From sle-updates at lists.suse.com Mon Nov 2 07:32:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 15:32:47 +0100 (CET) Subject: SUSE-RU-2015:1856-1: moderate: Recommended update for mkinitrd Message-ID: <20151102143247.CB403320AC@maintenance.suse.de> SUSE Recommended Update: Recommended update for mkinitrd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1856-1 Rating: moderate References: #840288 #915548 #930487 #932038 #932042 #938470 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for mkinitrd provides the following fixes: - Ignore non-existent extra dependencies. (bsc#932042) - Find driver for nvme devices. (bsc#938470) - Set NIC link up for ibft devices (needed for BCM). (bsc#932038, bsc#840288) - Handle devices symlinks with '\' in their names. (bsc#930487) - Use mount-by setting from fstab if booted without root=. (bsc#915548) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-mkinitrd-12176=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-mkinitrd-12176=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-mkinitrd-12176=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-mkinitrd-12176=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): mkinitrd-2.4.2-94.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): mkinitrd-2.4.2-94.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): mkinitrd-2.4.2-94.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): mkinitrd-debuginfo-2.4.2-94.2 mkinitrd-debugsource-2.4.2-94.2 References: https://bugzilla.suse.com/840288 https://bugzilla.suse.com/915548 https://bugzilla.suse.com/930487 https://bugzilla.suse.com/932038 https://bugzilla.suse.com/932042 https://bugzilla.suse.com/938470 From sle-updates at lists.suse.com Mon Nov 2 07:34:42 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 15:34:42 +0100 (CET) Subject: SUSE-RU-2015:1857-1: moderate: Recommended update for xorg-x11-driver-video Message-ID: <20151102143442.BD9A3320AC@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-driver-video ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1857-1 Rating: moderate References: #758040 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: xorg-x11-driver-video was updated to remove a temporary workaround that disabled DRI2 and 2D acceleration. The underlying issue has been fixed in the kernel. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xorg-x11-driver-video-12178=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-xorg-x11-driver-video-12178=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xorg-x11-driver-video-12178=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 x86_64): xorg-x11-driver-video-7.4.0.1-0.92.4 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): xorg-x11-driver-video-7.4.0.1-0.92.4 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 x86_64): xorg-x11-driver-video-debuginfo-7.4.0.1-0.92.4 xorg-x11-driver-video-debugsource-7.4.0.1-0.92.4 References: https://bugzilla.suse.com/758040 From sle-updates at lists.suse.com Mon Nov 2 07:35:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 15:35:20 +0100 (CET) Subject: SUSE-RU-2015:1858-1: Recommended update for vacation Message-ID: <20151102143520.A3086320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for vacation ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1858-1 Rating: low References: #944326 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the vacation tool fixes handling of "From" mail headers that are too long and can be folded in two lines. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-777=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-777=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): vacation-1.2.7.1-9.1 vacation-debuginfo-1.2.7.1-9.1 vacation-debugsource-1.2.7.1-9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): vacation-1.2.7.1-9.1 vacation-debuginfo-1.2.7.1-9.1 vacation-debugsource-1.2.7.1-9.1 References: https://bugzilla.suse.com/944326 From sle-updates at lists.suse.com Mon Nov 2 07:35:43 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 15:35:43 +0100 (CET) Subject: SUSE-RU-2015:1859-1: Recommended update for libyaml Message-ID: <20151102143543.150A6320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for libyaml ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1859-1 Rating: low References: #952625 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adjusts libyaml's packaging to require pkg-config at build time. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-776=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-776=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-776=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libyaml-debugsource-0.1.6-7.1 libyaml-devel-0.1.6-7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libyaml-0-2-0.1.6-7.1 libyaml-0-2-debuginfo-0.1.6-7.1 libyaml-debugsource-0.1.6-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libyaml-0-2-0.1.6-7.1 libyaml-0-2-debuginfo-0.1.6-7.1 libyaml-debugsource-0.1.6-7.1 References: https://bugzilla.suse.com/952625 From sle-updates at lists.suse.com Mon Nov 2 07:36:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 15:36:04 +0100 (CET) Subject: SUSE-RU-2015:1860-1: moderate: Recommended update for susestudio Message-ID: <20151102143604.4C53E320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for susestudio ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1860-1 Rating: moderate References: #919208 #921587 #927119 #933201 #933570 #935243 #935867 #944017 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: SUSE Studio onsite was updated to 1.3.11. This update includes bug fixes for: - ldap group missing in selection list for overlay file ownership (bnc#933570) - users without Admin-flag cannot build SLE12 appliances in Studio onsite 1.3 (bnc#933201) - appliance theme corrupts /etc/X11/xdm/Xsetup (bnc#927119) - Select details for some repositories causes error 500 "internal server error" (bnc#921587) - ERROR NoMethodError: undefined method `empty?' for nil:NilClass (bnc#935243) - Test for running in testdrive in suse_studio_firstboot breaks network setup (bnc#919208) - Enable SUSE Studio Onsite to have a second s390 runner for building s390 images for SLE12 (bnc#935867) - Adopt to kiwi changes required for bnc#944017 - SLE12 s390x appliances have incorrect bootloader configuration This update also contains current Containment images with updates for SUSE Linux Enterprise 11 SP3 and SUSE Linux Enterprise 12 GA. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-susestudio-20150812-12177=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): Containment-Studio-SLE11_SP3-5.05.81-20150915115732 Containment-Studio-SLE12-5.06.165-20150811111709 apache2-mod_upload_progress-1.0-0.2.2 apache2-mod_xsendfile-0.9-0.2.2 bootchart-2.0.12.4-8.9.2.1 libcontainment-insomnia-0.1.1-0.9.2.6 libv8-3-3.9.13.0-0.2.2 mongodb-2.0.1-0.2.2 nodejs-0.6.8-0.2.3 qemu-ext2-0.1.1-0.9.2.6 squashfs3-3.2-0.2.1 susestudio-1.3.11-28.1 susestudio-bundled-packages-1.3.11-28.1 susestudio-common-1.3.11-28.1 susestudio-runner-1.3.11-28.1 susestudio-sid-1.3.11-28.1 susestudio-ui-server-1.3.11-28.1 - SUSE Studio Onsite 1.3 (noarch): coffeescript-1.1.2-0.2.4 flashpolicyd-2.0-0.2.1 References: https://bugzilla.suse.com/919208 https://bugzilla.suse.com/921587 https://bugzilla.suse.com/927119 https://bugzilla.suse.com/933201 https://bugzilla.suse.com/933570 https://bugzilla.suse.com/935243 https://bugzilla.suse.com/935867 https://bugzilla.suse.com/944017 From sle-updates at lists.suse.com Mon Nov 2 08:34:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 16:34:54 +0100 (CET) Subject: SUSE-SU-2015:1874-1: important: Security update for java-1_7_0-openjdk Message-ID: <20151102153454.CB83C320DF@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1874-1 Rating: important References: #951376 Cross-References: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u91 to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4842: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JAXP (bsc#951376). - CVE-2015-4840: Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#951376). - CVE-2015-4872: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect integrity via unknown vectors related to Security (bsc#951376). - CVE-2015-4860: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883 (bsc#951376). - CVE-2015-4844: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#951376). - CVE-2015-4883: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860 (bsc#951376). - CVE-2015-4893: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911 (bsc#951376). - CVE-2015-4911: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893 (bsc#951376). - CVE-2015-4882: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect availability via vectors related to CORBA (bsc#951376). - CVE-2015-4881: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835 (bsc#951376). - CVE-2015-4734: Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JGSS (bsc#951376). - CVE-2015-4806: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4805: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization (bsc#951376). - CVE-2015-4803: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911 (bsc#951376). - CVE-2015-4835: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881 (bsc#951376). - CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to RMI (bsc#951376). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-781=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x): java-1_7_0-openjdk-1.7.0.91-21.2 java-1_7_0-openjdk-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-debugsource-1.7.0.91-21.2 java-1_7_0-openjdk-demo-1.7.0.91-21.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-devel-1.7.0.91-21.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-headless-1.7.0.91-21.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.91-21.2 References: https://www.suse.com/security/cve/CVE-2015-4734.html https://www.suse.com/security/cve/CVE-2015-4803.html https://www.suse.com/security/cve/CVE-2015-4805.html https://www.suse.com/security/cve/CVE-2015-4806.html https://www.suse.com/security/cve/CVE-2015-4835.html https://www.suse.com/security/cve/CVE-2015-4840.html https://www.suse.com/security/cve/CVE-2015-4842.html https://www.suse.com/security/cve/CVE-2015-4843.html https://www.suse.com/security/cve/CVE-2015-4844.html https://www.suse.com/security/cve/CVE-2015-4860.html https://www.suse.com/security/cve/CVE-2015-4872.html https://www.suse.com/security/cve/CVE-2015-4881.html https://www.suse.com/security/cve/CVE-2015-4882.html https://www.suse.com/security/cve/CVE-2015-4883.html https://www.suse.com/security/cve/CVE-2015-4893.html https://www.suse.com/security/cve/CVE-2015-4903.html https://www.suse.com/security/cve/CVE-2015-4911.html https://bugzilla.suse.com/951376 From sle-updates at lists.suse.com Mon Nov 2 08:35:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 16:35:16 +0100 (CET) Subject: SUSE-SU-2015:1875-1: important: Security update for java-1_7_0-openjdk Message-ID: <20151102153516.27907320DF@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1875-1 Rating: important References: #951376 Cross-References: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u91 to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4842: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JAXP (bsc#951376). - CVE-2015-4840: Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#951376). - CVE-2015-4872: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect integrity via unknown vectors related to Security (bsc#951376). - CVE-2015-4860: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883 (bsc#951376). - CVE-2015-4844: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#951376). - CVE-2015-4883: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860 (bsc#951376). - CVE-2015-4893: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911 (bsc#951376). - CVE-2015-4911: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893 (bsc#951376). - CVE-2015-4882: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect availability via vectors related to CORBA (bsc#951376). - CVE-2015-4881: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835 (bsc#951376). - CVE-2015-4734: Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JGSS (bsc#951376). - CVE-2015-4806: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4805: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization (bsc#951376). - CVE-2015-4803: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911 (bsc#951376). - CVE-2015-4835: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881 (bsc#951376). - CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to RMI (bsc#951376). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-java-1_7_0-openjdk-12179=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-12179=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586): java-1_7_0-openjdk-1.7.0.91-0.14.2 java-1_7_0-openjdk-demo-1.7.0.91-0.14.2 java-1_7_0-openjdk-devel-1.7.0.91-0.14.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586): java-1_7_0-openjdk-1.7.0.91-0.14.2 java-1_7_0-openjdk-demo-1.7.0.91-0.14.2 java-1_7_0-openjdk-devel-1.7.0.91-0.14.2 References: https://www.suse.com/security/cve/CVE-2015-4734.html https://www.suse.com/security/cve/CVE-2015-4803.html https://www.suse.com/security/cve/CVE-2015-4805.html https://www.suse.com/security/cve/CVE-2015-4806.html https://www.suse.com/security/cve/CVE-2015-4835.html https://www.suse.com/security/cve/CVE-2015-4840.html https://www.suse.com/security/cve/CVE-2015-4842.html https://www.suse.com/security/cve/CVE-2015-4843.html https://www.suse.com/security/cve/CVE-2015-4844.html https://www.suse.com/security/cve/CVE-2015-4860.html https://www.suse.com/security/cve/CVE-2015-4872.html https://www.suse.com/security/cve/CVE-2015-4881.html https://www.suse.com/security/cve/CVE-2015-4882.html https://www.suse.com/security/cve/CVE-2015-4883.html https://www.suse.com/security/cve/CVE-2015-4893.html https://www.suse.com/security/cve/CVE-2015-4903.html https://www.suse.com/security/cve/CVE-2015-4911.html https://bugzilla.suse.com/951376 From sle-updates at lists.suse.com Mon Nov 2 08:40:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 16:40:11 +0100 (CET) Subject: SUSE-SU-2015:1885-1: moderate: Security update for apache2 Message-ID: <20151102154011.43D0D31FD0@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1885-1 Rating: moderate References: #444878 #931002 #938728 #941676 Cross-References: CVE-2015-3183 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: Apache was updated to fix one security vulnerability and two bugs. Following security issue was fixed. - Fix the chunked transfer coding implementation in the Apache (bsc#938728, CVE-2015-3183) Bugs fixed: - add SSLSessionTickets directive (bsc#941676) - hardcode modules %files (bsc#444878) - only enable the port 443 for TCP protocol, not UDP. (bsc#931002) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-apache2-12181=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-apache2-12181=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-apache2-12181=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-apache2-12181=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64 ppc64): apache2-devel-2.2.12-59.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ia64 ppc64): apache2-devel-2.2.12-59.1 - SUSE Linux Enterprise Server 11-SP4 (ia64 ppc64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Server 11-SP3 (ia64 ppc64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 References: https://www.suse.com/security/cve/CVE-2015-3183.html https://bugzilla.suse.com/444878 https://bugzilla.suse.com/931002 https://bugzilla.suse.com/938728 https://bugzilla.suse.com/941676 From sle-updates at lists.suse.com Mon Nov 2 09:11:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 17:11:02 +0100 (CET) Subject: SUSE-SU-2015:1888-1: moderate: Security update for rubygem-rack Message-ID: <20151102161102.5A3B6320B7@maintenance.suse.de> SUSE Security Update: Security update for rubygem-rack ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1888-1 Rating: moderate References: #934797 Cross-References: CVE-2015-3225 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: rubygem-rack was updated to fix one security issue. This security issue was fixed: - CVE-2015-3225: Crafted requests could have caused a SystemStackError leading to Denial of Service (bsc#934797). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-rubygem-rack-12182=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-rack-12182=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): rubygem-rack-1.1.6-0.11.2 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-rack-1.1.6-0.11.2 References: https://www.suse.com/security/cve/CVE-2015-3225.html https://bugzilla.suse.com/934797 From sle-updates at lists.suse.com Mon Nov 2 09:11:25 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 17:11:25 +0100 (CET) Subject: SUSE-SU-2015:1874-2: important: Security update for java-1_7_0-openjdk Message-ID: <20151102161125.706E0320F0@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1874-2 Rating: important References: #951376 Cross-References: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u91 to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4842: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JAXP (bsc#951376). - CVE-2015-4840: Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#951376). - CVE-2015-4872: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect integrity via unknown vectors related to Security (bsc#951376). - CVE-2015-4860: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883 (bsc#951376). - CVE-2015-4844: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#951376). - CVE-2015-4883: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860 (bsc#951376). - CVE-2015-4893: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911 (bsc#951376). - CVE-2015-4911: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893 (bsc#951376). - CVE-2015-4882: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect availability via vectors related to CORBA (bsc#951376). - CVE-2015-4881: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835 (bsc#951376). - CVE-2015-4734: Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JGSS (bsc#951376). - CVE-2015-4806: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4805: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization (bsc#951376). - CVE-2015-4803: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911 (bsc#951376). - CVE-2015-4835: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881 (bsc#951376). - CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to RMI (bsc#951376). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-781=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-781=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): java-1_7_0-openjdk-1.7.0.91-21.2 java-1_7_0-openjdk-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-debugsource-1.7.0.91-21.2 java-1_7_0-openjdk-demo-1.7.0.91-21.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-devel-1.7.0.91-21.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-headless-1.7.0.91-21.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.91-21.2 - SUSE Linux Enterprise Desktop 12 (x86_64): java-1_7_0-openjdk-1.7.0.91-21.2 java-1_7_0-openjdk-debuginfo-1.7.0.91-21.2 java-1_7_0-openjdk-debugsource-1.7.0.91-21.2 java-1_7_0-openjdk-headless-1.7.0.91-21.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.91-21.2 References: https://www.suse.com/security/cve/CVE-2015-4734.html https://www.suse.com/security/cve/CVE-2015-4803.html https://www.suse.com/security/cve/CVE-2015-4805.html https://www.suse.com/security/cve/CVE-2015-4806.html https://www.suse.com/security/cve/CVE-2015-4835.html https://www.suse.com/security/cve/CVE-2015-4840.html https://www.suse.com/security/cve/CVE-2015-4842.html https://www.suse.com/security/cve/CVE-2015-4843.html https://www.suse.com/security/cve/CVE-2015-4844.html https://www.suse.com/security/cve/CVE-2015-4860.html https://www.suse.com/security/cve/CVE-2015-4872.html https://www.suse.com/security/cve/CVE-2015-4881.html https://www.suse.com/security/cve/CVE-2015-4882.html https://www.suse.com/security/cve/CVE-2015-4883.html https://www.suse.com/security/cve/CVE-2015-4893.html https://www.suse.com/security/cve/CVE-2015-4903.html https://www.suse.com/security/cve/CVE-2015-4911.html https://bugzilla.suse.com/951376 From sle-updates at lists.suse.com Mon Nov 2 09:11:46 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 17:11:46 +0100 (CET) Subject: SUSE-SU-2015:1875-2: important: Security update for java-1_7_0-openjdk Message-ID: <20151102161146.95028320F0@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1875-2 Rating: important References: #951376 Cross-References: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u91 to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4842: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JAXP (bsc#951376). - CVE-2015-4840: Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#951376). - CVE-2015-4872: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect integrity via unknown vectors related to Security (bsc#951376). - CVE-2015-4860: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883 (bsc#951376). - CVE-2015-4844: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#951376). - CVE-2015-4883: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860 (bsc#951376). - CVE-2015-4893: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911 (bsc#951376). - CVE-2015-4911: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893 (bsc#951376). - CVE-2015-4882: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect availability via vectors related to CORBA (bsc#951376). - CVE-2015-4881: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835 (bsc#951376). - CVE-2015-4734: Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to JGSS (bsc#951376). - CVE-2015-4806: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries (bsc#951376). - CVE-2015-4805: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization (bsc#951376). - CVE-2015-4803: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allowed remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911 (bsc#951376). - CVE-2015-4835: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881 (bsc#951376). - CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality via vectors related to RMI (bsc#951376). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-java-1_7_0-openjdk-12179=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-12179=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-java-1_7_0-openjdk-12179=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-java-1_7_0-openjdk-12179=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): java-1_7_0-openjdk-1.7.0.91-0.14.2 java-1_7_0-openjdk-demo-1.7.0.91-0.14.2 java-1_7_0-openjdk-devel-1.7.0.91-0.14.2 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): java-1_7_0-openjdk-1.7.0.91-0.14.2 java-1_7_0-openjdk-demo-1.7.0.91-0.14.2 java-1_7_0-openjdk-devel-1.7.0.91-0.14.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): java-1_7_0-openjdk-debuginfo-1.7.0.91-0.14.2 java-1_7_0-openjdk-debugsource-1.7.0.91-0.14.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): java-1_7_0-openjdk-debuginfo-1.7.0.91-0.14.2 java-1_7_0-openjdk-debugsource-1.7.0.91-0.14.2 References: https://www.suse.com/security/cve/CVE-2015-4734.html https://www.suse.com/security/cve/CVE-2015-4803.html https://www.suse.com/security/cve/CVE-2015-4805.html https://www.suse.com/security/cve/CVE-2015-4806.html https://www.suse.com/security/cve/CVE-2015-4835.html https://www.suse.com/security/cve/CVE-2015-4840.html https://www.suse.com/security/cve/CVE-2015-4842.html https://www.suse.com/security/cve/CVE-2015-4843.html https://www.suse.com/security/cve/CVE-2015-4844.html https://www.suse.com/security/cve/CVE-2015-4860.html https://www.suse.com/security/cve/CVE-2015-4872.html https://www.suse.com/security/cve/CVE-2015-4881.html https://www.suse.com/security/cve/CVE-2015-4882.html https://www.suse.com/security/cve/CVE-2015-4883.html https://www.suse.com/security/cve/CVE-2015-4893.html https://www.suse.com/security/cve/CVE-2015-4903.html https://www.suse.com/security/cve/CVE-2015-4911.html https://bugzilla.suse.com/951376 From sle-updates at lists.suse.com Mon Nov 2 09:12:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 17:12:09 +0100 (CET) Subject: SUSE-SU-2015:1889-1: moderate: Security update for ruby19 Message-ID: <20151102161209.26987320F0@maintenance.suse.de> SUSE Security Update: Security update for ruby19 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1889-1 Rating: moderate References: #926974 #939860 Cross-References: CVE-2009-5147 CVE-2015-1855 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: ruby19 was updated to fix two security issues. The following vulnerabilities were fixed: * CVE-2015-1855: Ruby OpenSSL hostname verification was too permissive (bsc#926974). * CVE-2009-5147: DL::dlopen could have loaded a library with tainted library name even if $SAFE > 0 (bsc#939860). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-ruby19-12180=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): ruby19-1.9.3.p392-0.23.1 ruby19-devel-1.9.3.p392-0.23.1 ruby19-devel-extra-1.9.3.p392-0.23.1 References: https://www.suse.com/security/cve/CVE-2009-5147.html https://www.suse.com/security/cve/CVE-2015-1855.html https://bugzilla.suse.com/926974 https://bugzilla.suse.com/939860 From sle-updates at lists.suse.com Mon Nov 2 09:12:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 17:12:47 +0100 (CET) Subject: SUSE-SU-2015:1885-2: moderate: Security update for apache2 Message-ID: <20151102161247.36FB8320F0@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1885-2 Rating: moderate References: #444878 #931002 #938728 #941676 Cross-References: CVE-2015-3183 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: Apache was updated to fix one security vulnerability and two bugs. Following security issue was fixed. - Fix the chunked transfer coding implementation in the Apache (bsc#938728, CVE-2015-3183) Bugs fixed: - add SSLSessionTickets directive (bsc#941676) - hardcode modules %files (bsc#444878) - only enable the port 443 for TCP protocol, not UDP. (bsc#931002) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-apache2-12181=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-apache2-12181=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-apache2-12181=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-apache2-12181=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-apache2-12181=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-apache2-12181=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-apache2-12181=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-apache2-12181=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): apache2-devel-2.2.12-59.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 s390x x86_64): apache2-devel-2.2.12-59.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 s390x x86_64): apache2-devel-2.2.12-59.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Server 11-SP4 (i586 s390x x86_64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Server 11-SP3 (i586 s390x x86_64): apache2-2.2.12-59.1 apache2-doc-2.2.12-59.1 apache2-example-pages-2.2.12-59.1 apache2-prefork-2.2.12-59.1 apache2-utils-2.2.12-59.1 apache2-worker-2.2.12-59.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): apache2-debuginfo-2.2.12-59.1 apache2-debugsource-2.2.12-59.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): apache2-debuginfo-2.2.12-59.1 apache2-debugsource-2.2.12-59.1 References: https://www.suse.com/security/cve/CVE-2015-3183.html https://bugzilla.suse.com/444878 https://bugzilla.suse.com/931002 https://bugzilla.suse.com/938728 https://bugzilla.suse.com/941676 From sle-updates at lists.suse.com Mon Nov 2 10:10:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 2 Nov 2015 18:10:57 +0100 (CET) Subject: SUSE-SU-2015:1890-1: Security update for openstack-neutron and crowbar-barclamp-neutron Message-ID: <20151102171057.450C9320F0@maintenance.suse.de> SUSE Security Update: Security update for openstack-neutron and crowbar-barclamp-neutron ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1890-1 Rating: low References: #935263 #939691 #943648 #946882 #948704 Cross-References: CVE-2015-3221 CVE-2015-5240 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update provides security fixes and improvements for openstack-neutron and crowbar-barclamp-neutron. crowbar-barclamp-neutron: - Add infoblox support. - Add configurations required to support DHCP relay. - Create "floating" network as "flat" provider network. (bsc#946882) - Fix search for Nova instance. openstack-neutron: - Fix usage_audit to work with ML2. - Fix UDP offloading issue with virtio VMs. (bsc#948704) - Fix ipset can't be destroyed when last rule is deleted. - Add ARP spoofing protection for LinuxBridge agent. - Don't use ARP responder for IPv6 addresses in ovs. - Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-neutron-201510-12183=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-neutron-2014.2.4~a0~dev103-16.2 openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2 openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2 openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2 openstack-neutron-server-2014.2.4~a0~dev103-16.2 openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2 python-neutron-2014.2.4~a0~dev103-16.2 - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2 openstack-neutron-doc-2014.2.4~a0~dev103-16.4 References: https://www.suse.com/security/cve/CVE-2015-3221.html https://www.suse.com/security/cve/CVE-2015-5240.html https://bugzilla.suse.com/935263 https://bugzilla.suse.com/939691 https://bugzilla.suse.com/943648 https://bugzilla.suse.com/946882 https://bugzilla.suse.com/948704 From sle-updates at lists.suse.com Tue Nov 3 03:10:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Nov 2015 11:10:56 +0100 (CET) Subject: SUSE-SU-2015:1892-1: moderate: Security update for libvdpau Message-ID: <20151103101056.6C210320AA@maintenance.suse.de> SUSE Security Update: Security update for libvdpau ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1892-1 Rating: moderate References: #943967 #943968 #943969 Cross-References: CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: libvdpau was updated to use secure_getenv() instead of getenv() for several variables so it can be more safely used in setuid applications. * CVE-2015-5198: libvdpau: incorrect check for security transition (bnc#943967) * CVE-2015-5199: libvdpau: directory traversal in dlopen (bnc#943968) * CVE-2015-5200: libvdpau: vulnerability in trace functionality (bnc#943969) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-788=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-788=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-788=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-788=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libvdpau1-32bit-0.8-3.1 libvdpau1-debuginfo-32bit-0.8-3.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libvdpau-debugsource-0.8-3.1 libvdpau-devel-0.8-3.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libvdpau-debugsource-0.8-3.1 libvdpau1-0.8-3.1 libvdpau1-debuginfo-0.8-3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libvdpau-debugsource-0.8-3.1 libvdpau1-0.8-3.1 libvdpau1-32bit-0.8-3.1 libvdpau1-debuginfo-0.8-3.1 libvdpau1-debuginfo-32bit-0.8-3.1 References: https://www.suse.com/security/cve/CVE-2015-5198.html https://www.suse.com/security/cve/CVE-2015-5199.html https://www.suse.com/security/cve/CVE-2015-5200.html https://bugzilla.suse.com/943967 https://bugzilla.suse.com/943968 https://bugzilla.suse.com/943969 From sle-updates at lists.suse.com Tue Nov 3 03:11:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Nov 2015 11:11:41 +0100 (CET) Subject: SUSE-RU-2015:1893-1: Recommended update for tracker Message-ID: <20151103101141.31336320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for tracker ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1893-1 Rating: low References: #948805 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for tracker fixes a potential segmentation fault in tracker-miner-fs, caused by incorrect handling of asynchronous queries. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-787=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-787=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-787=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-787=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libtracker-extract-0_16-0-0.16.4-6.1 libtracker-extract-0_16-0-debuginfo-0.16.4-6.1 libtracker-miner-0_16-0-0.16.4-6.1 libtracker-miner-0_16-0-debuginfo-0.16.4-6.1 tracker-0.16.4-6.1 tracker-debuginfo-0.16.4-6.1 tracker-debugsource-0.16.4-6.1 tracker-extras-debugsource-0.16.4-6.2 tracker-gui-0.16.4-6.2 tracker-gui-debuginfo-0.16.4-6.2 tracker-miner-files-0.16.4-6.1 tracker-miner-files-debuginfo-0.16.4-6.1 typelib-1_0-Tracker-0_16-0.16.4-6.1 typelib-1_0-TrackerMiner-0_16-0.16.4-6.1 - SUSE Linux Enterprise Workstation Extension 12 (noarch): tracker-lang-0.16.4-6.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libtracker-extract-0_16-0-0.16.4-6.1 libtracker-extract-0_16-0-debuginfo-0.16.4-6.1 libtracker-miner-0_16-0-0.16.4-6.1 libtracker-miner-0_16-0-debuginfo-0.16.4-6.1 tracker-debuginfo-0.16.4-6.1 tracker-debugsource-0.16.4-6.1 tracker-devel-0.16.4-6.1 typelib-1_0-Tracker-0_16-0.16.4-6.1 typelib-1_0-TrackerExtract-0_16-0.16.4-6.1 typelib-1_0-TrackerMiner-0_16-0.16.4-6.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libtracker-common-0_16-0-0.16.4-6.1 libtracker-common-0_16-0-debuginfo-0.16.4-6.1 libtracker-sparql-0_16-0-0.16.4-6.1 libtracker-sparql-0_16-0-debuginfo-0.16.4-6.1 tracker-debuginfo-0.16.4-6.1 tracker-debugsource-0.16.4-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libtracker-common-0_16-0-0.16.4-6.1 libtracker-common-0_16-0-debuginfo-0.16.4-6.1 libtracker-extract-0_16-0-0.16.4-6.1 libtracker-extract-0_16-0-debuginfo-0.16.4-6.1 libtracker-miner-0_16-0-0.16.4-6.1 libtracker-miner-0_16-0-debuginfo-0.16.4-6.1 libtracker-sparql-0_16-0-0.16.4-6.1 libtracker-sparql-0_16-0-debuginfo-0.16.4-6.1 tracker-0.16.4-6.1 tracker-debuginfo-0.16.4-6.1 tracker-debugsource-0.16.4-6.1 tracker-extras-debugsource-0.16.4-6.2 tracker-gui-0.16.4-6.2 tracker-gui-debuginfo-0.16.4-6.2 tracker-miner-files-0.16.4-6.1 tracker-miner-files-debuginfo-0.16.4-6.1 typelib-1_0-Tracker-0_16-0.16.4-6.1 typelib-1_0-TrackerMiner-0_16-0.16.4-6.1 - SUSE Linux Enterprise Desktop 12 (noarch): tracker-lang-0.16.4-6.1 References: https://bugzilla.suse.com/948805 From sle-updates at lists.suse.com Tue Nov 3 03:12:05 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Nov 2015 11:12:05 +0100 (CET) Subject: SUSE-SU-2015:1894-1: important: Security update for xen Message-ID: <20151103101205.5903C320F0@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1894-1 Rating: important References: #877642 #901488 #907514 #910258 #918984 #923967 #932267 #944463 #944697 #945167 #947165 #949138 #949549 #950367 #950703 #950705 #950706 Cross-References: CVE-2014-0222 CVE-2015-4037 CVE-2015-5239 CVE-2015-6815 CVE-2015-7311 CVE-2015-7835 CVE-2015-7969 CVE-2015-7971 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 9 fixes is now available. Description: xen was updated to version 4.4.3 to fix nine security issues. These security issues were fixed: - CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267). - CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367). - CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697). - CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703). - CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705). - CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706). These non-security issues were fixed: - bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed - bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed - bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed - bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores - bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors - bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort - bsc#949549: xm create hangs when maxmen value is enclosed in quotes Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-12184=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-12184=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-xen-12184=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-12184=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.3_02-26.2 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.3_02_3.0.101_65-26.2 xen-libs-4.4.3_02-26.2 xen-tools-domU-4.4.3_02-26.2 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.3_02-26.2 xen-doc-html-4.4.3_02-26.2 xen-libs-32bit-4.4.3_02-26.2 xen-tools-4.4.3_02-26.2 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.3_02_3.0.101_65-26.