From sle-updates at lists.suse.com Tue Sep 3 08:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 3 Sep 2013 16:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1402-1: important: Recommended update for libwebkit Message-ID: <20130903140411.2056D320AD@maintenance.suse.de> SUSE Recommended Update: Recommended update for libwebkit ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1402-1 Rating: important References: #820928 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a regression in libwebkit, because the previous security update contained a patch that disabled JavaScript erroneously. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libwebkit-8292 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libwebkit-8291 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libwebkit-8292 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libwebkit-8291 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libwebkit-1_0-2-1.2.7-0.17.1 libwebkit-devel-1.2.7-0.17.1 libwebkit-lang-1.2.7-0.17.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libwebkit-1_0-2-1.2.7-0.17.1 libwebkit-devel-1.2.7-0.17.1 libwebkit-lang-1.2.7-0.17.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libwebkit-1_0-2-1.2.7-0.17.1 libwebkit-lang-1.2.7-0.17.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libwebkit-1_0-2-1.2.7-0.17.1 libwebkit-lang-1.2.7-0.17.1 References: https://bugzilla.novell.com/820928 http://download.novell.com/patch/finder/?keywords=0f8562f1b64850a30664140d6d89067b http://download.novell.com/patch/finder/?keywords=fdfb1edab39455c5dfae57f6fabb7ca6 From sle-updates at lists.suse.com Wed Sep 4 12:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Sep 2013 20:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1405-1: moderate: Recommended update for ibutils Message-ID: <20130904180411.347A33206B@maintenance.suse.de> SUSE Recommended Update: Recommended update for ibutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1405-1 Rating: moderate References: #832643 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for InfiniBand Diagnostic Tools (ibutils) fixes a syntax error that affected the ibdiagnet, ibdiagpath and ibdiagui utilities. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-ibutils-8212 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-ibutils-8211 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ibutils-8212 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ibutils-8212 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ibutils-8211 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ibutils-8211 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 x86_64): ibutils-devel-1.5.7-0.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 x86_64): ibutils-devel-32bit-1.5.7-0.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): ibutils-1.5.7-0.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64): ibutils-32bit-1.5.7-0.11.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 x86_64): ibutils-devel-1.5.4-0.7.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 x86_64): ibutils-devel-32bit-1.5.4-0.7.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): ibutils-1.5.4-0.7.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): ibutils-32bit-1.5.4-0.7.9.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ibutils-1.5.7-0.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): ibutils-32bit-1.5.7-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 x86_64): ibutils-1.5.7-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 x86_64): ibutils-32bit-1.5.7-0.11.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ibutils-1.5.4-0.7.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): ibutils-32bit-1.5.4-0.7.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): ibutils-1.5.4-0.7.9.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 x86_64): ibutils-32bit-1.5.4-0.7.9.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64): ibutils-1.5.4-0.15.1 ibutils-devel-1.5.4-0.15.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64): ibutils-32bit-1.5.4-0.15.1 ibutils-devel-32bit-1.5.4-0.15.1 References: https://bugzilla.novell.com/832643 http://download.novell.com/patch/finder/?keywords=55c36193257c03e62df73042d2d6550a http://download.novell.com/patch/finder/?keywords=95cbfd2954de70741011b93ee607f1d0 http://download.novell.com/patch/finder/?keywords=d7f26a706ee62382fd1ccc4bde063b3a From sle-updates at lists.suse.com Wed Sep 4 15:04:08 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 4 Sep 2013 23:04:08 +0200 (CEST) Subject: SUSE-SU-2013:1406-1: moderate: Security update for apache2-mod_security2 Message-ID: <20130904210408.DAA583206B@maintenance.suse.de> SUSE Security Update: Security update for apache2-mod_security2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1406-1 Rating: moderate References: #822664 Cross-References: CVE-2013-2765 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update of mod_security2 fixed a NULL pointer dereference crash (CVE-2013-2765) and a memory issue (double free()) (bnc#822664). Security Issue reference: * CVE-2013-2765 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-apache2-mod_security2-8148 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-mod_security2-8149 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-apache2-mod_security2-8149 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.7.1]: apache2-mod_security2-2.7.1-0.2.14.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): apache2-mod_security2-2.7.1-0.2.14.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-mod_security2-2.7.1-0.2.14.1 References: http://support.novell.com/security/cve/CVE-2013-2765.html https://bugzilla.novell.com/822664 http://download.novell.com/patch/finder/?keywords=bb1e84dd907580f719e2334ac7862a8b http://download.novell.com/patch/finder/?keywords=f6ac9c2074b0367fe392b99bf88da62a From sle-updates at lists.suse.com Thu Sep 5 18:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Sep 2013 02:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1407-1: Recommended update for gnome-bluetooth Message-ID: <20130906000410.3D5CD3206B@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-bluetooth ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1407-1 Rating: low References: #708836 #749545 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for the GNOME Bluetooth graphical utilities (gnome-bluetooth) fixes an issue with sending of files to Bluetooth devices that were already paired. It also sets a longer timeout for the SendFiles command. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gnome-bluetooth-7910 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-gnome-bluetooth-7894 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gnome-bluetooth-7910 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-gnome-bluetooth-7894 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): gnome-bluetooth-2.28.6-0.11.42 gnome-bluetooth-devel-2.28.6-0.11.42 gnome-bluetooth-lang-2.28.6-0.11.42 libgnome-bluetooth7-2.28.6-0.11.42 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): gnome-bluetooth-2.28.6-0.11.42 gnome-bluetooth-devel-2.28.6-0.11.42 gnome-bluetooth-lang-2.28.6-0.11.42 libgnome-bluetooth7-2.28.6-0.11.42 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gnome-bluetooth-2.28.6-0.11.42 gnome-bluetooth-lang-2.28.6-0.11.42 libgnome-bluetooth7-2.28.6-0.11.42 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gnome-bluetooth-2.28.6-0.11.42 gnome-bluetooth-lang-2.28.6-0.11.42 libgnome-bluetooth7-2.28.6-0.11.42 References: https://bugzilla.novell.com/708836 https://bugzilla.novell.com/749545 http://download.novell.com/patch/finder/?keywords=ecc6496e0c2e29d7a872646a7ff3ba9b http://download.novell.com/patch/finder/?keywords=f8b49d742d47484698259e1da77f218c From sle-updates at lists.suse.com Thu Sep 5 18:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Sep 2013 02:04:14 +0200 (CEST) Subject: SUSE-YU-2013:1408-1: important: Security update for libzypp Message-ID: <20130906000414.61EA0321CE@maintenance.suse.de> SUSE YOU Update: Security update for libzypp ______________________________________________________________________________ Announcement ID: SUSE-YU-2013:1408-1 Rating: important References: #828672 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes two new package versions. Description: libzypp did not handle multiple gpg pubkeys in the repomd.xml.key and content.key consistently and secure. Attackers could have exploited this to add their own keys and pretend it's from SUSE. Security Issue reference: * CVE-2013-3704 Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libzypp-8232 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libzypp-8231 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libzypp-8232 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libzypp-8232 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libzypp-8231 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libzypp-8231 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libzypp-8232 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libzypp-8231 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.37.1]: libzypp-devel-9.37.1-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.16.1]: libzypp-devel-9.16.1-0.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 9.37.1]: libzypp-9.37.1-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.37.1]: libzypp-9.37.1-0.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.16.1]: libzypp-9.16.1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.16.1]: libzypp-9.16.1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 9.37.1]: libzypp-9.37.1-0.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.16.1]: libzypp-9.16.1-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-3704.html https://bugzilla.novell.com/828672 http://download.novell.com/patch/finder/?keywords=f0c3c756b6f7adc654f65bab07dbfa5d http://download.novell.com/patch/finder/?keywords=f381dfd1d557b77879a92be2ddf5be54 From sle-updates at lists.suse.com Thu Sep 5 18:04:18 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 6 Sep 2013 02:04:18 +0200 (CEST) Subject: SUSE-RU-2013:1409-1: Recommended update for xorg-x11-driver-input Message-ID: <20130906000418.247E7321CE@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-driver-input ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1409-1 Rating: low References: #814831 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for X.Org input drivers adds an option to the evdev driver for better supporting Advanced Silicon CoolTouch device. Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xorg-x11-driver-input-7972 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xorg-x11-driver-input-7972 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xorg-x11-driver-input-7972 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): xorg-x11-driver-input-7.4-13.46.17 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 x86_64): xorg-x11-driver-input-7.4-13.46.17 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xorg-x11-driver-input-7.4-13.46.17 References: https://bugzilla.novell.com/814831 http://download.novell.com/patch/finder/?keywords=1fa4afb300a05e20ec3c7dc7313bd374 From sle-updates at lists.suse.com Mon Sep 9 13:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 9 Sep 2013 21:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1423-1: Recommended update for sblim-sfcb Message-ID: <20130909190411.25D52321AF@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-sfcb ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1423-1 Rating: low References: #820035 #830525 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for sblim-sfcb provides the following fixes: * Improve robustness of sblim-sfcb request header parsing, fixing errors when the XML header of posted request is too big. * Fix a resource leak leading to failure to operate when using the 'SfcbLocal' client interface together with Openwsman. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-sblim-sfcb-8206 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-sblim-sfcb-8206 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sblim-sfcb-8205 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sblim-sfcb-8205 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-sblim-sfcb-8206 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sblim-sfcb-8205 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): sblim-sfcb-1.3.11-0.23.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): sblim-sfcb-1.3.11-0.23.2 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sblim-sfcb-1.3.11-0.23.2 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sblim-sfcb-1.3.11-0.23.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): sblim-sfcb-1.3.11-0.23.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sblim-sfcb-1.3.11-0.23.2 References: https://bugzilla.novell.com/820035 https://bugzilla.novell.com/830525 http://download.novell.com/patch/finder/?keywords=54700131b3de5797f1a3f32a589cf5ef http://download.novell.com/patch/finder/?keywords=c3a169c02c0992b1ec6eebccaca38744 From sle-updates at lists.suse.com Mon Sep 9 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Sep 2013 00:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1424-1: Recommended update for hyper-v Message-ID: <20130909220410.6EDD632057@maintenance.suse.de> SUSE Recommended Update: Recommended update for hyper-v ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1424-1 Rating: low References: #828714 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issues: * a send/recv buffer allocation bug (bnc#828714) * wrong IPv6 subnet enumeration (bnc#828714) * Latest version of hyper-v-3-0.5.1 causes more CPU usage and issues warnings (bnc#770763) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-hyper-v-8198 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): hyper-v-4-0.13.2 References: https://bugzilla.novell.com/828714 http://download.novell.com/patch/finder/?keywords=d04ec2c259ccf41f8f90bc9949b386cb From sle-updates at lists.suse.com Mon Sep 9 16:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 10 Sep 2013 00:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1425-1: Recommended update for hyper-v Message-ID: <20130909220414.2424C321CE@maintenance.suse.de> SUSE Recommended Update: Recommended update for hyper-v ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1425-1 Rating: low References: #770763 #828714 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for Hyper-V fixes the following issues: * Fix a bug in version negotiation code for util (bnc#828714) * Cache FQDN in kvp_daemon to avoid timeouts (bnc#828714) * Fix send/recv buffer allocation (bnc#828714) * Set BOOTPROTO=static if any IPADDR/IP6ADDR was passed to hv_set_ifconfig and dhcp is disabled * Merge fixes from upstream hv_kvp_daemon (up to 3.11-rc1) * Fix a bug in IPV6 subnet enumeration (bnc#828714) * Skip restart_on_update with old hyper-v.rpms while old kernel is running (bnc#770763) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-hyper-v-8199 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-hyper-v-8199 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): hyper-v-5-0.11.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): hyper-v-5-0.11.1 References: https://bugzilla.novell.com/770763 https://bugzilla.novell.com/828714 http://download.novell.com/patch/finder/?keywords=370d332df6fe389c65f986003e63c1af From sle-updates at lists.suse.com Tue Sep 10 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Sep 2013 00:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1426-1: Recommended update for hal Message-ID: <20130910220410.5E30432061@maintenance.suse.de> SUSE Recommended Update: Recommended update for hal ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1426-1 Rating: low References: #779330 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for hal adds support for the "Mute Microphone" key found on HP Elitebook Folio 9470m. