From sle-updates at lists.suse.com Mon Nov 3 08:04:45 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 3 Nov 2014 16:04:45 +0100 (CET) Subject: SUSE-RU-2014:1351-1: update for shotwell Message-ID: <20141103150445.CC21C3225B@maintenance.suse.de> SUSE Recommended Update: update for shotwell ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1351-1 Rating: low References: #899715 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for shotwell fixes a potential crash when updating the date/time of a photo. (bnc#899715) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2014-64 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-64 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): shotwell-0.15.1-5.2 shotwell-debuginfo-0.15.1-5.2 shotwell-debugsource-0.15.1-5.2 - SUSE Linux Enterprise Workstation Extension 12 (noarch): shotwell-lang-0.15.1-5.2 - SUSE Linux Enterprise Desktop 12 (x86_64): shotwell-0.15.1-5.2 shotwell-debuginfo-0.15.1-5.2 shotwell-debugsource-0.15.1-5.2 - SUSE Linux Enterprise Desktop 12 (noarch): shotwell-lang-0.15.1-5.2 References: https://bugzilla.suse.com/show_bug.cgi?id=899715 From sle-updates at lists.suse.com Mon Nov 3 16:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 4 Nov 2014 00:04:41 +0100 (CET) Subject: SUSE-SU-2014:1352-1: Security update for nagios-plugins Message-ID: <20141103230441.6F53E3224E@maintenance.suse.de> SUSE Security Update: Security update for nagios-plugins ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1352-1 Rating: low References: #885205 #885207 Cross-References: CVE-2014-4701 CVE-2014-4702 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This security update fixes the following issues: * Removed the requirement for root access from plugins-root/check_icmp.c and plugins-root/check_icmp.c. The necessary capabilities(7) were added to the README file. * Fixed array out of bounds issue in plugins-root/check_dhcp.c. Security Issues: * CVE-2014-4701 * CVE-2014-4702 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nagios-plugins-9830 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nagios-plugins-9830 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nagios-plugins-1.4.16-0.13.1 nagios-plugins-extras-1.4.16-0.13.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nagios-plugins-1.4.16-0.13.1 nagios-plugins-extras-1.4.16-0.13.1 References: http://support.novell.com/security/cve/CVE-2014-4701.html http://support.novell.com/security/cve/CVE-2014-4702.html https://bugzilla.suse.com/show_bug.cgi?id=885205 https://bugzilla.suse.com/show_bug.cgi?id=885207 http://download.suse.com/patch/finder/?keywords=b4db34880091dfd9e3b8fe0ef06e0b30 From sle-updates at lists.suse.com Tue Nov 4 14:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 4 Nov 2014 22:04:41 +0100 (CET) Subject: SUSE-SU-2014:1356-1: important: Security update for wpa_supplicant Message-ID: <20141104210441.AABA532261@maintenance.suse.de> SUSE Security Update: Security update for wpa_supplicant ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1356-1 Rating: important References: #868937 #900611 Cross-References: CVE-2014-3686 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update fixes a remote code execution vulnerability in wpa_supplicant's wpa_cli and hostapd_cli tools. CVE-2014-3686 has been assigned to this issue. Additionally, password based authentication with PKCS#5v2 has been enabled. Security Issues: * CVE-2014-3686 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wpa_supplicant-9894 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wpa_supplicant-9894 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wpa_supplicant-9894 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): wpa_supplicant-0.7.1-6.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): wpa_supplicant-0.7.1-6.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): wpa_supplicant-0.7.1-6.15.1 wpa_supplicant-gui-0.7.1-6.15.1 References: http://support.novell.com/security/cve/CVE-2014-3686.html https://bugzilla.suse.com/show_bug.cgi?id=868937 https://bugzilla.suse.com/show_bug.cgi?id=900611 http://download.suse.com/patch/finder/?keywords=9f3807d02ddf4d7bc2ece4eadc5e4618 From sle-updates at lists.suse.com Tue Nov 4 15:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 4 Nov 2014 23:04:42 +0100 (CET) Subject: SUSE-SU-2014:1357-1: important: Security update for openssl1 Message-ID: <20141104220442.1D47532261@maintenance.suse.de> SUSE Security Update: Security update for openssl1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1357-1 Rating: important References: #901223 #901277 Cross-References: CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Security Module 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This OpenSSL update fixes the following issues: * SRTP Memory Leak (CVE-2014-3513) * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3513 * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Security Module 11 SP3: zypper in -t patch secsp3-libopenssl1-devel-9904 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl1-devel-1.0.1g-0.22.1 libopenssl1_0_0-1.0.1g-0.22.1 openssl1-1.0.1g-0.22.1 openssl1-doc-1.0.1g-0.22.1 - SUSE Linux Enterprise Security Module 11 SP3 (ppc64 s390x x86_64): libopenssl1_0_0-32bit-1.0.1g-0.22.1 - SUSE Linux Enterprise Security Module 11 SP3 (ia64): libopenssl1_0_0-x86-1.0.1g-0.22.1 References: http://support.novell.com/security/cve/CVE-2014-3513.html http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=b73f6fe02c4bdbb47052a845f36d3df3 From sle-updates at lists.suse.com Wed Nov 5 11:04:46 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 5 Nov 2014 19:04:46 +0100 (CET) Subject: SUSE-SU-2014:1360-1: important: Security update for flash-player Message-ID: <20141105180446.CA93832269@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1360-1 Rating: important References: #901334 Cross-References: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: This update fixes multiple code execution vulnerabilities in flash-player (APSB14-22). CVE-2014-0564, CVE-2014-0558 and CVE-2014-0569 have been assigned to this issue. Security Issues: * CVE-2014-0569 * CVE-2014-0564 * CVE-2014-0558 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-9898 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.411]: flash-player-11.2.202.411-0.3.1 flash-player-gnome-11.2.202.411-0.3.1 flash-player-kde4-11.2.202.411-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-0558.html http://support.novell.com/security/cve/CVE-2014-0564.html http://support.novell.com/security/cve/CVE-2014-0569.html https://bugzilla.suse.com/show_bug.cgi?id=901334 http://download.suse.com/patch/finder/?keywords=0b0fcd5f0c6d6239531808e458c92968 From sle-updates at lists.suse.com Wed Nov 5 15:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 5 Nov 2014 23:04:43 +0100 (CET) Subject: SUSE-SU-2014:1361-1: important: Security update for OpenSSL Message-ID: <20141105220443.B871B32266@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1361-1 Rating: important References: #892403 #901223 #901277 Cross-References: CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libopenssl-devel-9915 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libopenssl-devel-9915 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libopenssl-devel-9915 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libopenssl-devel-9915 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libopenssl0_9_8-x86-0.9.8j-0.66.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libopenssl0_9_8-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libopenssl0_9_8-32bit-0.9.8j-0.66.1 References: http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=892403 https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=e15c3470343095d331f7120ec6953c18 From sle-updates at lists.suse.com Thu Nov 6 03:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Nov 2014 11:04:39 +0100 (CET) Subject: SUSE-RU-2014:1364-1: Recommended update for sm-ncc-sync-data Message-ID: <20141106100439.B59F832266@maintenance.suse.de> SUSE Recommended Update: Recommended update for sm-ncc-sync-data ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1364-1 Rating: low References: #883057 Affected Products: SUSE Manager Server SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for sm-ncc-sync-data contains the following changes: * Add SUSE Cloud 4 channels. (bnc#883057) * Add channels for SUSE Manager Server 2.1 s390x. * Fix parent label of the LTSS channel for SLMS. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-sm-ncc-sync-data-9812 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-sm-ncc-sync-data-9813 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (noarch): sm-ncc-sync-data-2.1.7-0.7.1 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.20]: sm-ncc-sync-data-1.7.20-0.5.1 References: https://bugzilla.suse.com/show_bug.cgi?id=883057 http://download.suse.com/patch/finder/?keywords=aa00353fb91649da7ed1aafff71fa32b http://download.suse.com/patch/finder/?keywords=c3b3231fa224aff4005dc45f00360e29 From sle-updates at lists.suse.com Thu Nov 6 04:04:37 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Nov 2014 12:04:37 +0100 (CET) Subject: SUSE-SU-2014:1365-1: Security update for openstack-keystone Message-ID: <20141106110437.BE40A32266@maintenance.suse.de> SUSE Security Update: Security update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1365-1 Rating: low References: #895847 #897467 #897744 #897815 Cross-References: CVE-2014-3621 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. It includes one version update. Description: This update for openstack-keystone provides stability and security fixes from the upstream OpenStack project: * Adds a whitelist for endpoint catalog substitution (bnc#895847, CVE-2014-3621) * Avoid conversion of binary LDAP values (bnc#897467) * No longer allow listing users by email * Add alternative hybrid backends for assignment and identity (bnc#897744) * Add workaround to support tox 1.7.2. Security Issues: * CVE-2014-3621 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-openstack-keystone-9803 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64) [New Version: 2014.1.3.dev18.g878f12e]: openstack-keystone-2014.1.3.dev18.g878f12e-0.7.1 python-keystone-2014.1.3.dev18.g878f12e-0.7.1 - SUSE Cloud 4 (noarch) [New Version: 2014.1.3.dev18.g878f12e]: openstack-keystone-doc-2014.1.3.dev18.g878f12e-0.7.1 References: http://support.novell.com/security/cve/CVE-2014-3621.html https://bugzilla.suse.com/show_bug.cgi?id=895847 https://bugzilla.suse.com/show_bug.cgi?id=897467 https://bugzilla.suse.com/show_bug.cgi?id=897744 https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=06409b3a52776d0d0f35109f5c0ef16e From sle-updates at lists.suse.com Thu Nov 6 04:05:25 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Nov 2014 12:05:25 +0100 (CET) Subject: SUSE-SU-2014:1366-1: important: Security update for wget Message-ID: <20141106110525.6C92E3226C@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1366-1 Rating: important References: #885069 #901276 #902709 Cross-References: CVE-2014-4877 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: wget has been updated to fix one security issue and two non-security issues. This security issue has been fixed: * FTP symlink arbitrary filesystem access (CVE-2014-4877). These non-security issues have been fixed: * Fix displaying of download time (bnc#901276). * Fix 0 size FTP downloads after failure (bnc#885069). Security Issues: * CVE-2014-4877 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wget-9933 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wget-9933 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wget-9933 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): wget-1.11.4-1.19.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): wget-1.11.4-1.19.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): wget-1.11.4-1.19.1 References: http://support.novell.com/security/cve/CVE-2014-4877.html https://bugzilla.suse.com/show_bug.cgi?id=885069 https://bugzilla.suse.com/show_bug.cgi?id=901276 https://bugzilla.suse.com/show_bug.cgi?id=902709 http://download.suse.com/patch/finder/?keywords=d96cdee826ff50cd0ca912a8870edafc From sle-updates at lists.suse.com Thu Nov 6 13:04:38 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 6 Nov 2014 21:04:38 +0100 (CET) Subject: SUSE-RU-2014:1367-1: Recommended update for xmlstarlet Message-ID: <20141106200438.F325732266@maintenance.suse.de> SUSE Recommended Update: Recommended update for xmlstarlet ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1367-1 Rating: low References: #900891 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for xmlstarlet adds a symbolic link /usr/bin/xmlstarlet pointing to the "xml" binary. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xmlstarlet-9895 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): xmlstarlet-1.0.1-3.17.1 References: https://bugzilla.suse.com/show_bug.cgi?id=900891 http://download.suse.com/patch/finder/?keywords=94e6f742a3098e8a4c0819332c5b6919 From sle-updates at lists.suse.com Mon Nov 10 09:04:40 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 10 Nov 2014 17:04:40 +0100 (CET) Subject: SUSE-RU-2014:1379-1: moderate: maintenance dry run for Live Patching Message-ID: <20141110160440.583DE32266@maintenance.suse.de> SUSE Recommended Update: maintenance dry run for Live Patching ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1379-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: Lorem ipsum dolor sit amet, consectetur cras amet. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2014-65 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_28-4-default-3.12.28_4-4.2 kgraft-patch-3_12_28-4-xen-3.12.28_4-4.2 kgraft-patch-3_12_31-11-default-3.12.32_13-2.3 kgraft-patch-3_12_31-11-xen-3.12.32_13-2.3 References: From sle-updates at lists.suse.com Mon Nov 10 16:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Nov 2014 00:04:42 +0100 (CET) Subject: SUSE-SU-2014:1385-1: important: Security update for MozillaFirefox Message-ID: <20141110230442.55DA932266@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1385-1 Rating: important References: #900941 Cross-References: CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes four new package versions. Description: This version update of Mozilla Firefox to 31.2.0ESR brings improvements, stability fixes and also security fixes for the following CVEs: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586 It also disables SSLv3 by default to mitigate the protocol downgrade attack known as POODLE. Security Issues: * CVE-2014-1574 * CVE-2014-1575 * CVE-2014-1576 * CVE-2014-1577 * CVE-2014-1578 * CVE-2014-1581 * CVE-2014-1583 * CVE-2014-1585 * CVE-2014-1586 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox31-201411-9935 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox31-201411-9935 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox31-201411-9935 - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-firefox31-201411-9936 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox31-201411-9935 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.17.2 and 4.10.7]: MozillaFirefox-devel-31.2.0esr-0.14.2 mozilla-nspr-devel-4.10.7-0.3.3 mozilla-nss-devel-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.14.2 MozillaFirefox-branding-SLES-for-VMware-31.0-0.3.1 MozillaFirefox-translations-31.2.0esr-0.14.2 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.17.2,31.0,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.14.2 MozillaFirefox-branding-SLED-31.0-0.8.1 MozillaFirefox-translations-31.2.0esr-0.14.2 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-x86-3.17.2-0.8.1 libsoftokn3-x86-3.17.2-0.8.1 mozilla-nspr-x86-4.10.7-0.3.3 mozilla-nss-x86-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.9.1 MozillaFirefox-branding-SLED-31.0-0.3.1 MozillaFirefox-translations-31.2.0esr-0.9.1 libfreebl3-3.17.2-0.3.