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): xen-kmp-default-4.4.3_02_3.0.101_65-26.2 xen-libs-4.4.3_02-26.2 xen-tools-domU-4.4.3_02-26.2 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): xen-4.4.3_02-26.2 xen-doc-html-4.4.3_02-26.2 xen-libs-32bit-4.4.3_02-26.2 xen-tools-4.4.3_02-26.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586): xen-kmp-pae-4.4.3_02_3.0.101_65-26.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.3_02-26.2 xen-debugsource-4.4.3_02-26.2 References: https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2015-4037.html https://www.suse.com/security/cve/CVE-2015-5239.html https://www.suse.com/security/cve/CVE-2015-6815.html https://www.suse.com/security/cve/CVE-2015-7311.html https://www.suse.com/security/cve/CVE-2015-7835.html https://www.suse.com/security/cve/CVE-2015-7969.html https://www.suse.com/security/cve/CVE-2015-7971.html https://bugzilla.suse.com/877642 https://bugzilla.suse.com/901488 https://bugzilla.suse.com/907514 https://bugzilla.suse.com/910258 https://bugzilla.suse.com/918984 https://bugzilla.suse.com/923967 https://bugzilla.suse.com/932267 https://bugzilla.suse.com/944463 https://bugzilla.suse.com/944697 https://bugzilla.suse.com/945167 https://bugzilla.suse.com/947165 https://bugzilla.suse.com/949138 https://bugzilla.suse.com/949549 https://bugzilla.suse.com/950367 https://bugzilla.suse.com/950703 https://bugzilla.suse.com/950705 https://bugzilla.suse.com/950706 From sle-updates at lists.suse.com Tue Nov 3 07:10:42 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Nov 2015 15:10:42 +0100 (CET) Subject: SUSE-RU-2015:1895-1: moderate: Recommended update for amazon-ecs-init Message-ID: <20151103141042.08F20320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for amazon-ecs-init ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1895-1 Rating: moderate References: #949602 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Amazon ECS Init was updated to version 1.5.0 (bsc#949602) * Enhancement - Cache Agent version 1.5.0 * Enhancement - Improved merge strategy for user-supplied environment * Enhancement - Add default supported logging drivers Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2015-790=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (x86_64): amazon-ecs-init-1.5.0-9.1 References: https://bugzilla.suse.com/949602 From sle-updates at lists.suse.com Tue Nov 3 07:11:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Nov 2015 15:11:01 +0100 (CET) Subject: SUSE-RU-2015:1896-1: Recommended update for aaa_base Message-ID: <20151103141101.B14E8320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1896-1 Rating: low References: #907873 #915259 #921172 #926049 #928398 #932456 #942734 #950892 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update for aaa_base provides the following fixes: - Remove references to suseconfig and unused variables. (bsc#942734) - Do not insert spaces at start of string in sysconf_addword. (bsc#932456) - Fix suse.de-backup-rc.config to trigger also if only files that have spaces in their name changes. (bsc#915259) - Avoid sourcing /etc/bash_completion.d twice. (bsc#907873) - Even if GDM has done language setup the personal .i18n should be sourced. (bsc#950892) - Correct the boolean test in /etc/profile.d/lang.sh. - Handle also command lines starting with the env command as this is used by Gnome xsessions. (bsc#921172) - Add SOCKS5_SERVER and socks_proxy to proxy settings. (bsc#928398) - Allow SysRq dump by default. (bsc#926049) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-791=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-791=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-791=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): aaa_base-debuginfo-13.2+git20140911.61c1681-9.1 aaa_base-debugsource-13.2+git20140911.61c1681-9.1 aaa_base-malloccheck-13.2+git20140911.61c1681-9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): aaa_base-13.2+git20140911.61c1681-9.1 aaa_base-debuginfo-13.2+git20140911.61c1681-9.1 aaa_base-debugsource-13.2+git20140911.61c1681-9.1 aaa_base-extras-13.2+git20140911.61c1681-9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): aaa_base-13.2+git20140911.61c1681-9.1 aaa_base-debuginfo-13.2+git20140911.61c1681-9.1 aaa_base-debugsource-13.2+git20140911.61c1681-9.1 aaa_base-extras-13.2+git20140911.61c1681-9.1 References: https://bugzilla.suse.com/907873 https://bugzilla.suse.com/915259 https://bugzilla.suse.com/921172 https://bugzilla.suse.com/926049 https://bugzilla.suse.com/928398 https://bugzilla.suse.com/932456 https://bugzilla.suse.com/942734 https://bugzilla.suse.com/950892 From sle-updates at lists.suse.com Wed Nov 4 02:11:30 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Nov 2015 10:11:30 +0100 (CET) Subject: SUSE-SU-2015:1897-1: important: Security update for krb5 Message-ID: <20151104091130.5AE9F320F0@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1897-1 Rating: important References: #948011 #952188 #952189 #952190 Cross-References: CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: krb5 was updated to fix three security issues. These security issues were fixed: - CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952188). - CVE-2015-2696: Applications which call gss_inquire_context() on a partially-established IAKERB context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952189). - CVE-2015-2697: Incorrect string handling in build_principal_va can lead to DOS (bsc#952190). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-792=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-792=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-792=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): krb5-debuginfo-1.12.1-19.1 krb5-debugsource-1.12.1-19.1 krb5-devel-1.12.1-19.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): krb5-1.12.1-19.1 krb5-client-1.12.1-19.1 krb5-client-debuginfo-1.12.1-19.1 krb5-debuginfo-1.12.1-19.1 krb5-debugsource-1.12.1-19.1 krb5-doc-1.12.1-19.1 krb5-plugin-kdb-ldap-1.12.1-19.1 krb5-plugin-kdb-ldap-debuginfo-1.12.1-19.1 krb5-plugin-preauth-otp-1.12.1-19.1 krb5-plugin-preauth-otp-debuginfo-1.12.1-19.1 krb5-plugin-preauth-pkinit-1.12.1-19.1 krb5-plugin-preauth-pkinit-debuginfo-1.12.1-19.1 krb5-server-1.12.1-19.1 krb5-server-debuginfo-1.12.1-19.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): krb5-32bit-1.12.1-19.1 krb5-debuginfo-32bit-1.12.1-19.1 - SUSE Linux Enterprise Desktop 12 (x86_64): krb5-1.12.1-19.1 krb5-32bit-1.12.1-19.1 krb5-client-1.12.1-19.1 krb5-client-debuginfo-1.12.1-19.1 krb5-debuginfo-1.12.1-19.1 krb5-debuginfo-32bit-1.12.1-19.1 krb5-debugsource-1.12.1-19.1 References: https://www.suse.com/security/cve/CVE-2015-2695.html https://www.suse.com/security/cve/CVE-2015-2696.html https://www.suse.com/security/cve/CVE-2015-2697.html https://bugzilla.suse.com/948011 https://bugzilla.suse.com/952188 https://bugzilla.suse.com/952189 https://bugzilla.suse.com/952190 From sle-updates at lists.suse.com Wed Nov 4 03:11:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Nov 2015 11:11:16 +0100 (CET) Subject: SUSE-SU-2015:1898-1: important: Security update for krb5 Message-ID: <20151104101116.3D739320F0@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1898-1 Rating: important References: #952188 Cross-References: CVE-2015-2695 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: krb5 was updated to fix one security issue. This security issue was fixed: - CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-krb5-12185=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-krb5-12185=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-krb5-12185=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-krb5-12185=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-krb5-12185=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-krb5-12185=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-krb5-12185=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-krb5-12185=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.97.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): krb5-server-1.6.3-133.49.97.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.97.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): krb5-server-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): krb5-1.6.3-133.49.97.1 krb5-apps-clients-1.6.3-133.49.97.1 krb5-apps-servers-1.6.3-133.49.97.1 krb5-client-1.6.3-133.49.97.1 krb5-plugin-kdb-ldap-1.6.3-133.49.97.3 krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3 krb5-server-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): krb5-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): krb5-doc-1.6.3-133.49.97.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.97.1 krb5-apps-clients-1.6.3-133.49.97.1 krb5-apps-servers-1.6.3-133.49.97.1 krb5-client-1.6.3-133.49.97.1 krb5-plugin-kdb-ldap-1.6.3-133.49.97.3 krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3 krb5-server-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): krb5-doc-1.6.3-133.49.97.3 - SUSE Linux Enterprise Server 11-SP4 (ia64): krb5-x86-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.97.1 krb5-apps-clients-1.6.3-133.49.97.1 krb5-apps-servers-1.6.3-133.49.97.1 krb5-client-1.6.3-133.49.97.1 krb5-plugin-kdb-ldap-1.6.3-133.49.97.3 krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3 krb5-server-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): krb5-doc-1.6.3-133.49.97.3 - SUSE Linux Enterprise Server 11-SP3 (ia64): krb5-x86-1.6.3-133.49.97.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): krb5-1.6.3-133.49.97.1 krb5-client-1.6.3-133.49.97.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): krb5-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): krb5-1.6.3-133.49.97.1 krb5-client-1.6.3-133.49.97.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): krb5-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-debuginfo-1.6.3-133.49.97.1 krb5-debugsource-1.6.3-133.49.97.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): krb5-debuginfo-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): krb5-debuginfo-x86-1.6.3-133.49.97.1 References: https://www.suse.com/security/cve/CVE-2015-2695.html https://bugzilla.suse.com/952188 From sle-updates at lists.suse.com Wed Nov 4 04:11:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Nov 2015 12:11:01 +0100 (CET) Subject: SUSE-RU-2015:1899-1: moderate: Recommended update for yast2-fcoe-client Message-ID: <20151104111101.856C1320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-fcoe-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1899-1 Rating: moderate References: #838739 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The YaST module for fiber channel over ethernet was updated to increase number of retries for fipvlan to try harder to connect (bnc#838739) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-fcoe-client-12186=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-fcoe-client-12186=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): yast2-fcoe-client-2.17.26-10.3.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): yast2-fcoe-client-2.17.26-10.3.1 References: https://bugzilla.suse.com/838739 From sle-updates at lists.suse.com Wed Nov 4 09:13:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Nov 2015 17:13:13 +0100 (CET) Subject: SUSE-SU-2015:1908-1: important: Security update for xen Message-ID: <20151104161313.D28C0320F0@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1908-1 Rating: important References: #877642 #901488 #907514 #910258 #918984 #923967 #932267 #944463 #944697 #945167 #947165 #949138 #950367 #950703 #950705 #950706 Cross-References: CVE-2014-0222 CVE-2015-4037 CVE-2015-5239 CVE-2015-6815 CVE-2015-7311 CVE-2015-7835 CVE-2015-7969 CVE-2015-7971 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 8 fixes is now available. Description: xen was updated to version 4.4.3 to fix nine security issues. These security issues were fixed: - CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267). - CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367). - CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697). - CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703). - CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705). - CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706). These non-security issues were fixed: - bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed - bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed - bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed - bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores - bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors - bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-795=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-795=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-795=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (x86_64): xen-debugsource-4.4.3_02-22.12.1 xen-devel-4.4.3_02-22.12.1 - SUSE Linux Enterprise Server 12 (x86_64): xen-4.4.3_02-22.12.1 xen-debugsource-4.4.3_02-22.12.1 xen-doc-html-4.4.3_02-22.12.1 xen-kmp-default-4.4.3_02_k3.12.48_52.27-22.12.1 xen-kmp-default-debuginfo-4.4.3_02_k3.12.48_52.27-22.12.1 xen-libs-32bit-4.4.3_02-22.12.1 xen-libs-4.4.3_02-22.12.1 xen-libs-debuginfo-32bit-4.4.3_02-22.12.1 xen-libs-debuginfo-4.4.3_02-22.12.1 xen-tools-4.4.3_02-22.12.1 xen-tools-debuginfo-4.4.3_02-22.12.1 xen-tools-domU-4.4.3_02-22.12.1 xen-tools-domU-debuginfo-4.4.3_02-22.12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): xen-4.4.3_02-22.12.1 xen-debugsource-4.4.3_02-22.12.1 xen-kmp-default-4.4.3_02_k3.12.48_52.27-22.12.1 xen-kmp-default-debuginfo-4.4.3_02_k3.12.48_52.27-22.12.1 xen-libs-32bit-4.4.3_02-22.12.1 xen-libs-4.4.3_02-22.12.1 xen-libs-debuginfo-32bit-4.4.3_02-22.12.1 xen-libs-debuginfo-4.4.3_02-22.12.1 References: https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2015-4037.html https://www.suse.com/security/cve/CVE-2015-5239.html https://www.suse.com/security/cve/CVE-2015-6815.html https://www.suse.com/security/cve/CVE-2015-7311.html https://www.suse.com/security/cve/CVE-2015-7835.html https://www.suse.com/security/cve/CVE-2015-7969.html https://www.suse.com/security/cve/CVE-2015-7971.html https://bugzilla.suse.com/877642 https://bugzilla.suse.com/901488 https://bugzilla.suse.com/907514 https://bugzilla.suse.com/910258 https://bugzilla.suse.com/918984 https://bugzilla.suse.com/923967 https://bugzilla.suse.com/932267 https://bugzilla.suse.com/944463 https://bugzilla.suse.com/944697 https://bugzilla.suse.com/945167 https://bugzilla.suse.com/947165 https://bugzilla.suse.com/949138 https://bugzilla.suse.com/950367 https://bugzilla.suse.com/950703 https://bugzilla.suse.com/950705 https://bugzilla.suse.com/950706 From sle-updates at lists.suse.com Wed Nov 4 10:10:58 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Nov 2015 18:10:58 +0100 (CET) Subject: SUSE-RU-2015:1914-1: moderate: Recommended update for kde4-kupdateapplet Message-ID: <20151104171058.9374A320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for kde4-kupdateapplet ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1914-1 Rating: moderate References: #946027 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the KDE Update Applet adds support to dir:// based repositories as well as file:// based ones. Also, for non-standard URIs (like cd, dvd) or when download fails, switch to the old heuristic and search for Update (or Patch) in the repository alias/name. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kde4-kupdateapplet-12187=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-kde4-kupdateapplet-12187=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kde4-kupdateapplet-12187=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kde4-kupdateapplet-0.8.51-0.13.1 kde4-kupdateapplet-packagekit-0.8.51-0.13.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): kde4-kupdateapplet-0.8.51-0.13.1 kde4-kupdateapplet-packagekit-0.8.51-0.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kde4-kupdateapplet-debuginfo-0.8.51-0.13.1 kde4-kupdateapplet-debugsource-0.8.51-0.13.1 References: https://bugzilla.suse.com/946027 From sle-updates at lists.suse.com Thu Nov 5 01:11:05 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 5 Nov 2015 09:11:05 +0100 (CET) Subject: SUSE-SU-2015:1915-1: moderate: Recommended update for LibreOffice Message-ID: <20151105081105.E87A1320F0@maintenance.suse.de> SUSE Security Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1915-1 Rating: moderate References: #470073 #806250 #829430 #890735 #900186 #900877 #907966 #910805 #910806 #913042 #914911 #915996 #916181 #918852 #919409 #926375 #929793 #934423 #936188 #936190 #940838 #943075 #945692 Cross-References: CVE-2014-8146 CVE-2014-8147 CVE-2015-1774 CVE-2015-4551 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has 16 fixes is now available. Description: This update brings LibreOffice to version 5.0.2, a major version update. It brings lots of new features, bugfixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ * LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module, Calc: complex formulae image cropping, new functions, more powerful conditional formatting, table addressing and much more. Calc's blend of performance and features makes it an enterprise-ready, heavy duty spreadsheet application capable of handling all kinds of workload for an impressive range of use cases * New icons, major improvements to menus and sidebar : no other LibreOffice version has looked that good and helped you be creative and get things done the right way. In addition, style management is now more intuitive thanks to the visualization of styles right in the interface. * LibreOffice 5 ships with numerous improvements to document import and export filters for MS Office, PDF, RTF, and more. You can now timestamp PDF documents generated with LibreOffice and enjoy enhanced document conversion fidelity all around. The Pentaho Flow Reporting Engine is now added and used. Security issues fixed: * CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. * CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. * CVE-2015-4551: An arbitrary file disclosure vulnerability in Libreoffice and Openoffice Calc and Writer was fixed. * CVE-2015-1774: The HWP filter in LibreOffice allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggered an out-of-bounds write. * CVE-2015-5212: A LibreOffice "PrinterSetup Length" integer underflow vulnerability could be used by attackers supplying documents to execute code as the user opening the document. * CVE-2015-5213: A LibreOffice "Piece Table Counter" invalid check design error vulnerability allowed attackers supplying documents to execute code as the user opening the document. * CVE-2015-5214: Multiple Vendor LibreOffice Bookmark Status Memory Corruption Vulnerability allowed attackers supplying documents to execute code as the user opening the document. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-797=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-797=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-797=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-797=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): cmis-client-debuginfo-0.5.0-5.1 cmis-client-debugsource-0.5.0-5.1 hyphen-debugsource-2.8.8-9.1 libabw-0_1-1-0.1.1-5.3 libabw-0_1-1-debuginfo-0.1.1-5.3 libabw-debugsource-0.1.1-5.3 libcdr-0_1-1-0.1.1-5.3 libcdr-0_1-1-debuginfo-0.1.1-5.3 libcdr-debugsource-0.1.1-5.3 libcmis-0_5-5-0.5.0-5.1 libcmis-0_5-5-debuginfo-0.5.0-5.1 libe-book-0_1-1-0.1.2-4.2 libe-book-0_1-1-debuginfo-0.1.2-4.2 libe-book-debugsource-0.1.2-4.2 libetonyek-0_1-1-0.1.3-3.5 libetonyek-0_1-1-debuginfo-0.1.3-3.5 libetonyek-debugsource-0.1.3-3.5 libfreehand-0_1-1-0.1.1-4.9 libfreehand-0_1-1-debuginfo-0.1.1-4.9 libfreehand-debugsource-0.1.1-4.9 libgltf-0_0-0-0.0.1-2.1 libgltf-0_0-0-debuginfo-0.0.1-2.1 libgltf-debugsource-0.0.1-2.1 libhyphen0-2.8.8-9.1 libhyphen0-debuginfo-2.8.8-9.1 libixion-0_10-0-0.9.1-3.1 libixion-0_10-0-debuginfo-0.9.1-3.1 libixion-debugsource-0.9.1-3.1 liblangtag-debugsource-0.5.7-3.1 liblangtag1-0.5.7-3.1 liblangtag1-debuginfo-0.5.7-3.1 libmspub-0_1-1-0.1.2-5.1 libmspub-0_1-1-debuginfo-0.1.2-5.1 libmspub-debugsource-0.1.2-5.1 libmwaw-0_3-3-0.3.6-3.3 libmwaw-0_3-3-debuginfo-0.3.6-3.3 libmwaw-debugsource-0.3.6-3.3 libodfgen-0_1-1-0.1.4-3.9 libodfgen-0_1-1-debuginfo-0.1.4-3.9 libodfgen-debugsource-0.1.4-3.9 liborcus-0_8-0-0.7.1-3.1 liborcus-0_8-0-debuginfo-0.7.1-3.1 liborcus-debugsource-0.7.1-3.1 libpagemaker-0_0-0-0.0.2-2.3 libpagemaker-0_0-0-debuginfo-0.0.2-2.3 libpagemaker-debugsource-0.0.2-2.3 libreoffice-5.0.2.2-13.14 libreoffice-base-5.0.2.2-13.14 libreoffice-base-debuginfo-5.0.2.2-13.14 libreoffice-base-drivers-mysql-5.0.2.2-13.14 libreoffice-base-drivers-mysql-debuginfo-5.0.2.2-13.14 libreoffice-base-drivers-postgresql-5.0.2.2-13.14 libreoffice-base-drivers-postgresql-debuginfo-5.0.2.2-13.14 libreoffice-calc-5.0.2.2-13.14 libreoffice-calc-debuginfo-5.0.2.2-13.14 libreoffice-calc-extensions-5.0.2.2-13.14 libreoffice-debuginfo-5.0.2.2-13.14 libreoffice-debugsource-5.0.2.2-13.14 libreoffice-draw-5.0.2.2-13.14 libreoffice-draw-debuginfo-5.0.2.2-13.14 libreoffice-filters-optional-5.0.2.2-13.14 libreoffice-gnome-5.0.2.2-13.14 libreoffice-gnome-debuginfo-5.0.2.2-13.14 libreoffice-impress-5.0.2.2-13.14 libreoffice-impress-debuginfo-5.0.2.2-13.14 libreoffice-mailmerge-5.0.2.2-13.14 libreoffice-math-5.0.2.2-13.14 libreoffice-math-debuginfo-5.0.2.2-13.14 libreoffice-officebean-5.0.2.2-13.14 libreoffice-officebean-debuginfo-5.0.2.2-13.14 libreoffice-pyuno-5.0.2.2-13.14 libreoffice-pyuno-debuginfo-5.0.2.2-13.14 libreoffice-voikko-4.1-6.3 libreoffice-voikko-debuginfo-4.1-6.3 libreoffice-writer-5.0.2.2-13.14 libreoffice-writer-debuginfo-5.0.2.2-13.14 libreoffice-writer-extensions-5.0.2.2-13.14 librevenge-0_0-0-0.0.2-4.1 librevenge-0_0-0-debuginfo-0.0.2-4.1 librevenge-debugsource-0.0.2-4.1 librevenge-stream-0_0-0-0.0.2-4.1 librevenge-stream-0_0-0-debuginfo-0.0.2-4.1 libvisio-0_1-1-0.1.3-4.3 libvisio-0_1-1-debuginfo-0.1.3-4.3 libvisio-debugsource-0.1.3-4.3 libvoikko-debugsource-3.7.1-3.1 libvoikko1-3.7.1-3.1 libvoikko1-debuginfo-3.7.1-3.1 libwps-0_4-4-0.4.1-3.1 libwps-0_4-4-debuginfo-0.4.1-3.1 libwps-debugsource-0.4.1-3.1 myspell-dictionaries-20150827-5.1 - SUSE Linux Enterprise Workstation Extension 12 (noarch): apache-commons-logging-1.1.3-7.1 flute-1.3.0-4.2 libbase-1.1.3-4.3 libfonts-1.1.3-4.9 libformula-1.1.3-4.3 liblayout-0.2.10-4.8 libloader-1.1.3-3.2 libreoffice-icon-theme-tango-5.0.2.2-13.14 libreoffice-l10n-af-5.0.2.2-13.14 libreoffice-l10n-ar-5.0.2.2-13.14 libreoffice-l10n-ca-5.0.2.2-13.14 libreoffice-l10n-cs-5.0.2.2-13.14 libreoffice-l10n-da-5.0.2.2-13.14 libreoffice-l10n-de-5.0.2.2-13.14 libreoffice-l10n-en-5.0.2.2-13.14 libreoffice-l10n-es-5.0.2.2-13.14 libreoffice-l10n-fi-5.0.2.2-13.14 libreoffice-l10n-fr-5.0.2.2-13.14 libreoffice-l10n-gu-5.0.2.2-13.14 libreoffice-l10n-hi-5.0.2.2-13.14 libreoffice-l10n-hu-5.0.2.2-13.14 libreoffice-l10n-it-5.0.2.2-13.14 libreoffice-l10n-ja-5.0.2.2-13.14 libreoffice-l10n-ko-5.0.2.2-13.14 libreoffice-l10n-nb-5.0.2.2-13.14 libreoffice-l10n-nl-5.0.2.2-13.14 libreoffice-l10n-nn-5.0.2.2-13.14 libreoffice-l10n-pl-5.0.2.2-13.14 libreoffice-l10n-pt-BR-5.0.2.2-13.14 libreoffice-l10n-pt-PT-5.0.2.2-13.14 libreoffice-l10n-ru-5.0.2.2-13.14 libreoffice-l10n-sk-5.0.2.2-13.14 libreoffice-l10n-sv-5.0.2.2-13.14 libreoffice-l10n-xh-5.0.2.2-13.14 libreoffice-l10n-zh-Hans-5.0.2.2-13.14 libreoffice-l10n-zh-Hant-5.0.2.2-13.14 libreoffice-l10n-zu-5.0.2.2-13.14 libreoffice-share-linker-1-2.1 librepository-1.1.3-4.3 libserializer-1.1.2-4.3 malaga-suomi-1.18-3.2 myspell-af_ZA-20150827-5.1 myspell-ar-20150827-5.1 myspell-be_BY-20150827-5.1 myspell-bg_BG-20150827-5.1 myspell-bn_BD-20150827-5.1 myspell-bs_BA-20150827-5.1 myspell-ca-20150827-5.1 myspell-cs_CZ-20150827-5.1 myspell-da_DK-20150827-5.1 myspell-de-20150827-5.1 myspell-el_GR-20150827-5.1 myspell-en-20150827-5.1 myspell-es-20150827-5.1 myspell-et_EE-20150827-5.1 myspell-fr_FR-20150827-5.1 myspell-gu_IN-20150827-5.1 myspell-he_IL-20150827-5.1 myspell-hi_IN-20150827-5.1 myspell-hr_HR-20150827-5.1 myspell-hu_HU-20150827-5.1 myspell-it_IT-20150827-5.1 myspell-lo_LA-20150827-5.1 myspell-lt_LT-20150827-5.1 myspell-lv_LV-20150827-5.1 myspell-nl_NL-20150827-5.1 myspell-no-20150827-5.1 myspell-pl_PL-20150827-5.1 myspell-pt_BR-20150827-5.1 myspell-pt_PT-20150827-5.1 myspell-ro-20150827-5.1 myspell-ru_RU-20150827-5.1 myspell-sk_SK-20150827-5.1 myspell-sl_SI-20150827-5.1 myspell-sr-20150827-5.1 myspell-sv_SE-20150827-5.1 myspell-te_IN-20150827-5.1 myspell-th_TH-20150827-5.1 myspell-vi-20150827-5.1 myspell-zu_ZA-20150827-5.1 pentaho-libxml-1.1.3-4.3 pentaho-reporting-flow-engine-0.9.4-4.5 sac-1.3-4.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): cmis-client-debuginfo-0.5.0-5.1 cmis-client-debugsource-0.5.0-5.1 graphite2-debuginfo-1.3.1-3.1 graphite2-debugsource-1.3.1-3.1 graphite2-devel-1.3.1-3.1 hyphen-debugsource-2.8.8-9.1 hyphen-devel-2.8.8-9.1 libabw-debugsource-0.1.1-5.3 libabw-devel-0.1.1-5.3 libcdr-debugsource-0.1.1-5.3 libcdr-devel-0.1.1-5.3 libcmis-0_5-5-0.5.0-5.1 libcmis-0_5-5-debuginfo-0.5.0-5.1 libcmis-c-0_5-5-0.5.0-5.1 libcmis-c-0_5-5-debuginfo-0.5.0-5.1 libcmis-c-devel-0.5.0-5.1 libcmis-devel-0.5.0-5.1 libe-book-debugsource-0.1.2-4.2 libe-book-devel-0.1.2-4.2 libetonyek-debugsource-0.1.3-3.5 libetonyek-devel-0.1.3-3.5 libfreehand-debugsource-0.1.1-4.9 libfreehand-devel-0.1.1-4.9 libhyphen0-2.8.8-9.1 libhyphen0-debuginfo-2.8.8-9.1 libixion-0_10-0-0.9.1-3.1 libixion-0_10-0-debuginfo-0.9.1-3.1 libixion-debugsource-0.9.1-3.1 libixion-devel-0.9.1-3.1 liblangtag-debugsource-0.5.7-3.1 liblangtag-devel-0.5.7-3.1 liblangtag1-0.5.7-3.1 liblangtag1-debuginfo-0.5.7-3.1 libmspub-debugsource-0.1.2-5.1 libmspub-devel-0.1.2-5.1 libmwaw-debugsource-0.3.6-3.3 libmwaw-devel-0.3.6-3.3 libodfgen-debugsource-0.1.4-3.9 libodfgen-devel-0.1.4-3.9 liborcus-debugsource-0.7.1-3.1 liborcus-devel-0.7.1-3.1 librevenge-0_0-0-0.0.2-4.1 librevenge-0_0-0-debuginfo-0.0.2-4.1 librevenge-debugsource-0.0.2-4.1 librevenge-devel-0.0.2-4.1 librevenge-generators-0_0-0-0.0.2-4.1 librevenge-generators-0_0-0-debuginfo-0.0.2-4.1 librevenge-stream-0_0-0-0.0.2-4.1 librevenge-stream-0_0-0-debuginfo-0.0.2-4.1 libvisio-debugsource-0.1.3-4.3 libvisio-devel-0.1.3-4.3 libvoikko-debugsource-3.7.1-3.1 libvoikko-devel-3.7.1-3.1 libvoikko1-3.7.1-3.1 libvoikko1-debuginfo-3.7.1-3.1 libwps-debugsource-0.4.1-3.1 libwps-devel-0.4.1-3.1 - SUSE Linux Enterprise Software Development Kit 12 (noarch): libabw-devel-doc-0.1.1-5.3 libcdr-devel-doc-0.1.1-5.3 libe-book-devel-doc-0.1.2-4.2 libetonyek-devel-doc-0.1.3-3.5 libfreehand-devel-doc-0.1.1-4.9 libmspub-devel-doc-0.1.2-5.1 libmwaw-devel-doc-0.3.6-3.3 libodfgen-devel-doc-0.1.4-3.9 libvisio-devel-doc-0.1.3-4.3 malaga-suomi-1.18-3.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): graphite2-debuginfo-1.3.1-3.1 graphite2-debugsource-1.3.1-3.1 libgraphite2-3-1.3.1-3.1 libgraphite2-3-debuginfo-1.3.1-3.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgraphite2-3-32bit-1.3.1-3.1 libgraphite2-3-debuginfo-32bit-1.3.1-3.1 - SUSE Linux Enterprise Server 12 (noarch): apache-commons-logging-1.1.3-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cmis-client-debuginfo-0.5.0-5.1 cmis-client-debugsource-0.5.0-5.1 graphite2-debuginfo-1.3.1-3.1 graphite2-debugsource-1.3.1-3.1 hyphen-debugsource-2.8.8-9.1 libabw-0_1-1-0.1.1-5.3 libabw-0_1-1-debuginfo-0.1.1-5.3 libabw-debugsource-0.1.1-5.3 libcdr-0_1-1-0.1.1-5.3 libcdr-0_1-1-debuginfo-0.1.1-5.3 libcdr-debugsource-0.1.1-5.3 libcmis-0_5-5-0.5.0-5.1 libcmis-0_5-5-debuginfo-0.5.0-5.1 libe-book-0_1-1-0.1.2-4.2 libe-book-0_1-1-debuginfo-0.1.2-4.2 libe-book-debugsource-0.1.2-4.2 libetonyek-0_1-1-0.1.3-3.5 libetonyek-0_1-1-debuginfo-0.1.3-3.5 libetonyek-debugsource-0.1.3-3.5 libfreehand-0_1-1-0.1.1-4.9 libfreehand-0_1-1-debuginfo-0.1.1-4.9 libfreehand-debugsource-0.1.1-4.9 libgltf-0_0-0-0.0.1-2.1 libgltf-0_0-0-debuginfo-0.0.1-2.1 libgltf-debugsource-0.0.1-2.1 libgraphite2-3-1.3.1-3.1 libgraphite2-3-32bit-1.3.1-3.1 libgraphite2-3-debuginfo-1.3.1-3.1 libgraphite2-3-debuginfo-32bit-1.3.1-3.1 libhyphen0-2.8.8-9.1 libhyphen0-debuginfo-2.8.8-9.1 libixion-0_10-0-0.9.1-3.1 libixion-0_10-0-debuginfo-0.9.1-3.1 libixion-debugsource-0.9.1-3.1 liblangtag-debugsource-0.5.7-3.1 liblangtag1-0.5.7-3.1 liblangtag1-debuginfo-0.5.7-3.1 libmspub-0_1-1-0.1.2-5.1 libmspub-0_1-1-debuginfo-0.1.2-5.1 libmspub-debugsource-0.1.2-5.1 libmwaw-0_3-3-0.3.6-3.3 libmwaw-0_3-3-debuginfo-0.3.6-3.3 libmwaw-debugsource-0.3.6-3.3 libodfgen-0_1-1-0.1.4-3.9 libodfgen-0_1-1-debuginfo-0.1.4-3.9 libodfgen-debugsource-0.1.4-3.9 liborcus-0_8-0-0.7.1-3.1 liborcus-0_8-0-debuginfo-0.7.1-3.1 liborcus-debugsource-0.7.1-3.1 libpagemaker-0_0-0-0.0.2-2.3 libpagemaker-0_0-0-debuginfo-0.0.2-2.3 libpagemaker-debugsource-0.0.2-2.3 libreoffice-5.0.2.2-13.14 libreoffice-base-5.0.2.2-13.14 libreoffice-base-debuginfo-5.0.2.2-13.14 libreoffice-base-drivers-mysql-5.0.2.2-13.14 libreoffice-base-drivers-mysql-debuginfo-5.0.2.2-13.14 libreoffice-base-drivers-postgresql-5.0.2.2-13.14 libreoffice-base-drivers-postgresql-debuginfo-5.0.2.2-13.14 libreoffice-calc-5.0.2.2-13.14 libreoffice-calc-debuginfo-5.0.2.2-13.14 libreoffice-calc-extensions-5.0.2.2-13.14 libreoffice-debuginfo-5.0.2.2-13.14 libreoffice-debugsource-5.0.2.2-13.14 libreoffice-draw-5.0.2.2-13.14 libreoffice-draw-debuginfo-5.0.2.2-13.14 libreoffice-filters-optional-5.0.2.2-13.14 libreoffice-gnome-5.0.2.2-13.14 libreoffice-gnome-debuginfo-5.0.2.2-13.14 libreoffice-impress-5.0.2.2-13.14 libreoffice-impress-debuginfo-5.0.2.2-13.14 libreoffice-mailmerge-5.0.2.2-13.14 libreoffice-math-5.0.2.2-13.14 libreoffice-math-debuginfo-5.0.2.2-13.14 libreoffice-officebean-5.0.2.2-13.14 libreoffice-officebean-debuginfo-5.0.2.2-13.14 libreoffice-pyuno-5.0.2.2-13.14 libreoffice-pyuno-debuginfo-5.0.2.2-13.14 libreoffice-voikko-4.1-6.3 libreoffice-voikko-debuginfo-4.1-6.3 libreoffice-writer-5.0.2.2-13.14 libreoffice-writer-debuginfo-5.0.2.2-13.14 libreoffice-writer-extensions-5.0.2.2-13.14 librevenge-0_0-0-0.0.2-4.1 librevenge-0_0-0-debuginfo-0.0.2-4.1 librevenge-debugsource-0.0.2-4.1 librevenge-stream-0_0-0-0.0.2-4.1 librevenge-stream-0_0-0-debuginfo-0.0.2-4.1 libvisio-0_1-1-0.1.3-4.3 libvisio-0_1-1-debuginfo-0.1.3-4.3 libvisio-debugsource-0.1.3-4.3 libvoikko-debugsource-3.7.1-3.1 libvoikko1-3.7.1-3.1 libvoikko1-debuginfo-3.7.1-3.1 libwps-0_4-4-0.4.1-3.1 libwps-0_4-4-debuginfo-0.4.1-3.1 libwps-debugsource-0.4.1-3.1 myspell-dictionaries-20150827-5.1 - SUSE Linux Enterprise Desktop 12 (noarch): apache-commons-logging-1.1.3-7.1 flute-1.3.0-4.2 libbase-1.1.3-4.3 libfonts-1.1.3-4.9 libformula-1.1.3-4.3 liblayout-0.2.10-4.8 libloader-1.1.3-3.2 libreoffice-icon-theme-tango-5.0.2.2-13.14 libreoffice-l10n-af-5.0.2.2-13.14 libreoffice-l10n-ar-5.0.2.2-13.14 libreoffice-l10n-ca-5.0.2.2-13.14 libreoffice-l10n-cs-5.0.2.2-13.14 libreoffice-l10n-da-5.0.2.2-13.14 libreoffice-l10n-de-5.0.2.2-13.14 libreoffice-l10n-en-5.0.2.2-13.14 libreoffice-l10n-es-5.0.2.2-13.14 libreoffice-l10n-fi-5.0.2.2-13.14 libreoffice-l10n-fr-5.0.2.2-13.14 libreoffice-l10n-gu-5.0.2.2-13.14 libreoffice-l10n-hi-5.0.2.2-13.14 libreoffice-l10n-hu-5.0.2.2-13.14 libreoffice-l10n-it-5.0.2.2-13.14 libreoffice-l10n-ja-5.0.2.2-13.14 libreoffice-l10n-ko-5.0.2.2-13.14 libreoffice-l10n-nb-5.0.2.2-13.14 libreoffice-l10n-nl-5.0.2.2-13.14 libreoffice-l10n-nn-5.0.2.2-13.14 libreoffice-l10n-pl-5.0.2.2-13.14 libreoffice-l10n-pt-BR-5.0.2.2-13.14 libreoffice-l10n-pt-PT-5.0.2.2-13.14 libreoffice-l10n-ru-5.0.2.2-13.14 libreoffice-l10n-sk-5.0.2.2-13.14 libreoffice-l10n-sv-5.0.2.2-13.14 libreoffice-l10n-xh-5.0.2.2-13.14 libreoffice-l10n-zh-Hans-5.0.2.2-13.14 libreoffice-l10n-zh-Hant-5.0.2.2-13.14 libreoffice-l10n-zu-5.0.2.2-13.14 libreoffice-share-linker-1-2.1 librepository-1.1.3-4.3 libserializer-1.1.2-4.3 malaga-suomi-1.18-3.2 myspell-af_ZA-20150827-5.1 myspell-ar-20150827-5.1 myspell-be_BY-20150827-5.1 myspell-bg_BG-20150827-5.1 myspell-bn_BD-20150827-5.1 myspell-bs_BA-20150827-5.1 myspell-ca-20150827-5.1 myspell-cs_CZ-20150827-5.1 myspell-da_DK-20150827-5.1 myspell-de-20150827-5.1 myspell-el_GR-20150827-5.1 myspell-en-20150827-5.1 myspell-es-20150827-5.1 myspell-et_EE-20150827-5.1 myspell-fr_FR-20150827-5.1 myspell-gu_IN-20150827-5.1 myspell-he_IL-20150827-5.1 myspell-hi_IN-20150827-5.1 myspell-hr_HR-20150827-5.1 myspell-hu_HU-20150827-5.1 myspell-it_IT-20150827-5.1 myspell-lo_LA-20150827-5.1 myspell-lt_LT-20150827-5.1 myspell-lv_LV-20150827-5.1 myspell-nl_NL-20150827-5.1 myspell-no-20150827-5.1 myspell-pl_PL-20150827-5.1 myspell-pt_BR-20150827-5.1 myspell-pt_PT-20150827-5.1 myspell-ro-20150827-5.1 myspell-ru_RU-20150827-5.1 myspell-sk_SK-20150827-5.1 myspell-sl_SI-20150827-5.1 myspell-sr-20150827-5.1 myspell-sv_SE-20150827-5.1 myspell-te_IN-20150827-5.1 myspell-th_TH-20150827-5.1 myspell-vi-20150827-5.1 myspell-zu_ZA-20150827-5.1 pentaho-libxml-1.1.3-4.3 pentaho-reporting-flow-engine-0.9.4-4.5 sac-1.3-4.1 References: https://www.suse.com/security/cve/CVE-2014-8146.html https://www.suse.com/security/cve/CVE-2014-8147.html https://www.suse.com/security/cve/CVE-2015-1774.html https://www.suse.com/security/cve/CVE-2015-4551.html https://www.suse.com/security/cve/CVE-2015-5212.html https://www.suse.com/security/cve/CVE-2015-5213.html https://www.suse.com/security/cve/CVE-2015-5214.html https://bugzilla.suse.com/470073 https://bugzilla.suse.com/806250 https://bugzilla.suse.com/829430 https://bugzilla.suse.com/890735 https://bugzilla.suse.com/900186 https://bugzilla.suse.com/900877 https://bugzilla.suse.com/907966 https://bugzilla.suse.com/910805 https://bugzilla.suse.com/910806 https://bugzilla.suse.com/913042 https://bugzilla.suse.com/914911 https://bugzilla.suse.com/915996 https://bugzilla.suse.com/916181 https://bugzilla.suse.com/918852 https://bugzilla.suse.com/919409 https://bugzilla.suse.com/926375 https://bugzilla.suse.com/929793 https://bugzilla.suse.com/934423 https://bugzilla.suse.com/936188 https://bugzilla.suse.com/936190 https://bugzilla.suse.com/940838 https://bugzilla.suse.com/943075 https://bugzilla.suse.com/945692 From sle-updates at lists.suse.com Thu Nov 5 04:11:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 5 Nov 2015 12:11:04 +0100 (CET) Subject: SUSE-RU-2015:1916-1: moderate: Recommended update for openwsman Message-ID: <20151105111104.ABBEB320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for openwsman ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1916-1 Rating: moderate References: #929021 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openwsman adds support for a new option in the client configuration: curlopt_nosignal. If this option is enabled in openwsman_client.conf, openwsman will set the CURLOPT_NOSIGNAL flag in libcurl. It's recommended to enable this option when running multi-threaded applications linked against libwsman. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-798=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-798=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-798=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libwsman-devel-2.4.11-20.9 libwsman_clientpp-devel-2.4.11-20.9 libwsman_clientpp1-2.4.11-20.9 libwsman_clientpp1-debuginfo-2.4.11-20.9 openwsman-debugsource-2.4.11-20.9 openwsman-python-2.4.11-20.9 openwsman-python-debuginfo-2.4.11-20.9 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libwsman1-2.4.11-20.9 libwsman1-debuginfo-2.4.11-20.9 libwsman_clientpp1-2.4.11-20.9 libwsman_clientpp1-debuginfo-2.4.11-20.9 openwsman-debugsource-2.4.11-20.9 openwsman-server-2.4.11-20.9 openwsman-server-debuginfo-2.4.11-20.9 - SUSE Linux Enterprise Desktop 12 (x86_64): libwsman1-2.4.11-20.9 libwsman1-debuginfo-2.4.11-20.9 libwsman_clientpp1-2.4.11-20.9 libwsman_clientpp1-debuginfo-2.4.11-20.9 openwsman-debugsource-2.4.11-20.9 openwsman-server-2.4.11-20.9 openwsman-server-debuginfo-2.4.11-20.9 References: https://bugzilla.suse.com/929021 From sle-updates at lists.suse.com Thu Nov 5 06:11:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 5 Nov 2015 14:11:11 +0100 (CET) Subject: SUSE-RU-2015:1918-1: Recommended update for libxkbfile, libxkbcommon Message-ID: <20151105131111.2881B320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for libxkbfile, libxkbcommon ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1918-1 Rating: low References: #952403 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds xkeyboard-config as a runtime dependency of libxkbcommon and libxkbfile. This is needed to ensure the keymap datasets will be available even on systems installed with the Minimal pattern. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-799=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-799=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-799=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libxkbcommon-debugsource-0.4.1-3.1 libxkbcommon-devel-0.4.1-3.1 libxkbfile-debugsource-1.0.8-11.1 libxkbfile-devel-1.0.8-11.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libxkbcommon-debugsource-0.4.1-3.1 libxkbcommon-x11-0-0.4.1-3.1 libxkbcommon-x11-0-debuginfo-0.4.1-3.1 libxkbcommon0-0.4.1-3.1 libxkbcommon0-debuginfo-0.4.1-3.1 libxkbfile-debugsource-1.0.8-11.1 libxkbfile1-1.0.8-11.1 libxkbfile1-debuginfo-1.0.8-11.