From sle-updates at lists.suse.com Tue Jan 1 10:08:34 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 1 Jan 2013 18:08:34 +0100 (CET) Subject: SUSE-RU-2013:0002-1: moderate: Recommended update for cron Message-ID: <20130101170834.AB1C5320F0@maintenance.suse.de> SUSE Recommended Update: Recommended update for cron ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0002-1 Rating: moderate References: #775460 #790933 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for cron provides the following fixes: * cron.daily with DAILY_TIME between 23:46 and 23:59 does not run reliably * cron doesn't reload system crontabs. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cron-7160 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cron-7160 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cron-7160 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): cron-4.1-194.205.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): cron-4.1-194.205.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): cron-4.1-194.205.1 References: https://bugzilla.novell.com/775460 https://bugzilla.novell.com/790933 http://download.novell.com/patch/finder/?keywords=1f01757673cf8397e0992a462ab2f6fa From sle-updates at lists.suse.com Thu Jan 3 10:08:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 3 Jan 2013 18:08:30 +0100 (CET) Subject: SUSE-RU-2013:0006-1: Recommended update for yast2-storage Message-ID: <20130103170830.9B5293215C@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-storage ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0006-1 Rating: low References: #758639 #792245 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update fixes a crash of the YaST2 disk module when device names of disks include metacharacters of extended regular expressions. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.112]: yast2-storage-2.13.112-0.6.1 yast2-storage-devel-2.13.112-0.6.1 yast2-storage-evms-2.13.112-0.6.1 yast2-storage-lib-2.13.112-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2.13.112]: yast2-storage-2.13.112-0.6.1 yast2-storage-lib-2.13.112-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2.13.112]: yast2-storage-devel-2.13.112-0.6.1 yast2-storage-evms-2.13.112-0.6.1 References: https://bugzilla.novell.com/758639 https://bugzilla.novell.com/792245 http://download.novell.com/patch/finder/?keywords=ba750e9e600d0393d0ced9b58a73efa2 From sle-updates at lists.suse.com Fri Jan 4 13:08:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 4 Jan 2013 21:08:26 +0100 (CET) Subject: SUSE-RU-2013:0007-1: Recommended update for sle-hae-release Message-ID: <20130104200826.197CE320D9@maintenance.suse.de> SUSE Recommended Update: Recommended update for sle-hae-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0007-1 Rating: low References: #781801 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an error in the product metadata for SLE High Availability 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-sle-hae-release-7168 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): sle-hae-release-11.2-1.81 References: https://bugzilla.novell.com/781801 http://download.novell.com/patch/finder/?keywords=503f462f66e98ae031feb881a924ba91 From sle-updates at lists.suse.com Fri Jan 4 14:08:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 4 Jan 2013 22:08:31 +0100 (CET) Subject: SUSE-RU-2013:0008-1: Recommended update for RRDTool Message-ID: <20130104210831.767433215E@maintenance.suse.de> SUSE Recommended Update: Recommended update for RRDTool ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0008-1 Rating: low References: #787205 #793636 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update provides rrdtool 1.4.7, which provides the following improvements: * rrdcached: a RRD Caching Daemon can dramatically improve the "update" performance. The Cache Daemon intercepts rrdtool update calls, assembling multiple updates before writing them to the actual rrd file. * rrdtool dump/restore has been rewritten to use an incremental xml parser, which has the advantage that the memory consumption while restoring xml files is only slightly larger than the resulting rrd file. It also provides various improvements to graphing functions: * VDEF PERCENTNAN (a PRECENT that ignores NAN). * CDEF PREDICT and PREDICTSIGMA functions for on-the-fly data prediction without the need to modify existing rrd files as it is required for HoltWinters. * LibDBI integration provides a path to read data directly of a supported QL database into rrdtool graph. * graph legends can now be placed left, right or above the graph with the new --legend-direction and --legend-positon placement options. * new graph option --grid-dash on:off to configure the dash length in the grid painted over the graph. * new graph option --border to set the 3d border width. * draw different color markers (enable with --dynamic-labels) depending on the type of element in the graph. Indications: Every interested user can update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-python-rrdtool-7177 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-python-rrdtool-7177 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-python-rrdtool-7177 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-python-rrdtool-7177 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.7]: python-rrdtool-1.4.7-0.4.1 rrdtool-devel-1.4.7-0.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.4.7]: rrdtool-1.4.7-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.7]: rrdtool-1.4.7-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.7]: rrdtool-1.4.7-0.4.1 References: https://bugzilla.novell.com/787205 https://bugzilla.novell.com/793636 http://download.novell.com/patch/finder/?keywords=e5f1eb6e93309c630bd8047c17592b26 From sle-updates at lists.suse.com Fri Jan 4 14:08:37 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 4 Jan 2013 22:08:37 +0100 (CET) Subject: SUSE-RU-2013:0009-1: Recommended update for SMT Message-ID: <20130104210837.386D23216F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SMT ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0009-1 Rating: low References: #718000 #779544 #784393 #787129 Affected Products: Subscription Management Tool 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: Because of the huge numbers of installed SMT servers the default sync window is too small. The load on NCC causes a lot of 502 Gateway errors. This update re-schedule the smt-daily and the smt-gen-report cronjob, if it is still configured the the default sync window. Additional fixes in SMT11: * Ignore option --repository, if --dbreplfile is given * mark files with wrong checksum as invalid and remove them before mirror again Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-res-signingkeys-7151 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64) [New Version: 1.2.1]: res-signingkeys-1.2.1-0.5.1 smt-1.2.1-0.5.1 smt-support-1.2.1-0.5.1 References: https://bugzilla.novell.com/718000 https://bugzilla.novell.com/779544 https://bugzilla.novell.com/784393 https://bugzilla.novell.com/787129 http://download.novell.com/patch/finder/?keywords=ccf14fb10cc0a407e45d089d549b04b8 From sle-updates at lists.suse.com Fri Jan 4 17:08:38 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 5 Jan 2013 01:08:38 +0100 (CET) Subject: SUSE-RU-2013:0010-1: Recommended update for gnome-screensaver Message-ID: <20130105000838.5425632158@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-screensaver ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0010-1 Rating: low References: #769690 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for GNOME's Screen Saver and Locker (gnome-screensaver) provides the following fix: * Do not display a blank screen when using screen saver themes 'Floating Feet' or 'Random'. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-gnome-screensaver-7200 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-gnome-screensaver-7200 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gnome-screensaver-7200 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): gnome-screensaver-2.28.3-0.32.1 gnome-screensaver-lang-2.28.3-0.32.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gnome-screensaver-2.28.3-0.32.1 gnome-screensaver-lang-2.28.3-0.32.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gnome-screensaver-2.28.3-0.32.1 gnome-screensaver-lang-2.28.3-0.32.1 References: https://bugzilla.novell.com/769690 http://download.novell.com/patch/finder/?keywords=e98ab1882fe445daf151298a8fd4b3fd From sle-updates at lists.suse.com Mon Jan 7 09:09:01 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 7 Jan 2013 17:09:01 +0100 (CET) Subject: SUSE-RU-2013:0012-1: Recommended update for libcpuset Message-ID: <20130107160901.3C6193215F@maintenance.suse.de> SUSE Recommended Update: Recommended update for libcpuset ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0012-1 Rating: low References: #625079 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libcpuset changes the library default mount point to /cpusets, which is already used by the cset tool. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libcpuset-7196 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libcpuset-7196 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libcpuset-7196 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libcpuset-devel-1.0-8.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): libcpuset1-1.0-8.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libcpuset1-1.0-8.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libcpuset1-1.0-8.5.1 References: https://bugzilla.novell.com/625079 http://download.novell.com/patch/finder/?keywords=cfffcb3d09101d730f463779229fb8f5 From sle-updates at lists.suse.com Mon Jan 7 10:08:35 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 7 Jan 2013 18:08:35 +0100 (CET) Subject: SUSE-RU-2013:0015-1: Recommended update for sysstat Message-ID: <20130107170835.3480A32167@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysstat ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0015-1 Rating: low References: #792636 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes iostat -n not displaying devices with long mountpoint paths. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sysstat-7155 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sysstat-7155 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sysstat-7155 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sysstat-8.1.5-7.38.38.1 sysstat-isag-8.1.5-7.38.38.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sysstat-8.1.5-7.38.38.1 sysstat-isag-8.1.5-7.38.38.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sysstat-8.1.5-7.38.38.1 References: https://bugzilla.novell.com/792636 http://download.novell.com/patch/finder/?keywords=e2a30e510cc7d56b3aff1941dd336251 From sle-updates at lists.suse.com Mon Jan 7 10:08:39 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 7 Jan 2013 18:08:39 +0100 (CET) Subject: SUSE-RU-2013:0016-1: Recommended update for Perl Message-ID: <20130107170839.B677F32174@maintenance.suse.de> SUSE Recommended Update: Recommended update for Perl ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0016-1 Rating: low References: #791524 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Perl resolves a problem in some regex substitution cases that resulted in the error "panic: free of wrong pool". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-perl-7171 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-perl-7171 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-perl-7171 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-perl-7171 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): perl-base-32bit-5.10.0-64.59.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): perl-base-x86-5.10.0-64.59.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): perl-5.10.0-64.59.1 perl-base-5.10.0-64.59.1 perl-doc-5.10.0-64.59.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): perl-32bit-5.10.0-64.59.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): perl-5.10.0-64.59.1 perl-base-5.10.0-64.59.1 perl-doc-5.10.0-64.59.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): perl-32bit-5.10.0-64.59.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): perl-x86-5.10.0-64.59.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): perl-5.10.0-64.59.1 perl-base-5.10.0-64.59.1 perl-doc-5.10.0-64.59.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): perl-32bit-5.10.0-64.59.1 References: https://bugzilla.novell.com/791524 http://download.novell.com/patch/finder/?keywords=961eb5af0292ce0ce5a7c5bc8fc2a2cf From sle-updates at lists.suse.com Mon Jan 7 11:08:36 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 7 Jan 2013 19:08:36 +0100 (CET) Subject: SUSE-RU-2013:0017-1: Recommended update for yast2-product-creator Message-ID: <20130107180837.17D2A32164@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-product-creator ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0017-1 Rating: low References: #773968 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for YaST's Product Creator module (yast2-product-creator) provides the following fix: * Do not create aliases for new repositories, let zypper handle it (bnc#773968). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-product-creator-6993 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-yast2-product-creator-6993 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.53]: yast2-product-creator-2.17.53-0.5.2 - SUSE Linux Enterprise Point of Service 11 SP2 (noarch) [New Version: 2.17.53]: yast2-product-creator-2.17.53-0.5.2 References: https://bugzilla.novell.com/773968 http://download.novell.com/patch/finder/?keywords=9fb213d36807cd6043404a3b67b9151b From sle-updates at lists.suse.com Tue Jan 8 10:08:36 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 8 Jan 2013 18:08:36 +0100 (CET) Subject: SUSE-RU-2013:0020-1: Recommended update for crowbar components Message-ID: <20130108170836.4662A32164@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar components ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0020-1 Rating: low References: #772230 #773041 #776901 #780406 #782053 #782275 #784345 #784494 #784857 #785469 #785689 #787344 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that solves one vulnerability and has 11 fixes is now available. Description: This update to the crowbar components of SUSE Cloud 1.0 provides the following fixes: crowbar: * 784494: Add more stringent checks that /srv/tftpboot/repos are set up correctly crowbar-barclamp-provisioner: * 785689: Fix TFTP server not running because xinetd was not reloaded crowbar-barclamp-crowbar: * 782275: forgotten nodes remain in proposals * 784857: Fix crowbar server production.log permissions (CVE-2012-0434) * 784345: With default setting, nova scheduler will over-commit memory * 773041: Usability: crowbar: do not allow allocate before node is in discovered state * 772230: CSS file reverences fonts from google server crowbar-barclamp-database: * 782053: postgresql can run out of connections crowbar-barclamp-nova: * 780406: postgresql: grant privileges tuple concurrently updated * 776901: barclamp-nova: deploy of nova in default mode fails, because open-iscsi init script returns with 6 on start crowbar-barclamp-dns: * Expose nameservers chef attribute to crowbar proposals * Fix wrong /etc/bind/named.conf template * 785469: Provide "allow_transfer" proposal / chef attribute * 787344: explicitly do not run chrooted After installation of this update you might experience temporary error messages in various SUSE Cloud components that stop after a few minutes. This occurs when several services have to recover from a potential restart of the database. In order to be safe, please schedule a short downtime window. Security Issues: * CVE-2012-0434 Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-7210 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (noarch): crowbar-1.2+git.1352980051.583e159-0.5.3 crowbar-barclamp-crowbar-1.2+git.1352636706.f1e4834-0.5.13 crowbar-barclamp-database-1.2+git.1349690639.d8910c3-0.5.13 crowbar-barclamp-dns-1.2+git.1352726499.fd6eca8-0.5.13 crowbar-barclamp-nova-1.2+git.1352206743.6cc2eeb-0.5.13 crowbar-barclamp-provisioner-1.2+git.1355744933.0c1d40d-0.5.13 References: http://support.novell.com/security/cve/CVE-2012-0434.html https://bugzilla.novell.com/772230 https://bugzilla.novell.com/773041 https://bugzilla.novell.com/776901 https://bugzilla.novell.com/780406 https://bugzilla.novell.com/782053 https://bugzilla.novell.com/782275 https://bugzilla.novell.com/784345 https://bugzilla.novell.com/784494 https://bugzilla.novell.com/784857 https://bugzilla.novell.com/785469 https://bugzilla.novell.com/785689 https://bugzilla.novell.com/787344 http://download.novell.com/patch/finder/?keywords=fddc2ea1e02124a2dde6085dc52cb9f4 From sle-updates at lists.suse.com Wed Jan 9 13:53:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:53:57 +0100 (CET) Subject: SUSE-RU-2013:0021-1: Recommended update for udev Message-ID: <20130109205357.150EE3207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0021-1 Rating: low References: #787587 #788404 #793936 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update for udev provides fixes for the following issues: * 793936: /etc/init.d/boot.udev reload and force-reload are not LSB compliant * 787587: udev fails to remove all unreferenced symlinks * 788404: dev/disk/by-path/scsi-* names all have 0 as controller id Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libgudev-1_0-0-7194 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libgudev-1_0-0-7194 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libgudev-1_0-0-7194 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libgudev-1_0-0-7194 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.67.1 libudev-devel-147-0.67.1 libudev0-147-0.67.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libgudev-1_0-0-147-0.67.1 libudev0-147-0.67.1 udev-147-0.67.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.67.1 libudev0-32bit-147-0.67.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.67.1 libudev0-147-0.67.1 udev-147-0.67.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.67.1 libudev0-32bit-147-0.67.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libgudev-1_0-0-x86-147-0.67.1 libudev0-x86-147-0.67.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libgudev-1_0-0-147-0.67.1 libudev0-147-0.67.1 udev-147-0.67.