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-hal-7903 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-hal-7903 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-hal-7903 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-hal-7903 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): hal-devel-0.5.12-23.70.41 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): hal-0.5.12-23.70.41 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): hal-32bit-0.5.12-23.70.41 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): hal-0.5.12-23.70.41 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): hal-32bit-0.5.12-23.70.41 - SUSE Linux Enterprise Server 11 SP3 (ia64): hal-x86-0.5.12-23.70.41 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): hal-0.5.12-23.70.41 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): hal-32bit-0.5.12-23.70.41 References: https://bugzilla.novell.com/779330 http://download.novell.com/patch/finder/?keywords=8f40fa3133ea4eccde05273f338c07c0 From sle-updates at lists.suse.com Tue Sep 10 16:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Sep 2013 00:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1427-1: Recommended update for sles-release Message-ID: <20130910220414.374773227A@maintenance.suse.de> SUSE Recommended Update: Recommended update for sles-release ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1427-1 Rating: low References: #832478 Affected Products: SUSE Linux Enterprise Real Time 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update enables SUSE Linux Enterprise Real Time 11 SP2 to online migrate to SUSE Linux Enterprise Real Time 11 SP3. Indications: Enablement of Upgrade to SLE RTE 11-SP3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP2: zypper in -t patch slertesp2-SLERT-SP3-Migration-8144 slertesp2-sles-release-8142 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP2 (x86_64): SUSE-Linux-Enterprise-RT-SP3-migration-11.2-1.14 SUSE-Linux-Enterprise-RT-release-11.2-1.19 sles-release-11.2-3.1 References: https://bugzilla.novell.com/832478 http://download.novell.com/patch/finder/?keywords=8413feaddf69230f8a34ea9f6d6f15cc http://download.novell.com/patch/finder/?keywords=9eb5d15f6327115d38c520d4e4d4d7c8 From sle-updates at lists.suse.com Wed Sep 11 10:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Sep 2013 18:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1429-1: Recommended update for release-notes-sles and release-notes-SLES-for-VMware Message-ID: <20130911160409.A4A17321AF@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles and release-notes-SLES-for-VMware ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1429-1 Rating: low References: #828181 #828888 #829664 #831891 #832630 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP3. * New entries: o Upgrade Bind to version 9.9 (bnc#831891) o Multipath Configuration Change (bnc#828888). * Changed entries: o Packages and Features to Be Removed in the Future: dhcp-client will stay, dhcpv6 will be discontinued (bnc#829664) o Updated qla2xxx to version 8.04.00.13.11.3-k (bnc#832630). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-release-notes-sles-201308-8179 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-release-notes-sles-201308-8179 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 11.3.25]: release-notes-SLES-for-VMware-11.3.25-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.3.25]: release-notes-sles-11.3.25-0.7.1 References: https://bugzilla.novell.com/828181 https://bugzilla.novell.com/828888 https://bugzilla.novell.com/829664 https://bugzilla.novell.com/831891 https://bugzilla.novell.com/832630 http://download.novell.com/patch/finder/?keywords=bc51cd9424ef0a28f3a06a3c139fa146 From sle-updates at lists.suse.com Wed Sep 11 10:04:13 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Sep 2013 18:04:13 +0200 (CEST) Subject: SUSE-RU-2013:1430-1: Recommended update for release-notes-sles and release-notes-SLES-for-VMware Message-ID: <20130911160413.82EA13227A@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles and release-notes-SLES-for-VMware ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1430-1 Rating: low References: #822523 #829198 #829664 #832735 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2 with the following changes: * New entries: Hyper-V: Time Synchronization * Updated entries: Packages and Features to Be Removed in the Future: dhcpv6 * Updated entries: Bind update to version 9.9. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-sles-201309-8244 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-201309-8244 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.48]: release-notes-SLES-for-VMware-11.2.0.48-0.15.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.48]: release-notes-sles-11.2.0.48-0.15.1 References: https://bugzilla.novell.com/822523 https://bugzilla.novell.com/829198 https://bugzilla.novell.com/829664 https://bugzilla.novell.com/832735 http://download.novell.com/patch/finder/?keywords=fbaee7c2ff30a730623dda205826fd71 From sle-updates at lists.suse.com Wed Sep 11 15:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 11 Sep 2013 23:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1431-1: Recommended update for pssh and python-pssh Message-ID: <20130911210409.5D838321E7@maintenance.suse.de> SUSE Recommended Update: Recommended update for pssh and python-pssh ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1431-1 Rating: low References: #828897 #829008 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for pssh returns the status of ssh commands in the proper order, which helps with crmsh resource testing and history. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-pssh-8056 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): pssh-2.3.1-0.9.9 python-pssh-2.3.1-0.9.9 References: https://bugzilla.novell.com/828897 https://bugzilla.novell.com/829008 http://download.novell.com/patch/finder/?keywords=2daa7aa3ef25e7b7e889660850ebab2a From sle-updates at lists.suse.com Thu Sep 12 10:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 12 Sep 2013 18:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1434-1: Recommended update for KVM Message-ID: <20130912160412.AD3343227A@maintenance.suse.de> SUSE Recommended Update: Recommended update for KVM ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1434-1 Rating: low References: #821819 #824340 #829800 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update from kvm 1.4.1 to 1.4.2 provides the following fixes and enhancements: * Backport TLS support for VNC Websockets from QEMU v1.5.0 (bnc#821819, fate#315032) * Fixes for s390x dictzip support (bnc#824340). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kvm-8166 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kvm-8166 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.7.1 References: https://bugzilla.novell.com/821819 https://bugzilla.novell.com/824340 https://bugzilla.novell.com/829800 http://download.novell.com/patch/finder/?keywords=ae8676d2259b885b6d9e75efd08683eb From sle-updates at lists.suse.com Fri Sep 13 13:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 21:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1445-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130913190410.039F53236D@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1445-1 Rating: low References: #826909 #828453 #829073 #832776 #833643 #834200 #834780 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This collective update provides the following fixes and enhancements: koan: * Fix cobbler checks on SUSE. rhncfg: * Change rhncfg-* --server-name to overwrite rhncfg-*.conf * Add Unicode support for Remote Command scripts. rhnlib: * Fix some issues with the new timeout option. spacewalk-backend-libs: * Filter out bad package/architecture combinations. spacewalk-client-tools: * Print prompt on tty instead of stdout * Add Unicode support for Remote Command scripts. spacewalk-koan: * Enable VNC for all virtualization types. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-client-tools-201309-8246 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): koan-2.2.2-0.33.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SUSE Manager Client Tools for SLE 11 SP2 (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.1 - SLE CLIENT TOOLS 10 for x86_64 (x86_64): koan-2.2.2-0.32.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SLE CLIENT TOOLS 10 for x86_64 (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.2 - SLE CLIENT TOOLS 10 for s390x (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.2 - SLE CLIENT TOOLS 10 for s390x (s390x): koan-2.2.2-0.32.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.2 - SLE CLIENT TOOLS 10 for ia64 (ia64): koan-2.2.2-0.32.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SLE CLIENT TOOLS 10 for PPC (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.2 - SLE CLIENT TOOLS 10 for PPC (ppc): koan-2.2.2-0.32.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SLE CLIENT TOOLS 10 (noarch): rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-koan-1.7.1.6-0.5.2 - SLE CLIENT TOOLS 10 (i586): koan-2.2.2-0.32.1 rhnlib-2.5.51.5-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 References: https://bugzilla.novell.com/826909 https://bugzilla.novell.com/828453 https://bugzilla.novell.com/829073 https://bugzilla.novell.com/832776 https://bugzilla.novell.com/833643 https://bugzilla.novell.com/834200 https://bugzilla.novell.com/834780 http://download.novell.com/patch/finder/?keywords=0f541ad09b1b0de647c4ccb112c15873 http://download.novell.com/patch/finder/?keywords=b16fe140e0f37f20411c4d07956e056d From sle-updates at lists.suse.com Fri Sep 13 13:04:14 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 21:04:14 +0200 (CEST) Subject: SUSE-RU-2013:1446-1: Recommended update for SUSE Manager 1.7 Message-ID: <20130913190414.1596C3236F@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1446-1 Rating: low References: #794530 #799068 #801971 #803540 #805814 #809954 #812037 #813240 #813266 #813268 #813506 #817869 #824146 #824361 #824581 #824597 #824758 #824775 #825673 #825727 #826734 #828216 #828453 #828879 #829034 #829035 #829073 #829961 #829966 #832776 #833238 #833511 #833566 #833643 #833762 #833947 #833948 #833950 #833954 #834200 #834780 #835681 #837035 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 43 recommended fixes can now be installed. It includes 14 new package versions. Description: This collective update for SUSE Manager 1.7 provides enhancements and new features: * Implement Inter Server Sync (ISS) (FATE#312371) Let SUSE Manager sync from another SUSE Manager or import data from a disk dump. * CVE Audit (FATE#312907) Search for a CVE number and get the results for all server if they are patched or not patched. In case of not patched it shows the channel where a patch is available. This Audit consider cloned channels, older and newer Service Packs. * Make CSV separator configurable (FATE#312907) * Support new products and channels: SMT11 SP3 and SLES10-SP4-LTSS (FATE#313494) Additionally, the following issues have been fixed: cobbler: * Fix cobbler checks on SUSE. rhnlib: * Fix some issues with the new timeout option. smdba: * Add sudo permission check. sm-ncc-sync-data: * Add SMT11 SP3 and SLES10-SP4-LTSS channel definitions. spacecmd: * Fix spacecmd ssm 'list' has no attribute 'keys' error. spacewalk-admin: * Give CA a unique name. spacewalk-backend: * Add option to disable Expect header for post request * Re-import all patches with param deep-verify * Rewrite package org to match where they got imported * Fix field length of erratum-advisory-name to match real DB field length * Forward register and de-register requests to parent * Copy SUSE product and subscription information into the disk dump * Add handler for NCC sync data used by ISS * Import/export Support Information * Sync suseProductFiles with inter-server-sync * Dump and read rhn-channel-update-tag * Add curl debugging to send and accessible * Filter out bad package/architecture combinations * Handle unicode tracebacks * Handle compressed products file * Make reposync work with local repositories * Ensure the file object is closed only when no IOError took place. spacewalk-branding: * Rephrase the notice text even for admin users * Do not show link to the admin page to non-admins * User string cosmetic change in the Details page of a non-entitled system * Fix keys for SSH push task status and bunch description. spacewalk-client-tools: * Print prompt on tty instead of stdout * Unicode support for Remote Command scripts. spacewalk-java: * Fix link to the documentation * Fix CVE Audit query to run with oracle DB * Allow Hibernate to distinguish packages with identical name, arch and evr * Do not show link to the admin page to non-admins * CobblerSystemCreateCommand: do not fail if distro breed is null * Explicitly require libxml2 for kickstarts to avoid error * Escaping system name on multiple pages * API call setChildChannels should produce snapshot * Changing of base channel via API should produce snapshot * Remove entitlement from channels before deletion * Add newline after writing kickstart_start var * Fix wrong escaping of UTF-8 strings * Fix HTML not being escaped in package information * Fix a NPE when a system virtual instance does not have a corresponding info object * Fix metadata if capability version starts with a colon * Generate pre flag into the metadata * Fix reinstall of products by writing correct epoch in products.xml * Set archive value for installed package size * IBM Java core dumps should all go to /var/crash * Fix entitlement addition NPE. spacewalk-reports: * Fix spacewalk-reports host-guests on oracle databases * Add support for SQL LIKE predicates * Inventory report should now display correct number of errata * Modify description to better explain what these reports do * Fix branding. spacewalk-web: * Use default rhn.conf only when it exists * Parent channel cannot be a shared channel from different org when cloning * Lookup for defaults also in /usr/share/rhn/config-defaults/rhn.conf. susemanager-jsp_en: * Update online manual for SUSE Manager 1.7. susemanager-manuals_en: * Update some images. * Update the HTML and PDF output formats. * Mention SLE 11 SP3 and OES 11 as supported client systems. * Add Documentation about CVE Audit and ISS * Fix various minor bugs. susemanager-schema: * Remove bad initial condition from max(evr_t) * Prevent empty values (db_host, db_port) in rhn.conf * Regenerate repodata for all channels to get package installed size * Make mgr-register-bunch a common bunch. susemanager: * Add profilename as hostname and moniker to NCC registration * Forward registrations to ISS parent if we are a slave * Use register URL from configuration file * Rename satellite-sync to mgr-inter-sync * Call mgr-ncc-sync with option --refresh at the end of a setup * Show error in the YaST setup module * Allow only ASCII characters in the SSL certificate * Clear existing DB on setup * Interrupt SUSE Manager setup on error * Fix help of mgr-ncc-sync. susemanager-tftpsync: * Check if there are proxies configured for syncing. How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-suse-manager-201309-8258 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.2,1.7.1.9,1.7.2,1.7.24,1.7.38.28,1.7.7.11 and 2.5.51.5]: cobbler-2.2.2-0.33.1 rhnlib-2.5.51.5-0.5.1 smdba-1.2-0.11.1 spacecmd-1.7.7.11-0.5.1 spacewalk-backend-1.7.38.28-0.5.1 spacewalk-backend-app-1.7.38.28-0.5.1 spacewalk-backend-applet-1.7.38.28-0.5.1 spacewalk-backend-config-files-1.7.38.28-0.5.1 spacewalk-backend-config-files-common-1.7.38.28-0.5.1 spacewalk-backend-config-files-tool-1.7.38.28-0.5.1 spacewalk-backend-iss-1.7.38.28-0.5.1 spacewalk-backend-iss-export-1.7.38.28-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 spacewalk-backend-package-push-server-1.7.38.28-0.5.1 spacewalk-backend-server-1.7.38.28-0.5.1 spacewalk-backend-sql-1.7.38.28-0.5.1 spacewalk-backend-sql-oracle-1.7.38.28-0.5.1 spacewalk-backend-sql-postgresql-1.7.38.28-0.5.1 spacewalk-backend-tools-1.7.38.28-0.5.1 spacewalk-backend-xml-export-libs-1.7.38.28-0.5.1 spacewalk-backend-xmlrpc-1.7.38.28-0.5.1 spacewalk-backend-xp-1.7.38.28-0.5.1 spacewalk-branding-1.7.1.9-0.5.1 susemanager-1.7.24-0.5.4 susemanager-tftpsync-1.7.2-0.5.1 susemanager-tools-1.7.24-0.5.4 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.1.7,1.7.13,1.7.14.17,1.7.28.18,1.7.4.5,1.7.54.27 and 1.7.56.21]: sm-ncc-sync-data-1.7.13-0.5.1 spacewalk-admin-1.7.4.5-0.5.1 spacewalk-base-1.7.28.18-0.5.1 spacewalk-base-minimal-1.7.28.18-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-grail-1.7.28.18-0.5.1 spacewalk-html-1.7.28.18-0.5.1 spacewalk-java-1.7.54.27-0.5.1 spacewalk-java-config-1.7.54.27-0.5.1 spacewalk-java-lib-1.7.54.27-0.5.1 spacewalk-java-oracle-1.7.54.27-0.5.1 spacewalk-java-postgresql-1.7.54.27-0.5.1 spacewalk-pxt-1.7.28.18-0.5.1 spacewalk-reports-1.7.1.7-0.5.1 spacewalk-sniglets-1.7.28.18-0.5.1 spacewalk-taskomatic-1.7.54.27-0.5.1 susemanager-client-config_en-pdf-1.7-0.17.2 susemanager-install_en-pdf-1.7-0.17.2 susemanager-jsp_en-1.7-0.17.2 susemanager-manuals_en-1.7-0.17.2 susemanager-proxy-quick_en-pdf-1.7-0.17.2 susemanager-quick_en-pdf-1.7-0.17.2 susemanager-reference_en-pdf-1.7-0.17.2 susemanager-schema-1.7.56.21-0.5.1 References: https://bugzilla.novell.com/794530 https://bugzilla.novell.com/799068 https://bugzilla.novell.com/801971 https://bugzilla.novell.com/803540 https://bugzilla.novell.com/805814 https://bugzilla.novell.com/809954 https://bugzilla.novell.com/812037 https://bugzilla.novell.com/813240 https://bugzilla.novell.com/813266 https://bugzilla.novell.com/813268 https://bugzilla.novell.com/813506 https://bugzilla.novell.com/817869 https://bugzilla.novell.com/824146 https://bugzilla.novell.com/824361 https://bugzilla.novell.com/824581 https://bugzilla.novell.com/824597 https://bugzilla.novell.com/824758 https://bugzilla.novell.com/824775 https://bugzilla.novell.com/825673 