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libxkbcommon-x11-0-32bit-0.4.1-3.1 libxkbcommon-x11-0-debuginfo-32bit-0.4.1-3.1 libxkbcommon0-32bit-0.4.1-3.1 libxkbcommon0-debuginfo-32bit-0.4.1-3.1 libxkbfile1-32bit-1.0.8-11.1 libxkbfile1-debuginfo-32bit-1.0.8-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libxkbcommon-debugsource-0.4.1-3.1 libxkbcommon-x11-0-0.4.1-3.1 libxkbcommon-x11-0-32bit-0.4.1-3.1 libxkbcommon-x11-0-debuginfo-0.4.1-3.1 libxkbcommon-x11-0-debuginfo-32bit-0.4.1-3.1 libxkbcommon0-0.4.1-3.1 libxkbcommon0-32bit-0.4.1-3.1 libxkbcommon0-debuginfo-0.4.1-3.1 libxkbcommon0-debuginfo-32bit-0.4.1-3.1 libxkbfile-debugsource-1.0.8-11.1 libxkbfile1-1.0.8-11.1 libxkbfile1-32bit-1.0.8-11.1 libxkbfile1-debuginfo-1.0.8-11.1 libxkbfile1-debuginfo-32bit-1.0.8-11.1 References: https://bugzilla.suse.com/952403 From sle-updates at lists.suse.com Thu Nov 5 11:11:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 5 Nov 2015 19:11:06 +0100 (CET) Subject: SUSE-RU-2015:1921-1: moderate: Recommended update for yast2-network Message-ID: <20151105181106.C3588320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1921-1 Rating: moderate References: #866742 #945947 #948206 #949193 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for yast2-network provides the following fixes: - Fixed a regression where AutoYaST flag keep_install_network=false was ignored. (bsc#949193) - Fix Relax-NG parser errors when checking validity of AutoYaST profiles. (bsc#948206) - Do not fail with internal error when cloning configuration twice in a row. (bsc#866742) - Fix routing module to return the correct code when invoked from command line. (bsc#945947) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-800=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-800=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-800=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-network-devel-doc-3.1.112.10-2.19.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-network-3.1.112.10-2.19.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-network-3.1.112.10-2.19.1 References: https://bugzilla.suse.com/866742 https://bugzilla.suse.com/945947 https://bugzilla.suse.com/948206 https://bugzilla.suse.com/949193 From sle-updates at lists.suse.com Thu Nov 5 11:12:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 5 Nov 2015 19:12:10 +0100 (CET) Subject: SUSE-RU-2015:1922-1: Recommended update for resource-agents Message-ID: <20151105181210.57977320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for resource-agents ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1922-1 Rating: low References: #935253 #940931 Affected Products: SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: >This update for resource-agents provides the following fixes: - CTDB: Preserve permissions on smb.conf. (bsc#935253) - IPaddr2, findif.sh: Allow and describe + and - broadcast arguments. (bsc#940931) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-resource-agents-12188=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-resource-agents-12188=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldirectord-3.9.5-42.3 nagios-plugins-metadata-3.9.5-42.3 resource-agents-3.9.5-42.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): resource-agents-debuginfo-3.9.5-42.3 resource-agents-debugsource-3.9.5-42.3 References: https://bugzilla.suse.com/935253 https://bugzilla.suse.com/940931 From sle-updates at lists.suse.com Fri Nov 6 03:11:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 11:11:19 +0100 (CET) Subject: SUSE-RU-2015:1923-1: Recommended update for xorg-x11 Message-ID: <20151106101119.2334B320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1923-1 Rating: low References: #837805 #872524 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for xorg-x11 provides the following fixes: - Assign allow_null_passwd and allow_root_login variables' values before call to pam_authenticate(), fixing an issue with passwordless users. (bsc#872524) Fixed the documentation for GDM shutdown policy. (bsc#837805) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-xorg-x11-12189=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-xorg-x11-12189=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-xorg-x11-12189=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-xorg-x11-12189=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): xorg-x11-7.4-9.63.3.1 xorg-x11-xauth-7.4-9.63.3.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-7.4-9.63.3.1 xorg-x11-xauth-7.4-9.63.3.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): xorg-x11-7.4-9.63.3.1 xorg-x11-xauth-7.4-9.63.3.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-debuginfo-7.4-9.63.3.1 xorg-x11-debugsource-7.4-9.63.3.1 References: https://bugzilla.suse.com/837805 https://bugzilla.suse.com/872524 From sle-updates at lists.suse.com Fri Nov 6 06:11:02 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 14:11:02 +0100 (CET) Subject: SUSE-RU-2015:1924-1: moderate: Recommended update for tigervnc Message-ID: <20151106131102.62B03320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for tigervnc ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1924-1 Rating: moderate References: #942982 #948392 #950147 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for tigervnc provides the following fixes: - Remove commented out DefaultDepth 16 from 10-libvnc.conf file. Using 16 bit depth can cause troubles and does not have any positives anymore, so lets not suggest it to users. (bsc#942982) - Clean pid files of dead vncserver processes. (bsc#948392) - Prefer ANON-ECDH over ANON-DH cipher to avoid a Java bug. (bsc#950147) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-804=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): tigervnc-1.4.1-34.7.1 tigervnc-debuginfo-1.4.1-34.7.1 tigervnc-debugsource-1.4.1-34.7.1 xorg-x11-Xvnc-1.4.1-34.7.1 xorg-x11-Xvnc-debuginfo-1.4.1-34.7.1 References: https://bugzilla.suse.com/942982 https://bugzilla.suse.com/948392 https://bugzilla.suse.com/950147 From sle-updates at lists.suse.com Fri Nov 6 07:12:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 15:12:03 +0100 (CET) Subject: SUSE-SU-2015:1925-1: moderate: Security update for libvdpau Message-ID: <20151106141203.C1FB5320B7@maintenance.suse.de> SUSE Security Update: Security update for libvdpau ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1925-1 Rating: moderate References: #943967 #943968 #943969 Cross-References: CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: libvdpau was updated to use secure_getenv() instead of getenv() for several variables so it can be more safely used in setuid applications. * CVE-2015-5198: libvdpau: incorrect check for security transition (bnc#943967) * CVE-2015-5199: libvdpau: directory traversal in dlopen (bnc#943968) * CVE-2015-5200: libvdpau: vulnerability in trace functionality (bnc#943969) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libvdpau-12192=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libvdpau-12192=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libvdpau-12192=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libvdpau-12192=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libvdpau1-0.4.1-16.20.2 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libvdpau1-32bit-0.4.1-16.20.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libvdpau1-0.4.1-16.20.2 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libvdpau1-32bit-0.4.1-16.20.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): libvdpau-debuginfo-0.4.1-16.20.2 libvdpau-debugsource-0.4.1-16.20.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): libvdpau-debuginfo-0.4.1-16.20.2 libvdpau-debugsource-0.4.1-16.20.2 References: https://www.suse.com/security/cve/CVE-2015-5198.html https://www.suse.com/security/cve/CVE-2015-5199.html https://www.suse.com/security/cve/CVE-2015-5200.html https://bugzilla.suse.com/943967 https://bugzilla.suse.com/943968 https://bugzilla.suse.com/943969 From sle-updates at lists.suse.com Fri Nov 6 07:12:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 15:12:52 +0100 (CET) Subject: SUSE-RU-2015:1924-2: moderate: Recommended update for tigervnc Message-ID: <20151106141252.C8B1C320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for tigervnc ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1924-2 Rating: moderate References: #942982 #948392 #950147 Affected Products: SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for tigervnc provides the following fixes: - Remove commented out DefaultDepth 16 from 10-libvnc.conf file. Using 16 bit depth can cause troubles and does not have any positives anymore, so lets not suggest it to users. (bsc#942982) - Clean pid files of dead vncserver processes. (bsc#948392) - Prefer ANON-ECDH over ANON-DH cipher to avoid a Java bug. (bsc#950147) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-804=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 12 (x86_64): tigervnc-1.4.1-34.7.1 tigervnc-debuginfo-1.4.1-34.7.1 tigervnc-debugsource-1.4.1-34.7.1 xorg-x11-Xvnc-1.4.1-34.7.1 xorg-x11-Xvnc-debuginfo-1.4.1-34.7.1 References: https://bugzilla.suse.com/942982 https://bugzilla.suse.com/948392 https://bugzilla.suse.com/950147 From sle-updates at lists.suse.com Fri Nov 6 09:11:15 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 17:11:15 +0100 (CET) Subject: SUSE-SU-2015:1926-1: important: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss Message-ID: <20151106161115.582BC320F0@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1926-1 Rating: important References: #908275 #952810 Cross-References: CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This Mozilla Firefox, NSS and NSPR update fixes the following security and non security issues. - mozilla-nspr was updated to version 4.10.10 (bsc#952810) * MFSA 2015-133/CVE-2015-7183 (bmo#1205157) NSPR memory corruption issues - mozilla-nss was updated to 3.19.2.1 (bsc#952810) * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182 (bmo#1192028, bmo#1202868) NSS and NSPR memory corruption issues - MozillaFirefox was updated to 38.4.0 ESR (bsc#952810) * MFSA 2015-116/CVE-2015-4513 (bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580, bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564, bmo#1208665, bmo#1209471, bmo#1213979) Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1204061, bmo#1188010, bmo#1204155) Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868, bmo#1192028, bmo#1205157) NSS and NSPR memory corruption issues - fix printing on landscape media (bsc#908275) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-807=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-807=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-807=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-38.4.0esr-51.1 MozillaFirefox-debugsource-38.4.0esr-51.1 MozillaFirefox-devel-38.4.0esr-51.1 mozilla-nspr-debuginfo-4.10.10-9.1 mozilla-nspr-debugsource-4.10.10-9.1 mozilla-nspr-devel-4.10.10-9.1 mozilla-nss-debuginfo-3.19.2.1-29.1 mozilla-nss-debugsource-3.19.2.1-29.1 mozilla-nss-devel-3.19.2.1-29.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): MozillaFirefox-38.4.0esr-51.1 MozillaFirefox-branding-SLE-31.0-17.1 MozillaFirefox-debuginfo-38.4.0esr-51.1 MozillaFirefox-debugsource-38.4.0esr-51.1 MozillaFirefox-translations-38.4.0esr-51.1 libfreebl3-3.19.2.1-29.1 libfreebl3-debuginfo-3.19.2.1-29.1 libfreebl3-hmac-3.19.2.1-29.1 libsoftokn3-3.19.2.1-29.1 libsoftokn3-debuginfo-3.19.2.1-29.1 libsoftokn3-hmac-3.19.2.1-29.1 mozilla-nspr-4.10.10-9.1 mozilla-nspr-debuginfo-4.10.10-9.1 mozilla-nspr-debugsource-4.10.10-9.1 mozilla-nss-3.19.2.1-29.1 mozilla-nss-certs-3.19.2.1-29.1 mozilla-nss-certs-debuginfo-3.19.2.1-29.1 mozilla-nss-debuginfo-3.19.2.1-29.1 mozilla-nss-debugsource-3.19.2.1-29.1 mozilla-nss-tools-3.19.2.1-29.1 mozilla-nss-tools-debuginfo-3.19.2.1-29.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libfreebl3-32bit-3.19.2.1-29.1 libfreebl3-debuginfo-32bit-3.19.2.1-29.1 libfreebl3-hmac-32bit-3.19.2.1-29.1 libsoftokn3-32bit-3.19.2.1-29.1 libsoftokn3-debuginfo-32bit-3.19.2.1-29.1 libsoftokn3-hmac-32bit-3.19.2.1-29.1 mozilla-nspr-32bit-4.10.10-9.1 mozilla-nspr-debuginfo-32bit-4.10.10-9.1 mozilla-nss-32bit-3.19.2.1-29.1 mozilla-nss-certs-32bit-3.19.2.1-29.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.1-29.1 mozilla-nss-debuginfo-32bit-3.19.2.1-29.1 - SUSE Linux Enterprise Desktop 12 (x86_64): MozillaFirefox-38.4.0esr-51.1 MozillaFirefox-branding-SLE-31.0-17.1 MozillaFirefox-debuginfo-38.4.0esr-51.1 MozillaFirefox-debugsource-38.4.0esr-51.1 MozillaFirefox-translations-38.4.0esr-51.1 libfreebl3-3.19.2.1-29.1 libfreebl3-32bit-3.19.2.1-29.1 libfreebl3-debuginfo-3.19.2.1-29.1 libfreebl3-debuginfo-32bit-3.19.2.1-29.1 libsoftokn3-3.19.2.1-29.1 libsoftokn3-32bit-3.19.2.1-29.1 libsoftokn3-debuginfo-3.19.2.1-29.1 libsoftokn3-debuginfo-32bit-3.19.2.1-29.1 mozilla-nspr-32bit-4.10.10-9.1 mozilla-nspr-4.10.10-9.1 mozilla-nspr-debuginfo-32bit-4.10.10-9.1 mozilla-nspr-debuginfo-4.10.10-9.1 mozilla-nspr-debugsource-4.10.10-9.1 mozilla-nss-3.19.2.1-29.1 mozilla-nss-32bit-3.19.2.1-29.1 mozilla-nss-certs-3.19.2.1-29.1 mozilla-nss-certs-32bit-3.19.2.1-29.1 mozilla-nss-certs-debuginfo-3.19.2.1-29.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.1-29.1 mozilla-nss-debuginfo-3.19.2.1-29.1 mozilla-nss-debuginfo-32bit-3.19.2.1-29.1 mozilla-nss-debugsource-3.19.2.1-29.1 mozilla-nss-tools-3.19.2.1-29.1 mozilla-nss-tools-debuginfo-3.19.2.1-29.1 References: https://www.suse.com/security/cve/CVE-2015-4513.html https://www.suse.com/security/cve/CVE-2015-7181.html https://www.suse.com/security/cve/CVE-2015-7182.html https://www.suse.com/security/cve/CVE-2015-7183.html https://www.suse.com/security/cve/CVE-2015-7188.html https://www.suse.com/security/cve/CVE-2015-7189.html https://www.suse.com/security/cve/CVE-2015-7193.html https://www.suse.com/security/cve/CVE-2015-7194.html https://www.suse.com/security/cve/CVE-2015-7196.html https://www.suse.com/security/cve/CVE-2015-7197.html https://www.suse.com/security/cve/CVE-2015-7198.html https://www.suse.com/security/cve/CVE-2015-7199.html https://www.suse.com/security/cve/CVE-2015-7200.html https://bugzilla.suse.com/908275 https://bugzilla.suse.com/952810 From sle-updates at lists.suse.com Fri Nov 6 11:11:28 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Nov 2015 19:11:28 +0100 (CET) Subject: SUSE-RU-2015:1931-1: moderate: Recommended update for openssl Message-ID: <20151106181128.7B849320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1931-1 Rating: moderate References: #947833 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: OpenSSL was updated to fix a bug in TLS session renegotiation. This renegotiation is for instance used with Apache2 client certificate handling, which would fail if ECDHE key exchange is used, which is happening more often after the last openssl update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-openssl-12193=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-openssl-12193=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-openssl-12193=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-openssl-12193=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openssl-12193=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-openssl-12193=1 - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-openssl-12193=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-openssl-12193=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-openssl-12193=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssl-12193=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openssl-12193=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-openssl-12193=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): libopenssl-devel-0.9.8j-0.77.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.77.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.77.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.77.1 libopenssl0_9_8-hmac-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 openssl-doc-0.9.8j-0.77.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.77.1 libopenssl0_9_8-hmac-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 openssl-doc-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libopenssl0_9_8-x86-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.77.1 libopenssl0_9_8-hmac-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 openssl-doc-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libopenssl0_9_8-x86-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): libopenssl-devel-0.9.8j-0.77.1 libopenssl0_9_8-0.9.8j-0.77.1 libopenssl0_9_8-hmac-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 openssl-doc-0.9.8j-0.77.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.77.1 openssl-0.9.8j-0.77.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.77.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssl-debuginfo-0.9.8j-0.77.1 openssl-debugsource-0.9.8j-0.77.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): openssl-debuginfo-0.9.8j-0.77.1 openssl-debugsource-0.9.8j-0.77.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): openssl-debuginfo-0.9.8j-0.77.1 openssl-debugsource-0.9.8j-0.77.1 References: https://bugzilla.suse.com/947833 From sle-updates at lists.suse.com Mon Nov 9 03:10:38 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Nov 2015 11:10:38 +0100 (CET) Subject: SUSE-RU-2015:1932-1: moderate: Recommended update for crowbar-barclamp-rabbitmq Message-ID: <20151109101038.DD73A320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-rabbitmq ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1932-1 Rating: moderate References: #935159 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar-barclamp-rabbitmq fixes Rabbit HA for non-DRBD setups. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-rabbitmq-12194=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-rabbitmq-1.9+git.1443863731.634c4a5-12.2 References: https://bugzilla.suse.com/935159 From sle-updates at lists.suse.com Mon Nov 9 04:10:44 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Nov 2015 12:10:44 +0100 (CET) Subject: SUSE-RU-2015:1933-1: moderate: Recommended update for plymouth Message-ID: <20151109111044.8EF1C320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for plymouth ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1933-1 Rating: moderate References: #939204 #949046 #951983 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for plymouth provides the following fixes: - Do not filter out useful control characters. (bsc#951983) - Rewrite version handling in the spec file to avoid hard-coding SLE versions. (bsc#949046) - Ensure plymouth-reboot always restarts if needed to show all the log messages. (bsc#939204) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-812=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-812=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-812=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): plymouth-debuginfo-0.9.0-25.1 plymouth-debugsource-0.9.0-25.1 plymouth-devel-0.9.0-25.1 plymouth-x11-renderer-0.9.0-25.1 plymouth-x11-renderer-debuginfo-0.9.0-25.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libply-boot-client2-0.9.0-25.1 libply-boot-client2-debuginfo-0.9.0-25.1 libply-splash-core2-0.9.0-25.1 libply-splash-core2-debuginfo-0.9.0-25.1 libply-splash-graphics2-0.9.0-25.1 libply-splash-graphics2-debuginfo-0.9.0-25.1 libply2-0.9.0-25.1 libply2-debuginfo-0.9.0-25.1 plymouth-0.9.0-25.1 plymouth-debuginfo-0.9.0-25.1 plymouth-debugsource-0.9.0-25.1 plymouth-dracut-0.9.0-25.1 plymouth-plugin-label-0.9.0-25.1 plymouth-plugin-label-debuginfo-0.9.0-25.1 plymouth-plugin-script-0.9.0-25.1 plymouth-plugin-script-debuginfo-0.9.0-25.1 plymouth-scripts-0.9.0-25.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libply-boot-client2-0.9.0-25.1 libply-boot-client2-debuginfo-0.9.0-25.1 libply-splash-core2-0.9.0-25.1 libply-splash-core2-debuginfo-0.9.0-25.1 libply-splash-graphics2-0.9.0-25.1 libply-splash-graphics2-debuginfo-0.9.0-25.1 libply2-0.9.0-25.1 libply2-debuginfo-0.9.0-25.1 plymouth-0.9.0-25.1 plymouth-debuginfo-0.9.0-25.1 plymouth-debugsource-0.9.0-25.1 plymouth-dracut-0.9.0-25.1 plymouth-plugin-label-0.9.0-25.1 plymouth-plugin-label-debuginfo-0.9.0-25.1 plymouth-plugin-script-0.9.0-25.1 plymouth-plugin-script-debuginfo-0.9.0-25.1 plymouth-scripts-0.9.0-25.1 References: https://bugzilla.suse.com/939204 https://bugzilla.suse.com/949046 https://bugzilla.suse.com/951983 From sle-updates at lists.suse.com Mon Nov 9 05:10:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Nov 2015 13:10:47 +0100 (CET) Subject: SUSE-RU-2015:1934-1: Recommended update for supportutils Message-ID: <20151109121047.2F43D320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1934-1 Rating: low References: #915888 #931390 #939079 #941773 #952024 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for supportutils provides the following fixes and enhancements: - Added OPTION_NIT for novell-nit.txt. (bsc#939079) - Included control group listing in systemd.txt. - Fixed find loop for autoupg.xml. (bsc#952024) - Added nic,lan,vswitch. (bsc#915888) - Fixed kernel taint flags. (bsc#941773) - Fixed package reference. (bsc#931390) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-813=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-813=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): supportutils-3.0-68.1 - SUSE Linux Enterprise Desktop 12 (noarch): supportutils-3.0-68.1 References: https://bugzilla.suse.com/915888 https://bugzilla.suse.com/931390 https://bugzilla.suse.com/939079 https://bugzilla.suse.com/941773 https://bugzilla.suse.com/952024 From sle-updates at lists.suse.com Mon Nov 9 07:10:28 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Nov 2015 15:10:28 +0100 (CET) Subject: SUSE-RU-2015:1935-1: Recommended update for several crowbar-barclamps Message-ID: <20151109141028.37B36320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for several crowbar-barclamps ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1935-1 Rating: low References: #922694 #936302 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides various fixes and improvements for crowbar barclamps. crowbar-barclamp-crowbar: - Pause chef-client daemon while applying proposals. (bsc#936302) crowbar-barclamp-network: - Update to new locking API. crowbar-barclamp-swift: - Set keystone version correctly for swift proxy. - Make max_header_line configurable. - Use the new locking API. crowbar-barclamp-tempest: - Use the new locking API. - Enable Docker support. - Adjustments for using the keystone v3 API. - Make tempest work in an SSL cloud. - Only create flavor if it doesn't already exist. (bsc#922694) - Raise exception if failing to get EC2 credentials or floating network ID. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamps-201510-12195=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-crowbar-1.9+git.1443081829.7228292-17.2 crowbar-barclamp-network-1.9+git.1443082496.45c9047-12.2 crowbar-barclamp-swift-1.9+git.1444339602.fdc5b5c-12.2 crowbar-barclamp-tempest-1.9+git.1443082500.b895796-9.2 References: https://bugzilla.suse.com/922694 https://bugzilla.suse.com/936302 From sle-updates at lists.suse.com Mon Nov 9 10:12:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Nov 2015 18:12:24 +0100 (CET) Subject: SUSE-RU-2015:1941-1: moderate: Recommended update for libsolv, libzypp, zypper Message-ID: <20151109171224.8F647320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1941-1 Rating: moderate References: #900769 #941453 #941463 #941539 #941563 #943563 #945169 #946129 #946750 #946752 #948482 #948608 #949957 #951339 #951402 #951782 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 16 recommended fixes can now be installed. Description: This update for the Software Update Stack provides fixes and enhancements. libsolv: - Support testcase writing in bindings. (bsc#946752) - Support a generic string for pattern-visible(). (bsc#900769) - Fix bug in recommends handling. (bsc#948482) libzypp: - Resolver allow tuning DUP mode solver flags. (fate#319128) - Add attemptToModify to indicate an attempt to actually install/remove was made. (bsc#946750, fate#319467) - Fix broken product: <-> -release package relation. (bsc#951782) - Fix Plugin-services not updating repo GPGCheck settings. (bsc#951402) - Avoid URL rewrite if probing local cache directories. (bsc#946129) - Don't cache repo releasever. (bsc#943563) - Fix setting dup_allow* solver options. (bsc#941463) - Don't make zypper encode {} around repo vars. (bsc#941453) - Make Solvable::asUserString more readable. (bsc#949957) yast2-pkg-bindings: - Pkg::SourceGeneralData(): Return also the raw URL (without expanding the variables). (bsc#941563) - Pkg.SetSolverFlags(): Added DUP mode solver settings, these are different than the "normal" mode settings. (fate#319128) - Pkg::ResolvableProperties(): "version" value contains a full edition (in form "[epoch:]version[-release]"), additionally return also "version_epoch", "version_version" and "version_release" with the parts of the edition. (fate#318505) - Fixed saving removed services. (fate#315161) - Add pkgGpgCheck callback. (bsc#948608) zypper: - Return ZYPPER_EXIT_ERR_COMMIT if an error occurred during commit. (bsc#946750, fate#319467) - Show locked packages in summary of patch, up and dup commands. (fate#318299) - Search: Append 'l' to locked items' status tag. (fate#318299) - List locks: Implement new command options --matches and --solvables to see the resolvables matched by each lock definition. (fate#318299) - Issue 'volatile change' warning when modifying a plugin service repo. (bsc#951339) - Add new option commit/psCheckAccessDeleted to zypper.conf to avoid 'lsof' call after commit. On some systems 'lsof' seems to perform very slow, and the check takes up to several minutes. Due to this it's possible to disable the automatic check after each commit. Explicit calls to 'zypper ps' are not affected by this option. (bsc#945169) - Add -s option to "locks" to show solvables repositories. (bsc#949957) - Add options to allow vendor locking for "zypper dup". (fate#319128) - Implement --updatestack-only parameter for "zypper patch": Install only patches which affect the package management itself. (fate#319407) - Add git-like subcommand support for zypper. Zypper subcommands are standalone executables that live in the zypper exec dir or are available in your $PATH (see zypper(8)). Additional note: This update is one of several that contains features that are needed for enabling the migration of a SLE 12 system to SLE 12 SP1 or later. As soon as the package yast2-migration is available and the target Service Pack migration is activated in the SUSE Customer Center the migration could be performed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-815=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-815=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-815=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libsolv-debugsource-0.6.14-2.13.1 libsolv-devel-0.6.14-2.13.1 libsolv-devel-debuginfo-0.6.14-2.13.1 libzypp-debuginfo-14.42.3-2.31.1 libzypp-debugsource-14.42.3-2.31.1 libzypp-devel-14.42.3-2.31.1 perl-solv-0.6.14-2.13.1 perl-solv-debuginfo-0.6.14-2.13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libsolv-debugsource-0.6.14-2.13.1 libsolv-tools-0.6.14-2.13.1 libsolv-tools-debuginfo-0.6.14-2.13.1 libzypp-14.42.3-2.31.1 libzypp-debuginfo-14.42.3-2.31.1 libzypp-debugsource-14.42.3-2.31.1 perl-solv-0.6.14-2.13.1 perl-solv-debuginfo-0.6.14-2.13.1 python-solv-0.6.14-2.13.1 python-solv-debuginfo-0.6.14-2.13.1 yast2-pkg-bindings-3.1.20.2-8.1 yast2-pkg-bindings-debuginfo-3.1.20.2-8.1 yast2-pkg-bindings-debugsource-3.1.20.2-8.1 zypper-1.11.42-2.25.2 zypper-debuginfo-1.11.42-2.25.2 zypper-debugsource-1.11.42-2.25.2 - SUSE Linux Enterprise Server 12 (noarch): zypper-log-1.11.42-2.25.2 - SUSE Linux Enterprise Desktop 12 (x86_64): libsolv-debugsource-0.6.14-2.13.1 libsolv-tools-0.6.14-2.13.1 libsolv-tools-debuginfo-0.6.14-2.13.1 libzypp-14.42.3-2.31.1 libzypp-debuginfo-14.42.3-2.31.1 libzypp-debugsource-14.42.3-2.31.1 python-solv-0.6.14-2.13.1 python-solv-debuginfo-0.6.14-2.13.1 yast2-pkg-bindings-3.1.20.2-8.1 yast2-pkg-bindings-debuginfo-3.1.20.2-8.1 yast2-pkg-bindings-debugsource-3.1.20.2-8.1 zypper-1.11.42-2.25.2 zypper-debuginfo-1.11.42-2.25.2 zypper-debugsource-1.11.42-2.25.2 - SUSE Linux Enterprise Desktop 12 (noarch): zypper-log-1.11.42-2.25.2 References: https://bugzilla.suse.com/900769 https://bugzilla.suse.com/941453 https://bugzilla.suse.com/941463 https://bugzilla.suse.com/941539 https://bugzilla.suse.com/941563 https://bugzilla.suse.com/943563 https://bugzilla.suse.com/945169 https://bugzilla.suse.com/946129 https://bugzilla.suse.com/946750 https://bugzilla.suse.com/946752 https://bugzilla.suse.com/948482 https://bugzilla.suse.com/948608 https://bugzilla.suse.com/949957 https://bugzilla.suse.com/951339 https://bugzilla.suse.com/951402 https://bugzilla.suse.com/951782 From sle-updates at lists.suse.com Tue Nov 10 03:10:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 11:10:52 +0100 (CET) Subject: SUSE-OU-2015:1944-1: Initial release of python-azurectl Message-ID: <20151110101052.70DD4320F0@maintenance.suse.de> SUSE Optional Update: Initial release of python-azurectl ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:1944-1 Rating: low References: #946907 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides a set of command line tools to interact with the Microsoft Azure public cloud framework. Refer to the azurectl(1) man page, included in python-azurectl, for comprehensive documentation and usage instructions. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-817=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (ppc64le s390x x86_64): python-pyliblzma-0.5.3-2.3 python-pyliblzma-debuginfo-0.5.3-2.3 python-pyliblzma-debugsource-0.5.3-2.3 - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-APScheduler-3.0.2-2.1 python-azure-sdk-0.20.0-2.2 python-azurectl-1.0.1-2.1 python-dnspython-1.11.1-2.1 python-futures-2.1.6-0.2.1 python-tzlocal-1.1.3-2.5 References: https://bugzilla.suse.com/946907 From sle-updates at lists.suse.com Tue Nov 10 03:12:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 11:12:49 +0100 (CET) Subject: SUSE-RU-2015:1947-1: moderate: Recommended update for SuSEfirewall2 Message-ID: <20151110101249.C6822320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for SuSEfirewall2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1947-1 Rating: moderate References: #940825 #942106 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: SuSEfirewall2 was updated to use the conntrack table instead of the state table to avoid warnings with newer versions of iptables. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-SuSEfirewall2-12196=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-SuSEfirewall2-12196=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-SuSEfirewall2-12196=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-SuSEfirewall2-12196=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-SuSEfirewall2-12196=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): SuSEfirewall2-3.6_SVNr208-2.11.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): SuSEfirewall2-3.6_SVNr208-2.11.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): SuSEfirewall2-3.6_SVNr208-2.11.1 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): SuSEfirewall2-3.6_SVNr208-2.11.1 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): SuSEfirewall2-3.6_SVNr208-2.11.1 References: https://bugzilla.suse.com/940825 https://bugzilla.suse.com/942106 From sle-updates at lists.suse.com Tue Nov 10 06:10:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 14:10:18 +0100 (CET) Subject: SUSE-RU-2015:1950-1: Recommended update for rsh Message-ID: <20151110131018.11C3E320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for rsh ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1950-1 Rating: low References: #723593 #926954 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for rsh fixes an attempt to free invalid memory in rshd. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-rsh-12197=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-rsh-12197=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-rsh-12197=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): rsh-0.17-706.22.1 rsh-server-0.17-706.22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): rsh-0.17-706.22.1 rsh-server-0.17-706.22.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): rsh-0.17-706.22.1 rsh-server-0.17-706.22.1 References: https://bugzilla.suse.com/723593 https://bugzilla.suse.com/926954 From sle-updates at lists.suse.com Tue Nov 10 07:10:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 15:10:13 +0100 (CET) Subject: SUSE-RU-2015:1950-2: Recommended update for rsh Message-ID: <20151110141013.5B279320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for rsh ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1950-2 Rating: low References: #723593 #926954 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for rsh fixes an attempt to free invalid memory in rshd. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-rsh-12197=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-rsh-12197=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-rsh-12197=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-rsh-12197=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): rsh-0.17-706.22.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): rsh-0.17-706.22.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): rsh-debuginfo-0.17-706.22.1 rsh-debugsource-0.17-706.22.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): rsh-debuginfo-0.17-706.22.1 rsh-debugsource-0.17-706.22.1 References: https://bugzilla.suse.com/723593 https://bugzilla.suse.com/926954 From sle-updates at lists.suse.com Tue Nov 10 08:10:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 16:10:18 +0100 (CET) Subject: SUSE-RU-2015:1951-1: Recommended update for makedumpfile Message-ID: <20151110151018.C848B320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for makedumpfile ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1951-1 Rating: low References: #889975 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for makedumpfile fixes re-filtering of ELF dumps. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-makedumpfile-12198=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-makedumpfile-12198=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-makedumpfile-12198=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-makedumpfile-12198=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-makedumpfile-12198=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): makedumpfile-1.5.1-0.17.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): makedumpfile-1.5.1-0.17.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): makedumpfile-1.5.1-0.17.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): makedumpfile-1.5.1-0.17.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): makedumpfile-debuginfo-1.5.1-0.17.1 makedumpfile-debugsource-1.5.1-0.17.1 References: https://bugzilla.suse.com/889975 From sle-updates at lists.suse.com Tue Nov 10 10:10:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 18:10:09 +0100 (CET) Subject: SUSE-SU-2015:1952-1: important: Security update for xen Message-ID: <20151110171009.A1B15320B7@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1952-1 Rating: important References: #877642 #932267 #944463 #944697 #950367 #950703 #950705 #950706 Cross-References: CVE-2014-0222 CVE-2015-4037 CVE-2015-5239 CVE-2015-6815 CVE-2015-7835 CVE-2015-7969 CVE-2015-7971 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: xen was updated to fix eight security issues. These security issues were fixed: - CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267). - CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697). - CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703). - CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705). - CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-xen-12199=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-xen-12199=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): xen-devel-4.1.6_08-20.1 xen-kmp-default-4.1.6_08_3.0.101_0.7.37-20.1 xen-kmp-trace-4.1.6_08_3.0.101_0.7.37-20.1 xen-libs-4.1.6_08-20.1 xen-tools-domU-4.1.6_08-20.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (x86_64): xen-4.1.6_08-20.1 xen-doc-html-4.1.6_08-20.1 xen-doc-pdf-4.1.6_08-20.1 xen-libs-32bit-4.1.6_08-20.1 xen-tools-4.1.6_08-20.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): xen-kmp-pae-4.1.6_08_3.0.101_0.7.37-20.