SUSE-SU-2012:0819-1: moderate: Security update for SUSE Manager client tools
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Jul 3 18:08:26 MDT 2012
SUSE Security Update: Security update for SUSE Manager client tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0819-1
Rating: moderate
References: #764532 #766148
Cross-References: CVE-2012-2679
Affected Products:
SUSE Manager Client Tools for SLE 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update fixes the following issue:
* support new function signature for image deployment.
* fixed insecure permissions used for
/var/log/rhncfg-actions file
Security Issue reference:
* CVE-2012-2679
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2679
>
Indications:
Everbody should update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager Client Tools for SLE 11 SP1:
zypper in -t patch slesctsp1-client-tools-201206-6443
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager Client Tools for SLE 11 SP1 (noarch):
rhn-virtualization-common-5.4.15-0.15.2
rhn-virtualization-host-5.4.15-0.15.2
rhncfg-5.9.33-0.20.1
rhncfg-actions-5.9.33-0.20.1
rhncfg-client-5.9.33-0.20.1
rhncfg-management-5.9.33-0.20.1
References:
http://support.novell.com/security/cve/CVE-2012-2679.html
https://bugzilla.novell.com/764532
https://bugzilla.novell.com/766148
http://download.novell.com/patch/finder/?keywords=809f7eda81dd96dabc16151753b8ab6d
More information about the sle-updates
mailing list