID: <20150625130502.341C331FFD@maintenance.suse.de> SUSE Security Update: Security update for python-keystoneclient ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1141-1 Rating: moderate References: #897103 #928205 Cross-References: CVE-2014-7144 CVE-2015-1852 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: python-keystoneclient was updated to fix two security issues: * bsc#928205: S3Token TLS certificate verification option not honored. (CVE-2015-1852) * bsc#897103: TLS certificate verification option not honored in paste configs. (CVE-2014-7144) Security Issues: * CVE-2014-7144 * CVE-2015-1852 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-python-keystoneclient=10667 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64): python-keystoneclient-0.9.0-0.13.1 python-keystoneclient-doc-0.9.0-0.13.1 References: https://www.suse.com/security/cve/CVE-2014-7144.html https://www.suse.com/security/cve/CVE-2015-1852.html https://bugzilla.suse.com/897103 https://bugzilla.suse.com/928205 https://download.suse.com/patch/finder/?keywords=4714a8b59432e065411eb4fa1f784f01 From sle-updates at lists.suse.com Thu Jun 25 10:05:12 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jun 2015 18:05:12 +0200 (CEST) Subject: SUSE-RU-2015:1142-1: Recommended update for timezone Message-ID: <20150625160512.CBE2D32006@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1142-1 Rating: low References: #928841 #934654 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides the latest timezone information (2015e) for your system, including the following changes: - Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18. - Assume Cayman Islands will observe DST starting next year, using US rules. - Fix post-install script to overwrite the temporary file when attempting to create /etc/localtime as a hard link. (bsc#928841) This release also includes changes affecting past time stamps and documentation. For a comprehensive list, refer to the release announcements from ICANN: http://mm.icann.org/pipermail/tz-announce/2015-June/000032.html http://mm.icann.org/pipermail/tz-announce/2015-April/000031.html Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-283=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-283=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): timezone-2015e-0.20.1 timezone-debuginfo-2015e-0.20.1 timezone-debugsource-2015e-0.20.1 - SUSE Linux Enterprise Server 12 (noarch): timezone-java-2015e-0.20.1 - SUSE Linux Enterprise Desktop 12 (x86_64): timezone-2015e-0.20.1 timezone-debuginfo-2015e-0.20.1 timezone-debugsource-2015e-0.20.1 - SUSE Linux Enterprise Desktop 12 (noarch): timezone-java-2015e-0.20.1 References: https://bugzilla.suse.com/928841 https://bugzilla.suse.com/934654 From sle-updates at lists.suse.com Thu Jun 25 10:05:46 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jun 2015 18:05:46 +0200 (CEST) Subject: SUSE-SU-2015:1143-1: important: Security update for openssl Message-ID: <20150625160546.5430032006@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1143-1 Rating: important References: #926597 #929678 #931698 #933898 #933911 #934487 #934489 #934491 #934493 Cross-References: CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 CVE-2015-4000 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has two fixes is now available. Description: This update of openssl fixes the following security issues: - CVE-2015-4000 (bsc#931698) * The Logjam Attack / weakdh.org * reject connections with DH parameters shorter than 1024 bits * generates 2048-bit DH parameters by default - CVE-2015-1788 (bsc#934487) * Malformed ECParameters causes infinite loop - CVE-2015-1789 (bsc#934489) * Exploitable out-of-bounds read in X509_cmp_time - CVE-2015-1790 (bsc#934491) * PKCS7 crash with missing EnvelopedContent - CVE-2015-1792 (bsc#934493) * CMS verify infinite loop with unknown hash function - CVE-2015-1791 (bsc#933911) * race condition in NewSessionTicket - CVE-2015-3216 (bsc#933898) * Crash in ssleay_rand_bytes due to locking regression - fix a timing side channel in RSA decryption (bnc#929678) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-282=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-282=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-282=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libopenssl-devel-1.0.1i-25.1 openssl-debuginfo-1.0.1i-25.1 openssl-debugsource-1.0.1i-25.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libopenssl1_0_0-1.0.1i-25.1 libopenssl1_0_0-debuginfo-1.0.1i-25.1 libopenssl1_0_0-hmac-1.0.1i-25.1 openssl-1.0.1i-25.1 openssl-debuginfo-1.0.1i-25.1 openssl-debugsource-1.0.1i-25.