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64): xen-debuginfo-4.1.6_08-20.1 xen-debugsource-4.1.6_08-20.1 References: https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2015-4037.html https://www.suse.com/security/cve/CVE-2015-5239.html https://www.suse.com/security/cve/CVE-2015-6815.html https://www.suse.com/security/cve/CVE-2015-7835.html https://www.suse.com/security/cve/CVE-2015-7969.html https://www.suse.com/security/cve/CVE-2015-7971.html https://bugzilla.suse.com/877642 https://bugzilla.suse.com/932267 https://bugzilla.suse.com/944463 https://bugzilla.suse.com/944697 https://bugzilla.suse.com/950367 https://bugzilla.suse.com/950703 https://bugzilla.suse.com/950705 https://bugzilla.suse.com/950706 From sle-updates at lists.suse.com Tue Nov 10 11:10:12 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Nov 2015 19:10:12 +0100 (CET) Subject: SUSE-RU-2015:1953-1: moderate: Recommended update for patterns-sap Message-ID: <20151110181012.239E3320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for patterns-sap ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1953-1 Rating: moderate References: #944887 #947501 Affected Products: SUSE Linux Enterprise Server for SAP 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The installation patterns for SAP have been updated to fix several issues. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2015-821=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): patterns-sap-b1-12-4.2 patterns-sap-hana-12-4.2 patterns-sap-nw-12-4.2 References: https://bugzilla.suse.com/944887 https://bugzilla.suse.com/947501 From sle-updates at lists.suse.com Wed Nov 11 08:10:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Nov 2015 16:10:29 +0100 (CET) Subject: SUSE-RU-2015:1954-1: moderate: Recommended update for systemd Message-ID: <20151111151029.4C8BE320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for systemd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1954-1 Rating: moderate References: #900558 #904214 #912334 #913517 #932284 #933521 #933533 #934901 #937512 #937900 #938908 #939571 #940264 #941576 #942946 #944132 #944799 #945282 #947212 #948705 #950510 #951265 #951663 #953241 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 24 recommended fixes can now be installed. Description: This collective update for SystemD provides the following fixes and enhancements: - Implement firstboot helper and ConditionFirstBoot support. (fate#318894) - Avoid broken virtual console mapping due to stressed ioctl API for the virtual consoles. (bsc#904214) - Fix persistent net rule generation for KVM. (bsc#938908) - Avoid that processes in scopes like login shells are killed immediately after signaled with SIGTERM. (bsc#932284) - Avoid race condition for two loadkey processes, that is one loading the keymap and one for loading the compose tables. (bsc#941576) - Add persistent device name rules for NVMe devices. (bsc#944132) - Don't mount system root as read/write, if "readonly" is given as boot parameter. (bsc#900558) - Make TERM configurable for vm serial consoles. (bsc#913517) - Avoid delay while booting with nofail entries in fstab. (bsc#912334) - Parse /etc/systemd/system.conf on daemon reload. (bsc#933521) - Avoid stuck sbus connection due invalid dbus call. (bsc#937900) - Work around a problem of an assert on ENODEV for closing fd on an input event device. (bsc#939571) - Fix "invalid argument" error when setting memory.limit_in_bytes. (bsc#937512) - Support reboot -f on kexec kernels. (bsc#940264) - Not all watchdog drivers implement WDIOC_SETOPTIONS, so do not require it. (bsc#933533) - Make rootsymlink_generator return success even if stat fails. (bsc#945282) - Create /run/udev if it doesn't exist. (bsc#945282) - Exclude device-mapper from block device ownership event locking. (bsc#944799) - Drop original fix for bsc#872929, superseded by later changes. (bsc#942946) - Support Virtualbox 5.0 running on top of KVM hypervisor. (bsc#948705) - Suppress warnings about duplicated sysfs paths. (bsc#947212) - Avoid restarting logind after package update. (bsc#934901) - Add old fashion phy sas disk enumeration to path_id_compat. (bsc#950510) - Fix disabled event source handling. (bsc#951663) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-822=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-822=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-822=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libgudev-1_0-devel-210-70.25.1 libudev-devel-210-70.25.1 systemd-debuginfo-210-70.25.1 systemd-debugsource-210-70.25.1 systemd-devel-210-70.25.1 typelib-1_0-GUdev-1_0-210-70.25.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libgudev-1_0-0-210-70.25.1 libgudev-1_0-0-debuginfo-210-70.25.1 libudev1-210-70.25.1 libudev1-debuginfo-210-70.25.1 systemd-210-70.25.1 systemd-debuginfo-210-70.25.1 systemd-debugsource-210-70.25.1 systemd-sysvinit-210-70.25.1 udev-210-70.25.1 udev-debuginfo-210-70.25.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgudev-1_0-0-32bit-210-70.25.1 libgudev-1_0-0-debuginfo-32bit-210-70.25.1 libudev1-32bit-210-70.25.1 libudev1-debuginfo-32bit-210-70.25.1 systemd-32bit-210-70.25.1 systemd-debuginfo-32bit-210-70.25.1 - SUSE Linux Enterprise Server 12 (noarch): systemd-bash-completion-210-70.25.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libgudev-1_0-0-210-70.25.1 libgudev-1_0-0-32bit-210-70.25.1 libgudev-1_0-0-debuginfo-210-70.25.1 libgudev-1_0-0-debuginfo-32bit-210-70.25.1 libudev1-210-70.25.1 libudev1-32bit-210-70.25.1 libudev1-debuginfo-210-70.25.1 libudev1-debuginfo-32bit-210-70.25.1 systemd-210-70.25.1 systemd-32bit-210-70.25.1 systemd-debuginfo-210-70.25.1 systemd-debuginfo-32bit-210-70.25.1 systemd-debugsource-210-70.25.1 systemd-sysvinit-210-70.25.1 udev-210-70.25.1 udev-debuginfo-210-70.25.1 - SUSE Linux Enterprise Desktop 12 (noarch): systemd-bash-completion-210-70.25.1 References: https://bugzilla.suse.com/900558 https://bugzilla.suse.com/904214 https://bugzilla.suse.com/912334 https://bugzilla.suse.com/913517 https://bugzilla.suse.com/932284 https://bugzilla.suse.com/933521 https://bugzilla.suse.com/933533 https://bugzilla.suse.com/934901 https://bugzilla.suse.com/937512 https://bugzilla.suse.com/937900 https://bugzilla.suse.com/938908 https://bugzilla.suse.com/939571 https://bugzilla.suse.com/940264 https://bugzilla.suse.com/941576 https://bugzilla.suse.com/942946 https://bugzilla.suse.com/944132 https://bugzilla.suse.com/944799 https://bugzilla.suse.com/945282 https://bugzilla.suse.com/947212 https://bugzilla.suse.com/948705 https://bugzilla.suse.com/950510 https://bugzilla.suse.com/951265 https://bugzilla.suse.com/951663 https://bugzilla.suse.com/953241 From sle-updates at lists.suse.com Wed Nov 11 09:12:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Nov 2015 17:12:29 +0100 (CET) Subject: SUSE-SU-2015:1958-1: moderate: Security update for flash-player Message-ID: <20151111161229.BD491320B7@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1958-1 Rating: moderate References: #954512 Cross-References: CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: The flash-player package was updated to fix the following security issues: - Security update to 11.2.202.548 (bsc#954512): * APSB15-28, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661, CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-824=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-824=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): flash-player-11.2.202.548-111.1 flash-player-gnome-11.2.202.548-111.1 - SUSE Linux Enterprise Desktop 12 (x86_64): flash-player-11.2.202.548-111.1 flash-player-gnome-11.2.202.548-111.1 References: https://www.suse.com/security/cve/CVE-2015-7651.html https://www.suse.com/security/cve/CVE-2015-7652.html https://www.suse.com/security/cve/CVE-2015-7653.html https://www.suse.com/security/cve/CVE-2015-7654.html https://www.suse.com/security/cve/CVE-2015-7655.html https://www.suse.com/security/cve/CVE-2015-7656.html https://www.suse.com/security/cve/CVE-2015-7657.html https://www.suse.com/security/cve/CVE-2015-7658.html https://www.suse.com/security/cve/CVE-2015-7659.html https://www.suse.com/security/cve/CVE-2015-7660.html https://www.suse.com/security/cve/CVE-2015-7661.html https://www.suse.com/security/cve/CVE-2015-7662.html https://www.suse.com/security/cve/CVE-2015-7663.html https://www.suse.com/security/cve/CVE-2015-8042.html https://www.suse.com/security/cve/CVE-2015-8043.html https://www.suse.com/security/cve/CVE-2015-8044.html https://www.suse.com/security/cve/CVE-2015-8046.html https://bugzilla.suse.com/954512 From sle-updates at lists.suse.com Wed Nov 11 09:13:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Nov 2015 17:13:03 +0100 (CET) Subject: SUSE-SU-2015:1960-1: moderate: Security update for flash-player Message-ID: <20151111161303.91FEC320F0@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1960-1 Rating: moderate References: #954512 Cross-References: CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: The flash-player package was updated to fix the following security issues: - Security update to 11.2.202.548 (bsc#954512): * APSB15-28, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661, CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-flash-player-12200=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-flash-player-12200=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): flash-player-11.2.202.548-0.26.1 flash-player-gnome-11.2.202.548-0.26.1 flash-player-kde4-11.2.202.548-0.26.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): flash-player-11.2.202.548-0.26.1 flash-player-gnome-11.2.202.548-0.26.1 flash-player-kde4-11.2.202.548-0.26.1 References: https://www.suse.com/security/cve/CVE-2015-7651.html https://www.suse.com/security/cve/CVE-2015-7652.html https://www.suse.com/security/cve/CVE-2015-7653.html https://www.suse.com/security/cve/CVE-2015-7654.html https://www.suse.com/security/cve/CVE-2015-7655.html https://www.suse.com/security/cve/CVE-2015-7656.html https://www.suse.com/security/cve/CVE-2015-7657.html https://www.suse.com/security/cve/CVE-2015-7658.html https://www.suse.com/security/cve/CVE-2015-7659.html https://www.suse.com/security/cve/CVE-2015-7660.html https://www.suse.com/security/cve/CVE-2015-7661.html https://www.suse.com/security/cve/CVE-2015-7662.html https://www.suse.com/security/cve/CVE-2015-7663.html https://www.suse.com/security/cve/CVE-2015-8042.html https://www.suse.com/security/cve/CVE-2015-8043.html https://www.suse.com/security/cve/CVE-2015-8044.html https://www.suse.com/security/cve/CVE-2015-8046.html https://bugzilla.suse.com/954512 From sle-updates at lists.suse.com Wed Nov 11 13:10:30 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Nov 2015 21:10:30 +0100 (CET) Subject: SUSE-RU-2015:1962-1: moderate: Recommended update for Machinery Message-ID: <20151111201030.8F586320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for Machinery ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1962-1 Rating: moderate References: #953981 Affected Products: SUSE Linux Enterprise Module for Advanced Systems Management 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides Machinery 1.16.1, which brings the following fixes and enhancements: - Fix type recognition in case of empty files for config- and changed-managed-files inspectors. - The error message "There is already a server with the same port running" has been cleaned up and is no longer misleading. - Add OpenSUSE Leap as supported system. - HTML comparison is now available without the experimental feature flag. - Add error message to recommend using `--name` when a container with a slash is inspected. - Fixed crash during inspection of a folder which contains special characters in its name. - Speed up inspection of config and changed managed files. - Fix Docker inspection when specifying a Docker image with tag. - GConf XML files are no longer treated as binary files in HTML view. - Add current outgoing ip and export directory to AutoYaST README.md during export. - Handle invalid utf-8 characters in /etc/passwd. - Fix: "changed" link in compare view is visible while scope is collapsed but doesn't do anything. - No information is cut off in the HTML view. - Files containing special characters can now be downloaded. - Links to common elements work in HTML when all scopes are collapsed. - Show if description was result of a container inspection. - Disable nav bar buttons when scope has been excluded. - Show details of elements with changed attributes for all scopes in comparison view. - Show progress indicator while loading file content in HTML view. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2015-826=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): machinery-1.16.1-40.1 machinery-debuginfo-1.16.1-40.1 machinery-debugsource-1.16.1-40.1 References: https://bugzilla.suse.com/953981 From sle-updates at lists.suse.com Wed Nov 11 13:10:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Nov 2015 21:10:52 +0100 (CET) Subject: SUSE-RU-2015:1963-1: Recommended update for sqlite3 Message-ID: <20151111201052.A3693320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for sqlite3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1963-1 Rating: low References: #952710 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sqlite3 enables support for the sqlite3_unlock_notify() API. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-827=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-827=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-827=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): sqlite3-debuginfo-3.8.3.1-2.3.1 sqlite3-debugsource-3.8.3.1-2.3.1 sqlite3-devel-3.8.3.1-2.3.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libsqlite3-0-3.8.3.1-2.3.1 libsqlite3-0-debuginfo-3.8.3.1-2.3.1 sqlite3-3.8.3.1-2.3.1 sqlite3-debuginfo-3.8.3.1-2.3.1 sqlite3-debugsource-3.8.3.1-2.3.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libsqlite3-0-32bit-3.8.3.1-2.3.1 libsqlite3-0-debuginfo-32bit-3.8.3.1-2.3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libsqlite3-0-3.8.3.1-2.3.1 libsqlite3-0-32bit-3.8.3.1-2.3.1 libsqlite3-0-debuginfo-3.8.3.1-2.3.1 libsqlite3-0-debuginfo-32bit-3.8.3.1-2.3.1 sqlite3-3.8.3.1-2.3.1 sqlite3-debuginfo-3.8.3.1-2.3.1 sqlite3-debugsource-3.8.3.1-2.3.1 References: https://bugzilla.suse.com/952710 From sle-updates at lists.suse.com Thu Nov 12 06:17:05 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 14:17:05 +0100 (CET) Subject: SUSE-RU-2015:1970-1: Recommended update for SMT Message-ID: <20151112131705.C70A5320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for SMT ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1970-1 Rating: low References: #932736 #948551 #949361 #950924 #951968 Affected Products: Subscription Management Tool for SUSE Linux Enterprise 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for SMT fixes the following issues: - Set a global connect timeout to a value which work also for slower network connections. (bsc#950924, bsc#932736) - Create a symbolic link to repo/SUSE when exporting to directory. (bsc#949361) - Set obsoleted_service_name to same service name. (bsc#948551) - Fix the location of the SSL CA Truststore in clientSetup4SMT.sh. - Fix calculation of migration target. (bsc#951968) - Implement Service Pack migration API. (fate#319133, fate#319134) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool for SUSE Linux Enterprise 11-SP3: zypper in -t patch slesmtsp3-smt-12201=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-smt-12201=1 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool for SUSE Linux Enterprise 11-SP3 (i586 s390x x86_64): res-signingkeys-2.0.16-16.1 smt-2.0.16-16.1 smt-support-2.0.16-16.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): smt-debuginfo-2.0.16-16.1 smt-debugsource-2.0.16-16.1 References: https://bugzilla.suse.com/932736 https://bugzilla.suse.com/948551 https://bugzilla.suse.com/949361 https://bugzilla.suse.com/950924 https://bugzilla.suse.com/951968 From sle-updates at lists.suse.com Thu Nov 12 06:20:31 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 14:20:31 +0100 (CET) Subject: SUSE-RU-2015:1974-1: Recommended update for avahi Message-ID: <20151112132031.B849B320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for avahi ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1974-1 Rating: low References: #947140 #948277 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Avahi provides the following fixes: - Do not log errors for every invalid packet received. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-828=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-828=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-828=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-828=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): avahi-glib2-debugsource-0.6.31-22.4 libavahi-gobject0-0.6.31-22.4 libavahi-gobject0-debuginfo-0.6.31-22.4 libavahi-ui-gtk3-0-0.6.31-22.4 libavahi-ui-gtk3-0-debuginfo-0.6.31-22.4 libavahi-ui0-0.6.31-22.4 libavahi-ui0-debuginfo-0.6.31-22.4 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): avahi-compat-howl-devel-0.6.31-22.4 avahi-compat-mDNSResponder-devel-0.6.31-22.4 avahi-debuginfo-0.6.31-22.4 avahi-debugsource-0.6.31-22.4 avahi-glib2-debugsource-0.6.31-22.4 libavahi-devel-0.6.31-22.4 libavahi-glib-devel-0.6.31-22.4 libavahi-gobject-devel-0.6.31-22.4 libavahi-gobject0-0.6.31-22.4 libavahi-gobject0-debuginfo-0.6.31-22.4 libavahi-ui-gtk3-0-0.6.31-22.4 libavahi-ui-gtk3-0-debuginfo-0.6.31-22.4 libavahi-ui0-0.6.31-22.4 libavahi-ui0-debuginfo-0.6.31-22.4 libhowl0-0.6.31-22.4 libhowl0-debuginfo-0.6.31-22.4 typelib-1_0-Avahi-0_6-0.6.31-22.4 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): avahi-0.6.31-22.4 avahi-debuginfo-0.6.31-22.4 avahi-debugsource-0.6.31-22.4 avahi-glib2-debugsource-0.6.31-22.4 avahi-utils-0.6.31-22.4 avahi-utils-debuginfo-0.6.31-22.4 libavahi-client3-0.6.31-22.4 libavahi-client3-debuginfo-0.6.31-22.4 libavahi-common3-0.6.31-22.4 libavahi-common3-debuginfo-0.6.31-22.4 libavahi-core7-0.6.31-22.4 libavahi-core7-debuginfo-0.6.31-22.4 libavahi-glib1-0.6.31-22.4 libavahi-glib1-debuginfo-0.6.31-22.4 libdns_sd-0.6.31-22.4 libdns_sd-debuginfo-0.6.31-22.4 - SUSE Linux Enterprise Server 12 (s390x x86_64): avahi-debuginfo-32bit-0.6.31-22.4 libavahi-client3-32bit-0.6.31-22.4 libavahi-client3-debuginfo-32bit-0.6.31-22.4 libavahi-common3-32bit-0.6.31-22.4 libavahi-common3-debuginfo-32bit-0.6.31-22.4 libavahi-glib1-32bit-0.6.31-22.4 libavahi-glib1-debuginfo-32bit-0.6.31-22.4 libdns_sd-32bit-0.6.31-22.4 libdns_sd-debuginfo-32bit-0.6.31-22.4 - SUSE Linux Enterprise Server 12 (noarch): avahi-lang-0.6.31-22.4 - SUSE Linux Enterprise Desktop 12 (x86_64): avahi-0.6.31-22.4 avahi-debuginfo-0.6.31-22.4 avahi-debuginfo-32bit-0.6.31-22.4 avahi-debugsource-0.6.31-22.4 avahi-glib2-debugsource-0.6.31-22.4 libavahi-client3-0.6.31-22.4 libavahi-client3-32bit-0.6.31-22.4 libavahi-client3-debuginfo-0.6.31-22.4 libavahi-client3-debuginfo-32bit-0.6.31-22.4 libavahi-common3-0.6.31-22.4 libavahi-common3-32bit-0.6.31-22.4 libavahi-common3-debuginfo-0.6.31-22.4 libavahi-common3-debuginfo-32bit-0.6.31-22.4 libavahi-core7-0.6.31-22.4 libavahi-core7-debuginfo-0.6.31-22.4 libavahi-glib1-0.6.31-22.4 libavahi-glib1-32bit-0.6.31-22.4 libavahi-glib1-debuginfo-0.6.31-22.4 libavahi-glib1-debuginfo-32bit-0.6.31-22.4 libavahi-gobject0-0.6.31-22.4 libavahi-gobject0-debuginfo-0.6.31-22.4 libavahi-ui-gtk3-0-0.6.31-22.4 libavahi-ui-gtk3-0-debuginfo-0.6.31-22.4 libavahi-ui0-0.6.31-22.4 libavahi-ui0-debuginfo-0.6.31-22.4 libdns_sd-0.6.31-22.4 libdns_sd-32bit-0.6.31-22.4 libdns_sd-debuginfo-0.6.31-22.4 libdns_sd-debuginfo-32bit-0.6.31-22.4 - SUSE Linux Enterprise Desktop 12 (noarch): avahi-lang-0.6.31-22.4 References: https://bugzilla.suse.com/947140 https://bugzilla.suse.com/948277 From sle-updates at lists.suse.com Thu Nov 12 07:10:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 15:10:18 +0100 (CET) Subject: SUSE-RU-2015:1975-1: Recommended update for cmake Message-ID: <20151112141018.DBE3C320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for cmake ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1975-1 Rating: low References: #953842 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for cmake adds python-base as a dependency. cmake.prov is written in Python and even if RPM's AutoReqProv added a requirement for /usr/bin/python, it is not enough in some circumstances. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-830=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-830=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cmake-2.8.12.1-11.1 cmake-debuginfo-2.8.12.1-11.1 cmake-debugsource-2.8.12.1-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cmake-2.8.12.1-11.1 cmake-debuginfo-2.8.12.1-11.1 cmake-debugsource-2.8.12.1-11.1 References: https://bugzilla.suse.com/953842 From sle-updates at lists.suse.com Thu Nov 12 09:10:33 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 17:10:33 +0100 (CET) Subject: SUSE-RU-2015:1976-1: moderate: Recommended update for yast2-auth-client Message-ID: <20151112161033.DBD58320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-auth-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1976-1 Rating: moderate References: #893983 #899104 #931515 #948206 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for yast2-auth-client provides the following fixes: - Fix Relax-NG parser errors when checking validity of AutoYaST profiles. (bsc#948206) - Do not remove case_sensitive attribute from sssd.conf. (bsc#931515) - Remove an unnecessary hard dependency on sssd. (bsc#893983) - Remove X-KDE-Library from desktop file. (bsc#899104) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-835=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-835=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-auth-client-3.1.23.1-3.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-auth-client-3.1.23.1-3.1 References: https://bugzilla.suse.com/893983 https://bugzilla.suse.com/899104 https://bugzilla.suse.com/931515 https://bugzilla.suse.com/948206 From sle-updates at lists.suse.com Thu Nov 12 09:11:28 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 17:11:28 +0100 (CET) Subject: SUSE-RU-2015:1977-1: moderate: Recommended update for python-Twisted Message-ID: <20151112161128.44C20320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-Twisted ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1977-1 Rating: moderate References: #940813 Affected Products: SUSE Linux Enterprise Module for Web Scripting 12 SUSE Enterprise Storage 2 SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: python-Twisted has been updated to version 15.2.1, which brings several fixes and enhancements such as: - twisted.positioning, a new API for positioning systems such as GPS, has been added. It comes with an implementation of NMEA, the most common wire protocol for GPS devices. It will supersede twisted.protocols.gps. - IReactorUDP.listenUDP, IUDPTransport.write and IUDPTransport.connect now accept ipv6 address literals. - A new API, twisted.internet.ssl.optionsForClientTLS, allows clients to specify and verify the identity of the peer they're communicating with. When used with the service_identity library from PyPI, this provides support for service identity verification from RFC 6125, as well as server name indication from RFC 6066. - Twisted's TLS support now provides a way to ask for user-configured trust roots rather than having to manually configure such certificate authority certificates. - twisted.internet.ssl.CertificateOptions now supports ECDHE for servers by default on pyOpenSSL 0.14 and later, if the underlying versions of cryptography.io and OpenSSL support it. - twisted.internet.ssl.CertificateOptions now allows the user to set acceptable ciphers and uses secure ones by default. - The new package twisted.logger provides a new, fully tested, and feature-rich logging framework. The old module twisted.python.log is now implemented using the new framework. - twisted.conch.ssh.forwarding now supports local->remote forwarding of IPv6. - twisted.mail.smtp.sendmail now uses ESMTP. It will opportunistically enable encryption and allow the use of authentication. - twisted.internet.ssl.CertificateOptions now enables TLSv1.1 and TLSv1.2 by default (in addition to TLSv1.0) if the underlying version of OpenSSL supports these protocol versions. - twisted.internet.ssl.CertificateOptions now supports Diffie-Hellman key exchange. - twisted.internet.ssl.CertificateOptions now disables TLS compression to avoid CRIME attacks and, for servers, uses server preference to choose the cipher. - MSN protocol support has been marked as deprecated. - Removed deprecated UDPClient. - Better support and integration with Python 3. For a comprehensive list of changes, please refer to the file NEWS shipped within the package. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2015-834=1 - SUSE Enterprise Storage 2: zypper in -t patch SUSE-Storage-2-2015-834=1 - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2015-834=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Web Scripting 12 (ppc64le s390x x86_64): python-Twisted-15.2.1-4.3 python-Twisted-debuginfo-15.2.1-4.3 python-Twisted-debugsource-15.2.1-4.3 python-pycrypto-2.6.1-2.2 python-pycrypto-debuginfo-2.6.1-2.2 python-zope.interface-4.0.5-5.2 python-zope.interface-debuginfo-4.0.5-5.2 python-zope.interface-debugsource-4.0.5-5.2 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): python-pyserial-2.7-2.2 - SUSE Enterprise Storage 2 (x86_64): python-Twisted-15.2.1-4.3 python-Twisted-debuginfo-15.2.1-4.3 python-Twisted-debugsource-15.2.1-4.3 python-pycrypto-2.6.1-2.2 python-pycrypto-debuginfo-2.6.1-2.2 python-zope.interface-4.0.5-5.2 python-zope.interface-debuginfo-4.0.5-5.2 python-zope.interface-debugsource-4.0.5-5.2 - SUSE Enterprise Storage 2 (noarch): python-pyserial-2.7-2.2 - SUSE Enterprise Storage 1.0 (x86_64): python-Twisted-15.2.1-4.3 python-Twisted-debuginfo-15.2.1-4.3 python-Twisted-debugsource-15.2.1-4.3 python-pycrypto-2.6.1-2.2 python-pycrypto-debuginfo-2.6.1-2.2 python-zope.interface-4.0.5-5.2 python-zope.interface-debuginfo-4.0.5-5.2 python-zope.interface-debugsource-4.0.5-5.2 - SUSE Enterprise Storage 1.0 (noarch): python-pyserial-2.7-2.2 References: https://bugzilla.suse.com/940813 From sle-updates at lists.suse.com Thu Nov 12 09:11:48 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 17:11:48 +0100 (CET) Subject: SUSE-SU-2015:1978-1: important: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss Message-ID: <20151112161148.B5440320F0@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1978-1 Rating: important References: #908275 #952810 Cross-References: CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This Mozilla Firefox, NSS and NSPR update fixes the following security and non security issues. - mozilla-nspr was updated to version 4.10.10 (bsc#952810) * MFSA 2015-133/CVE-2015-7183 (bmo#1205157) NSPR memory corruption issues - mozilla-nss was updated to 3.19.2.1 (bsc#952810) * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182 (bmo#1192028, bmo#1202868) NSS and NSPR memory corruption issues - MozillaFirefox was updated to 38.4.0 ESR (bsc#952810) * MFSA 2015-116/CVE-2015-4513 (bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580, bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564, bmo#1208665, bmo#1209471, bmo#1213979) Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1204061, bmo#1188010, bmo#1204155) Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868, bmo#1192028, bmo#1205157) NSS and NSPR memory corruption issues - fix printing on landscape media (bsc#908275) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-firefox-20151104-12203=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-firefox-20151104-12203=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): MozillaFirefox-38.4.0esr-25.3 MozillaFirefox-branding-SLED-38-12.19 MozillaFirefox-translations-38.4.0esr-25.3 libfreebl3-3.19.2.1-12.1 mozilla-nspr-4.10.10-16.1 mozilla-nspr-devel-4.10.10-16.1 mozilla-nss-3.19.2.1-12.1 mozilla-nss-devel-3.19.2.1-12.1 mozilla-nss-tools-3.19.2.1-12.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64): libfreebl3-32bit-3.19.2.1-12.1 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-12.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): MozillaFirefox-debuginfo-38.4.0esr-25.3 MozillaFirefox-debugsource-38.4.0esr-25.3 mozilla-nspr-debuginfo-4.10.10-16.1 mozilla-nspr-debugsource-4.10.10-16.1 mozilla-nss-debuginfo-3.19.2.1-12.1 mozilla-nss-debugsource-3.19.2.1-12.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (s390x x86_64): mozilla-nspr-debuginfo-32bit-4.10.10-16.1 mozilla-nss-debuginfo-32bit-3.19.2.1-12.1 References: https://www.suse.com/security/cve/CVE-2015-4513.html https://www.suse.com/security/cve/CVE-2015-7181.html https://www.suse.com/security/cve/CVE-2015-7182.html https://www.suse.com/security/cve/CVE-2015-7183.html https://www.suse.com/security/cve/CVE-2015-7188.html https://www.suse.com/security/cve/CVE-2015-7189.html https://www.suse.com/security/cve/CVE-2015-7193.html https://www.suse.com/security/cve/CVE-2015-7194.html https://www.suse.com/security/cve/CVE-2015-7196.html https://www.suse.com/security/cve/CVE-2015-7197.html https://www.suse.com/security/cve/CVE-2015-7198.html https://www.suse.com/security/cve/CVE-2015-7199.html https://www.suse.com/security/cve/CVE-2015-7200.html https://bugzilla.suse.com/908275 https://bugzilla.suse.com/952810 From sle-updates at lists.suse.com Thu Nov 12 09:12:34 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 17:12:34 +0100 (CET) Subject: SUSE-SU-2015:1979-1: moderate: Security update for libsndfile Message-ID: <20151112161234.F3681320B7@maintenance.suse.de> SUSE Security Update: Security update for libsndfile ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1979-1 Rating: moderate References: #953516 #953521 Cross-References: CVE-2014-9756 CVE-2015-7805 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The libsndfile package was updated to fix the following security issue: - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libsndfile-12204=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libsndfile-12204=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libsndfile-12204=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libsndfile-12204=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libsndfile-12204=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libsndfile-12204=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libsndfile-12204=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libsndfile-12204=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libsndfile-12204=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-devel-1.0.20-2.10.2 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsndfile-devel-1.0.20-2.10.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libsndfile-1.0.20-2.10.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libsndfile-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsndfile-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsndfile-x86-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsndfile-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libsndfile-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Server 11-SP3 (ia64): libsndfile-x86-1.0.20-2.10.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libsndfile-1.0.20-2.10.2 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libsndfile-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libsndfile-1.0.20-2.10.2 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libsndfile-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsndfile-debuginfo-1.0.20-2.10.2 libsndfile-debugsource-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): libsndfile-debuginfo-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): libsndfile-debuginfo-x86-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsndfile-debuginfo-1.0.20-2.10.2 libsndfile-debugsource-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): libsndfile-debuginfo-32bit-1.0.20-2.10.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): libsndfile-debuginfo-x86-1.0.20-2.10.2 References: https://www.suse.com/security/cve/CVE-2014-9756.html https://www.suse.com/security/cve/CVE-2015-7805.html https://bugzilla.suse.com/953516 https://bugzilla.suse.com/953521 From sle-updates at lists.suse.com Thu Nov 12 10:09:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 18:09:49 +0100 (CET) Subject: SUSE-RU-2015:1980-1: moderate: Recommended update for compat-openssl098 Message-ID: <20151112170949.11EE7320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for compat-openssl098 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1980-1 Rating: moderate References: #947833 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: OpenSSL was updated to fix a bug in TLS session renegotiation. This renegotiation is for instance used with Apache2 client certificate handling, which would fail if ECDHE key exchange is used, which is happening more often after the last openssl update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2015-836=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-836=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): compat-openssl098-debugsource-0.9.8j-84.3 libopenssl0_9_8-0.9.8j-84.3 libopenssl0_9_8-32bit-0.9.8j-84.3 libopenssl0_9_8-debuginfo-0.9.8j-84.3 libopenssl0_9_8-debuginfo-32bit-0.9.8j-84.3 - SUSE Linux Enterprise Desktop 12 (x86_64): compat-openssl098-debugsource-0.9.8j-84.3 libopenssl0_9_8-0.9.8j-84.3 libopenssl0_9_8-32bit-0.9.8j-84.3 libopenssl0_9_8-debuginfo-0.9.8j-84.3 libopenssl0_9_8-debuginfo-32bit-0.9.8j-84.3 References: https://bugzilla.suse.com/947833 From sle-updates at lists.suse.com Thu Nov 12 12:10:38 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 20:10:38 +0100 (CET) Subject: SUSE-SU-2015:1981-1: important: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss Message-ID: <20151112191038.3D340320B7@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1981-1 Rating: important References: #908275 #952810 Cross-References: CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This Mozilla Firefox, NSS and NSPR update fixes the following security and non security issues. - mozilla-nspr was updated to version 4.10.10 (bsc#952810) * MFSA 2015-133/CVE-2015-7183 (bmo#1205157) NSPR memory corruption issues - mozilla-nss was updated to 3.19.2.1 (bsc#952810) * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182 (bmo#1192028, bmo#1202868) NSS and NSPR memory corruption issues - MozillaFirefox was updated to 38.4.0 ESR (bsc#952810) * MFSA 2015-116/CVE-2015-4513 (bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580, bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564, bmo#1208665, bmo#1209471, bmo#1213979) Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1204061, bmo#1188010, bmo#1204155) Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868, bmo#1192028, bmo#1205157) NSS and NSPR memory corruption issues - fix printing on landscape media (bsc#908275) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-firefox-20151105-12205=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-firefox-20151105-12205=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-firefox-20151105-12205=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-firefox-20151105-12205=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-firefox-20151105-12205=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-firefox-20151105-12205=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-firefox-20151105-12205=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-firefox-20151105-12205=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-firefox-20151105-12205=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-38.4.0esr-25.6 mozilla-nspr-devel-4.10.10-16.1 mozilla-nss-devel-3.19.2.1-19.3 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-38.4.0esr-25.6 mozilla-nspr-devel-4.10.10-16.1 mozilla-nss-devel-3.19.2.1-19.3 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): MozillaFirefox-38.4.0esr-25.6 MozillaFirefox-branding-SLES-for-VMware-38-10.27 MozillaFirefox-translations-38.4.0esr-25.6 libfreebl3-3.19.2.1-19.3 libsoftokn3-3.19.2.1-19.3 mozilla-nspr-4.10.10-16.1 mozilla-nss-3.19.2.1-19.3 mozilla-nss-tools-3.19.2.1-19.3 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libfreebl3-32bit-3.19.2.1-19.3 libsoftokn3-32bit-3.19.2.1-19.3 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-38.4.0esr-25.6 MozillaFirefox-branding-SLED-38-15.31 MozillaFirefox-translations-38.4.0esr-25.6 libfreebl3-3.19.2.1-19.3 libsoftokn3-3.19.2.1-19.3 mozilla-nspr-4.10.10-16.1 mozilla-nss-3.19.2.1-19.3 mozilla-nss-tools-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libfreebl3-32bit-3.19.2.1-19.3 libsoftokn3-32bit-3.19.2.1-19.3 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP4 (ia64): libfreebl3-x86-3.19.2.1-19.3 libsoftokn3-x86-3.19.2.1-19.3 mozilla-nspr-x86-4.10.10-16.1 mozilla-nss-x86-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-38.4.0esr-25.6 MozillaFirefox-branding-SLED-38-15.31 MozillaFirefox-translations-38.4.0esr-25.6 libfreebl3-3.19.2.1-19.3 libsoftokn3-3.19.2.1-19.3 mozilla-nspr-4.10.10-16.1 mozilla-nss-3.19.2.1-19.3 mozilla-nss-tools-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libfreebl3-32bit-3.19.2.1-19.3 libsoftokn3-32bit-3.19.2.1-19.3 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-19.3 - SUSE Linux Enterprise Server 11-SP3 (ia64): libfreebl3-x86-3.19.2.1-19.3 libsoftokn3-x86-3.19.2.1-19.3 mozilla-nspr-x86-4.10.10-16.1 mozilla-nss-x86-3.19.2.1-19.