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libgudev-1_0-0-32bit-147-0.67.1 libudev0-32bit-147-0.67.1 References: https://bugzilla.novell.com/787587 https://bugzilla.novell.com/788404 https://bugzilla.novell.com/793936 http://download.novell.com/patch/finder/?keywords=3cd4871e69f976b815ea318a83c2be57 From sle-updates at lists.suse.com Wed Jan 9 13:54:01 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:01 +0100 (CET) Subject: SUSE-RU-2013:0022-1: Recommended update for perl-DateTime-TimeZone Message-ID: <20130109205401.792E03207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-DateTime-TimeZone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0022-1 Rating: low References: #787005 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update contains the following: * update timezone data to 2012h Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-perl-DateTime-TimeZone-7122 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-perl-DateTime-TimeZone-7121 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (noarch): perl-DateTime-TimeZone-1.41-0.7.1 - SUSE Manager 1.2 for SLE 11 SP1 (noarch) [New Version: 1.41]: perl-DateTime-TimeZone-1.41-0.7.1 References: https://bugzilla.novell.com/787005 http://download.novell.com/patch/finder/?keywords=0ea2be2c8741aa2c40dbc93fa6bb859c http://download.novell.com/patch/finder/?keywords=bd4bf8ae4caa1843e08946645764e273 From sle-updates at lists.suse.com Wed Jan 9 13:54:05 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:05 +0100 (CET) Subject: SUSE-RU-2013:0023-1: Recommended update for SUSE Manager Proxy 1.7 Message-ID: <20130109205405.A941F3207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0023-1 Rating: low References: #769913 #776356 #779992 #786105 #789373 #790143 #790717 #790987 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes 7 new package versions. Description: This update for SUSE Manager Proxy 1.7 fixes the following issues: * Print more understandable error message in rhn-catalog when no probes are defined * fix is_sha256_capable() function * use SUSE specific proxy settings in reposync * read proxy from rhn.conf before other places * fix wrong variable binding * rollback any unfinished transaction * for the installed_size, ignore situation when it was not populated in the database * don't fail when from attribute is missing * make sure proxy is enabled in sysconfig before reading it * Add support for multiple mirror credentials * use smdba space-overview for report if exists * do not return not existing patchnames * add xmlrpc function update_status and server capability * create rpms compatible with RHEL5 * Code 10 product migration requires 'xsltproc' being installed * keep the proxy from trying to auth as 127.0.0.1 * do not start rhnsd in runlevel 2 which has no network * call rhn-update-status only is exists and is executable * call rhn-update-status at start to provide current uptime to server * map zypper patch exit code 103 to 0 restart of the software management stack happens automatically if zypper exits * try to restart spacewalksd and osad after distupgrade action * add distupgrade action and capability How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-suse-manager-proxy-201212-7166 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64) [New Version: 0.8,1.7.38.22 and 4.9.15.3]: spacewalk-backend-1.7.38.22-0.5.1 spacewalk-backend-libs-1.7.38.22-0.5.1 spacewalksd-4.9.15.3-0.5.3 zypp-plugin-spacewalk-0.8-0.5.5 - SUSE Manager Proxy 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.12.8,1.7.3.6,2.209.3.3 and 5.10.41.7]: NOCpulsePlugins-2.209.3.3-0.5.1 osad-5.10.41.7-0.5.4 spacewalk-certs-tools-1.7.3.6-0.5.8 spacewalk-proxy-broker-1.7.12.8-0.5.9 spacewalk-proxy-common-1.7.12.8-0.5.9 spacewalk-proxy-management-1.7.12.8-0.5.9 spacewalk-proxy-package-manager-1.7.12.8-0.5.9 spacewalk-proxy-redirect-1.7.12.8-0.5.9 References: https://bugzilla.novell.com/769913 https://bugzilla.novell.com/776356 https://bugzilla.novell.com/779992 https://bugzilla.novell.com/786105 https://bugzilla.novell.com/789373 https://bugzilla.novell.com/790143 https://bugzilla.novell.com/790717 https://bugzilla.novell.com/790987 http://download.novell.com/patch/finder/?keywords=6fec70b177514fd0bc6f119ae8d06de1 From sle-updates at lists.suse.com Wed Jan 9 13:54:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:09 +0100 (CET) Subject: SUSE-RU-2013:0024-1: Recommended update for SUSE Manager 1.7 Message-ID: <20130109205409.ABD253216F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0024-1 Rating: low References: #750421 #769913 #776356 #776377 #779992 #780269 #780270 #781643 #781652 #781655 #783646 #786105 #786159 #786367 #787156 #787178 #787597 #787879 #787931 #788025 #788026 #789238 #789373 #789817 #789905 #790143 #790269 #790305 #790309 #790310 #790545 #790717 #790987 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 33 recommended fixes can now be installed. It includes 13 new package versions. Description: This update for SUSE Manager Server 1.7 includes the following new features: * Support for multiple mirror credentials * Schedule Service Pack migrations from the Web UI * SUSE Manager Network Scanner * New API call system.listAllInstallablePackages This update fixes the following issues: * Kickstart templates do not need to be dollar sign escaped any longer * Print more understandable error message in rhn-catalog when no probes are defined * print header on STDOUT and add a copyright year * add SDK channels as option to SLES for SAP SP2 * fix is_sha256_capable() function * use SUSE specific proxy settings in reposync * read proxy from rhn.conf before other places * fix wrong variable binding * rollback any unfinished transaction * don't fail when from attribute is missing * make sure proxy is enabled in sysconfig before reading it * use smdba space-overview for report if exists * do not return not existing patchnames * add xmlrpc function update_status and server capability * Make file permissions consistent with spacewalk-java * create rpms compatible with RHEL5 * Code 10 product migration requires 'xsltproc' being installed * Fix query for API call system.listLatestInstallablePackages * new sles_register_script snippet with autoyast script elements * Fix errors with unrequired field 'Prefix' * prevent NPE when accessing probe suite systems with no system associated * do not allow creating kickstart profiles that differ from existing ones just by case * enhancing kickstart file sync with cobbler * prevent Page Request Error when at pagination * Check hostnames for special characters and whitespace * Basic normalization for SUSE Studio base URL * Workaround for Studio API returning incomplete URLs * enhance errata.setDetails - add issue_date and update_date * Fix quartz trigger initialization repeat count * Remove markup from kickstart.jsp.error.template_generation * fix system.listLatestUpgradablePackages API to list upgradable packages from server channels only * Kickstarting RHEL systems with RES (expanded support) repos fails * return type date for yumrepo_last_sync even if the channel was never synced * add openSUSE 12.2 to common channels * spacewalk-setup-cobbler do not support --enable-tftp option * install missing spacewalk-manage-channel-lifecycle script * Shortcut RHN::Date->now->long_date, avoiding DateTime * fix cloning a child channel with a parent in different org * Documentation updates * fix timezone problem while comparing reboot needed dates with oracle DB * fix unique constraint violation occuring during schema upgrade * add new openSUSE gpg keyid * update descriptions in rhnKickstartSessionState * use suse.com URL in yast module * fix spelling issue * rotate susemanager logfiles * call update_upgrade_pathes_by_config() with --refresh * remove product reference while deleting channel How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-suse-manager-201212-7167 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.2,1.7.1.6,1.7.20 and 1.7.38.22]: cobbler-2.2.2-0.27.3 jpcap-0.7-0.5.2 release-notes-susemanager-1.7.0-0.13.6 smdba-1.2-0.7.1 spacewalk-backend-1.7.38.22-0.5.1 spacewalk-backend-app-1.7.38.22-0.5.1 spacewalk-backend-applet-1.7.38.22-0.5.1 spacewalk-backend-config-files-1.7.38.22-0.5.1 spacewalk-backend-config-files-common-1.7.38.22-0.5.1 spacewalk-backend-config-files-tool-1.7.38.22-0.5.1 spacewalk-backend-iss-1.7.38.22-0.5.1 spacewalk-backend-iss-export-1.7.38.22-0.5.1 spacewalk-backend-libs-1.7.38.22-0.5.1 spacewalk-backend-package-push-server-1.7.38.22-0.5.1 spacewalk-backend-server-1.7.38.22-0.5.1 spacewalk-backend-sql-1.7.38.22-0.5.1 spacewalk-backend-sql-oracle-1.7.38.22-0.5.1 spacewalk-backend-sql-postgresql-1.7.38.22-0.5.1 spacewalk-backend-tools-1.7.38.22-0.5.1 spacewalk-backend-xml-export-libs-1.7.38.22-0.5.1 spacewalk-backend-xmlrpc-1.7.38.22-0.5.1 spacewalk-backend-xp-1.7.38.22-0.5.1 spacewalk-branding-1.7.1.6-0.5.2 susemanager-1.7.20-0.5.9 susemanager-tools-1.7.20-0.5.9 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.14.13,1.7.15.9,1.7.28.14,1.7.3.6,1.7.54.22,1.7.56.16,1.7.7,2.209.3.3 and 5.10.41.7]: NOCpulsePlugins-2.209.3.3-0.5.1 NOCpulsePlugins-Oracle-2.209.3.3-0.5.1 osa-dispatcher-5.10.41.7-0.5.4 sm-iputils-0.1-0.6.2 sm-ncc-sync-data-1.7.7-0.5.1 sm-network-discovery-0.1-0.6.7 sm-network-discovery-client-0.1-0.6.7 spacewalk-base-1.7.28.14-0.5.1 spacewalk-base-minimal-1.7.28.14-0.5.1 spacewalk-certs-tools-1.7.3.6-0.5.8 spacewalk-client-tools-1.7.14.13-0.5.2 spacewalk-grail-1.7.28.14-0.5.1 spacewalk-html-1.7.28.14-0.5.1 spacewalk-java-1.7.54.22-0.5.3 spacewalk-java-config-1.7.54.22-0.5.3 spacewalk-java-lib-1.7.54.22-0.5.3 spacewalk-java-oracle-1.7.54.22-0.5.3 spacewalk-java-postgresql-1.7.54.22-0.5.3 spacewalk-pxt-1.7.28.14-0.5.1 spacewalk-sniglets-1.7.28.14-0.5.1 spacewalk-taskomatic-1.7.54.22-0.5.3 spacewalk-utils-1.7.15.9-0.5.11 susemanager-client-config_en-pdf-1.7-0.13.6 susemanager-install_en-pdf-1.7-0.13.6 susemanager-jsp_en-1.7-0.13.6 susemanager-manuals_en-1.7-0.13.6 susemanager-proxy-quick_en-pdf-1.7-0.13.6 susemanager-quick_en-pdf-1.7-0.13.6 susemanager-reference_en-pdf-1.7-0.13.6 susemanager-schema-1.7.56.16-0.5.2 References: https://bugzilla.novell.com/750421 https://bugzilla.novell.com/769913 https://bugzilla.novell.com/776356 https://bugzilla.novell.com/776377 https://bugzilla.novell.com/779992 https://bugzilla.novell.com/780269 https://bugzilla.novell.com/780270 https://bugzilla.novell.com/781643 https://bugzilla.novell.com/781652 https://bugzilla.novell.com/781655 https://bugzilla.novell.com/783646 https://bugzilla.novell.com/786105 https://bugzilla.novell.com/786159 https://bugzilla.novell.com/786367 https://bugzilla.novell.com/787156 https://bugzilla.novell.com/787178 https://bugzilla.novell.com/787597 https://bugzilla.novell.com/787879 https://bugzilla.novell.com/787931 https://bugzilla.novell.com/788025 https://bugzilla.novell.com/788026 https://bugzilla.novell.com/789238 https://bugzilla.novell.com/789373 https://bugzilla.novell.com/789817 https://bugzilla.novell.com/789905 https://bugzilla.novell.com/790143 https://bugzilla.novell.com/790269 https://bugzilla.novell.com/790305 https://bugzilla.novell.com/790309 https://bugzilla.novell.com/790310 https://bugzilla.novell.com/790545 https://bugzilla.novell.com/790717 https://bugzilla.novell.com/790987 http://download.novell.com/patch/finder/?keywords=87e25c158646f0d6077f1d21b780b587 From sle-updates at lists.suse.com Wed Jan 9 13:54:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:14 +0100 (CET) Subject: SUSE-RU-2013:0025-1: Recommended update for SUSE Manager client tools Message-ID: <20130109205414.1BC233216F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager client tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0025-1 Rating: low References: #776356 #786159 #787156 #787879 #790545 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update fixes the following issues: * fix invalid return value in image deployment * check CA cert files only when needed * rhn-channel: new option to list base channel of a system * fix leaking file descriptor * new script rhn-update-status to update the uptime and kernelversion on the server * do not start rhnsd in runlevel 2 which has no network * call rhn-update-status only is exists and is executable * call rhn-update-status at start to provide current uptime to server * fix precompile python files * map zypper patch exit code 103 to 0 restart of the software management stack happens automatically if zypper exits * try to restart spacewalksd and osad after distupgrade action * add distupgrade action and capability Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-client-tools-201212-7145 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): koan-2.2.2-0.27.2 spacewalksd-4.9.15.3-0.5.3 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.4 - SUSE Manager Client Tools for SLE 11 SP2 (noarch): osad-5.10.41.7-0.5.3 rhn-virtualization-common-5.4.34.10-0.5.5 rhn-virtualization-host-5.4.34.10-0.5.5 spacewalk-check-1.7.14.13-0.5.2 spacewalk-client-setup-1.7.14.13-0.5.2 spacewalk-client-tools-1.7.14.13-0.5.2 References: https://bugzilla.novell.com/776356 https://bugzilla.novell.com/786159 https://bugzilla.novell.com/787156 https://bugzilla.novell.com/787879 https://bugzilla.novell.com/790545 http://download.novell.com/patch/finder/?keywords=08d3d66fb0990acb6e6600eaee190d2f From sle-updates at lists.suse.com Wed Jan 9 13:54:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:18 +0100 (CET) Subject: SUSE-RU-2013:0026-1: moderate: Recommended update for util-linux Message-ID: <20130109205418.6738E3207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for util-linux ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0026-1 Rating: moderate References: #793117 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for util-linux changes umount(8) to no longer call stat(2) on the target filesystem before unmounting it. With broken NFS mounts, this operation hangs in the kernel. Additionally, the update fixes unmounting of loop devices by image name. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libblkid-devel-7137 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libblkid-devel-7137 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libblkid-devel-7137 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libblkid-devel-7137 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libblkid-devel-2.19.1-6.33.35.1 libuuid-devel-2.19.1-6.33.35.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libblkid-devel-32bit-2.19.1-6.33.35.1 libuuid-devel-32bit-2.19.1-6.33.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libblkid1-2.19.1-6.33.35.1 libuuid1-2.19.1-6.33.35.1 util-linux-2.19.1-6.33.35.1 util-linux-lang-2.19.1-6.33.35.1 uuid-runtime-2.19.1-6.33.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libblkid1-32bit-2.19.1-6.33.35.1 libuuid1-32bit-2.19.1-6.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libblkid1-2.19.1-6.33.35.1 libuuid1-2.19.1-6.33.35.1 util-linux-2.19.1-6.33.35.1 util-linux-lang-2.19.1-6.33.35.1 uuid-runtime-2.19.1-6.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libblkid1-32bit-2.19.1-6.33.35.1 libuuid1-32bit-2.19.1-6.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libblkid1-x86-2.19.1-6.33.35.1 libuuid1-x86-2.19.1-6.33.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libblkid1-2.19.1-6.33.35.1 libuuid-devel-2.19.1-6.33.35.1 libuuid1-2.19.1-6.33.35.1 util-linux-2.19.1-6.33.35.1 util-linux-lang-2.19.1-6.33.35.1 uuid-runtime-2.19.1-6.33.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libblkid1-32bit-2.19.1-6.33.35.1 libuuid1-32bit-2.19.1-6.33.35.1 References: https://bugzilla.novell.com/793117 http://download.novell.com/patch/finder/?keywords=bc4b5d2bb75d42126a4643ed08f07915 From sle-updates at lists.suse.com Wed Jan 9 13:54:22 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 9 Jan 2013 21:54:22 +0100 (CET) Subject: SUSE-RU-2013:0027-1: Recommended update for SUSE Manager client tools Message-ID: <20130109205422.A529D3216F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager client tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0027-1 Rating: low References: #776356 #787156 #787879 #790545 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update fixes the following issues: * check CA cert files only when needed * rhn-channel: new option to list base channel of a system * fix leaking file descriptor * new script rhn-update-status to update the uptime and kernelversion on the server * do not start rhnsd in runlevel 2 which has no network * call rhn-update-status only is exists and is executable * call rhn-update-status at start to provide current uptime to server * fix precompile python files * map zypper patch exit code 103 to 0 restart of the software management stack happens automatically if zypper exits * try to restart spacewalksd and osad after distupgrade action * add distupgrade action and capability Indications: Everybody should update. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): koan-2.2.2-0.26.1 spacewalksd-4.9.15.3-0.5.1 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.1 - SLE CLIENT TOOLS 10 for x86_64 (noarch): osad-5.10.41.7-0.5.1 spacewalk-check-1.7.14.13-0.5.1 spacewalk-client-setup-1.7.14.13-0.5.1 spacewalk-client-tools-1.7.14.13-0.5.1 - SLE CLIENT TOOLS 10 for s390x (noarch): osad-5.10.41.7-0.5.1 spacewalk-check-1.7.14.13-0.5.1 spacewalk-client-setup-1.7.14.13-0.5.1 spacewalk-client-tools-1.7.14.13-0.5.1 - SLE CLIENT TOOLS 10 for s390x (s390x): koan-2.2.2-0.26.1 spacewalksd-4.9.15.3-0.5.1 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): osad-5.10.41.7-0.5.1 spacewalk-check-1.7.14.13-0.5.1 spacewalk-client-setup-1.7.14.13-0.5.1 spacewalk-client-tools-1.7.14.13-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (ia64): koan-2.2.2-0.26.1 spacewalksd-4.9.15.3-0.5.1 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.1 - SLE CLIENT TOOLS 10 for PPC (noarch): osad-5.10.41.7-0.5.1 spacewalk-check-1.7.14.13-0.5.1 spacewalk-client-setup-1.7.14.13-0.5.1 spacewalk-client-tools-1.7.14.13-0.5.1 - SLE CLIENT TOOLS 10 for PPC (ppc): koan-2.2.2-0.26.1 spacewalksd-4.9.15.3-0.5.1 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.1 - SLE CLIENT TOOLS 10 (noarch): osad-5.10.41.7-0.5.1 spacewalk-check-1.7.14.13-0.5.1 spacewalk-client-setup-1.7.14.13-0.5.1 spacewalk-client-tools-1.7.14.13-0.5.1 - SLE CLIENT TOOLS 10 (i586): koan-2.2.2-0.26.1 spacewalksd-4.9.15.3-0.5.1 suseRegisterInfo-1.7.3-0.5.1 zypp-plugin-spacewalk-0.8-0.5.1 References: https://bugzilla.novell.com/776356 https://bugzilla.novell.com/787156 https://bugzilla.novell.com/787879 https://bugzilla.novell.com/790545 http://download.novell.com/patch/finder/?keywords=2a53733277d15e25b02c8b2c2800ee5c From sle-updates at lists.suse.com Wed Jan 9 17:04:34 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 01:04:34 +0100 (CET) Subject: SUSE-RU-2013:0028-1: Recommended update for SMT Message-ID: <20130110000434.B17623215F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SMT ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0028-1 Rating: low References: #718000 #779544 #787129 #796899 Affected Products: Subscription Management Tool 10 SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: Given the huge numbers of installed SMT servers, the default sync window is too small. The load on NCC leads to a lot of 502 Gateway errors. This update re-schedule the smt-daily and the smt-gen-report cronjobs, if they are still configured with the default sync window. Package List: - Subscription Management Tool 10 SP3 (i586 x86_64): smt-1.0.19-0.7.1 References: https://bugzilla.novell.com/718000 https://bugzilla.novell.com/779544 https://bugzilla.novell.com/787129 https://bugzilla.novell.com/796899 http://download.novell.com/patch/finder/?keywords=adf080cffebd6d1367aace37a2ced4ba From sle-updates at lists.suse.com Wed Jan 9 18:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 02:04:31 +0100 (CET) Subject: SUSE-RU-2013:0029-1: Recommended update for RPM Message-ID: <20130110010432.094113207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for RPM ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0029-1 Rating: low References: #787156 #792885 #793395 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for RPM adds support for automatic Ruby dependency generation to ease the packaging of Ruby packages. It also includes two minor fixes: symbolic links marked as config files were not correctly handled on update in some cases and a file descriptor leak in the database iterator code; and one trivial improvement: add make_install macro definition. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-popt-7180 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-popt-7180 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-popt-7180 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-popt-7180 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): popt-devel-1.7-37.54.1 rpm-devel-4.4.2.3-37.54.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): rpm-32bit-4.4.2.3-37.54.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64): popt-devel-32bit-1.7-37.54.1 rpm-devel-32bit-4.4.2.3-37.54.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): rpm-x86-4.4.2.3-37.54.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): popt-1.7-37.54.1 rpm-4.4.2.3-37.54.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): popt-32bit-1.7-37.54.1 rpm-32bit-4.4.2.3-37.54.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): popt-1.7-37.54.1 rpm-4.4.2.3-37.54.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): popt-32bit-1.7-37.54.1 rpm-32bit-4.4.2.3-37.54.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): popt-x86-1.7-37.54.1 rpm-x86-4.4.2.3-37.54.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): popt-1.7-37.54.1 rpm-4.4.2.3-37.54.