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nspr-devel-4.10.7-0.3.3 mozilla-nss-3.17.2-0.3.1 mozilla-nss-devel-3.17.2-0.3.1 mozilla-nss-tools-3.17.2-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.3.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.17.2,31.0,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.14.2 MozillaFirefox-branding-SLED-31.0-0.8.1 MozillaFirefox-translations-31.2.0esr-0.14.2 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 References: http://support.novell.com/security/cve/CVE-2014-1574.html http://support.novell.com/security/cve/CVE-2014-1575.html http://support.novell.com/security/cve/CVE-2014-1576.html http://support.novell.com/security/cve/CVE-2014-1577.html http://support.novell.com/security/cve/CVE-2014-1578.html http://support.novell.com/security/cve/CVE-2014-1581.html http://support.novell.com/security/cve/CVE-2014-1583.html http://support.novell.com/security/cve/CVE-2014-1585.html http://support.novell.com/security/cve/CVE-2014-1586.html https://bugzilla.suse.com/show_bug.cgi?id=900941 http://download.suse.com/patch/finder/?keywords=c85655eb149a3d8c442f23351866e84d http://download.suse.com/patch/finder/?keywords=f05d011b7e46669b5d0ef6faf942028c From sle-updates at lists.suse.com Mon Nov 10 16:05:00 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Nov 2014 00:05:00 +0100 (CET) Subject: SUSE-SU-2014:1386-1: important: Security update for OpenSSL Message-ID: <20141110230500.92FB63226C@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1386-1 Rating: important References: #892403 #901223 #901277 Cross-References: CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete ((CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3513 * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-libopenssl-devel-9928 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-libopenssl-devel-9927 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): libopenssl-devel-0.9.8j-0.66.1 libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 0.9.8j]: libopenssl-devel-0.9.8j-0.66.1 libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 0.9.8j]: libopenssl0_9_8-32bit-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 References: http://support.novell.com/security/cve/CVE-2014-3513.html http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=892403 https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=842997f20dc51405dbd07abdc8071460 http://download.suse.com/patch/finder/?keywords=8b3e46d68e087bc1f9f9870abd2b6d0d From sle-updates at lists.suse.com Mon Nov 10 17:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Nov 2014 01:04:43 +0100 (CET) Subject: SUSE-SU-2014:1387-1: important: Security update for OpenSSL Message-ID: <20141111000443.8750C3225F@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1387-1 Rating: important References: #901223 #901277 Cross-References: CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete ((CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): openssl-0.9.8a-18.86.3 openssl-devel-0.9.8a-18.86.3 openssl-doc-0.9.8a-18.86.3 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): openssl-32bit-0.9.8a-18.86.3 openssl-devel-32bit-0.9.8a-18.86.3 References: http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=1960c50f351e883d9bffe5194436ac38 From sle-updates at lists.suse.com Tue Nov 11 11:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 11 Nov 2014 19:04:41 +0100 (CET) Subject: SUSE-SU-2014:1392-1: moderate: Security update for Java OpenJDK Message-ID: <20141111180441.213CF3226D@maintenance.suse.de> SUSE Security Update: Security update for Java OpenJDK ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1392-1 Rating: moderate References: #901242 Cross-References: CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6468 CVE-2014-6476 CVE-2014-6485 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6517 CVE-2014-6519 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-6562 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. It includes one version update. Description: Oracle Critical Patch Update Advisory - October 2014 Description: A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Find more information here: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-9906 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.71]: java-1_7_0-openjdk-1.7.0.71-0.7.1 java-1_7_0-openjdk-demo-1.7.0.71-0.7.1 java-1_7_0-openjdk-devel-1.7.0.71-0.7.1 References: http://support.novell.com/security/cve/CVE-2014-4288.html http://support.novell.com/security/cve/CVE-2014-6456.html http://support.novell.com/security/cve/CVE-2014-6457.html http://support.novell.com/security/cve/CVE-2014-6458.html http://support.novell.com/security/cve/CVE-2014-6466.html http://support.novell.com/security/cve/CVE-2014-6468.html http://support.novell.com/security/cve/CVE-2014-6476.html http://support.novell.com/security/cve/CVE-2014-6485.html http://support.novell.com/security/cve/CVE-2014-6492.html http://support.novell.com/security/cve/CVE-2014-6493.html http://support.novell.com/security/cve/CVE-2014-6502.html http://support.novell.com/security/cve/CVE-2014-6503.html http://support.novell.com/security/cve/CVE-2014-6504.html http://support.novell.com/security/cve/CVE-2014-6506.html http://support.novell.com/security/cve/CVE-2014-6511.html http://support.novell.com/security/cve/CVE-2014-6512.html http://support.novell.com/security/cve/CVE-2014-6513.html http://support.novell.com/security/cve/CVE-2014-6515.html http://support.novell.com/security/cve/CVE-2014-6517.html http://support.novell.com/security/cve/CVE-2014-6519.html http://support.novell.com/security/cve/CVE-2014-6527.html http://support.novell.com/security/cve/CVE-2014-6531.html http://support.novell.com/security/cve/CVE-2014-6532.html http://support.novell.com/security/cve/CVE-2014-6558.html http://support.novell.com/security/cve/CVE-2014-6562.html https://bugzilla.suse.com/show_bug.cgi?id=901242 http://download.suse.com/patch/finder/?keywords=d791a31e855e716e966b1399509ccb6d From sle-updates at lists.suse.com Tue Nov 11 17:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Nov 2014 01:04:43 +0100 (CET) Subject: SUSE-RU-2014:1393-1: moderate: Recommended update for coreutils Message-ID: <20141112000443.5D5063225F@maintenance.suse.de> SUSE Recommended Update: Recommended update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1393-1 Rating: moderate References: #886129 #892862 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for coreutils provides the following fixes and enhancements: * cp(1) could read from freed memory and could even make corrupt copies. This could happen with a very fragmented and sparse input file, on file systems supporting filemap extent scanning. (bnc#892862) * Improve ls(1) efficiency on large directories by caching some system call error codes (ENOTSUP for example) and not calling them again for files in the same device. (bnc#886129) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-coreutils-9880 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-coreutils-9880 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-coreutils-9880 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): coreutils-8.12-6.25.31.1 coreutils-lang-8.12-6.25.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): coreutils-8.12-6.25.31.1 coreutils-lang-8.12-6.25.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): coreutils-x86-8.12-6.25.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): coreutils-8.12-6.25.31.1 coreutils-lang-8.12-6.25.31.1 References: https://bugzilla.suse.com/show_bug.cgi?id=886129 https://bugzilla.suse.com/show_bug.cgi?id=892862 http://download.suse.com/patch/finder/?keywords=6747b81d1ee834891235412da63fb646 From sle-updates at lists.suse.com Tue Nov 11 17:05:14 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Nov 2014 01:05:14 +0100 (CET) Subject: SUSE-SU-2014:1394-1: important: Security update for spacewalk-branding Message-ID: <20141112000514.4E8013226B@maintenance.suse.de> SUSE Security Update: Security update for spacewalk-branding ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1394-1 Rating: important References: #899266 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes one version update. Description: This update adds end-user documentation clarification for CVE Audit. Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-spacewalk-branding-9917 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.7.1.12]: spacewalk-branding-1.7.1.12-0.5.1 References: https://bugzilla.suse.com/show_bug.cgi?id=899266 http://download.suse.com/patch/finder/?keywords=d1c110b6c74f0d593398af8fc7520525 From sle-updates at lists.suse.com Wed Nov 12 11:04:40 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Nov 2014 19:04:40 +0100 (CET) Subject: SUSE-SU-2014:1408-1: important: Security update for wget Message-ID: <20141112180440.A90C13226B@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1408-1 Rating: important References: #902709 Cross-References: CVE-2014-4877 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: wget was updated to fix one security issue: * FTP symbolic link arbitrary filesystem access (CVE-2014-4877). Security Issues: * CVE-2014-4877 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): wget-1.10.2-15.14.5 References: http://support.novell.com/security/cve/CVE-2014-4877.html https://bugzilla.suse.com/show_bug.cgi?id=902709 http://download.suse.com/patch/finder/?keywords=c335014fcf83b00f5b1e62db97d8b59c From sle-updates at lists.suse.com Wed Nov 12 11:04:56 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Nov 2014 19:04:56 +0100 (CET) Subject: SUSE-SU-2014:1409-1: important: Security update for OpenSSL Message-ID: <20141112180456.DB9BE3226B@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1409-1 Rating: important References: #901223 #901277 Cross-References: CVE-2014-3566 CVE-2014-3568 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This OpenSSL update fixes the following issues: * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): openssl-0.9.8a-18.86.2 openssl-32bit-0.9.8a-18.86.2 - SLE CLIENT TOOLS 10 for s390x (s390x): openssl-0.9.8a-18.86.2 openssl-32bit-0.9.8a-18.86.2 - SLE CLIENT TOOLS 10 (i586): openssl-0.9.8a-18.86.2 References: http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=a7e7c559a3525ff6c6964f0a67ea2bd8 From sle-updates at lists.suse.com Wed Nov 12 11:05:25 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 12 Nov 2014 19:05:25 +0100 (CET) Subject: SUSE-SU-2014:1366-2: important: Security update for wget Message-ID: <20141112180525.5B57B3226D@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1366-2 Rating: important References: #885069 #901276 #902709 Cross-References: CVE-2014-4877 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: wget was updated to fix one security issue and two non-security issues: * FTP symbolic link arbitrary filesystem access (CVE-2014-4877). * Fix displaying of download time (bnc#901276). * Fix 0 size FTP downloads after failure (bnc#885069). Security Issues: * CVE-2014-4877 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-wget-9939 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-wget-9938 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): wget-1.11.4-1.19.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): wget-1.11.4-1.19.1 References: http://support.novell.com/security/cve/CVE-2014-4877.html https://bugzilla.suse.com/show_bug.cgi?id=885069 https://bugzilla.suse.com/show_bug.cgi?id=901276 https://bugzilla.suse.com/show_bug.cgi?id=902709 http://download.suse.com/patch/finder/?keywords=9277e45cf6c5fb998233535be0858220 http://download.suse.com/patch/finder/?keywords=f1920c8a49b895205a1c83cf5788aa2f From sle-updates at lists.suse.com Wed Nov 12 16:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 00:04:41 +0100 (CET) Subject: SUSE-SU-2014:1410-1: Security update for krb5 Message-ID: <20141112230441.288D63226B@maintenance.suse.de> SUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1410-1 Rating: low References: #890623 #897874 Cross-References: CVE-2014-5351 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for krb5 fixes the following issues: * When randomizing the keys for a service principal, current keys could be returned. (CVE-2014-5351) * klist -s crashes when handling multiple referral entries. (bnc#890623) Security Issues: * CVE-2014-5351 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-krb5-201410-9827 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-krb5-201410-9827 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-krb5-201410-9827 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-krb5-201410-9827 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-devel-1.6.3-133.49.64.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): krb5-devel-32bit-1.6.3-133.49.64.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): krb5-server-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): krb5-1.6.3-133.49.64.1 krb5-apps-clients-1.6.3-133.49.64.1 krb5-apps-servers-1.6.3-133.49.64.1 krb5-client-1.6.3-133.49.64.1 krb5-plugin-kdb-ldap-1.6.3-133.49.64.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.64.1 krb5-server-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): krb5-32bit-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): krb5-doc-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): krb5-1.6.3-133.49.64.1 krb5-apps-clients-1.6.3-133.49.64.1 krb5-apps-servers-1.6.3-133.49.64.1 krb5-client-1.6.3-133.49.64.1 krb5-plugin-kdb-ldap-1.6.3-133.49.64.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.64.1 krb5-server-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): krb5-32bit-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): krb5-doc-1.6.3-133.49.64.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): krb5-x86-1.6.3-133.49.64.