SUSE-SU-2012:0819-1: moderate: Security update for SUSE Manager client tools

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jul 3 18:08:26 MDT 2012


   SUSE Security Update: Security update for SUSE Manager client tools
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0819-1
Rating:             moderate
References:         #764532 #766148 
Cross-References:   CVE-2012-2679
Affected Products:
                    SUSE Manager Client Tools for SLE 11 SP1
______________________________________________________________________________

   An update that solves one vulnerability and has one errata
   is now available.

Description:


   This update fixes the following issue:

   * support new function signature for image deployment.
   * fixed insecure permissions used for
   /var/log/rhncfg-actions file

   Security Issue reference:

   * CVE-2012-2679
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2679
   >

Indications:

   Everbody should update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Manager Client Tools for SLE 11 SP1:

      zypper in -t patch slesctsp1-client-tools-201206-6443

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Manager Client Tools for SLE 11 SP1 (noarch):

      rhn-virtualization-common-5.4.15-0.15.2
      rhn-virtualization-host-5.4.15-0.15.2
      rhncfg-5.9.33-0.20.1
      rhncfg-actions-5.9.33-0.20.1
      rhncfg-client-5.9.33-0.20.1
      rhncfg-management-5.9.33-0.20.1


References:

   http://support.novell.com/security/cve/CVE-2012-2679.html
   https://bugzilla.novell.com/764532
   https://bugzilla.novell.com/766148
   http://download.novell.com/patch/finder/?keywords=809f7eda81dd96dabc16151753b8ab6d



More information about the sle-security-updates mailing list