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libopenssl1_0_0-32bit-1.0.1i-25.1 libopenssl1_0_0-debuginfo-32bit-1.0.1i-25.1 libopenssl1_0_0-hmac-32bit-1.0.1i-25.1 - SUSE Linux Enterprise Server 12 (noarch): openssl-doc-1.0.1i-25.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libopenssl1_0_0-1.0.1i-25.1 libopenssl1_0_0-32bit-1.0.1i-25.1 libopenssl1_0_0-debuginfo-1.0.1i-25.1 libopenssl1_0_0-debuginfo-32bit-1.0.1i-25.1 openssl-1.0.1i-25.1 openssl-debuginfo-1.0.1i-25.1 openssl-debugsource-1.0.1i-25.1 References: https://www.suse.com/security/cve/CVE-2015-1788.html https://www.suse.com/security/cve/CVE-2015-1789.html https://www.suse.com/security/cve/CVE-2015-1790.html https://www.suse.com/security/cve/CVE-2015-1791.html https://www.suse.com/security/cve/CVE-2015-1792.html https://www.suse.com/security/cve/CVE-2015-3216.html https://www.suse.com/security/cve/CVE-2015-4000.html https://bugzilla.suse.com/926597 https://bugzilla.suse.com/929678 https://bugzilla.suse.com/931698 https://bugzilla.suse.com/933898 https://bugzilla.suse.com/933911 https://bugzilla.suse.com/934487 https://bugzilla.suse.com/934489 https://bugzilla.suse.com/934491 https://bugzilla.suse.com/934493 From sle-updates at lists.suse.com Thu Jun 25 11:05:07 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jun 2015 19:05:07 +0200 (CEST) Subject: SUSE-SU-2015:1144-1: moderate: Security update for icu Message-ID: <20150625170507.B7A1C31FFD@maintenance.suse.de> SUSE Security Update: Security update for icu ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1144-1 Rating: moderate References: #917129 Cross-References: CVE-2014-9654 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue in icu: * CVE-2014-9654: insufficient size limit checks in regular expression compiler (bsc#917129) Security Issues: * CVE-2014-9654 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-icu=10783 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-icu=10783 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-icu=10783 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-icu=10783 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libicu-devel-4.0-7.28.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libicu-devel-32bit-4.0-7.28.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): icu-4.0-7.28.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64): libicu-32bit-4.0-7.28.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libicu-4.0-7.28.1 libicu-doc-4.0-7.28.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libicu-32bit-4.0-7.28.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libicu-4.0-7.28.1 libicu-doc-4.0-7.28.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libicu-32bit-4.0-7.28.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libicu-x86-4.0-7.28.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): icu-4.0-7.28.1 libicu-4.0-7.28.1 References: https://www.suse.com/security/cve/CVE-2014-9654.html https://bugzilla.suse.com/917129 https://download.suse.com/patch/finder/?keywords=591af123987e7e88134ee97f079b3103 From sle-updates at lists.suse.com Thu Jun 25 14:05:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 25 Jun 2015 22:05:06 +0200 (CEST) Subject: SUSE-RU-2015:1145-1: Recommended update for timezone Message-ID: <20150625200506.154C731FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1145-1 Rating: low References: #928841 #934654 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides the latest timezone information (2015e) for your system, including the following changes: * Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18. * Assume Cayman Islands will observe DST starting next year, using US rules. * Fix post-install script to overwrite the temporary file when attempting to create /etc/localtime as a hard link. (bsc#928841) This release also includes changes affecting past time stamps and documentation. For a comprehensive list, refer to the release announcements from ICANN: * http://mm.icann.org/pipermail/tz-announce/2015-June/000032.html * http://mm.icann.org/pipermail/tz-announce/2015-April/000031.html Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-timezone-2015e=10775 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-timezone-2015e=10775 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-timezone-2015e=10775 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-timezone-2015e=10775 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch) [New Version: 2015e]: timezone-java-2015e-0.6.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2015e]: timezone-2015e-0.6.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 2015e]: timezone-java-2015e-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2015e]: timezone-2015e-0.6.1 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 2015e]: timezone-java-2015e-0.6.