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): krb5-1.6.3-133.49.64.1 krb5-client-1.6.3-133.49.64.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): krb5-32bit-1.6.3-133.49.64.1 References: http://support.novell.com/security/cve/CVE-2014-5351.html https://bugzilla.suse.com/show_bug.cgi?id=890623 https://bugzilla.suse.com/show_bug.cgi?id=897874 http://download.suse.com/patch/finder/?keywords=7bafb9e790ade0d165a14affc8315035 From sle-updates at lists.suse.com Wed Nov 12 17:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 01:04:43 +0100 (CET) Subject: SUSE-SU-2014:1387-2: important: Security update for OpenSSL Message-ID: <20141113000443.ED5C33225F@maintenance.suse.de> SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1387-2 Rating: important References: #901223 #901277 Cross-References: CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Studio Onsite 1.3 SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-libopenssl-devel-9908 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-libopenssl-devel-9908 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): libopenssl-devel-0.9.8j-0.66.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-32bit-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 References: http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 http://download.suse.com/patch/finder/?keywords=ea1bce59a09645696e580ca407c8cb20 From sle-updates at lists.suse.com Thu Nov 13 08:04:47 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 16:04:47 +0100 (CET) Subject: SUSE-RU-2014:1413-1: moderate: Recommended update for gcc48 Message-ID: <20141113150447.1D62F3226B@maintenance.suse.de> SUSE Recommended Update: Recommended update for gcc48 ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1413-1 Rating: moderate References: #899871 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for gcc48 fixes a performance degradation issue caused by generation of unneeded code whe using option -pg. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-66 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-66 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-66 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gcc48-debuginfo-4.8.3+r212056-11.2 gcc48-debugsource-4.8.3+r212056-11.2 gcc48-fortran-4.8.3+r212056-11.2 gcc48-fortran-debuginfo-4.8.3+r212056-11.2 gcc48-gij-4.8.3+r212056-11.1 gcc48-gij-debuginfo-4.8.3+r212056-11.1 gcc48-java-4.8.3+r212056-11.1 gcc48-java-debuginfo-4.8.3+r212056-11.1 gcc48-obj-c++-4.8.3+r212056-11.2 gcc48-obj-c++-debuginfo-4.8.3+r212056-11.2 gcc48-objc-4.8.3+r212056-11.2 gcc48-objc-debuginfo-4.8.3+r212056-11.2 libffi48-debugsource-4.8.3+r212056-11.1 libffi48-devel-4.8.3+r212056-11.1 libgcj48-4.8.3+r212056-11.1 libgcj48-debuginfo-4.8.3+r212056-11.1 libgcj48-debugsource-4.8.3+r212056-11.1 libgcj48-devel-4.8.3+r212056-11.1 libgcj48-devel-debuginfo-4.8.3+r212056-11.1 libgcj48-jar-4.8.3+r212056-11.1 libgcj_bc1-4.8.3+r212056-11.1 libobjc4-4.8.3+r212056-11.2 libobjc4-debuginfo-4.8.3+r212056-11.2 - SUSE Linux Enterprise Software Development Kit 12 (s390x x86_64): gcc48-objc-32bit-4.8.3+r212056-11.2 libgfortran3-32bit-4.8.3+r212056-11.2 libobjc4-32bit-4.8.3+r212056-11.2 - SUSE Linux Enterprise Software Development Kit 12 (x86_64): gcc48-ada-4.8.3+r212056-11.2 gcc48-ada-debuginfo-4.8.3+r212056-11.2 libada48-4.8.3+r212056-11.2 libada48-debuginfo-4.8.3+r212056-11.2 libquadmath0-32bit-4.8.3+r212056-11.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cpp48-4.8.3+r212056-11.2 cpp48-debuginfo-4.8.3+r212056-11.2 gcc48-4.8.3+r212056-11.2 gcc48-c++-4.8.3+r212056-11.2 gcc48-c++-debuginfo-4.8.3+r212056-11.2 gcc48-debuginfo-4.8.3+r212056-11.2 gcc48-debugsource-4.8.3+r212056-11.2 gcc48-locale-4.8.3+r212056-11.2 libatomic1-4.8.3+r212056-11.2 libatomic1-debuginfo-4.8.3+r212056-11.2 libffi4-4.8.3+r212056-11.1 libffi4-debuginfo-4.8.3+r212056-11.1 libffi48-debugsource-4.8.3+r212056-11.1 libgcc_s1-4.8.3+r212056-11.2 libgcc_s1-debuginfo-4.8.3+r212056-11.2 libgfortran3-4.8.3+r212056-11.2 libgfortran3-debuginfo-4.8.3+r212056-11.2 libgomp1-4.8.3+r212056-11.2 libgomp1-debuginfo-4.8.3+r212056-11.2 libitm1-4.8.3+r212056-11.2 libitm1-debuginfo-4.8.3+r212056-11.2 libstdc++48-devel-4.8.3+r212056-11.2 libstdc++6-4.8.3+r212056-11.2 libstdc++6-debuginfo-4.8.3+r212056-11.2 - SUSE Linux Enterprise Server 12 (s390x x86_64): gcc48-32bit-4.8.3+r212056-11.2 libatomic1-32bit-4.8.3+r212056-11.2 libffi4-32bit-4.8.3+r212056-11.1 libgcc_s1-32bit-4.8.3+r212056-11.2 libgomp1-32bit-4.8.3+r212056-11.2 libitm1-32bit-4.8.3+r212056-11.2 libstdc++48-devel-32bit-4.8.3+r212056-11.2 libstdc++6-32bit-4.8.3+r212056-11.2 - SUSE Linux Enterprise Server 12 (x86_64): libasan0-32bit-4.8.3+r212056-11.2 libasan0-4.8.3+r212056-11.2 libasan0-debuginfo-4.8.3+r212056-11.2 libquadmath0-4.8.3+r212056-11.2 libquadmath0-debuginfo-4.8.3+r212056-11.2 libtsan0-4.8.3+r212056-11.2 libtsan0-debuginfo-4.8.3+r212056-11.2 - SUSE Linux Enterprise Server 12 (noarch): gcc48-info-4.8.3+r212056-11.2 - SUSE Linux Enterprise Desktop 12 (x86_64): cpp48-4.8.3+r212056-11.2 cpp48-debuginfo-4.8.3+r212056-11.2 gcc48-32bit-4.8.3+r212056-11.2 gcc48-4.8.3+r212056-11.2 gcc48-c++-4.8.3+r212056-11.2 gcc48-c++-debuginfo-4.8.3+r212056-11.2 gcc48-debuginfo-4.8.3+r212056-11.2 gcc48-debugsource-4.8.3+r212056-11.2 gcc48-gij-4.8.3+r212056-11.1 gcc48-gij-debuginfo-4.8.3+r212056-11.1 libasan0-32bit-4.8.3+r212056-11.2 libasan0-4.8.3+r212056-11.2 libasan0-debuginfo-4.8.3+r212056-11.2 libatomic1-32bit-4.8.3+r212056-11.2 libatomic1-4.8.3+r212056-11.2 libatomic1-debuginfo-4.8.3+r212056-11.2 libffi4-32bit-4.8.3+r212056-11.1 libffi4-4.8.3+r212056-11.1 libffi4-debuginfo-4.8.3+r212056-11.1 libffi48-debugsource-4.8.3+r212056-11.1 libgcc_s1-32bit-4.8.3+r212056-11.2 libgcc_s1-4.8.3+r212056-11.2 libgcc_s1-debuginfo-4.8.3+r212056-11.2 libgcj48-4.8.3+r212056-11.1 libgcj48-debuginfo-4.8.3+r212056-11.1 libgcj48-debugsource-4.8.3+r212056-11.1 libgcj48-jar-4.8.3+r212056-11.1 libgcj_bc1-4.8.3+r212056-11.1 libgfortran3-4.8.3+r212056-11.2 libgfortran3-debuginfo-4.8.3+r212056-11.2 libgomp1-32bit-4.8.3+r212056-11.2 libgomp1-4.8.3+r212056-11.2 libgomp1-debuginfo-4.8.3+r212056-11.2 libitm1-32bit-4.8.3+r212056-11.2 libitm1-4.8.3+r212056-11.2 libitm1-debuginfo-4.8.3+r212056-11.2 libquadmath0-4.8.3+r212056-11.2 libquadmath0-debuginfo-4.8.3+r212056-11.2 libstdc++48-devel-32bit-4.8.3+r212056-11.2 libstdc++48-devel-4.8.3+r212056-11.2 libstdc++6-32bit-4.8.3+r212056-11.2 libstdc++6-4.8.3+r212056-11.2 libstdc++6-debuginfo-4.8.3+r212056-11.2 libtsan0-4.8.3+r212056-11.2 libtsan0-debuginfo-4.8.3+r212056-11.2 - SUSE Linux Enterprise Desktop 12 (noarch): gcc48-info-4.8.3+r212056-11.2 References: https://bugzilla.suse.com/show_bug.cgi?id=899871 From sle-updates at lists.suse.com Thu Nov 13 09:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 17:04:43 +0100 (CET) Subject: SUSE-SU-2014:1422-1: important: Security update for java-1_7_0-openjdk Message-ID: <20141113160443.272863226B@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1422-1 Rating: important References: #901242 Cross-References: CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: OpenJDK was updated to icedtea 2.5.3 (OpenJDK 7u71) fixing security issues and bugs. * Security: - S8015256: Better class accessibility - S8022783, CVE-2014-6504: Optimize C2 optimizations - S8035162: Service printing service - S8035781: Improve equality for annotations - S8036805: Correct linker method lookup. - S8036810: Correct linker field lookup - S8036936: Use local locales - S8037066, CVE-2014-6457: Secure transport layer - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams - S8038364: Use certificate exceptions correctly - S8038899: Safer safepoints - S8038903: More native monitor monitoring - S8038908: Make Signature more robust - S8038913: Bolster XML support - S8039509, CVE-2014-6512: Wrap sockets more thoroughly - S8039533, CVE-2014-6517: Higher resolution resolvers - S8041540, CVE-2014-6511: Better use of pages in font processing - S8041529: Better parameterization of parameter lists - S8041545: Better validation of generated rasters - S8041564, CVE-2014-6506: Improved management of logger resources - S8041717, CVE-2014-6519: Issue with class file parser - S8042609, CVE-2014-6513: Limit splashiness of splash images - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord - S8044274, CVE-2014-6531: Proper property processing * Backports: - S4963723: Implement SHA-224 - S7044060: Need to support NSA Suite B Cryptography algorithms - S7122142: (ann) Race condition between isAnnotationPresent and getAnnotations - S7160837: DigestOutputStream does not turn off digest calculation when "close()" is called - S8006935: Need to take care of long secret keys in HMAC/PRF computation - S8012637: Adjust CipherInputStream class to work in AEAD/GCM mode - S8028192: Use of PKCS11-NSS provider in FIPS mode broken - S8038000: java.awt.image.RasterFormatException: Incorrect scanline stride - S8039396: NPE when writing a class descriptor object to a custom ObjectOutputStream - S8042603: 'SafepointPollOffset' was not declared in static member function 'static bool Arguments::check_vm_args_consistency()' - S8042850: Extra unused entries in ICU ScriptCodes enum - S8052162: REGRESSION: sun/java2d/cmm/ColorConvertOp tests fail since 7u71 b01 - S8053963: (dc) Use DatagramChannel.receive() instead of read() in connect() - S8055176: 7u71 l10n resource file translation update * Bugfixes: - PR1988: C++ Interpreter should no longer be used on ppc64 - PR1989: Make jdk_generic_profile.sh handle missing programs better and be more verbose - PR1992, RH735336: Support retrieving proxy settings on GNOME 3.12.2 - PR2000: Synchronise HEAD tarball paths with release branch paths - PR2002: Fix references to hotspot.map following PR2000 - PR2003: --disable-system-gtk option broken by refactoring in PR1736 - PR2009: Checksum of policy JAR files changes on every build - PR2014: Use version from hotspot.map to create tarball filename - PR2015: Update hotspot.map documentation in INSTALL - PR2025: LCMS_CFLAGS and LCMS_LIBS should not be used unless SYSTEM_LCMS is enabled - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised comprehensive fix) * CACAO - PR2030, G453612, CA172: ARM hardfloat support for CACAO * AArch64 port - AArch64 C2 instruct for smull - Add frame anchor fences. - Add MacroAssembler::maybe_isb() - Add missing instruction synchronization barriers and cache flushes. - Add support for a few simple intrinsics - Add support for builtin crc32 instructions - Add support for Neon implementation of CRC32 - All address constants are 48 bits in size. - array load must only read 32 bits - Define uabs(). Use it everywhere an absolute value is wanted. - Fast string comparison - Fast String.equals() - Fix register usage in generate_verify_oop(). - Fix thinko in Atomic::xchg_ptr. - Fix typo in fsqrts - Improve C1 performance improvements in ic_cache checks - Performance improvement and ease of use changes pulled from upstream - Remove obsolete C1 patching code. - Replace hotspot jtreg test suite with tests from jdk7u - S8024648: 7141246 breaks Zero port - Save intermediate state before removing C1 patching code. - Unwind native AArch64 frames. - Use 2- and 3-instruction immediate form of movoop and mov_metadata in C2-generated code. - Various concurrency fixes. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-68 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-68 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.71-6.2 java-1_7_0-openjdk-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-debugsource-1.7.0.71-6.2 java-1_7_0-openjdk-demo-1.7.0.71-6.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-devel-1.7.0.71-6.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-headless-1.7.0.71-6.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.71-6.2 - SUSE Linux Enterprise Desktop 12 (x86_64): java-1_7_0-openjdk-1.7.0.71-6.2 java-1_7_0-openjdk-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-debugsource-1.7.0.71-6.2 java-1_7_0-openjdk-headless-1.7.0.71-6.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.71-6.2 References: http://support.novell.com/security/cve/CVE-2014-6457.html http://support.novell.com/security/cve/CVE-2014-6502.html http://support.novell.com/security/cve/CVE-2014-6504.html http://support.novell.com/security/cve/CVE-2014-6506.html http://support.novell.com/security/cve/CVE-2014-6511.html http://support.novell.com/security/cve/CVE-2014-6512.html http://support.novell.com/security/cve/CVE-2014-6513.html http://support.novell.com/security/cve/CVE-2014-6517.html http://support.novell.com/security/cve/CVE-2014-6519.html http://support.novell.com/security/cve/CVE-2014-6531.html http://support.novell.com/security/cve/CVE-2014-6558.html https://bugzilla.suse.com/show_bug.cgi?id=901242 From sle-updates at lists.suse.com Thu Nov 13 09:05:00 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 17:05:00 +0100 (CET) Subject: SUSE-SU-2014:1423-1: important: Security update for flash-player Message-ID: <20141113160500.251CF3226D@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1423-1 Rating: important References: #901334 Cross-References: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: Adobe Flash Player was updated to 11.2.202.411, fixing security issues and bugs. For more information please read: http://helpx.adobe.com/security/products/flash-player/apsb14-22.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2014-67 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-67 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (i586 x86_64): flash-player-11.2.202.411-4.1 flash-player-gnome-11.2.202.411-4.1 - SUSE Linux Enterprise Desktop 12 (i586 x86_64): flash-player-11.2.202.411-4.1 flash-player-gnome-11.2.202.411-4.1 References: http://support.novell.com/security/cve/CVE-2014-0558.html http://support.novell.com/security/cve/CVE-2014-0564.html http://support.novell.com/security/cve/CVE-2014-0569.html https://bugzilla.suse.com/show_bug.cgi?id=901334 From sle-updates at lists.suse.com Thu Nov 13 13:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 13 Nov 2014 21:04:39 +0100 (CET) Subject: SUSE-RU-2014:1424-1: Recommended update for nfs4-acl-tools Message-ID: <20141113200439.9BA813226B@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfs4-acl-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1424-1 Rating: low References: #784551 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for nfs4-acl-tools changes the behavior of nfs4_setfacl slightly to allow it to add, remove and modify ACLs which act on principals containing space characters. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nfs4-acl-tools-9845 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nfs4-acl-tools-9845 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-nfs4-acl-tools-9845 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nfs4-acl-tools-0.3.3-2.