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): popt-32bit-1.7-37.54.1 rpm-32bit-4.4.2.3-37.54.1 References: https://bugzilla.novell.com/787156 https://bugzilla.novell.com/792885 https://bugzilla.novell.com/793395 http://download.novell.com/patch/finder/?keywords=d0880a77b1640f52bba59c614c14778f From sle-updates at lists.suse.com Wed Jan 9 18:04:36 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 02:04:36 +0100 (CET) Subject: SUSE-RU-2013:0030-1: Recommended update for LibreOffice Message-ID: <20130110010436.DBB5032172@maintenance.suse.de> SUSE Recommended Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0030-1 Rating: low References: #325936 #681110 #693238 #705956 #707779 #750935 #753458 #757387 #757419 #757609 #757905 #758138 #758883 #759180 #759197 #759210 #759982 #760019 #760997 #763168 #765942 #766481 #766487 #767949 #768027 #771549 #773048 #773061 #773515 #774167 #774921 #775270 #776323 #777337 #777345 #777699 #778133 #778140 #778148 #778828 #778836 #778854 #778859 #779627 #779697 #780277 #780296 #780563 #780611 #780645 #780830 #780843 #780851 #780853 #781166 #781825 #782061 #782345 #782597 #782638 #782833 #783202 #783433 #783638 #785727 #785767 #787452 #789482 #791952 #793422 #794104 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has 71 recommended fixes can now be installed. It includes one version update. Description: LibreOffice has been updated to version SUSE 3.6 (based on upstream 3.6.3.2) which brings significant improvements mainly regarding interoperability with Microsoft Office and other areas: General * PDF Export with Watermark option * Allows editing of read-only documents * Performance improvements for Calc and Writer (document import, spreadheet operations) Writer * SmartArt import * Improved auto format options * Improved Label and Business card support Calc * Sort option in autofilter menu * Merge cells using the cell context menu * CSV file import amd export improvements * New formula options page with calculation settings Draw * Corel Draw import Impress * Wide-screen format for slides * Improved detection of external display. The updated version also provides many bug fixes, including but not limited to: * Make presentation spanning all screens work (bnc#758138) * Better placement of 3D pie chart data labels (bnc#791952) * Hyperlink DOCX export (bnc#789482) * Column width in DOCX Import (bnc#780645) * Shrunken text in DOCX import (bnc#773061) * Better input field selection (bnc#780277) * Embedded spreadsheets in PPTX export (bnc#780830) * Rotated text in emf images looks thicker (bnc#782833) * Squashed glyphs with Cairo canvas (fdo#55931, bnc#681110) * Some new ADO constants (bnc#787452) * Overflowing left margin (bnc#707779) * Column width in DOCX import (bnc#785767) * Table spacing in DOCX import (bnc#778836) * Table position in DOCX import (bnc#780645) * Allow adding external templates (bnc#782597) * Text rotation handling (bnc#773048, bnc#783433) * Upside down text box in PPTX import (bnc#757387) * Slide fragment handling in DOCX import (bnc#785727) * Default table cell margins in DOCX export (bnc#780645) * Cyclic references in XLSX import (bnc#781166, bnc#780296) * Correctly pack KDE and TDE addressbook (bnc#779697) * Update desktop files cache also from subpackages that install desktop files (bnc#782638) * Be more careful when recognizing MathML (bnc#774921) * Numbering level problems in PPTX import (bnc#760019) * Background import (bnc#759180) * Text rotation fixes (bnc#783433) * Text offsets in shapes (bnc#771549) * VML import improvements (bnc#779627) * Hidden/non-wrapping text (bnc#757419) * Issues with bullet points (bnc#778854) * Background in PPTX import (bnc#783202) * Adjust chart layout distance (bnc#759197) * Clip the objects to the page (bnc#777699) * Clip pictures instead of scaling (bnc#775270) * Non-autofit text imported as autofit (bnc#778859) * slide notesMaster and notes in PPTX import (bnc#768027) * PPTX shape margins need to be rotated as well (bnc#773048) * Mouse pointer over URLs with background image (bnc#778148) * Better PPTX custom shape presets import/export (bnc#760997) * Cyclic referenced defined names in PPTX import (bnc#781166, bnc#780296) * More on DOC/DOCX export/import filters (bnc#779627, bnc#778140, bnc#783638, bnc#782061, bnc#780853, bnc#780843, bnc#778828, bnc#778836, bnc#777337, bnc#781825, bnc#773061, bnc#780563, bnc#782345, bnc#777345, bnc#778133, bnc#780851) * PPTX import crashes (bnc#774167) * Shadow color on partial redraw (bnc#773515) * Certain SmartArt drawings are not imported (bnc#759210, fdo#50907) * VML shapes without anchor (bnc#758883) * Formula performance improvement for XLSX import (bnc#765942, bnc#763168) * Lots of different import fixes (bnc#758883, bnc#766481, bnc#766487, fdo#46966, bnc#693238, bnc#758883, bnc#758883, bnc#766487, bnc#758883, bnc#758883) * Improve line height calculation (bnc#757905) * Ignored picture background setting (bnc#325936) * Rework handling of recursive OOXML shapes (bnc#705956) * Win/VC++ STL messes up the name space vector (bnc#759982) * Changing the keyboard of the slide show button (bnc#753458) * Section break and page style conversion problem (bnc#750935) * Import VMLshape 'hidden' style attribute and controls (bnc#757609). For a comprehensive list of changes, refer to the package's change log. Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.6.3.2.4]: libreoffice-3.6.3.2.4-0.7.1 libreoffice-af-3.6.3.2.4-0.7.1 libreoffice-ar-3.6.3.2.4-0.7.1 libreoffice-ca-3.6.3.2.4-0.7.1 libreoffice-cs-3.6.3.2.4-0.7.1 libreoffice-da-3.6.3.2.4-0.7.1 libreoffice-de-3.6.3.2.4-0.7.1 libreoffice-el-3.6.3.2.4-0.7.1 libreoffice-en-GB-3.6.3.2.4-0.7.1 libreoffice-es-3.6.3.2.4-0.7.1 libreoffice-fi-3.6.3.2.4-0.7.1 libreoffice-fr-3.6.3.2.4-0.7.1 libreoffice-galleries-3.6.3.2.4-0.7.1 libreoffice-gnome-3.6.3.2.4-0.7.1 libreoffice-gu-IN-3.6.3.2.4-0.7.1 libreoffice-hi-IN-3.6.3.2.4-0.7.1 libreoffice-hu-3.6.3.2.4-0.7.1 libreoffice-it-3.6.3.2.4-0.7.1 libreoffice-ja-3.6.3.2.4-0.7.1 libreoffice-kde-3.6.3.2.4-0.7.1 libreoffice-ko-3.6.3.2.4-0.7.1 libreoffice-mono-3.6.3.2.4-0.7.1 libreoffice-nb-3.6.3.2.4-0.7.1 libreoffice-nl-3.6.3.2.4-0.7.1 libreoffice-nn-3.6.3.2.4-0.7.1 libreoffice-pl-3.6.3.2.4-0.7.1 libreoffice-pt-BR-3.6.3.2.4-0.7.1 libreoffice-ru-3.6.3.2.4-0.7.1 libreoffice-sk-3.6.3.2.4-0.7.1 libreoffice-sv-3.6.3.2.4-0.7.1 libreoffice-xh-3.6.3.2.4-0.7.1 libreoffice-zh-CN-3.6.3.2.4-0.7.1 libreoffice-zh-TW-3.6.3.2.4-0.7.1 libreoffice-zu-3.6.3.2.4-0.7.1 - SLE SDK 10 SP4 (i586) [New Version: 3.6.3.2.4]: libreoffice-3.6.3.2.4-0.7.1 libreoffice-cs-3.6.3.2.4-0.7.1 libreoffice-de-3.6.3.2.4-0.7.1 libreoffice-es-3.6.3.2.4-0.7.1 libreoffice-fr-3.6.3.2.4-0.7.1 libreoffice-galleries-3.6.3.2.4-0.7.1 libreoffice-gnome-3.6.3.2.4-0.7.1 libreoffice-hu-3.6.3.2.4-0.7.1 libreoffice-it-3.6.3.2.4-0.7.1 libreoffice-ja-3.6.3.2.4-0.7.1 libreoffice-kde-3.6.3.2.4-0.7.1 libreoffice-mono-3.6.3.2.4-0.7.1 libreoffice-pl-3.6.3.2.4-0.7.1 libreoffice-pt-BR-3.6.3.2.4-0.7.1 libreoffice-sk-3.6.3.2.4-0.7.1 libreoffice-zh-CN-3.6.3.2.4-0.7.1 libreoffice-zh-TW-3.6.3.2.4-0.7.1 References: https://bugzilla.novell.com/325936 https://bugzilla.novell.com/681110 https://bugzilla.novell.com/693238 https://bugzilla.novell.com/705956 https://bugzilla.novell.com/707779 https://bugzilla.novell.com/750935 https://bugzilla.novell.com/753458 https://bugzilla.novell.com/757387 https://bugzilla.novell.com/757419 https://bugzilla.novell.com/757609 https://bugzilla.novell.com/757905 https://bugzilla.novell.com/758138 https://bugzilla.novell.com/758883 https://bugzilla.novell.com/759180 https://bugzilla.novell.com/759197 https://bugzilla.novell.com/759210 https://bugzilla.novell.com/759982 https://bugzilla.novell.com/760019 https://bugzilla.novell.com/760997 https://bugzilla.novell.com/763168 https://bugzilla.novell.com/765942 https://bugzilla.novell.com/766481 https://bugzilla.novell.com/766487 https://bugzilla.novell.com/767949 https://bugzilla.novell.com/768027 https://bugzilla.novell.com/771549 https://bugzilla.novell.com/773048 https://bugzilla.novell.com/773061 https://bugzilla.novell.com/773515 https://bugzilla.novell.com/774167 https://bugzilla.novell.com/774921 https://bugzilla.novell.com/775270 https://bugzilla.novell.com/776323 https://bugzilla.novell.com/777337 https://bugzilla.novell.com/777345 https://bugzilla.novell.com/777699 https://bugzilla.novell.com/778133 https://bugzilla.novell.com/778140 https://bugzilla.novell.com/778148 https://bugzilla.novell.com/778828 https://bugzilla.novell.com/778836 https://bugzilla.novell.com/778854 https://bugzilla.novell.com/778859 https://bugzilla.novell.com/779627 https://bugzilla.novell.com/779697 https://bugzilla.novell.com/780277 https://bugzilla.novell.com/780296 https://bugzilla.novell.com/780563 https://bugzilla.novell.com/780611 https://bugzilla.novell.com/780645 https://bugzilla.novell.com/780830 https://bugzilla.novell.com/780843 https://bugzilla.novell.com/780851 https://bugzilla.novell.com/780853 https://bugzilla.novell.com/781166 https://bugzilla.novell.com/781825 https://bugzilla.novell.com/782061 https://bugzilla.novell.com/782345 https://bugzilla.novell.com/782597 https://bugzilla.novell.com/782638 https://bugzilla.novell.com/782833 https://bugzilla.novell.com/783202 https://bugzilla.novell.com/783433 https://bugzilla.novell.com/783638 https://bugzilla.novell.com/785727 https://bugzilla.novell.com/785767 https://bugzilla.novell.com/787452 https://bugzilla.novell.com/789482 https://bugzilla.novell.com/791952 https://bugzilla.novell.com/793422 https://bugzilla.novell.com/794104 http://download.novell.com/patch/finder/?keywords=6e3d0df9a526413999e6be41e41e3792 From sle-updates at lists.suse.com Wed Jan 9 18:04:41 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 02:04:41 +0100 (CET) Subject: SUSE-RU-2013:0031-1: Recommended update for SMT Message-ID: <20130110010441.304323207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for SMT ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0031-1 Rating: low References: #796899 Affected Products: Subscription Management Tool 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for SMT adds a dependency on package "bc", which is used by reschedule-sync.sh. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool 11 SP2: zypper in -t patch slesmtsp0-res-signingkeys-7214 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool 11 SP2 (i586 s390x x86_64) [New Version: 1.2.1]: res-signingkeys-1.2.1-0.9.1 smt-1.2.1-0.9.1 smt-support-1.2.1-0.9.1 References: https://bugzilla.novell.com/796899 http://download.novell.com/patch/finder/?keywords=e3780b26b8c32ab87dcf145df85e04a6 From sle-updates at lists.suse.com Wed Jan 9 18:04:45 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 02:04:45 +0100 (CET) Subject: SUSE-RU-2013:0032-1: Recommended update for LibreOffice Message-ID: <20130110010445.AB3253207E@maintenance.suse.de> SUSE Recommended Update: Recommended update for LibreOffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0032-1 Rating: low References: #325936 #681110 #693238 #705956 #707779 #750935 #753458 #757387 #757419 #757609 #757905 #758138 #758883 #759180 #759197 #759210 #759982 #760019 #760997 #763168 #765942 #766481 #766487 #767949 #768027 #771549 #773048 #773061 #773515 #774167 #774921 #775270 #775840 #776323 #777337 #777345 #777699 #778133 #778140 #778148 #778828 #778836 #778854 #778859 #779627 #779697 #780277 #780296 #780563 #780611 #780645 #780830 #780843 #780851 #780853 #781166 #781825 #782061 #782345 #782597 #782638 #782833 #783202 #783433 #783638 #785727 #785767 #787452 #789482 #791952 #793422 #794104 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 72 recommended fixes can now be installed. It includes two new package versions. Description: LibreOffice was updated to version SUSE 3.6 (based on upstream 3.6.3.2) which brings significant improvements mainly regarding interoperability with Microsoft Office, and other areas: General * PDF Export with Watermark option * Allows editing of read-only documents * Performance improvements for Calc and Writer (document import, spreadheet operations) Writer * SmartArt import * Improved auto format options * Improved Label and Business card support Calc * Sort option in autofilter menu * Merge cells using the cell context menu * CSV file import amd export improvements * New formula options page with calculation settings Draw * Corel Draw import Impress * Wide-screen format for slides * Improved detection of external display. The updated version also provides many bug fixes, including but not limited to: * Make presentation spanning all screens work (bnc#758138) * Better placement of 3D pie chart data labels (bnc#791952) * Hyperlink DOCX export (bnc#789482) * Column width in DOCX Import (bnc#780645) * Shrunken text in DOCX import (bnc#773061) * Better input field selection (bnc#780277) * Embedded spreadsheets in PPTX export (bnc#780830) * Rotated text in emf images looks thicker (bnc#782833) * Squashed glyphs with Cairo canvas (fdo#55931, bnc#681110) * Some new ADO constants (bnc#787452) * Overflowing left margin (bnc#707779) * Column width in DOCX import (bnc#785767) * Table spacing in DOCX import (bnc#778836) * Table position in DOCX import (bnc#780645) * Allow adding external templates (bnc#782597) * Text rotation handling (bnc#773048, bnc#783433) * Upside down text box in PPTX import (bnc#757387) * Slide fragment handling in DOCX import (bnc#785727) * Default table cell margins in DOCX export (bnc#780645) * Cyclic references in XLSX import (bnc#781166, bnc#780296) * Correctly pack KDE and TDE addressbook (bnc#779697) * Update desktop files cache also from subpackages that install desktop files (bnc#782638) * Be more careful when recognizing MathML (bnc#774921) * Numbering level problems in PPTX import (bnc#760019) * Background import (bnc#759180) * Text rotation fixes (bnc#783433) * Text offsets in shapes (bnc#771549) * VML import improvements (bnc#779627) * Hidden/non-wrapping text (bnc#757419) * Issues with bullet points (bnc#778854) * Background in PPTX import (bnc#783202) * Adjust chart layout distance (bnc#759197) * Clip the objects to the page (bnc#777699) * Clip pictures instead of scaling (bnc#775270) * Non-autofit text imported as autofit (bnc#778859) * slide notesMaster and notes in PPTX import (bnc#768027) * PPTX shape margins need to be rotated as well (bnc#773048) * Mouse pointer over URLs with background image (bnc#778148) * Better PPTX custom shape presets import/export (bnc#760997) * Cyclic referenced defined names in PPTX import (bnc#781166, bnc#780296) * More on DOC/DOCX export/import filters (bnc#779627, bnc#778140, bnc#783638, bnc#782061, bnc#780853, bnc#780843, bnc#778828, bnc#778836, bnc#777337, bnc#781825, bnc#773061, bnc#780563, bnc#782345, bnc#777345, bnc#778133, bnc#780851) * PPTX import crashes (bnc#774167) * Shadow color on partial redraw (bnc#773515) * Certain SmartArt drawings are not imported (bnc#759210, fdo#50907) * VML shapes without anchor (bnc#758883) * Formula performance improvement for XLSX import (bnc#765942, bnc#763168) * Lots of different import fixes (bnc#758883, bnc#766481, bnc#766487, fdo#46966, bnc#693238, bnc#758883, bnc#758883, bnc#766487, bnc#758883, bnc#758883) * Improve line height calculation (bnc#757905) * Ignored picture background setting (bnc#325936) * Rework handling of recursive OOXML shapes (bnc#705956) * Win/VC++ STL messes up the name space vector (bnc#759982) * Changing the keyboard of the slide show button (bnc#753458) * Section break and page style conversion problem (bnc#750935) * Import VMLshape 'hidden' style attribute and controls (bnc#757609). For a comprehensive list of changes, refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libreoffice-36-7184 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libreoffice-36-7184 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 3.6.3.2.4]: libreoffice-3.6.3.2.4-0.3.1 libreoffice-base-3.6.3.2.4-0.3.1 libreoffice-base-drivers-postgresql-3.6.3.2.4-0.3.1 libreoffice-base-extensions-3.6.3.2.4-0.3.1 libreoffice-calc-3.6.3.2.4-0.3.1 libreoffice-calc-extensions-3.6.3.2.4-0.3.1 libreoffice-draw-3.6.3.2.4-0.3.1 libreoffice-draw-extensions-3.6.3.2.4-0.3.1 libreoffice-filters-optional-3.6.3.2.4-0.3.1 libreoffice-gnome-3.6.3.2.4-0.3.1 libreoffice-impress-3.6.3.2.4-0.3.1 libreoffice-impress-extensions-3.6.3.2.4-0.3.1 libreoffice-kde-3.6.3.2.4-0.3.1 libreoffice-kde4-3.6.3.2.4-0.3.1 libreoffice-l10n-prebuilt-3.6.3.2.4-0.3.1 libreoffice-mailmerge-3.6.3.2.4-0.3.1 libreoffice-math-3.6.3.2.4-0.3.1 libreoffice-mono-3.6.3.2.4-0.3.1 libreoffice-officebean-3.6.3.2.4-0.3.1 libreoffice-pyuno-3.6.3.2.4-0.3.1 libreoffice-sdk-3.6.3.2.4-0.3.1 libreoffice-writer-3.6.3.2.4-0.3.1 libreoffice-writer-extensions-3.6.3.2.4-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 3.6 and 3.6.3.2.4]: libreoffice-branding-SLED-3.6-0.3.1 libreoffice-branding-upstream-3.6.3.2.4-0.3.1 libreoffice-help-cs-3.6.3.2.4-0.3.1 libreoffice-help-da-3.6.3.2.4-0.3.1 libreoffice-help-de-3.6.3.2.4-0.3.1 libreoffice-help-en-GB-3.6.3.2.4-0.3.1 libreoffice-help-en-US-3.6.3.2.4-0.3.1 libreoffice-help-es-3.6.3.2.4-0.3.1 libreoffice-help-fr-3.6.3.2.4-0.3.1 libreoffice-help-gu-IN-3.6.3.2.4-0.3.1 libreoffice-help-hi-IN-3.6.3.2.4-0.3.1 libreoffice-help-hu-3.6.3.2.4-0.3.1 libreoffice-help-it-3.6.3.2.4-0.3.1 libreoffice-help-ja-3.6.3.2.4-0.3.1 libreoffice-help-ko-3.6.3.2.4-0.3.1 libreoffice-help-nl-3.6.3.2.4-0.3.1 libreoffice-help-pl-3.6.3.2.4-0.3.1 libreoffice-help-pt-3.6.3.2.4-0.3.1 libreoffice-help-pt-BR-3.6.3.2.4-0.3.1 libreoffice-help-ru-3.6.3.2.4-0.3.1 libreoffice-help-sv-3.6.3.2.4-0.3.1 libreoffice-help-zh-CN-3.6.3.2.4-0.3.1 libreoffice-help-zh-TW-3.6.3.2.4-0.3.1 libreoffice-icon-themes-3.6.3.2.4-0.3.1 libreoffice-l10n-af-3.6.3.2.4-0.3.1 libreoffice-l10n-ar-3.6.3.2.4-0.3.1 libreoffice-l10n-ca-3.6.3.2.4-0.3.1 libreoffice-l10n-cs-3.6.3.2.4-0.3.1 libreoffice-l10n-da-3.6.3.2.4-0.3.1 libreoffice-l10n-de-3.6.3.2.4-0.3.1 libreoffice-l10n-el-3.6.3.2.4-0.3.1 libreoffice-l10n-en-GB-3.6.3.2.4-0.3.1 libreoffice-l10n-es-3.6.3.2.4-0.3.1 libreoffice-l10n-fi-3.6.3.2.4-0.3.1 libreoffice-l10n-fr-3.6.3.2.4-0.3.1 libreoffice-l10n-gu-IN-3.6.3.2.4-0.3.1 libreoffice-l10n-hi-IN-3.6.3.2.4-0.3.1 libreoffice-l10n-hu-3.6.3.2.4-0.3.1 libreoffice-l10n-it-3.6.3.2.4-0.3.1 libreoffice-l10n-ja-3.6.3.2.4-0.3.1 libreoffice-l10n-ko-3.6.3.2.4-0.3.1 libreoffice-l10n-nb-3.6.3.2.4-0.3.1 libreoffice-l10n-nl-3.6.3.2.4-0.3.1 libreoffice-l10n-nn-3.6.3.2.4-0.3.1 libreoffice-l10n-pl-3.6.3.2.4-0.3.1 libreoffice-l10n-pt-3.6.3.2.4-0.3.1 libreoffice-l10n-pt-BR-3.6.3.2.4-0.3.1 libreoffice-l10n-ru-3.6.3.2.4-0.3.1 libreoffice-l10n-sk-3.6.3.2.4-0.3.1 libreoffice-l10n-sv-3.6.3.2.4-0.3.1 libreoffice-l10n-xh-3.6.3.2.4-0.3.1 libreoffice-l10n-zh-CN-3.6.3.2.4-0.3.1 libreoffice-l10n-zh-TW-3.6.3.2.4-0.3.1 libreoffice-l10n-zu-3.6.3.2.4-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.6.3.2.4]: libreoffice-3.6.3.2.4-0.3.1 libreoffice-base-3.6.3.2.4-0.3.1 libreoffice-base-drivers-postgresql-3.6.3.2.4-0.3.1 libreoffice-base-extensions-3.6.3.2.4-0.3.1 libreoffice-calc-3.6.3.2.4-0.3.1 libreoffice-calc-extensions-3.6.3.2.4-0.3.1 libreoffice-draw-3.6.3.2.4-0.3.1 libreoffice-draw-extensions-3.6.3.2.4-0.3.1 libreoffice-filters-optional-3.6.3.2.4-0.3.1 libreoffice-gnome-3.6.3.2.4-0.3.1 libreoffice-impress-3.6.3.2.4-0.3.1 libreoffice-impress-extensions-3.6.3.2.4-0.3.1 libreoffice-kde-3.6.3.2.4-0.3.1 libreoffice-kde4-3.6.3.2.4-0.3.1 libreoffice-mailmerge-3.6.3.2.4-0.3.1 libreoffice-math-3.6.3.2.4-0.3.1 libreoffice-mono-3.6.3.2.4-0.3.1 libreoffice-officebean-3.6.3.2.4-0.3.1 libreoffice-pyuno-3.6.3.2.4-0.3.1 libreoffice-writer-3.6.3.2.4-0.3.1 libreoffice-writer-extensions-3.6.3.2.4-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 3.6 and 3.6.3.2.4]: libreoffice-branding-SLED-3.6-0.3.1 libreoffice-help-cs-3.6.3.2.4-0.3.1 libreoffice-help-da-3.6.3.2.4-0.3.1 libreoffice-help-de-3.6.3.2.4-0.3.1 libreoffice-help-en-GB-3.6.3.2.4-0.3.1 libreoffice-help-en-US-3.6.3.2.4-0.3.1 libreoffice-help-es-3.6.3.2.4-0.3.1 libreoffice-help-fr-3.6.3.2.4-0.3.1 libreoffice-help-gu-IN-3.6.3.2.4-0.3.1 libreoffice-help-hi-IN-3.6.3.2.4-0.3.1 libreoffice-help-hu-3.6.3.2.4-0.3.1 libreoffice-help-it-3.6.3.2.4-0.3.1 libreoffice-help-ja-3.6.3.2.4-0.3.1 libreoffice-help-ko-3.6.3.2.4-0.3.1 libreoffice-help-nl-3.6.3.2.4-0.3.1 libreoffice-help-pl-3.6.3.2.4-0.3.1 libreoffice-help-pt-3.6.3.2.4-0.3.1 libreoffice-help-pt-BR-3.6.3.2.4-0.3.1 libreoffice-help-ru-3.6.3.2.4-0.3.1 libreoffice-help-sv-3.6.3.2.4-0.3.1 libreoffice-help-zh-CN-3.6.3.2.4-0.3.1 libreoffice-help-zh-TW-3.6.3.2.4-0.3.1 libreoffice-icon-themes-3.6.3.2.4-0.3.1 libreoffice-l10n-af-3.6.3.2.4-0.3.1 libreoffice-l10n-ar-3.6.3.2.4-0.3.1 libreoffice-l10n-ca-3.6.3.2.4-0.3.1 libreoffice-l10n-cs-3.6.3.2.4-0.3.1 libreoffice-l10n-da-3.6.3.2.4-0.3.1 libreoffice-l10n-de-3.6.3.2.4-0.3.1 libreoffice-l10n-en-GB-3.6.3.2.4-0.3.1 libreoffice-l10n-es-3.6.3.2.4-0.3.1 libreoffice-l10n-fi-3.6.3.2.4-0.3.1 libreoffice-l10n-fr-3.6.3.2.4-0.3.1 libreoffice-l10n-gu-IN-3.6.3.2.4-0.3.1 libreoffice-l10n-hi-IN-3.6.3.2.4-0.3.1 libreoffice-l10n-hu-3.6.3.2.4-0.3.1 libreoffice-l10n-it-3.6.3.2.4-0.3.1 libreoffice-l10n-ja-3.6.3.2.4-0.3.1 libreoffice-l10n-ko-3.6.3.2.4-0.3.1 libreoffice-l10n-nb-3.6.3.2.4-0.3.1 libreoffice-l10n-nl-3.6.3.2.4-0.3.1 libreoffice-l10n-nn-3.6.3.2.4-0.3.1 libreoffice-l10n-pl-3.6.3.2.4-0.3.1 libreoffice-l10n-pt-3.6.3.2.4-0.3.1 libreoffice-l10n-pt-BR-3.6.3.2.4-0.3.1 libreoffice-l10n-ru-3.6.3.2.4-0.3.1 libreoffice-l10n-sk-3.6.3.2.4-0.3.1 libreoffice-l10n-sv-3.6.3.2.4-0.3.1 libreoffice-l10n-xh-3.6.3.2.4-0.3.1 libreoffice-l10n-zh-CN-3.6.3.2.4-0.3.1 libreoffice-l10n-zh-TW-3.6.3.2.4-0.3.1 libreoffice-l10n-zu-3.6.3.2.4-0.3.1 References: https://bugzilla.novell.com/325936 https://bugzilla.novell.com/681110 https://bugzilla.novell.com/693238 https://bugzilla.novell.com/705956 https://bugzilla.novell.com/707779 https://bugzilla.novell.com/750935 https://bugzilla.novell.com/753458 https://bugzilla.novell.com/757387 https://bugzilla.novell.com/757419 https://bugzilla.novell.com/757609 https://bugzilla.novell.com/757905 https://bugzilla.novell.com/758138 https://bugzilla.novell.com/758883 https://bugzilla.novell.com/759180 https://bugzilla.novell.com/759197 https://bugzilla.novell.com/759210 https://bugzilla.novell.com/759982 https://bugzilla.novell.com/760019 https://bugzilla.novell.com/760997 https://bugzilla.novell.com/763168 https://bugzilla.novell.com/765942 https://bugzilla.novell.com/766481 https://bugzilla.novell.com/766487 https://bugzilla.novell.com/767949 https://bugzilla.novell.com/768027 https://bugzilla.novell.com/771549 https://bugzilla.novell.com/773048 https://bugzilla.novell.com/773061 https://bugzilla.novell.com/773515 https://bugzilla.novell.com/774167 https://bugzilla.novell.com/774921 https://bugzilla.novell.com/775270 https://bugzilla.novell.com/775840 https://bugzilla.novell.com/776323 https://bugzilla.novell.com/777337 https://bugzilla.novell.com/777345 https://bugzilla.novell.com/777699 https://bugzilla.novell.com/778133 https://bugzilla.novell.com/778140 https://bugzilla.novell.com/778148 https://bugzilla.novell.com/778828 https://bugzilla.novell.com/778836 https://bugzilla.novell.com/778854 https://bugzilla.novell.com/778859 https://bugzilla.novell.com/779627 https://bugzilla.novell.com/779697 https://bugzilla.novell.com/780277 https://bugzilla.novell.com/780296 https://bugzilla.novell.com/780563 https://bugzilla.novell.com/780611 https://bugzilla.novell.com/780645 https://bugzilla.novell.com/780830 https://bugzilla.novell.com/780843 https://bugzilla.novell.com/780851 https://bugzilla.novell.com/780853 https://bugzilla.novell.com/781166 https://bugzilla.novell.com/781825 https://bugzilla.novell.com/782061 https://bugzilla.novell.com/782345 https://bugzilla.novell.com/782597 https://bugzilla.novell.com/782638 https://bugzilla.novell.com/782833 https://bugzilla.novell.com/783202 https://bugzilla.novell.com/783433 https://bugzilla.novell.com/783638 https://bugzilla.novell.com/785727 https://bugzilla.novell.com/785767 https://bugzilla.novell.com/787452 https://bugzilla.novell.com/789482 https://bugzilla.novell.com/791952 https://bugzilla.novell.com/793422 https://bugzilla.novell.com/794104 http://download.novell.com/patch/finder/?keywords=41700bc7bab002048c21515fcad3a552 From sle-updates at lists.suse.com Thu Jan 10 13:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 10 Jan 2013 21:04:26 +0100 (CET) Subject: SUSE-SU-2013:0033-1: important: Security update for flash-player Message-ID: <20130110200426.B6B3032173@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0033-1 Rating: important References: #797442 Cross-References: CVE-2013-0630 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: flash player has been updated to 11.2.202.261. More details can be found on https://www.adobe.com/support/security/bulletins/apsb13-01.h tml Security Issue reference: * CVE-2013-0630 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-7213 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.261]: flash-player-11.2.202.261-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.261]: flash-player-11.2.202.261-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-0630.html https://bugzilla.novell.com/797442 http://download.novell.com/patch/finder/?keywords=8177195047504934df723753177b611e http://download.novell.com/patch/finder/?keywords=9988abec827943cc9ae55660c2e3a91d From sle-updates at lists.suse.com Thu Jan 10 17:04:35 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 11 Jan 2013 01:04:35 +0100 (CET) Subject: SUSE-RU-2013:0034-1: moderate: Recommended update for libpcap Message-ID: <20130111000435.702DF32163@maintenance.suse.de> SUSE Recommended Update: Recommended update for libpcap ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0034-1 Rating: moderate References: #711089 #793597 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for libpcap fixes handling of VLAN headers on devices which do hardware VLAN tagging and stripping. Additionally, it improves compatibility with kernels that don't support PACKET_RESERVE. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libpcap-7199 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libpcap-7199 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libpcap-7199 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libpcap-7199 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpcap-devel-0.9.8-50.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libpcap0-32bit-0.9.8-50.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): libpcap0-x86-0.9.8-50.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libpcap0-0.9.8-50.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpcap0-0.9.8-50.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libpcap0-0.9.8-50.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libpcap0-32bit-0.9.8-50.8.1 References: https://bugzilla.novell.com/711089 https://bugzilla.novell.com/793597 http://download.novell.com/patch/finder/?keywords=a0b262663d087cf79358a6bfa007b548 From sle-updates at lists.suse.com Thu Jan 10 20:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 11 Jan 2013 04:04:26 +0100 (CET) Subject: SUSE-RU-2013:0035-1: moderate: Recommended update for multipath-tools Message-ID: <20130111030427.132A732173@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0035-1 Rating: moderate References: #746675 #770122 #771203 #771934 #776997 #777019 #783184 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This collective update for multipath-tools provides the following fixes: * Add definition for HSV3[46]0 to multipath.conf.defaults (bnc#783184) * Fallback to old bindings file (bnc#776997) * Fix typos in documentation (bnc#777019) * New path selectors are missing from initrd scripts (bnc#771203) * Retry the DID_SOFT_ERROR for rdac checker commands (bnc#771934) * Do not trigger a map reload on priority updates (bnc#746675) * Document and deprecate async_timeout option (bnc#770122). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kpartx-7099 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kpartx-7099 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kpartx-7099 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): kpartx-0.4.9-0.68.1 multipath-tools-0.4.9-0.68.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): kpartx-0.4.9-0.68.1 multipath-tools-0.4.9-0.68.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kpartx-0.4.9-0.68.1 multipath-tools-0.4.9-0.68.1 References: https://bugzilla.novell.com/746675 https://bugzilla.novell.com/770122 https://bugzilla.novell.com/771203 https://bugzilla.novell.com/771934 https://bugzilla.novell.com/776997 https://bugzilla.novell.com/777019 https://bugzilla.novell.com/783184 http://download.novell.com/patch/finder/?keywords=aded3dd4d90e2608b681d9fb0270b405 From sle-updates at lists.suse.com Fri Jan 11 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 11 Jan 2013 18:04:29 +0100 (CET) Subject: SUSE-RU-2013:0036-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130111170429.CD0B73219A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0036-1 Rating: low References: #743955 #786159 #787156 Affected Products: SUSE Manager Client Tools for SLE 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update fixes the following issues: * add distupgrade action and capability * fix leaking file descriptor * fix getOSVersionAndRelease for multiple products * fix invalid return value in image deployment Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP1: zypper in -t patch slesctsp1-client-tools-201212-7157 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP1 (i586 ia64 ppc64 s390x x86_64): zypp-plugin-spacewalk-0.8-0.4.2.1 - SUSE Manager Client Tools for SLE 11 SP1 (noarch): rhn-virtualization-common-5.4.15-0.17.1 rhn-virtualization-host-5.4.15-0.17.1 spacewalk-check-1.2.15-0.27.1 spacewalk-client-setup-1.2.15-0.27.1 spacewalk-client-tools-1.2.15-0.27.1 References: https://bugzilla.novell.com/743955 https://bugzilla.novell.com/786159 https://bugzilla.novell.com/787156 http://download.novell.com/patch/finder/?keywords=8d0c65ce4b45f36a6ed223b14b0a84a9 From sle-updates at lists.suse.com Fri Jan 11 12:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 11 Jan 2013 20:04:28 +0100 (CET) Subject: SUSE-RU-2013:0037-1: moderate: Recommended update for yast2 and yast2-nfs-client Message-ID: <20130111190428.A705D32176@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2 and yast2-nfs-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0037-1 Rating: moderate References: #547983 #589541 #608166 #719538 #744357 #786757 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. It includes two new package versions. Description: This collective update for YaST and YaST's NFS Client Configuration module provides improved support for IPv6 and fixes for some issues. The changes in detail are: yast2: * Extended support for IPv6 (bnc#719538) * Fixed filtering of valid characters in URL password field (bnc#786757). yast2-nfs-client: * Added support for IPv6 in square brackets (bnc#719538) * IPv6 addresses supported (bnc#719538) * Auto-installation fails to enable portmapper/rpcbind service (bnc#744357) * Fill server hostname combobox with existing values (bnc#547983) * Fixed handling of return symbols (bnc#608166) * Fixed problem with OK button (bnc#589541) * Updated testsuite. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-nfs-client-201212-7138 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-nfs-client-201212-7138 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-nfs-client-201212-7138 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-nfs-client-201212-7138 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.121.1]: yast2-devel-doc-2.17.121.1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.121.1]: yast2-2.17.121.1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 2.17.14]: yast2-nfs-client-2.17.14-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.121.1]: yast2-2.17.121.1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 2.17.14]: yast2-nfs-client-2.17.14-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.121.1]: yast2-2.17.121.1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 2.17.14]: yast2-nfs-client-2.17.14-0.5.1 References: https://bugzilla.novell.com/547983 https://bugzilla.novell.com/589541 https://bugzilla.novell.com/608166 https://bugzilla.novell.com/719538 https://bugzilla.novell.com/744357 https://bugzilla.novell.com/786757 http://download.novell.com/patch/finder/?keywords=b4311765df10b73f8f1dbd1ba0de898f From sle-updates at lists.suse.com Fri Jan 11 14:04:28 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 11 Jan 2013 22:04:28 +0100 (CET) Subject: SUSE-RU-2013:0038-1: Recommended update for bridge-utils Message-ID: <20130111210428.1517F3219A@maintenance.suse.de> SUSE Recommended Update: Recommended update for bridge-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0038-1 Rating: low References: #789275 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for bridge-utils provides the following fix: * When a bridge name is passed as a parameter to 'brctl show', print information only about this bridge. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bridge-utils-7179 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bridge-utils-7179 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bridge-utils-7179 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): bridge-utils-1.4-23.18.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): bridge-utils-1.4-23.18.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 x86_64): bridge-utils-1.0.6-14.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): bridge-utils-1.4-23.18.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): bridge-utils-1.0.6-14.9.1 - SLE SDK 10 SP4 (i586 ia64 ppc ppc64 x86_64): bridge-utils-1.0.6-14.9.1 References: https://bugzilla.novell.com/789275 http://download.novell.com/patch/finder/?keywords=00b45282d0423a70cb8f1695c563b834 http://download.novell.com/patch/finder/?keywords=bbeb96501160c08d53d329939d4a51c5 From sle-updates at lists.suse.com Wed Jan 16 17:04:41 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 01:04:41 +0100 (CET) Subject: SUSE-RU-2013:0039-1: Recommended update for module-init-tools Message-ID: <20130117000441.CAB043219A@maintenance.suse.de> SUSE Recommended Update: Recommended update for module-init-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0039-1 Rating: low References: #778119 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for module-init-tools adds support for ramdisks compressed with xz/lzma. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-module-init-tools-7211 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-module-init-tools-7211 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-module-init-tools-7211 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): module-init-tools-3.11.1-1.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): module-init-tools-3.11.1-1.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): module-init-tools-3.11.1-1.23.1 References: https://bugzilla.novell.com/778119 http://download.novell.com/patch/finder/?keywords=17729ee8090e1f394a28d82ec375df51 From sle-updates at lists.suse.com Wed Jan 16 18:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 02:04:31 +0100 (CET) Subject: SUSE-RU-2013:0040-1: important: Recommended update for cobbler Message-ID: <20130117010431.90CD332183@maintenance.suse.de> SUSE Recommended Update: Recommended update for cobbler ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0040-1 Rating: important References: #796773 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for cobbler fixes an issue that could prevent it from correctly reading GPG keys from kickstart auto-installation profiles. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-cobbler-7226 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-cobbler-7226 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (x86_64): koan-2.2.2-0.29.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): cobbler-2.2.2-0.29.1 References: https://bugzilla.novell.com/796773 http://download.novell.com/patch/finder/?keywords=46f6a7c1f20ec26f21e38793006c27dc From sle-updates at lists.suse.com Wed Jan 16 18:04:37 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 02:04:37 +0100 (CET) Subject: SUSE-RU-2013:0041-1: Recommended update for star Message-ID: <20130117010437.A59AC32183@maintenance.suse.de> SUSE Recommended Update: Recommended update for star ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0041-1 Rating: low References: #781795 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a segmentation fault when using the option "-multivol" (bnc#781795). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-star-7193 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-star-7193 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-star-7193 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): star-1.5final-28.23.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): star-1.5final-28.23.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): star-1.5final-28.23.23.1 References: https://bugzilla.novell.com/781795 http://download.novell.com/patch/finder/?keywords=67b2ecd1248dae5df59832328fa13ac3 From sle-updates at lists.suse.com Wed Jan 16 18:04:43 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 02:04:43 +0100 (CET) Subject: SUSE-RU-2013:0042-1: Recommended update for tftp Message-ID: <20130117010443.9413F32183@maintenance.suse.de> SUSE Recommended Update: Recommended update for tftp ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0042-1 Rating: low References: #793883 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for tftp fixes the expansion of \i and \x macros when IPv6-mapped addresses are used. Additionally, it prevents a buffer overflow in handling of \x macro. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-tftp-7198 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-tftp-7198 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-tftp-7198 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): tftp-0.48-101.24.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): tftp-0.48-101.24.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): tftp-0.48-101.24.1 References: https://bugzilla.novell.com/793883 http://download.novell.com/patch/finder/?keywords=366331d09e923c4995135218e8480824 From sle-updates at lists.suse.com Wed Jan 16 19:04:23 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 03:04:23 +0100 (CET) Subject: SUSE-RU-2013:0043-1: Recommended update for pam Message-ID: <20130117020423.69D20321A8@maintenance.suse.de> SUSE Recommended Update: Recommended update for pam ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0043-1 Rating: low References: #787607 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes unnecessary DNS queries while using pam_access. Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): pam-0.99.6.3-28.31.5 pam-devel-0.99.6.3-28.31.5 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): pam-32bit-0.99.6.3-28.31.5 pam-devel-32bit-0.99.6.3-28.31.5 - SUSE Linux Enterprise Server 10 SP4 (ia64): pam-x86-0.99.6.3-28.31.5 - SUSE Linux Enterprise Server 10 SP4 (ppc): pam-64bit-0.99.6.3-28.31.5 pam-devel-64bit-0.99.6.3-28.31.5 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): pam-0.99.6.3-28.31.5 pam-devel-0.99.6.3-28.31.5 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): pam-32bit-0.99.6.3-28.31.5 References: https://bugzilla.novell.com/787607 http://download.novell.com/patch/finder/?keywords=d501191ddcb672a8f05a99e3f7057f30 From sle-updates at lists.suse.com Thu Jan 17 15:04:23 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 17 Jan 2013 23:04:23 +0100 (CET) Subject: SUSE-SU-2013:0044-1: important: Security update for Acrobat Reader Message-ID: <20130117220423.7F2FF321B4@maintenance.suse.de> SUSE Security Update: Security update for Acrobat Reader ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0044-1 Rating: important References: #797529 Cross-References: CVE-2012-1530 CVE-2013-0601 CVE-2013-0602 CVE-2013-0603 CVE-2013-0604 CVE-2013-0605 CVE-2013-0606 CVE-2013-0607 CVE-2013-0608 CVE-2013-0609 CVE-2013-0610 CVE-2013-0611 CVE-2013-0612 CVE-2013-0613 CVE-2013-0614 CVE-2013-0615 CVE-2013-0616 CVE-2013-0617 CVE-2013-0618 CVE-2013-0619 CVE-2013-0620 CVE-2013-0621 CVE-2013-0622 CVE-2013-0623 CVE-2013-0624 CVE-2013-0626 CVE-2013-0627 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. It includes two new package versions. Description: Acrobat Reader was updated to 9.5.3 to fix various bugs and security issues. More information can be found at http://www.adobe.com/support/security/bulletins/apsb13-02.ht ml The resolved security issues are CVE-2012-1530 , CVE-2013-0601 , CVE-2013-0602 , CVE-2013-0603 , CVE-2013-0604 , CVE-2013-0605 , CVE-2013-0606 , CVE-2013-0607 , CVE-2013-0608 , CVE-2013-0609 , CVE-2013-0610 , CVE-2013-0611 , CVE-2013-0612 , CVE-2013-0613 , CVE-2013-0614 , CVE-2013-0615 , CVE-2013-0616 , CVE-2013-0617 , CVE-2013-0618 , CVE-2013-0619 , CVE-2013-0620 , CVE-2013-0621 , CVE-2013-0622 , CVE-2013-0623 , CVE-2013-0624 , CVE-2013-0626 and CVE-2013-0627 . Indications: Everyone should install this update. Package List: - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 9.4.6]: acroread-cmaps-9.4.6-0.6.59 acroread-fonts-ja-9.4.6-0.6.59 acroread-fonts-ko-9.4.6-0.6.59 acroread-fonts-zh_CN-9.4.6-0.6.59 acroread-fonts-zh_TW-9.4.6-0.6.59 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 9.5.3]: acroread-9.5.3-0.6.2 References: http://support.novell.com/security/cve/CVE-2012-1530.html http://support.novell.com/security/cve/CVE-2013-0601.html http://support.novell.com/security/cve/CVE-2013-0602.html http://support.novell.com/security/cve/CVE-2013-0603.html http://support.novell.com/security/cve/CVE-2013-0604.html http://support.novell.com/security/cve/CVE-2013-0605.html http://support.novell.com/security/cve/CVE-2013-0606.html http://support.novell.com/security/cve/CVE-2013-0607.html http://support.novell.com/security/cve/CVE-2013-0608.html http://support.novell.com/security/cve/CVE-2013-0609.html http://support.novell.com/security/cve/CVE-2013-0610.html http://support.novell.com/security/cve/CVE-2013-0611.html http://support.novell.com/security/cve/CVE-2013-0612.html http://support.novell.com/security/cve/CVE-2013-0613.html http://support.novell.com/security/cve/CVE-2013-0614.html http://support.novell.com/security/cve/CVE-2013-0615.html http://support.novell.com/security/cve/CVE-2013-0616.html http://support.novell.com/security/cve/CVE-2013-0617.html http://support.novell.com/security/cve/CVE-2013-0618.html http://support.novell.com/security/cve/CVE-2013-0619.html http://support.novell.com/security/cve/CVE-2013-0620.html http://support.novell.com/security/cve/CVE-2013-0621.html http://support.novell.com/security/cve/CVE-2013-0622.html http://support.novell.com/security/cve/CVE-2013-0623.html http://support.novell.com/security/cve/CVE-2013-0624.html http://support.novell.com/security/cve/CVE-2013-0626.html http://support.novell.com/security/cve/CVE-2013-0627.html https://bugzilla.novell.com/797529 http://download.novell.com/patch/finder/?keywords=439f017a53eac3afd9cf07feecd10c66 From sle-updates at lists.suse.com Thu Jan 17 16:04:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 00:04:57 +0100 (CET) Subject: SUSE-RU-2013:0045-1: Recommended update for net-snmp Message-ID: <20130117230457.97D5E321AC@maintenance.suse.de> SUSE Recommended Update: Recommended update for net-snmp ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0045-1 Rating: low References: #792250 #792253 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for net-snmp provides the following fixes: * Fix warnings about unhandled requests in DiskIO objects (bnc#792253) * Parse /proc/cpuinfo correctly on s390 and s390x architectures (bnc#792250). Contraindications: Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): net-snmp-5.3.0.1-25.45.1 net-snmp-devel-5.3.0.1-25.45.1 perl-SNMP-5.3.0.1-25.45.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): net-snmp-32bit-5.3.0.1-25.45.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): net-snmp-x86-5.3.0.1-25.45.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): net-snmp-64bit-5.3.0.1-25.45.1 net-snmp-devel-64bit-5.3.0.1-25.45.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): net-snmp-5.3.0.1-25.45.1 net-snmp-devel-5.3.0.1-25.45.1 perl-SNMP-5.3.0.1-25.45.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): net-snmp-32bit-5.3.0.1-25.45.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): net-snmp-devel-5.3.0.1-25.45.1 - SLE SDK 10 SP4 (ppc): net-snmp-devel-64bit-5.3.0.1-25.45.1 References: https://bugzilla.novell.com/792250 https://bugzilla.novell.com/792253 http://download.novell.com/patch/finder/?keywords=709c749a9adea575358fa4ed6219dd26 From sle-updates at lists.suse.com Thu Jan 17 16:05:03 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 00:05:03 +0100 (CET) Subject: SUSE-RU-2013:0046-1: Recommended update for net-snmp Message-ID: <20130117230503.6A190321AC@maintenance.suse.de> SUSE Recommended Update: Recommended update for net-snmp ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0046-1 Rating: low References: #771716 #772384 #792253 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for net-snmp provides the following fixes: * Fix handling of hrStorageTable when skipNFSInHostResources is enabled in the agent configuration. In some cases, non-NFS file systems could be skipped due to this problem (bnc#772384) * Truncate columns Total, Avail and Used from UCD-SNMP-MIB::dskTable to 32bit to comply with the SNMP standards (bnc#771716) * Add 64-bit disk usage statistics columns (TotalLow, TotalHigh, AvailLow, AvailHigh, UsedLow and UsedHigh) to UCD-SNMP-MIB::dskTable (bnc#771716) * Fix warnings about unhandled requests in DiskIO objects (bnc#792253). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libsnmp15-7205 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libsnmp15-7205 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libsnmp15-7205 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libsnmp15-7205 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): net-snmp-devel-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libsnmp15-32bit-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64): net-snmp-devel-32bit-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libsnmp15-5.4.2.1-8.12.16.1 net-snmp-5.4.2.1-8.12.16.1 perl-SNMP-5.4.2.1-8.12.16.1 snmp-mibs-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libsnmp15-32bit-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libsnmp15-5.4.2.1-8.12.16.1 net-snmp-5.4.2.1-8.12.16.1 perl-SNMP-5.4.2.1-8.12.16.1 snmp-mibs-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libsnmp15-32bit-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libsnmp15-x86-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libsnmp15-5.4.2.1-8.12.16.1 net-snmp-5.4.2.1-8.12.16.1 perl-SNMP-5.4.2.1-8.12.16.1 snmp-mibs-5.4.2.1-8.12.16.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libsnmp15-32bit-5.4.2.1-8.12.16.1 References: https://bugzilla.novell.com/771716 https://bugzilla.novell.com/772384 https://bugzilla.novell.com/792253 http://download.novell.com/patch/finder/?keywords=b4602539fd5e82f29bc17e1ae19c48be From sle-updates at lists.suse.com Thu Jan 17 16:05:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 00:05:08 +0100 (CET) Subject: SUSE-SU-2013:0047-1: important: Security update for Acrobat Reader Message-ID: <20130117230508.4DF09321CE@maintenance.suse.de> SUSE Security Update: Security update for Acrobat Reader ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0047-1 Rating: important References: #791654 #797529 Cross-References: CVE-2012-1530 CVE-2013-0601 CVE-2013-0602 CVE-2013-0603 CVE-2013-0604 CVE-2013-0605 CVE-2013-0606 CVE-2013-0607 CVE-2013-0608 CVE-2013-0609 CVE-2013-0610 CVE-2013-0611 CVE-2013-0612 CVE-2013-0613 CVE-2013-0614 CVE-2013-0615 CVE-2013-0616 CVE-2013-0617 CVE-2013-0618 CVE-2013-0619 CVE-2013-0620 CVE-2013-0621 CVE-2013-0622 CVE-2013-0623 CVE-2013-0624 CVE-2013-0626 CVE-2013-0627 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. It includes one version update. Description: Acrobat Reader was updated to 9.5.3 to fix various bugs and security issues. More information can be found at http://www.adobe.com/support/security/bulletins/apsb13-02.ht ml The resolved security issues are CVE-2012-1530 , CVE-2013-0601 , CVE-2013-0602 , CVE-2013-0603 , CVE-2013-0604 , CVE-2013-0605 , CVE-2013-0606 , CVE-2013-0607 , CVE-2013-0608 , CVE-2013-0609 , CVE-2013-0610 , CVE-2013-0611 , CVE-2013-0612 , CVE-2013-0613 , CVE-2013-0614 , CVE-2013-0615 , CVE-2013-0616 , CVE-2013-0617 , CVE-2013-0618 , CVE-2013-0619 , CVE-2013-0620 , CVE-2013-0621 , CVE-2013-0622 , CVE-2013-0623 , CVE-2013-0624 , CVE-2013-0626 and CVE-2013-0627 . Indications: Everyone should install this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-acroread-7230 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (noarch): acroread-cmaps-9.4.6-0.4.2.4 acroread-fonts-ja-9.4.6-0.4.2.4 acroread-fonts-ko-9.4.6-0.4.2.4 acroread-fonts-zh_CN-9.4.6-0.4.2.4 acroread-fonts-zh_TW-9.4.6-0.4.2.4 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 9.5.3]: acroread-9.5.3-0.2.1 References: http://support.novell.com/security/cve/CVE-2012-1530.html http://support.novell.com/security/cve/CVE-2013-0601.html http://support.novell.com/security/cve/CVE-2013-0602.html http://support.novell.com/security/cve/CVE-2013-0603.html http://support.novell.com/security/cve/CVE-2013-0604.html http://support.novell.com/security/cve/CVE-2013-0605.html http://support.novell.com/security/cve/CVE-2013-0606.html http://support.novell.com/security/cve/CVE-2013-0607.html http://support.novell.com/security/cve/CVE-2013-0608.html http://support.novell.com/security/cve/CVE-2013-0609.html http://support.novell.com/security/cve/CVE-2013-0610.html http://support.novell.com/security/cve/CVE-2013-0611.html http://support.novell.com/security/cve/CVE-2013-0612.html http://support.novell.com/security/cve/CVE-2013-0613.html http://support.novell.com/security/cve/CVE-2013-0614.html http://support.novell.com/security/cve/CVE-2013-0615.html http://support.novell.com/security/cve/CVE-2013-0616.html http://support.novell.com/security/cve/CVE-2013-0617.html http://support.novell.com/security/cve/CVE-2013-0618.html http://support.novell.com/security/cve/CVE-2013-0619.html http://support.novell.com/security/cve/CVE-2013-0620.html http://support.novell.com/security/cve/CVE-2013-0621.html http://support.novell.com/security/cve/CVE-2013-0622.html http://support.novell.com/security/cve/CVE-2013-0623.html http://support.novell.com/security/cve/CVE-2013-0624.html http://support.novell.com/security/cve/CVE-2013-0626.html http://support.novell.com/security/cve/CVE-2013-0627.html https://bugzilla.novell.com/791654 https://bugzilla.novell.com/797529 http://download.novell.com/patch/finder/?keywords=97f58b8e36c19fed220fe34974de6f21 From sle-updates at lists.suse.com Fri Jan 18 11:04:42 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 19:04:42 +0100 (CET) Subject: SUSE-SU-2013:0048-1: important: Security update for MozillaFirefox Message-ID: <20130118180442.5CE28321AF@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0048-1 Rating: important References: #796895 Cross-References: CVE-2012-5829 CVE-2013-0743 CVE-2013-0744 CVE-2013-0745 CVE-2013-0746 CVE-2013-0747 CVE-2013-0748 CVE-2013-0749 CVE-2013-0750 CVE-2013-0751 CVE-2013-0752 CVE-2013-0753 CVE-2013-0754 CVE-2013-0755 CVE-2013-0756 CVE-2013-0757 CVE-2013-0758 CVE-2013-0759 CVE-2013-0760 CVE-2013-0761 CVE-2013-0762 CVE-2013-0763 CVE-2013-0764 CVE-2013-0766 CVE-2013-0767 CVE-2013-0768 CVE-2013-0769 CVE-2013-0770 CVE-2013-0771 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 29 vulnerabilities is now available. It includes three new package versions. Description: Mozilla Firefox was updated to the 10.0.12ESR release. * MFSA 2013-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. o Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki Ishikawa reported memory safety problems and crashes that affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. ( CVE-2013-0769 ) o Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian Holler, Gary Kwong, Robert O'Callahan, and Scoobidiver reported memory safety problems and crashes that affect Firefox ESR 17 and Firefox 17. (CVE-2013-0749 ) o Jesse Ruderman, Christian Holler, Julian Seward, and Scoobidiver reported memory safety problems and crashes that affect Firefox 17. (CVE-2013-0770 ) * MFSA 2013-02: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free, out of bounds read, and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting three additional user-after-free and out of bounds read flaws introduced during Firefox development that were fixed before general release. The following issue was fixed in Firefox 18: o Global-buffer-overflow in CharDistributionAnalysis::HandleOneChar (CVE-2013-0760 ) The following issues were fixed in Firefox 18, ESR 17.0.1, and ESR 10.0.12: o Heap-use-after-free in imgRequest::OnStopFrame (CVE-2013-0762 ) o Heap-use-after-free in ~nsHTMLEditRules (CVE-2013-0766 ) o Out of bounds read in nsSVGPathElement::GetPathLengthScale ( CVE-2013-0767 ) The following issues were fixed in Firefox 18 and ESR 17.0.1: o Heap-use-after-free in mozilla::TrackUnionStream::EndTrack ( CVE-2013-0761 ) o Heap-use-after-free in Mesa, triggerable by resizing a WebGL canvas (CVE-2013-0763 ) o Heap-buffer-overflow in gfxTextRun::ShrinkToLigatureBoundaries (CVE-2013-0771 ) The following issue was fixed in Firefox 18 and in the earlier ESR 10.0.11 release: o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829 ) * MFSA 2013-03: Security researcher miaubiz used the Address Sanitizer tool to discover a buffer overflow in Canvas when specific bad height and width values were given through HTML. This could lead to a potentially exploitable crash. (CVE-2013-0768 ) Miaubiz also found a potentially exploitable crash when 2D and 3D content was mixed which was introduced during Firefox development and fixed before general release. * MFSA 2013-04: Security researcher Masato Kinugawa found a flaw in which the displayed URL values within the addressbar can be spoofed by a page during loading. This allows for phishing attacks where a malicious page can spoof the identify of another site. ( CVE-2013-0759 ) * MFSA 2013-05: Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered that the combination of large numbers of columns and column groups in a table could cause the array containing the columns during rendering to overwrite itself. This can lead to a user-after-free causing a potentially exploitable crash. ( CVE-2013-0744 ) * MFSA 2013-06: Mozilla developer Wesley Johnston reported that when there are two or more iframes on the same HTML page, an iframe is able to see the touch events and their targets that occur within the other iframes on the page. If the iframes are from the same origin, they can also access the properties and methods of the targets of other iframes but same-origin policy (SOP) restricts access across domains. This allows for information leakage and possibilities for cross-site scripting (XSS) if another vulnerability can be used to get around SOP restrictions. (CVE-2013-0751 ) * MFSA 2013-07: Mozilla community member Jerry Baker reported a crashing issue found through Thunderbird when downloading messages over a Secure Sockets Layer (SSL) connection. This was caused by a bug in the networking code assuming that secure connections were entirely handled on the socket transport thread when they can occur on a variety of threads. The resulting crash was potentially exploitable. (CVE-2013-0764 ) * MFSA 2013-08: Mozilla developer Olli Pettay discovered that the AutoWrapperChanger class fails to keep some javascript objects alive during garbage collection. This can lead to an exploitable crash allowing for arbitrary code execution. (CVE-2013-0745 ) * MFSA 2013-09: Mozilla developer Boris Zbarsky reported reported a problem where jsval-returning quickstubs fail to wrap their return values, causing a compartment mismatch. This mismatch can cause garbage collection to occur incorrectly and lead to a potentially exploitable crash. (CVE-2013-0746 ) * MFSA 2013-10: Mozilla security researcher Jesse Ruderman reported that events in the plugin handler can be manipulated by web content to bypass same-origin policy (SOP) restrictions. This can allow for clickjacking on malicious web pages. (CVE-2013-0747 ) * MFSA 2013-11: Mozilla security researcher Jesse Ruderman discovered that using the toString function of XBL objects can lead to inappropriate information leakage by revealing the address space layout instead of just the ID of the object. This layout information could potentially be used to bypass ASLR and other security protections. (CVE-2013-0748 ) * MFSA 2013-12: Security researcher pa_kt reported a flaw via TippingPoint's Zero Day Initiative that an integer overflow is possible when calculating the length for a Javascript string concatenation, which is then used for memory allocation. This results in a buffer overflow, leading to a potentially exploitable memory corruption. (CVE-2013-0750 ) * MFSA 2013-13: Security researcher Sviatoslav Chagaev reported that when using an XBL file containing multiple XML bindings with SVG content, a memory corruption can occur. In concern with remote XUL, this can lead to an exploitable crash. (CVE-2013-0752 ) * MFSA 2013-14: Security researcher Mariusz Mlynski reported that it is possible to change the prototype of an object and bypass Chrome Object Wrappers (COW) to gain access to chrome privileged functions. This could allow for arbitrary code execution. (CVE-2013-0757 ) * MFSA 2013-15: Security researcher Mariusz Mlynski reported that it is possible to open a chrome privileged web page through plugin objects through interaction with SVG elements. This could allow for arbitrary code execution. (CVE-2013-0758 ) * MFSA 2013-16: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free in XMLSerializer by the exposing of serializeToStream to web content. This can lead to arbitrary code execution when exploited. (CVE-2013-0753 ) * MFSA 2013-17: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free within the ListenerManager when garbage collection is forced after data in listener objects have been allocated in some circumstances. This results in a use-after-free which can lead to arbitrary code execution. (CVE-2013-0754 ) * MFSA 2013-18: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free using the domDoc pointer within Vibrate library. This can lead to arbitrary code execution when exploited. (CVE-2013-0755 ) * MFSA 2013-19: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a garbage collection flaw in Javascript Proxy objects. This can lead to a use-after-free leading to arbitrary code execution. (CVE-2013-0756 ) * MFSA 2013-20: Google reported to Mozilla that TURKTRUST, a certificate authority in Mozilla's root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control. This issue was resolved by revoking the trust for these specific mis-issued certificates. (CVE-2013-0743 ) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-firefox-201301-7224 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-firefox-201301-7224 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-firefox-201301-7224 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-firefox-201301-7224 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-devel-4.9.4-0.3.1 mozilla-nss-devel-3.14.1-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 10.0.12,3.14.1 and 4.9.4]: MozillaFirefox-10.0.12-0.4.1 MozillaFirefox-translations-10.0.12-0.4.1 libfreebl3-3.14.1-0.3.1 mozilla-nspr-4.9.4-0.3.1 mozilla-nss-3.14.1-0.3.1 mozilla-nss-tools-3.14.1-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.14.1 and 4.9.4]: libfreebl3-32bit-3.14.1-0.3.1 mozilla-nspr-32bit-4.9.4-0.3.1 mozilla-nss-32bit-3.14.1-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.12,3.14.1 and 4.9.4]: MozillaFirefox-10.0.12-0.4.1 MozillaFirefox-translations-10.0.12-0.4.1 libfreebl3-3.14.1-0.3.1 mozilla-nspr-4.9.4-0.3.1 mozilla-nss-3.14.1-0.3.1 mozilla-nss-tools-3.14.1-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.14.1 and 4.9.4]: libfreebl3-32bit-3.14.1-0.3.1 mozilla-nspr-32bit-4.9.4-0.3.1 mozilla-nss-32bit-3.14.1-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.14.1 and 4.9.4]: libfreebl3-x86-3.14.1-0.3.1 mozilla-nspr-x86-4.9.4-0.3.1 mozilla-nss-x86-3.14.1-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 10.0.12,3.14.1 and 4.9.4]: MozillaFirefox-10.0.12-0.4.1 MozillaFirefox-translations-10.0.12-0.4.1 libfreebl3-3.14.1-0.3.1 mozilla-nspr-4.9.4-0.3.1 mozilla-nss-3.14.1-0.3.1 mozilla-nss-tools-3.14.1-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.14.1 and 4.9.4]: libfreebl3-32bit-3.14.1-0.3.1 mozilla-nspr-32bit-4.9.4-0.3.1 mozilla-nss-32bit-3.14.1-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-5829.html http://support.novell.com/security/cve/CVE-2013-0743.html http://support.novell.com/security/cve/CVE-2013-0744.html http://support.novell.com/security/cve/CVE-2013-0745.html http://support.novell.com/security/cve/CVE-2013-0746.html http://support.novell.com/security/cve/CVE-2013-0747.html http://support.novell.com/security/cve/CVE-2013-0748.html http://support.novell.com/security/cve/CVE-2013-0749.html http://support.novell.com/security/cve/CVE-2013-0750.html http://support.novell.com/security/cve/CVE-2013-0751.html http://support.novell.com/security/cve/CVE-2013-0752.html http://support.novell.com/security/cve/CVE-2013-0753.html http://support.novell.com/security/cve/CVE-2013-0754.html http://support.novell.com/security/cve/CVE-2013-0755.html http://support.novell.com/security/cve/CVE-2013-0756.html http://support.novell.com/security/cve/CVE-2013-0757.html http://support.novell.com/security/cve/CVE-2013-0758.html http://support.novell.com/security/cve/CVE-2013-0759.html http://support.novell.com/security/cve/CVE-2013-0760.html http://support.novell.com/security/cve/CVE-2013-0761.html http://support.novell.com/security/cve/CVE-2013-0762.html http://support.novell.com/security/cve/CVE-2013-0763.html http://support.novell.com/security/cve/CVE-2013-0764.html http://support.novell.com/security/cve/CVE-2013-0766.html http://support.novell.com/security/cve/CVE-2013-0767.html http://support.novell.com/security/cve/CVE-2013-0768.html http://support.novell.com/security/cve/CVE-2013-0769.html http://support.novell.com/security/cve/CVE-2013-0770.html http://support.novell.com/security/cve/CVE-2013-0771.html https://bugzilla.novell.com/796895 http://download.novell.com/patch/finder/?keywords=9589e71e3266116ae59aa9d6e45add05 From sle-updates at lists.suse.com Fri Jan 18 12:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 20:04:33 +0100 (CET) Subject: SUSE-SU-2013:0049-1: important: Security update for MozillaFirefox Message-ID: <20130118190433.91EAD321AF@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0049-1 Rating: important References: #796628 #796895 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes two new package versions. Description: Mozilla Firefox was updated to the 10.0.12ESR release. * MFSA 2013-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. o Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki Ishikawa reported memory safety problems and crashes that affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. ( CVE-2013-0769 ) o Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian Holler, Gary Kwong, Robert O'Callahan, and Scoobidiver reported memory safety problems and crashes that affect Firefox ESR 17 and Firefox 17. (CVE-2013-0749 ) o Jesse Ruderman, Christian Holler, Julian Seward, and Scoobidiver reported memory safety problems and crashes that affect Firefox 17. (CVE-2013-0770 ) * MFSA 2013-02: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free, out of bounds read, and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting three additional user-after-free and out of bounds read flaws introduced during Firefox development that were fixed before general release. The following issue was fixed in Firefox 18: o Global-buffer-overflow in CharDistributionAnalysis::HandleOneChar (CVE-2013-0760 ) The following issues were fixed in Firefox 18, ESR 17.0.1, and ESR 10.0.12: o Heap-use-after-free in imgRequest::OnStopFrame (CVE-2013-0762 ) o Heap-use-after-free in ~nsHTMLEditRules (CVE-2013-0766 ) o Out of bounds read in nsSVGPathElement::GetPathLengthScale ( CVE-2013-0767 ) The following issues were fixed in Firefox 18 and ESR 17.0.1: o Heap-use-after-free in mozilla::TrackUnionStream::EndTrack ( CVE-2013-0761 ) o Heap-use-after-free in Mesa, triggerable by resizing a WebGL canvas (CVE-2013-0763 ) o Heap-buffer-overflow in gfxTextRun::ShrinkToLigatureBoundaries (CVE-2013-0771 ) The following issue was fixed in Firefox 18 and in the earlier ESR 10.0.11 release: o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829 ) * MFSA 2013-03: Security researcher miaubiz used the Address Sanitizer tool to discover a buffer overflow in Canvas when specific bad height and width values were given through HTML. This could lead to a potentially exploitable crash. (CVE-2013-0768 ) Miaubiz also found a potentially exploitable crash when 2D and 3D content was mixed which was introduced during Firefox development and fixed before general release. * MFSA 2013-04: Security researcher Masato Kinugawa found a flaw in which the displayed URL values within the addressbar can be spoofed by a page during loading. This allows for phishing attacks where a malicious page can spoof the identify of another site. ( CVE-2013-0759 ) * MFSA 2013-05: Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered that the combination of large numbers of columns and column groups in a table could cause the array containing the columns during rendering to overwrite itself. This can lead to a user-after-free causing a potentially exploitable crash. ( CVE-2013-0744 ) * MFSA 2013-06: Mozilla developer Wesley Johnston reported that when there are two or more iframes on the same HTML page, an iframe is able to see the touch events and their targets that occur within the other iframes on the page. If the iframes are from the same origin, they can also access the properties and methods of the targets of other iframes but same-origin policy (SOP) restricts access across domains. This allows for information leakage and possibilities for cross-site scripting (XSS) if another vulnerability can be used to get