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): MozillaFirefox-38.4.0esr-25.6 MozillaFirefox-branding-SLED-38-15.31 MozillaFirefox-translations-38.4.0esr-25.6 libfreebl3-3.19.2.1-19.3 libsoftokn3-3.19.2.1-19.3 mozilla-nspr-4.10.10-16.1 mozilla-nss-3.19.2.1-19.3 mozilla-nss-tools-3.19.2.1-19.3 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libfreebl3-32bit-3.19.2.1-19.3 libsoftokn3-32bit-3.19.2.1-19.3 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-19.3 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): MozillaFirefox-38.4.0esr-25.6 MozillaFirefox-branding-SLED-38-15.31 MozillaFirefox-translations-38.4.0esr-25.6 libfreebl3-3.19.2.1-19.3 libsoftokn3-3.19.2.1-19.3 mozilla-nspr-4.10.10-16.1 mozilla-nss-3.19.2.1-19.3 mozilla-nss-tools-3.19.2.1-19.3 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libfreebl3-32bit-3.19.2.1-19.3 libsoftokn3-32bit-3.19.2.1-19.3 mozilla-nspr-32bit-4.10.10-16.1 mozilla-nss-32bit-3.19.2.1-19.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-debuginfo-38.4.0esr-25.6 MozillaFirefox-debugsource-38.4.0esr-25.6 mozilla-nspr-debuginfo-4.10.10-16.1 mozilla-nspr-debugsource-4.10.10-16.1 mozilla-nss-debuginfo-3.19.2.1-19.3 mozilla-nss-debugsource-3.19.2.1-19.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): mozilla-nspr-debuginfo-32bit-4.10.10-16.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): mozilla-nspr-debuginfo-x86-4.10.10-16.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-debuginfo-38.4.0esr-25.6 MozillaFirefox-debugsource-38.4.0esr-25.6 mozilla-nspr-debuginfo-4.10.10-16.1 mozilla-nspr-debugsource-4.10.10-16.1 mozilla-nss-debuginfo-3.19.2.1-19.3 mozilla-nss-debugsource-3.19.2.1-19.3 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): mozilla-nspr-debuginfo-32bit-4.10.10-16.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): mozilla-nspr-debuginfo-x86-4.10.10-16.1 References: https://www.suse.com/security/cve/CVE-2015-4513.html https://www.suse.com/security/cve/CVE-2015-7181.html https://www.suse.com/security/cve/CVE-2015-7182.html https://www.suse.com/security/cve/CVE-2015-7183.html https://www.suse.com/security/cve/CVE-2015-7188.html https://www.suse.com/security/cve/CVE-2015-7189.html https://www.suse.com/security/cve/CVE-2015-7193.html https://www.suse.com/security/cve/CVE-2015-7194.html https://www.suse.com/security/cve/CVE-2015-7196.html https://www.suse.com/security/cve/CVE-2015-7197.html https://www.suse.com/security/cve/CVE-2015-7198.html https://www.suse.com/security/cve/CVE-2015-7199.html https://www.suse.com/security/cve/CVE-2015-7200.html https://bugzilla.suse.com/908275 https://bugzilla.suse.com/952810 From sle-updates at lists.suse.com Thu Nov 12 13:10:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Nov 2015 21:10:29 +0100 (CET) Subject: SUSE-RU-2015:1982-1: Recommended update for tgt Message-ID: <20151112201029.C4213320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for tgt ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1982-1 Rating: low References: #950946 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for tgt improves integration with SystemD. The tgt daemon will now inform SystemD after it finishes its initialization procedure. This ensures that other services which depend on iSCSI targets will be started only after tgtd is ready. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-838=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): tgt-1.0.44-12.1 tgt-debuginfo-1.0.44-12.1 tgt-debugsource-1.0.44-12.1 References: https://bugzilla.suse.com/950946 From sle-updates at lists.suse.com Fri Nov 13 05:10:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 13:10:47 +0100 (CET) Subject: SUSE-SU-2015:1983-1: moderate: Security update for squid Message-ID: <20151113121047.7BB8E320F0@maintenance.suse.de> SUSE Security Update: Security update for squid ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1983-1 Rating: moderate References: #895773 #949942 Cross-References: CVE-2014-6270 CVE-2014-9749 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: squid was updated to fix two security issues. These security issues were fixed: - CVE-2014-6270: Fixed an off by one in snmp subsystem (bsc#895773). - CVE-2014-9749: Fixed a nonce replay vulnerability in Digest authentication (bsc#949942). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-squid-12206=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-squid-12206=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-squid-12206=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-squid-12206=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-squid-12206=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): squid-2.7.STABLE5-2.12.24.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): squid-2.7.STABLE5-2.12.24.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): squid-2.7.STABLE5-2.12.24.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): squid-debuginfo-2.7.STABLE5-2.12.24.2 squid-debugsource-2.7.STABLE5-2.12.24.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): squid-debuginfo-2.7.STABLE5-2.12.24.2 squid-debugsource-2.7.STABLE5-2.12.24.2 References: https://www.suse.com/security/cve/CVE-2014-6270.html https://www.suse.com/security/cve/CVE-2014-9749.html https://bugzilla.suse.com/895773 https://bugzilla.suse.com/949942 From sle-updates at lists.suse.com Fri Nov 13 07:10:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 15:10:47 +0100 (CET) Subject: SUSE-RU-2015:1985-1: moderate: Recommended update for autoyast2 Message-ID: <20151113141047.F2E76320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for autoyast2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1985-1 Rating: moderate References: #872711 #897321 #901739 #901904 #908271 #909349 #909745 #923992 #926241 #928987 #937900 #948608 #953162 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 13 recommended fixes can now be installed. Description: This update for AutoYaST2 provides the following fixes: - Do not restart dbus service after installation. Otherwise some other services might hang. (bsc#937900) - Added new section "restricts" for ntp configuration. (bsc#928987) - Avoid ayast_probe module crashing when called from an installed system. (bsc#926241) - Introduce new autoinst flag in general/mode section: final_restart_services. This option makes AutoYaST restart all services after finishing the installation. The default is "true" which is a backward compatible value. (bsc#923992) - Checking if the disk is -partitionable- instead of checking if it is a real disk. Needed for Multipath disks. (bsc#909349) - Mount the installation source in order to copy AutoYaST configuration file into inst_sys. (bsc#908271) - Removed code which will be already done by service_manager. (bsc#909745) - AutoYaST configuration module: Reset menu bar after calling single YAST configuration module. (bsc#872711) - Fixed too small dialog for autoyast profile location. (bsc#897321) - Fixed UI in partition configuration. (bsc#901904, bsc#901739) - Handle pkgGpgCheck callback introduced in libzypp 14.39.0. (bsc#948608, bsc#953162) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-841=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-841=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): autoyast2-3.1.69.9-7.1 autoyast2-installation-3.1.69.9-7.1 - SUSE Linux Enterprise Desktop 12 (noarch): autoyast2-3.1.69.9-7.1 autoyast2-installation-3.1.69.9-7.1 References: https://bugzilla.suse.com/872711 https://bugzilla.suse.com/897321 https://bugzilla.suse.com/901739 https://bugzilla.suse.com/901904 https://bugzilla.suse.com/908271 https://bugzilla.suse.com/909349 https://bugzilla.suse.com/909745 https://bugzilla.suse.com/923992 https://bugzilla.suse.com/926241 https://bugzilla.suse.com/928987 https://bugzilla.suse.com/937900 https://bugzilla.suse.com/948608 https://bugzilla.suse.com/953162 From sle-updates at lists.suse.com Fri Nov 13 07:13:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 15:13:41 +0100 (CET) Subject: SUSE-RU-2015:1986-1: moderate: Recommended update for ruby-common Message-ID: <20151113141341.AF1E2320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for ruby-common ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1986-1 Rating: moderate References: #934328 #953771 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ruby-common provides several fixes and enhancements: - Help the solver to pick the right gem2rpm for the default Ruby version. (bsc#934328) - Fix premature return from from gem install. - Fail early if gem install fails, avoiding confusing error messages at the end of the build. - Implement cleaner solution for the extensions doc dir. - Do not overwrite options.otheropts. - Fixed forwarding of options to gem install. - Call ruby with -x from shell wrappers otherwise it might run into an endless loop. - Add shell-launcher to avoid dependency on a fixed Ruby version. - Ignore any files found in */.gem/*. In some versions of rubygems, gems that are installed are also copied to ~/.gem/. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-842=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-842=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-842=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (noarch): ruby-common-2.1-14.1 - SUSE Linux Enterprise Server 12 (noarch): ruby-common-2.1-14.1 - SUSE Linux Enterprise Desktop 12 (noarch): ruby-common-2.1-14.1 References: https://bugzilla.suse.com/934328 https://bugzilla.suse.com/953771 From sle-updates at lists.suse.com Fri Nov 13 09:10:40 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 17:10:40 +0100 (CET) Subject: SUSE-RU-2015:1987-1: important: Recommended update for krb5 Message-ID: <20151113161040.9377E320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1987-1 Rating: important References: #954270 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a potential segmentation fault introduced with a previous security fix. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-krb5-12207=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-krb5-12207=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-krb5-12207=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-krb5-12207=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-krb5-12207=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-krb5-12207=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-krb5-12207=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-krb5-12207=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-krb5-12207=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.100.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): krb5-server-1.6.3-133.49.100.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.100.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): krb5-server-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): krb5-1.6.3-133.49.100.1 krb5-apps-clients-1.6.3-133.49.100.1 krb5-apps-servers-1.6.3-133.49.100.1 krb5-client-1.6.3-133.49.100.1 krb5-server-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): krb5-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.100.1 krb5-apps-clients-1.6.3-133.49.100.1 krb5-apps-servers-1.6.3-133.49.100.1 krb5-client-1.6.3-133.49.100.1 krb5-server-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): krb5-x86-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.100.1 krb5-apps-clients-1.6.3-133.49.100.1 krb5-apps-servers-1.6.3-133.49.100.1 krb5-client-1.6.3-133.49.100.1 krb5-server-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): krb5-x86-1.6.3-133.49.100.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): krb5-1.6.3-133.49.100.1 krb5-client-1.6.3-133.49.100.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): krb5-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): krb5-1.6.3-133.49.100.1 krb5-client-1.6.3-133.49.100.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): krb5-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): krb5-debuginfo-1.6.3-133.49.100.1 krb5-debugsource-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): krb5-debuginfo-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): krb5-debuginfo-x86-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-debuginfo-1.6.3-133.49.100.1 krb5-debugsource-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): krb5-debuginfo-32bit-1.6.3-133.49.100.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): krb5-debuginfo-x86-1.6.3-133.49.100.1 References: https://bugzilla.suse.com/954270 From sle-updates at lists.suse.com Fri Nov 13 13:10:31 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 21:10:31 +0100 (CET) Subject: SUSE-RU-2015:1988-1: Recommended update for release-notes-sles Message-ID: <20151113201032.00AB3320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1988-1 Rating: low References: #950159 #951480 #952981 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12 have been updated to document: - New: Deprecate DMSVSMA for snIPL. (fate#316144) - New: Availability of Docker images based on SLES 11-SP4. (fate#319375) - New: Usage of NOOP I/O scheduler for multipathing environments. (fate#319091) - New: Inclusion of the virt-top tool. (fate#319422) - New: ixgbe behavior regarding the configuration of VF MAC addresses. (fate#319714) - Changed: Decision about CUPS version upgrade for SLE12. (fate#314630) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-844=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): release-notes-sles-12.0.20151105-49.1 References: https://bugzilla.suse.com/950159 https://bugzilla.suse.com/951480 https://bugzilla.suse.com/952981 From sle-updates at lists.suse.com Fri Nov 13 14:10:34 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Nov 2015 22:10:34 +0100 (CET) Subject: SUSE-RU-2015:1989-1: Recommended update for resource-agents Message-ID: <20151113211034.0E3BD320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for resource-agents ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1989-1 Rating: low References: #935253 #940931 Affected Products: SUSE Linux Enterprise High Availability Extension 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for resource-agents provides the following fixes: - CTDB: Preserve permissions on smb.conf. (bsc#935253) - IPaddr2, findif.sh: Allow and describe + and - broadcast arguments. (bsc#940931) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11-SP3: zypper in -t patch slehasp3-resource-agents-12208=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-resource-agents-12208=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11-SP3 (i586 ia64 ppc64 s390x x86_64): ldirectord-3.9.5-0.40.4 nagios-plugins-metadata-3.9.5-0.40.4 resource-agents-3.9.5-0.40.4 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): resource-agents-debuginfo-3.9.5-0.40.4 resource-agents-debugsource-3.9.5-0.40.4 References: https://bugzilla.suse.com/935253 https://bugzilla.suse.com/940931 From sle-updates at lists.suse.com Mon Nov 16 04:11:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 16 Nov 2015 12:11:09 +0100 (CET) Subject: SUSE-SU-2015:2000-1: moderate: Security update for libsndfile Message-ID: <20151116111109.DED25320F0@maintenance.suse.de> SUSE Security Update: Security update for libsndfile ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2000-1 Rating: moderate References: #953516 #953519 #953521 Cross-References: CVE-2014-9756 CVE-2015-7805 CVE-2015-8075 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The libsndfile package was updated to fix the following security issue: - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). - CVE-2015-8075: Fixed heap overflow issue (bsc#953519). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-846=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-846=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-846=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libsndfile-debugsource-1.0.25-24.1 libsndfile-devel-1.0.25-24.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libsndfile-debugsource-1.0.25-24.1 libsndfile1-1.0.25-24.1 libsndfile1-debuginfo-1.0.25-24.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libsndfile1-32bit-1.0.25-24.1 libsndfile1-debuginfo-32bit-1.0.25-24.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libsndfile-debugsource-1.0.25-24.1 libsndfile1-1.0.25-24.1 libsndfile1-32bit-1.0.25-24.1 libsndfile1-debuginfo-1.0.25-24.1 libsndfile1-debuginfo-32bit-1.0.25-24.1 References: https://www.suse.com/security/cve/CVE-2014-9756.html https://www.suse.com/security/cve/CVE-2015-7805.html https://www.suse.com/security/cve/CVE-2015-8075.html https://bugzilla.suse.com/953516 https://bugzilla.suse.com/953519 https://bugzilla.suse.com/953521 From sle-updates at lists.suse.com Mon Nov 16 10:10:33 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 16 Nov 2015 18:10:33 +0100 (CET) Subject: SUSE-RU-2015:2002-1: moderate: Recommended update for ConsoleKit Message-ID: <20151116171033.8DE9032087@maintenance.suse.de> SUSE Recommended Update: Recommended update for ConsoleKit ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2002-1 Rating: moderate References: #942421 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ConsoleKit provides the following fixes: - Properly unset reference to the dbus proxy when finalizing the session, avoiding a leak that could result in a loop using 100% CPU. (bsc#942421) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ConsoleKit-12209=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-ConsoleKit-12209=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-ConsoleKit-12209=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ConsoleKit-12209=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-ConsoleKit-12209=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-ConsoleKit-12209=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-ConsoleKit-12209=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ConsoleKit-12209=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-ConsoleKit-12209=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-devel-0.2.10-64.69.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-devel-0.2.10-64.69.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): ConsoleKit-0.2.10-64.69.1 ConsoleKit-doc-0.2.10-64.69.3 ConsoleKit-x11-0.2.10-64.69.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): ConsoleKit-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-0.2.10-64.69.1 ConsoleKit-doc-0.2.10-64.69.3 ConsoleKit-x11-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): ConsoleKit-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): ConsoleKit-x86-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-0.2.10-64.69.1 ConsoleKit-doc-0.2.10-64.69.3 ConsoleKit-x11-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): ConsoleKit-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): ConsoleKit-x86-0.2.10-64.69.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): ConsoleKit-0.2.10-64.69.1 ConsoleKit-x11-0.2.10-64.69.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): ConsoleKit-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): ConsoleKit-0.2.10-64.69.1 ConsoleKit-x11-0.2.10-64.69.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): ConsoleKit-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-debuginfo-0.2.10-64.69.1 ConsoleKit-debugsource-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): ConsoleKit-debuginfo-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): ConsoleKit-debuginfo-x86-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): ConsoleKit-debuginfo-0.2.10-64.69.1 ConsoleKit-debugsource-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): ConsoleKit-debuginfo-32bit-0.2.10-64.69.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): ConsoleKit-debuginfo-x86-0.2.10-64.69.1 References: https://bugzilla.suse.com/942421 From sle-updates at lists.suse.com Tue Nov 17 03:16:17 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 17 Nov 2015 11:16:17 +0100 (CET) Subject: SUSE-RU-2015:1642-2: Recommended update for pidgin-sipe Message-ID: <20151117101617.D66BD320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for pidgin-sipe ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1642-2 Rating: low References: #934588 Affected Products: SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: pidgin-sipe has been updated to version 1.19.1, which brings support to newer releases of the Linc server. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-pidgin-sipe-12108=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Debuginfo 11-SP3 (i586): pidgin-sipe-debuginfo-1.19.1-19.3 pidgin-sipe-debugsource-1.19.1-19.3 References: https://bugzilla.suse.com/934588 From sle-updates at lists.suse.com Tue Nov 17 03:16:40 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 17 Nov 2015 11:16:40 +0100 (CET) Subject: SUSE-SU-2015:1898-2: important: Security update for krb5 Message-ID: <20151117101640.4465F320F0@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:1898-2 Rating: important References: #952188 Cross-References: CVE-2015-2695 Affected Products: SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: krb5 was updated to fix one security issue. This security issue was fixed: - CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-krb5-12185=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): krb5-debuginfo-1.6.3-133.49.97.1 krb5-debugsource-1.6.3-133.49.97.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): krb5-debuginfo-32bit-1.6.3-133.49.97.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): krb5-debuginfo-x86-1.6.3-133.49.97.1 References: https://www.suse.com/security/cve/CVE-2015-2695.html https://bugzilla.suse.com/952188 From sle-updates at lists.suse.com Tue Nov 17 09:10:34 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 17 Nov 2015 17:10:34 +0100 (CET) Subject: SUSE-RU-2015:2005-1: Recommended update for drm Message-ID: <20151117161034.CEBBF320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for drm ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2005-1 Rating: low References: #949192 Affected Products: SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for drm provides the following fixes: - Ignore "digital output" and "not HDMI output" bits for eDP detection. (bsc#949192) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-drm-12212=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Sale 11-SP3 (i586 x86_64): drm-kmp-default-3.12_3.0.101_0.47.67-0.19.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): drm-kmp-pae-3.12_3.0.101_0.47.67-0.19.1 References: https://bugzilla.suse.com/949192 From sle-updates at lists.suse.com Tue Nov 17 11:10:39 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 17 Nov 2015 19:10:39 +0100 (CET) Subject: SUSE-RU-2015:2006-1: moderate: Recommended update for sg3_utils Message-ID: <20151117181039.B8D69320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2006-1 Rating: moderate References: #903329 #917011 #917049 #937821 #943817 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for sg3_utils provides the following fixes: - Fix rescan-scsi-bus.sh to check if temporary file exists before trying to remove it. Previously it could end up removing /dev/null. (bsc#917049) - Fix regular expression in rescan-scsi-bus.sh to not produce strings with white spaces. (bsc#943817) - Change rescan-scsi-bus.sh to set IPTYPE and IPQUAL on failure, fixing syntax errors later on. (bsc#903329) - Use udev-conformant character encoding in "sg_inq --export". (bsc#917011) - Add "Requires(post): coreutils" to spec file. (bsc#937821) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-sg3_utils-12213=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-sg3_utils-12213=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-sg3_utils-12213=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-sg3_utils-12213=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-sg3_utils-12213=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): sg3_utils-devel-1.35-0.19.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): sg3_utils-1.35-0.19.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): sg3_utils-1.35-0.19.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): sg3_utils-1.35-0.19.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): sg3_utils-debuginfo-1.35-0.19.1 sg3_utils-debugsource-1.35-0.19.1 References: https://bugzilla.suse.com/903329 https://bugzilla.suse.com/917011 https://bugzilla.suse.com/917049 https://bugzilla.suse.com/937821 https://bugzilla.suse.com/943817 From sle-updates at lists.suse.com Wed Nov 18 06:11:30 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 14:11:30 +0100 (CET) Subject: SUSE-SU-2015:2013-1: moderate: Security update for libpng16 Message-ID: <20151118131130.AB5F7320FF@maintenance.suse.de> SUSE Security Update: Security update for libpng16 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2013-1 Rating: moderate References: #954980 Cross-References: CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The libpng16 package was updated to fix the following security issue: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-855=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-855=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-855=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libpng16-compat-devel-1.6.8-8.1 libpng16-debugsource-1.6.8-8.1 libpng16-devel-1.6.8-8.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpng16-16-1.6.8-8.1 libpng16-16-debuginfo-1.6.8-8.1 libpng16-debugsource-1.6.8-8.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libpng16-16-32bit-1.6.8-8.1 libpng16-16-debuginfo-32bit-1.6.8-8.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpng16-16-1.6.8-8.1 libpng16-16-32bit-1.6.8-8.1 libpng16-16-debuginfo-1.6.8-8.1 libpng16-16-debuginfo-32bit-1.6.8-8.1 libpng16-debugsource-1.6.8-8.1 References: https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Wed Nov 18 06:12:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 14:12:54 +0100 (CET) Subject: SUSE-SU-2015:2017-1: moderate: Security update for libpng12-0 Message-ID: <20151118131254.CA433320FF@maintenance.suse.de> SUSE Security Update: Security update for libpng12-0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2017-1 Rating: moderate References: #952051 #954980 Cross-References: CVE-2015-7981 CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The libpng12-0 package was updated to fix the following security issues: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libpng12-0-12214=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libpng12-0-12214=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libpng12-0-12214=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libpng12-0-12214=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libpng12-0-12214=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libpng12-0-12214=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libpng12-0-12214=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libpng12-0-12214=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libpng12-0-12214=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.35.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.35.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libpng12-0-1.2.31-5.35.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libpng12-0-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libpng12-0-x86-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libpng12-0-x86-1.2.31-5.35.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libpng12-0-1.2.31-5.35.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libpng12-0-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libpng12-0-1.2.31-5.35.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libpng12-0-32bit-1.2.31-5.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-debuginfo-1.2.31-5.35.1 libpng12-0-debugsource-1.2.31-5.35.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng12-0-debuginfo-1.2.31-5.35.1 libpng12-0-debugsource-1.2.31-5.35.1 References: https://www.suse.com/security/cve/CVE-2015-7981.html https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/952051 https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Wed Nov 18 06:17:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 14:17:09 +0100 (CET) Subject: SUSE-SU-2015:2024-1: moderate: Security update for libpng12 Message-ID: <20151118131709.EF4AE320FF@maintenance.suse.de> SUSE Security Update: Security update for libpng12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2024-1 Rating: moderate References: #952051 #954980 Cross-References: CVE-2015-7981 CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The libpng12 package was updated to fix the following security issues: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-854=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-854=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-854=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libpng12-compat-devel-1.2.50-10.1 libpng12-debugsource-1.2.50-10.1 libpng12-devel-1.2.50-10.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpng12-0-1.2.50-10.1 libpng12-0-debuginfo-1.2.50-10.1 libpng12-debugsource-1.2.50-10.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libpng12-0-32bit-1.2.50-10.1 libpng12-0-debuginfo-32bit-1.2.50-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpng12-0-1.2.50-10.1 libpng12-0-32bit-1.2.50-10.1 libpng12-0-debuginfo-1.2.50-10.1 libpng12-0-debuginfo-32bit-1.2.50-10.1 libpng12-debugsource-1.2.50-10.1 References: https://www.suse.com/security/cve/CVE-2015-7981.html https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/952051 https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Wed Nov 18 08:10:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 16:10:55 +0100 (CET) Subject: SUSE-SU-2015:2025-1: moderate: Recommended update for git Message-ID: <20151118151055.EE756320DF@maintenance.suse.de> SUSE Security Update: Recommended update for git ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2025-1 Rating: moderate References: #948969 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: The git package was updated to fix the following security issue: - Fix remote code execution with recursive fetch of submodules (bsc#948969). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-857=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-857=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): git-1.8.5.6-14.3 git-arch-1.8.5.6-14.3 git-core-1.8.5.6-14.3 git-core-debuginfo-1.8.5.6-14.3 git-cvs-1.8.5.6-14.3 git-daemon-1.8.5.6-14.3 git-daemon-debuginfo-1.8.5.6-14.3 git-debugsource-1.8.5.6-14.3 git-email-1.8.5.6-14.3 git-gui-1.8.5.6-14.3 git-svn-1.8.5.6-14.3 git-svn-debuginfo-1.8.5.6-14.3 git-web-1.8.5.6-14.3 gitk-1.8.5.6-14.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): git-core-1.8.5.6-14.3 git-core-debuginfo-1.8.5.6-14.3 git-debugsource-1.8.5.6-14.3 References: https://bugzilla.suse.com/948969 From sle-updates at lists.suse.com Wed Nov 18 08:11:25 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 16:11:25 +0100 (CET) Subject: SUSE-RU-2015:2026-1: important: Recommended update for gcc5 Message-ID: <20151118151125.72634320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for gcc5 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2026-1 Rating: important References: #954002 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for gcc5 and its runtime libraries adjusts the build flags on the s390x architecture to be compatible with IBM z9 and z10 systems. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-gcc5-12215=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-gcc5-12215=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-gcc5-12215=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-gcc5-12215=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libstdc++6-devel-gcc5-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): libitm1-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): cpp5-5.2.1+r226025-5.3 gcc5-32bit-5.2.1+r226025-5.3 gcc5-5.2.1+r226025-5.3 gcc5-c++-32bit-5.2.1+r226025-5.3 gcc5-c++-5.2.1+r226025-5.3 gcc5-fortran-32bit-5.2.1+r226025-5.3 gcc5-fortran-5.2.1+r226025-5.3 gcc5-info-5.2.1+r226025-5.3 gcc5-locale-5.2.1+r226025-5.3 libffi-devel-gcc5-32bit-5.2.1+r226025-5.2 libffi-devel-gcc5-5.2.1+r226025-5.2 libitm1-32bit-5.2.1+r226025-5.3 libstdc++6-devel-gcc5-32bit-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 x86_64): libasan2-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 x86_64): libasan2-32bit-5.2.1+r226025-5.3 libubsan0-32bit-5.2.1+r226025-5.3 libubsan0-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): libcilkrts5-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64): libatomic1-5.2.1+r226025-5.3 libgfortran3-5.2.1+r226025-5.3 libquadmath0-5.2.1+r226025-5.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (x86_64): libcilkrts5-32bit-5.2.1+r226025-5.3 liblsan0-5.2.1+r226025-5.3 libtsan0-5.2.1+r226025-5.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgcc_s1-5.2.1+r226025-5.3 libgfortran3-5.2.1+r226025-5.3 libgomp1-5.2.1+r226025-5.3 libstdc++6-5.2.1+r226025-5.3 libstdc++6-locale-5.2.1+r226025-5.3 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libatomic1-32bit-5.2.1+r226025-5.3 libatomic1-5.2.1+r226025-5.3 libffi4-32bit-5.2.1+r226025-5.2 libffi4-5.2.1+r226025-5.2 libgcc_s1-32bit-5.2.1+r226025-5.3 libgfortran3-32bit-5.2.1+r226025-5.3 libgomp1-32bit-5.2.1+r226025-5.3 libstdc++6-32bit-5.2.1+r226025-5.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 x86_64): libquadmath0-5.2.1+r226025-5.3 - SUSE Linux Enterprise Server 11-SP4 (x86_64): libquadmath0-32bit-5.2.1+r226025-5.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libgcc_s1-5.2.1+r226025-5.3 libgfortran3-5.2.1+r226025-5.3 libgomp1-5.2.1+r226025-5.3 libquadmath0-5.2.1+r226025-5.3 libstdc++6-5.2.1+r226025-5.3 libstdc++6-locale-5.2.1+r226025-5.3 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libgcc_s1-32bit-5.2.1+r226025-5.3 libgfortran3-32bit-5.2.1+r226025-5.3 libgomp1-32bit-5.2.1+r226025-5.3 libquadmath0-32bit-5.2.1+r226025-5.3 libstdc++6-32bit-5.2.1+r226025-5.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): gcc5-debuginfo-5.2.1+r226025-5.3 libffi-gcc5-debuginfo-5.2.1+r226025-5.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): gcc5-debugsource-5.2.1+r226025-5.3 References: https://bugzilla.suse.com/954002 From sle-updates at lists.suse.com Wed Nov 18 09:10:28 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 17:10:28 +0100 (CET) Subject: SUSE-RU-2015:2027-1: important: Recommended update for openCryptoki Message-ID: <20151118161028.F3D97320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for openCryptoki ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2027-1 Rating: important References: #942162 #943070 #946172 #946808 #948114 #951587 #954497 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This update for openCryptoki provides fixes and enhancements: - Added /var/lib/opencryptoki/lite/TOK_OBJ token directory. (bsc#943070) - Fixed two public key object inclusion in EP11 token. (bsc#946808) - Fixed GPF when calling C_SignUpdate using ICFS token. (bsc#946172) - Fixed failure to import ECDSA because of lack of attribute. (bsc#948114) - Removed globbing in %files and specified libraries to include. (bsc#942162) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-openCryptoki-12216=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openCryptoki-12216=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openCryptoki-12216=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): openCryptoki-devel-3.2-0.16.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): openCryptoki-3.2-0.16.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390 s390x x86_64): openCryptoki-3.2-0.16.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): openCryptoki-64bit-3.2-0.16.1 - SUSE Linux Enterprise Server 11-SP4 (i586 s390): openCryptoki-32bit-3.2-0.16.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): openCryptoki-debuginfo-3.2-0.16.1 openCryptoki-debugsource-3.2-0.16.1 References: https://bugzilla.suse.com/942162 https://bugzilla.suse.com/943070 https://bugzilla.suse.com/946172 https://bugzilla.suse.com/946808 https://bugzilla.suse.com/948114 https://bugzilla.suse.com/951587 https://bugzilla.suse.com/954497 From sle-updates at lists.suse.com Wed Nov 18 09:12:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 17:12:10 +0100 (CET) Subject: SUSE-RU-2015:2028-1: moderate: Recommended update for bind Message-ID: <20151118161210.0A69B320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for bind ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2028-1 Rating: moderate References: #947483 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for bind removes the start/stop dependency of named and lwresd on remote-fs, fixing a service dependency cycle. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-859=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-859=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-859=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): bind-debuginfo-9.9.6P1-28.3.1 bind-debugsource-9.9.6P1-28.3.1 bind-devel-9.9.6P1-28.3.