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2015e]: timezone-2015e-0.6.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 2015e]: timezone-java-2015e-0.6.1 References: https://bugzilla.suse.com/928841 https://bugzilla.suse.com/934654 https://download.suse.com/patch/finder/?keywords=2402a3c5ddd4e2788281f54dc8e37dfb From sle-updates at lists.suse.com Fri Jun 26 04:05:05 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jun 2015 12:05:05 +0200 (CEST) Subject: SUSE-RU-2015:1149-1: moderate: Recommended update for xchat Message-ID: <20150626100505.7D93C31FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for xchat ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1149-1 Rating: moderate References: #926674 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The irc client xchat was updated to fix handling of SSL/TLS protocol versions in FIPS mode. The following issue was fixed: * Instead of selecting SSL3.0 only, always select the best (TLS 1.2, 1.1, 1.0 or 3.0). (bsc#926674) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-284=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-284=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): xchat-2.8.8-22.6 xchat-debuginfo-2.8.8-22.6 xchat-debugsource-2.8.8-22.6 - SUSE Linux Enterprise Workstation Extension 12 (noarch): xchat-lang-2.8.8-22.6 - SUSE Linux Enterprise Desktop 12 (x86_64): xchat-2.8.8-22.6 xchat-debuginfo-2.8.8-22.6 xchat-debugsource-2.8.8-22.6 - SUSE Linux Enterprise Desktop 12 (noarch): xchat-lang-2.8.8-22.6 References: https://bugzilla.suse.com/926674 From sle-updates at lists.suse.com Fri Jun 26 05:05:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jun 2015 13:05:08 +0200 (CEST) Subject: SUSE-SU-2015:1150-1: important: Security update for compat-openssl098 Message-ID: <20150626110508.B427D31FFD@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl098 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1150-1 Rating: important References: #879179 #929678 #931698 #933898 #933911 #934487 #934489 #934491 #934493 Cross-References: CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 CVE-2015-4000 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has two fixes is now available. Description: This update fixes the following security issues: - CVE-2015-4000 (boo#931698) * The Logjam Attack / weakdh.org * reject connections with DH parameters shorter than 1024 bits * generates 2048-bit DH parameters by default - CVE-2015-1788 (boo#934487) * Malformed ECParameters causes infinite loop - CVE-2015-1789 (boo#934489) * Exploitable out-of-bounds read in X509_cmp_time - CVE-2015-1790 (boo#934491) * PKCS7 crash with missing EnvelopedContent - CVE-2015-1792 (boo#934493) * CMS verify infinite loop with unknown hash function - CVE-2015-1791 (boo#933911) * race condition in NewSessionTicket - CVE-2015-3216 (boo#933898) * Crash in ssleay_rand_bytes due to locking regression * modified openssl-1.0.1i-fipslocking.patch - fix timing side channel in RSA decryption (bnc#929678) - add ECC ciphersuites to DEFAULT (bnc#879179) - Disable EXPORT ciphers by default (bnc#931698, comment #3) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-285=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-285=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): compat-openssl098-debugsource-0.9.8j-78.1 libopenssl0_9_8-0.9.8j-78.1 libopenssl0_9_8-32bit-0.9.8j-78.1 libopenssl0_9_8-debuginfo-0.9.8j-78.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-78.1 - SUSE Linux Enterprise Desktop 12 (x86_64): compat-openssl098-debugsource-0.9.8j-78.1 libopenssl0_9_8-0.9.8j-78.1 libopenssl0_9_8-32bit-0.9.8j-78.1 libopenssl0_9_8-debuginfo-0.9.8j-78.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-78.1 References: https://www.suse.com/security/cve/CVE-2015-1788.html https://www.suse.com/security/cve/CVE-2015-1789.html https://www.suse.com/security/cve/CVE-2015-1790.html https://www.suse.com/security/cve/CVE-2015-1791.html https://www.suse.com/security/cve/CVE-2015-1792.html https://www.suse.com/security/cve/CVE-2015-3216.html https://www.suse.com/security/cve/CVE-2015-4000.html https://bugzilla.suse.com/879179 https://bugzilla.suse.com/929678 https://bugzilla.suse.com/931698 https://bugzilla.suse.com/933898 https://bugzilla.suse.com/933911 https://bugzilla.suse.com/934487 https://bugzilla.suse.com/934489 https://bugzilla.suse.com/934491 https://bugzilla.suse.com/934493 From sle-updates at lists.suse.com Fri Jun 26 07:08:00 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jun 2015 15:08:00 +0200 (CEST) Subject: SUSE-SU-2015:1152-1: important: Security update for KVM Message-ID: <20150626130800.D8D9131FD2@maintenance.suse.de> SUSE Security Update: Security update for KVM ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1152-1 Rating: important References: #932267 #932770 Cross-References: CVE-2015-3209 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: KVM was updated to fix two security issues: * CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest to host escape. (bsc#932770) * CVE-2015-4037: Predictable directory names for smb configuration. (bsc#932267) Security Issues: * CVE-2015-3209 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kvm=10747 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kvm=10747 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.31.1 References: https://www.suse.com/security/cve/CVE-2015-3209.html https://bugzilla.suse.com/932267 https://bugzilla.suse.com/932770 https://download.suse.com/patch/finder/?keywords=22b018e7745a4c6e213ac9c05777d59d From sle-updates at lists.suse.com Fri Jun 26 08:05:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 26 Jun 2015 16:05:09 +0200 (CEST) Subject: SUSE-RU-2015:1154-1: moderate: Recommended update for hyper-v Message-ID: <20150626140509.CAD3231FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for hyper-v ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1154-1 Rating: moderate References: #899204 #909864 #910353 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for hyper-v provides the following fixes: - Start hv_kvp_daemon after network-online.target (bnc#910353) - Skip all filesystems mounted readonly (bnc#909864) - Introduce -n/--no-daemon option (fate#317533) - Ignore EBUSY on multiple freezing the same partition (bnc#899204). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-286=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-286=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): hyper-v-6-10.1 hyper-v-debuginfo-6-10.1 hyper-v-debugsource-6-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): hyper-v-6-10.1 hyper-v-debuginfo-6-10.1 hyper-v-debugsource-6-10.1 References: https://bugzilla.suse.com/899204 https://bugzilla.suse.com/909864 https://bugzilla.suse.com/910353 From sle-updates at lists.suse.com Fri Jun 26 20:05:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 27 Jun 2015 04:05:09 +0200 (CEST) Subject: SUSE-SU-2015:1086-4: important: Security update for java-1_7_0-ibm Message-ID: <20150627020509.97E4031FCF@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1086-4 Rating: important References: #912434 #912447 #930365 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: IBM Java 1.7.0 was updated to SR9 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May_ 2015 . Security Issues: * CVE-2015-0192 * CVE-2015-2808 * CVE-2015-1914 * CVE-2015-0138 * CVE-2015-0491 * CVE-2015-0458 * CVE-2015-0459 * CVE-2015-0469 * CVE-2015-0480 * CVE-2015-0488 * CVE-2015-0478 * CVE-2015-0477 * CVE-2015-0204 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_7_0-ibm=10784 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_7_0-ibm=10784 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_7_0-ibm=10784 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr9.0-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-alsa-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-plugin-1.7.0_sr9.0-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-jdbc-1.7.0_sr9.0-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr9.0-0.7.1 java-1_7_0-ibm-plugin-1.7.0_sr9.0-0.7.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702 https://download.suse.com/patch/finder/?keywords=9679d0aa3625acf75e826a41db3c367b From sle-updates at lists.suse.com Mon Jun 29 06:05:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 29 Jun 2015 14:05:19 +0200 (CEST) Subject: SUSE-SU-2015:1156-1: important: Security update for Xen Message-ID: <20150629120519.49A793207D@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1156-1 Rating: important References: #931625 #931626 #931627 #931628 #932770 #932996 Cross-References: CVE-2015-3209 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-4164 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: Xen was updated to fix six security issues: * CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. (XSA-128, bsc#931625) * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. (XSA-129, bsc#931626) * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages. (XSA-130, bsc#931627) * CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131, bsc#931628) * CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to host escape. (XSA-135, bsc#932770) * CVE-2015-4164: DoS through iret hypercall handler. (XSA-136, bsc#932996) Security Issues: * CVE-2015-4103 * CVE-2015-4104 * CVE-2015-4105 * CVE-2015-4106 * CVE-2015-4164 * CVE-2015-3209 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-xen-201506=10726 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): xen-4.0.3_21548_18-0.25.1 xen-doc-html-4.0.3_21548_18-0.25.1 xen-doc-pdf-4.0.3_21548_18-0.25.1 xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.19-0.25.1 xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.19-0.25.1 xen-libs-4.0.3_21548_18-0.25.1 xen-tools-4.0.3_21548_18-0.25.1 xen-tools-domU-4.0.3_21548_18-0.25.