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nfs4-acl-tools-0.3.3-2.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): nfs4-acl-tools-0.3.3-2.8.1 References: https://bugzilla.suse.com/show_bug.cgi?id=784551 http://download.suse.com/patch/finder/?keywords=573183abc99eb1b60c8f5d9bb76620b3 From sle-updates at lists.suse.com Fri Nov 14 10:05:17 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 14 Nov 2014 18:05:17 +0100 (CET) Subject: SUSE-RU-2014:1427-1: moderate: Recommended update for machinery Message-ID: <20141114170517.A56D53226D@maintenance.suse.de> SUSE Recommended Update: Recommended update for machinery ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1427-1 Rating: moderate References: Affected Products: SUSE Linux Enterprise Module for Advanced Systems Management 12 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This update for the Advanced Systems Management module provides Machinery 1.0.4, which brings many fixes and enhancements: - Remove nokogiri build log files during package creation. - Added autofs to the remote file system filter. - Added HTML view of system descriptions. - Add format version to `machinery --version` output. - Added work flow hints to make machinery easier approchable. - Improve validation to also check the existence of extracted files. - Added filtering of remote mount points during unmanaged-files inspection. - Increased format version to 2. - Remove Recommends for kiwi and python-glanceclient. - Add requirement for the ruby gems haml, kramdown and tilt. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2014-69 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Advanced Systems Management 12 (x86_64): machinery-1.0.4-4.1 machinery-debuginfo-1.0.4-4.1 machinery-debugsource-1.0.4-4.1 References: From sle-updates at lists.suse.com Mon Nov 17 07:04:47 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Nov 2014 15:04:47 +0100 (CET) Subject: SUSE-SU-2014:1438-1: moderate: update for rsyslog Message-ID: <20141117140447.5A9A73226D@maintenance.suse.de> SUSE Security Update: update for rsyslog ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1438-1 Rating: moderate References: #890228 #899756 Cross-References: CVE-2014-3634 CVE-2014-3683 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rsyslog provides the following fixes: - Fixed remote PRI DoS vulnerability patch (CVE-2014-3683, bnc#899756) - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package (bnc#890228) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-70 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-70 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): rsyslog-8.4.0-5.1 rsyslog-debuginfo-8.4.0-5.1 rsyslog-debugsource-8.4.0-5.1 rsyslog-diag-tools-8.4.0-5.1 rsyslog-diag-tools-debuginfo-8.4.0-5.1 rsyslog-doc-8.4.0-5.1 rsyslog-module-gssapi-8.4.0-5.1 rsyslog-module-gssapi-debuginfo-8.4.0-5.1 rsyslog-module-gtls-8.4.0-5.1 rsyslog-module-gtls-debuginfo-8.4.0-5.1 rsyslog-module-mysql-8.4.0-5.1 rsyslog-module-mysql-debuginfo-8.4.0-5.1 rsyslog-module-pgsql-8.4.0-5.1 rsyslog-module-pgsql-debuginfo-8.4.0-5.1 rsyslog-module-relp-8.4.0-5.1 rsyslog-module-relp-debuginfo-8.4.0-5.1 rsyslog-module-snmp-8.4.0-5.1 rsyslog-module-snmp-debuginfo-8.4.0-5.1 rsyslog-module-udpspoof-8.4.0-5.1 rsyslog-module-udpspoof-debuginfo-8.4.0-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): rsyslog-8.4.0-5.1 rsyslog-debuginfo-8.4.0-5.1 rsyslog-debugsource-8.4.0-5.1 References: http://support.novell.com/security/cve/CVE-2014-3634.html http://support.novell.com/security/cve/CVE-2014-3683.html https://bugzilla.suse.com/show_bug.cgi?id=890228 https://bugzilla.suse.com/show_bug.cgi?id=899756 From sle-updates at lists.suse.com Mon Nov 17 11:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Nov 2014 19:04:42 +0100 (CET) Subject: SUSE-RU-2014:1439-1: moderate: Recommended update for aws-cli Message-ID: <20141117180442.9276D3226D@maintenance.suse.de> SUSE Recommended Update: Recommended update for aws-cli ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1439-1 Rating: moderate References: #902598 #902648 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update for the SUSE Linux Enterprise 12 Public Cloud module provides the following enhancements: - Amazon Web Services Command Line Interface (aws-cli) has been updated to version 1.5.3. - Amazon Web Services Library (python-boto) has been updated to version 2.34.0. - Python interface for AWS (python-botocore) has been updated to version 0.67.0. - Python's jmespath module has been updated to version 0.4.1. - The latest Amazon Cloud region (eu-central-1) is now supported through the command line interface. For a comprehensive list of fixes and enhancements, refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2014-71 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): aws-cli-1.5.3-4.1 python-boto-2.34.0-4.1 python-botocore-0.67.0-4.1 python-jmespath-0.4.1-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=902598 https://bugzilla.suse.com/show_bug.cgi?id=902648 From sle-updates at lists.suse.com Mon Nov 17 15:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 17 Nov 2014 23:04:39 +0100 (CET) Subject: SUSE-SU-2014:1440-1: moderate: Security update for libxml2 Message-ID: <20141117220440.001FA3226F@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1440-1 Rating: moderate References: #901546 Cross-References: CVE-2014-3660 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a denial of service via recursive entity expansion. (CVE-2014-3660) Security Issues: * CVE-2014-3660 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libxml2-9914 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libxml2-9914 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libxml2-9914 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libxml2-9914 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libxml2-2.7.6-0.31.1 libxml2-doc-2.7.6-0.31.1 libxml2-python-2.7.6-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libxml2-32bit-2.7.6-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.31.1 libxml2-doc-2.7.6-0.31.1 libxml2-python-2.7.6-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libxml2-x86-2.7.6-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libxml2-2.7.6-0.31.1 libxml2-python-2.7.6-0.31.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libxml2-32bit-2.7.6-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-3660.html https://bugzilla.suse.com/show_bug.cgi?id=901546 http://download.suse.com/patch/finder/?keywords=9961b2dfc7e8d8c212415af4aff1679b From sle-updates at lists.suse.com Mon Nov 17 17:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Nov 2014 01:04:43 +0100 (CET) Subject: SUSE-SU-2014:1441-1: moderate: Security update for php53 Message-ID: <20141118000443.8137132260@maintenance.suse.de> SUSE Security Update: Security update for php53 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1441-1 Rating: moderate References: #902357 #902360 #902368 Cross-References: CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update fixes the following vulnerabilities in php: * Heap corruption issue in exif_thumbnail(). (CVE-2014-3670) * Integer overflow in unserialize(). (CVE-2014-3669) * Xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime(). (CVE-2014-3668) Security Issues: * CVE-2014-3669 * CVE-2014-3670 * CVE-2014-3668 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-apache2-mod_php53-9916 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-mod_php53-9916 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-apache2-mod_php53-9916 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): php53-devel-5.3.17-0.31.1 php53-imap-5.3.17-0.31.1 php53-posix-5.3.17-0.31.1 php53-readline-5.3.17-0.31.1 php53-sockets-5.3.17-0.31.1 php53-sqlite-5.3.17-0.31.1 php53-tidy-5.3.17-0.31.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): apache2-mod_php53-5.3.17-0.31.1 php53-5.3.17-0.31.1 php53-bcmath-5.3.17-0.31.1 php53-bz2-5.3.17-0.31.1 php53-calendar-5.3.17-0.31.1 php53-ctype-5.3.17-0.31.1 php53-curl-5.3.17-0.31.1 php53-dba-5.3.17-0.31.1 php53-dom-5.3.17-0.31.1 php53-exif-5.3.17-0.31.1 php53-fastcgi-5.3.17-0.31.1 php53-fileinfo-5.3.17-0.31.1 php53-ftp-5.3.17-0.31.1 php53-gd-5.3.17-0.31.1 php53-gettext-5.3.17-0.31.1 php53-gmp-5.3.17-0.31.1 php53-iconv-5.3.17-0.31.1 php53-intl-5.3.17-0.31.1 php53-json-5.3.17-0.31.1 php53-ldap-5.3.17-0.31.1 php53-mbstring-5.3.17-0.31.1 php53-mcrypt-5.3.17-0.31.1 php53-mysql-5.3.17-0.31.1 php53-odbc-5.3.17-0.31.1 php53-openssl-5.3.17-0.31.1 php53-pcntl-5.3.17-0.31.1 php53-pdo-5.3.17-0.31.1 php53-pear-5.3.17-0.31.1 php53-pgsql-5.3.17-0.31.1 php53-pspell-5.3.17-0.31.1 php53-shmop-5.3.17-0.31.1 php53-snmp-5.3.17-0.31.1 php53-soap-5.3.17-0.31.1 php53-suhosin-5.3.17-0.31.1 php53-sysvmsg-5.3.17-0.31.1 php53-sysvsem-5.3.17-0.31.1 php53-sysvshm-5.3.17-0.31.1 php53-tokenizer-5.3.17-0.31.1 php53-wddx-5.3.17-0.31.1 php53-xmlreader-5.3.17-0.31.1 php53-xmlrpc-5.3.17-0.31.1 php53-xmlwriter-5.3.17-0.31.1 php53-xsl-5.3.17-0.31.1 php53-zip-5.3.17-0.31.1 php53-zlib-5.3.17-0.31.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php53-5.3.17-0.31.1 php53-5.3.17-0.31.1 php53-bcmath-5.3.17-0.31.1 php53-bz2-5.3.17-0.31.1 php53-calendar-5.3.17-0.31.1 php53-ctype-5.3.17-0.31.1 php53-curl-5.3.17-0.31.1 php53-dba-5.3.17-0.31.1 php53-dom-5.3.17-0.31.1 php53-exif-5.3.17-0.31.1 php53-fastcgi-5.3.17-0.31.1 php53-fileinfo-5.3.17-0.31.1 php53-ftp-5.3.17-0.31.1 php53-gd-5.3.17-0.31.1 php53-gettext-5.3.17-0.31.1 php53-gmp-5.3.17-0.31.1 php53-iconv-5.3.17-0.31.1 php53-intl-5.3.17-0.31.1 php53-json-5.3.17-0.31.1 php53-ldap-5.3.17-0.31.1 php53-mbstring-5.3.17-0.31.1 php53-mcrypt-5.3.17-0.31.1 php53-mysql-5.3.17-0.31.1 php53-odbc-5.3.17-0.31.1 php53-openssl-5.3.17-0.31.1 php53-pcntl-5.3.17-0.31.1 php53-pdo-5.3.17-0.31.1 php53-pear-5.3.17-0.31.1 php53-pgsql-5.3.17-0.31.1 php53-pspell-5.3.17-0.31.1 php53-shmop-5.3.17-0.31.1 php53-snmp-5.3.17-0.31.1 php53-soap-5.3.17-0.31.1 php53-suhosin-5.3.17-0.31.1 php53-sysvmsg-5.3.17-0.31.1 php53-sysvsem-5.3.17-0.31.1 php53-sysvshm-5.3.17-0.31.1 php53-tokenizer-5.3.17-0.31.1 php53-wddx-5.3.17-0.31.1 php53-xmlreader-5.3.17-0.31.1 php53-xmlrpc-5.3.17-0.31.1 php53-xmlwriter-5.3.17-0.31.1 php53-xsl-5.3.17-0.31.1 php53-zip-5.3.17-0.31.1 php53-zlib-5.3.17-0.31.1 References: http://support.novell.com/security/cve/CVE-2014-3668.html http://support.novell.com/security/cve/CVE-2014-3669.html http://support.novell.com/security/cve/CVE-2014-3670.html https://bugzilla.suse.com/show_bug.cgi?id=902357 https://bugzilla.suse.com/show_bug.cgi?id=902360 https://bugzilla.suse.com/show_bug.cgi?id=902368 http://download.suse.com/patch/finder/?keywords=991707256096509383d233738d9325bb From sle-updates at lists.suse.com Mon Nov 17 17:05:24 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Nov 2014 01:05:24 +0100 (CET) Subject: SUSE-SU-2014:1442-1: important: Security update for flash-player Message-ID: <20141118000524.A52783226F@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1442-1 Rating: important References: #905032 Cross-References: CVE-2014-0573 CVE-2014-0574 CVE-2014-0576 CVE-2014-0577 CVE-2014-0581 CVE-2014-0582 CVE-2014-0583 CVE-2014-0584 CVE-2014-0585 CVE-2014-0586 CVE-2014-0588 CVE-2014-0589 CVE-2014-0590 CVE-2014-8437 CVE-2014-8438 CVE-2014-8440 CVE-2014-8441 CVE-2014-8442 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 18 vulnerabilities is now available. It includes one version update. Description: flash-player was updated to version 11.2.202.418 to fix 18 security issues: * Memory corruption vulnerabilities that could lead to code execution (CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441). * Use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438). * A double free vulnerability that could lead to code execution (CVE-2014-0574). * Type confusion vulnerabilities that could lead to code execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590). * Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582, CVE-2014-0589). * An information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). * A heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). * A permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). Further information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-24.html . Security Issues: * CVE-2014-0576 * CVE-2014-0581 * CVE-2014-8440 * CVE-2014-8441 * CVE-2014-0573 * CVE-2014-0588 * CVE-2014-8438 * CVE-2014-0574 * CVE-2014-0577 * CVE-2014-0584 * CVE-2014-0585 * CVE-2014-0586 * CVE-2014-0590 * CVE-2014-0582 * CVE-2014-0589 * CVE-2014-8437 * CVE-2014-0583 * CVE-2014-8442 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-9958 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.418]: flash-player-11.2.202.418-0.3.1 flash-player-gnome-11.2.202.418-0.3.1 flash-player-kde4-11.2.202.418-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-0573.html http://support.novell.com/security/cve/CVE-2014-0574.html http://support.novell.com/security/cve/CVE-2014-0576.html http://support.novell.com/security/cve/CVE-2014-0577.html http://support.novell.com/security/cve/CVE-2014-0581.html http://support.novell.com/security/cve/CVE-2014-0582.html http://support.novell.com/security/cve/CVE-2014-0583.html http://support.novell.com/security/cve/CVE-2014-0584.html http://support.novell.com/security/cve/CVE-2014-0585.html http://support.novell.com/security/cve/CVE-2014-0586.html http://support.novell.com/security/cve/CVE-2014-0588.html http://support.novell.com/security/cve/CVE-2014-0589.html http://support.novell.com/security/cve/CVE-2014-0590.html http://support.novell.com/security/cve/CVE-2014-8437.html http://support.novell.com/security/cve/CVE-2014-8438.html http://support.novell.com/security/cve/CVE-2014-8440.html http://support.novell.com/security/cve/CVE-2014-8441.html http://support.novell.com/security/cve/CVE-2014-8442.html https://bugzilla.suse.com/show_bug.cgi?id=905032 http://download.suse.com/patch/finder/?keywords=dbcb29ab8a2328939075a141810b2c4d From sle-updates at lists.suse.com Tue Nov 18 07:05:18 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Nov 2014 15:05:18 +0100 (CET) Subject: SUSE-RU-2014:1445-1: Recommended update for xmlstarlet Message-ID: <20141118140518.D8A6432273@maintenance.suse.de> SUSE Recommended Update: Recommended update for xmlstarlet ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1445-1 Rating: low References: #900891 Affected Products: SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for xmlstarlet adds a symbolic link /usr/bin/xmlstarlet pointing to the "xml" binary. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-72 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): xmlstarlet-1.5.0-4.1 xmlstarlet-debuginfo-1.5.0-4.1 xmlstarlet-debugsource-1.5.0-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=900891 From sle-updates at lists.suse.com Tue Nov 18 11:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Nov 2014 19:04:41 +0100 (CET) Subject: SUSE-RU-2014:1446-1: Recommended update for crowbar-barclamp-deployer, crowbar-barclamp-network Message-ID: <20141118180441.110A83226F@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-deployer, crowbar-barclamp-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1446-1 Rating: low References: #888518 #897815 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crowbar-barclamp-network and crowbar-barclamp-deployer provides stability fixes from the upstream OpenStack project. * Disable checksum offloading by default (bnc#888518) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-barclamps-network-deployer-201410-9843 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-deployer-1.8+git.1411027864.67a2849-0.7.5 crowbar-barclamp-network-1.8+git.1411028291.2953553-0.9.1 References: https://bugzilla.suse.com/show_bug.cgi?id=888518 https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=0b7b88e944aaf029c1c3d0efeb250a36 From sle-updates at lists.suse.com Tue Nov 18 11:05:08 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 18 Nov 2014 19:05:08 +0100 (CET) Subject: SUSE-SU-2014:1447-1: moderate: Security update for openwsman Message-ID: <20141118180508.40B6A32273@maintenance.suse.de> SUSE Security Update: Security update for openwsman ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1447-1 Rating: moderate References: #901882 Cross-References: CVE-2014-3566 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update adds a configuration option to disable SSLv2 and SSLv3 in openwsman. This is required to mitigate CVE-2014-3566. To use the new option, edit /etc/openwsman/openwsman.conf and add the following line to the [server] section: ssl_disabled_protocols = SSLv2 SSLv3 Security Issues: * CVE-2014-3566 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libwsman-devel-9902 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libwsman-devel-9902 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libwsman-devel-9902 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libwsman-devel-9902 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libwsman-devel-2.2.3-0.8.1 openwsman-python-2.2.3-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libwsman1-2.2.3-0.8.1 openwsman-client-2.2.3-0.8.1 openwsman-server-2.2.3-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libwsman1-2.2.3-0.8.1 openwsman-client-2.2.3-0.8.1 openwsman-server-2.2.3-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libwsman1-2.2.3-0.8.1 openwsman-client-2.2.3-0.8.1 openwsman-server-2.2.3-0.8.1 References: http://support.novell.com/security/cve/CVE-2014-3566.html https://bugzilla.suse.com/show_bug.cgi?id=901882 http://download.suse.com/patch/finder/?keywords=0f0bc1b01ad268f3f98cb87c3015cbb4 From sle-updates at lists.suse.com Wed Nov 19 04:05:44 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Nov 2014 12:05:44 +0100 (CET) Subject: SUSE-RU-2014:1453-1: moderate: Recommended update for gnome-keyring Message-ID: <20141119110544.57C8B32274@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-keyring ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1453-1 Rating: moderate References: #903966 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The gnome-keyring daemon could terminate with a segmentation fault when trying to open the secure password storage. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-73 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-73 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gnome-keyring-3.10.1-7.1 gnome-keyring-debuginfo-3.10.1-7.1 gnome-keyring-debugsource-3.10.1-7.1 gnome-keyring-pam-3.10.1-7.1 gnome-keyring-pam-debuginfo-3.10.1-7.1 libgck-modules-gnome-keyring-3.10.1-7.1 libgck-modules-gnome-keyring-debuginfo-3.10.1-7.1 - SUSE Linux Enterprise Server 12 (noarch): gnome-keyring-lang-3.10.1-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gnome-keyring-3.10.1-7.1 gnome-keyring-debuginfo-3.10.1-7.1 gnome-keyring-debugsource-3.10.1-7.1 gnome-keyring-pam-3.10.1-7.1 gnome-keyring-pam-debuginfo-3.10.1-7.1 libgck-modules-gnome-keyring-3.10.1-7.1 libgck-modules-gnome-keyring-debuginfo-3.10.1-7.1 - SUSE Linux Enterprise Desktop 12 (noarch): gnome-keyring-lang-3.10.1-7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=903966 From sle-updates at lists.suse.com Wed Nov 19 09:04:55 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 19 Nov 2014 17:04:55 +0100 (CET) Subject: SUSE-RU-2014:1456-1: Recommended update for yast2-users Message-ID: <20141119160455.AF83632274@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-users ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1456-1 Rating: low References: #901419 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-users fixes a crash when trying to start the authentication client module and yast2-auth-client is not installed on the system. (bnc#901419) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-74 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-74 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-74 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-users-debuginfo-3.1.34-4.1 yast2-users-debugsource-3.1.34-4.1 yast2-users-devel-doc-3.1.34-4.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-users-3.1.34-4.1 yast2-users-debuginfo-3.1.34-4.1 yast2-users-debugsource-3.1.34-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-users-3.1.34-4.1 yast2-users-debuginfo-3.1.34-4.1 yast2-users-debugsource-3.1.34-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=901419 From sle-updates at lists.suse.com Wed Nov 19 17:04:49 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 01:04:49 +0100 (CET) Subject: SUSE-SU-2014:1458-1: important: Security update for MozillaFirefox Message-ID: <20141120000449.86F923226C@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1458-1 Rating: important References: #900941 #905056 #905528 Cross-References: CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes four new package versions. Description: This version update of Mozilla Firefox to 31.2.0ESR brings improvements, stability fixes and also security fixes for the following CVEs: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586 It also disables SSLv3 by default to mitigate the protocol downgrade attack known as POODLE. This update fixes some regressions introduced by the previously released update. Security Issues: * CVE-2014-1574 * CVE-2014-1575 * CVE-2014-1576 * CVE-2014-1577 * CVE-2014-1578 * CVE-2014-1581 * CVE-2014-1583 * CVE-2014-1585 * CVE-2014-1586 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-firefox31-201411-9972 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-firefox31-201411-9972 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-firefox31-201411-9972 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-firefox31-201411-9971 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-firefox31-201411-9972 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.17.2 and 4.10.7]: MozillaFirefox-devel-31.2.0esr-0.16.1 mozilla-nspr-devel-4.10.7-0.3.3 mozilla-nss-devel-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.16.1 MozillaFirefox-branding-SLES-for-VMware-31.0-0.5.1 MozillaFirefox-translations-31.2.0esr-0.16.1 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.16.1 MozillaFirefox-branding-SLED-31.0-0.10.1 MozillaFirefox-translations-31.2.0esr-0.16.1 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-x86-3.17.2-0.8.1 libsoftokn3-x86-3.17.2-0.8.1 mozilla-nspr-x86-4.10.7-0.3.3 mozilla-nss-x86-3.17.2-0.8.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 3.17.2,31.0,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.11.11.1 MozillaFirefox-branding-SLED-31.0-0.5.5.1 MozillaFirefox-translations-31.2.0esr-0.11.11.1 libfreebl3-3.17.2-0.3.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.3.1 mozilla-nss-tools-3.17.2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.3.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.16.1 MozillaFirefox-branding-SLED-31.0-0.10.1 MozillaFirefox-translations-31.2.0esr-0.16.1 libfreebl3-3.17.2-0.8.1 libsoftokn3-3.17.2-0.8.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nss-3.17.2-0.8.1 mozilla-nss-tools-3.17.2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.8.1 libsoftokn3-32bit-3.17.2-0.8.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.8.1 References: http://support.novell.com/security/cve/CVE-2014-1574.html http://support.novell.com/security/cve/CVE-2014-1575.html http://support.novell.com/security/cve/CVE-2014-1576.html http://support.novell.com/security/cve/CVE-2014-1577.html http://support.novell.com/security/cve/CVE-2014-1578.html http://support.novell.com/security/cve/CVE-2014-1581.html http://support.novell.com/security/cve/CVE-2014-1583.html http://support.novell.com/security/cve/CVE-2014-1585.html http://support.novell.com/security/cve/CVE-2014-1586.html https://bugzilla.suse.com/show_bug.cgi?id=900941 https://bugzilla.suse.com/show_bug.cgi?id=905056 https://bugzilla.suse.com/show_bug.cgi?id=905528 http://download.suse.com/patch/finder/?keywords=29ed5e7e0df0d224aa13f77da0665ca3 http://download.suse.com/patch/finder/?keywords=7d581038b5bc4e233d15b95636b1b8eb From sle-updates at lists.suse.com Wed Nov 19 17:05:28 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 01:05:28 +0100 (CET) Subject: SUSE-RU-2014:1459-1: important: Recommended update for nginx-1.0 Message-ID: <20141120000528.7FBAE32270@maintenance.suse.de> SUSE Recommended Update: Recommended update for nginx-1.0 ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1459-1 Rating: important References: #901519 Affected Products: WebYaST 1.3 SUSE Studio Onsite 1.3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: A previous update of nginx caused a segmentation fault while starting WebYaST. This update fixes this regression. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.3: zypper in -t patch slewyst13-nginx-1.0-9926 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-nginx-1.0-9926 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-nginx-1.0-9926 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.3 (i586 ia64 ppc64 s390x x86_64): nginx-1.0-1.0.15-0.14.1 - SUSE Studio Onsite 1.3 (x86_64): nginx-1.0-1.0.15-0.14.1 - SUSE Lifecycle Management Server 1.3 (x86_64): nginx-1.0-1.0.15-0.14.1 References: https://bugzilla.suse.com/show_bug.cgi?id=901519 http://download.suse.com/patch/finder/?keywords=1173f231287174550051c17ccdbf2b50 From sle-updates at lists.suse.com Thu Nov 20 05:04:48 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 13:04:48 +0100 (CET) Subject: SUSE-RU-2014:1461-1: important: Recommended update for wicked Message-ID: <20141120120448.7F50C32270@maintenance.suse.de> SUSE Recommended Update: Recommended update for wicked ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1461-1 Rating: important References: #887910 #893665 #900112 #900401 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Build System Kit 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for wicked fixes the following issues: - ethernet: Do not fail when ETHTOOL_GSET/SSET fails. (bsc#900401, bsc#900112) - dbus: Omit ethernet speed, duplex, autoneg properties if not supported by the driver. - ethtool: Independent ioctl requests are handled separately: if one fails it should not stop the following ones. - wireless: Request association even if link was up; linkup indicates association, rather than explicit linkAssociate event. (bsc#893665) - bonding: Ignore redundant slaves in configs with a warning. - fsm: Generate default config for children in existing relation. - compat: Prefer /etc/hostname over /etc/HOSTNAME and warn about missed global configs. (bsc#887910) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-75 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-75 - SUSE Linux Enterprise Build System Kit 12: zypper in -t patch SUSE-SLE-BSK-12-2014-75 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libwicked-0-6-0.6.12-4.1 libwicked-0-6-debuginfo-0.6.12-4.1 wicked-0.6.12-4.1 wicked-debuginfo-0.6.12-4.1 wicked-debugsource-0.6.12-4.1 wicked-service-0.6.12-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libwicked-0-6-0.6.12-4.1 libwicked-0-6-debuginfo-0.6.12-4.1 wicked-0.6.12-4.1 wicked-debuginfo-0.6.12-4.1 wicked-debugsource-0.6.12-4.1 wicked-service-0.6.12-4.1 - SUSE Linux Enterprise Build System Kit 12 (ppc64le s390x x86_64): libwicked-0-6-0.6.12-4.1 libwicked-0-6-debuginfo-0.6.12-4.1 wicked-debuginfo-0.6.12-4.1 wicked-debugsource-0.6.12-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=887910 https://bugzilla.suse.com/show_bug.cgi?id=893665 https://bugzilla.suse.com/show_bug.cgi?id=900112 https://bugzilla.suse.com/show_bug.cgi?id=900401 From sle-updates at lists.suse.com Thu Nov 20 08:04:45 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 16:04:45 +0100 (CET) Subject: SUSE-SU-2014:1464-1: moderate: Security update for wget Message-ID: <20141120150445.9ABB432270@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1464-1 Rating: moderate References: #902709 Cross-References: CVE-2014-4877 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: wget was updated to fix one security issue. This security issue was fixed: - FTP symlink arbitrary filesystem access (CVE-2014-4877). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-76 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-76 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): wget-1.14-7.1 wget-debuginfo-1.14-7.1 wget-debugsource-1.14-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): wget-1.14-7.1 wget-debuginfo-1.14-7.1 wget-debugsource-1.14-7.1 References: http://support.novell.com/security/cve/CVE-2014-4877.html https://bugzilla.suse.com/show_bug.cgi?id=902709 From sle-updates at lists.suse.com Thu Nov 20 08:05:05 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 16:05:05 +0100 (CET) Subject: SUSE-SU-2014:1465-1: moderate: Security update for flash-player Message-ID: <20141120150505.211A132274@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1465-1 Rating: moderate References: #905032 Cross-References: CVE-2014-0573 CVE-2014-0574 CVE-2014-0576 CVE-2014-0577 CVE-2014-0581 CVE-2014-0582 CVE-2014-0583 CVE-2014-0584 CVE-2014-0585 CVE-2014-0586 CVE-2014-0588 CVE-2014-0589 CVE-2014-0590 CVE-2014-8437 CVE-2014-8438 CVE-2014-8440 CVE-2014-8441 CVE-2014-8442 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 18 vulnerabilities is now available. Description: flash-player was updated to version 11.2.202.418 to fix 18 security issues. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution (CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441). - Use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438). - A double free vulnerability that could lead to code execution (CVE-2014-0574). - Type confusion vulnerabilities that could lead to code execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590). - Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582, CVE-2014-0589). - An information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). - A heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). - A permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). More information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-24.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2014-77 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-77 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): flash-player-11.2.202.418-11.1 flash-player-gnome-11.2.202.418-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): flash-player-11.2.202.418-11.1 flash-player-gnome-11.2.202.418-11.1 References: http://support.novell.com/security/cve/CVE-2014-0573.html http://support.novell.com/security/cve/CVE-2014-0574.html http://support.novell.com/security/cve/CVE-2014-0576.html http://support.novell.com/security/cve/CVE-2014-0577.html http://support.novell.com/security/cve/CVE-2014-0581.html http://support.novell.com/security/cve/CVE-2014-0582.html http://support.novell.com/security/cve/CVE-2014-0583.html http://support.novell.com/security/cve/CVE-2014-0584.html http://support.novell.com/security/cve/CVE-2014-0585.html http://support.novell.com/security/cve/CVE-2014-0586.html http://support.novell.com/security/cve/CVE-2014-0588.html http://support.novell.com/security/cve/CVE-2014-0589.html http://support.novell.com/security/cve/CVE-2014-0590.html http://support.novell.com/security/cve/CVE-2014-8437.html http://support.novell.com/security/cve/CVE-2014-8438.html http://support.novell.com/security/cve/CVE-2014-8440.html http://support.novell.com/security/cve/CVE-2014-8441.html http://support.novell.com/security/cve/CVE-2014-8442.html https://bugzilla.suse.com/show_bug.cgi?id=905032 From sle-updates at lists.suse.com Thu Nov 20 11:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 19:04:41 +0100 (CET) Subject: SUSE-RU-2014:1466-1: Recommended update for python-openstackclient Message-ID: <20141120180441.AA67732273@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-openstackclient ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1466-1 Rating: low References: #897815 #904049 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for python-openstackclient provides the following fixes and enhancements: * Fix find_resource for keystone and cinder (bnc#904049) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-python-openstackclient-9954 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64): python-openstackclient-0.3.1-0.9.1 References: https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=904049 http://download.suse.com/patch/finder/?keywords=cb9761a3b20512cb9d1b003a15dfe8d8 From sle-updates at lists.suse.com Thu Nov 20 11:05:08 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 19:05:08 +0100 (CET) Subject: SUSE-SU-2014:1467-1: Security update for openstack-cinder Message-ID: <20141120180508.9598332275@maintenance.suse.de> SUSE Security Update: Security update for openstack-cinder ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1467-1 Rating: low References: #883950 #894055 #897815 #899190 #899198 Cross-References: CVE-2014-3641 CVE-2014-7230 CVE-2014-7231 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. It includes one version update. Description: This update for openstack-cinder provides the following recommended and security fixes: * Refuse invalid qcow2 backing files to avoid host data leak to VM instance (bnc#899198, CVE-2014-3641) * Sync latest process and str utils from oslo (bnc#899190 CVE-2014-7230 CVE-2014-7231) * Fix the iSER transport protocol when using LVMISERDriver * NetApp fix for controller preferred path * NetApp fix for default host type in eseries * NetApp fix eseries concurrent vol map failure * Cinder api service doesn't handle SIGHUP properly * Sync latest strutils from oslo-incubator for mask_password fix * Fix possible race condition for accept transfer * Cinder override all method add _wrap_db_error support for PostgreSQL (bnc#883950) * Fix terminate_connection live migration issue * Prevent tenant viewing volumes owned by another * NetApp NFS: Do not reference dst_img_local before assignment * Fix KeyError exception in NetApp CDOT iscsi driver volume create * Don't clear _mounted_shares list in remoteFS while updating * Add retry_on_deadlock to db update methods * Add fix for reservation index to icehouse * Fix performance issues with Brocade zone driver * VMware: Disable suds caching * Add eternus dx volumedriver 1.1.0 (bnc#894055) * Cache snapshots in request for extension * VMware: Force chunked transfer for upload-to-image * Avoid using the disk cache on volume initialization and remove multipath device correctly (bnc#894055) Security Issues: * CVE-2014-3641 * CVE-2014-7230 * CVE-2014-7231 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-cinder-1114-9960 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64) [New Version: 2014.1.4.dev19.g80c0054]: openstack-cinder-2014.1.4.dev19.g80c0054-0.7.1 openstack-cinder-api-2014.1.4.dev19.g80c0054-0.7.1 openstack-cinder-backup-2014.1.4.dev19.g80c0054-0.7.1 openstack-cinder-scheduler-2014.1.4.dev19.g80c0054-0.7.1 openstack-cinder-volume-2014.1.4.dev19.g80c0054-0.7.1 python-cinder-2014.1.4.dev19.g80c0054-0.7.1 - SUSE Cloud 4 (noarch) [New Version: 2014.1.4.dev19.g80c0054]: openstack-cinder-doc-2014.1.4.dev19.g80c0054-0.7.1 References: http://support.novell.com/security/cve/CVE-2014-3641.html http://support.novell.com/security/cve/CVE-2014-7230.html http://support.novell.com/security/cve/CVE-2014-7231.html https://bugzilla.suse.com/show_bug.cgi?id=883950 https://bugzilla.suse.com/show_bug.cgi?id=894055 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=899190 https://bugzilla.suse.com/show_bug.cgi?id=899198 http://download.suse.com/patch/finder/?keywords=a39845befed7d7674be8c6540ec59a65 From sle-updates at lists.suse.com Thu Nov 20 13:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 20 Nov 2014 21:04:41 +0100 (CET) Subject: SUSE-RU-2014:1468-1: Recommended update for sblim-gather Message-ID: <20141120200441.7C58A3228E@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-gather ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1468-1 Rating: low References: #831134 #894582 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update fixes a potential crash in the IPProtocolEndpoint plugin of the SBLIM Data Gatherer when BytesSubmitted grows past a certain size. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-sblim-gather-9955 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-sblim-gather-9955 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): sblim-gather-devel-2.2.0-0.5.1 sblim-gather-test-2.2.0-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): sblim-gather-2.2.0-0.5.1 sblim-gather-provider-2.2.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): sblim-gather-2.2.0-0.5.1 sblim-gather-provider-2.2.0-0.5.1 References: https://bugzilla.suse.com/show_bug.cgi?id=831134 https://bugzilla.suse.com/show_bug.cgi?id=894582 http://download.suse.com/patch/finder/?keywords=d1207c37ab3f279f2439e7dbabebef48 From sle-updates at lists.suse.com Thu Nov 20 17:06:38 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 21 Nov 2014 01:06:38 +0100 (CET) Subject: SUSE-RU-2014:1469-1: Recommended update for slms Message-ID: <20141121000638.1F1803226C@maintenance.suse.de> SUSE Recommended Update: Recommended update for slms ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1469-1 Rating: low References: #891902 #895852 #900024 Affected Products: SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for SLMS provides the following fixes: * Improve sync performance for long running Studio appliances. (bnc#900024) * Fix crash if external server is not reachable. (bnc#895852) * Fix updating packages with epoch in its version. (bnc#891902) * Do not break sync if status of appliance is just warning. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-slms-9877 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Lifecycle Management Server 1.3 (noarch) [New Version: 1.3.8]: slms-1.3.8-0.5.1 slms-core-1.3.8-0.5.1 slms-customer-center-1.3.8-0.5.1 slms-devel-doc-1.3.8-0.5.1 slms-external-1.3.8-0.5.1 slms-registration-1.3.8-0.5.1 slms-testsuite-1.3.8-0.5.1 References: https://bugzilla.suse.com/show_bug.cgi?id=891902 https://bugzilla.suse.com/show_bug.cgi?id=895852 https://bugzilla.suse.com/show_bug.cgi?id=900024 http://download.suse.com/patch/finder/?keywords=078ac5c1723dc3e6b66ef66b3061e515 From sle-updates at lists.suse.com Thu Nov 20 17:06:50 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 21 Nov 2014 01:06:50 +0100 (CET) Subject: SUSE-RU-2014:1470-1: Recommended update for slms_enablement_tools Message-ID: <20141121000650.5F0D63228E@maintenance.suse.de> SUSE Recommended Update: Recommended update for slms_enablement_tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1470-1 Rating: low References: #878374 #891897 Affected Products: SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update for slms_enablement_tools provides the following fixes: * Force unzip to overwrite existing files. (bnc#878374) * Use same handling of user and group for zip archives as Studio. (bnc#891897) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-slms_enablement_tools-9876 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Lifecycle Management Server 1.3 (x86_64) [New Version: 0.12.0]: slms_enablement_tools-0.12.0-0.5.2 References: https://bugzilla.suse.com/show_bug.cgi?id=878374 https://bugzilla.suse.com/show_bug.cgi?id=891897 http://download.suse.com/patch/finder/?keywords=9457aadf5e84e73ef01eeb7985460086 From sle-updates at lists.suse.com Fri Nov 21 11:04:45 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 21 Nov 2014 19:04:45 +0100 (CET) Subject: SUSE-RU-2014:1275-3: Recommended update for openstack-keystone Message-ID: <20141121180445.C72063228E@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1275-3 Rating: low References: #897815 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for openstack-keystone provides stability fixes from the upstream OpenStack project: * Add oslo.serialization for latest keystoneclient * Fix cert creation on hosts with broken hostname * Fix tests comparing tokens * Fix typo on cache backend module * Updated from global requirements * Remove extraenous instantiations of managers * Catalog driver generates v3 catalog from v2 catalog * Remove with\_lockmode use from Trust SQL backend * Set LDAP certificate trust options for LDAPS and TLS * Fixes an issue with the XMLEquals matcher Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-openstack-keystone-9987 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64) [New Version: 2014.1.4.dev2.g9aec35a]: openstack-keystone-2014.1.4.dev2.g9aec35a-0.7.1 python-keystone-2014.1.4.dev2.g9aec35a-0.7.1 - SUSE Cloud 4 (noarch) [New Version: 2014.1.4.dev2.g9aec35a]: openstack-keystone-doc-2014.1.4.dev2.g9aec35a-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=905e9574c0bb9da5aae094829a8ab3ae From sle-updates at lists.suse.com Fri Nov 21 11:05:00 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 21 Nov 2014 19:05:00 +0100 (CET) Subject: SUSE-SU-2014:1458-2: important: Security update for MozillaFirefox Message-ID: <20141121180500.CC81932291@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1458-2 Rating: important References: #900941 #905056 #905528 Cross-References: CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes three new package versions. Description: This version update of Mozilla Firefox to 31.2.0ESR brings improvements, stability fixes and also security fixes for the following CVEs: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586 It also disables SSLv3 by default to mitigate the protocol downgrade attack known as POODLE. This update fixes some regressions introduced by the previously released update. Security Issues: * CVE-2014-1574 * CVE-2014-1575 * CVE-2014-1576 * CVE-2014-1577 * CVE-2014-1578 * CVE-2014-1581 * CVE-2014-1583 * CVE-2014-1585 * CVE-2014-1586 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-firefox31-201411-9973 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64) [New Version: 3.17.2,31.2.0esr and 4.10.7]: MozillaFirefox-31.2.0esr-0.11.11.1 MozillaFirefox-branding-SLED-31.0-0.5.5.1 MozillaFirefox-translations-31.2.0esr-0.11.11.1 libfreebl3-3.17.2-0.3.1 mozilla-nspr-4.10.7-0.3.3 mozilla-nspr-devel-4.10.7-0.3.3 mozilla-nss-3.17.2-0.3.1 mozilla-nss-devel-3.17.2-0.3.1 mozilla-nss-tools-3.17.2-0.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64) [New Version: 3.17.2 and 4.10.7]: libfreebl3-32bit-3.17.2-0.3.1 mozilla-nspr-32bit-4.10.7-0.3.3 mozilla-nss-32bit-3.17.2-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-1574.html http://support.novell.com/security/cve/CVE-2014-1575.html http://support.novell.com/security/cve/CVE-2014-1576.html http://support.novell.com/security/cve/CVE-2014-1577.html http://support.novell.com/security/cve/CVE-2014-1578.html http://support.novell.com/security/cve/CVE-2014-1581.html http://support.novell.com/security/cve/CVE-2014-1583.html http://support.novell.com/security/cve/CVE-2014-1585.html http://support.novell.com/security/cve/CVE-2014-1586.html https://bugzilla.suse.com/show_bug.cgi?id=900941 https://bugzilla.suse.com/show_bug.cgi?id=905056 https://bugzilla.suse.com/show_bug.cgi?id=905528 http://download.suse.com/patch/finder/?keywords=8991d7c7c8912dadb27442e31693b8a0 From sle-updates at lists.suse.com Fri Nov 21 11:05:37 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 21 Nov 2014 19:05:37 +0100 (CET) Subject: SUSE-SU-2014:1473-1: moderate: Security update for file Message-ID: <20141121180537.DD10832291@maintenance.suse.de> SUSE Security Update: Security update for file ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1473-1 Rating: moderate References: #902367 Cross-References: CVE-2014-3710 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: file was updated to fix one security issue. * An out-of-bounds read flaw file's donote() function. This could possibly lead to file executable crash (CVE-2014-3710). Security Issues: * CVE-2014-3710 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-file-9982 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-file-9982 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-file-9982 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-file-9982 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): file-devel-4.24-43.27.1 python-magic-4.24-43.27.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): file-4.24-43.27.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): file-32bit-4.24-43.27.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): file-4.24-43.27.