https://bugzilla.novell.com/825727 https://bugzilla.novell.com/826734 https://bugzilla.novell.com/828216 https://bugzilla.novell.com/828453 https://bugzilla.novell.com/828879 https://bugzilla.novell.com/829034 https://bugzilla.novell.com/829035 https://bugzilla.novell.com/829073 https://bugzilla.novell.com/829961 https://bugzilla.novell.com/829966 https://bugzilla.novell.com/832776 https://bugzilla.novell.com/833238 https://bugzilla.novell.com/833511 https://bugzilla.novell.com/833566 https://bugzilla.novell.com/833643 https://bugzilla.novell.com/833762 https://bugzilla.novell.com/833947 https://bugzilla.novell.com/833948 https://bugzilla.novell.com/833950 https://bugzilla.novell.com/833954 https://bugzilla.novell.com/834200 https://bugzilla.novell.com/834780 https://bugzilla.novell.com/835681 https://bugzilla.novell.com/837035 http://download.novell.com/patch/finder/?keywords=1101cf958f5fba84157b398efd43f726 From sle-updates at lists.suse.com Fri Sep 13 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 22:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1447-1: Recommended update for SUSE Manager Proxy 1.7 Message-ID: <20130913200411.A78FD321E7@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1447-1 Rating: low References: #829073 #832776 #833643 #833685 #834200 #834780 #837035 Affected Products: SUSE Manager Proxy 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. It includes 6 new package versions. Description: This collective update for SUSE Manager Proxy 1.7 provides the following fixes and enhancements: rhncfg: * Change rhncfg-* --server-name to overwrite rhncfg-*.conf * Unicode support for Remote Command scripts. rhnlib: * Fix some issues with the new timeout option. spacewalk-backend: * Filter out bad package/architecture combinations * Ensure the file object is closed only when no IOError took place. spacewalk-client-tools: * Print prompt on tty instead of stdout * Add Unicode support for Remote Command scripts. spacewalk-proxy: * Add comment for new timeout option. spacewalk-web: * Use default rhn.conf only when it exists * Lookup for defaults also in /usr/share/rhn/config-defaults/rhn.conf. How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.7 for SLE 11 SP2: zypper in -t patch slemap17sp2-suse-manager-proxy-201309-8259 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.38.28 and 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 spacewalk-backend-1.7.38.28-0.5.1 spacewalk-backend-libs-1.7.38.28-0.5.1 - SUSE Manager Proxy 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.12.11,1.7.14.17,1.7.28.18 and 5.10.27.12]: rhncfg-5.10.27.12-0.5.1 rhncfg-actions-5.10.27.12-0.5.1 rhncfg-client-5.10.27.12-0.5.1 rhncfg-management-5.10.27.12-0.5.1 spacewalk-base-minimal-1.7.28.18-0.5.1 spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 spacewalk-proxy-broker-1.7.12.11-0.5.2 spacewalk-proxy-common-1.7.12.11-0.5.2 spacewalk-proxy-management-1.7.12.11-0.5.2 spacewalk-proxy-package-manager-1.7.12.11-0.5.2 spacewalk-proxy-redirect-1.7.12.11-0.5.2 References: https://bugzilla.novell.com/829073 https://bugzilla.novell.com/832776 https://bugzilla.novell.com/833643 https://bugzilla.novell.com/833685 https://bugzilla.novell.com/834200 https://bugzilla.novell.com/834780 https://bugzilla.novell.com/837035 http://download.novell.com/patch/finder/?keywords=a47822aa6ea632e97335f1a8e88d55f8 From sle-updates at lists.suse.com Fri Sep 13 14:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 22:04:15 +0200 (CEST) Subject: SUSE-SU-2013:1448-1: important: Security update for oracle-update Message-ID: <20130913200415.E7FD432370@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1448-1 Rating: important References: #836732 Cross-References: CVE-2013-3751 CVE-2013-3760 CVE-2013-3771 CVE-2013-3774 CVE-2013-3789 CVE-2013-3790 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This version upgrade of oracle-update fixed multiple security issues. A detailed description can be found in the original advisory: http://www.oracle.com/technetwork/topics/security/cpujuly201 3-1899826.html Security Issue references: * CVE-2013-3751 * CVE-2013-3774 * CVE-2013-3760 * CVE-2013-3771 * CVE-2013-3789 * CVE-2013-3790 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-oracle-update-8249 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-oracle-update-8248 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): oracle-update-1.7-0.21.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): oracle-update-1.7-0.4.22.1 References: http://support.novell.com/security/cve/CVE-2013-3751.html http://support.novell.com/security/cve/CVE-2013-3760.html http://support.novell.com/security/cve/CVE-2013-3771.html http://support.novell.com/security/cve/CVE-2013-3774.html http://support.novell.com/security/cve/CVE-2013-3789.html http://support.novell.com/security/cve/CVE-2013-3790.html https://bugzilla.novell.com/836732 http://download.novell.com/patch/finder/?keywords=4c6053cb535cc190ac1d124f30376947 http://download.novell.com/patch/finder/?keywords=e21c13500d5e8f7827e265a0e54f254c From sle-updates at lists.suse.com Fri Sep 13 14:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 22:04:21 +0200 (CEST) Subject: SUSE-RU-2013:1449-1: Recommended update for release-notes-susemanager Message-ID: <20130913200421.C0D3332370@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1449-1 Rating: low References: #839159 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest version of the release notes for SUSE Manager 1.7, reflecting new major features: * Add OES11 as supported OS * Product view for mgr-ncc-sync * Creation of kickstart profiles needs anaconda package * Automatically create users from LDAP group * Database recovery * New autoinstallation snippet * Network scanner * Multiple mirror credentials * Service Pack migration * SUSE Manager proxy migration. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-release-notes-susemanager-8313 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): release-notes-susemanager-1.7.0-0.15.2 References: https://bugzilla.novell.com/839159 http://download.novell.com/patch/finder/?keywords=d19e232aabf27b99c601d20eb5cab4e1 From sle-updates at lists.suse.com Fri Sep 13 14:04:26 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 22:04:26 +0200 (CEST) Subject: SUSE-SU-2013:1450-1: moderate: Security update for wireshark Message-ID: <20130913200426.0834332370@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1450-1 Rating: moderate References: #831718 Cross-References: CVE-2013-4929 CVE-2013-4930 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. It includes one version update. Description: This wireshark version update from 1.8.8 to 1.8.9 includes several security and general bug fixes. (bnc#831718) http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html * The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45 * The DIS dissector could go into a large loop CVE-2013-4929 wnpa-sec-2013-47 * The DVB-CI dissector could crash CVE-2013-4930 wnpa-sec-2013-48 * The GSM RR dissector (and possibly others) could go into a large loop CVE-2013-4931 wnpa-sec-2013-49 * The GSM A Common dissector could crash CVE-2013-4932 wnpa-sec-2013-50 * The Netmon file parser could crash CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-51 * The ASN.1 PER dissector could crash CVE-2013-4935 wnpa-sec-2013-52 The release also fixes various non-security issues. Please see the package changelog for details. Security Issues: * CVE-2013-4927 * CVE-2013-4929 * CVE-2013-4930 * CVE-2013-4931 * CVE-2013-4932 * CVE-2013-4933 * CVE-2013-4934 * CVE-2013-4935 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-wireshark-8319 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-wireshark-8318 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wireshark-8319 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wireshark-8319 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-wireshark-8318 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-wireshark-8318 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wireshark-8319 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-wireshark-8318 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.9]: wireshark-devel-1.8.9-0.2.5 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.9]: wireshark-devel-1.8.9-0.2.5 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.8.9]: wireshark-1.8.9-0.2.5 References: http://support.novell.com/security/cve/CVE-2013-4929.html http://support.novell.com/security/cve/CVE-2013-4930.html http://support.novell.com/security/cve/CVE-2013-4931.html http://support.novell.com/security/cve/CVE-2013-4932.html http://support.novell.com/security/cve/CVE-2013-4933.html http://support.novell.com/security/cve/CVE-2013-4934.html http://support.novell.com/security/cve/CVE-2013-4935.html https://bugzilla.novell.com/831718 http://download.novell.com/patch/finder/?keywords=022ef94780b3573f7b50dcb5e0698cca http://download.novell.com/patch/finder/?keywords=a9daa9b5603bdd9c6e42c3f6b0733728 From sle-updates at lists.suse.com Fri Sep 13 14:04:30 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 13 Sep 2013 22:04:30 +0200 (CEST) Subject: SUSE-RU-2013:1451-1: Recommended update for SUSE Manager Client Tools Message-ID: <20130913200430.4D4EA32370@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1451-1 Rating: low References: #838400 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes two new package versions. Description: This collective update provides the following fixes and enhancements: rhnlib: * Fix some issues with the new timeout option. spacewalk-client-tools: * Print prompt on tty instead of stdout * Add Unicode support for Remote Command scripts. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-client-tools-201309-8306 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-client-tools-201309-8306 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-client-tools-201309-8305 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-client-tools-201309-8305 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-client-tools-201309-8306 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-client-tools-201309-8305 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.5.51.5]: rhnlib-2.5.51.5-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 1.7.14.17]: spacewalk-check-1.7.14.17-0.5.1 spacewalk-client-setup-1.7.14.17-0.5.1 spacewalk-client-tools-1.7.14.17-0.5.1 References: https://bugzilla.novell.com/838400 http://download.novell.com/patch/finder/?keywords=a376c14f965d05448d2b074632532a43 http://download.novell.com/patch/finder/?keywords=e5489f6edd0a449bc81501cc2f54f63d From sle-updates at lists.suse.com Mon Sep 16 13:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 16 Sep 2013 21:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1455-1: Recommended update for multipath-tools Message-ID: <20130916190411.8BFAC3236E@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1455-1 Rating: low References: #789239 #820899 #824148 #824913 #828868 #832796 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for multipath-tools provides the following fixes: * Specify checker_timeout in seconds. (bnc#824913) * Fix setting of fast_io_fail_tmo. (bnc#824148) * Reset queue_if_no_path if flush failed. (bnc#828868) * Document 'wwids_file' and 'reservation_key'. (bnc#820899) * Correctly display 'timeout' checker status. * Fix typo in retain_attached_hw_handler. * Do not print 'path is up' for removed paths. (bnc#789239) * Proactively remove path. (bnc#789239) * Do not call tur in sync mode if pthread_cancel fails. (bnc#832796) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kpartx-8165 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kpartx-8165 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kpartx-8165 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): kpartx-0.4.9-0.91.1 multipath-tools-0.4.9-0.91.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): kpartx-0.4.9-0.91.1 multipath-tools-0.4.9-0.91.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): kpartx-0.4.9-0.91.1 multipath-tools-0.4.9-0.91.1 References: https://bugzilla.novell.com/789239 https://bugzilla.novell.com/820899 https://bugzilla.novell.com/824148 https://bugzilla.novell.com/824913 https://bugzilla.novell.com/828868 https://bugzilla.novell.com/832796 http://download.novell.com/patch/finder/?keywords=f56af8c39f16eb67c6cdcd6a9f40416a From sle-updates at lists.suse.com Tue Sep 17 15:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 17 Sep 2013 23:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1460-1: Recommended update for python-dmidecode Message-ID: <20130917210410.314B732246@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-dmidecode ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1460-1 Rating: low References: #823328 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for python-dmidecode fixes a segmentation fault that was caused by missing checks for null DMI strings. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-python-dmidecode-7986 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-dmidecode-7987 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-dmidecode-7987 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-python-dmidecode-7986 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-python-dmidecode-7986 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-dmidecode-7987 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-python-dmidecode-7986 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): python-dmidecode-3.10.11-0.10.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): python-dmidecode-3.10.11-0.10.1 References: https://bugzilla.novell.com/823328 http://download.novell.com/patch/finder/?keywords=10d016559347835b137da717aaeca932 http://download.novell.com/patch/finder/?keywords=46d83829967c9af3d4f88d9673d5313a From sle-updates at lists.suse.com Wed Sep 18 06:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Sep 2013 14:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1464-1: important: Security update for flash-player Message-ID: <20130918120411.6F05C32074@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1464-1 Rating: important References: #839897 Cross-References: CVE-2013-3361 CVE-2013-3362 CVE-2013-3363 CVE-2013-5324 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: Adobe flash-player has been updated to version 11.2.202.310 (ABSP13-21) which fixes several bugs and security issues. (SUSE bnc#839897) These updates resolve memory corruption vulnerabilities that could have lead to code execution (CVE-2013-3361, CVE-2013-3362, CVE-2013-3363, CVE-2013-5324). The official advisory can be found on https://www.adobe.com/support/security/bulletins/apsb13-21.h tml Security Issue reference references: * CVE-2013-3361 * CVE-2013-3362 * CVE-2013-3363 * CVE-2013-5324 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-8331 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-flash-player-8330 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.310]: flash-player-11.2.202.310-0.3.1 flash-player-gnome-11.2.202.310-0.3.1 flash-player-kde4-11.2.202.310-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.310]: flash-player-11.2.202.310-0.3.1 flash-player-gnome-11.2.202.310-0.3.1 flash-player-kde4-11.2.202.310-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-3361.html http://support.novell.com/security/cve/CVE-2013-3362.html http://support.novell.com/security/cve/CVE-2013-3363.html http://support.novell.com/security/cve/CVE-2013-5324.html https://bugzilla.novell.com/839897 http://download.novell.com/patch/finder/?keywords=1f13c6255ccae0c6aefb9a7cb043f079 http://download.novell.com/patch/finder/?keywords=548169ecd92ed01c70cacd01e49cc669 From sle-updates at lists.suse.com Wed Sep 18 13:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Sep 2013 21:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1465-1: Recommended update for release-notes-sled Message-ID: <20130918190409.BA7EB3236F@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1465-1 Rating: low References: #833591 #833936 #834910 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Desktop 11 SP3 with the following changes: * New entry: Migrating from SP2 to SP3 with YaST or the Update Applet. * Changed entry: Migrating to SLE 11 SP3 Using Zypper. * Changed entry: openJDK 7 as a Replacement for openJDK 6. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-release-notes-sled-8250 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 11.3.22]: release-notes-sled-11.3.22-0.7.1 References: https://bugzilla.novell.com/833591 https://bugzilla.novell.com/833936 https://bugzilla.novell.com/834910 http://download.novell.com/patch/finder/?keywords=ae58d2d01b40ce4d2a54acb656cdf62b From sle-updates at lists.suse.com Wed Sep 18 13:04:15 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 18 Sep 2013 21:04:15 +0200 (CEST) Subject: SUSE-RU-2013:1466-1: Recommended update for udev Message-ID: <20130918190415.15DAF32371@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1466-1 Rating: low References: #809540 #818146 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes the following issues: * System crashes with kernel oops while doing DLPAR operations under stress (xmon) (bnc#818146) * udevd: Allow children created immediately to exit after timeout (bnc#809540) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libgudev-1_0-0-8184 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libgudev-1_0-0-8184 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libgudev-1_0-0-8184 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libgudev-1_0-0-8184 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.90.8 libudev-devel-147-0.90.8 libudev0-147-0.90.8 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libgudev-1_0-0-147-0.90.8 libudev0-147-0.90.8 udev-147-0.90.8 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.90.8 libudev0-32bit-147-0.90.8 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.90.8 libudev0-147-0.90.8 udev-147-0.90.8 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.90.8 libudev0-32bit-147-0.90.8 - SUSE Linux Enterprise Server 11 SP3 (ia64): libgudev-1_0-0-x86-147-0.90.8 libudev0-x86-147-0.90.8 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libgudev-1_0-0-147-0.90.8 libudev0-147-0.90.8 udev-147-0.90.8 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgudev-1_0-0-32bit-147-0.90.8 libudev0-32bit-147-0.90.8 References: https://bugzilla.novell.com/809540 https://bugzilla.novell.com/818146 http://download.novell.com/patch/finder/?keywords=9fcdf18156a4747058ac063f16c1fb64 From sle-updates at lists.suse.com Thu Sep 19 09:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Sep 2013 17:04:09 +0200 (CEST) Subject: SUSE-SU-2013:1467-1: moderate: Security update for squid Message-ID: <20130919150409.E78A13236F@maintenance.suse.de> SUSE Security Update: Security update for squid ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1467-1 Rating: moderate References: #677335 #829084 Cross-References: CVE-2013-4115 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This squid update fixes a buffer overflow issue when squid attempts to resolve an overly long hostname. This can be triggered with specially crafted http requests. (bnc#829084, CVE-2013-4115) This update also includes a correction to the last change for logrotate. (bnc#677335) Security Issue reference: * CVE-2013-4115 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-squid-8310 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-squid-8310 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-squid-8309 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-squid-8309 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): squid-2.7.STABLE5-2.12.16.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): squid-2.7.STABLE5-2.12.16.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): squid-2.7.STABLE5-2.12.16.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): squid-2.7.STABLE5-2.12.16.1 References: http://support.novell.com/security/cve/CVE-2013-4115.html https://bugzilla.novell.com/677335 https://bugzilla.novell.com/829084 http://download.novell.com/patch/finder/?keywords=18c19952cbf3c0099a3820697120c484 http://download.novell.com/patch/finder/?keywords=e96c45ffb46fc71de84575955833f192 From sle-updates at lists.suse.com Thu Sep 19 09:07:13 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Sep 2013 17:07:13 +0200 (CEST) Subject: SUSE-SU-2013:1468-1: moderate: Security update for Samba Message-ID: <20130919150713.94E1B3236F@maintenance.suse.de> SUSE Security Update: Security update for Samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1468-1 Rating: moderate References: #765270 #806501 #820531 #829969 Cross-References: CVE-2013-4124 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124). Additionally, the following stability fixes are included in this update: * Fix libreplace license ambiguity. (bnc#765270) * Document idmap_ad rfc2307 attribute requirements. (bnc#820531) * The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501). Security Issue reference: * CVE-2013-4124 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-cifs-mount-8171 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-cifs-mount-8171 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-cifs-mount-8171 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-cifs-mount-8171 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-0.42.1 libnetapi-devel-3.6.3-0.42.1 libnetapi0-3.6.3-0.42.1 libsmbclient-devel-3.6.3-0.42.1 libsmbsharemodes-devel-3.6.3-0.42.1 libsmbsharemodes0-3.6.3-0.42.1 libtalloc-devel-3.6.3-0.42.1 libtdb-devel-3.6.3-0.42.1 libtevent-devel-3.6.3-0.42.1 libwbclient-devel-3.6.3-0.42.1 samba-devel-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ldapsmb-1.34b-12.42.1 libldb1-3.6.3-0.42.1 libsmbclient0-3.6.3-0.42.1 libtalloc2-3.6.3-0.42.1 libtdb1-3.6.3-0.42.1 libtevent0-3.6.3-0.42.1 libwbclient0-3.6.3-0.42.1 samba-3.6.3-0.42.1 samba-client-3.6.3-0.42.1 samba-krb-printing-3.6.3-0.42.1 samba-winbind-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libsmbclient0-32bit-3.6.3-0.42.1 libtalloc2-32bit-3.6.3-0.42.1 libtdb1-32bit-3.6.3-0.42.1 libtevent0-32bit-3.6.3-0.42.1 libwbclient0-32bit-3.6.3-0.42.1 samba-32bit-3.6.3-0.42.1 samba-client-32bit-3.6.3-0.42.1 samba-winbind-32bit-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): samba-doc-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-12.42.1 libldb1-3.6.3-0.42.1 libsmbclient0-3.6.3-0.42.1 libtalloc2-3.6.3-0.42.1 libtdb1-3.6.3-0.42.1 libtevent0-3.6.3-0.42.1 libwbclient0-3.6.3-0.42.1 samba-3.6.3-0.42.1 samba-client-3.6.3-0.42.1 samba-krb-printing-3.6.3-0.42.1 samba-winbind-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-0.42.1 libtalloc2-32bit-3.6.3-0.42.1 libtdb1-32bit-3.6.3-0.42.1 libtevent0-32bit-3.6.3-0.42.1 libwbclient0-32bit-3.6.3-0.42.1 samba-32bit-3.6.3-0.42.1 samba-client-32bit-3.6.3-0.42.1 samba-winbind-32bit-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): samba-doc-3.6.3-0.42.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libsmbclient0-x86-3.6.3-0.42.1 libtalloc2-x86-3.6.3-0.42.1 libtdb1-x86-3.6.3-0.42.1 libwbclient0-x86-3.6.3-0.42.1 samba-client-x86-3.6.3-0.42.1 samba-winbind-x86-3.6.3-0.42.1 samba-x86-3.6.3-0.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libldb1-3.6.3-0.42.1 libsmbclient0-3.6.3-0.42.1 libtalloc2-3.6.3-0.42.1 libtdb1-3.6.3-0.42.1 libtevent0-3.6.3-0.42.1 libwbclient0-3.6.3-0.42.1 samba-3.6.3-0.42.1 samba-client-3.6.3-0.42.1 samba-krb-printing-3.6.3-0.42.1 samba-winbind-3.6.3-0.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libldb1-32bit-3.6.3-0.42.1 libsmbclient0-32bit-3.6.3-0.42.1 libtalloc2-32bit-3.6.3-0.42.1 libtdb1-32bit-3.6.3-0.42.1 libtevent0-32bit-3.6.3-0.42.1 libwbclient0-32bit-3.6.3-0.42.1 samba-32bit-3.6.3-0.42.1 samba-client-32bit-3.6.3-0.42.1 samba-winbind-32bit-3.6.3-0.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): samba-doc-3.6.3-0.42.1 References: http://support.novell.com/security/cve/CVE-2013-4124.html https://bugzilla.novell.com/765270 https://bugzilla.novell.com/806501 https://bugzilla.novell.com/820531 https://bugzilla.novell.com/829969 http://download.novell.com/patch/finder/?keywords=4fe0660a8b33bae18a257d33b82f29fb From sle-updates at lists.suse.com Thu Sep 19 09:10:17 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Sep 2013 17:10:17 +0200 (CEST) Subject: SUSE-SU-2013:1469-1: moderate: Security update for Samba Message-ID: <20130919151017.6B6063236F@maintenance.suse.de> SUSE Security Update: Security update for Samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1469-1 Rating: moderate References: #765270 #786350 #792294 #798856 #800782 #802031 #806501 #807334 #812929 #815994 #820531 #824833 #829969 Cross-References: CVE-2013-4124 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has 12 fixes is now available. Description: The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. (CVE-2013-4124). Additionally, the following stability fixes are included in this update: * Do not restart the smbfs service on pre-11.3 systems during dhcp lease renewal when the IP address remains the same. (bnc#800782) * Fix smbclient recursive mget EPERM handling. (bnc#786350) * Fix SMB1 Session Setup AndX handling with a large krb PAC. (bnc#802031) * Fix periodic printcap cache reloads. (bnc#807334) * Fix AD printer publishing. (bnc#798856) * Add extra attributes for AD printer publishing. (bnc#798856) * Fix is_printer_published GUID retrieval. (bnc#798856) * Fix vfs_catia module. (bnc#824833) * Don't modify the pidfile name when a custom config file path is used. (bnc#812929) * Fix the username map optimization. (bnc#815994) * Fix libreplace license ambiguity. (bnc#765270) * Document idmap_ad rfc2307 attribute requirements. (bnc#820531) * The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20. (bnc#806501) Security Issue references: * CVE-2013-4124 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-cifs-mount-8170 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cifs-mount-8170 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cifs-mount-8170 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cifs-mount-8170 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-0.33.35.1 libnetapi-devel-3.6.3-0.33.35.1 libnetapi0-3.6.3-0.33.35.1 libsmbclient-devel-3.6.3-0.33.35.1 libsmbsharemodes-devel-3.6.3-0.33.35.1 libsmbsharemodes0-3.6.3-0.33.35.1 libtalloc-devel-3.6.3-0.33.35.1 libtdb-devel-3.6.3-0.33.35.1 libtevent-devel-3.6.3-0.33.35.1 libwbclient-devel-3.6.3-0.33.35.1 samba-devel-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ldapsmb-1.34b-12.33.35.1 libldb1-3.6.3-0.33.35.1 libsmbclient0-3.6.3-0.33.35.1 libtalloc1-3.4.3-1.46.2 libtalloc2-3.6.3-0.33.35.1 libtdb1-3.6.3-0.33.35.1 libtevent0-3.6.3-0.33.35.1 libwbclient0-3.6.3-0.33.35.1 samba-3.6.3-0.33.35.1 samba-client-3.6.3-0.33.35.1 samba-krb-printing-3.6.3-0.33.35.1 samba-winbind-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libsmbclient0-32bit-3.6.3-0.33.35.1 libtalloc1-32bit-3.4.3-1.46.2 libtalloc2-32bit-3.6.3-0.33.35.1 libtdb1-32bit-3.6.3-0.33.35.1 libtevent0-32bit-3.6.3-0.33.35.1 libwbclient0-32bit-3.6.3-0.33.35.1 samba-32bit-3.6.3-0.33.35.1 samba-client-32bit-3.6.3-0.33.35.1 samba-winbind-32bit-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): samba-doc-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-12.33.35.1 libldb1-3.6.3-0.33.35.1 libsmbclient0-3.6.3-0.33.35.1 libtalloc1-3.4.3-1.46.2 libtalloc2-3.6.3-0.33.35.1 libtdb1-3.6.3-0.33.35.1 libtevent0-3.6.3-0.33.35.1 libwbclient0-3.6.3-0.33.35.1 samba-3.6.3-0.33.35.1 samba-client-3.6.3-0.33.35.1 samba-krb-printing-3.6.3-0.33.35.1 samba-winbind-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-0.33.35.1 libtalloc1-32bit-3.4.3-1.46.2 libtalloc2-32bit-3.6.3-0.33.35.1 libtdb1-32bit-3.6.3-0.33.35.1 libtevent0-32bit-3.6.3-0.33.35.1 libwbclient0-32bit-3.6.3-0.33.35.1 samba-32bit-3.6.3-0.33.35.1 samba-client-32bit-3.6.3-0.33.35.1 samba-winbind-32bit-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): samba-doc-3.6.3-0.33.35.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libsmbclient0-x86-3.6.3-0.33.35.1 libtalloc1-x86-3.4.3-1.46.2 libtalloc2-x86-3.6.3-0.33.35.1 libtdb1-x86-3.6.3-0.33.35.1 libwbclient0-x86-3.6.3-0.33.35.1 samba-client-x86-3.6.3-0.33.35.1 samba-winbind-x86-3.6.3-0.33.35.1 samba-x86-3.6.3-0.33.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libldb1-3.6.3-0.33.35.1 libsmbclient0-3.6.3-0.33.35.1 libtalloc1-3.4.3-1.46.2 libtalloc2-3.6.3-0.33.35.1 libtdb1-3.6.3-0.33.35.1 libtevent0-3.6.3-0.33.35.1 libwbclient0-3.6.3-0.33.35.1 samba-3.6.3-0.33.35.1 samba-client-3.6.3-0.33.35.1 samba-krb-printing-3.6.3-0.33.35.1 samba-winbind-3.6.3-0.33.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libldb1-32bit-3.6.3-0.33.35.1 libsmbclient0-32bit-3.6.3-0.33.35.1 libtalloc1-32bit-3.4.3-1.46.2 libtalloc2-32bit-3.6.3-0.33.35.1 libtdb1-32bit-3.6.3-0.33.35.1 libtevent0-32bit-3.6.3-0.33.35.1 libwbclient0-32bit-3.6.3-0.33.35.1 samba-32bit-3.6.3-0.33.35.1 samba-client-32bit-3.6.3-0.33.35.1 samba-winbind-32bit-3.6.3-0.33.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): samba-doc-3.6.3-0.33.35.1 References: http://support.novell.com/security/cve/CVE-2013-4124.html https://bugzilla.novell.com/765270 https://bugzilla.novell.com/786350 https://bugzilla.novell.com/792294 https://bugzilla.novell.com/798856 https://bugzilla.novell.com/800782 https://bugzilla.novell.com/802031 https://bugzilla.novell.com/806501 https://bugzilla.novell.com/807334 https://bugzilla.novell.com/812929 https://bugzilla.novell.com/815994 https://bugzilla.novell.com/820531 https://bugzilla.novell.com/824833 https://bugzilla.novell.com/829969 http://download.novell.com/patch/finder/?keywords=ad312e61598235760a7fc567597c81c7 From sle-updates at lists.suse.com Thu Sep 19 10:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Sep 2013 18:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1470-1: moderate: Security update for quagga Message-ID: <20130919160411.08731321A4@maintenance.suse.de> SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1470-1 Rating: moderate References: #822572 #828117 Cross-References: CVE-2013-0149 CVE-2013-2236 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of quagga fixes two security issues: * CVE-2013-0149: specially-crafted OSPF packets could have caused the routing table to be erased (bnc#822572) * CVE-2013-2236: local network stack overflow (bnc#828117) Security Issue references: * CVE-2013-2236 * CVE-2013-0149 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-quagga-8235 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-quagga-8234 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-quagga-8235 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-quagga-8235 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-quagga-8234 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-quagga-8234 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): quagga-0.99.15-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-devel-0.99.15-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): quagga-0.99.15-0.14.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): quagga-0.99.15-0.14.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.14.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): quagga-0.99.15-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): quagga-0.99.15-0.14.1 References: http://support.novell.com/security/cve/CVE-2013-0149.html http://support.novell.com/security/cve/CVE-2013-2236.html https://bugzilla.novell.com/822572 https://bugzilla.novell.com/828117 http://download.novell.com/patch/finder/?keywords=07adae7779abcfeed5a57153e3fa17b7 http://download.novell.com/patch/finder/?keywords=ea8626fd89f63a60b8c5d39c74d6d461 From sle-updates at lists.suse.com Thu Sep 19 13:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 19 Sep 2013 21:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1471-1: Recommended update for lxc Message-ID: <20130919190410.38C2532383@maintenance.suse.de> SUSE Recommended Update: Recommended update for lxc ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1471-1 Rating: low References: #835585 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides LXC version 0.8.0 for the Itanium (ia64) architecture, including many fixes and enhancements. For a comprehensive description of all fixes, please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-lxc-8285 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-lxc-8285 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64) [New Version: 0.8.0]: lxc-devel-0.8.0-0.17.