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): bind-9.9.6P1-28.3.1 bind-chrootenv-9.9.6P1-28.3.1 bind-debuginfo-9.9.6P1-28.3.1 bind-debugsource-9.9.6P1-28.3.1 bind-libs-9.9.6P1-28.3.1 bind-libs-debuginfo-9.9.6P1-28.3.1 bind-utils-9.9.6P1-28.3.1 bind-utils-debuginfo-9.9.6P1-28.3.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): bind-libs-32bit-9.9.6P1-28.3.1 bind-libs-debuginfo-32bit-9.9.6P1-28.3.1 - SUSE Linux Enterprise Server 12 (noarch): bind-doc-9.9.6P1-28.3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): bind-debuginfo-9.9.6P1-28.3.1 bind-debugsource-9.9.6P1-28.3.1 bind-libs-32bit-9.9.6P1-28.3.1 bind-libs-9.9.6P1-28.3.1 bind-libs-debuginfo-32bit-9.9.6P1-28.3.1 bind-libs-debuginfo-9.9.6P1-28.3.1 bind-utils-9.9.6P1-28.3.1 bind-utils-debuginfo-9.9.6P1-28.3.1 References: https://bugzilla.suse.com/947483 From sle-updates at lists.suse.com Wed Nov 18 12:10:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Nov 2015 20:10:24 +0100 (CET) Subject: SUSE-RU-2015:2029-1: Recommended update for star Message-ID: <20151118191024.C8A29320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for star ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2029-1 Rating: low References: #952299 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for star fixes a buffer overflow when handling file names longer than 100 characters. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-860=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-860=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): star-1.5final-65.7.1 star-debuginfo-1.5final-65.7.1 star-debugsource-1.5final-65.7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): star-1.5final-65.7.1 star-debuginfo-1.5final-65.7.1 star-debugsource-1.5final-65.7.1 References: https://bugzilla.suse.com/952299 From sle-updates at lists.suse.com Thu Nov 19 10:10:26 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 18:10:26 +0100 (CET) Subject: SUSE-RU-2015:2046-1: Recommended update for resource-agents Message-ID: <20151119171026.30C11320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for resource-agents ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2046-1 Rating: low References: #935253 #940931 Affected Products: SUSE Linux Enterprise High Availability 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for resource-agents provides the following fixes: - CTDB: Preserve permissions on smb.conf. (bsc#935253) - IPaddr2, findif.sh: Allow and describe + and - broadcast arguments. (bsc#940931) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2015-861=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12 (s390x x86_64): ldirectord-3.9.5+git633-8.3.1 monitoring-plugins-metadata-3.9.5+git633-8.3.1 resource-agents-3.9.5+git633-8.3.1 resource-agents-debuginfo-3.9.5+git633-8.3.1 resource-agents-debugsource-3.9.5+git633-8.3.1 References: https://bugzilla.suse.com/935253 https://bugzilla.suse.com/940931 From sle-updates at lists.suse.com Thu Nov 19 11:10:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 19:10:29 +0100 (CET) Subject: SUSE-RU-2015:2047-1: moderate: Recommended update for tar Message-ID: <20151119181029.94C50320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for tar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2047-1 Rating: moderate References: #950785 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The tar(1) archiving utility has been updated to fix one issue: When the --acls option is used, explicitly set or delete default ACLs for extracted directories. Prior to this update, arbitrary default ACLs based on standard file permissions were being created. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-863=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-863=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): tar-1.27.1-7.1 tar-debuginfo-1.27.1-7.1 tar-debugsource-1.27.1-7.1 - SUSE Linux Enterprise Server 12 (noarch): tar-lang-1.27.1-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): tar-1.27.1-7.1 tar-debuginfo-1.27.1-7.1 tar-debugsource-1.27.1-7.1 - SUSE Linux Enterprise Desktop 12 (noarch): tar-lang-1.27.1-7.1 References: https://bugzilla.suse.com/950785 From sle-updates at lists.suse.com Thu Nov 19 11:10:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 19:10:54 +0100 (CET) Subject: SUSE-RU-2015:2048-1: moderate: Recommended update for acl Message-ID: <20151119181054.6C434320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for acl ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2048-1 Rating: moderate References: #945899 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for acl provides the following fixes: - Fix segmentation fault of getfacl -e on overly long group name. - Make sure that acl_from_text() always sets errno when it fails. - Fix memory and resource leaks in getfacl. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-862=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-862=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-862=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): acl-debuginfo-2.2.52-5.1 acl-debugsource-2.2.52-5.1 libacl-devel-2.2.52-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): acl-2.2.52-5.1 acl-debuginfo-2.2.52-5.1 acl-debugsource-2.2.52-5.1 libacl1-2.2.52-5.1 libacl1-debuginfo-2.2.52-5.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libacl1-32bit-2.2.52-5.1 libacl1-debuginfo-32bit-2.2.52-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): acl-2.2.52-5.1 acl-debuginfo-2.2.52-5.1 acl-debugsource-2.2.52-5.1 libacl1-2.2.52-5.1 libacl1-32bit-2.2.52-5.1 libacl1-debuginfo-2.2.52-5.1 libacl1-debuginfo-32bit-2.2.52-5.1 References: https://bugzilla.suse.com/945899 From sle-updates at lists.suse.com Thu Nov 19 13:10:26 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 21:10:26 +0100 (CET) Subject: SUSE-RU-2015:2049-1: Recommended update for os-prober Message-ID: <20151119201026.688F2320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for os-prober ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2049-1 Rating: low References: #931955 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes os-prober to not attempt to mount btrfs snapshots. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-865=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-865=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): os-prober-1.61-16.2 os-prober-debuginfo-1.61-16.2 os-prober-debugsource-1.61-16.2 - SUSE Linux Enterprise Desktop 12 (x86_64): os-prober-1.61-16.2 os-prober-debuginfo-1.61-16.2 os-prober-debugsource-1.61-16.2 References: https://bugzilla.suse.com/931955 From sle-updates at lists.suse.com Thu Nov 19 13:10:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 21:10:57 +0100 (CET) Subject: SUSE-RU-2015:2050-1: moderate: Recommended update for systemd Message-ID: <20151119201058.59ED1320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for systemd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2050-1 Rating: moderate References: #954336 #954781 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for SystemD provides the following fixes: - Do not return error when paths in ReadOnlyDirectories= and InaccessibleDirectories= directives are prefixed with "-" and don't exist. (bsc#954781) - Allow systemd-sysv-convert to do its job even if one of the sysvinit scripts is not found. (bsc#954336) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-866=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-866=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-866=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libgudev-1_0-devel-210-70.30.1 libudev-devel-210-70.30.1 systemd-debuginfo-210-70.30.1 systemd-debugsource-210-70.30.1 systemd-devel-210-70.30.1 typelib-1_0-GUdev-1_0-210-70.30.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libgudev-1_0-0-210-70.30.1 libgudev-1_0-0-debuginfo-210-70.30.1 libudev1-210-70.30.1 libudev1-debuginfo-210-70.30.1 systemd-210-70.30.1 systemd-debuginfo-210-70.30.1 systemd-debugsource-210-70.30.1 systemd-sysvinit-210-70.30.1 udev-210-70.30.1 udev-debuginfo-210-70.30.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgudev-1_0-0-32bit-210-70.30.1 libgudev-1_0-0-debuginfo-32bit-210-70.30.1 libudev1-32bit-210-70.30.1 libudev1-debuginfo-32bit-210-70.30.1 systemd-32bit-210-70.30.1 systemd-debuginfo-32bit-210-70.30.1 - SUSE Linux Enterprise Server 12 (noarch): systemd-bash-completion-210-70.30.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libgudev-1_0-0-210-70.30.1 libgudev-1_0-0-32bit-210-70.30.1 libgudev-1_0-0-debuginfo-210-70.30.1 libgudev-1_0-0-debuginfo-32bit-210-70.30.1 libudev1-210-70.30.1 libudev1-32bit-210-70.30.1 libudev1-debuginfo-210-70.30.1 libudev1-debuginfo-32bit-210-70.30.1 systemd-210-70.30.1 systemd-32bit-210-70.30.1 systemd-debuginfo-210-70.30.1 systemd-debuginfo-32bit-210-70.30.1 systemd-debugsource-210-70.30.1 systemd-sysvinit-210-70.30.1 udev-210-70.30.1 udev-debuginfo-210-70.30.1 - SUSE Linux Enterprise Desktop 12 (noarch): systemd-bash-completion-210-70.30.1 References: https://bugzilla.suse.com/954336 https://bugzilla.suse.com/954781 From sle-updates at lists.suse.com Thu Nov 19 13:11:32 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 21:11:32 +0100 (CET) Subject: SUSE-RU-2015:2051-1: moderate: Recommended update for sle2docker Message-ID: <20151119201132.E8D27320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sle2docker ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2051-1 Rating: moderate References: #953184 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides sle2docker version 0.4.2, which brings the following fixes: - Reduce the chances of timeout errors while activating Docker images on VMs with bad I/O. - Fix wrong documentation inside of README.md. - Fix formatting inside of man page. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2015-864=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (x86_64): ruby2.1-rubygem-sle2docker-0.4.2-14.3 sle2docker-0.4.2-14.3 References: https://bugzilla.suse.com/953184 From sle-updates at lists.suse.com Thu Nov 19 14:10:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Nov 2015 22:10:19 +0100 (CET) Subject: SUSE-RU-2015:2052-1: Recommended update for libseccomp Message-ID: <20151119211019.6A70D320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for libseccomp ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2052-1 Rating: low References: #932372 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libseccomp adjusts the pkgconfig reported version from 2.1.0 to the correct 2.1.1. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-867=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-867=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-867=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libseccomp-debugsource-2.1.1-4.5 libseccomp-devel-2.1.1-4.5 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libseccomp-debugsource-2.1.1-4.5 libseccomp2-2.1.1-4.5 libseccomp2-debuginfo-2.1.1-4.5 - SUSE Linux Enterprise Desktop 12 (x86_64): libseccomp-debugsource-2.1.1-4.5 libseccomp2-2.1.1-4.5 libseccomp2-debuginfo-2.1.1-4.5 References: https://bugzilla.suse.com/932372 From sle-updates at lists.suse.com Fri Nov 20 03:10:39 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 11:10:39 +0100 (CET) Subject: SUSE-SU-2015:2053-1: moderate: Security update for xscreensaver Message-ID: <20151120101039.3EF18320DF@maintenance.suse.de> SUSE Security Update: Security update for xscreensaver ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2053-1 Rating: moderate References: #952062 Cross-References: CVE-2015-8025 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The xscreensaver package was updated to fix the following security issue: - CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-870=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-870=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): xscreensaver-5.22-6.1 xscreensaver-data-5.22-6.1 xscreensaver-data-debuginfo-5.22-6.1 xscreensaver-debuginfo-5.22-6.1 xscreensaver-debugsource-5.22-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): xscreensaver-5.22-6.1 xscreensaver-data-5.22-6.1 xscreensaver-data-debuginfo-5.22-6.1 xscreensaver-debuginfo-5.22-6.1 xscreensaver-debugsource-5.22-6.1 References: https://www.suse.com/security/cve/CVE-2015-8025.html https://bugzilla.suse.com/952062 From sle-updates at lists.suse.com Fri Nov 20 03:11:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 11:11:06 +0100 (CET) Subject: SUSE-SU-2015:2054-1: moderate: Security update for xscreensaver Message-ID: <20151120101106.E88CC320FF@maintenance.suse.de> SUSE Security Update: Security update for xscreensaver ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2054-1 Rating: moderate References: #952062 Cross-References: CVE-2015-8025 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The xscreensaver package was updated to fix the following security and non security issues: - CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062). - Added xscreensaver-in_signal_handler_p.patch needed for fix of signal handling. - Refresh xscreensaver-stars.patch. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-xscreensaver-12217=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xscreensaver-12217=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-xscreensaver-12217=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-xscreensaver-12217=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-xscreensaver-12217=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xscreensaver-12217=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-xscreensaver-12217=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): xscreensaver-5.07-6.36.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): xscreensaver-5.07-6.36.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): xscreensaver-5.07-6.36.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): xscreensaver-5.07-6.36.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): xscreensaver-5.07-6.36.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): xscreensaver-debuginfo-5.07-6.36.1 xscreensaver-debugsource-5.07-6.36.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): xscreensaver-debuginfo-5.07-6.36.1 xscreensaver-debugsource-5.07-6.36.1 References: https://www.suse.com/security/cve/CVE-2015-8025.html https://bugzilla.suse.com/952062 From sle-updates at lists.suse.com Fri Nov 20 03:11:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 11:11:53 +0100 (CET) Subject: SUSE-SU-2015:2056-1: moderate: Recommended update for libksba Message-ID: <20151120101153.D7DC2320FF@maintenance.suse.de> SUSE Security Update: Recommended update for libksba ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2056-1 Rating: moderate References: #926826 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: The libksba package was updated to fix the following security issues: - Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-869=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-869=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-869=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libksba-debugsource-1.3.0-12.1 libksba-devel-1.3.0-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libksba-debugsource-1.3.0-12.1 libksba8-1.3.0-12.1 libksba8-debuginfo-1.3.0-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libksba-debugsource-1.3.0-12.1 libksba8-1.3.0-12.1 libksba8-debuginfo-1.3.0-12.1 References: https://bugzilla.suse.com/926826 From sle-updates at lists.suse.com Fri Nov 20 06:11:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 14:11:03 +0100 (CET) Subject: SUSE-SU-2015:2058-1: moderate: Security update for ntp Message-ID: <20151120131103.628F4320FF@maintenance.suse.de> SUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2058-1 Rating: moderate References: #905885 #910063 #936327 #942441 #942587 #944300 #951608 Cross-References: CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: This ntp update provides the following security and non security fixes: - Update to 4.2.8p4 to fix several security issues (bsc#951608): * CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK * CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values * CVE-2015-7854: Password Length Memory Corruption Vulnerability * CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow * CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability * CVE-2015-7851 saveconfig Directory Traversal Vulnerability * CVE-2015-7850 remote config logfile-keyfile * CVE-2015-7849 trusted key use-after-free * CVE-2015-7848 mode 7 loop counter underrun * CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC * CVE-2015-7703 configuration directives "pidfile" and "driftfile" should only be allowed locally * CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should validate the origin timestamp field * CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey data packet length checks - Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327). - Add a controlkey to ntp.conf to make the above work. - Improve runtime configuration: * Read keytype from ntp.conf * Don't write ntp keys to syslog. - Don't let "keysdir" lines in ntp.conf trigger the "keys" parser. - Fix the comment regarding addserver in ntp.conf (bnc#910063). - Remove ntp.1.gz, it wasn't installed anymore. - Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz. The rest is partially irrelevant, partially redundant and potentially outdated (bsc#942587). - Remove "kod" from the restrict line in ntp.conf (bsc#944300). - Use SHA1 instead of MD5 for symmetric keys (bsc#905885). - Require perl-Socket6 (bsc#942441). - Fix incomplete backporting of "rcntp ntptimemset". Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ntp-12218=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-ntp-12218=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ntp-12218=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ntp-4.2.8p4-5.1 ntp-doc-4.2.8p4-5.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): ntp-4.2.8p4-5.1 ntp-doc-4.2.8p4-5.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ntp-debuginfo-4.2.8p4-5.1 ntp-debugsource-4.2.8p4-5.1 References: https://www.suse.com/security/cve/CVE-2015-7691.html https://www.suse.com/security/cve/CVE-2015-7692.html https://www.suse.com/security/cve/CVE-2015-7701.html https://www.suse.com/security/cve/CVE-2015-7702.html https://www.suse.com/security/cve/CVE-2015-7703.html https://www.suse.com/security/cve/CVE-2015-7704.html https://www.suse.com/security/cve/CVE-2015-7705.html https://www.suse.com/security/cve/CVE-2015-7848.html https://www.suse.com/security/cve/CVE-2015-7849.html https://www.suse.com/security/cve/CVE-2015-7850.html https://www.suse.com/security/cve/CVE-2015-7851.html https://www.suse.com/security/cve/CVE-2015-7852.html https://www.suse.com/security/cve/CVE-2015-7853.html https://www.suse.com/security/cve/CVE-2015-7854.html https://www.suse.com/security/cve/CVE-2015-7855.html https://www.suse.com/security/cve/CVE-2015-7871.html https://bugzilla.suse.com/905885 https://bugzilla.suse.com/910063 https://bugzilla.suse.com/936327 https://bugzilla.suse.com/942441 https://bugzilla.suse.com/942587 https://bugzilla.suse.com/944300 https://bugzilla.suse.com/951608 From sle-updates at lists.suse.com Fri Nov 20 09:10:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 17:10:41 +0100 (CET) Subject: SUSE-RU-2015:2061-1: Recommended update for yast2-update Message-ID: <20151120161041.BA1D2320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-update ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2061-1 Rating: low References: #941132 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-update provides the following fixes: - Allow root partitions formatted with btrfs to be selected for system upgrades. (bsc#941132) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-update-12219=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-update-12219=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): yast2-update-2.17.27-4.12 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): yast2-update-2.17.27-4.12 References: https://bugzilla.suse.com/941132 From sle-updates at lists.suse.com Fri Nov 20 09:11:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 17:11:04 +0100 (CET) Subject: SUSE-RU-2015:2062-1: Recommended update for python-ec2utilsbase, python-ec2uploadimg Message-ID: <20151120161104.3C52B320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-ec2utilsbase, python-ec2uploadimg ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2062-1 Rating: low References: #954990 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides minor fixes for Amazon's EC2 utilities. python-ec2uploadimg: - Check that the specified account can be found in the configuration file and provide error message if the account is not found. python-ec2utilsbase: - Fix typo in exception name. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-873=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-ec2uploadimg-0.7.1-5.1 python-ec2utilsbase-0.3.1-7.1 References: https://bugzilla.suse.com/954990 From sle-updates at lists.suse.com Fri Nov 20 09:11:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 17:11:24 +0100 (CET) Subject: SUSE-RU-2015:2063-1: moderate: Recommended update for sg3_utils Message-ID: <20151120161124.3BF22320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2063-1 Rating: moderate References: #903323 #903329 #903332 #907049 #907483 #917011 #917049 #943817 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update for sg3_utils provides the following fixes: - Change rescan-scsi-bus.sh to set IPTYPE and IPQUAL on failure, fixing syntax errors later on. (bsc#903329) - Allow spaces when comparing types in rescan-scsi-bus.sh. (bsc#903323) - Fix sg_inq(8) to correctly ignore invalid VPD entries. (bsc#907049) - Differentiate between NAA VPD descriptor types. (bsc#907483) - Use udev-compliant character encoding in "sg_inq --export". (bsc#917011) - Fix regular expression in rescan-scsi-bus.sh to not produce strings with white spaces. (bsc#943817) - Fix rescan-scsi-bus.sh to check if temporary file exists before trying to remove it. Previously it could end up removing /dev/null. (bsc#917049) - Implement option '--issue-lip-wait' in rescan-scsi-bus.sh to insert a delay after issuing a LIP reset. (bsc#903332) - Interpret DID_NEXUS_FAILURE as 'reservation conflict'. (bsc#903332) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-874=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-874=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-874=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libsgutils-devel-1.38-11.7.1 sg3_utils-debuginfo-1.38-11.7.1 sg3_utils-debugsource-1.38-11.7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libsgutils2-2-1.38-11.7.1 libsgutils2-2-debuginfo-1.38-11.7.1 sg3_utils-1.38-11.7.1 sg3_utils-debuginfo-1.38-11.7.1 sg3_utils-debugsource-1.38-11.7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libsgutils2-2-1.38-11.7.1 libsgutils2-2-debuginfo-1.38-11.7.1 sg3_utils-1.38-11.7.1 sg3_utils-debuginfo-1.38-11.7.1 sg3_utils-debugsource-1.38-11.7.1 References: https://bugzilla.suse.com/903323 https://bugzilla.suse.com/903329 https://bugzilla.suse.com/903332 https://bugzilla.suse.com/907049 https://bugzilla.suse.com/907483 https://bugzilla.suse.com/917011 https://bugzilla.suse.com/917049 https://bugzilla.suse.com/943817 From sle-updates at lists.suse.com Fri Nov 20 09:13:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 17:13:13 +0100 (CET) Subject: SUSE-SU-2015:2064-1: moderate: Security update for openstack-dashboard Message-ID: <20151120161313.7B34F320DF@maintenance.suse.de> SUSE Security Update: Security update for openstack-dashboard ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2064-1 Rating: moderate References: #928891 #931437 #933607 #933722 #935442 #936059 #936368 #945052 #945515 Cross-References: CVE-2015-3219 CVE-2015-3988 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that solves two vulnerabilities and has 7 fixes is now available. Description: This update provides fixes and enhancements for openstack-dashboard, crowbar-barclamp-nova_dashboard and python-django_openstack_auth. openstack-dashboard: - Reset flavors for other than "Boot from Image" source type. (bsc#945515) - Add deactivated status for glance image. - Fix TemplateSyntaxError at hypervisors view. - Fix addition of plugin panel to panel group. - Remove admin role name 'admin' hardcode. (bsc#935442) - Escape the description param from heat template. (bsc#933722, CVE-2015-3219) - Enhance policy rules to workflow actions and identity project. - Sanitation of metadata passed from Django to avoid persistent XSS. (bsc#931437, CVE-2015-3988) - Fix Terminate Instance on network topology page. - Show ports from shared nets in floating IP assoc. - Fix incorrect ca arguments for calling ceilometer client. - Fix dynamic select layout when help block is displayed. - Pass correct project ID to get tenant_usages. (bsc#928891) crowbar-barclamp-nova_dashboard: - Allow switching on multidomain support. (bsc#945052) - Fix quoting of supported_provider_types. (bsc#936368) - Enable the POLICY_FILES setting configuration. - Fix attribute being fetched from wrong node. (bsc#936059) python-django_openstack_auth: - Remove admin role name 'admin' hardcode in User.is_superuser(). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-crowbar-dashboard-201510-12220=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-dashboard-2014.2.4~a0~dev12-13.2 python-django_openstack_auth-1.1.7-11.3 python-horizon-2014.2.4~a0~dev12-13.2 - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-nova_dashboard-1.9+git.1443622531.b2b2939-9.3 References: https://www.suse.com/security/cve/CVE-2015-3219.html https://www.suse.com/security/cve/CVE-2015-3988.html https://bugzilla.suse.com/928891 https://bugzilla.suse.com/931437 https://bugzilla.suse.com/933607 https://bugzilla.suse.com/933722 https://bugzilla.suse.com/935442 https://bugzilla.suse.com/936059 https://bugzilla.suse.com/936368 https://bugzilla.suse.com/945052 https://bugzilla.suse.com/945515 From sle-updates at lists.suse.com Fri Nov 20 10:10:17 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 18:10:17 +0100 (CET) Subject: SUSE-SU-2015:2065-1: moderate: Security update for dracut Message-ID: <20151120171017.8339C320FF@maintenance.suse.de> SUSE Security Update: Security update for dracut ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2065-1 Rating: moderate References: #935338 #935993 #947518 #952491 Cross-References: CVE-2015-0794 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: The dracut package was updated to fix the following security and non-security issues: - CVE-2015-0794: Use mktemp instead of hardcoded filenames, possible vulnerability (bsc#935338). - Always install mdraid modules (bsc#935993). - Add notice when dracut failed to install modules (bsc#952491). - Always install dm-snaphost module if lvm dracut module is needed, even if dm-snapshot is not loaded on the host yet (bsc#947518). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-877=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-877=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): dracut-037-51.17.3 dracut-debuginfo-037-51.17.3 dracut-debugsource-037-51.17.3 dracut-fips-037-51.17.3 - SUSE Linux Enterprise Desktop 12 (x86_64): dracut-037-51.17.3 dracut-debuginfo-037-51.17.3 dracut-debugsource-037-51.17.3 References: https://www.suse.com/security/cve/CVE-2015-0794.html https://bugzilla.suse.com/935338 https://bugzilla.suse.com/935993 https://bugzilla.suse.com/947518 https://bugzilla.suse.com/952491 From sle-updates at lists.suse.com Fri Nov 20 13:10:23 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 21:10:23 +0100 (CET) Subject: SUSE-OU-2015:2066-1: Optional update for myspell-dictionaries Message-ID: <20151120201023.696BE320DF@maintenance.suse.de> SUSE Optional Update: Optional update for myspell-dictionaries ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:2066-1 Rating: low References: #955447 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds a set of new location specific dictionaries to improve spell checking support on several languages. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-878=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-878=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): myspell-dictionaries-20150827-8.1 myspell-lightproof-en-20150827-8.1 myspell-lightproof-hu_HU-20150827-8.1 myspell-lightproof-pt_BR-20150827-8.1 myspell-lightproof-ru_RU-20150827-8.1 - SUSE Linux Enterprise Workstation Extension 12 (noarch): myspell-af_NA-20150827-8.1 myspell-af_ZA-20150827-8.1 myspell-ar-20150827-8.1 myspell-ar_AE-20150827-8.1 myspell-ar_BH-20150827-8.1 myspell-ar_DZ-20150827-8.1 myspell-ar_EG-20150827-8.1 myspell-ar_IQ-20150827-8.1 myspell-ar_JO-20150827-8.1 myspell-ar_KW-20150827-8.1 myspell-ar_LB-20150827-8.1 myspell-ar_LY-20150827-8.1 myspell-ar_MA-20150827-8.1 myspell-ar_OM-20150827-8.1 myspell-ar_QA-20150827-8.1 myspell-ar_SA-20150827-8.1 myspell-ar_SD-20150827-8.1 myspell-ar_SY-20150827-8.1 myspell-ar_TN-20150827-8.1 myspell-ar_YE-20150827-8.1 myspell-be_BY-20150827-8.1 myspell-bg_BG-20150827-8.1 myspell-bn_BD-20150827-8.1 myspell-bn_IN-20150827-8.1 myspell-bs-20150827-8.1 myspell-bs_BA-20150827-8.1 myspell-ca-20150827-8.1 myspell-ca_AD-20150827-8.1 myspell-ca_ES-20150827-8.1 myspell-ca_ES_valencia-20150827-8.1 myspell-ca_FR-20150827-8.1 myspell-ca_IT-20150827-8.1 myspell-cs_CZ-20150827-8.1 myspell-da_DK-20150827-8.1 myspell-de-20150827-8.1 myspell-de_AT-20150827-8.1 myspell-de_CH-20150827-8.1 myspell-de_DE-20150827-8.1 myspell-el_GR-20150827-8.1 myspell-en-20150827-8.1 myspell-en_AU-20150827-8.1 myspell-en_BS-20150827-8.1 myspell-en_BZ-20150827-8.1 myspell-en_CA-20150827-8.1 myspell-en_GB-20150827-8.1 myspell-en_GH-20150827-8.1 myspell-en_IE-20150827-8.1 myspell-en_IN-20150827-8.1 myspell-en_JM-20150827-8.1 myspell-en_MW-20150827-8.1 myspell-en_NA-20150827-8.1 myspell-en_NZ-20150827-8.1 myspell-en_PH-20150827-8.1 myspell-en_TT-20150827-8.1 myspell-en_US-20150827-8.1 myspell-en_ZA-20150827-8.1 myspell-en_ZW-20150827-8.1 myspell-es-20150827-8.1 myspell-es_AR-20150827-8.1 myspell-es_BO-20150827-8.1 myspell-es_CL-20150827-8.1 myspell-es_CO-20150827-8.1 myspell-es_CR-20150827-8.1 myspell-es_CU-20150827-8.1 myspell-es_DO-20150827-8.1 myspell-es_EC-20150827-8.1 myspell-es_ES-20150827-8.1 myspell-es_GT-20150827-8.1 myspell-es_HN-20150827-8.1 myspell-es_MX-20150827-8.1 myspell-es_NI-20150827-8.1 myspell-es_PA-20150827-8.1 myspell-es_PE-20150827-8.1 myspell-es_PR-20150827-8.1 myspell-es_PY-20150827-8.1 myspell-es_SV-20150827-8.1 myspell-es_UY-20150827-8.1 myspell-es_VE-20150827-8.1 myspell-et_EE-20150827-8.1 myspell-fr_BE-20150827-8.1 myspell-fr_CA-20150827-8.1 myspell-fr_CH-20150827-8.1 myspell-fr_FR-20150827-8.1 myspell-fr_LU-20150827-8.1 myspell-fr_MC-20150827-8.1 myspell-gu_IN-20150827-8.1 myspell-he_IL-20150827-8.1 myspell-hi_IN-20150827-8.1 myspell-hr_HR-20150827-8.1 myspell-hu_HU-20150827-8.1 myspell-it_IT-20150827-8.1 myspell-lo_LA-20150827-8.1 myspell-lt_LT-20150827-8.1 myspell-lv_LV-20150827-8.1 myspell-nb_NO-20150827-8.1 myspell-nl_BE-20150827-8.1 myspell-nl_NL-20150827-8.1 myspell-nn_NO-20150827-8.1 myspell-no-20150827-8.1 myspell-pl_PL-20150827-8.1 myspell-pt_AO-20150827-8.1 myspell-pt_BR-20150827-8.1 myspell-pt_PT-20150827-8.1 myspell-ro-20150827-8.1 myspell-ro_RO-20150827-8.1 myspell-ru_RU-20150827-8.1 myspell-sk_SK-20150827-8.1 myspell-sl_SI-20150827-8.1 myspell-sr-20150827-8.1 myspell-sr_CS-20150827-8.1 myspell-sr_Latn_CS-20150827-8.1 myspell-sr_Latn_RS-20150827-8.1 myspell-sr_RS-20150827-8.1 myspell-sv_FI-20150827-8.1 myspell-sv_SE-20150827-8.1 myspell-te-20150827-8.1 myspell-te_IN-20150827-8.1 myspell-th_TH-20150827-8.1 myspell-vi-20150827-8.1 myspell-vi_VN-20150827-8.1 myspell-zu_ZA-20150827-8.1 - SUSE Linux Enterprise Desktop 12 (x86_64): myspell-dictionaries-20150827-8.1 myspell-lightproof-en-20150827-8.1 myspell-lightproof-hu_HU-20150827-8.1 myspell-lightproof-pt_BR-20150827-8.1 myspell-lightproof-ru_RU-20150827-8.1 - SUSE Linux Enterprise Desktop 12 (noarch): myspell-af_NA-20150827-8.1 myspell-af_ZA-20150827-8.1 myspell-ar-20150827-8.1 myspell-ar_AE-20150827-8.1 myspell-ar_BH-20150827-8.1 myspell-ar_DZ-20150827-8.1 myspell-ar_EG-20150827-8.1 myspell-ar_IQ-20150827-8.1 myspell-ar_JO-20150827-8.1 myspell-ar_KW-20150827-8.1 myspell-ar_LB-20150827-8.1 myspell-ar_LY-20150827-8.1 myspell-ar_MA-20150827-8.1 myspell-ar_OM-20150827-8.1 myspell-ar_QA-20150827-8.1 myspell-ar_SA-20150827-8.1 myspell-ar_SD-20150827-8.1 myspell-ar_SY-20150827-8.1 myspell-ar_TN-20150827-8.1 myspell-ar_YE-20150827-8.1 myspell-be_BY-20150827-8.1 myspell-bg_BG-20150827-8.1 myspell-bn_BD-20150827-8.1 myspell-bn_IN-20150827-8.1 myspell-bs-20150827-8.1 myspell-bs_BA-20150827-8.1 myspell-ca-20150827-8.1 myspell-ca_AD-20150827-8.1 myspell-ca_ES-20150827-8.1 myspell-ca_ES_valencia-20150827-8.1 myspell-ca_FR-20150827-8.1 myspell-ca_IT-20150827-8.1 myspell-cs_CZ-20150827-8.1 myspell-da_DK-20150827-8.1 myspell-de-20150827-8.1 myspell-de_AT-20150827-8.1 myspell-de_CH-20150827-8.1 myspell-de_DE-20150827-8.1 myspell-el_GR-20150827-8.1 myspell-en-20150827-8.1 myspell-en_AU-20150827-8.1 myspell-en_BS-20150827-8.1 myspell-en_BZ-20150827-8.1 myspell-en_CA-20150827-8.1 myspell-en_GB-20150827-8.1 myspell-en_GH-20150827-8.1 myspell-en_IE-20150827-8.1 myspell-en_IN-20150827-8.1 myspell-en_JM-20150827-8.1 myspell-en_MW-20150827-8.1 myspell-en_NA-20150827-8.1 myspell-en_NZ-20150827-8.1 myspell-en_PH-20150827-8.1 myspell-en_TT-20150827-8.1 myspell-en_US-20150827-8.1 myspell-en_ZA-20150827-8.1 myspell-en_ZW-20150827-8.1 myspell-es-20150827-8.1 myspell-es_AR-20150827-8.1 myspell-es_BO-20150827-8.1 myspell-es_CL-20150827-8.1 myspell-es_CO-20150827-8.1 myspell-es_CR-20150827-8.1 myspell-es_CU-20150827-8.1 myspell-es_DO-20150827-8.1 myspell-es_EC-20150827-8.1 myspell-es_ES-20150827-8.1 myspell-es_GT-20150827-8.1 myspell-es_HN-20150827-8.1 myspell-es_MX-20150827-8.1 myspell-es_NI-20150827-8.1 myspell-es_PA-20150827-8.1 myspell-es_PE-20150827-8.1 myspell-es_PR-20150827-8.1 myspell-es_PY-20150827-8.1 myspell-es_SV-20150827-8.1 myspell-es_UY-20150827-8.1 myspell-es_VE-20150827-8.1 myspell-et_EE-20150827-8.1 myspell-fr_BE-20150827-8.1 myspell-fr_CA-20150827-8.1 myspell-fr_CH-20150827-8.1 myspell-fr_FR-20150827-8.1 myspell-fr_LU-20150827-8.1 myspell-fr_MC-20150827-8.1 myspell-gu_IN-20150827-8.1 myspell-he_IL-20150827-8.1 myspell-hi_IN-20150827-8.1 myspell-hr_HR-20150827-8.1 myspell-hu_HU-20150827-8.1 myspell-it_IT-20150827-8.1 myspell-lo_LA-20150827-8.1 myspell-lt_LT-20150827-8.1 myspell-lv_LV-20150827-8.1 myspell-nb_NO-20150827-8.1 myspell-nl_BE-20150827-8.1 myspell-nl_NL-20150827-8.1 myspell-nn_NO-20150827-8.1 myspell-no-20150827-8.1 myspell-pl_PL-20150827-8.1 myspell-pt_AO-20150827-8.1 myspell-pt_BR-20150827-8.1 myspell-pt_PT-20150827-8.1 myspell-ro-20150827-8.1 myspell-ro_RO-20150827-8.1 myspell-ru_RU-20150827-8.1 myspell-sk_SK-20150827-8.1 myspell-sl_SI-20150827-8.1 myspell-sr-20150827-8.1 myspell-sr_CS-20150827-8.1 myspell-sr_Latn_CS-20150827-8.1 myspell-sr_Latn_RS-20150827-8.1 myspell-sr_RS-20150827-8.1 myspell-sv_FI-20150827-8.1 myspell-sv_SE-20150827-8.1 myspell-te-20150827-8.1 myspell-te_IN-20150827-8.1 myspell-th_TH-20150827-8.1 myspell-vi-20150827-8.1 myspell-vi_VN-20150827-8.1 myspell-zu_ZA-20150827-8.1 References: https://bugzilla.suse.com/955447 From sle-updates at lists.suse.com Fri Nov 20 14:10:27 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Nov 2015 22:10:27 +0100 (CET) Subject: SUSE-RU-2015:2067-1: moderate: Recommended update for cloud-regionsrv-client Message-ID: <20151120211027.7864A320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for cloud-regionsrv-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2067-1 Rating: moderate References: #948057 #948129 #948130 Affected Products: SUSE Linux Enterprise Server 11-PUBCLOUD ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides cloud-regionsrv-client 6.4.0: - If the server to which the guest is registered to is not available, attempt to find another available SMT server. - Register base product properly even if no other products are set up. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-PUBCLOUD: zypper in -t patch pubclsp3-cloud-regionsrv-client-12221=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-PUBCLOUD (i586 ia64 ppc64 s390x x86_64): cloud-regionsrv-client-6.4.0-12.1 References: https://bugzilla.suse.com/948057 https://bugzilla.suse.com/948129 https://bugzilla.suse.com/948130 From sle-updates at lists.suse.com Mon Nov 23 11:10:36 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 23 Nov 2015 19:10:36 +0100 (CET) Subject: SUSE-RU-2015:2080-1: Recommended update for supportutils Message-ID: <20151123181036.55DDB320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2080-1 Rating: low References: #875831 #890604 #918641 #931390 #939079 #941773 #950432 #951218 #952024 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: This update for supportutils includes the following fixes: - Fixed DNS hang. (bsc#951218) - Fixed find error in YaST. (bsc#952024) - Fixed kernel taint flags. (bsc#941773) - Fixed s390-tools reference. (bsc#931390) - Fixed volmn DFS hang with timer. (bsc#950432) - Added OPTION_NIT for novell-nit.txt. (bsc#939079) - Fixed DNS hang on files. (bsc#918641) - Added crm config show. (bsc#875831) - Fixed drbd check using drbd.conf. (bsc#890604) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-supportutils-12222=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-supportutils-12222=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-supportutils-12222=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-supportutils-12222=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-supportutils-12222=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): supportutils-1.20-115.2 - SUSE Linux Enterprise Server 11-SP4 (noarch): supportutils-1.20-115.2 - SUSE Linux Enterprise Server 11-SP3 (noarch): supportutils-1.20-115.2 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): supportutils-1.20-115.2 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): supportutils-1.20-115.2 References: https://bugzilla.suse.com/875831 https://bugzilla.suse.com/890604 https://bugzilla.suse.com/918641 https://bugzilla.suse.com/931390 https://bugzilla.suse.com/939079 https://bugzilla.suse.com/941773 https://bugzilla.suse.com/950432 https://bugzilla.suse.com/951218 https://bugzilla.suse.com/952024 From sle-updates at lists.suse.com Mon Nov 23 14:10:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 23 Nov 2015 22:10:11 +0100 (CET) Subject: SUSE-SU-2015:2081-1: important: Security update for Mozilla Firefox Message-ID: <20151123211011.D7CE73213B@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2081-1 Rating: important References: #908275 #940806 #943557 #943558 #943608 #947003 #952810 Cross-References: CVE-2015-4473 CVE-2015-4474 CVE-2015-4475 CVE-2015-4478 CVE-2015-4479 CVE-2015-4484 CVE-2015-4485 CVE-2015-4486 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491 CVE-2015-4492 CVE-2015-4497 CVE-2015-4498 CVE-2015-4500 CVE-2015-4501 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4513 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes 43 vulnerabilities is now available. It includes three new package versions. Description: MozillaFirefox ESR was updated to version 38.4.0ESR to fix multiple security issues. * MFSA 2015-116/CVE-2015-4513 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 NSS and NSPR memory corruption issues It also includes fixes from 38.3.0ESR: * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3) * MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing vp9 format video * MFSA 2015-105/CVE-2015-4511 Buffer overflow while decoding WebM video * MFSA 2015-106/CVE-2015-4509 Use-after-free while manipulating HTML media content * MFSA 2015-110/CVE-2015-4519 Dragging and dropping images exposes final URL after redirects * MFSA 2015-111/CVE-2015-4520 Errors in the handling of CORS preflight request headers * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522 CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177 CVE-2015-7180 Vulnerabilities found through code inspection It also includes fixes from the Firefox 38.2.1ESR release: * MFSA 2015-94/CVE-2015-4497 (bsc#943557) Use-after-free when resizing canvas element during restyling * MFSA 2015-95/CVE-2015-4498 (bsc#943558) Add-on notification bypass through data URLs It also includes fixes from the Firefox 38.2.0ESR release: * MFSA 2015-79/CVE-2015-4473/CVE-2015-4474 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2) * MFSA 2015-80/CVE-2015-4475 Out-of-bounds read with malformed MP3 file * MFSA 2015-82/CVE-2015-4478 Redefinition of non-configurable JavaScript object properties * MFSA 2015-83/CVE-2015-4479 Overflow issues in libstagefright * MFSA 2015-87/CVE-2015-4484 Crash when using shared memory in JavaScript * MFSA 2015-88/CVE-2015-4491 Heap overflow in gdk-pixbuf when scaling bitmap images * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 Buffer overflows on Libvpx when decoding WebM video * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489 Vulnerabilities found through code inspection * MFSA 2015-92/CVE-2015-4492 Use-after-free in XMLHttpRequest with shared workers Security Issues: * CVE-2015-4473 * CVE-2015-4474 * CVE-2015-4475 * CVE-2015-4478 * CVE-2015-4479 * CVE-2015-4484 * CVE-2015-4485 * CVE-2015-4486 * CVE-2015-4487 * CVE-2015-4488 * CVE-2015-4489 * CVE-2015-4491 * CVE-2015-4492 * CVE-2015-4497 * CVE-2015-4498 * CVE-2015-4500 * CVE-2015-4501 * CVE-2015-4506 * CVE-2015-4509 * CVE-2015-4511 * CVE-2015-4513 * CVE-2015-4517 * CVE-2015-4519 * CVE-2015-4520 * CVE-2015-4521 * CVE-2015-4522 * CVE-2015-7174 * CVE-2015-7175 * CVE-2015-7176 * CVE-2015-7177 * CVE-2015-7180 * CVE-2015-7181 * CVE-2015-7182 * CVE-2015-7183 * CVE-2015-7188 * CVE-2015-7189 * CVE-2015-7193 * CVE-2015-7194 * CVE-2015-7196 * CVE-2015-7197 * CVE-2015-7198 * CVE-2015-7199 * CVE-2015-7200 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 3.19.2.1 and 4.10.10]: mozilla-nspr-4.10.10-0.5.1 mozilla-nspr-devel-4.10.10-0.5.1 mozilla-nss-3.19.2.1-0.5.1 mozilla-nss-devel-3.19.2.1-0.5.1 mozilla-nss-tools-3.19.2.1-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 3.19.2.1 and 4.10.10]: mozilla-nspr-32bit-4.10.10-0.5.1 mozilla-nss-32bit-3.19.2.1-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x) [New Version: 38]: MozillaFirefox-38.4.0esr-0.7.1 MozillaFirefox-branding-SLED-38-0.5.3 MozillaFirefox-translations-38.4.0esr-0.7.1 References: https://www.suse.com/security/cve/CVE-2015-4473.html https://www.suse.com/security/cve/CVE-2015-4474.html https://www.suse.com/security/cve/CVE-2015-4475.html https://www.suse.com/security/cve/CVE-2015-4478.html https://www.suse.com/security/cve/CVE-2015-4479.html https://www.suse.com/security/cve/CVE-2015-4484.html https://www.suse.com/security/cve/CVE-2015-4485.html https://www.suse.com/security/cve/CVE-2015-4486.html https://www.suse.com/security/cve/CVE-2015-4487.html https://www.suse.com/security/cve/CVE-2015-4488.html https://www.suse.com/security/cve/CVE-2015-4489.html https://www.suse.com/security/cve/CVE-2015-4491.html https://www.suse.com/security/cve/CVE-2015-4492.html https://www.suse.com/security/cve/CVE-2015-4497.html https://www.suse.com/security/cve/CVE-2015-4498.html https://www.suse.com/security/cve/CVE-2015-4500.html https://www.suse.com/security/cve/CVE-2015-4501.html https://www.suse.com/security/cve/CVE-2015-4506.html https://www.suse.com/security/cve/CVE-2015-4509.html https://www.suse.com/security/cve/CVE-2015-4511.html https://www.suse.com/security/cve/CVE-2015-4513.html https://www.suse.com/security/cve/CVE-2015-4517.html https://www.suse.com/security/cve/CVE-2015-4519.html https://www.suse.com/security/cve/CVE-2015-4520.html https://www.suse.com/security/cve/CVE-2015-4521.html https://www.suse.com/security/cve/CVE-2015-4522.html https://www.suse.com/security/cve/CVE-2015-7174.html https://www.suse.com/security/cve/CVE-2015-7175.html https://www.suse.com/security/cve/CVE-2015-7176.html https://www.suse.com/security/cve/CVE-2015-7177.html https://www.suse.com/security/cve/CVE-2015-7180.html https://www.suse.com/security/cve/CVE-2015-7181.html https://www.suse.com/security/cve/CVE-2015-7182.html https://www.suse.com/security/cve/CVE-2015-7183.html https://www.suse.com/security/cve/CVE-2015-7188.html https://www.suse.com/security/cve/CVE-2015-7189.html https://www.suse.com/security/cve/CVE-2015-7193.html https://www.suse.com/security/cve/CVE-2015-7194.html https://www.suse.com/security/cve/CVE-2015-7196.html https://www.suse.com/security/cve/CVE-2015-7197.html https://www.suse.com/security/cve/CVE-2015-7198.html https://www.suse.com/security/cve/CVE-2015-7199.html https://www.suse.com/security/cve/CVE-2015-7200.html https://bugzilla.suse.com/908275 https://bugzilla.suse.com/940806 https://bugzilla.suse.com/943557 https://bugzilla.suse.com/943558 https://bugzilla.suse.com/943608 https://bugzilla.suse.com/947003 https://bugzilla.suse.com/952810 https://download.suse.com/patch/finder/?keywords=bb006e2ed6738badb2b7f4f52e5c1b2a From sle-updates at lists.suse.com Tue Nov 24 07:10:42 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 15:10:42 +0100 (CET) Subject: SUSE-RU-2015:2082-1: moderate: Security update for ntp Message-ID: <20151124141042.6872A320DF@maintenance.suse.de> SUSE Recommended Update: Security update for ntp ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2082-1 Rating: moderate References: #936970 #937147 #937504 #943565 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for ntp provides the following fixes: - Fix time synchronization between symmetrical peers. (bsc#943565) - Fix filtering for 127.127.X.Y pseudo addresses in conf.ntp.init. (bsc#937504) - Strip trailing slashes from keysdir. (bsc#937147) - Don't complain about empty or non-existent keysdir. (bsc#936970) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-ntp-12223=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-ntp-12223=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-ntp-12223=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-ntp-12223=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): ntp-4.2.4p8-1.38.2 ntp-doc-4.2.4p8-1.38.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): ntp-4.2.4p8-1.38.2 ntp-doc-4.2.4p8-1.38.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): ntp-4.2.4p8-1.38.2 ntp-doc-4.2.4p8-1.38.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): ntp-debuginfo-4.2.4p8-1.38.2 ntp-debugsource-4.2.4p8-1.38.2 References: https://bugzilla.suse.com/936970 https://bugzilla.suse.com/937147 https://bugzilla.suse.com/937504 https://bugzilla.suse.com/943565 From sle-updates at lists.suse.com Tue Nov 24 11:10:23 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:10:23 +0100 (CET) Subject: SUSE-SU-2015:2084-1: important: Security update for Linux Kernel Live Patch 5 Message-ID: <20151124181024.0CBFF320DF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2084-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.43-52.6.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-887=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_43-52_6-default-3-2.1 kgraft-patch-3_12_43-52_6-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:11:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:11:19 +0100 (CET) Subject: SUSE-SU-2015:2085-1: important: Security update for Linux Kernel Live Patch 4 Message-ID: <20151124181119.F1E4C320FF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2085-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.39-47.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-886=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_39-47-default-3-2.1 kgraft-patch-3_12_39-47-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:12:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:12:16 +0100 (CET) Subject: SUSE-SU-2015:2086-1: important: Security update for Linux Kernel Live Patch 7 Message-ID: <20151124181216.07D5C320FF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2086-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.44-52.18.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-889=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_44-52_18-default-2-4.1 kgraft-patch-3_12_44-52_18-xen-2-4.1 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:13:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:13:08 +0100 (CET) Subject: SUSE-SU-2015:2087-1: important: Security update for Linux Kernel Live Patch 6 Message-ID: <20151124181308.B7163320DF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2087-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.44-52.10.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-888=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_44-52_10-default-2-2.1 kgraft-patch-3_12_44-52_10-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:14:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:14:04 +0100 (CET) Subject: SUSE-SU-2015:2088-1: moderate: Security update for LibVNCServer Message-ID: <20151124181404.7083D320FF@maintenance.suse.de> SUSE Security Update: Security update for LibVNCServer ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2088-1 Rating: moderate References: #854151 #897031 Cross-References: CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: The LibVNCServer package was updated to fix the following security issues: - bsc#897031: fix several security issues: * CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side. * CVE-2014-6052: Lack of malloc() return value checking on client side. * CVE-2014-6053: Server crash on a very large ClientCutText message. * CVE-2014-6054: Server crash when scaling factor is set to zero. * CVE-2014-6055: Multiple stack overflows in File Transfer feature. - bsc#854151: Restrict the SSL cipher suite. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-890=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-890=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-890=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-15.1 LibVNCServer-devel-0.9.9-15.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): LibVNCServer-debugsource-0.9.9-15.1 libvncclient0-0.9.9-15.1 libvncclient0-debuginfo-0.9.9-15.1 libvncserver0-0.9.9-15.1 libvncserver0-debuginfo-0.9.9-15.1 - SUSE Linux Enterprise Desktop 12 (x86_64): LibVNCServer-debugsource-0.9.9-15.1 libvncclient0-0.9.9-15.1 libvncclient0-debuginfo-0.9.9-15.1 libvncserver0-0.9.9-15.1 libvncserver0-debuginfo-0.9.9-15.1 References: https://www.suse.com/security/cve/CVE-2014-6051.html https://www.suse.com/security/cve/CVE-2014-6052.html https://www.suse.com/security/cve/CVE-2014-6053.html https://www.suse.com/security/cve/CVE-2014-6054.html https://www.suse.com/security/cve/CVE-2014-6055.html https://bugzilla.suse.com/854151 https://bugzilla.suse.com/897031 From sle-updates at lists.suse.com Tue Nov 24 11:14:37 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:14:37 +0100 (CET) Subject: SUSE-SU-2015:2089-1: important: Security update for Linux Kernel Live Patch 1 Message-ID: <20151124181437.AA3DF320FF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2089-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.32-33.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-883=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_32-33-default-4-2.3 kgraft-patch-3_12_32-33-xen-4-2.3 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:15:27 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:15:27 +0100 (CET) Subject: SUSE-SU-2015:2090-1: important: Security update for Linux Kernel Live Patch 3 Message-ID: <20151124181527.DD798320FF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2090-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.38-44.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-885=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_38-44-default-3-2.1 kgraft-patch-3_12_38-44-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 11:16:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 19:16:18 +0100 (CET) Subject: SUSE-SU-2015:2091-1: important: Security update for Linux Kernel Live Patch 2 Message-ID: <20151124181618.C1994320FF@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2091-1 Rating: important References: #940338 #940342 #948536 #948701 Cross-References: CVE-2015-5707 CVE-2015-7613 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This kernel live patch for Linux Kernel 3.12.36-38.1 fixes two security issues: - CVE-2015-7613: A race condition in the IPC object implementation in the Linux kernel allowed local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. (bsc#948701 bsc#948536) - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. (bsc#940342 bsc#940338) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-884=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_36-38-default-4-2.3 kgraft-patch-3_12_36-38-xen-4-2.3 References: https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-7613.html https://bugzilla.suse.com/940338 https://bugzilla.suse.com/940342 https://bugzilla.suse.com/948536 https://bugzilla.suse.com/948701 From sle-updates at lists.suse.com Tue Nov 24 15:10:25 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Nov 2015 23:10:25 +0100 (CET) Subject: SUSE-RU-2015:2092-1: Recommended update for sysstat Message-ID: <20151124221025.36FFA320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysstat ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2092-1 Rating: low References: #926135 #945044 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for sysstat provides the following fixes: - When device-mapper isn't found in /proc/devices, assume it's not running at all. (bsc#926135) - Set umask in sa1 before creating the data file. (bsc#945044) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sysstat-12224=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-sysstat-12224=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sysstat-12224=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): sysstat-8.1.5-7.52.1 sysstat-isag-8.1.5-7.52.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): sysstat-8.1.5-7.52.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sysstat-debuginfo-8.1.5-7.52.1 sysstat-debugsource-8.1.5-7.52.1 References: https://bugzilla.suse.com/926135 https://bugzilla.suse.com/945044 From sle-updates at lists.suse.com Wed Nov 25 06:10:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Nov 2015 14:10:57 +0100 (CET) Subject: SUSE-RU-2015:2093-1: moderate: Recommended update for crash Message-ID: <20151125131057.76FD2320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for crash ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2093-1 Rating: moderate References: #922005 #940720 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crash provides the following fixes: - Fix changed Xen 4.2.5 domain structure member. (bsc#922005) - Fix mis-labeled per-cpu exception stacks. (bsc#940720) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-892=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-892=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): crash-debuginfo-7.0.5-10.1 crash-debugsource-7.0.5-10.1 crash-devel-7.0.5-10.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): crash-7.0.5-10.1 crash-debuginfo-7.0.5-10.1 crash-debugsource-7.0.5-10.1 crash-kmp-default-7.0.5_k3.12.48_52.27-10.1 crash-kmp-default-debuginfo-7.0.5_k3.12.48_52.27-10.1 - SUSE Linux Enterprise Server 12 (x86_64): crash-kmp-xen-7.0.5_k3.12.48_52.27-10.1 crash-kmp-xen-debuginfo-7.0.5_k3.12.48_52.27-10.1 References: https://bugzilla.suse.com/922005 https://bugzilla.suse.com/940720 From sle-updates at lists.suse.com Wed Nov 25 09:10:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Nov 2015 17:10:56 +0100 (CET) Subject: SUSE-RU-2015:2094-1: moderate: Recommended update for syslog-ng Message-ID: <20151125161056.508AE320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for syslog-ng ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2094-1 Rating: moderate References: #883403 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for syslog-ng provides the following fixes: - Do not fail to start if a remote log server name cannot be resolved. (bsc#883403) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-syslog-ng-12225=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-syslog-ng-12225=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-syslog-ng-12225=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-syslog-ng-12225=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-syslog-ng-12225=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-syslog-ng-12225=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-syslog-ng-12225=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): syslog-ng-2.0.9-27.34.39.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): syslog-ng-2.0.9-27.34.39.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): syslog-ng-2.0.9-27.34.39.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): syslog-ng-2.0.9-27.34.39.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): syslog-ng-2.0.9-27.34.39.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): syslog-ng-debuginfo-2.0.9-27.34.39.2 syslog-ng-debugsource-2.0.9-27.34.39.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): syslog-ng-debuginfo-2.0.9-27.34.39.2 syslog-ng-debugsource-2.0.9-27.34.39.2 References: https://bugzilla.suse.com/883403 From sle-updates at lists.suse.com Wed Nov 25 10:10:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Nov 2015 18:10:41 +0100 (CET) Subject: SUSE-RU-2015:2095-1: moderate: Recommended update for sssd Message-ID: <20151125171041.2B93D320FF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sssd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2095-1 Rating: moderate References: #926961 #939249 #941121 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for sssd provides the following fixes: - Require libsss_sudo by default, as sudo support is an integral component of SSSD. (bsc#939249) - Fix an issue with incorrect interpretation of line breaks in sshPublicKey attribute. (bsc#941121) - Do not permit user sessions before sssd has finished starting up. (bsc#926961) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-894=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-894=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-894=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libipa_hbac-devel-1.11.5.1-10.7.1 libsss_idmap-devel-1.11.5.1-10.7.1 libsss_nss_idmap-devel-1.11.5.1-10.7.1 libsss_nss_idmap0-1.11.5.1-10.7.1 libsss_nss_idmap0-debuginfo-1.11.5.1-10.7.1 sssd-debuginfo-1.11.5.1-10.7.1 sssd-debugsource-1.11.5.1-10.7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libipa_hbac0-1.11.5.1-10.7.1 libipa_hbac0-debuginfo-1.11.5.1-10.7.1 libsss_idmap0-1.11.5.1-10.7.1 libsss_idmap0-debuginfo-1.11.5.1-10.7.1 libsss_sudo-1.11.5.1-10.7.1 libsss_sudo-debuginfo-1.11.5.1-10.7.1 python-sssd-config-1.11.5.1-10.7.1 python-sssd-config-debuginfo-1.11.5.1-10.7.1 sssd-1.11.5.1-10.7.1 sssd-ad-1.11.5.1-10.7.1 sssd-ad-debuginfo-1.11.5.1-10.7.1 sssd-debuginfo-1.11.5.1-10.7.1 sssd-debugsource-1.11.5.1-10.7.1 sssd-ipa-1.11.5.1-10.7.1 sssd-ipa-debuginfo-1.11.5.1-10.7.1 sssd-krb5-1.11.5.1-10.7.1 sssd-krb5-common-1.11.5.1-10.7.1 sssd-krb5-common-debuginfo-1.11.5.1-10.7.1 sssd-krb5-debuginfo-1.11.5.1-10.7.1 sssd-ldap-1.11.5.1-10.7.1 sssd-ldap-debuginfo-1.11.5.1-10.7.1 sssd-proxy-1.11.5.1-10.7.1 sssd-proxy-debuginfo-1.11.5.1-10.7.1 sssd-tools-1.11.5.1-10.7.1 sssd-tools-debuginfo-1.11.5.1-10.7.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): sssd-32bit-1.11.5.1-10.7.1 sssd-debuginfo-32bit-1.11.5.1-10.7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libipa_hbac0-1.11.5.1-10.7.1 libipa_hbac0-debuginfo-1.11.5.1-10.7.1 libsss_idmap0-1.11.5.1-10.7.1 libsss_idmap0-debuginfo-1.11.5.1-10.7.1 libsss_sudo-1.11.5.1-10.7.1 libsss_sudo-debuginfo-1.11.5.1-10.7.1 python-sssd-config-1.11.5.1-10.7.1 python-sssd-config-debuginfo-1.11.5.1-10.7.1 sssd-1.11.5.1-10.7.1 sssd-32bit-1.11.5.1-10.7.1 sssd-ad-1.11.5.1-10.7.1 sssd-ad-debuginfo-1.11.5.1-10.7.1 sssd-debuginfo-1.11.5.1-10.7.1 sssd-debuginfo-32bit-1.11.5.1-10.7.1 sssd-debugsource-1.11.5.1-10.7.1 sssd-ipa-1.11.5.1-10.7.1 sssd-ipa-debuginfo-1.11.5.1-10.7.1 sssd-krb5-1.11.5.1-10.7.1 sssd-krb5-common-1.11.5.1-10.7.1 sssd-krb5-common-debuginfo-1.11.5.1-10.7.1 sssd-krb5-debuginfo-1.11.5.1-10.7.1 sssd-ldap-1.11.5.1-10.7.1 sssd-ldap-debuginfo-1.11.5.1-10.7.1 sssd-proxy-1.11.5.1-10.7.1 sssd-proxy-debuginfo-1.11.5.1-10.7.1 sssd-tools-1.11.5.1-10.7.1 sssd-tools-debuginfo-1.11.5.1-10.7.1 References: https://bugzilla.suse.com/926961 https://bugzilla.suse.com/939249 https://bugzilla.suse.com/941121 From sle-updates at lists.suse.com Wed Nov 25 13:10:41 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Nov 2015 21:10:41 +0100 (CET) Subject: SUSE-RU-2015:2096-1: moderate: Recommended update for yast2-auth-client Message-ID: <20151125201041.0CCB2320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-auth-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2096-1 Rating: moderate References: #955883 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-auth-client fixes a crash when selecting 'none' as authentication provider. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-895=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-895=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-auth-client-3.1.23.2-6.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-auth-client-3.1.23.2-6.1 References: https://bugzilla.suse.com/955883 From sle-updates at lists.suse.com Thu Nov 26 05:10:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 13:10:55 +0100 (CET) Subject: SUSE-SU-2015:2108-1: important: Security update for the Linux Kernel Message-ID: <20151126121055.0FF0E320FF@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2108-1 Rating: important References: #777565 #814440 #900610 #904348 #904965 #920016 #923002 #926007 #926709 #926774 #930145 #930788 #932350 #932805 #933721 #935053 #935757 #936118 #938706 #939826 #939926 #939955 #940017 #940925 #941202 #942204 #942305 #942367 #942605 #942688 #942938 #943786 #944296 #944831 #944837 #944989 #944993 #945691 #945825 #945827 #946078 #946309 #947957 #948330 #948347 #948521 #949100 #949298 #949502 #949706 #949744 #949981 #951440 #952084 #952384 #952579 #953527 #953980 #954404 Cross-References: CVE-2015-0272 CVE-2015-5157 CVE-2015-5307 CVE-2015-6252 CVE-2015-6937 CVE-2015-7872 CVE-2015-7990 CVE-2015-8104 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 51 fixes is now available. Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in microcode via #DB exception (bsc#954404). - CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in microcode via #AC exception (bsc#953527). - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384). - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bsc#938706). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951440). - CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by validating before applying it (bsc#944296). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bsc#945825). - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered permanent file-descriptor allocation (bsc#942367). The following non-security bugs were fixed: - alsa: hda - Disable 64bit address for Creative HDA controllers (bsc#814440). - btrfs: fix hang when failing to submit bio of directIO (bsc#942688). - btrfs: fix memory corruption on failure to submit bio for direct IO (bsc#942688). - btrfs: fix put dio bio twice when we submit dio bio fail (bsc#942688). - dm sysfs: introduce ability to add writable attributes (bsc#904348). - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826). - dm: do not start current request if it would have merged with the previous (bsc#904348). - dm: impose configurable deadline for dm_request_fn merge heuristic (bsc#904348). - drm/i915: (re)init HPD interrupt storm statistics (bsc#942938). - drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938). - drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4) (bsc#942938). - drm/i915: Add bit field to record which pins have received HPD events (v3) (bsc#942938). - drm/i915: Add enum hpd_pin to intel_encoder (bsc#942938). - drm/i915: Add messages useful for HPD storm detection debugging (v2) (bsc#942938). - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt (bsc#942938). - drm/i915: Convert HPD interrupts to make use of HPD pin assignment in encoders (v2) (bsc#942938). - drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3) (bsc#942938). - drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch platforms (bsc#942938). - drm/i915: Enable hotplug interrupts after querying hw capabilities (bsc#942938). - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924). - drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938). - drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938). - drm/i915: Get rid if the "^A" in struct drm_i915_private (bsc#942938). - drm/i915: Make hpd arrays big enough to avoid out of bounds access (bsc#942938). - drm/i915: Mask out the HPD irq bits before setting them individually (bsc#942938). - drm/i915: Only print hotplug event message when hotplug bit is set (bsc#942938). - drm/i915: Only reprobe display on encoder which has received an HPD event (v2) (bsc#942938). - drm/i915: Queue reenable timer also when enable_hotplug_processing is false (bsc#942938). - drm/i915: Remove i965_hpd_irq_setup (bsc#942938). - drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938). - drm/i915: Remove valleyview_hpd_irq_setup (bsc#942938). - drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler() (bsc#942938). - drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets (bsc#942938). - drm/i915: add hotplug activation period to hotplug update mask (bsc#953980). - drm/i915: assert_spin_locked for pipestat interrupt enable/disable (bsc#942938). - drm/i915: clear crt hotplug compare voltage field before setting (bsc#942938). - drm/i915: close tiny race in the ilk pcu even interrupt setup (bsc#942938). - drm/i915: fix hotplug event bit tracking (bsc#942938). - drm/i915: fix hpd interrupt register locking (bsc#942938). - drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock (bsc#942938). - drm/i915: fix locking around ironlake_enable|disable_display_irq (bsc#942938). - drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler (bsc#942938). - drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938). - drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938). - drm/i915: implement ibx_hpd_irq_setup (bsc#942938). - drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938). - ehci-pci: enable interrupt on BayTrail (bnc926007). - fix lpfc_send_rscn_event allocation size claims bsc#935757 - hugetlb: simplify migrate_huge_page() (bsc#947957, VM Functionality). - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a free hugepage (bsc#947957). - ib/iser: Add Discovery support (bsc#923002). - ib/iser: Move informational messages from error to info level (bsc#923002). - ib/srp: Avoid skipping srp_reset_host() after a transport error (bsc#904965). - ib/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965). - inotify: Fix nested sleeps in inotify_read() (bsc#940925). - ipv6: fix tunnel error handling (bsc#952579). - ipv6: probe routes asynchronous in rt6_probe (bsc#936118). - ipvs: Fix reuse connection if real server is dead (bsc#945827). - ipvs: drop first packet to dead server (bsc#946078). - keys: Fix race between key destruction and finding a keyring by name (bsc#951440). - ktime: add ktime_after and ktime_before helpe (bsc#904348). - lib/string.c: introduce memchr_inv() (bsc#930788). - libiscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002). - macvlan: Support bonding events bsc#948521 - make sure XPRT_CONNECTING gets cleared when needed (bsc#946309). - memory-failure: do code refactor of soft_offline_page() (bsc#947957). - memory-failure: fix an error of mce_bad_pages statistics (bsc#947957). - memory-failure: use num_poisoned_pages instead of mce_bad_pages (bsc#947957). - memory-hotplug: update mce_bad_pages when removing the memory (bsc#947957). - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory error on thp (bsc#947957). - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully (bsc#947957). - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge pages (bsc#947957). - mm: exclude reserved pages from dirtyable memory 32b fix (bsc#940017, bsc#949298). - mm: make page pfmemalloc check more robust (bsc#920016). - netfilter: nf_conntrack_proto_sctp: minimal multihoming support (bsc#932350). - pci: Add VPD function 0 quirk for Intel Ethernet devices (bsc#943786). - pci: Add dev_flags bit to access VPD through function 0 (bsc#943786). - pci: Add flag indicating device has been assigned by KVM (bsc#777565). - pci: Clear NumVFs when disabling SR-IOV in sriov_init() (bsc#952084). - pci: Refresh First VF Offset and VF Stride when updating NumVFs (bsc#952084). - pci: Update NumVFs register when disabling SR-IOV (bsc#952084). - pci: delay configuration of SRIOV capability (bsc#952084). - pci: set pci sriov page size before reading SRIOV BAR (bsc#952084). - pktgen: clean up ktime_t helpers (bsc#904348). - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993). - qla2xxx: Remove decrement of sp reference count in abort handler (bsc#944993). - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993). - r8169: remember WOL preferences on driver load (bsc#942305). - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706). - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds (bsc#930145). - sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bsc#949100). - scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bsc#942204). - scsi: hosts: update to use ida_simple for host_no (bsc#939926) - scsi: kabi: allow iscsi disocvery session support (bsc#923002). - scsi_transport_iscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002). - sg: fix read() error reporting (bsc#926774). - usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb (bsc#933721). - usb: xhci: Reset a halted endpoint immediately when we encounter a stall (bsc#933721). - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers (bsc#944989). - usb: xhci: do not start a halted endpoint before its new dequeue is set (bsc#933721). - usb: xhci: handle Config Error Change (CEC) in xhci driver (bsc#933721). - x86/tsc: Change Fast TSC calibration failed from error to info (bsc#942605). - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330). - x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330). - xfs: Fix lost direct IO write in the last block (bsc#949744). - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347). - xfs: add EOFBLOCKS inode tagging/untagging (bsc#930788). - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bsc#930788). - xfs: add background scanning to clear eofblocks inodes (bsc#930788). - xfs: add inode id filtering to eofblocks scan (bsc#930788). - xfs: add minimum file size filtering to eofblocks scan (bsc#930788). - xfs: create function to scan and clear EOFBLOCKS inodes (bsc#930788). - xfs: create helper to check whether to free eofblocks on inode (bsc#930788). - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805). - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock failure (bsc#930788). - xfs: support a tag-based inode_ag_iterator (bsc#930788). - xfs: support multiple inode id filtering in eofblocks scan (bsc#930788). - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805). - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bsc#949981). - xhci: Allocate correct amount of scratchpad buffers (bsc#933721). - xhci: Calculate old endpoints correctly on device reset (bsc#944831). - xhci: Do not enable/disable RWE on bus suspend/resume (bsc#933721). - xhci: For streams the css flag most be read from the stream-ctx on ep stop (bsc#945691). - xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256 (bsc#933721). - xhci: Treat not finding the event_seg on COMP_STOP the same as COMP_STOP_INVAL (bsc#933721). - xhci: Workaround for PME stuck issues in Intel xhci (bsc#933721). - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bsc#949502). - xhci: do not report PLC when link is in internal resume state (bsc#933721). - xhci: fix isoc endpoint dequeue from advancing too far on transaction error (bsc#944837). - xhci: fix reporting of 0-sized URBs in control endpoint (bsc#933721). - xhci: report U3 when link is in resume state (bsc#933721). - xhci: rework cycle bit checking for new dequeue pointers (bsc#933721). - xhci: use uninterruptible sleep for waiting for internal operations (bsc#939955). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-kernel-source-12226=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-kernel-source-12226=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-kernel-source-12226=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-12226=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-kernel-source-12226=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-kernel-source-12226=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (noarch): kernel-docs-3.0.101-0.47.71.3 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): kernel-default-3.0.101-0.47.71.1 kernel-default-base-3.0.101-0.47.71.1 kernel-default-devel-3.0.101-0.47.71.1 kernel-source-3.0.101-0.47.71.1 kernel-syms-3.0.101-0.47.71.1 kernel-trace-3.0.101-0.47.71.1 kernel-trace-base-3.0.101-0.47.71.1 kernel-trace-devel-3.0.101-0.47.71.1 kernel-xen-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): kernel-bigsmp-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586): kernel-pae-3.0.101-0.47.71.1 kernel-pae-base-3.0.101-0.47.71.1 kernel-pae-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-0.47.71.1 kernel-default-base-3.0.101-0.47.71.1 kernel-default-devel-3.0.101-0.47.71.1 kernel-source-3.0.101-0.47.71.1 kernel-syms-3.0.101-0.47.71.1 kernel-trace-3.0.101-0.47.71.1 kernel-trace-base-3.0.101-0.47.71.1 kernel-trace-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (i586 x86_64): kernel-ec2-3.0.101-0.47.71.1 kernel-ec2-base-3.0.101-0.47.71.1 kernel-ec2-devel-3.0.101-0.47.71.1 kernel-xen-3.0.101-0.47.71.1 kernel-xen-base-3.0.101-0.47.71.1 kernel-xen-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (x86_64): kernel-bigsmp-3.0.101-0.47.71.1 kernel-bigsmp-base-3.0.101-0.47.71.1 kernel-bigsmp-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (s390x): kernel-default-man-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64): kernel-ppc64-3.0.101-0.47.71.1 kernel-ppc64-base-3.0.101-0.47.71.1 kernel-ppc64-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-SP3 (i586): kernel-pae-3.0.101-0.47.71.1 kernel-pae-base-3.0.101-0.47.71.1 kernel-pae-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-bigsmp-extra-3.0.101-0.47.71.1 kernel-trace-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): kernel-default-3.0.101-0.47.71.1 kernel-default-base-3.0.101-0.47.71.1 kernel-default-devel-3.0.101-0.47.71.1 kernel-default-extra-3.0.101-0.47.71.1 kernel-source-3.0.101-0.47.71.1 kernel-syms-3.0.101-0.47.71.1 kernel-trace-devel-3.0.101-0.47.71.1 kernel-xen-3.0.101-0.47.71.1 kernel-xen-base-3.0.101-0.47.71.1 kernel-xen-devel-3.0.101-0.47.71.1 kernel-xen-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): kernel-bigsmp-devel-3.0.101-0.47.71.