around SOP restrictions. (CVE-2013-0751 ) * MFSA 2013-07: Mozilla community member Jerry Baker reported a crashing issue found through Thunderbird when downloading messages over a Secure Sockets Layer (SSL) connection. This was caused by a bug in the networking code assuming that secure connections were entirely handled on the socket transport thread when they can occur on a variety of threads. The resulting crash was potentially exploitable. (CVE-2013-0764 ) * MFSA 2013-08: Mozilla developer Olli Pettay discovered that the AutoWrapperChanger class fails to keep some javascript objects alive during garbage collection. This can lead to an exploitable crash allowing for arbitrary code execution. (CVE-2013-0745 ) * MFSA 2013-09: Mozilla developer Boris Zbarsky reported reported a problem where jsval-returning quickstubs fail to wrap their return values, causing a compartment mismatch. This mismatch can cause garbage collection to occur incorrectly and lead to a potentially exploitable crash. (CVE-2013-0746 ) * MFSA 2013-10: Mozilla security researcher Jesse Ruderman reported that events in the plugin handler can be manipulated by web content to bypass same-origin policy (SOP) restrictions. This can allow for clickjacking on malicious web pages. (CVE-2013-0747 ) * MFSA 2013-11: Mozilla security researcher Jesse Ruderman discovered that using the toString function of XBL objects can lead to inappropriate information leakage by revealing the address space layout instead of just the ID of the object. This layout information could potentially be used to bypass ASLR and other security protections. (CVE-2013-0748 ) * MFSA 2013-12: Security researcher pa_kt reported a flaw via TippingPoint's Zero Day Initiative that an integer overflow is possible when calculating the length for a Javascript string concatenation, which is then used for memory allocation. This results in a buffer overflow, leading to a potentially exploitable memory corruption. (CVE-2013-0750 ) * MFSA 2013-13: Security researcher Sviatoslav Chagaev reported that when using an XBL file containing multiple XML bindings with SVG content, a memory corruption can occur. In concern with remote XUL, this can lead to an exploitable crash. (CVE-2013-0752 ) * MFSA 2013-14: Security researcher Mariusz Mlynski reported that it is possible to change the prototype of an object and bypass Chrome Object Wrappers (COW) to gain access to chrome privileged functions. This could allow for arbitrary code execution. (CVE-2013-0757 ) * MFSA 2013-15: Security researcher Mariusz Mlynski reported that it is possible to open a chrome privileged web page through plugin objects through interaction with SVG elements. This could allow for arbitrary code execution. (CVE-2013-0758 ) * MFSA 2013-16: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free in XMLSerializer by the exposing of serializeToStream to web content. This can lead to arbitrary code execution when exploited. (CVE-2013-0753 ) * MFSA 2013-17: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free within the ListenerManager when garbage collection is forced after data in listener objects have been allocated in some circumstances. This results in a use-after-free which can lead to arbitrary code execution. (CVE-2013-0754 ) * MFSA 2013-18: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free using the domDoc pointer within Vibrate library. This can lead to arbitrary code execution when exploited. (CVE-2013-0755 ) * MFSA 2013-19: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a garbage collection flaw in Javascript Proxy objects. This can lead to a use-after-free leading to arbitrary code execution. (CVE-2013-0756 ) * MFSA 2013-20: Google reported to Mozilla that TURKTRUST, a certificate authority in Mozilla's root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control. This issue was resolved by revoking the trust for these specific mis-issued certificates. (CVE-2013-0743 ) Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-4.9.4-0.6.1 mozilla-nspr-devel-4.9.4-0.6.1 mozilla-nss-3.14.1-0.6.1 mozilla-nss-devel-3.14.1-0.6.1 mozilla-nss-tools-3.14.1-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-10.0.12-0.6.1 MozillaFirefox-translations-10.0.12-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-32bit-4.9.4-0.6.1 mozilla-nss-32bit-3.14.1-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-x86-4.9.4-0.6.1 mozilla-nss-x86-3.14.1-0.6.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-64bit-4.9.4-0.6.1 mozilla-nss-64bit-3.14.1-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-4.9.4-0.6.1 mozilla-nspr-devel-4.9.4-0.6.1 mozilla-nss-3.14.1-0.6.1 mozilla-nss-devel-3.14.1-0.6.1 mozilla-nss-tools-3.14.1-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 3.14.1 and 4.9.4]: mozilla-nspr-32bit-4.9.4-0.6.1 mozilla-nss-32bit-3.14.1-0.6.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): MozillaFirefox-10.0.12-0.6.1 MozillaFirefox-translations-10.0.12-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.14.1]: mozilla-nss-tools-3.14.1-0.6.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-10.0.12-0.6.1 References: https://bugzilla.novell.com/796628 https://bugzilla.novell.com/796895 http://download.novell.com/patch/finder/?keywords=dbe0a7820fa20c51a9e400f8a2814641 From sle-updates at lists.suse.com Fri Jan 18 15:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 18 Jan 2013 23:04:31 +0100 (CET) Subject: SUSE-RU-2013:0050-1: Recommended update for libcgroup Message-ID: <20130118220431.B49B2321AF@maintenance.suse.de> SUSE Recommended Update: Recommended update for libcgroup ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0050-1 Rating: low References: #785849 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for Control Groups management tools (libcgroup1) fixes detection of the system's default control group in the cgconfig init script. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libcgroup-devel-7188 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libcgroup-devel-7188 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libcgroup-devel-7188 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.37.1]: libcgroup-devel-0.37.1-5.16.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 0.37.1]: libcgroup1-0.37.1-5.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.37.1]: libcgroup1-0.37.1-5.16.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.37.1]: libcgroup1-0.37.1-5.16.1 References: https://bugzilla.novell.com/785849 http://download.novell.com/patch/finder/?keywords=037e6fa554d28f023dd4680963cdbc39 From sle-updates at lists.suse.com Mon Jan 21 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 21 Jan 2013 18:04:29 +0100 (CET) Subject: SUSE-SU-2013:0051-1: moderate: Security update for icu Message-ID: <20130121170429.84D1D321DA@maintenance.suse.de> SUSE Security Update: Security update for icu ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0051-1 Rating: moderate References: #657910 #736146 Cross-References: CVE-2011-4599 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update is rereleased because some architectures were missed on the first try. It fixes the following security issues: * Specially crafted strings could cause a buffer overflow in icu ( CVE-2011-4599 ) * An integer overflow in the getSymbol() function could crash applications using icu (CVE-2010-4409 ) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-icu-7204 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-icu-7204 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-icu-7204 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icu-7204 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libicu-devel-4.0-7.26.15 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libicu-devel-32bit-4.0-7.26.15 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): icu-4.0-7.26.15 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libicu-32bit-4.0-7.26.15 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libicu-4.0-7.26.15 libicu-doc-4.0-7.26.15 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libicu-32bit-4.0-7.26.15 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libicu-4.0-7.26.15 libicu-doc-4.0-7.26.15 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libicu-32bit-4.0-7.26.15 - SUSE Linux Enterprise Server 11 SP2 (ia64): libicu-x86-4.0-7.26.15 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): icu-4.0-7.26.15 libicu-4.0-7.26.15 References: http://support.novell.com/security/cve/CVE-2011-4599.html https://bugzilla.novell.com/657910 https://bugzilla.novell.com/736146 http://download.novell.com/patch/finder/?keywords=6d89f4b06ab2a4a8bb3c7b664635b47d From sle-updates at lists.suse.com Mon Jan 21 15:04:33 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 21 Jan 2013 23:04:33 +0100 (CET) Subject: SUSE-RU-2013:0052-1: Recommended update for suspend Message-ID: <20130121220433.3E821321B4@maintenance.suse.de> SUSE Recommended Update: Recommended update for suspend ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0052-1 Rating: low References: #788372 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the suspend package fixes suspend to RAM (s2ram) on Xen hosts. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-suspend-7159 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-suspend-7159 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-suspend-7159 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): suspend-0.80.20081103-1.54.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): suspend-0.80.20081103-1.54.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): suspend-0.80.20081103-1.54.1 References: https://bugzilla.novell.com/788372 http://download.novell.com/patch/finder/?keywords=e438248d37636bb6a6c484164dbea861 From sle-updates at lists.suse.com Tue Jan 22 21:04:17 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 23 Jan 2013 05:04:17 +0100 (CET) Subject: SUSE-SU-2013:0053-1: important: Security update for WebYaST Message-ID: <20130123040417.44A8432098@maintenance.suse.de> SUSE Security Update: Security update for WebYaST ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0053-1 Rating: important References: #792712 Cross-References: CVE-2012-0435 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The hosts list used by WebYaST for connecting to it's back end part was modifiable allowing to point to a malicious website which then could access all values sent by WebYaST. The /host configuration path was removed to fix this issue. Security Issue reference: * CVE-2012-0435 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-webyast-base-ui-7236 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-webyast-base-ui-7236 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (noarch) [New Version: 0.2.63]: webyast-base-ui-0.2.63-0.6.1 webyast-base-ui-branding-default-0.2.63-0.6.1 webyast-base-ui-testsuite-0.2.63-0.6.1 - SUSE Studio Standard Edition 1.2 (noarch) [New Version: 0.2.63]: webyast-base-ui-0.2.63-0.6.1 References: http://support.novell.com/security/cve/CVE-2012-0435.html https://bugzilla.novell.com/792712 http://download.novell.com/patch/finder/?keywords=7c947289145036c838e04ef674b59d7b From sle-updates at lists.suse.com Wed Jan 23 07:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 23 Jan 2013 15:04:31 +0100 (CET) Subject: SUSE-RU-2013:0184-1: moderate: Recommended update for lttng-ust Message-ID: <20130123140432.1845D321B4@maintenance.suse.de> SUSE Recommended Update: Recommended update for lttng-ust ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0184-1 Rating: moderate References: #798217 Affected Products: SUSE Linux Enterprise Real Time 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the Userspace Tracer library from Linux Trace Toolkit (lttng-ust) provides header files to support development of programs using LTTng userspace tracing. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-lttng-ust-7247 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP2 (x86_64): lttng-ust-2.0.4-0.7.1 lttng-ust-devel-2.0.4-0.7.1 lttng-ust-docs-2.0.4-0.7.1 References: https://bugzilla.novell.com/798217 http://download.novell.com/patch/finder/?keywords=04afbb624bac8a1ed9d277ded67259e4 From sle-updates at lists.suse.com Wed Jan 23 11:04:23 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 23 Jan 2013 19:04:23 +0100 (CET) Subject: SUSE-RU-2013:0185-1: important: Recommended update for libcanberra Message-ID: <20130123180424.318C9321CD@maintenance.suse.de> SUSE Recommended Update: Recommended update for libcanberra ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0185-1 Rating: important References: #791654 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libcanberra provides 32bit versions of the library for 64bit architectures. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libcanberra-gtk-7253 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libcanberra-gtk-7253 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libcanberra-gtk-7253 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libcanberra-gtk-7253 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libcanberra-gtk-32bit-0.18-2.3.2 libcanberra-gtk0-32bit-0.18-2.3.2 libcanberra0-32bit-0.18-2.3.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libcanberra-gtk-0.18-2.3.2 libcanberra-gtk0-0.18-2.3.2 libcanberra0-0.18-2.3.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libcanberra-gtk-32bit-0.18-2.3.2 libcanberra-gtk0-32bit-0.18-2.3.2 libcanberra0-32bit-0.18-2.3.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libcanberra-gtk-0.18-2.3.2 libcanberra-gtk0-0.18-2.3.2 libcanberra0-0.18-2.3.2 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libcanberra-gtk-32bit-0.18-2.3.2 libcanberra-gtk0-32bit-0.18-2.3.2 libcanberra0-32bit-0.18-2.3.2 - SUSE Linux Enterprise Server 11 SP2 (ia64): libcanberra-gtk-x86-0.18-2.3.2 libcanberra-gtk0-x86-0.18-2.3.2 libcanberra0-x86-0.18-2.3.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libcanberra-gtk-0.18-2.3.2 libcanberra-gtk0-0.18-2.3.2 libcanberra0-0.18-2.3.2 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libcanberra-gtk-32bit-0.18-2.3.2 libcanberra-gtk0-32bit-0.18-2.3.2 libcanberra0-32bit-0.18-2.3.2 References: https://bugzilla.novell.com/791654 http://download.novell.com/patch/finder/?keywords=470eb2a0ac2eebddb429f807420ac2a4 From sle-updates at lists.suse.com Wed Jan 23 12:04:38 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 23 Jan 2013 20:04:38 +0100 (CET) Subject: SUSE-SU-2013:0190-1: important: Security update for pcp Message-ID: <20130123190438.483BC321DE@maintenance.suse.de> SUSE Security Update: Security update for pcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0190-1 Rating: important References: #732763 #775009 #775010 #775011 #775013 #782967 Cross-References: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves four vulnerabilities and has two fixes is now available. It includes two new package versions. Description: pcp was updated to version 3.6.10 which fixes security issues and also brings a lot of new features. * Update to pcp-3.6.10. o Transition daemons to run under an unprivileged account. o Fixes for security advisory CVE-2012-5530: tmpfile flaws; (bnc#782967). o Fix pcp(1) command short-form pmlogger reporting. o Fix pmdalogger error handling for directory files. o Fix pmstat handling of odd corner case in CPU metrics. o Correct the python ctype used for pmAtomValue 32bit ints. o Add missing RPM spec dependency for python-ctypes. o Corrections to pmdamysql metrics units. o Add pmdamysql slave status metrics. o Improve pmcollectl error messages. o Parameterize pmcollectl CPU counts in interrupt subsys. o Fix generic RPM packaging for powerpc builds. o Fix python API use of reentrant libpcp string routines. o Python code backporting for RHEL5 in qa and pmcollectl. o Fix edge cases in capturing interrupt error counts. * Update to pcp-3.6.9. o Python wrapper for the pmimport API o Make sar2pcp work with the sysstat versions from RHEL5, RHEL6, and all recent Fedora versions (which is almost all current versions of sysstat verified). o Added a number of additional metrics into the importer for people starting to use it to analyse sar data from real customer incidents. o Rework use of C99 "restrict" keyword in pmdalogger (Debian bug: 689552) o Alot of work on the PCP QA suite, special thanks to Tomas Dohnalek for all his efforts there. o Win32 build updates o Add "raw" disk active metrics so that existing tools like iostat can be emulated o Allow sar2pcp to accept XML input directly (.xml suffix), allowing it to not have to run on the same platform as the sadc/sadf that originally generated it. o Add PMI error codes into the PCP::LogImport perl module. o Fix a typo in pmiUnits man page synopsis section o Resolve pmdalinux ordering issue in NUMA/CPU indom setup (Redhat bug: 858384) o Remove unused pmcollectl imports (Redhat bug: 863210) o Allow event traces to be used in libpcp interpolate mode * Update to pcp-3.6.8. o Corrects the disk/partition identification for the MMC driver, which makes disk indom handling correct on the Raspberry Pi (http://www.raspberrypi.org/) o Several minor/basic fixes for pmdaoracle. o Improve pmcollectl compatibility. o Make a few clarifications to pmcollectl.1. o Improve python API test coverage. o Numerous updates to the test suite in general. o Allow pmda Install scripts to specify own dso name again. o Reconcile spec file differences between PCP flavours. o Fix handling of multiple contexts with a remote namespace. o Core socket interface abstractions to support NSS (later). o Fix man page SYNOPSIS section for pmUnpackEventRecords. o Add --disable-shared build option for static builds. * Update to pcp-3.6.6. o Added the python PMAPI bindings and an initial python client in pmcollectl. Separate, new package exists for python libs for those platforms that split out packages (rpm, deb). o Added a pcp-testsuite package for those platforms that might want this (rpm, deb again, mainly) o Re-introduced the pcp/qa subdirectory in pcp and deprecated the external pcpqa git tree. o Fix potential buffer overflow in pmlogger host name handling. o Reworked the configure --prefix handling to be more like the rest of the open source world. o Ensure the __pmDecodeText ident parameter is always set Resolves Red Hat bugzilla bug #841306. Security Issue references: * CVE-2012-3418 * CVE-2012-3419 * CVE-2012-3420 * CVE-2012-3421 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libpcp3-7221 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libpcp3-7221 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libpcp3-7221 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libpcp3-7221 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.6.10]: libpcp3-3.6.10-0.3.1 pcp-3.6.10-0.3.1 pcp-devel-3.6.10-0.3.1 pcp-import-iostat2pcp-3.6.10-0.3.1 pcp-import-mrtg2pcp-3.6.10-0.3.1 pcp-import-sar2pcp-3.6.10-0.3.1 pcp-import-sheet2pcp-3.6.10-0.3.1 perl-PCP-LogImport-3.6.10-0.3.1 perl-PCP-LogSummary-3.6.10-0.3.1 perl-PCP-MMV-3.6.10-0.3.1 perl-PCP-PMDA-3.6.10-0.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2013.1.7]: permissions-2013.1.7-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2013.1.7]: permissions-2013.1.7-0.3.