SUSE-SU-2016:2627-1: moderate: Security update for POS_Image3, POS_Server3

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Oct 25 12:08:52 MDT 2016


   SUSE Security Update: Security update for POS_Image3, POS_Server3
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:2627-1
Rating:             moderate
References:         #1003374 #1003376 #1003383 #840279 #883017 
                    #887607 #889665 #890002 #927232 #944292 #946740 
                    #979925 #985979 #989247 
Affected Products:
                    SUSE Linux Enterprise Point of Sale 11-SP3
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:


   This update provides POS_Image3 and POS_Server3 version 3.5.5, which bring
   many fixes and enhancements:

   - Fixed potential security issues (bsc#946740)
     * use three argument perl open function consistently
     * use array in perl system call everywhere
     * use preferably perl built-in functions instead of external shell
       commands
     * improved validation of uploaded files from terminals to BS
     * improved runcmd code used for calling external commands
   - Auto-registration should not start before dhcpd is ready (bsc#1003383)
   - Fixed handling of HTTP redirects in registerImages (bsc#1003376)
   - Fixed handling x86_64 images (bsc#1003374)
   - Do not limit number of entries for BS LDAP (bsc#985979)
   - Increase max wait time to 10mins (bsc#989247)
   - Infer service IP when only one BS NIC is specified in LDAP (bsc#927232)
   - Fixed regression in directly referenced image in scWorkstation object
     (bsc#979925)
   - Fixed handling deltas of compressed images in registerImages (bsc#887607)
   - Fixed posleases to handle stop event correctly (bsc#883017)
   - Fixed save_poslogs utility to dump LDAP content on BS (bsc#890002)
   - Do not configure authoritative DNS outside netmask (bsc#889665)
   - Add ipHostNumber field to services in posAdmin-GUI (bsc#944292)
   - Fixed multival modification in posAdmin (bsc#840279)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Point of Sale 11-SP3:

      zypper in -t patch sleposp3-POS_Image3-12817=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Point of Sale 11-SP3 (i586 x86_64):

      POS_Migration-3.5.5-18.1
      POS_Server-Admin3-3.5.5-18.1
      POS_Server-AdminGUI-3.5.5-18.1
      POS_Server-AdminTools3-3.5.5-18.1
      POS_Server-BranchTools3-3.5.5-18.1
      POS_Server-Modules3-3.5.5-18.1
      POS_Server3-3.5.5-18.1
      admind-1.9-18.1
      admind-client-1.9-18.1
      posbios-1.0-18.1

   - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch):

      POS_Image-Minimal3-3.4.0-18.1
      POS_Image-Netboot-hooks-3.4.0-18.1
      POS_Image-Tools-3.4.0-18.1
      POS_Image3-3.5.5-18.1


References:

   https://bugzilla.suse.com/1003374
   https://bugzilla.suse.com/1003376
   https://bugzilla.suse.com/1003383
   https://bugzilla.suse.com/840279
   https://bugzilla.suse.com/883017
   https://bugzilla.suse.com/887607
   https://bugzilla.suse.com/889665
   https://bugzilla.suse.com/890002
   https://bugzilla.suse.com/927232
   https://bugzilla.suse.com/944292
   https://bugzilla.suse.com/946740
   https://bugzilla.suse.com/979925
   https://bugzilla.suse.com/985979
   https://bugzilla.suse.com/989247



More information about the sle-security-updates mailing list