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): lxc-0.8.0-0.17.1 References: https://bugzilla.novell.com/835585 http://download.novell.com/patch/finder/?keywords=4e4454e837dde8f89f8c251ddc43b9bc From sle-updates at lists.suse.com Fri Sep 20 08:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 20 Sep 2013 16:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1472-1: Recommended update for suse-ami-tools Message-ID: <20130920140411.55CBF321CD@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-ami-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1472-1 Rating: low References: #828925 #831366 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The following issues have been fixed: * Wrong SLE 11 SP3 repo configuration in suse-ami-tools (bnc#831366) * The message of the day presented in EC2 images refers to SP2 (bnc#828925) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-suse-ami-tools-8140 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-suse-ami-tools-8141 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (noarch): suse-ami-tools-1.0.10-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): suse-ami-tools-1.0.10-0.6.2.1 References: https://bugzilla.novell.com/828925 https://bugzilla.novell.com/831366 http://download.novell.com/patch/finder/?keywords=67012b5e1877ae1732d6a505ea5b3697 http://download.novell.com/patch/finder/?keywords=7f5c2eb801834f9fef69baec9691e7e4 From sle-updates at lists.suse.com Fri Sep 20 16:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 21 Sep 2013 00:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1473-1: important: Security update for Linux kernel Message-ID: <20130920220411.B66D73239B@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1473-1 Rating: important References: #745640 #760407 #765523 #773006 #773255 #783475 #789010 #797909 #800875 #801341 #805371 #805740 #805804 #806396 #807471 #807502 #808940 #809122 #809463 #812274 #813733 #814336 #815256 #815320 #816043 #818047 #819363 #820172 #820434 #822052 #822164 #822225 #822575 #822579 #822878 #823517 #824256 #824295 #824568 #824915 #825048 #825142 #825227 #825887 #826350 #826960 #827271 #827372 #827376 #827378 #827749 #827750 #827930 #828087 #828119 #828192 #828265 #828574 #828714 #828886 #828914 #829001 #829082 #829357 #829539 #829622 #830346 #830478 #830766 #830822 #830901 #831055 #831058 #831410 #831422 #831424 #831438 #831623 #831949 #832318 #833073 #833097 #833148 #834116 #834647 #834742 #835175 Cross-References: CVE-2013-1059 CVE-2013-1819 CVE-2013-1929 CVE-2013-2148 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851 CVE-2013-2852 CVE-2013-3301 CVE-2013-4162 CVE-2013-4163 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 13 vulnerabilities and has 74 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to version 3.0.93 and to fix various bugs and security issues. The following features have been added: * NFS: Now supports a "nosharetransport" option (bnc#807502, bnc#828192, FATE#315593). * ALSA: virtuoso: Xonar DSX support was added (FATE#316016). The following security issues have been fixed: * CVE-2013-2148: The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor. * CVE-2013-2237: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. * CVE-2013-2232: The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel allowed local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface. * CVE-2013-2234: The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel did not initialize certain structure members, which allowed local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. CVE-2013-4162: The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel made an incorrect function call for pending data, which allowed local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. * CVE-2013-1059: net/ceph/auth_none.c in the Linux kernel allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. * CVE-2013-2164: The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. * CVE-2013-2851: Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. * CVE-2013-4163: The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel did not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allowed local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. * CVE-2013-1929: Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. * CVE-2013-1819: The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel did not validate block numbers, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map. Also the following non-security bugs have been fixed: * ACPI / APEI: Force fatal AER severity when component has been reset (bnc#828886 bnc#824568). * PCI/AER: Move AER severity defines to aer.h (bnc#828886 bnc#824568). * PCI/AER: Set dev->__aer_firmware_first only for matching devices (bnc#828886 bnc#824568). * PCI/AER: Factor out HEST device type matching (bnc#828886 bnc#824568). * PCI/AER: Do not parse HEST table for non-PCIe devices (bnc#828886 bnc#824568). * PCI/AER: Reset link for devices below Root Port or Downstream Port (bnc#828886 bnc#824568). * zfcp: fix lock imbalance by reworking request queue locking (bnc#835175, LTC#96825). * qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809). * qeth: change default standard blkt settings for OSA Express (bnc#835175, LTC#96808). * x86: Add workaround to NMI iret woes (bnc#831949). * x86: Do not schedule while still in NMI context (bnc#831949). * drm/i915: no longer call drm_helper_resume_force_mode (bnc#831424,bnc#800875). * bnx2x: protect different statistics flows (bnc#814336). * bnx2x: Avoid sending multiple statistics queries (bnc#814336). * bnx2x: protect different statistics flows (bnc#814336). * ALSA: hda - Fix unbalanced runtime pm refount (bnc#834742). * xhci: directly calling _PS3 on suspend (bnc#833148). * futex: Take hugepages into account when generating futex_key. * e1000e: workaround DMA unit hang on I218 (bnc#834647). * e1000e: unexpected "Reset adapter" message when cable pulled (bnc#834647). * e1000e: 82577: workaround for link drop issue (bnc#834647). * e1000e: helper functions for accessing EMI registers (bnc#834647). * e1000e: workaround DMA unit hang on I218 (bnc#834647). * e1000e: unexpected "Reset adapter" message when cable pulled (bnc#834647). * e1000e: 82577: workaround for link drop issue (bnc#834647). * e1000e: helper functions for accessing EMI registers (bnc#834647). * Drivers: hv: util: Fix a bug in version negotiation code for util services (bnc#828714). * printk: Add NMI ringbuffer (bnc#831949). * printk: extract ringbuffer handling from vprintk (bnc#831949). * printk: NMI safe printk (bnc#831949). * printk: Make NMI ringbuffer size independent on log_buf_len (bnc#831949). * printk: Do not call console_unlock from nmi context (bnc#831949). * printk: Do not use printk_cpu from finish_printk (bnc#831949). * zfcp: fix schedule-inside-lock in scsi_device list loops (bnc#833073, LTC#94937). * uvc: increase number of buffers (bnc#822164, bnc#805804). * drm/i915: Adding more reserved PCI IDs for Haswell (bnc#834116). * Refresh patches.xen/xen-netback-generalize (bnc#827378). * Update Xen patches to 3.0.87. * mlx4_en: Adding 40gb speed report for ethtool (bnc#831410). * drm/i915: Retry DP aux_ch communications with a different clock after failure (bnc#831422). * drm/i915: split aux_clock_divider logic in a separated function for reuse (bnc#831422). * drm/i915: dp: increase probe retries (bnc#831422). * drm/i915: Only clear write-domains after a successful wait-seqno (bnc#831422). * drm/i915: Fix write-read race with multiple rings (bnc#831422). * drm/i915: Retry DP aux_ch communications with a different clock after failure (bnc#831422). * drm/i915: split aux_clock_divider logic in a separated function for reuse (bnc#831422). * drm/i915: dp: increase probe retries (bnc#831422). * drm/i915: Only clear write-domains after a successful wait-seqno (bnc#831422). * drm/i915: Fix write-read race with multiple rings (bnc#831422). * xhci: Add xhci_disable_ports boot option (bnc#822164). * xhci: set device to D3Cold on shutdown (bnc#833097). * reiserfs: Fixed double unlock in reiserfs_setattr failure path. * reiserfs: locking, release lock around quota operations (bnc#815320). * reiserfs: locking, push write lock out of xattr code (bnc#815320). * reiserfs: locking, handle nested locks properly (bnc#815320). * reiserfs: do not lock journal_init() (bnc#815320). * reiserfs: delay reiserfs lock until journal initialization (bnc#815320). * NFS: support "nosharetransport" option (bnc#807502, bnc#828192, FATE#315593). * HID: hyperv: convert alloc+memcpy to memdup. * Drivers: hv: vmbus: Implement multi-channel support (fate#316098). * Drivers: hv: Add the GUID fot synthetic fibre channel device (fate#316098). * tools: hv: Check return value of setsockopt call. * tools: hv: Check return value of poll call. * tools: hv: Check retrun value of strchr call. * tools: hv: Fix file descriptor leaks. * tools: hv: Improve error logging in KVP daemon. * drivers: hv: switch to use mb() instead of smp_mb(). * drivers: hv: check interrupt mask before read_index. * drivers: hv: allocate synic structures before hv_synic_init(). * storvsc: Increase the value of scsi timeout for storvsc devices (fate#316098). * storvsc: Update the storage protocol to win8 level (fate#316098). * storvsc: Implement multi-channel support (fate#316098). * storvsc: Support FC devices (fate#316098). * storvsc: Increase the value of STORVSC_MAX_IO_REQUESTS (fate#316098). * hyperv: Fix the NETIF_F_SG flag setting in netvsc. * Drivers: hv: vmbus: incorrect device name is printed when child device is unregistered. * Tools: hv: KVP: Fix a bug in IPV6 subnet enumeration (bnc#828714). * ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size (bnc#831055, CVE-2013-4163). * ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size (bnc#831055, CVE-2013-4163). * dm mpath: add retain_attached_hw_handler feature (bnc#760407). * scsi_dh: add scsi_dh_attached_handler_name (bnc#760407). * af_key: fix info leaks in notify messages (bnc#827749 CVE-2013-2234). * af_key: initialize satype in key_notify_policy_flush() (bnc#828119 CVE-2013-2237). * ipv6: call udp_push_pending_frames when uncorking a socket with (bnc#831058, CVE-2013-4162). * tg3: fix length overflow in VPD firmware parsing (bnc#813733 CVE-2013-1929). * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end (CVE-2013-1819 bnc#807471). * ipv6: ip6_sk_dst_check() must not assume ipv6 dst (bnc#827750, CVE-2013-2232). * dasd: fix hanging devices after path events (bnc#831623, LTC#96336). * kernel: z90crypt module load crash (bnc#831623, LTC#96214). * ata: Fix DVD not dectected at some platform with Wellsburg PCH (bnc#822225). * drm/i915: edp: add standard modes (bnc#832318). * Do not switch camera on yet more HP machines (bnc#822164). * Do not switch camera on HP EB 820 G1 (bnc#822164). * xhci: Avoid NULL pointer deref when host dies (bnc#827271). * bonding: disallow change of MAC if fail_over_mac enabled (bnc#827376). * bonding: propagate unicast lists down to slaves (bnc#773255 bnc#827372). * net/bonding: emit address change event also in bond_release (bnc#773255 bnc#827372). * bonding: emit event when bonding changes MAC (bnc#773255 bnc#827372). * usb: host: xhci: Enable XHCI_SPURIOUS_SUCCESS for all controllers with xhci 1.0 (bnc#797909). * xhci: fix null pointer dereference on ring_doorbell_for_active_rings (bnc#827271). * updated reference for security issue fixed inside (CVE-2013-3301 bnc#815256) * qla2xxx: Clear the MBX_INTR_WAIT flag when the mailbox time-out happens (bnc#830478). * drm/i915: initialize gt_lock early with other spin locks (bnc#801341). * drm/i915: fix up gt init sequence fallout (bnc#801341). * drm/i915: initialize gt_lock early with other spin locks (bnc#801341). * drm/i915: fix up gt init sequence fallout (bnc#801341). * timer_list: Correct the iterator for timer_list (bnc#818047). * firmware: do not spew errors in normal boot (bnc#831438, fate#314574). * ALSA: virtuoso: Xonar DSX support (FATE#316016). * SUNRPC: Ensure we release the socket write lock if the rpc_task exits early (bnc#830901). * ext4: Re-add config option Building ext4 as the ext4-writeable KMP uses CONFIG_EXT4_FS_RW=y to denote that read-write module should be enabled. This update just defaults allow_rw to true if it is set. * e1000: fix vlan processing regression (bnc#830766). * ext4: force read-only unless rw=1 module option is used (fate#314864). * dm mpath: fix ioctl deadlock when no paths (bnc#808940). * HID: fix unused rsize usage (bnc#783475). * add reference for b43 format string flaw (bnc#822579 CVE-2013-2852) * HID: fix data access in implement() (bnc#783475). * xfs: fix deadlock in xfs_rtfree_extent with kernel v3.x (bnc#829622). * kernel: sclp console hangs (bnc#830346, LTC#95711). * Refresh patches.fixes/rtc-add-an-alarm-disable-quirk.patch. * Delete patches.drm/1209-nvc0-fb-shut-up-pmfb-interrupt-after-the-fi rst-occurrence. It was removed from series.conf in 063ed686e5a3cda01a7ddbc49db1499da917fef5 but the file was not deleted. * Drivers: hv: balloon: Do not post pressure status if interrupted (bnc#829539). * Drivers: hv: balloon: Fix a bug in the hot-add code (bnc#829539). * drm/i915: Fix incoherence with fence updates on Sandybridge+ (bnc#809463). * drm/i915: merge {i965, sandybridge}_write_fence_reg() (bnc#809463). * drm/i915: Fix incoherence with fence updates on Sandybridge+ (bnc#809463). * drm/i915: merge {i965, sandybridge}_write_fence_reg() (bnc#809463). * Refresh patches.fixes/rtc-add-an-alarm-disable-quirk.patch. * r8169: allow multicast packets on sub-8168f chipset (bnc#805371). * r8169: support new chips of RTL8111F (bnc#805371). * r8169: define the early size for 8111evl (bnc#805371). * r8169: fix the reset setting for 8111evl (bnc#805371). * r8169: add MODULE_FIRMWARE for the firmware of 8111evl (bnc#805371). * r8169: fix sticky accepts packet bits in RxConfig (bnc#805371). * r8169: adjust the RxConfig settings (bnc#805371). * r8169: support RTL8111E-VL (bnc#805371). * r8169: add ERI functions (bnc#805371). * r8169: modify the flow of the hw reset (bnc#805371). * r8169: adjust some registers (bnc#805371). * r8169: check firmware content sooner (bnc#805371). * r8169: support new firmware format (bnc#805371). * r8169: explicit firmware format check (bnc#805371). * r8169: move the firmware down into the device private data (bnc#805371). * r8169: allow multicast packets on sub-8168f chipset (bnc#805371). * r8169: support new chips of RTL8111F (bnc#805371). * r8169: define the early size for 8111evl (bnc#805371). * r8169: fix the reset setting for 8111evl (bnc#805371). * r8169: add MODULE_FIRMWARE for the firmware of 8111evl (bnc#805371). * r8169: fix sticky accepts packet bits in RxConfig (bnc#805371). * r8169: adjust the RxConfig settings (bnc#805371). * r8169: support RTL8111E-VL (bnc#805371). * r8169: add ERI functions (bnc#805371). * r8169: modify the flow of the hw reset (bnc#805371). * r8169: adjust some registers (bnc#805371). * r8169: check firmware content sooner (bnc#805371). * r8169: support new firmware format (bnc#805371). * r8169: explicit firmware format check (bnc#805371). * r8169: move the firmware down into the device private data (bnc#805371). * patches.fixes/mm-link_mem_sections-touch-nmi-watchdog.patch: mm: link_mem_sections make sure nmi watchdog does not trigger while linking memory sections (bnc#820434). * drm/i915: fix long-standing SNB regression in power consumption after resume v2 (bnc#801341). * RTC: Add an alarm disable quirk (bnc#805740). * drm/i915: Fix bogus hotplug warnings at resume (bnc#828087). * drm/i915: Serialize all register access (bnc#809463,bnc#812274,bnc#822878,bnc#828914). * drm/i915: Resurrect ring kicking for semaphores, selectively (bnc#828087). * drm/i915: Fix bogus hotplug warnings at resume (bnc#828087). * drm/i915: Serialize all register access (bnc#809463,bnc#812274,bnc#822878,bnc#828914). * drm/i915: Resurrect ring kicking for semaphores, selectively (bnc#828087). * drm/i915: use lower aux clock divider on non-ULT HSW (bnc#800875). * drm/i915: preserve the PBC bits of TRANS_CHICKEN2 (bnc#828087). * drm/i915: set CPT FDI RX polarity bits based on VBT (bnc#828087). * drm/i915: hsw: fix link training for eDP on port-A (bnc#800875). * drm/i915: use lower aux clock divider on non-ULT HSW (bnc#800875). * drm/i915: preserve the PBC bits of TRANS_CHICKEN2 (bnc#828087). * drm/i915: set CPT FDI RX polarity bits based on VBT (bnc#828087). * drm/i915: hsw: fix link training for eDP on port-A (bnc#800875). * patches.arch/s390-66-02-smp-ipi.patch: kernel: lost IPIs on CPU hotplug (bnc#825048, LTC#94784). * patches.fixes/iwlwifi-use-correct-supported-firmware-for-603 5-and-.patch: iwlwifi: use correct supported firmware for 6035 and 6000g2 (bnc#825887). * patches.fixes/watchdog-update-watchdog_thresh-atomically.pat ch: watchdog: Update watchdog_thresh atomically (bnc#829357). * patches.fixes/watchdog-update-watchdog_tresh-properly.patch: watchdog: update watchdog_tresh properly (bnc#829357). * patches.fixes/watchdog-make-disable-enable-hotplug-and-preem pt-save.patch: watchdog-make-disable-enable-hotplug-and-preempt-save.patch (bnc#829357). * kabi/severities: Ignore changes in drivers/hv * patches.drivers/lpfc-return-correct-error-code-on-bsg_timeou t.patch: lpfc: Return correct error code on bsg_timeout (bnc#816043). * patches.fixes/dm-drop-table-reference-on-ioctl-retry.patch: dm-multipath: Drop table when retrying ioctl (bnc#808940). * scsi: Do not retry invalid function error (bnc#809122). * patches.suse/scsi-do-not-retry-invalid-function-error.patch: scsi: Do not retry invalid function error (bnc#809122). * scsi: Always retry internal target error (bnc#745640, bnc#825227). * patches.suse/scsi-always-retry-internal-target-error.patch: scsi: Always retry internal target error (bnc#745640, bnc#825227). * patches.drivers/drm-edid-Don-t-print-messages-regarding-ster eo-or-csync-by-default.patch: Refresh: add upstream commit ID. * patches.suse/acpiphp-match-to-Bochs-dmi-data.patch: Refresh. (bnc#824915). * Refresh patches.suse/acpiphp-match-to-Bochs-dmi-data.patch (bnc#824915). * Update kabi files. * ACPI:remove panic in case hardware has changed after S4 (bnc#829001). * ibmvfc: Driver version 1.0.1 (bnc#825142). * ibmvfc: Fix for offlining devices during error recovery (bnc#825142). * ibmvfc: Properly set cancel flags when cancelling abort (bnc#825142). * ibmvfc: Send cancel when link is down (bnc#825142). * ibmvfc: Support FAST_IO_FAIL in EH handlers (bnc#825142). * ibmvfc: Suppress ABTS if target gone (bnc#825142). * fs/dcache.c: add cond_resched() to shrink_dcache_parent() (bnc#829082). * drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (bnc#824295, CVE-2013-2164). * kmsg_dump: do not run on non-error paths by default (bnc#820172). * supported.conf: mark tcm_qla2xxx as supported * mm: honor min_free_kbytes set by user (bnc#826960). * Drivers: hv: util: Fix a bug in version negotiation code for util services (bnc#828714). * hyperv: Fix a kernel warning from netvsc_linkstatus_callback() (bnc#828574). * RT: Fix up hardening patch to not gripe when avg > available, which lockless access makes possible and happens in -rt kernels running a cpubound ltp realtime testcase. Just keep the output sane in that case. * kabi/severities: Add exception for aer_recover_queue() There should not be any user besides ghes.ko. * Fix rpm changelog * PCI / PM: restore the original behavior of pci_set_power_state() (bnc#827930). * fanotify: info leak in copy_event_to_user() (CVE-2013-2148 bnc#823517). * usb: xhci: check usb2 port capabilities before adding hw link PM support (bnc#828265). * aerdrv: Move cper_print_aer() call out of interrupt context (bnc#822052, bnc#824568). * PCI/AER: pci_get_domain_bus_and_slot() call missing required pci_dev_put() (bnc#822052, bnc#824568). * patches.fixes/block-do-not-pass-disk-names-as-format-strings .patch: block: do not pass disk names as format strings (bnc#822575 CVE-2013-2851). * powerpc: POWER8 cputable entries (bnc#824256). * libceph: Fix NULL pointer dereference in auth client code. (CVE-2013-1059, bnc#826350) * md/raid10: Fix two bug affecting RAID10 reshape. * Allow NFSv4 to run execute-only files (bnc#765523). * fs/ocfs2/namei.c: remove unecessary ERROR when removing non-empty directory (bnc#819363). * block: Reserve only one queue tag for sync IO if only 3 tags are available (bnc#806396). * btrfs: merge contigous regions when loading free space cache * btrfs: fix how we deal with the orphan block rsv. * btrfs: fix wrong check during log recovery. * btrfs: change how we indicate we are adding csums. Security Issue references: * CVE-2013-1059 * CVE-2013-1819 * CVE-2013-1929 * CVE-2013-2148 * CVE-2013-2164 * CVE-2013-2232 * CVE-2013-2234 * CVE-2013-2237 * CVE-2013-2851 * CVE-2013-2852 * CVE-2013-3301 * CVE-2013-4162 * CVE-2013-4163 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kernel-8270 slessp3-kernel-8283 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kernel-8264 slessp3-kernel-8267 slessp3-kernel-8269 slessp3-kernel-8270 slessp3-kernel-8283 - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-kernel-8264 slehasp3-kernel-8267 slehasp3-kernel-8269 slehasp3-kernel-8270 slehasp3-kernel-8283 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kernel-8270 sledsp3-kernel-8283 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.8.2 kernel-default-base-3.0.93-0.8.2 kernel-default-devel-3.0.93-0.8.2 kernel-source-3.0.93-0.8.2 kernel-syms-3.0.93-0.8.2 kernel-trace-3.0.93-0.8.2 kernel-trace-base-3.0.93-0.8.2 kernel-trace-devel-3.0.93-0.8.2 kernel-xen-devel-3.0.93-0.8.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.8.2 kernel-pae-base-3.0.93-0.8.2 kernel-pae-devel-3.0.93-0.8.2 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.8.2 kernel-default-base-3.0.93-0.8.2 kernel-default-devel-3.0.93-0.8.2 kernel-source-3.0.93-0.8.2 kernel-syms-3.0.93-0.8.2 kernel-trace-3.0.93-0.8.2 kernel-trace-base-3.0.93-0.8.2 kernel-trace-devel-3.0.93-0.8.2 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.93]: kernel-ec2-3.0.93-0.8.2 kernel-ec2-base-3.0.93-0.8.2 kernel-ec2-devel-3.0.93-0.8.2 kernel-xen-3.0.93-0.8.2 kernel-xen-base-3.0.93-0.8.2 kernel-xen-devel-3.0.93-0.8.2 xen-kmp-default-4.2.2_06_3.0.93_0.8-0.7.17 - SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.93]: kernel-default-man-3.0.93-0.8.2 - SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.93]: kernel-ppc64-3.0.93-0.8.2 kernel-ppc64-base-3.0.93-0.8.2 kernel-ppc64-devel-3.0.93-0.8.2 - SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.8.2 kernel-pae-base-3.0.93-0.8.2 kernel-pae-devel-3.0.93-0.8.2 xen-kmp-pae-4.2.2_06_3.0.93_0.8-0.7.17 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.93_0.8-2.27.8 cluster-network-kmp-trace-1.4_3.0.93_0.8-2.27.8 gfs2-kmp-default-2_3.0.93_0.8-0.16.14 gfs2-kmp-trace-2_3.0.93_0.8-0.16.14 ocfs2-kmp-default-1.6_3.0.93_0.8-0.20.8 ocfs2-kmp-trace-1.6_3.0.93_0.8-0.20.8 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.93_0.8-2.27.8 gfs2-kmp-xen-2_3.0.93_0.8-0.16.14 ocfs2-kmp-xen-1.6_3.0.93_0.8-0.20.8 - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.93_0.8-2.27.8 gfs2-kmp-ppc64-2_3.0.93_0.8-0.16.14 ocfs2-kmp-ppc64-1.6_3.0.93_0.8-0.20.8 - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586): cluster-network-kmp-pae-1.4_3.0.93_0.8-2.27.8 gfs2-kmp-pae-2_3.0.93_0.8-0.16.14 ocfs2-kmp-pae-1.6_3.0.93_0.8-0.20.8 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.8.2 kernel-default-base-3.0.93-0.8.2 kernel-default-devel-3.0.93-0.8.2 kernel-default-extra-3.0.93-0.8.2 kernel-source-3.0.93-0.8.2 kernel-syms-3.0.93-0.8.2 kernel-trace-devel-3.0.93-0.8.2 kernel-xen-3.0.93-0.8.2 kernel-xen-base-3.0.93-0.8.2 kernel-xen-devel-3.0.93-0.8.2 kernel-xen-extra-3.0.93-0.8.2 xen-kmp-default-4.2.2_06_3.0.93_0.8-0.7.17 - SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.8.2 kernel-pae-base-3.0.93-0.8.2 kernel-pae-devel-3.0.93-0.8.2 kernel-pae-extra-3.0.93-0.8.2 xen-kmp-pae-4.2.2_06_3.0.93_0.8-0.7.17 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.93-0.8.2 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-3.0.93-0.8.2 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-3.0.93-0.8.2 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-3.0.93-0.8.2 References: http://support.novell.com/security/cve/CVE-2013-1059.html http://support.novell.com/security/cve/CVE-2013-1819.html http://support.novell.com/security/cve/CVE-2013-1929.html http://support.novell.com/security/cve/CVE-2013-2148.html http://support.novell.com/security/cve/CVE-2013-2164.html http://support.novell.com/security/cve/CVE-2013-2232.html http://support.novell.com/security/cve/CVE-2013-2234.html http://support.novell.com/security/cve/CVE-2013-2237.html http://support.novell.com/security/cve/CVE-2013-2851.html http://support.novell.com/security/cve/CVE-2013-2852.html http://support.novell.com/security/cve/CVE-2013-3301.html http://support.novell.com/security/cve/CVE-2013-4162.html http://support.novell.com/security/cve/CVE-2013-4163.html https://bugzilla.novell.com/745640 https://bugzilla.novell.com/760407 https://bugzilla.novell.com/765523 https://bugzilla.novell.com/773006 https://bugzilla.novell.com/773255 https://bugzilla.novell.com/783475 https://bugzilla.novell.com/789010 https://bugzilla.novell.com/797909 https://bugzilla.novell.com/800875 https://bugzilla.novell.com/801341 https://bugzilla.novell.com/805371 https://bugzilla.novell.com/805740 https://bugzilla.novell.com/805804 https://bugzilla.novell.com/806396 https://bugzilla.novell.com/807471 https://bugzilla.novell.com/807502 https://bugzilla.novell.com/808940 https://bugzilla.novell.com/809122 https://bugzilla.novell.com/809463 https://bugzilla.novell.com/812274 https://bugzilla.novell.com/813733 https://bugzilla.novell.com/814336 https://bugzilla.novell.com/815256 https://bugzilla.novell.com/815320 https://bugzilla.novell.com/816043 https://bugzilla.novell.com/818047 https://bugzilla.novell.com/819363 https://bugzilla.novell.com/820172 https://bugzilla.novell.com/820434 https://bugzilla.novell.com/822052 https://bugzilla.novell.com/822164 https://bugzilla.novell.com/822225 https://bugzilla.novell.com/822575 https://bugzilla.novell.com/822579 https://bugzilla.novell.com/822878 https://bugzilla.novell.com/823517 https://bugzilla.novell.com/824256 https://bugzilla.novell.com/824295 https://bugzilla.novell.com/824568 https://bugzilla.novell.com/824915 https://bugzilla.novell.com/825048 https://bugzilla.novell.com/825142 https://bugzilla.novell.com/825227 https://bugzilla.novell.com/825887 https://bugzilla.novell.com/826350 https://bugzilla.novell.com/826960 https://bugzilla.novell.com/827271 https://bugzilla.novell.com/827372 https://bugzilla.novell.com/827376 https://bugzilla.novell.com/827378 https://bugzilla.novell.com/827749 https://bugzilla.novell.com/827750 https://bugzilla.novell.com/827930 https://bugzilla.novell.com/828087 https://bugzilla.novell.com/828119 https://bugzilla.novell.com/828192 https://bugzilla.novell.com/828265 https://bugzilla.novell.com/828574 https://bugzilla.novell.com/828714 https://bugzilla.novell.com/828886 https://bugzilla.novell.com/828914 https://bugzilla.novell.com/829001 https://bugzilla.novell.com/829082 https://bugzilla.novell.com/829357 https://bugzilla.novell.com/829539 https://bugzilla.novell.com/829622 https://bugzilla.novell.com/830346 https://bugzilla.novell.com/830478 https://bugzilla.novell.com/830766 https://bugzilla.novell.com/830822 https://bugzilla.novell.com/830901 https://bugzilla.novell.com/831055 https://bugzilla.novell.com/831058 https://bugzilla.novell.com/831410 https://bugzilla.novell.com/831422 https://bugzilla.novell.com/831424 https://bugzilla.novell.com/831438 https://bugzilla.novell.com/831623 https://bugzilla.novell.com/831949 https://bugzilla.novell.com/832318 https://bugzilla.novell.com/833073 https://bugzilla.novell.com/833097 https://bugzilla.novell.com/833148 https://bugzilla.novell.com/834116 https://bugzilla.novell.com/834647 https://bugzilla.novell.com/834742 https://bugzilla.novell.com/835175 http://download.novell.com/patch/finder/?keywords=0ac91b201b328861b832cc9a2d5a8c6b http://download.novell.com/patch/finder/?keywords=191d1a273a8c36c8ea012d9d4b07dcbc http://download.novell.com/patch/finder/?keywords=4ae0f4ab33ce6f2db597d9df8fc2fa01 http://download.novell.com/patch/finder/?keywords=4cd5eadeb6509d92f806e5cee6cfa82a http://download.novell.com/patch/finder/?keywords=61459cd922860f9fa4e664f18e3931fd http://download.novell.com/patch/finder/?keywords=644896ee11863828529ebdee6530d1ac http://download.novell.com/patch/finder/?keywords=79b73575f6204cac04299c610e2aa8ac http://download.novell.com/patch/finder/?keywords=c98e6cc38ee03dd039683da9b6305d2a http://download.novell.com/patch/finder/?keywords=ebf6b9a0e30da81aed0eccbac2d7a3b7 http://download.novell.com/patch/finder/?keywords=ee2560c9159e67ffcb9684870a768e7d From sle-updates at lists.suse.com Fri Sep 20 17:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 21 Sep 2013 01:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1474-1: important: Security update for Linux kernel Message-ID: <20130920230411.8DBC73219C@maintenance.suse.de> SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1474-1 Rating: important References: #745640 #760407 #765523 #773006 #773255 #773837 #783475 #785901 #789010 #801427 #803320 #804482 #805371 #806396 #806976 #807471 #807502 #808940 #809122 #812526 #812974 #813604 #813733 #814336 #815320 #816043 #817035 #817377 #818465 #819363 #819523 #820172 #820434 #821052 #821235 #822066 #822077 #822575 #822825 #823082 #823342 #823497 #823517 #824159 #824295 #824915 #825048 #825142 #825227 #825591 #825657 #825887 #826350 #826960 #827372 #827376 #827378 #827749 #827750 #828119 #828192 #828574 #828714 #829082 #829357 #829622 #830901 #831055 #831058 #831410 #831949 Cross-References: CVE-2013-1059 CVE-2013-1774 CVE-2013-1819 CVE-2013-1929 CVE-2013-2148 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851 CVE-2013-4162 CVE-2013-4163 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 59 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to version 3.0.93 and includes various bug and security fixes. The following security bugs have been fixed: * CVE-2013-2148: The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor. * CVE-2013-2237: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. * CVE-2013-2232: The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel allowed local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface. * CVE-2013-2234: The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel did not initialize certain structure members, which allowed local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. * CVE-2013-4162: The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel made an incorrect function call for pending data, which allowed local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. * CVE-2013-1059: net/ceph/auth_none.c in the Linux kernel allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. * CVE-2013-2164: The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. * CVE-2013-2851: Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. * CVE-2013-4163: The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel did not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allowed local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. * CVE-2013-1929: Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. * CVE-2013-1819: The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel did not validate block numbers, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map. * CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. Also the following bugs have been fixed: BTRFS: * btrfs: merge contigous regions when loading free space cache * btrfs: fix how we deal with the orphan block rsv * btrfs: fix wrong check during log recovery * btrfs: change how we indicate we are adding csums * btrfs: flush delayed inodes if we are short on space (bnc#801427). * btrfs: rework shrink_delalloc (bnc#801427). * btrfs: fix our overcommit math (bnc#801427). * btrfs: delay block group item insertion (bnc#801427). * btrfs: remove bytes argument from do_chunk_alloc (bnc#801427). * btrfs: run delayed refs first when out of space (bnc#801427). * btrfs: do not commit instead of overcommitting (bnc#801427). * btrfs: do not take inode delalloc mutex if we are a free space inode (bnc#801427). * btrfs: fix chunk allocation error handling (bnc#801427). * btrfs: remove extent mapping if we fail to add chunk (bnc#801427). * btrfs: do not overcommit if we do not have enough space for global rsv (bnc#801427). * btrfs: rework the overcommit logic to be based on the total size (bnc#801427). * btrfs: steal from global reserve if we are cleaning up orphans (bnc#801427). * btrfs: clear chunk_alloc flag on retryable failure (bnc#801427). * btrfs: use reserved space for creating a snapshot (bnc#801427). * btrfs: cleanup to make the function btrfs_delalloc_reserve_metadata more logic (bnc#801427). * btrfs: fix space leak when we fail to reserve metadata space (bnc#801427). * btrfs: fix space accounting for unlink and rename (bnc#801427). * btrfs: allocate new chunks if the space is not enough for global rsv (bnc#801427). * btrfs: various abort cleanups (bnc#812526 bnc#801427). * btrfs: simplify unlink reservations (bnc#801427). OTHER: * x86: Add workaround to NMI iret woes (bnc#831949). * x86: Do not schedule while still in NMI context (bnc#831949). * bnx2x: Avoid sending multiple statistics queries (bnc#814336). * bnx2x: protect different statistics flows (bnc#814336). * futex: Take hugepages into account when generating futex_key. * drivers/hv: util: Fix a bug in version negotiation code for util services (bnc#828714). * printk: Add NMI ringbuffer (bnc#831949). * printk: extract ringbuffer handling from vprintk (bnc#831949). * printk: NMI safe printk (bnc#831949). * printk: Make NMI ringbuffer size independent on log_buf_len (bnc#831949). * printk: Do not call console_unlock from nmi context (bnc#831949). * printk: Do not use printk_cpu from finish_printk (bnc#831949). * mlx4_en: Adding 40gb speed report for ethtool (bnc#831410). * reiserfs: Fixed double unlock in reiserfs_setattr failure path. * reiserfs: delay reiserfs lock until journal initialization (bnc#815320). * reiserfs: do not lock journal_init() (bnc#815320). * reiserfs: locking, handle nested locks properly (bnc#815320). * reiserfs: locking, push write lock out of xattr code (bnc#815320). * reiserfs: locking, release lock around quota operations (bnc#815320). * NFS: support "nosharetransport" option (bnc#807502, bnc#828192, FATE#315593). * dm mpath: add retain_attached_hw_handler feature (bnc#760407). * scsi_dh: add scsi_dh_attached_handler_name (bnc#760407). * bonding: disallow change of MAC if fail_over_mac enabled (bnc#827376). * bonding: propagate unicast lists down to slaves (bnc#773255 bnc#827372). * bonding: emit address change event also in bond_release (bnc#773255 bnc#827372). * bonding: emit event when bonding changes MAC (bnc#773255 bnc#827372). * SUNRPC: Ensure we release the socket write lock if the rpc_task exits early (bnc#830901). * ext4: force read-only unless rw=1 module option is used (fate#314864). * HID: fix unused rsize usage (bnc#783475). * HID: fix data access in implement() (bnc#783475). * xfs: fix deadlock in xfs_rtfree_extent with kernel v3.x (bnc#829622). * r8169: allow multicast packets on sub-8168f chipset (bnc#805371). * r8169: support new chips of RTL8111F (bnc#805371). * r8169: define the early size for 8111evl (bnc#805371). * r8169: fix the reset setting for 8111evl (bnc#805371). * r8169: add MODULE_FIRMWARE for the firmware of 8111evl (bnc#805371). * r8169: fix sticky accepts packet bits in RxConfig (bnc#805371). * r8169: adjust the RxConfig settings (bnc#805371). * r8169: support RTL8111E-VL (bnc#805371). * r8169: add ERI functions (bnc#805371). * r8169: modify the flow of the hw reset (bnc#805371). * r8169: adjust some registers (bnc#805371). * r8169: check firmware content sooner (bnc#805371). * r8169: support new firmware format (bnc#805371). * r8169: explicit firmware format check (bnc#805371). * r8169: move the firmware down into the device private data (bnc#805371). * mm: link_mem_sections make sure nmi watchdog does not trigger while linking memory sections (bnc#820434). * kernel: lost IPIs on CPU hotplug (bnc#825048, LTC#94784). * iwlwifi: use correct supported firmware for 6035 and 6000g2 (bnc#825887). * watchdog: Update watchdog_thresh atomically (bnc#829357). * watchdog: update watchdog_tresh properly (bnc#829357). * watchdog: watchdog-make-disable-enable-hotplug-and-preempt-save.patch (bnc#829357). * include/1/smp.h: define __smp_call_function_single for !CONFIG_SMP (bnc#829357). * lpfc: Return correct error code on bsg_timeout (bnc#816043). * dm-multipath: Drop table when retrying ioctl (bnc#808940). * scsi: Do not retry invalid function error (bnc#809122). * scsi: Always retry internal target error (bnc#745640, bnc#825227). * ibmvfc: Driver version 1.0.1 (bnc#825142). * ibmvfc: Fix for offlining devices during error recovery (bnc#825142). * ibmvfc: Properly set cancel flags when cancelling abort (bnc#825142). * ibmvfc: Send cancel when link is down (bnc#825142). * ibmvfc: Support FAST_IO_FAIL in EH handlers (bnc#825142). * ibmvfc: Suppress ABTS if target gone (bnc#825142). * fs/dcache.c: add cond_resched() to shrink_dcache_parent() (bnc#829082). * kmsg_dump: do not run on non-error paths by default (bnc#820172). * mm: honor min_free_kbytes set by user (bnc#826960). * hyperv: Fix a kernel warning from netvsc_linkstatus_callback() (bnc#828574). * RT: Fix up hardening patch to not gripe when avg > available, which lockless access makes possible and happens in -rt kernels running a cpubound ltp realtime testcase. Just keep the output sane in that case. * md/raid10: Fix two bug affecting RAID10 reshape (-). * Allow NFSv4 to run execute-only files (bnc#765523). * fs/ocfs2/namei.c: remove unecessary ERROR when removing non-empty directory (bnc#819363). * block: Reserve only one queue tag for sync IO if only 3 tags are available (bnc#806396). * drm/i915: Add wait_for in init_ring_common (bnc#813604). * drm/i915: Mark the ringbuffers as being in the GTT domain (bnc#813604). * ext4: avoid hang when mounting non-journal filesystems with orphan list (bnc#817377). * autofs4 - fix get_next_positive_subdir() (bnc#819523). * ocfs2: Add bits_wanted while calculating credits in ocfs2_calc_extend_credits (bnc#822077). * re-enable io tracing (bnc#785901). * SUNRPC: Prevent an rpc_task wakeup race (bnc#825591). * tg3: Prevent system hang during repeated EEH errors (bnc#822066). * backends: Check for insane amounts of requests on the ring. * Update Xen patches to 3.0.82. * netiucv: Hold rtnl between name allocation and device registration (bnc#824159). * drm/edid: Do not print messages regarding stereo or csync by default (bnc #821235). * net/sunrpc: xpt_auth_cache should be ignored when expired (bnc#803320). * sunrpc/cache: ensure items removed from cache do not have pending upcalls (bnc#803320). * sunrpc/cache: remove races with queuing an upcall (bnc#803320). * sunrpc/cache: use cache_fresh_unlocked consistently and correctly (bnc#803320). * md/raid10 "enough" fixes (bnc#773837). * Update config files: disable IP_PNP (bnc#822825) * Disable efi pstore by default (bnc#804482 bnc#820172). * md: Fix problem with GET_BITMAP_FILE returning wrong status (bnc#812974 bnc#823497). * USB: xHCI: override bogus bulk wMaxPacketSize values (bnc#823082). * ALSA: hda - Fix system panic when DMA > 40 bits for Nvidia audio controllers (bnc#818465). * USB: UHCI: fix for suspend of virtual HP controller (bnc#817035). * mm: mmu_notifier: re-fix freed page still mapped in secondary MMU (bnc#821052). Security Issue references: * CVE-2013-1059 * CVE-2013-1774 * CVE-2013-1819 * CVE-2013-1929 * CVE-2013-2148 * CVE-2013-2164 * CVE-2013-2232 * CVE-2013-2234 * CVE-2013-2237 * CVE-2013-2851 * CVE-2013-4162 * CVE-2013-4163 Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-8265 slessp2-kernel-8273 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-8263 slessp2-kernel-8265 slessp2-kernel-8266 slessp2-kernel-8268 slessp2-kernel-8273 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-8263 sleshasp2-kernel-8265 sleshasp2-kernel-8266 sleshasp2-kernel-8268 sleshasp2-kernel-8273 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-8265 sledsp2-kernel-8273 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.5.1 kernel-default-base-3.0.93-0.5.1 kernel-default-devel-3.0.93-0.5.1 kernel-source-3.0.93-0.5.1 kernel-syms-3.0.93-0.5.1 kernel-trace-3.0.93-0.5.1 kernel-trace-base-3.0.93-0.5.1 kernel-trace-devel-3.0.93-0.5.1 kernel-xen-devel-3.0.93-0.5.1 xen-kmp-trace-4.1.5_02_3.0.93_0.5-0.5.39 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.5.1 kernel-pae-base-3.0.93-0.5.1 kernel-pae-devel-3.0.93-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.5.1 kernel-default-base-3.0.93-0.5.1 kernel-default-devel-3.0.93-0.5.1 kernel-source-3.0.93-0.5.1 kernel-syms-3.0.93-0.5.1 kernel-trace-3.0.93-0.5.1 kernel-trace-base-3.0.93-0.5.1 kernel-trace-devel-3.0.93-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.93]: kernel-ec2-3.0.93-0.5.1 kernel-ec2-base-3.0.93-0.5.1 kernel-ec2-devel-3.0.93-0.5.1 kernel-xen-3.0.93-0.5.1 kernel-xen-base-3.0.93-0.5.1 kernel-xen-devel-3.0.93-0.5.1 xen-kmp-default-4.1.5_02_3.0.93_0.5-0.5.39 xen-kmp-trace-4.1.5_02_3.0.93_0.5-0.5.39 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.93]: kernel-default-man-3.0.93-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.93]: kernel-ppc64-3.0.93-0.5.1 kernel-ppc64-base-3.0.93-0.5.1 kernel-ppc64-devel-3.0.93-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.5.1 kernel-pae-base-3.0.93-0.5.1 kernel-pae-devel-3.0.93-0.5.1 xen-kmp-pae-4.1.5_02_3.0.93_0.5-0.5.39 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.93_0.5-2.18.61 cluster-network-kmp-trace-1.4_3.0.93_0.5-2.18.61 gfs2-kmp-default-2_3.0.93_0.5-0.7.91 gfs2-kmp-trace-2_3.0.93_0.5-0.7.91 ocfs2-kmp-default-1.6_3.0.93_0.5-0.11.60 ocfs2-kmp-trace-1.6_3.0.93_0.5-0.11.60 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.93_0.5-2.18.61 gfs2-kmp-xen-2_3.0.93_0.5-0.7.91 ocfs2-kmp-xen-1.6_3.0.93_0.5-0.11.60 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.93_0.5-2.18.61 gfs2-kmp-ppc64-2_3.0.93_0.5-0.7.91 ocfs2-kmp-ppc64-1.6_3.0.93_0.5-0.11.60 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.93_0.5-2.18.61 gfs2-kmp-pae-2_3.0.93_0.5-0.7.91 ocfs2-kmp-pae-1.6_3.0.93_0.5-0.11.60 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.93]: kernel-default-3.0.93-0.5.1 kernel-default-base-3.0.93-0.5.1 kernel-default-devel-3.0.93-0.5.1 kernel-default-extra-3.0.93-0.5.1 kernel-source-3.0.93-0.5.1 kernel-syms-3.0.93-0.5.1 kernel-trace-3.0.93-0.5.1 kernel-trace-base-3.0.93-0.5.1 kernel-trace-devel-3.0.93-0.5.1 kernel-trace-extra-3.0.93-0.5.1 kernel-xen-3.0.93-0.5.1 kernel-xen-base-3.0.93-0.5.1 kernel-xen-devel-3.0.93-0.5.1 kernel-xen-extra-3.0.93-0.5.1 xen-kmp-default-4.1.5_02_3.0.93_0.5-0.5.39 xen-kmp-trace-4.1.5_02_3.0.93_0.5-0.5.39 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.93]: kernel-pae-3.0.93-0.5.1 kernel-pae-base-3.0.93-0.5.1 kernel-pae-devel-3.0.93-0.5.1 kernel-pae-extra-3.0.93-0.5.1 xen-kmp-pae-4.1.5_02_3.0.93_0.5-0.5.39 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.93_0.5-0.14.72 ext4-writeable-kmp-trace-0_3.0.93_0.5-0.14.72 kernel-default-extra-3.0.93-0.5.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.93_0.5-0.14.72 kernel-xen-extra-3.0.93-0.5.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.93_0.5-0.14.72 kernel-ppc64-extra-3.0.93-0.5.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.93_0.5-0.14.72 kernel-pae-extra-3.0.93-0.5.1 References: http://support.novell.com/security/cve/CVE-2013-1059.html http://support.novell.com/security/cve/CVE-2013-1774.html http://support.novell.com/security/cve/CVE-2013-1819.html http://support.novell.com/security/cve/CVE-2013-1929.html http://support.novell.com/security/cve/CVE-2013-2148.html http://support.novell.com/security/cve/CVE-2013-2164.html http://support.novell.com/security/cve/CVE-2013-2232.html http://support.novell.com/security/cve/CVE-2013-2234.html http://support.novell.com/security/cve/CVE-2013-2237.html http://support.novell.com/security/cve/CVE-2013-2851.html http://support.novell.com/security/cve/CVE-2013-4162.html http://support.novell.com/security/cve/CVE-2013-4163.html https://bugzilla.novell.com/745640 https://bugzilla.novell.com/760407 https://bugzilla.novell.com/765523 https://bugzilla.novell.com/773006 https://bugzilla.novell.com/773255 https://bugzilla.novell.com/773837 https://bugzilla.novell.com/783475 https://bugzilla.novell.com/785901 https://bugzilla.novell.com/789010 https://bugzilla.novell.com/801427 https://bugzilla.novell.com/803320 https://bugzilla.novell.com/804482 https://bugzilla.novell.com/805371 https://bugzilla.novell.com/806396 https://bugzilla.novell.com/806976 https://bugzilla.novell.com/807471 https://bugzilla.novell.com/807502 https://bugzilla.novell.com/808940 https://bugzilla.novell.com/809122 https://bugzilla.novell.com/812526 https://bugzilla.novell.com/812974 https://bugzilla.novell.com/813604 https://bugzilla.novell.com/813733 https://bugzilla.novell.com/814336 https://bugzilla.novell.com/815320 https://bugzilla.novell.com/816043 https://bugzilla.novell.com/817035 https://bugzilla.novell.com/817377 https://bugzilla.novell.com/818465 https://bugzilla.novell.com/819363 https://bugzilla.novell.com/819523 https://bugzilla.novell.com/820172 https://bugzilla.novell.com/820434 https://bugzilla.novell.com/821052 https://bugzilla.novell.com/821235 https://bugzilla.novell.com/822066 https://bugzilla.novell.com/822077 https://bugzilla.novell.com/822575 https://bugzilla.novell.com/822825 https://bugzilla.novell.com/823082 https://bugzilla.novell.com/823342 https://bugzilla.novell.com/823497 https://bugzilla.novell.com/823517 https://bugzilla.novell.com/824159 https://bugzilla.novell.com/824295 https://bugzilla.novell.com/824915 https://bugzilla.novell.com/825048 https://bugzilla.novell.com/825142 https://bugzilla.novell.com/825227 https://bugzilla.novell.com/825591 https://bugzilla.novell.com/825657 https://bugzilla.novell.com/825887 https://bugzilla.novell.com/826350 https://bugzilla.novell.com/826960 https://bugzilla.novell.com/827372 https://bugzilla.novell.com/827376 https://bugzilla.novell.com/827378 https://bugzilla.novell.com/827749 https://bugzilla.novell.com/827750 https://bugzilla.novell.com/828119 https://bugzilla.novell.com/828192 https://bugzilla.novell.com/828574 https://bugzilla.novell.com/828714 https://bugzilla.novell.com/829082 https://bugzilla.novell.com/829357 https://bugzilla.novell.com/829622 https://bugzilla.novell.com/830901 https://bugzilla.novell.com/831055 https://bugzilla.novell.com/831058 https://bugzilla.novell.com/831410 https://bugzilla.novell.com/831949 http://download.novell.com/patch/finder/?keywords=37bf52c8f30673eaef1970970698701e http://download.novell.com/patch/finder/?keywords=4a2bbac89400f453e7fd3d5ecfec7219 http://download.novell.com/patch/finder/?keywords=64fe0c8fdb37a802ba1d3ab22a684324 http://download.novell.com/patch/finder/?keywords=7522b3dcec7839a895be8a9096288d5f http://download.novell.com/patch/finder/?keywords=c4c1ef1e3b6233de0340a68123f55d86 http://download.novell.com/patch/finder/?keywords=c98e807bf90b60764d8c0872c16e54e0 http://download.novell.com/patch/finder/?keywords=d97a0a8ee838ab1460d0786af49172c7 http://download.novell.com/patch/finder/?keywords=dc6670827fef356e4d0d6ee07e80fc96 http://download.novell.com/patch/finder/?keywords=f12db006ffe558db54493c84413574ed http://download.novell.com/patch/finder/?keywords=f931e6a6db71d7ce590fa784445c6894 From sle-updates at lists.suse.com Mon Sep 23 09:04:12 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 23 Sep 2013 17:04:12 +0200 (CEST) Subject: SUSE-RU-2013:1434-2: Recommended update for kvm Message-ID: <20130923150412.0C7703238E@maintenance.suse.de> SUSE Recommended Update: Recommended update for kvm ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1434-2 Rating: low References: #821819 #824340 #829800 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update from kvm 1.4.1 to 1.4.2 provides the following additional fixes and enhancements: * Backport TLS support for VNC Websockets from QEMU v1.5.0 (bnc#821819, fate#315032) * Fixes for s390x dictzip support (bnc#824340). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kvm-8328 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kvm-8328 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.7.15 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.7.15 References: https://bugzilla.novell.com/821819 https://bugzilla.novell.com/824340 https://bugzilla.novell.com/829800 http://download.novell.com/patch/finder/?keywords=12f8f69d901fbbecb60fdb150b2b8b67 From sle-updates at lists.suse.com Tue Sep 24 13:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 24 Sep 2013 21:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1486-1: important: Recommended update for release-notes-suse-cloud Message-ID: <20130924190409.8654032068@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-suse-cloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1486-1 Rating: important References: #841303 Affected Products: SUSE Cloud 2.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Cloud 2.0. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 2.0: zypper in -t patch sleclo20sp3-release-notes-suse-cloud-8347 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 2.0 (noarch) [New Version: 2.0.3]: release-notes-suse-cloud-2.0.3-0.7.1 References: https://bugzilla.novell.com/841303 http://download.novell.com/patch/finder/?keywords=ffe79b1379bde2973ea766ef50ec454c From sle-updates at lists.suse.com Tue Sep 24 16:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Sep 2013 00:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1487-1: Recommended update for perl-Bootloader Message-ID: <20130924220410.3CD7D32057@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-Bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1487-1 Rating: low References: #820339 #823601 #828498 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for perl-Bootloader provides the following fixes and enhancements: * Speed up device scanning code by avoiding external program calls. (bnc #823601) * Fix duplicate boot label handling. (bnc #828498) * Propagate file close error. (bnc #820339) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-perl-Bootloader-8169 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-perl-Bootloader-8169 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-perl-Bootloader-8169 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.4.89.56]: perl-Bootloader-0.4.89.56-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.4.89.56]: perl-Bootloader-0.4.89.56-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.4.89.56]: perl-Bootloader-0.4.89.56-0.7.1 References: https://bugzilla.novell.com/820339 https://bugzilla.novell.com/823601 https://bugzilla.novell.com/828498 http://download.novell.com/patch/finder/?keywords=800e6aadb8409cc638191198bf4e9f5b From sle-updates at lists.suse.com Wed Sep 25 09:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Sep 2013 17:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1488-1: moderate: Recommended update for timezone Message-ID: <20130925150411.92FE832021@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1488-1 Rating: moderate References: #828372 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest timezone information for your system. The changes in detail are: * Morocco's midsummer transitions this year are July 7 and August 10 * Israel now falls back on the last Sunday of October * Palestine observed DST starting March 29, 2013 * From 2013 on, Gaza and Hebron both observe DST. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS: zypper in -t patch slessp1-timezone-2013d-8245 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-timezone-2013d-8245 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64) [New Version: 2013d]: timezone-2013d-0.3.6 - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.10 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 2013d]: timezone-2013d-0.3.6 - SUSE Linux Enterprise Server 11 SP1 LTSS (noarch) [New Version: 2013d]: timezone-java-2013d-0.3.10 References: https://bugzilla.novell.com/828372 http://download.novell.com/patch/finder/?keywords=9389db03c94efb7bea70abf64d162e5f From sle-updates at lists.suse.com Wed Sep 25 12:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 25 Sep 2013 20:04:11 +0200 (CEST) Subject: SUSE-SU-2013:1489-1: moderate: Security update for coreutils Message-ID: <20130925180411.1BAB632050@maintenance.suse.de> SUSE Security Update: Security update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1489-1 Rating: moderate References: #796243 #798538 #798541 Cross-References: CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This coreutils update fixes three minor security issues: * VUL-1: CVE-2013-0221: segmentation fault in "sort -d" and "sort -M" with long line input (bnc#798538) * VUL-1: CVE-2013-0222: segmentation fault in "uniq" with long line input (bnc#796243) * VUL-1: CVE-2013-0223: segmentation fault in "join -i" with long line input (bnc#798541) Security Issue references: * CVE-2013-0221 * CVE-2013-0222 * CVE-2013-0223 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-coreutils-8336 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-coreutils-8336 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-coreutils-8334 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-coreutils-8334 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-coreutils-8336 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-coreutils-8334 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): coreutils-x86-8.12-6.25.29.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): coreutils-x86-8.12-6.25.29.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): coreutils-8.12-6.25.29.1 coreutils-lang-8.12-6.25.29.1 References: http://support.novell.com/security/cve/CVE-2013-0221.html http://support.novell.com/security/cve/CVE-2013-0222.html http://support.novell.com/security/cve/CVE-2013-0223.html https://bugzilla.novell.com/796243 https://bugzilla.novell.com/798538 https://bugzilla.novell.com/798541 http://download.novell.com/patch/finder/?keywords=a424a30e440c41865ae2d1be367f600b http://download.novell.com/patch/finder/?keywords=c40186dc1a0ccee10f0c5b83fa0ad01d From sle-updates at lists.suse.com Wed Sep 25 20:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 26 Sep 2013 04:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1490-1: Recommended update for multipath-tools Message-ID: <20130926020409.C977F32057@maintenance.suse.de> SUSE Recommended Update: Recommended update for multipath-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1490-1 Rating: low References: #774610 #787438 #789008 #797799 #800353 #802456 #802837 #803262 #824148 #828868 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 10 recommended fixes can now be installed. Description: This consolidated update for multipath-tools provides the following fixes: * Reset queue_if_no_path if flush failed. (bnc#828868) * Fix setting of fast_io_fail_tmo. (bnc#824148) * Create correct symbolic links for PATH_FAILED events. (bnc#797799) * Increase dev_loss_tmo prior to fast_io_fail. (bnc#800353) * alua: Do not add preferred path priority for active/optimized. (bnc#802456) * Document 'infinity' as possible value for dev_loss_tmo. (bnc#802837, bnc#803262) * Add 'Datacore Virtual Disk' to internal hardware table. (bnc#802837) * Add path when transitioned from 'blocked' state. (bnc#789008) * Handle blocked FC rports. (bnc#787438) * Document rr_min_io_rq. (bnc#774610) * Backport miscellaneous fixes from mainline: o Don't set queue_if_no_path without multipathd o Open stdout/stderr in read/write mode o Better argument type checking o Use VECTOR_SIZE for vector_foreach_slot_after() o Fix memory leak in add_map_without_path() o Shorten timeout for alua prio callout o Handle offlined path o Set ACT_RESIZE when the size has changed o Check header file instead of installed lib o kpartx: verify GUID partition entry size. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kpartx-8339 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kpartx-8339 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kpartx-8339 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): kpartx-0.4.9-0.70.72.1 multipath-tools-0.4.9-0.70.72.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): kpartx-0.4.9-0.70.72.1 multipath-tools-0.4.9-0.70.72.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kpartx-0.4.9-0.70.72.1 multipath-tools-0.4.9-0.70.72.1 References: https://bugzilla.novell.com/774610 https://bugzilla.novell.com/787438 https://bugzilla.novell.com/789008 https://bugzilla.novell.com/797799 https://bugzilla.novell.com/800353 https://bugzilla.novell.com/802456 https://bugzilla.novell.com/802837 https://bugzilla.novell.com/803262 https://bugzilla.novell.com/824148 https://bugzilla.novell.com/828868 http://download.novell.com/patch/finder/?keywords=b4a495f03db72f884dcf9fb55549f6f4 From sle-updates at lists.suse.com Fri Sep 27 14:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 27 Sep 2013 22:04:10 +0200 (CEST) Subject: SUSE-SU-2013:1497-1: important: Security update for Mozilla Firefox Message-ID: <20130927200410.3C6303205C@maintenance.suse.de> SUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:1497-1 Rating: important References: #840485 Cross-References: CVE-2013-1705 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1726 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes one version update. Description: This update to Firefox 17.0.9esr (bnc#840485) addresses: * MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object o (CVE-2013-1737) * MFSA 2013-90 Memory corruption involving scrolling o use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) o Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) * MFSA 2013-89 Buffer overflow with multi-column, lists, and floats o buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) * MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes o compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) * MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification o MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) * MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption o ABORT: bad scope for new JSObjects: ReparentWrapper / document.open (CVE-2013-1725) * MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning o Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) * MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * MFSA 2013-65 Buffer underflow when generating CRMF requests o ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705) Security Issue references: * CVE-2013-1737 * CVE-2013-1735 * CVE-2013-1736 * CVE-2013-1732 * CVE-2013-1730 * CVE-2013-1726 * CVE-2013-1725 * CVE-2013-1722 * CVE-2013-1718 * CVE-2013-1705 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-MozillaFirefox-8344 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-MozillaFirefox-8344 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-MozillaFirefox-8344 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-MozillaFirefox-8346 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-MozillaFirefox-8346 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-MozillaFirefox-8344 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-MozillaFirefox-8346 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-17.0.9esr-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.7.1 MozillaFirefox-translations-17.0.9esr-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.7.1 MozillaFirefox-translations-17.0.9esr-0.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.3.1 MozillaFirefox-translations-17.0.9esr-0.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.3.1 MozillaFirefox-translations-17.0.9esr-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.7.1 MozillaFirefox-translations-17.0.9esr-0.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 17.0.9esr]: MozillaFirefox-17.0.9esr-0.3.1 MozillaFirefox-translations-17.0.9esr-0.3.1 References: http://support.novell.com/security/cve/CVE-2013-1705.html http://support.novell.com/security/cve/CVE-2013-1718.html http://support.novell.com/security/cve/CVE-2013-1722.html http://support.novell.com/security/cve/CVE-2013-1725.html http://support.novell.com/security/cve/CVE-2013-1726.html http://support.novell.com/security/cve/CVE-2013-1730.html http://support.novell.com/security/cve/CVE-2013-1732.html http://support.novell.com/security/cve/CVE-2013-1735.html http://support.novell.com/security/cve/CVE-2013-1736.html http://support.novell.com/security/cve/CVE-2013-1737.html https://bugzilla.novell.com/840485 http://download.novell.com/patch/finder/?keywords=4df7bcc5f235f358ce6dcbd142b37d5a http://download.novell.com/patch/finder/?keywords=a1902baf1b0df196651ea0bae84e6001 From sle-updates at lists.suse.com Fri Sep 27 20:04:10 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 28 Sep 2013 04:04:10 +0200 (CEST) Subject: SUSE-RU-2013:1498-1: Recommended update for curl Message-ID: <20130928020410.7F4D83204F@maintenance.suse.de> SUSE Recommended Update: Recommended update for curl ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1498-1 Rating: low References: #810010 #820996 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for curl adds Digicert and TC TrustCenter Class 2 CA II certificates to the CA bundle. Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): curl-7.15.1-19.18.31.1 curl-devel-7.15.1-19.18.31.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): curl-32bit-7.15.1-19.18.31.1 References: https://bugzilla.novell.com/810010 https://bugzilla.novell.com/820996 http://download.novell.com/patch/finder/?keywords=7af1c18080e36baf69699d4ea300aee5 From sle-updates at lists.suse.com Mon Sep 30 13:04:09 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Sep 2013 21:04:09 +0200 (CEST) Subject: SUSE-RU-2013:1512-1: moderate: Recommended update for puppet Message-ID: <20130930190409.AEF0132126@maintenance.suse.de> SUSE Recommended Update: Recommended update for puppet ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1512-1 Rating: moderate References: #835848 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for puppet fixes a regression introduced by the fix for CVE-2013-3567. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-puppet-8324 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-puppet-8324 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-puppet-8323 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-puppet-8323 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-puppet-8324 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-puppet-8323 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): puppet-2.6.18-0.8.1 puppet-server-2.6.18-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): puppet-2.6.18-0.8.1 puppet-server-2.6.18-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.6.18]: puppet-2.6.18-0.8.1 puppet-server-2.6.18-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.18]: puppet-2.6.18-0.8.1 puppet-server-2.6.18-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): puppet-2.6.18-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.18]: puppet-2.6.18-0.8.1 References: https://bugzilla.novell.com/835848 http://download.novell.com/patch/finder/?keywords=76206e366ea3681d2939de14af0b1853 http://download.novell.com/patch/finder/?keywords=8ccdd2dffac165e124a404a9e64f389f From sle-updates at lists.suse.com Mon Sep 30 14:04:11 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Sep 2013 22:04:11 +0200 (CEST) Subject: SUSE-RU-2013:1513-1: moderate: Recommended update for facter Message-ID: <20130930200411.E08E1320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for facter ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1513-1 Rating: moderate References: #803831 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for facter removes the relationship between the domain fact and LDAP/NIS domains. The domain fact now relates exclusively to the DNS domain. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-facter-8302 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-facter-8302 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-facter-8301 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-facter-8301 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-facter-8302 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-facter-8301 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): facter-1.5.2-1.22.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): facter-1.5.2-1.22.3.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): facter-1.5.2-1.22.3.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): facter-1.5.2-1.22.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): facter-1.5.2-1.22.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): facter-1.5.2-1.22.3.1 References: https://bugzilla.novell.com/803831 http://download.novell.com/patch/finder/?keywords=616a74ac0b10e4940aa6d94505048580 http://download.novell.com/patch/finder/?keywords=93b4ca5e25ad4150d072a9c383fe06a2 From sle-updates at lists.suse.com Mon Sep 30 14:04:16 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Sep 2013 22:04:16 +0200 (CEST) Subject: SUSE-RU-2013:1514-1: Recommended update for openssl-certs Message-ID: <20130930200416.1050B320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssl-certs ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1514-1 Rating: low References: #834468 Affected Products: SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: The openssl-certs certificate store was updated with Mozilla certdata.txt 1.85. The following changes were done: - new "Actalis Authentication Root CA" - new "Trustis FPS Root CA" - new "StartCom Certification Authority" - new "StartCom Certification Authority G2" - new "Buypass Class 2 Root CA" - new "Buypass Class 3 Root CA" - updated: "Sonera Class2 CA": remove code-signing - updated: "thawte Primary Root CA": added code-signing - updated: "Trustis_FPS_Root_CA.pem": added code-signing - updated: VeriSign Class 3 Public Primary Certification Authority - G5": added code-signing, email-protection Mozilla tracker bug: https://bugzilla.mozilla.org/show_bug.cgi?id=757197 Package List: - SUSE Linux Enterprise Server 10 SP3 LTSS (noarch) [New Version: 1.85]: openssl-certs-1.85-0.14.14 References: https://bugzilla.novell.com/834468 http://download.novell.com/patch/finder/?keywords=f309d9a6ac027a30dcd92066620cfa75 From sle-updates at lists.suse.com Mon Sep 30 14:04:21 2013 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 30 Sep 2013 22:04:21 +0200 (CEST) Subject: SUSE-RU-2013:1515-1: Recommended update for xml-commons Message-ID: <20130930200421.7143C320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for xml-commons ______________________________________________________________________________ Announcement ID: SUSE-RU-2013:1515-1 Rating: low References: #833696 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update relaxes dependencies between xml-commons and its sub-packages to fix an issue in online migration. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-xml-commons-8207 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xml-commons-8208 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xml-commons-8207 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-xml-commons-8208 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xml-commons-8208 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-xml-commons-8207 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xml-commons-8207 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xml-commons-8208 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xml-commons-8207 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (noarch): xml-commons-apis-1.3.02-227.31.3 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): xml-commons-apis-javadoc-1.3.02-227.31.3 xml-commons-apis-manual-1.3.02-227.31.3 xml-commons-which-1.3.02-227.31.3 xml-commons-which-javadoc-1.3.02-227.31.3 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): xml-commons-apis-1.3.02-227.31.3 xml-commons-apis-javadoc-1.3.02-227.31.3 xml-commons-apis-manual-1.3.02-227.31.3 xml-commons-which-1.3.02-227.31.3 xml-commons-which-javadoc-1.3.02-227.31.3 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): xml-commons-1.3.02-227.31.3 - SUSE Linux Enterprise Server 11 SP3 (noarch): xml-commons-1.3.02-227.31.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): xml-commons-1.3.02-227.31.3 - SUSE Linux Enterprise Server 11 SP2 (noarch): xml-commons-1.3.02-227.31.3 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): xml-commons-1.3.02-227.31.3 xml-commons-apis-1.3.02-227.31.3 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): xml-commons-1.3.02-227.31.3 xml-commons-apis-1.3.02-227.31.3 References: https://bugzilla.novell.com/833696 http://download.novell.com/patch/finder/?keywords=3f56b4aa6f69fa452ec1730565a896ff http://download.novell.com/patch/finder/?keywords=d541ff252527002957aecc134791872b