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 2013.1.7 and 3.6.10]: libpcp3-3.6.10-0.5.1 pcp-3.6.10-0.5.1 pcp-import-iostat2pcp-3.6.10-0.5.1 pcp-import-mrtg2pcp-3.6.10-0.5.1 pcp-import-sar2pcp-3.6.10-0.5.1 pcp-import-sheet2pcp-3.6.10-0.5.1 perl-PCP-LogImport-3.6.10-0.5.1 perl-PCP-LogSummary-3.6.10-0.5.1 perl-PCP-MMV-3.6.10-0.5.1 perl-PCP-PMDA-3.6.10-0.5.1 permissions-2013.1.7-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2013.1.7]: permissions-2013.1.7-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 2013.1.7]: permissions-2013.1.7-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.6.10]: libpcp3-3.6.10-0.5.1 pcp-3.6.10-0.5.1 pcp-devel-3.6.10-0.5.1 pcp-import-iostat2pcp-3.6.10-0.5.1 pcp-import-mrtg2pcp-3.6.10-0.5.1 pcp-import-sar2pcp-3.6.10-0.5.1 pcp-import-sheet2pcp-3.6.10-0.5.1 perl-PCP-LogImport-3.6.10-0.5.1 perl-PCP-LogSummary-3.6.10-0.5.1 perl-PCP-MMV-3.6.10-0.5.1 perl-PCP-PMDA-3.6.10-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3418.html http://support.novell.com/security/cve/CVE-2012-3419.html http://support.novell.com/security/cve/CVE-2012-3420.html http://support.novell.com/security/cve/CVE-2012-3421.html https://bugzilla.novell.com/732763 https://bugzilla.novell.com/775009 https://bugzilla.novell.com/775010 https://bugzilla.novell.com/775011 https://bugzilla.novell.com/775013 https://bugzilla.novell.com/782967 http://download.novell.com/patch/finder/?keywords=51012200090dff3a8a3a0cbcae5a4be2 http://download.novell.com/patch/finder/?keywords=86d59a2714828a99a56a3fdba3660c73 From sle-updates at lists.suse.com Thu Jan 24 15:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 24 Jan 2013 23:04:15 +0100 (CET) Subject: SUSE-SU-2013:0194-1: moderate: Security update for hawk Message-ID: <20130124220415.3CC1E321B7@maintenance.suse.de> SUSE Security Update: Security update for hawk ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0194-1 Rating: moderate References: #765097 #766791 #775649 #775653 Cross-References: CVE-2012-3464 CVE-2012-3465 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. It includes one version update. Description: hawk has been rebuilt to include updated ruby gems that contain fixes for security issues. rubygem-activesupport-2_3 has been updated to fix the following security issue: * This update also the HTML escaping code in Ruby on Rails. CVE-2012-3464 has been assigned to this issue. rubygem-actionpack-2_3 has been updated to fix the following security issues: * CVE-2012-3465: Malformed HTML is not correctly handled when validating with the strip_tags helper which could result in Cross-site Scripting issues. * CVE-2012-2694, CVE-2012-2660: Unsafe query generation was possible using NULL queries. The included GEM archive package was also adjusted to contain the security fixes available in the unpacked ruby tree. Security Issue references: * CVE-2012-3464 * CVE-2012-3465 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-hawk-7078 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.5.2]: hawk-0.5.2-0.38.16 hawk-templates-0.5.2-0.38.16 References: http://support.novell.com/security/cve/CVE-2012-3464.html http://support.novell.com/security/cve/CVE-2012-3465.html https://bugzilla.novell.com/765097 https://bugzilla.novell.com/766791 https://bugzilla.novell.com/775649 https://bugzilla.novell.com/775653 http://download.novell.com/patch/finder/?keywords=6a53a5d8c6e366542686771cc89925c3 From sle-updates at lists.suse.com Thu Jan 24 17:04:31 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 25 Jan 2013 01:04:31 +0100 (CET) Subject: SUSE-SU-2013:0195-1: moderate: Security update for freetype2 Message-ID: <20130125000432.30BBB321E6@maintenance.suse.de> SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0195-1 Rating: moderate References: #795826 Cross-References: CVE-2012-5668 CVE-2012-5669 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes: * OOB access in bdf_free_font() and _bdf_parse_glyphs() (CVE-2012-5668 and CVE-2012-5669) As well as the following non-security bugs: * [bdf] Savannah bug #37905. o src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero in case of allocation error; this value gets used in a loop in * [bdf] Fix Savannah bug #37906. o src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for checking `glyph_enc'. Security Issue references: * CVE-2012-5668 * CVE-2012-5669 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-freetype2-7232 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-freetype2-7232 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-freetype2-7232 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-freetype2-7232 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): freetype2-devel-2.3.7-25.32.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): freetype2-devel-32bit-2.3.7-25.32.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): freetype2-2.3.7-25.32.1 ft2demos-2.3.7-25.32.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): freetype2-32bit-2.3.7-25.32.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): freetype2-2.3.7-25.32.1 ft2demos-2.3.7-25.32.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): freetype2-32bit-2.3.7-25.32.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): freetype2-x86-2.3.7-25.32.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): freetype2-2.3.7-25.32.1 freetype2-devel-2.3.7-25.32.1 ft2demos-2.3.7-25.32.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): freetype2-32bit-2.3.7-25.32.1 References: http://support.novell.com/security/cve/CVE-2012-5668.html http://support.novell.com/security/cve/CVE-2012-5669.html https://bugzilla.novell.com/795826 http://download.novell.com/patch/finder/?keywords=cdec3f55c43c965d2fec90d543cc6e2b From sle-updates at lists.suse.com Thu Jan 24 17:04:38 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 25 Jan 2013 01:04:38 +0100 (CET) Subject: SUSE-SU-2013:0196-1: moderate: Security update for freetype2 Message-ID: <20130125000438.44B1B321CE@maintenance.suse.de> SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0196-1 Rating: moderate References: #795826 Cross-References: CVE-2012-5668 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes: * OOB access in bdf_free_font() (CVE-2012-5668) As well as non-security bugs: * [bdf] Savannah bug #37905. o src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero in case of allocation error; this value gets used in a loop in Security Issue reference: * CVE-2012-5668 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): freetype2-2.1.10-18.31.1 freetype2-devel-2.1.10-18.31.1 ft2demos-2.1.10-19.31.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): freetype2-32bit-2.1.10-18.31.1 freetype2-devel-32bit-2.1.10-18.31.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): freetype2-x86-2.1.10-18.31.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): freetype2-64bit-2.1.10-18.31.1 freetype2-devel-64bit-2.1.10-18.31.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): freetype2-2.1.10-18.31.1 freetype2-devel-2.1.10-18.31.1 ft2demos-2.1.10-19.31.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): freetype2-32bit-2.1.10-18.31.1 freetype2-devel-32bit-2.1.10-18.31.1 References: http://support.novell.com/security/cve/CVE-2012-5668.html https://bugzilla.novell.com/795826 http://download.novell.com/patch/finder/?keywords=dae01abeb154b602c10bb1999a8eb916 From sle-updates at lists.suse.com Thu Jan 24 19:04:13 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 25 Jan 2013 03:04:13 +0100 (CET) Subject: SUSE-YU-2013:0197-1: YOU update for PackageKit Message-ID: <20130125020414.0ACB4321AF@maintenance.suse.de> SUSE YOU Update: YOU update for PackageKit ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:0197-1 Rating: low References: #777395 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one YOU fix can now be installed. Description: This update for PackageKit fixes installation of packages that require manual approval of an End User License Agreement (EULA). Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-PackageKit-7256 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-PackageKit-7256 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-PackageKit-7256 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-PackageKit-7256 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): PackageKit-devel-0.3.14-2.25.2 libpackagekit-glib10-devel-0.3.14-2.25.2 libpackagekit-qt10-0.3.14-2.25.2 libpackagekit-qt10-devel-0.3.14-2.25.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): PackageKit-0.3.14-2.25.2 PackageKit-lang-0.3.14-2.25.2 libpackagekit-glib10-0.3.14-2.25.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): PackageKit-0.3.14-2.25.2 PackageKit-lang-0.3.14-2.25.2 libpackagekit-glib10-0.3.14-2.25.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): PackageKit-0.3.14-2.25.2 PackageKit-gstreamer-plugin-0.3.14-2.25.2 PackageKit-lang-0.3.14-2.25.2 libpackagekit-glib10-0.3.14-2.25.2 References: https://bugzilla.novell.com/777395 http://download.novell.com/patch/finder/?keywords=9c9a2b6bd4d4bf8432d9392580e44030 From sle-updates at lists.suse.com Thu Jan 24 19:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 25 Jan 2013 03:04:18 +0100 (CET) Subject: SUSE-SU-2013:0198-1: moderate: Security update for libtiff Message-ID: <20130125020418.AB9E2321DE@maintenance.suse.de> SUSE Security Update: Security update for libtiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0198-1 Rating: moderate References: #781995 #787892 #788741 #791607 Cross-References: CVE-2012-4447 CVE-2012-4564 CVE-2012-5581 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: Various memory corruption vulnerabilities have been fixed in libtiff. CVE-2012-4447, CVE-2012-4564 and CVE-2012-5581 have been assigned to these issues. Security Issue references: * CVE-2012-4447 * CVE-2012-4564 * CVE-2012-5581 Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libtiff-devel-7216 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libtiff-devel-7216 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libtiff-devel-7216 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libtiff-devel-7216 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libtiff-devel-3.8.2-141.150.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libtiff-devel-32bit-3.8.2-141.150.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libtiff3-3.8.2-141.150.1 tiff-3.8.2-141.150.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libtiff3-32bit-3.8.2-141.150.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libtiff3-3.8.2-141.150.1 tiff-3.8.2-141.150.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libtiff3-32bit-3.8.2-141.150.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libtiff3-x86-3.8.2-141.150.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): libtiff-3.8.2-5.32.1 libtiff-devel-3.8.2-5.32.1 tiff-3.8.2-5.32.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libtiff-32bit-3.8.2-5.32.1 libtiff-devel-32bit-3.8.2-5.32.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): libtiff-x86-3.8.2-5.32.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): libtiff-64bit-3.8.2-5.32.1 libtiff-devel-64bit-3.8.2-5.32.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libtiff3-3.8.2-141.150.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libtiff3-32bit-3.8.2-141.150.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libtiff-3.8.2-5.32.1 libtiff-devel-3.8.2-5.32.1 tiff-3.8.2-5.32.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libtiff-32bit-3.8.2-5.32.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): libtiff-devel-3.8.2-5.32.1 - SLE SDK 10 SP4 (s390x x86_64): libtiff-devel-32bit-3.8.2-5.32.1 - SLE SDK 10 SP4 (ppc): libtiff-devel-64bit-3.8.2-5.32.1 References: http://support.novell.com/security/cve/CVE-2012-4447.html http://support.novell.com/security/cve/CVE-2012-4564.html http://support.novell.com/security/cve/CVE-2012-5581.html https://bugzilla.novell.com/781995 https://bugzilla.novell.com/787892 https://bugzilla.novell.com/788741 https://bugzilla.novell.com/791607 http://download.novell.com/patch/finder/?keywords=293aa3466520f4b2119523440d11f5c3 http://download.novell.com/patch/finder/?keywords=e82a9ac77700ce38cd74ae7a74f81150 From sle-updates at lists.suse.com Fri Jan 25 13:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 25 Jan 2013 21:04:16 +0100 (CET) Subject: SUSE-RU-2013:0200-1: moderate: Recommended update for bind Message-ID: <20130125200416.E6AA43213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for bind ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0200-1 Rating: moderate References: #796112 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Server 10 SP3 LTSS SUSE Linux Enterprise Server 10 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for the BIND DNS Server (bind) changes the IPv4 address of root server D, as requested by the server's administrators, and adds IPv6 addresses for root servers D, L and I. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-bind-7228 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bind-7228 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bind-7228 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-bind-7227 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bind-7228 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-devel-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64) [New Version: 9.6ESVR7P4]: bind-devel-32bit-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.10.1 bind-chrootenv-9.6ESVR7P4-0.10.1 bind-doc-9.6ESVR7P4-0.10.1 bind-libs-9.6ESVR7P4-0.10.1 bind-utils-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.10.1 bind-chrootenv-9.6ESVR7P4-0.10.1 bind-doc-9.6ESVR7P4-0.10.1 bind-libs-9.6ESVR7P4-0.10.1 bind-utils-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.6ESVR7P4]: bind-libs-x86-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.2.5.1 bind-chrootenv-9.6ESVR7P4-0.2.5.1 bind-doc-9.6ESVR7P4-0.2.5.1 bind-libs-9.6ESVR7P4-0.2.5.1 bind-utils-9.6ESVR7P4-0.2.5.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.2.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.9.1 bind-chrootenv-9.6ESVR7P4-0.9.1 bind-devel-9.6ESVR7P4-0.9.1 bind-doc-9.6ESVR7P4-0.9.1 bind-libs-9.6ESVR7P4-0.9.1 bind-utils-9.6ESVR7P4-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P4]: bind-libs-x86-9.6ESVR7P4-0.9.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P4]: bind-devel-64bit-9.6ESVR7P4-0.9.1 bind-libs-64bit-9.6ESVR7P4-0.9.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): bind-9.3.4-1.44.1 bind-chrootenv-9.3.4-1.44.1 bind-devel-9.3.4-1.44.1 bind-doc-9.3.4-1.44.1 bind-libs-9.3.4-1.44.1 bind-utils-9.3.4-1.44.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): bind-libs-32bit-9.3.4-1.44.1 - SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64): bind-9.3.4-1.31.35.1 bind-chrootenv-9.3.4-1.31.35.1 bind-devel-9.3.4-1.31.35.1 bind-doc-9.3.4-1.31.35.1 bind-libs-9.3.4-1.31.35.1 bind-utils-9.3.4-1.31.35.1 - SUSE Linux Enterprise Server 10 SP2 (s390x x86_64): bind-libs-32bit-9.3.4-1.31.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-libs-9.6ESVR7P4-0.10.1 bind-utils-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.10.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P4]: bind-libs-9.6ESVR7P4-0.9.1 bind-utils-9.6ESVR7P4-0.9.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P4]: bind-libs-32bit-9.6ESVR7P4-0.9.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P4]: bind-9.6ESVR7P4-0.9.1 bind-chrootenv-9.6ESVR7P4-0.9.1 bind-devel-9.6ESVR7P4-0.9.1 bind-doc-9.6ESVR7P4-0.9.1 - SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P4]: bind-devel-64bit-9.6ESVR7P4-0.9.1 References: https://bugzilla.novell.com/796112 http://download.novell.com/patch/finder/?keywords=27abb3bfca478ac267c5fcff67efe879 http://download.novell.com/patch/finder/?keywords=564ffa01acdfb877475ba323f3417c0c http://download.novell.com/patch/finder/?keywords=85cb650f31c519cd2261ad3f42a85145 http://download.novell.com/patch/finder/?keywords=e469ed33c821ca19efb193bcf39a7f8a http://download.novell.com/patch/finder/?keywords=fcc9810e7f496e647f74e67baf45d517 From sle-updates at lists.suse.com Sun Jan 27 12:04:23 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sun, 27 Jan 2013 20:04:23 +0100 (CET) Subject: SUSE-RU-2013:0200-2: moderate: Recommended update for bind Message-ID: <20130127190423.6C51D321B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for bind ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0200-2 Rating: moderate References: #796112 Affected Products: SUSE CORE 9 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for the BIND DNS Server (bind) changes the IPv4 address of root server D, as requested by the server's administrators, and adds IPv6 addresses for root servers D, L and I. Contraindications: Package List: - SUSE CORE 9 (i586 s390 s390x x86_64): bind-9.3.4-4.20 bind-devel-9.3.4-4.20 bind-utils-9.3.4-4.20 - SUSE CORE 9 (x86_64): bind-utils-32bit-9-201301161006 - SUSE CORE 9 (s390x): bind-utils-32bit-9-201301161017 References: https://bugzilla.novell.com/796112 http://download.novell.com/patch/finder/?keywords=65bda240fc02d417c19177b4682a491f From sle-updates at lists.suse.com Tue Jan 29 10:04:29 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 29 Jan 2013 18:04:29 +0100 (CET) Subject: SUSE-RU-2013:0207-1: Recommended update for kdelibs4 Message-ID: <20130129170429.85FA0321CE@maintenance.suse.de> SUSE Recommended Update: Recommended update for kdelibs4 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0207-1 Rating: low References: #617423 #758017 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for kdelibs4 provides the following fixes: * Fix frequent crashes of kmail * Do not assume that non-KDE applications support KIO protocols Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-kdelibs4-7189 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kdelibs4-7189 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kdelibs4-7189 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kdelibs4-7189 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): kdelibs4-doc-4.3.5-0.8.1 libkde4-devel-4.3.5-0.8.1 libkdecore4-devel-4.3.5-0.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libkde4-32bit-4.3.5-0.8.1 libkdecore4-32bit-4.3.5-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): kdelibs4-4.3.5-0.8.1 kdelibs4-core-4.3.5-0.8.1 kdelibs4-doc-4.3.5-0.8.1 libkde4-4.3.5-0.8.1 libkdecore4-4.3.5-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libkde4-32bit-4.3.5-0.8.1 libkdecore4-32bit-4.3.5-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): kdelibs4-4.3.5-0.8.1 kdelibs4-core-4.3.5-0.8.1 kdelibs4-doc-4.3.5-0.8.1 libkde4-4.3.5-0.8.1 libkdecore4-4.3.5-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libkde4-32bit-4.3.5-0.8.1 libkdecore4-32bit-4.3.5-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libkde4-x86-4.3.5-0.8.1 libkdecore4-x86-4.3.5-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kdelibs4-4.3.5-0.8.1 kdelibs4-core-4.3.5-0.8.1 libkde4-4.3.5-0.8.1 libkdecore4-4.3.5-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libkde4-32bit-4.3.5-0.8.1 libkdecore4-32bit-4.3.5-0.8.1 References: https://bugzilla.novell.com/617423 https://bugzilla.novell.com/758017 http://download.novell.com/patch/finder/?keywords=e451f1c99feef7222803879300613b19 From sle-updates at lists.suse.com Tue Jan 29 12:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 29 Jan 2013 20:04:14 +0100 (CET) Subject: SUSE-SU-2013:0208-1: moderate: Security update for rubygem-actionpack-2_3 Message-ID: <20130129190414.CDBB03212B@maintenance.suse.de> SUSE Security Update: Security update for rubygem-actionpack-2_3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0208-1 Rating: moderate References: #765097 #766791 #775649 Cross-References: CVE-2012-3464 CVE-2012-3465 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. It includes one version update. Description: rubygem-actionpack-2_3 has been updated to fix the following security issues: * CVE-2012-3465: Malformed HTML is not correctly handled when validating with the strip_tags helper which could result in Cross-site Scripting issues. * CVE-2012-2694, CVE-2012-2660: Unsafe query generation was possible using NULL queries. The included GEM archive package was also adjusted to contain the security fixes available in the unpacked ruby tree. Security Issue references: * CVE-2012-3464 * CVE-2012-3465 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-actionpack-2_3-7031 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-actionpack-2_3-7031 - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-7031 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-7031 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-actionpack-2_3-7030 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-actionpack-2_3-7030 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.10.1 - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.10.1 - SUSE Studio Onsite 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.10.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.10.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-actionpack-2_3-2.3.14-0.14.1 - SUSE Cloud 1.0 (x86_64): rubygem-actionpack-2_3-2.3.14-0.14.1 References: http://support.novell.com/security/cve/CVE-2012-3464.html http://support.novell.com/security/cve/CVE-2012-3465.html https://bugzilla.novell.com/765097 https://bugzilla.novell.com/766791 https://bugzilla.novell.com/775649 http://download.novell.com/patch/finder/?keywords=5a3f50ddfe70ae71ea853e5983a4df46 http://download.novell.com/patch/finder/?keywords=725ed7b159ba8946d34409cfe8334492 From sle-updates at lists.suse.com Tue Jan 29 12:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 29 Jan 2013 20:04:18 +0100 (CET) Subject: SUSE-SU-2013:0209-1: moderate: Security update for rubygem-activesupport-2_3 Message-ID: <20130129190418.AFEB6321E9@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activesupport-2_3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0209-1 Rating: moderate References: #775653 Cross-References: CVE-2012-3464 CVE-2012-3465 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Cloud 1.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: rubygem-activesupport-2_3 was updated to fix two HTML escaping issues that may be used by an attacker for a cross-site scripting (XSS) attack. ( CVE-2012-3464 , CVE-2012-3465 ) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-activesupport-2_3-7027 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-activesupport-2_3-7027 - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-rubygem-activesupport-2_3-7027 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-rubygem-activesupport-2_3-7027 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-activesupport-2_3-7026 - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-rubygem-activesupport-2_3-7026 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-activesupport-2_3-2.3.14-0.7.8.1 - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 2.3.14]: rubygem-activesupport-2_3-2.3.14-0.7.8.1 - SUSE Studio Onsite 1.2 (x86_64) [New Version: 2.3.14]: rubygem-activesupport-2_3-2.3.14-0.7.8.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 2.3.14]: rubygem-activesupport-2_3-2.3.14-0.7.