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.25.1 References: https://www.suse.com/security/cve/CVE-2015-3209.html https://www.suse.com/security/cve/CVE-2015-4103.html https://www.suse.com/security/cve/CVE-2015-4104.html https://www.suse.com/security/cve/CVE-2015-4105.html https://www.suse.com/security/cve/CVE-2015-4106.html https://www.suse.com/security/cve/CVE-2015-4164.html https://bugzilla.suse.com/931625 https://bugzilla.suse.com/931626 https://bugzilla.suse.com/931627 https://bugzilla.suse.com/931628 https://bugzilla.suse.com/932770 https://bugzilla.suse.com/932996 https://download.suse.com/patch/finder/?keywords=5db78436698154117f5060fbcf442cac From sle-updates at lists.suse.com Mon Jun 29 07:05:15 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 29 Jun 2015 15:05:15 +0200 (CEST) Subject: SUSE-SU-2015:1157-1: important: Security update for Xen Message-ID: <20150629130515.3A64B3207D@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1157-1 Rating: important References: #931625 #931626 #931627 #931628 #932770 #932996 Cross-References: CVE-2015-3209 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-4163 CVE-2015-4164 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: Xen was updated to fix six security issues: * CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. (XSA-128, bsc#931625) * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. (XSA-129, bsc#931626) * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages. (XSA-130, bsc#931627) * CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131, bsc#931628) * CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest to host escape. (XSA-135, bsc#932770) * CVE-2015-4164: DoS through iret hypercall handler. (XSA-136, bsc#932996) Security Issues: * CVE-2015-4103 * CVE-2015-4104 * CVE-2015-4105 * CVE-2015-4106 * CVE-2015-4163 * CVE-2015-4164 * CVE-2015-3209 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-xen-201506=10729 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64): xen-devel-4.1.6_08-0.13.1 xen-kmp-default-4.1.6_08_3.0.101_0.7.29-0.13.1 xen-kmp-trace-4.1.6_08_3.0.101_0.7.29-0.13.1 xen-libs-4.1.6_08-0.13.1 xen-tools-domU-4.1.6_08-0.13.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (x86_64): xen-4.1.6_08-0.13.1 xen-doc-html-4.1.6_08-0.13.1 xen-doc-pdf-4.1.6_08-0.13.1 xen-libs-32bit-4.1.6_08-0.13.1 xen-tools-4.1.6_08-0.13.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586): xen-kmp-pae-4.1.6_08_3.0.101_0.7.29-0.13.1 References: https://www.suse.com/security/cve/CVE-2015-3209.html https://www.suse.com/security/cve/CVE-2015-4103.html https://www.suse.com/security/cve/CVE-2015-4104.html https://www.suse.com/security/cve/CVE-2015-4105.html https://www.suse.com/security/cve/CVE-2015-4106.html https://www.suse.com/security/cve/CVE-2015-4163.html https://www.suse.com/security/cve/CVE-2015-4164.html https://bugzilla.suse.com/931625 https://bugzilla.suse.com/931626 https://bugzilla.suse.com/931627 https://bugzilla.suse.com/931628 https://bugzilla.suse.com/932770 https://bugzilla.suse.com/932996 https://download.suse.com/patch/finder/?keywords=664b696391d543da0f24d6d0b039a056 From sle-updates at lists.suse.com Tue Jun 30 00:05:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jun 2015 08:05:16 +0200 (CEST) Subject: SUSE-RU-2015:1158-1: Initial update for the Containers-Module Message-ID: <20150630060516.905A43207D@maintenance.suse.de> SUSE Recommended Update: Initial update for the Containers-Module ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1158-1 Rating: low References: Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This recommended update provides the initial version of docker and its dependencies including images for SUSE Linux Enterprise Server 12 and 11-SP3 for the Containers-Module. Fully supported as part of SUSE Linux Enterprise Server 12, enterprise-ready Docker from SUSE improves operational efficiency and is accompanied by easy-to-use tools to build, deploy and manage containers. SUSE provides pre-built images from a verified and trusted source. In addition, customers