SUSE-RU-2017:2297-1: Recommended update for novnc
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Aug 29 16:08:09 MDT 2017
SUSE Recommended Update: Recommended update for novnc
______________________________________________________________________________
Announcement ID: SUSE-RU-2017:2297-1
Rating: low
References: #1052286
Affected Products:
SUSE OpenStack Cloud 7
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update provides novnc 0.6.2, which brings the following fixes and
enhancements:
- Fixes a XSS issue in which the remote VNC server could inject arbitrary
HTML into the noVNC web page via the messages propagated to the status
field, such as the VNC server name.
- Removes support for legacy browsers, namely IE9 and below. IE10 may
receive "best-effort" support. IE 11+, Edge, Firefox 31+, and Chrome 44+
continue to be supported.
For a comprehensive list of changes please refer to the Release Notes at
https://github.com/novnc/noVNC/releases
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 7:
zypper in -t patch SUSE-OpenStack-Cloud-7-2017-1413=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 7 (aarch64 s390x x86_64):
novnc-0.6.2-2.5.1
References:
https://bugzilla.suse.com/1052286
More information about the sle-updates
mailing list