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-2_3-2.3.14-0.12.1 - SUSE Cloud 1.0 (x86_64): rubygem-activesupport-2_3-2.3.14-0.12.1 References: http://support.novell.com/security/cve/CVE-2012-3464.html http://support.novell.com/security/cve/CVE-2012-3465.html https://bugzilla.novell.com/775653 http://download.novell.com/patch/finder/?keywords=1a9549fb27d2cb9a3f9063bb57bd8e17 http://download.novell.com/patch/finder/?keywords=8a17ab0bfa3a8febd0270d50ec7deb00 From sle-updates at lists.suse.com Tue Jan 29 13:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 29 Jan 2013 21:04:18 +0100 (CET) Subject: SUSE-RU-2013:0210-1: Recommended update for SUSE Studio Onsite Message-ID: <20130129200418.16A52321D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Studio Onsite ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0210-1 Rating: low References: #659843 #697647 #698161 #700105 #702044 #703829 #705208 #705717 #708711 #713158 #713167 #713173 #714748 #714927 #716149 #716992 #721580 #724787 #725706 #726337 #728312 #728357 #728645 #728885 #729251 #729315 #729636 #732020 #732247 #734887 #735112 #736491 #736775 #740073 #743159 #745548 #747346 #747898 #752259 #752604 #754344 #755915 #756775 #757548 #759341 #760331 #760502 #760713 #761599 #761828 #762161 #762442 #764197 #764199 #765696 #766014 #766554 #766646 #766720 #767065 #767210 #767274 #769844 #770324 #771114 #771859 #776769 #777161 #777521 #777644 #778526 #779085 #781112 #781389 #781848 #782092 #786381 #786730 #787924 #789411 #798508 Affected Products: SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 ______________________________________________________________________________ An update that has 81 recommended fixes can now be installed. It includes two new package versions. Description: This update provides SUSE Studio Onsite 1.2.4, which fixes several bugs: * Entering login name with leading whitespace causes error * SLMS is not able to sync properly with Studio Onsite after upgrading from 1.1 to 1.2 * SLES11 SP1 image created on SLES11SP2/SLEPOS11SP2 is recreated on each boot * timezone not considered when building SLES11 SP1 or SP2 * Cronjob does not check if last run is in the future * Time falling behind 4 hours each reboot of updated appliance * Built XEN Images of SLES11SP2 JeOS Appliance don't include /boot/initrd.xen * XEN images can't be extracted * SUSE Manager integration is not available for SLE11 SP2 * EC2 builds fail after updating Kiwi4 * Available image types list is not updated after dist upgrade * SLES for VMware SP2 appliance - missing warning message in non-vSphere environment * Overlay files not found when building an appliance * No ability to package version downgrade without its removal * Ensure that ntpd is running * API request to start a new build with empty image_type parameter leads to error * Kiwi: use qemu-img convert instead of cat during image compression * API call to get overlay file contents fails * Add support for sa-east-1 and us-west-2 * SLE11 SP1 appliances are not 4k aligned * Update kiwi import code after upgrade of kiwi4 package * Preload ISO is broken if appliance name > 40 characters * Preload ISO issue with LVM volumes * /etc/init.d/suse_studio_firstboot fails to detect testdrive in case of s390x * ui server is degraded by activesupport security update * [API] Overlay file attribute 'extract' missing in API * Clicking on version icon returns "Undefined method 'name'" * SLES for VMware is missing grub branding * System z DASD format fails to build * boot.clock is always failing * Incorrect input id in login form * 'Modified files' are not working on s390 testdrive * SLE10SP4 bootimage misses virtio driver * qemu package is required by kiwi * Appliance graphic colors are set to 16 bit, need 24 * Uncaught SyntaxError in firefox debug console * 500 Internal Server Error on 'running_builds/' via API * No ability to rename appliance. Additionally, Kiwi4 was updated to version 4.85.65, bringing many fixes and improvements. Please refer to the package change log for more details. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-susestudio-201301-7244 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-susestudio-201301-7244 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.2 (x86_64) [New Version: 1.2.4 and 4.85.65]: kiwi4-4.85.65-0.11.5 kiwi4-desc-isoboot-4.85.65-0.11.5 kiwi4-desc-netboot-4.85.65-0.11.5 kiwi4-desc-oemboot-4.85.65-0.11.5 kiwi4-desc-vmxboot-4.85.65-0.11.5 kiwi4-doc-4.85.65-0.11.5 kiwi4-tools-4.85.65-0.11.5 susestudio-1.2.4-0.21.1 susestudio-clicfs-1.2.4-0.21.1 susestudio-common-1.2.4-0.21.1 susestudio-image-helpers-1.2.4-0.5.7 susestudio-parted-1.2.4-0.21.1 susestudio-rmds-1.2.4-0.21.1 susestudio-runner-1.2.4-0.21.1 susestudio-squashfs-1.2.4-0.21.1 susestudio-thoth-1.2.4-0.21.1 susestudio-ui-server-1.2.4-0.21.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 1.2.4 and 4.85.65]: kiwi4-4.85.65-0.11.5 kiwi4-desc-oemboot-4.85.65-0.11.5 kiwi4-desc-vmxboot-4.85.65-0.11.5 kiwi4-tools-4.85.65-0.11.5 susestudio-1.2.4-0.21.1 susestudio-common-1.2.4-0.21.1 susestudio-image-helpers-1.2.4-0.5.7 susestudio-runner-1.2.4-0.21.1 susestudio-ui-server-1.2.4-0.21.1 References: https://bugzilla.novell.com/659843 https://bugzilla.novell.com/697647 https://bugzilla.novell.com/698161 https://bugzilla.novell.com/700105 https://bugzilla.novell.com/702044 https://bugzilla.novell.com/703829 https://bugzilla.novell.com/705208 https://bugzilla.novell.com/705717 https://bugzilla.novell.com/708711 https://bugzilla.novell.com/713158 https://bugzilla.novell.com/713167 https://bugzilla.novell.com/713173 https://bugzilla.novell.com/714748 https://bugzilla.novell.com/714927 https://bugzilla.novell.com/716149 https://bugzilla.novell.com/716992 https://bugzilla.novell.com/721580 https://bugzilla.novell.com/724787 https://bugzilla.novell.com/725706 https://bugzilla.novell.com/726337 https://bugzilla.novell.com/728312 https://bugzilla.novell.com/728357 https://bugzilla.novell.com/728645 https://bugzilla.novell.com/728885 https://bugzilla.novell.com/729251 https://bugzilla.novell.com/729315 https://bugzilla.novell.com/729636 https://bugzilla.novell.com/732020 https://bugzilla.novell.com/732247 https://bugzilla.novell.com/734887 https://bugzilla.novell.com/735112 https://bugzilla.novell.com/736491 https://bugzilla.novell.com/736775 https://bugzilla.novell.com/740073 https://bugzilla.novell.com/743159 https://bugzilla.novell.com/745548 https://bugzilla.novell.com/747346 https://bugzilla.novell.com/747898 https://bugzilla.novell.com/752259 https://bugzilla.novell.com/752604 https://bugzilla.novell.com/754344 https://bugzilla.novell.com/755915 https://bugzilla.novell.com/756775 https://bugzilla.novell.com/757548 https://bugzilla.novell.com/759341 https://bugzilla.novell.com/760331 https://bugzilla.novell.com/760502 https://bugzilla.novell.com/760713 https://bugzilla.novell.com/761599 https://bugzilla.novell.com/761828 https://bugzilla.novell.com/762161 https://bugzilla.novell.com/762442 https://bugzilla.novell.com/764197 https://bugzilla.novell.com/764199 https://bugzilla.novell.com/765696 https://bugzilla.novell.com/766014 https://bugzilla.novell.com/766554 https://bugzilla.novell.com/766646 https://bugzilla.novell.com/766720 https://bugzilla.novell.com/767065 https://bugzilla.novell.com/767210 https://bugzilla.novell.com/767274 https://bugzilla.novell.com/769844 https://bugzilla.novell.com/770324 https://bugzilla.novell.com/771114 https://bugzilla.novell.com/771859 https://bugzilla.novell.com/776769 https://bugzilla.novell.com/777161 https://bugzilla.novell.com/777521 https://bugzilla.novell.com/777644 https://bugzilla.novell.com/778526 https://bugzilla.novell.com/779085 https://bugzilla.novell.com/781112 https://bugzilla.novell.com/781389 https://bugzilla.novell.com/781848 https://bugzilla.novell.com/782092 https://bugzilla.novell.com/786381 https://bugzilla.novell.com/786730 https://bugzilla.novell.com/787924 https://bugzilla.novell.com/789411 https://bugzilla.novell.com/798508 http://download.novell.com/patch/finder/?keywords=e448303b028f8c14cd08c96a4c2fdf94 From sle-updates at lists.suse.com Wed Jan 30 15:04:22 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 30 Jan 2013 23:04:22 +0100 (CET) Subject: SUSE-RU-2013:0212-1: important: Recommended update for the release notes Message-ID: <20130130220422.54062321D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for the release notes ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0212-1 Rating: important References: #781781 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the release notes for SUSE Linux Enterprise Server 10 SP4. The changes in detail are: * New entry: AutoFS timeouts in direct mounts * Update of Performance Co-Pilot (package pcp) Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 10.4.12]: release-notes-sles-10.4.12-0.8.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 10.4.12]: release-notes-sles-10.4.12-0.8.1 References: https://bugzilla.novell.com/781781 http://download.novell.com/patch/finder/?keywords=5488eef13336e041a24839d4a127364e From sle-updates at lists.suse.com Wed Jan 30 15:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 30 Jan 2013 23:04:26 +0100 (CET) Subject: SUSE-RU-2013:0213-1: Recommended update for iotop Message-ID: <20130130220426.EFC6A321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for iotop ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0213-1 Rating: low References: #798967 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for iotop improves the program's manual page, explaining that only net and block I/O statistics are collected and shown by iotop. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-iotop-7242 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-iotop-7242 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): iotop-0.4.3-7.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): iotop-0.4.3-7.8.1 References: https://bugzilla.novell.com/798967 http://download.novell.com/patch/finder/?keywords=115c0bedff20438a0bab188233532688 From sle-updates at lists.suse.com Wed Jan 30 15:04:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 30 Jan 2013 23:04:30 +0100 (CET) Subject: SUSE-RU-2013:0214-1: Recommended update for yast2-mail Message-ID: <20130130220430.D3E03321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-mail ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0214-1 Rating: low References: #759050 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for YaST's Mail Configuration module (yast2-mail) fixes an issue where Postfix settings configured through AutoYaST were not activated after installation. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-mail-7237 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-mail-7237 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-mail-7237 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-mail-7237 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): yast2-mail-plugins-2.17.6-0.11.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): yast2-mail-2.17.6-0.11.2 yast2-mail-plugins-2.17.6-0.11.2 - SUSE Linux Enterprise Server 11 SP2 (noarch): yast2-mail-2.17.6-0.11.2 yast2-mail-plugins-2.17.6-0.11.2 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): yast2-mail-2.17.6-0.11.2 References: https://bugzilla.novell.com/759050 http://download.novell.com/patch/finder/?keywords=07e6a52eccaf4139c02ce572212b78e6 From sle-updates at lists.suse.com Wed Jan 30 15:04:34 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 30 Jan 2013 23:04:34 +0100 (CET) Subject: SUSE-RU-2013:0215-1: Recommended update for nss_ldap Message-ID: <20130130220434.B32E4321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update for nss_ldap ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0215-1 Rating: low References: #650508 #741922 #760613 #789584 #792494 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for nss_ldap provides fixes for the following issues: * nss_ldap always uses scope "sub" for nss_base_* mapping when filter is present * Databases listed after ldap under netgroup in nsswitch.conf do not get searched * No ldap lookups if nss_initgroups_ignoreusers exceeds a certain limit * "id" results mixed when configured for ldap * Slow socket descriptor leak Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-nss_ldap-7202 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-nss_ldap-7202 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-nss_ldap-7202 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): nss_ldap-262-11.32.37.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): nss_ldap-32bit-262-11.32.37.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): nss_ldap-262-11.32.37.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): nss_ldap-32bit-262-11.32.37.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): nss_ldap-x86-262-11.32.37.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): nss_ldap-262-11.32.37.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): nss_ldap-32bit-262-11.32.37.1 References: https://bugzilla.novell.com/650508 https://bugzilla.novell.com/741922 https://bugzilla.novell.com/760613 https://bugzilla.novell.com/789584 https://bugzilla.novell.com/792494 http://download.novell.com/patch/finder/?keywords=527e889d144eaddc6fb99d814196a267 From sle-updates at lists.suse.com Wed Jan 30 16:04:52 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 31 Jan 2013 00:04:52 +0100 (CET) Subject: SUSE-RU-2013:0216-1: Recommended update for nss_ldap Message-ID: <20130130230452.A6221321B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for nss_ldap ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0216-1 Rating: low References: #650508 #726393 #741922 #760613 #789584 #792494 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for nss_ldap provides fixes for the following issues: * nss_ldap always uses scope "sub" for nss_base_* mapping when filter is present * Databases listed after ldap under netgroup in nsswitch.conf do not get searched * No ldap lookups if nss_initgroups_ignoreusers exceeds a certain limit * "getent passwd" triggers a segmentation fault in nss_ldap when using too large uid/gidNumber values * "id" results mixed when configured for ldap * Slow socket descriptor leak Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): nss_ldap-259-4.17.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): nss_ldap-32bit-259-4.17.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): nss_ldap-x86-259-4.17.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): nss_ldap-64bit-259-4.17.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): nss_ldap-259-4.17.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): nss_ldap-32bit-259-4.17.1 References: https://bugzilla.novell.com/650508 https://bugzilla.novell.com/726393 https://bugzilla.novell.com/741922 https://bugzilla.novell.com/760613 https://bugzilla.novell.com/789584 https://bugzilla.novell.com/792494 http://download.novell.com/patch/finder/?keywords=f4a255aad5cf5aba5e9eef418b897df1 From sle-updates at lists.suse.com Wed Jan 30 16:04:57 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 31 Jan 2013 00:04:57 +0100 (CET) Subject: SUSE-RU-2013:0217-1: important: Recommended update of the release notes Message-ID: <20130130230457.5DF3F321EA@maintenance.suse.de> SUSE Recommended Update: Recommended update of the release notes ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0217-1 Rating: important References: #786275 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2. The changes in detail are: * Refer to white papers in the SLES resource library * Update of Performance Co-Pilot (package pcp) * New entry: The cachefilesd user-space daemon Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-sles-201301-7270 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-201301-7270 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.43]: release-notes-SLES-for-VMware-11.2.0.43-0.8.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.43]: release-notes-sles-11.2.0.43-0.8.2 References: https://bugzilla.novell.com/786275 http://download.novell.com/patch/finder/?keywords=f56096908e97b8d12265b1613c216d54 From sle-updates at lists.suse.com Wed Jan 30 17:04:27 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 31 Jan 2013 01:04:27 +0100 (CET) Subject: SUSE-RU-2013:0218-1: Recommended update for valgrind Message-ID: <20130131000427.B7C91321CE@maintenance.suse.de> SUSE Recommended Update: Recommended update for valgrind ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0218-1 Rating: low References: #776211 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides valgrind 3.8.1, which adds support for * Support for Intel AVX instructions and for AES instructions. This support is available only for 64 bit code. * Support for POWER Decimal Floating Point instructions * Non-libc malloc implementations are now supported * Tool developers can make replacement/wrapping more flexible thanks to the new option --soname-synonyms * The C++ demangler has been updated so as to work well with C++ compiled by up to at least g++ 4.6. * Increased limit for the --num-callers command line flag to 500 * Improved support for DWARF4 debugging information * Initial support for DWZ compressed Dwarf debug info * Modest performance gains through the use of translation chaining * Several improvements for s390x. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-valgrind-7010 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64) [New Version: 3.8.1]: valgrind-3.8.1-0.5.1 valgrind-devel-3.8.1-0.5.1 References: https://bugzilla.novell.com/776211 http://download.novell.com/patch/finder/?keywords=db6d43cc913a4f90bc4cd6922f23a3c8 From sle-updates at lists.suse.com Thu Jan 31 15:04:22 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 31 Jan 2013 23:04:22 +0100 (CET) Subject: SUSE-RU-2013:0223-1: Recommended update for s390-tools Message-ID: <20130131220422.D443132161@maintenance.suse.de> SUSE Recommended Update: Recommended update for s390-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0223-1 Rating: low References: #742352 #744317 #746660 #751339 #769290 #780272 #781333 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This collective update for s390-tools provides the following fixes: * zipl: Flush disk buffers before installing IPL record * qeth_configure: add option to udev rule if setting it succeeds, not if it fails * zfcp_host_configure: handle non-numeric "online" argument properly * *_configure: print meaningful error messages on failure * zfcp_san_disc: fix LUN scanning with SVC/V7000 * do not delete zfcpdump.image and zfcpdump.rd on upgrade * zfcp_disk_configure: add missing double quotes to prevent missing comparison operand * zfcp_disk_configure: prevent reading from nonexistent sysfs files * zfcp_disk_configure: wait for udev and handle initialization better * shorten some messages to prevent compilation failure with (longer) PTF version string Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-osasnmpd-7206 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (s390x): osasnmpd-1.15.0-0.111.115.1 s390-tools-1.15.0-0.111.115.1 References: https://bugzilla.novell.com/742352 https://bugzilla.novell.com/744317 https://bugzilla.novell.com/746660 https://bugzilla.novell.com/751339 https://bugzilla.novell.com/769290 https://bugzilla.novell.com/780272 https://bugzilla.novell.com/781333 http://download.novell.com/patch/finder/?keywords=6e5aeeab910b09793dd7e89740785054 From sle-updates at lists.suse.com Thu Jan 31 16:05:01 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Feb 2013 00:05:01 +0100 (CET) Subject: SUSE-RU-2013:0224-1: important: Recommended update for sled-release Message-ID: <20130131230501.B49E832161@maintenance.suse.de> SUSE Recommended Update: Recommended update for sled-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0224-1 Rating: important References: #781801 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an error in the product metadata for SUSE Linux Enterprise Desktop 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sled-release-7281 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sled-release-11.2-1.532 References: https://bugzilla.novell.com/781801 http://download.novell.com/patch/finder/?keywords=4c21181dfd02aa4c739a4fa5f923ba0a From sle-updates at lists.suse.com Thu Jan 31 17:04:25 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 1 Feb 2013 01:04:25 +0100 (CET) Subject: SUSE-RU-2013:0225-1: moderate: Recommended update for apparmor-profiles Message-ID: <20130201000425.AD30C321C0@maintenance.suse.de> SUSE Recommended Update: Recommended update for apparmor-profiles ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:0225-1 Rating: moderate References: #436262 #561152 #623886 #657054 #798566 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: The apparmor-profiles package was split off for SUSE Linux Enterprise 11 SP2, but not all changes from the main apparmor package to the profiles had been merged over. This update fixes the issue. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apparmor-profiles-7241 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apparmor-profiles-7241 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-apparmor-profiles-7241 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): apparmor-profiles-2.3-48.18.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): apparmor-profiles-2.3-48.18.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): apparmor-profiles-2.3-48.18.1 References: https://bugzilla.novell.com/436262 https://bugzilla.novell.com/561152 https://bugzilla.novell.com/623886 https://bugzilla.novell.com/657054 https://bugzilla.novell.com/798566 http://download.novell.com/patch/finder/?keywords=a329d261d6d532d9077380397c36b247