can create an on-premise registry behind the enterprise firewall, minimizing exposure to malicious attacks and providing better control of intellectual property. As integral parts of SUSE Linux Enterprise Server, Docker and containers provide additional virtualization options to improve operational efficiency. SUSE Linux Enterprise Server includes the Xen and KVM hypervisors and is a perfect guest in virtual and cloud environments. With the addition of Docker, customers can build, ship and run containerized applications on SUSE Linux Enterprise Server in physical, virtual or cloud environments. The efficient YaST management framework provides a simple overview of the available Docker images and allows customers to run and easily control Docker containers. In addition, the KIWI image-building tool has been extended to support the Docker build format. SUSE's current Docker offering supports x86-64 servers with support for other hardware platforms in the works. For more information about Docker in SUSE Linux Enterprise Server, including a series of Docker mini-course videos, visit www.suse.com/promo/docker.html and www.suse.com/promo/sle. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-287=1 - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2015-287=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-docker-py-1.1.0-11.1 python-websocket-client-0.15.0-3.1 - SUSE Linux Enterprise Module for Containers 12 (x86_64): docker-1.6.2-34.1 docker-debuginfo-1.6.2-34.1 docker-debugsource-1.6.2-34.1 docker-distribution-registry-2.0.1-2.2 ruby2.1-rubygem-archive-tar-minitar-0.5.2-4.1 ruby2.1-rubygem-docker-api-1.17.0-4.1 ruby2.1-rubygem-excon-0.39.6-4.1 ruby2.1-rubygem-sle2docker-0.4.1-8.1 sle2docker-0.4.1-8.1 sles11sp3-docker-image-1.0.0-20150624131557 sles12-docker-image-1.0.0-20150624131637 - SUSE Linux Enterprise Module for Containers 12 (noarch): python-backports.ssl_match_hostname-3.4.0.2-2.1 python-docker-py-1.1.0-11.1 python-dockerpty-0.3.2-2.1 python-docopt-0.6.2-2.1 python-py-1.4.25-3.1 python-texttable-0.8.3-2.1 python-websocket-client-0.15.0-3.1 yast2-docker-3.1.5-12.1 References: From sle-updates at lists.suse.com Tue Jun 30 00:05:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jun 2015 08:05:24 +0200 (CEST) Subject: SUSE-RU-2015:1159-1: Recommended update for crowbar-barclamp-glance Message-ID: <20150630060524.A727132084@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-glance ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1159-1 Rating: low References: #916564 #926605 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crowbar-barclamp-glance provides the following fix: * Ensure the filesystem datastore directory exists. (bsc#916564) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-glance=10607 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-glance-1.8+git.1423243907.1daf982-0.7.1 References: https://bugzilla.suse.com/916564 https://bugzilla.suse.com/926605 https://download.suse.com/patch/finder/?keywords=75a48dc6d51522b4e3ea994b0b8ea270 From sle-updates at lists.suse.com Tue Jun 30 09:05:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 30 Jun 2015 17:05:16 +0200 (CEST) Subject: SUSE-SU-2015:1161-1: important: Security update for java-1_6_0-ibm Message-ID: <20150630150516.CD74932088@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1161-1 Rating: important References: #912434 #912447 #930365 #931702 Cross-References: CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-2808 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: IBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: [http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_May _2015](http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Upda te_May_2015) CVEs addressed: CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Additional bugs fixed: * Fix javaws/plugin stuff should slave plugin update-alternatives (bnc#912434) * Changed Java to use the system root CA certificates (bnc#912447) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-288=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.4-15.1 java-1_6_0-ibm-fonts-1.6.0_sr16.4-15.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.4-15.1 - SUSE Linux Enterprise Module for Legacy Software 12 (x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.4-15.1 References: https://www.suse.com/security/cve/CVE-2015-0138.html https://www.suse.com/security/cve/CVE-2015-0192.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-1914.html https://www.suse.com/security/cve/CVE-2015-2808.html https://bugzilla.suse.com/912434 https://bugzilla.suse.com/912447 https://bugzilla.suse.com/930365 https://bugzilla.suse.com/931702