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586): kernel-pae-3.0.101-0.47.71.1 kernel-pae-base-3.0.101-0.47.71.1 kernel-pae-devel-3.0.101-0.47.71.1 kernel-pae-extra-3.0.101-0.47.71.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-0.47.71.1 kernel-default-debugsource-3.0.101-0.47.71.1 kernel-trace-debuginfo-3.0.101-0.47.71.1 kernel-trace-debugsource-3.0.101-0.47.71.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-0.47.71.1 kernel-ec2-debugsource-3.0.101-0.47.71.1 kernel-xen-debuginfo-3.0.101-0.47.71.1 kernel-xen-debugsource-3.0.101-0.47.71.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (x86_64): kernel-bigsmp-debuginfo-3.0.101-0.47.71.1 kernel-bigsmp-debugsource-3.0.101-0.47.71.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64): kernel-ppc64-debuginfo-3.0.101-0.47.71.1 kernel-ppc64-debugsource-3.0.101-0.47.71.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586): kernel-pae-debuginfo-3.0.101-0.47.71.1 kernel-pae-debugsource-3.0.101-0.47.71.1 References: https://www.suse.com/security/cve/CVE-2015-0272.html https://www.suse.com/security/cve/CVE-2015-5157.html https://www.suse.com/security/cve/CVE-2015-5307.html https://www.suse.com/security/cve/CVE-2015-6252.html https://www.suse.com/security/cve/CVE-2015-6937.html https://www.suse.com/security/cve/CVE-2015-7872.html https://www.suse.com/security/cve/CVE-2015-7990.html https://www.suse.com/security/cve/CVE-2015-8104.html https://bugzilla.suse.com/777565 https://bugzilla.suse.com/814440 https://bugzilla.suse.com/900610 https://bugzilla.suse.com/904348 https://bugzilla.suse.com/904965 https://bugzilla.suse.com/920016 https://bugzilla.suse.com/923002 https://bugzilla.suse.com/926007 https://bugzilla.suse.com/926709 https://bugzilla.suse.com/926774 https://bugzilla.suse.com/930145 https://bugzilla.suse.com/930788 https://bugzilla.suse.com/932350 https://bugzilla.suse.com/932805 https://bugzilla.suse.com/933721 https://bugzilla.suse.com/935053 https://bugzilla.suse.com/935757 https://bugzilla.suse.com/936118 https://bugzilla.suse.com/938706 https://bugzilla.suse.com/939826 https://bugzilla.suse.com/939926 https://bugzilla.suse.com/939955 https://bugzilla.suse.com/940017 https://bugzilla.suse.com/940925 https://bugzilla.suse.com/941202 https://bugzilla.suse.com/942204 https://bugzilla.suse.com/942305 https://bugzilla.suse.com/942367 https://bugzilla.suse.com/942605 https://bugzilla.suse.com/942688 https://bugzilla.suse.com/942938 https://bugzilla.suse.com/943786 https://bugzilla.suse.com/944296 https://bugzilla.suse.com/944831 https://bugzilla.suse.com/944837 https://bugzilla.suse.com/944989 https://bugzilla.suse.com/944993 https://bugzilla.suse.com/945691 https://bugzilla.suse.com/945825 https://bugzilla.suse.com/945827 https://bugzilla.suse.com/946078 https://bugzilla.suse.com/946309 https://bugzilla.suse.com/947957 https://bugzilla.suse.com/948330 https://bugzilla.suse.com/948347 https://bugzilla.suse.com/948521 https://bugzilla.suse.com/949100 https://bugzilla.suse.com/949298 https://bugzilla.suse.com/949502 https://bugzilla.suse.com/949706 https://bugzilla.suse.com/949744 https://bugzilla.suse.com/949981 https://bugzilla.suse.com/951440 https://bugzilla.suse.com/952084 https://bugzilla.suse.com/952384 https://bugzilla.suse.com/952579 https://bugzilla.suse.com/953527 https://bugzilla.suse.com/953980 https://bugzilla.suse.com/954404 From sle-updates at lists.suse.com Thu Nov 26 07:10:48 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 15:10:48 +0100 (CET) Subject: SUSE-RU-2015:2109-1: Recommended update for yast2-slp-server Message-ID: <20151126141048.8FD8C320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-slp-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2109-1 Rating: low References: #878892 #954494 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-slp-server fixes handling of comments on slp.conf. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-yast2-slp-server-12228=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-yast2-slp-server-12228=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-slp-server-12228=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-slp-server-12228=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-slp-server-12228=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): yast2-slp-server-2.17.8-7.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (noarch): yast2-slp-server-2.17.8-7.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): yast2-slp-server-2.17.8-7.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): yast2-slp-server-2.17.8-7.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): yast2-slp-server-2.17.8-7.1 References: https://bugzilla.suse.com/878892 https://bugzilla.suse.com/954494 From sle-updates at lists.suse.com Thu Nov 26 07:11:29 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 15:11:29 +0100 (CET) Subject: SUSE-SU-2015:2110-1: moderate: Security update for LibVNCServer Message-ID: <20151126141129.F0A38320FF@maintenance.suse.de> SUSE Security Update: Security update for LibVNCServer ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2110-1 Rating: moderate References: #897031 Cross-References: CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: The libvncserver package was updated to fix the following security issues: - bsc#897031: fix several security issues: * CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side. * CVE-2014-6052: Lack of malloc() return value checking on client side. * CVE-2014-6053: Server crash on a very large ClientCutText message. * CVE-2014-6054: Server crash when scaling factor is set to zero. * CVE-2014-6055: Multiple stack overflows in File Transfer feature. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libvncserver-12227=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libvncserver-12227=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libvncserver-12227=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libvncserver-12227=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libvncserver-12227=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libvncserver-12227=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libvncserver-12227=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libvncserver-12227=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libvncserver-12227=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-devel-0.9.1-156.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-devel-0.9.1-156.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): LibVNCServer-0.9.1-156.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-0.9.1-156.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-0.9.1-156.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): LibVNCServer-0.9.1-156.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): LibVNCServer-0.9.1-156.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-debuginfo-0.9.1-156.1 LibVNCServer-debugsource-0.9.1-156.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): LibVNCServer-debuginfo-0.9.1-156.1 LibVNCServer-debugsource-0.9.1-156.1 References: https://www.suse.com/security/cve/CVE-2014-6051.html https://www.suse.com/security/cve/CVE-2014-6052.html https://www.suse.com/security/cve/CVE-2014-6053.html https://www.suse.com/security/cve/CVE-2014-6054.html https://www.suse.com/security/cve/CVE-2014-6055.html https://bugzilla.suse.com/897031 From sle-updates at lists.suse.com Thu Nov 26 09:11:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 17:11:06 +0100 (CET) Subject: SUSE-RU-2015:2111-1: moderate: Recommended update for snapper Message-ID: <20151126161106.7B416320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for snapper ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2111-1 Rating: moderate References: #941539 #954377 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Snapper introduces new features which will be used by the Service Pack migration process. A new package - rollback-helper - has been added to SUSE Linux Enterprise. It contains a set of helper scripts for performing a system rollback. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-899=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-899=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-899=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libsnapper-devel-0.2.4.2-4.3 snapper-debuginfo-0.2.4.2-4.3 snapper-debugsource-0.2.4.2-4.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libsnapper2-0.2.4.2-4.3 libsnapper2-debuginfo-0.2.4.2-4.3 pam_snapper-0.2.4.2-4.3 pam_snapper-debuginfo-0.2.4.2-4.3 snapper-0.2.4.2-4.3 snapper-debuginfo-0.2.4.2-4.3 snapper-debugsource-0.2.4.2-4.3 yast2-snapper-3.1.3-3.12 yast2-snapper-debuginfo-3.1.3-3.12 yast2-snapper-debugsource-3.1.3-3.12 - SUSE Linux Enterprise Server 12 (noarch): rollback-helper-0.1-4.1 snapper-zypp-plugin-0.2.4.2-4.3 - SUSE Linux Enterprise Desktop 12 (x86_64): libsnapper2-0.2.4.2-4.3 libsnapper2-debuginfo-0.2.4.2-4.3 pam_snapper-0.2.4.2-4.3 pam_snapper-debuginfo-0.2.4.2-4.3 snapper-0.2.4.2-4.3 snapper-debuginfo-0.2.4.2-4.3 snapper-debugsource-0.2.4.2-4.3 yast2-snapper-3.1.3-3.12 yast2-snapper-debuginfo-3.1.3-3.12 yast2-snapper-debugsource-3.1.3-3.12 - SUSE Linux Enterprise Desktop 12 (noarch): rollback-helper-0.1-4.1 snapper-zypp-plugin-0.2.4.2-4.3 References: https://bugzilla.suse.com/941539 https://bugzilla.suse.com/954377 From sle-updates at lists.suse.com Thu Nov 26 10:10:27 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 18:10:27 +0100 (CET) Subject: SUSE-RU-2015:2112-1: Recommended update for YaST2 modules Message-ID: <20151126171027.3300A320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for YaST2 modules ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2112-1 Rating: low References: #954412 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Several YaST2 modules have been updated to fix errors in the schema definitions used to validate AutoYaST profiles. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-900=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-900=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-900=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-network-devel-doc-3.1.112.11-2.22.2 yast2-users-debuginfo-3.1.37.2-12.3.2 yast2-users-debugsource-3.1.37.2-12.3.2 yast2-users-devel-doc-3.1.37.2-12.3.2 - SUSE Linux Enterprise Software Development Kit 12 (noarch): yast2-inetd-doc-3.1.10.1-9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-kdump-3.1.19.1-3.1 yast2-network-3.1.112.11-2.22.2 yast2-users-3.1.37.2-12.3.2 yast2-users-debuginfo-3.1.37.2-12.3.2 yast2-users-debugsource-3.1.37.2-12.3.2 - SUSE Linux Enterprise Server 12 (noarch): autoyast2-3.1.69.10-10.2 autoyast2-installation-3.1.69.10-10.2 yast2-audit-laf-3.1.2.1-3.1 yast2-dhcp-server-3.1.5-3.5 yast2-firewall-3.1.1.1-4.1 yast2-inetd-3.1.10.1-9.1 yast2-mail-3.1.4.1-3.7 yast2-samba-server-3.1.12.1-9.3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-kdump-3.1.19.1-3.1 yast2-network-3.1.112.11-2.22.2 yast2-users-3.1.37.2-12.3.2 yast2-users-debuginfo-3.1.37.2-12.3.2 yast2-users-debugsource-3.1.37.2-12.3.2 - SUSE Linux Enterprise Desktop 12 (noarch): autoyast2-3.1.69.10-10.2 autoyast2-installation-3.1.69.10-10.2 yast2-audit-laf-3.1.2.1-3.1 yast2-firewall-3.1.1.1-4.1 yast2-inetd-3.1.10.1-9.1 yast2-mail-3.1.4.1-3.7 yast2-samba-server-3.1.12.1-9.3.1 References: https://bugzilla.suse.com/954412 From sle-updates at lists.suse.com Thu Nov 26 10:10:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 18:10:50 +0100 (CET) Subject: SUSE-RU-2015:2113-1: moderate: Recommended update for crash Message-ID: <20151126171050.4DA79320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for crash ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2113-1 Rating: moderate References: #894142 #922005 #940720 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for crash provides the following fixes: - Fix segmentation fault when backtrace incorrectly detects rip and rsp. (bsc#894142) - Fix changed Xen 4.2.5 domain structure member. (bsc#922005) - Fix mis-labeled per-cpu exception stacks. (bsc#940720) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-crash-12229=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-crash-12229=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-crash-12229=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-crash-12229=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): crash-devel-6.0.7-0.18.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): crash-6.0.7-0.18.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): crash-6.0.7-0.18.1 crash-sial-6.0.7-0.18.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): crash-6.0.7-0.18.1 crash-sial-6.0.7-0.18.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): crash-debuginfo-6.0.7-0.18.1 crash-debugsource-6.0.7-0.18.1 References: https://bugzilla.suse.com/894142 https://bugzilla.suse.com/922005 https://bugzilla.suse.com/940720 From sle-updates at lists.suse.com Thu Nov 26 13:10:17 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 21:10:17 +0100 (CET) Subject: SUSE-RU-2015:2114-1: Recommended update for crowbar-barclamp-cinder Message-ID: <20151126201017.4B122320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-cinder ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2114-1 Rating: low References: #944810 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar-barclamp-cinder provides the following fixes and enhancements: - Update cinder caps for glance pool. (bsc#944810) - Make rpc_response_timeout configurable. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-cinder-12231=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-cinder-1.9+git.1444033481.e767308-13.2 References: https://bugzilla.suse.com/944810 From sle-updates at lists.suse.com Thu Nov 26 13:10:36 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Nov 2015 21:10:36 +0100 (CET) Subject: SUSE-RU-2015:2115-1: Recommended update for crowbar-barclamp-ceph Message-ID: <20151126201036.8A11A320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-ceph ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2115-1 Rating: low References: #944810 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar-barclamp-ceph fixes merging of existing client caps into new one. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-ceph-12230=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-ceph-1.9+git.1442501568.46fc188-11.4 References: https://bugzilla.suse.com/944810 From sle-updates at lists.suse.com Fri Nov 27 05:10:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 13:10:20 +0100 (CET) Subject: SUSE-SU-2015:2116-1: moderate: Security update for sblim-sfcb Message-ID: <20151127121020.39E57320F0@maintenance.suse.de> SUSE Security Update: Security update for sblim-sfcb ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2116-1 Rating: moderate References: #942628 Cross-References: CVE-2015-5185 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-904=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-904=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): sblim-sfcb-1.4.8-5.3.3 sblim-sfcb-debuginfo-1.4.8-5.3.3 sblim-sfcb-debugsource-1.4.8-5.3.3 - SUSE Linux Enterprise Desktop 12 (x86_64): sblim-sfcb-1.4.8-5.3.3 sblim-sfcb-debuginfo-1.4.8-5.3.3 sblim-sfcb-debugsource-1.4.8-5.3.3 References: https://www.suse.com/security/cve/CVE-2015-5185.html https://bugzilla.suse.com/942628 From sle-updates at lists.suse.com Fri Nov 27 06:10:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 14:10:54 +0100 (CET) Subject: SUSE-RU-2015:2117-1: Recommended update for pciutils-ids Message-ID: <20151127131054.36330320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for pciutils-ids ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2117-1 Rating: low References: #911528 #944104 #944436 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The system's PCI IDs database has been updated to version 2015.10.07. Additionally, the merge-pciids.pl script was fixed to not print warnings about conflicting definitions by default. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-pciutils-ids-12232=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-pciutils-ids-12232=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (noarch): pciutils-ids-2015.10.07-3.1 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): pciutils-ids-2015.10.07-3.1 References: https://bugzilla.suse.com/911528 https://bugzilla.suse.com/944104 https://bugzilla.suse.com/944436 From sle-updates at lists.suse.com Fri Nov 27 09:16:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 17:16:54 +0100 (CET) Subject: SUSE-SU-2015:2131-1: moderate: Security update for cabextract Message-ID: <20151127161654.AEE48320F0@maintenance.suse.de> SUSE Security Update: Security update for cabextract ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2131-1 Rating: moderate References: #934524 #934527 #934528 Cross-References: CVE-2014-9556 CVE-2014-9732 CVE-2015-4470 CVE-2015-4471 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This security update fixes the following issues: - Fix possible infinite loop caused DoS (bsc919283, CVE-2014-9556) - Fix zero dereference (bsc#934524, CVE-2014-9732) - Fix off by one (bsc#934527, CVE-2015-4470) - Fix buffer under-read crash (bsc#934528, CVE-2015-4471) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-cabextract-12233=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-cabextract-12233=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-cabextract-12233=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-cabextract-12233=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): cabextract-1.2-2.12.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): cabextract-1.2-2.12.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): cabextract-debuginfo-1.2-2.12.1 cabextract-debugsource-1.2-2.12.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): cabextract-debuginfo-1.2-2.12.1 cabextract-debugsource-1.2-2.12.1 References: https://www.suse.com/security/cve/CVE-2014-9556.html https://www.suse.com/security/cve/CVE-2014-9732.html https://www.suse.com/security/cve/CVE-2015-4470.html https://www.suse.com/security/cve/CVE-2015-4471.html https://bugzilla.suse.com/934524 https://bugzilla.suse.com/934527 https://bugzilla.suse.com/934528 From sle-updates at lists.suse.com Fri Nov 27 09:18:15 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 17:18:15 +0100 (CET) Subject: SUSE-RU-2015:2134-1: moderate: Recommended update for md_monitor Message-ID: <20151127161815.D9546320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for md_monitor ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2134-1 Rating: moderate References: #839559 #876830 #914035 #920563 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update provides md_monitor 5.3, which brings the following fixes: - Skip devices not in state 'online'. (bsc#920563) - Open MD device nodes read-only. - Skip uninitialized devices during scanning. - Fixup locking in dasd_monitor_thread. (bsc#839559) - Terminate string when reading from sysfs. - Use MD name in lookup_md_alias. (bsc#876830) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-907=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (s390x): md_monitor-5.3-2.3.1 md_monitor-debuginfo-5.3-2.3.1 md_monitor-debugsource-5.3-2.3.1 References: https://bugzilla.suse.com/839559 https://bugzilla.suse.com/876830 https://bugzilla.suse.com/914035 https://bugzilla.suse.com/920563 From sle-updates at lists.suse.com Fri Nov 27 10:10:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 18:10:24 +0100 (CET) Subject: SUSE-RU-2015:2138-1: Recommended update for gcimagebundle, google-daemon, google-startup-scripts Message-ID: <20151127171024.7A65C320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for gcimagebundle, google-daemon, google-startup-scripts ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2138-1 Rating: low References: #956339 #956340 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: gcimagebundle, google-daemon and google-startup-scripts have been updated to version 1.2.10, fixing the following issues: - Fixed a bug for storing an image to a Google Storage bucket. - Improved documentation. - Refactored and improved script that runs on boot. - Added fix for metadata scripts at a redirected URL. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-908=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): gcimagebundle-1.2.10-12.1 google-daemon-1.2.10-12.1 google-startup-scripts-1.2.10-12.1 References: https://bugzilla.suse.com/956339 https://bugzilla.suse.com/956340 From sle-updates at lists.suse.com Fri Nov 27 10:10:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 18:10:55 +0100 (CET) Subject: SUSE-RU-2015:2139-1: Recommended update for sles-manuals_en Message-ID: <20151127171055.3C94D320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for sles-manuals_en ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2139-1 Rating: low References: #918217 #922976 #927506 #938152 #947526 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: SUSE Linux Enterprise Server 12 manuals have been updated with fixes and enhancements: - Added more examples of "zypper list-patches --cve". (fate#319053) - Added a new tip on updating the initramfs file after changing the default sysctl configuration. (bsc#927506) - Replaced CA.sh with the explicit openssl command. - Improved GRUB 2 re-installation procedure. - Removed documentation about VNC view-only passwords because they are not available in SUSE Linux Enterprise Server. - Fixed procedure to access the installed system in a rescue mode. (bsc#918217) - Added a tip on preventing wicked from deactivating the network device on NFS roots. (bsc#938152) - Fixed misleading statement about kernel-FLAVOR-extra. (bsc#922976) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-909=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-909=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): sles-admin_en-pdf-12-36.3.11 sles-autoyast_en-pdf-12-36.3.11 sles-deployment_en-pdf-12-36.3.11 sles-dockerquick_en-pdf-12-36.3.11 sles-gnomeuser_en-pdf-12-36.3.11 sles-hardening_en-pdf-12-36.3.11 sles-installquick_en-pdf-12-36.3.11 sles-manuals_en-12-36.3.11 sles-security_en-pdf-12-36.3.11 sles-storage_en-pdf-12-36.3.11 sles-tuning_en-pdf-12-36.3.11 sles-virtualization_en-pdf-12-36.3.11 - SUSE Linux Enterprise Desktop 12 (noarch): sles-virtualization_en-pdf-12-36.3.11 References: https://bugzilla.suse.com/918217 https://bugzilla.suse.com/922976 https://bugzilla.suse.com/927506 https://bugzilla.suse.com/938152 https://bugzilla.suse.com/947526 From sle-updates at lists.suse.com Fri Nov 27 11:10:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 19:10:24 +0100 (CET) Subject: SUSE-RU-2015:2140-1: moderate: Recommended update for yast2-packager, yast2-pkg-bindings Message-ID: <20151127181024.EAFD4320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-packager, yast2-pkg-bindings ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2140-1 Rating: moderate References: #944504 #944505 #952112 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides the following fixes and enhancements: yast2-packager: - Repository editor can now manage URLs with repo variables like $arch and $releasever. (bsc#944505) - Do not check the free space on a CD/DVD mounted medium during online migration. (bsc#952112) - Added a filter showing only those repositories not belonging to any service. (bsc#944504) yast2-pkg-bindings: - Added Pkg::SourceRawURL() and Pkg:ExpandedUrl() to deal with repositories including repo variables. (bsc#944505) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-910=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-910=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-910=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-packager-devel-doc-3.1.52.1-7.3.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-packager-3.1.52.1-7.3.3 yast2-pkg-bindings-3.1.20.3-11.1 yast2-pkg-bindings-debuginfo-3.1.20.3-11.1 yast2-pkg-bindings-debugsource-3.1.20.3-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-packager-3.1.52.1-7.3.3 yast2-pkg-bindings-3.1.20.3-11.1 yast2-pkg-bindings-debuginfo-3.1.20.3-11.1 yast2-pkg-bindings-debugsource-3.1.20.3-11.1 References: https://bugzilla.suse.com/944504 https://bugzilla.suse.com/944505 https://bugzilla.suse.com/952112 From sle-updates at lists.suse.com Fri Nov 27 12:10:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 20:10:19 +0100 (CET) Subject: SUSE-RU-2015:2141-1: moderate: Recommended update for sysstat Message-ID: <20151127191019.70040320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysstat ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2141-1 Rating: moderate References: #889487 #909015 #926135 #945044 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for sysstat provides the following fixes: - When device-mapper isn't found in /proc/devices, assume it's not running at all. (bsc#926135) - Set umask in sa1 before creating the data file. (bsc#945044) - Correctly collect all the activities when overwriting the data file. (bsc#909015) - Prevent a race condition between sa1 and sa2 scripts. (bsc#889487) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-sysstat-12234=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-sysstat-12234=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-sysstat-12234=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-sysstat-12234=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): sysstat-8.1.5-7.49.1 sysstat-isag-8.1.5-7.49.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): sysstat-8.1.5-7.49.1 sysstat-isag-8.1.5-7.49.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): sysstat-8.1.5-7.49.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): sysstat-debuginfo-8.1.5-7.49.1 sysstat-debugsource-8.1.5-7.49.1 References: https://bugzilla.suse.com/889487 https://bugzilla.suse.com/909015 https://bugzilla.suse.com/926135 https://bugzilla.suse.com/945044 From sle-updates at lists.suse.com Fri Nov 27 13:10:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 21:10:16 +0100 (CET) Subject: SUSE-RU-2015:2143-1: Recommended update for ImageMagick Message-ID: <20151127201017.12F11320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2143-1 Rating: low References: #948017 #950872 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ImageMagick fixes usage of compression when converting image files to PDF format. This can significantly reduce the size of the PDFs generated. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-913=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-913=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-913=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-913=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): ImageMagick-6.8.8.1-13.10 ImageMagick-debuginfo-6.8.8.1-13.10 ImageMagick-debugsource-6.8.8.1-13.10 libMagick++-6_Q16-3-6.8.8.1-13.10 libMagick++-6_Q16-3-debuginfo-6.8.8.1-13.10 libMagickCore-6_Q16-1-32bit-6.8.8.1-13.10 libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-13.10 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): ImageMagick-6.8.8.1-13.10 ImageMagick-debuginfo-6.8.8.1-13.10 ImageMagick-debugsource-6.8.8.1-13.10 ImageMagick-devel-6.8.8.1-13.10 libMagick++-6_Q16-3-6.8.8.1-13.10 libMagick++-6_Q16-3-debuginfo-6.8.8.1-13.10 libMagick++-devel-6.8.8.1-13.10 perl-PerlMagick-6.8.8.1-13.10 perl-PerlMagick-debuginfo-6.8.8.1-13.10 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): ImageMagick-debuginfo-6.8.8.1-13.10 ImageMagick-debugsource-6.8.8.1-13.10 libMagickCore-6_Q16-1-6.8.8.1-13.10 libMagickCore-6_Q16-1-debuginfo-6.8.8.1-13.10 libMagickWand-6_Q16-1-6.8.8.1-13.10 libMagickWand-6_Q16-1-debuginfo-6.8.8.1-13.10 - SUSE Linux Enterprise Desktop 12 (x86_64): ImageMagick-6.8.8.1-13.10 ImageMagick-debuginfo-6.8.8.1-13.10 ImageMagick-debugsource-6.8.8.1-13.10 libMagick++-6_Q16-3-6.8.8.1-13.10 libMagick++-6_Q16-3-debuginfo-6.8.8.1-13.10 libMagickCore-6_Q16-1-32bit-6.8.8.1-13.10 libMagickCore-6_Q16-1-6.8.8.1-13.10 libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-13.10 libMagickCore-6_Q16-1-debuginfo-6.8.8.1-13.10 libMagickWand-6_Q16-1-6.8.8.1-13.10 libMagickWand-6_Q16-1-debuginfo-6.8.8.1-13.10 References: https://bugzilla.suse.com/948017 https://bugzilla.suse.com/950872 From sle-updates at lists.suse.com Fri Nov 27 13:10:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Nov 2015 21:10:53 +0100 (CET) Subject: SUSE-RU-2015:2144-1: moderate: Recommended update for lvm2 Message-ID: <20151127201053.C279C320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for lvm2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2144-1 Rating: moderate References: #935621 #935623 #937791 #938208 #938419 #942888 #946217 #946651 #948859 #952027 #952300 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. Description: This update for lvm2 provides the following fixes: - Adjust lvm2-lvmetad.service to ensure lvm2-lvmetad.socket is removed when the service is disabled. (bsc#952027) - Fix moving of PVs when physical block sizes of devices differ. (bsc#952300) - Allow creation of PVs on unpartitioned DASD devices formatted with CDL. (bsc#948859, bsc##946217) - Activate LVM volumes after network-attached devices (iSCSI and FCoE) are set up and set correct initialization order for lvm2 systemd services. (bsc#946651) - Fix segmentation fault when extending a LV with a smaller number of stripes than originally used. (bsc#942888) - Fix vgchange to check if there are no mounted file systems preventing deactivation of the volume group. (bsc#938419) - Retry VG-refresh in pvscan to prevent premature auto-activation failures. (bsc#938208) - Print debug information to standard output. (bsc#937791) - Fix an error in dmeventd which prevented the creation of the monitor thread. (bsc#935623) - Modify lvm2-monitor.service to add dependency on lvm2-activation.service. (bsc#935621) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-912=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-912=1 - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2015-912=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-912=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): device-mapper-debuginfo-1.02.78-60.1 device-mapper-devel-1.02.78-60.1 lvm2-debuginfo-2.02.98-60.1 lvm2-debugsource-2.02.98-60.1 lvm2-devel-2.02.98-60.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): device-mapper-1.02.78-60.1 device-mapper-debuginfo-1.02.78-60.1 lvm2-2.02.98-60.1 lvm2-debuginfo-2.02.98-60.1 lvm2-debugsource-2.02.98-60.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): device-mapper-32bit-1.02.78-60.1 device-mapper-debuginfo-32bit-1.02.78-60.1 - SUSE Linux Enterprise High Availability 12 (s390x x86_64): lvm2-clvm-2.02.98-60.1 lvm2-clvm-debuginfo-2.02.98-60.1 lvm2-cmirrord-2.02.98-60.1 lvm2-cmirrord-debuginfo-2.02.98-60.1 lvm2-debuginfo-2.02.98-60.1 lvm2-debugsource-2.02.98-60.1 - SUSE Linux Enterprise Desktop 12 (x86_64): device-mapper-1.02.78-60.1 device-mapper-32bit-1.02.78-60.1 device-mapper-debuginfo-1.02.78-60.1 device-mapper-debuginfo-32bit-1.02.78-60.1 lvm2-2.02.98-60.1 lvm2-debuginfo-2.02.98-60.1 lvm2-debugsource-2.02.98-60.1 References: https://bugzilla.suse.com/935621 https://bugzilla.suse.com/935623 https://bugzilla.suse.com/937791 https://bugzilla.suse.com/938208 https://bugzilla.suse.com/938419 https://bugzilla.suse.com/942888 https://bugzilla.suse.com/946217 https://bugzilla.suse.com/946651 https://bugzilla.suse.com/948859 https://bugzilla.suse.com/952027 https://bugzilla.suse.com/952300 From sle-updates at lists.suse.com Mon Nov 30 07:10:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Nov 2015 15:10:19 +0100 (CET) Subject: SUSE-SU-2015:2156-1: moderate: Security update for python-requests Message-ID: <20151130141019.CA59B320D9@maintenance.suse.de> SUSE Security Update: Security update for python-requests ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2156-1 Rating: moderate References: #922448 #935252 Cross-References: CVE-2015-2296 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: python-requests was updated to fix one security issue. This security issue was fixed: - CVE-2015-2296: The resolve_redirects function in sessions.py allowed remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. (bsc#922448) This non-security issue was fixed: - Don't use the hardcoded path for certificates. (bsc#935252) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-python-requests-12235=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): python-requests-2.3.0-9.2 References: https://www.suse.com/security/cve/CVE-2015-2296.html https://bugzilla.suse.com/922448 https://bugzilla.suse.com/935252 From sle-updates at lists.suse.com Mon Nov 30 11:10:32 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Nov 2015 19:10:32 +0100 (CET) Subject: SUSE-RU-2015:2157-1: Recommended update for crash Message-ID: <20151130181032.3E078320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for crash ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2157-1 Rating: low References: #940720 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crash provides the following fixes: - Fix mis-labeled per-cpu exception stacks. (bsc#940720) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-crash-12236=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-crash-12236=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-crash-12236=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): crash-devel-7.0.9-23.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): crash-7.0.9-23.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): crash-7.0.9-23.1 crash-eppic-7.0.9-23.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): crash-debuginfo-7.0.9-23.1 crash-debugsource-7.0.9-23.1 References: https://bugzilla.suse.com/940720 From sle-updates at lists.suse.com Mon Nov 30 14:10:23 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Nov 2015 22:10:23 +0100 (CET) Subject: SUSE-RU-2015:2158-1: moderate: Recommended update for libsoup Message-ID: <20151130211023.891A2320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for libsoup ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:2158-1 Rating: moderate References: #935201 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libsoup disables support for SSLv3 connections. For security reasons, only TLS 1.x and newer will be used. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libsoup-12237=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libsoup-12237=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libsoup-12237=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libsoup-12237=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libsoup-12237=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libsoup-12237=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libsoup-12237=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libsoup-12237=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsoup-devel-2.32.2-4.15.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libsoup-devel-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsoup-devel-2.32.2-4.15.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): libsoup-devel-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libsoup-2_4-1-2.32.2-4.15.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libsoup-2_4-1-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsoup-2_4-1-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsoup-2_4-1-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsoup-2_4-1-x86-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsoup-2_4-1-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libsoup-2_4-1-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libsoup-2_4-1-x86-2.32.2-4.15.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libsoup-2_4-1-2.32.2-4.15.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libsoup-2_4-1-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libsoup-2_4-1-2.32.2-4.15.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libsoup-2_4-1-32bit-2.32.2-4.15.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsoup-debuginfo-2.32.2-4.15.1 libsoup-debugsource-2.32.2-4.15.1 References: https://bugzilla.suse.com/935201