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): file-32bit-4.24-43.27.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): file-x86-4.24-43.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): file-4.24-43.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): file-32bit-4.24-43.27.1 References: http://support.novell.com/security/cve/CVE-2014-3710.html https://bugzilla.suse.com/show_bug.cgi?id=902367 http://download.suse.com/patch/finder/?keywords=b86426298bc3070eb200ec58c3e31b8a From sle-updates at lists.suse.com Mon Nov 24 11:04:45 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 24 Nov 2014 19:04:45 +0100 (CET) Subject: SUSE-RU-2014:1489-1: Recommended update for crowbar-barclamp-keystone Message-ID: <20141124180445.F1BCB32293@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-keystone ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1489-1 Rating: low References: #896481 #896750 #897815 #900887 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for crowbar-barclamp-keystone provides the following fixes and enhancements: * Expose region name to UI (bnc#896481) * Quote template values in .openrc (bnc#896750) * Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook * Make keystone.conf owned by root:keystone, instead of keystone:root * Use helpers from new crowbar-openstack cookbook * When we have the cached value of keystone settings, return it directly * Cache keystone node per instance when fetching keystone settings * Fallback to "default" instance of keystone on fetch of keystone settings * Add dependency on crowbar-barclamp-openstack as Requires(post) and Requires to make sure the package is installed before the %post scriplet is executed (bnc#900887). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-keystone-9886 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-keystone-1.8+git.1412842671.1846c3d-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=896481 https://bugzilla.suse.com/show_bug.cgi?id=896750 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=900887 http://download.suse.com/patch/finder/?keywords=67623ff63518f76c1ab4c89d1afc8cda From sle-updates at lists.suse.com Mon Nov 24 11:05:33 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 24 Nov 2014 19:05:33 +0100 (CET) Subject: SUSE-SU-2014:1458-3: important: Security update for MozillaFirefox Message-ID: <20141124180533.CFC1632295@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1458-3 Rating: important References: #900941 #905056 #905528 Cross-References: CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. It includes three new package versions. Description: This version update of Mozilla Firefox to 31.2.0ESR brings improvements, stability fixes and also security fixes for the following CVEs: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586 It also disables SSLv3 by default to mitigate the protocol downgrade attack known as POODLE. Security Issues: * CVE-2014-1574 * CVE-2014-1575 * CVE-2014-1576 * CVE-2014-1577 * CVE-2014-1578 * CVE-2014-1581 * CVE-2014-1583 * CVE-2014-1585 * CVE-2014-1586 Indications: Everybody should update. Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 3.17.2 and 4.10.7]: mozilla-nspr-4.10.7-0.5.4 mozilla-nspr-devel-4.10.7-0.5.4 mozilla-nss-3.17.2-0.5.1 mozilla-nss-devel-3.17.2-0.5.1 mozilla-nss-tools-3.17.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 3.17.2 and 4.10.7]: mozilla-nspr-32bit-4.10.7-0.5.4 mozilla-nss-32bit-3.17.2-0.5.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x) [New Version: 31.0]: MozillaFirefox-31.2.0esr-0.11.1 MozillaFirefox-branding-SLED-31.0-0.7.1 MozillaFirefox-translations-31.2.0esr-0.11.1 References: http://support.novell.com/security/cve/CVE-2014-1574.html http://support.novell.com/security/cve/CVE-2014-1575.html http://support.novell.com/security/cve/CVE-2014-1576.html http://support.novell.com/security/cve/CVE-2014-1577.html http://support.novell.com/security/cve/CVE-2014-1578.html http://support.novell.com/security/cve/CVE-2014-1581.html http://support.novell.com/security/cve/CVE-2014-1583.html http://support.novell.com/security/cve/CVE-2014-1585.html http://support.novell.com/security/cve/CVE-2014-1586.html https://bugzilla.suse.com/show_bug.cgi?id=900941 https://bugzilla.suse.com/show_bug.cgi?id=905056 https://bugzilla.suse.com/show_bug.cgi?id=905528 http://download.suse.com/patch/finder/?keywords=caf12701f26397664ab064794563a9cc From sle-updates at lists.suse.com Mon Nov 24 17:04:44 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 01:04:44 +0100 (CET) Subject: SUSE-RU-2014:1490-1: Recommended update for shared-mime-info Message-ID: <20141125000444.7B8AB3224E@maintenance.suse.de> SUSE Recommended Update: Recommended update for shared-mime-info ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1490-1 Rating: low References: #901054 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update ensures libglib-2_0-0 is installed before the post-installation scripts of shared-mime-info are executed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-shared-mime-info-9956 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-shared-mime-info-9956 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-shared-mime-info-9956 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): shared-mime-info-0.51-14.10.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): shared-mime-info-0.51-14.10.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): shared-mime-info-0.51-14.10.1 References: https://bugzilla.suse.com/show_bug.cgi?id=901054 http://download.suse.com/patch/finder/?keywords=ddf203c40d941a4a6b49a7c4ce0bb6db From sle-updates at lists.suse.com Mon Nov 24 17:04:59 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 01:04:59 +0100 (CET) Subject: SUSE-RU-2014:1491-1: Recommended update for crowbar-barclamp-cinder Message-ID: <20141125000459.EF45632293@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-cinder ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1491-1 Rating: low References: #896481 #897815 #898217 #900887 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for crowbar-barclamp-cinder provides stability fixes from the upstream OpenStack project: * Use region from keystone settings (bnc#896481) * Fix VMware spelling * Make cinder.conf owned by root:cinder, instead of cinder:root * Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. (bnc#898217) * Use helpers from new crowbar-openstack cookbook * Fix upgrade from roxy * Add dendency on crowbar-barclamp-openstack as Requires(post) and Requires to make sure the package is installed before the %post scriplet is executed (bnc#900887). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-cinder-9883 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-cinder-1.8+git.1412779947.19fd7fb-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=896481 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=898217 https://bugzilla.suse.com/show_bug.cgi?id=900887 http://download.suse.com/patch/finder/?keywords=e770c9a819c3be858aaa41562d6dc117 From sle-updates at lists.suse.com Tue Nov 25 06:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 14:04:42 +0100 (CET) Subject: SUSE-SU-2014:1494-1: moderate: Security update for libreoffice Message-ID: <20141125130442.C867432294@maintenance.suse.de> SUSE Security Update: Security update for libreoffice ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1494-1 Rating: moderate References: #900214 #900218 Cross-References: CVE-2014-3693 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Build System Kit 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: libreoffice was updated to version 4.3.3.2 to fix two security issues: These security issues were fixed: - "Document as E-mail" vulnerability (bnc#900218). - Impress remote control use-after-free vulnerability (CVE-2014-3693). Various other fixes are included in the update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2014-78 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-78 - SUSE Linux Enterprise Build System Kit 12: zypper in -t patch SUSE-SLE-BSK-12-2014-78 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libreoffice-4.3.3.2-6.1 libreoffice-base-4.3.3.2-6.1 libreoffice-base-debuginfo-4.3.3.2-6.1 libreoffice-base-drivers-mysql-4.3.3.2-6.1 libreoffice-base-drivers-mysql-debuginfo-4.3.3.2-6.1 libreoffice-base-drivers-postgresql-4.3.3.2-6.1 libreoffice-base-drivers-postgresql-debuginfo-4.3.3.2-6.1 libreoffice-calc-4.3.3.2-6.1 libreoffice-calc-debuginfo-4.3.3.2-6.1 libreoffice-calc-extensions-4.3.3.2-6.1 libreoffice-debuginfo-4.3.3.2-6.1 libreoffice-debugsource-4.3.3.2-6.1 libreoffice-draw-4.3.3.2-6.1 libreoffice-draw-debuginfo-4.3.3.2-6.1 libreoffice-filters-optional-4.3.3.2-6.1 libreoffice-gnome-4.3.3.2-6.1 libreoffice-gnome-debuginfo-4.3.3.2-6.1 libreoffice-impress-4.3.3.2-6.1 libreoffice-impress-debuginfo-4.3.3.2-6.1 libreoffice-mailmerge-4.3.3.2-6.1 libreoffice-math-4.3.3.2-6.1 libreoffice-math-debuginfo-4.3.3.2-6.1 libreoffice-officebean-4.3.3.2-6.1 libreoffice-officebean-debuginfo-4.3.3.2-6.1 libreoffice-pyuno-4.3.3.2-6.1 libreoffice-pyuno-debuginfo-4.3.3.2-6.1 libreoffice-writer-4.3.3.2-6.1 libreoffice-writer-debuginfo-4.3.3.2-6.1 libreoffice-writer-extensions-4.3.3.2-6.1 - SUSE Linux Enterprise Workstation Extension 12 (noarch): libreoffice-icon-theme-tango-4.3.3.2-6.1 libreoffice-l10n-af-4.3.3.2-6.1 libreoffice-l10n-ar-4.3.3.2-6.1 libreoffice-l10n-ca-4.3.3.2-6.1 libreoffice-l10n-cs-4.3.3.2-6.1 libreoffice-l10n-da-4.3.3.2-6.1 libreoffice-l10n-de-4.3.3.2-6.1 libreoffice-l10n-en-4.3.3.2-6.1 libreoffice-l10n-es-4.3.3.2-6.1 libreoffice-l10n-fi-4.3.3.2-6.1 libreoffice-l10n-fr-4.3.3.2-6.1 libreoffice-l10n-gu-4.3.3.2-6.1 libreoffice-l10n-hi-4.3.3.2-6.1 libreoffice-l10n-hu-4.3.3.2-6.1 libreoffice-l10n-it-4.3.3.2-6.1 libreoffice-l10n-ja-4.3.3.2-6.1 libreoffice-l10n-ko-4.3.3.2-6.1 libreoffice-l10n-nb-4.3.3.2-6.1 libreoffice-l10n-nl-4.3.3.2-6.1 libreoffice-l10n-nn-4.3.3.2-6.1 libreoffice-l10n-pl-4.3.3.2-6.1 libreoffice-l10n-pt-BR-4.3.3.2-6.1 libreoffice-l10n-pt-PT-4.3.3.2-6.1 libreoffice-l10n-ru-4.3.3.2-6.1 libreoffice-l10n-sk-4.3.3.2-6.1 libreoffice-l10n-sv-4.3.3.2-6.1 libreoffice-l10n-xh-4.3.3.2-6.1 libreoffice-l10n-zh-Hans-4.3.3.2-6.1 libreoffice-l10n-zh-Hant-4.3.3.2-6.1 libreoffice-l10n-zu-4.3.3.2-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libreoffice-4.3.3.2-6.1 libreoffice-base-4.3.3.2-6.1 libreoffice-base-debuginfo-4.3.3.2-6.1 libreoffice-base-drivers-mysql-4.3.3.2-6.1 libreoffice-base-drivers-mysql-debuginfo-4.3.3.2-6.1 libreoffice-base-drivers-postgresql-4.3.3.2-6.1 libreoffice-base-drivers-postgresql-debuginfo-4.3.3.2-6.1 libreoffice-calc-4.3.3.2-6.1 libreoffice-calc-debuginfo-4.3.3.2-6.1 libreoffice-calc-extensions-4.3.3.2-6.1 libreoffice-debuginfo-4.3.3.2-6.1 libreoffice-debugsource-4.3.3.2-6.1 libreoffice-draw-4.3.3.2-6.1 libreoffice-draw-debuginfo-4.3.3.2-6.1 libreoffice-filters-optional-4.3.3.2-6.1 libreoffice-gnome-4.3.3.2-6.1 libreoffice-gnome-debuginfo-4.3.3.2-6.1 libreoffice-impress-4.3.3.2-6.1 libreoffice-impress-debuginfo-4.3.3.2-6.1 libreoffice-mailmerge-4.3.3.2-6.1 libreoffice-math-4.3.3.2-6.1 libreoffice-math-debuginfo-4.3.3.2-6.1 libreoffice-officebean-4.3.3.2-6.1 libreoffice-officebean-debuginfo-4.3.3.2-6.1 libreoffice-pyuno-4.3.3.2-6.1 libreoffice-pyuno-debuginfo-4.3.3.2-6.1 libreoffice-writer-4.3.3.2-6.1 libreoffice-writer-debuginfo-4.3.3.2-6.1 libreoffice-writer-extensions-4.3.3.2-6.1 - SUSE Linux Enterprise Desktop 12 (noarch): libreoffice-icon-theme-tango-4.3.3.2-6.1 libreoffice-l10n-af-4.3.3.2-6.1 libreoffice-l10n-ar-4.3.3.2-6.1 libreoffice-l10n-ca-4.3.3.2-6.1 libreoffice-l10n-cs-4.3.3.2-6.1 libreoffice-l10n-da-4.3.3.2-6.1 libreoffice-l10n-de-4.3.3.2-6.1 libreoffice-l10n-en-4.3.3.2-6.1 libreoffice-l10n-es-4.3.3.2-6.1 libreoffice-l10n-fi-4.3.3.2-6.1 libreoffice-l10n-fr-4.3.3.2-6.1 libreoffice-l10n-gu-4.3.3.2-6.1 libreoffice-l10n-hi-4.3.3.2-6.1 libreoffice-l10n-hu-4.3.3.2-6.1 libreoffice-l10n-it-4.3.3.2-6.1 libreoffice-l10n-ja-4.3.3.2-6.1 libreoffice-l10n-ko-4.3.3.2-6.1 libreoffice-l10n-nb-4.3.3.2-6.1 libreoffice-l10n-nl-4.3.3.2-6.1 libreoffice-l10n-nn-4.3.3.2-6.1 libreoffice-l10n-pl-4.3.3.2-6.1 libreoffice-l10n-pt-BR-4.3.3.2-6.1 libreoffice-l10n-pt-PT-4.3.3.2-6.1 libreoffice-l10n-ru-4.3.3.2-6.1 libreoffice-l10n-sk-4.3.3.2-6.1 libreoffice-l10n-sv-4.3.3.2-6.1 libreoffice-l10n-xh-4.3.3.2-6.1 libreoffice-l10n-zh-Hans-4.3.3.2-6.1 libreoffice-l10n-zh-Hant-4.3.3.2-6.1 libreoffice-l10n-zu-4.3.3.2-6.1 - SUSE Linux Enterprise Build System Kit 12 (x86_64): libreoffice-debuginfo-4.3.3.2-6.1 libreoffice-debugsource-4.3.3.2-6.1 libreoffice-sdk-4.3.3.2-6.1 libreoffice-sdk-debuginfo-4.3.3.2-6.1 References: http://support.novell.com/security/cve/CVE-2014-3693.html https://bugzilla.suse.com/show_bug.cgi?id=900214 https://bugzilla.suse.com/show_bug.cgi?id=900218 From sle-updates at lists.suse.com Tue Nov 25 06:05:09 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 14:05:09 +0100 (CET) Subject: SUSE-RU-2014:1495-1: moderate: Recommended update for yast2-proxy Message-ID: <20141125130509.59F5832296@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-proxy ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1495-1 Rating: moderate References: #853725 #871945 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-proxy fixes an issue that made "Test Proxy Settings" always report failure. (bnc#853725, bnc#871945) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-79 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-79 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-proxy-3.1.2-4.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-proxy-3.1.2-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=853725 https://bugzilla.suse.com/show_bug.cgi?id=871945 From sle-updates at lists.suse.com Tue Nov 25 07:05:00 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 15:05:00 +0100 (CET) Subject: SUSE-SU-2014:1497-1: moderate: Security update for php5 Message-ID: <20141125140500.C300A32296@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1497-1 Rating: moderate References: #902357 #902360 #902368 Cross-References: CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: php5 was updated to fix three security issues. The following security issues were fixed: - xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime() (CVE-2014-3668). - integer overflow in unserialize() (CVE-2014-3669). - heap corruption issue in exif_thumbnail() (CVE-2014-3670). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-80 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2014-80 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-7.1 php5-debugsource-5.5.14-7.1 php5-devel-5.5.14-7.1 - SUSE Linux Enterprise Module for Web Scripting 12 (ppc64le s390x x86_64): apache2-mod_php5-5.5.14-7.1 apache2-mod_php5-debuginfo-5.5.14-7.1 php5-5.5.14-7.1 php5-bcmath-5.5.14-7.1 php5-bcmath-debuginfo-5.5.14-7.1 php5-bz2-5.5.14-7.1 php5-bz2-debuginfo-5.5.14-7.1 php5-calendar-5.5.14-7.1 php5-calendar-debuginfo-5.5.14-7.1 php5-ctype-5.5.14-7.1 php5-ctype-debuginfo-5.5.14-7.1 php5-curl-5.5.14-7.1 php5-curl-debuginfo-5.5.14-7.1 php5-dba-5.5.14-7.1 php5-dba-debuginfo-5.5.14-7.1 php5-debuginfo-5.5.14-7.1 php5-debugsource-5.5.14-7.1 php5-dom-5.5.14-7.1 php5-dom-debuginfo-5.5.14-7.1 php5-enchant-5.5.14-7.1 php5-enchant-debuginfo-5.5.14-7.1 php5-exif-5.5.14-7.1 php5-exif-debuginfo-5.5.14-7.1 php5-fastcgi-5.5.14-7.1 php5-fastcgi-debuginfo-5.5.14-7.1 php5-fileinfo-5.5.14-7.1 php5-fileinfo-debuginfo-5.5.14-7.1 php5-fpm-5.5.14-7.1 php5-fpm-debuginfo-5.5.14-7.1 php5-ftp-5.5.14-7.1 php5-ftp-debuginfo-5.5.14-7.1 php5-gd-5.5.14-7.1 php5-gd-debuginfo-5.5.14-7.1 php5-gettext-5.5.14-7.1 php5-gettext-debuginfo-5.5.14-7.1 php5-gmp-5.5.14-7.1 php5-gmp-debuginfo-5.5.14-7.1 php5-iconv-5.5.14-7.1 php5-iconv-debuginfo-5.5.14-7.1 php5-intl-5.5.14-7.1 php5-intl-debuginfo-5.5.14-7.1 php5-json-5.5.14-7.1 php5-json-debuginfo-5.5.14-7.1 php5-ldap-5.5.14-7.1 php5-ldap-debuginfo-5.5.14-7.1 php5-mbstring-5.5.14-7.1 php5-mbstring-debuginfo-5.5.14-7.1 php5-mcrypt-5.5.14-7.1 php5-mcrypt-debuginfo-5.5.14-7.1 php5-mysql-5.5.14-7.1 php5-mysql-debuginfo-5.5.14-7.1 php5-odbc-5.5.14-7.1 php5-odbc-debuginfo-5.5.14-7.1 php5-openssl-5.5.14-7.1 php5-openssl-debuginfo-5.5.14-7.1 php5-pcntl-5.5.14-7.1 php5-pcntl-debuginfo-5.5.14-7.1 php5-pdo-5.5.14-7.1 php5-pdo-debuginfo-5.5.14-7.1 php5-pgsql-5.5.14-7.1 php5-pgsql-debuginfo-5.5.14-7.1 php5-pspell-5.5.14-7.1 php5-pspell-debuginfo-5.5.14-7.1 php5-shmop-5.5.14-7.1 php5-shmop-debuginfo-5.5.14-7.1 php5-snmp-5.5.14-7.1 php5-snmp-debuginfo-5.5.14-7.1 php5-soap-5.5.14-7.1 php5-soap-debuginfo-5.5.14-7.1 php5-sockets-5.5.14-7.1 php5-sockets-debuginfo-5.5.14-7.1 php5-sqlite-5.5.14-7.1 php5-sqlite-debuginfo-5.5.14-7.1 php5-suhosin-5.5.14-7.1 php5-suhosin-debuginfo-5.5.14-7.1 php5-sysvmsg-5.5.14-7.1 php5-sysvmsg-debuginfo-5.5.14-7.1 php5-sysvsem-5.5.14-7.1 php5-sysvsem-debuginfo-5.5.14-7.1 php5-sysvshm-5.5.14-7.1 php5-sysvshm-debuginfo-5.5.14-7.1 php5-tokenizer-5.5.14-7.1 php5-tokenizer-debuginfo-5.5.14-7.1 php5-wddx-5.5.14-7.1 php5-wddx-debuginfo-5.5.14-7.1 php5-xmlreader-5.5.14-7.1 php5-xmlreader-debuginfo-5.5.14-7.1 php5-xmlrpc-5.5.14-7.1 php5-xmlrpc-debuginfo-5.5.14-7.1 php5-xmlwriter-5.5.14-7.1 php5-xmlwriter-debuginfo-5.5.14-7.1 php5-xsl-5.5.14-7.1 php5-xsl-debuginfo-5.5.14-7.1 php5-zip-5.5.14-7.1 php5-zip-debuginfo-5.5.14-7.1 php5-zlib-5.5.14-7.1 php5-zlib-debuginfo-5.5.14-7.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php5-pear-5.5.14-7.1 References: http://support.novell.com/security/cve/CVE-2014-3668.html http://support.novell.com/security/cve/CVE-2014-3669.html http://support.novell.com/security/cve/CVE-2014-3670.html https://bugzilla.suse.com/show_bug.cgi?id=902357 https://bugzilla.suse.com/show_bug.cgi?id=902360 https://bugzilla.suse.com/show_bug.cgi?id=902368 From sle-updates at lists.suse.com Tue Nov 25 11:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 19:04:41 +0100 (CET) Subject: SUSE-RU-2014:1498-1: Recommended update for nfsidmap Message-ID: <20141125180441.308AD32294@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfsidmap ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1498-1 Rating: low References: #859625 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update enables the umich_ldap module in nfsidmap. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-nfsidmap-9959 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nfsidmap-9959 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nfsidmap-9959 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-nfsidmap-9959 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): nfsidmap-devel-0.25-0.13.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nfsidmap-0.25-0.13.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nfsidmap-0.25-0.13.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): nfsidmap-0.25-0.13.1 References: https://bugzilla.suse.com/show_bug.cgi?id=859625 http://download.suse.com/patch/finder/?keywords=df3b120807685915eb655147f4cbf4f3 From sle-updates at lists.suse.com Tue Nov 25 11:04:56 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 19:04:56 +0100 (CET) Subject: SUSE-RU-2014:1499-1: Recommended update for SLES manuals Message-ID: <20141125180456.7F2B432296@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLES manuals ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1499-1 Rating: low References: #865362 #879973 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: Information about cross-architecture upgrade was added to SUSE Linux Enterprise Server manuals. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-sle-apparmor-quick_en-pdf-9957 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-sle-apparmor-quick_en-pdf-9957 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-sle-apparmor-quick_en-pdf-9957 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): sles-admin_en-pdf-11.3-0.27.1 sles-autoyast_en-pdf-11.3-0.27.1 sles-deployment_en-pdf-11.3-0.27.1 sles-hardening_en-pdf-11.3-0.27.1 sles-installquick_en-pdf-11.3-0.27.1 sles-lxcquick_en-pdf-11.3-0.27.1 sles-manuals_en-11.3-0.27.1 sles-security_en-pdf-11.3-0.27.1 sles-storage_en-pdf-11.3-0.27.1 sles-tuning_en-pdf-11.3-0.27.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): sles-admin_en-pdf-11.3-0.27.1 sles-autoyast_en-pdf-11.3-0.27.1 sles-deployment_en-pdf-11.3-0.27.1 sles-hardening_en-pdf-11.3-0.27.1 sles-installquick_en-pdf-11.3-0.27.1 sles-kvm_en-pdf-11.3-0.27.1 sles-lxcquick_en-pdf-11.3-0.27.1 sles-manuals_en-11.3-0.27.1 sles-security_en-pdf-11.3-0.27.1 sles-storage_en-pdf-11.3-0.27.1 sles-tuning_en-pdf-11.3-0.27.1 sles-xen_en-pdf-11.3-0.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): sle-apparmor-quick_en-pdf-11.3-0.27.1 sle-audit-quick_en-pdf-11.3-0.27.1 sles-kvm_en-pdf-11.3-0.27.1 References: https://bugzilla.suse.com/show_bug.cgi?id=865362 https://bugzilla.suse.com/show_bug.cgi?id=879973 http://download.suse.com/patch/finder/?keywords=e2f18640970efc997db33102752c118e From sle-updates at lists.suse.com Tue Nov 25 13:04:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 21:04:41 +0100 (CET) Subject: SUSE-RU-2014:1275-4: Recommended update for crowbar Message-ID: <20141125200441.1513D32294@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1275-4 Rating: low References: #897815 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar provides stability fixes from the upstream OpenStack project: * Fix previous commit on path canonicalization * Expand given file path before changing directories * Replaced wrong variable definition Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-9980 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-1.8+git.1411390919.f59b3ae-0.9.1 References: https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=d1f7c0b8782b64c8575bb91b4edaa6ff From sle-updates at lists.suse.com Tue Nov 25 13:04:56 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 21:04:56 +0100 (CET) Subject: SUSE-RU-2014:1500-1: Recommended update for nfs-utils Message-ID: <20141125200456.16C8232296@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfs-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1500-1 Rating: low References: #769940 #845269 #853991 #859625 #892809 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This collective update for nfs-utils provides the following fixes: * Support exporting sub-directories of case-insensitive filesystems. (bnc#853991) * Extend to avoid unnecessary ENOENT error from gssd. (bnc#859625) * Allow $NFSD_V4_GRACE to set the lease time if NFSV4LEASETIME is not set. (bnc#892809) * Set NFSv4 and NLM grace time to make the NFSv4 lease time. (bnc#892809) * Document "local_lock=" mount option. (bnc#769940) * Run gssd on server as well as on client, it is needed for NFSv4.0 callbacks. (bnc#845269) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nfs-client-9974 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nfs-client-9974 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-nfs-client-9974 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nfs-client-1.2.3-18.37.1 nfs-doc-1.2.3-18.37.1 nfs-kernel-server-1.2.3-18.37.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nfs-client-1.2.3-18.37.1 nfs-doc-1.2.3-18.37.1 nfs-kernel-server-1.2.3-18.37.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): nfs-client-1.2.3-18.37.1 nfs-kernel-server-1.2.3-18.37.1 References: https://bugzilla.suse.com/show_bug.cgi?id=769940 https://bugzilla.suse.com/show_bug.cgi?id=845269 https://bugzilla.suse.com/show_bug.cgi?id=853991 https://bugzilla.suse.com/show_bug.cgi?id=859625 https://bugzilla.suse.com/show_bug.cgi?id=892809 http://download.suse.com/patch/finder/?keywords=e643a916152aa244ddc7b533d8b5bc26 From sle-updates at lists.suse.com Tue Nov 25 15:04:45 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 25 Nov 2014 23:04:45 +0100 (CET) Subject: SUSE-RU-2014:1501-1: Recommended update for aaa_base Message-ID: <20141125220445.C9C0432294@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1501-1 Rating: low References: #809110 #900396 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for aaa_base provides the following fixes: * Properly umount nssadmin file system for OES * Do not mix list of file systems to unmount with already unmounted file systems. (bsc#809110) * Fix wrong boot time information in utmp file when /var is on a separate mount point. (bsc#900396) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-aaa_base-9949 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-aaa_base-9949 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-aaa_base-9949 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): aaa_base-11-6.98.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.98.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): aaa_base-11-6.98.1 References: https://bugzilla.suse.com/show_bug.cgi?id=809110 https://bugzilla.suse.com/show_bug.cgi?id=900396 http://download.suse.com/patch/finder/?keywords=1b168fb3f4cf80e1b2b81f17c3a0c692 From sle-updates at lists.suse.com Wed Nov 26 11:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 26 Nov 2014 19:04:42 +0100 (CET) Subject: SUSE-RU-2014:1507-1: Recommended update for crowbar-barclamp-glance Message-ID: <20141126180442.20C9D32294@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-glance ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1507-1 Rating: low References: #896481 #897815 #900887 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for crowbar-barclamp-glance provides stability fixes from the upstream OpenStack project: * Use region from keystone settings (bnc#896481) * Fix VMware spelling * Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. * Make glance-scrubber.conf owned by root:glance, instead of glance:root * Use helpers from new crowbar-openstack cookbook * Add dependency on crowbar-barclamp-openstack as Requires(post) and Requires to make sure the package is installed before the %post scriplet is executed (bnc#900887). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-glance-9884 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-glance-1.8+git.1412779998.943709f-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=896481 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=900887 http://download.suse.com/patch/finder/?keywords=b5c80273ca2b072e5db44d81e0276366 From sle-updates at lists.suse.com Thu Nov 27 02:04:48 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Nov 2014 10:04:48 +0100 (CET) Subject: SUSE-SU-2014:1510-1: moderate: Security update for MozillaFirefox and mozilla-nss Message-ID: <20141127090448.F2D9F32294@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox and mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1510-1 Rating: moderate References: #897890 #900941 Cross-References: CVE-2014-1568 CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: - update to Firefox 31.2.0 ESR (bnc#900941) * MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 (bmo#1001994, bmo#1011354, bmo#1018916, bmo#1020034, bmo#1023035, bmo#1032208, bmo#1033020, bmo#1034230, bmo#1061214, bmo#1061600, bmo#1064346, bmo#1072044, bmo#1072174) Miscellaneous memory safety hazards (rv:33.0/rv:31.2) * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS manipulation * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption issues with custom waveforms * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM video * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting with text directionality * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) Inconsistent video sharing within iframe * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) Accessing cross-origin objects via the Alarms API - SSLv3 is disabled by default. See README.POODLE for more detailed information. - disable call home features - update to 3.17.2 (bnc#900941) Bugfix release * bmo#1049435 - Importing an RSA private key fails if p < q * bmo#1057161 - NSS hangs with 100% CPU on invalid EC key * bmo#1078669 - certutil crashes when using the --certVersion parameter - changes from earlier version of the 3.17 branch: update to 3.17.1 (bnc#897890) * MFSA 2014-73/CVE-2014-1568 (bmo#1064636, bmo#1069405) RSA Signature Forgery in NSS * Change library's signature algorithm default to SHA256 * Add support for draft-ietf-tls-downgrade-scsv * Add clang-cl support to the NSS build system * Implement TLS 1.3: * Part 1. Negotiate TLS 1.3 * Part 2. Remove deprecated cipher suites andcompression. * Add support for little-endian powerpc64 update to 3.17 * required for Firefox 33 New functionality: * When using ECDHE, the TLS server code may be configured to generate a fresh ephemeral ECDH key for each handshake, by setting the SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means the server's ephemeral ECDH key is reused for multiple handshakes. This option does not affect the TLS client code, which always generates a fresh ephemeral ECDH key for each handshake. New Macros * SSL_REUSE_SERVER_ECDHE_KEY Notable Changes: * The manual pages for the certutil and pp tools have been updated to document the new parameters that had been added in NSS 3.16.2. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-81 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-81 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-81 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-31.2.0esr-6.4 MozillaFirefox-debugsource-31.2.0esr-6.4 MozillaFirefox-devel-31.2.0esr-6.4 mozilla-nss-debuginfo-3.17.2-8.2 mozilla-nss-debugsource-3.17.2-8.2 mozilla-nss-devel-3.17.2-8.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): MozillaFirefox-31.2.0esr-6.4 MozillaFirefox-branding-SLE-31-4.1 MozillaFirefox-debuginfo-31.2.0esr-6.4 MozillaFirefox-debugsource-31.2.0esr-6.4 MozillaFirefox-translations-31.2.0esr-6.4 libfreebl3-3.17.2-8.2 libfreebl3-debuginfo-3.17.2-8.2 libfreebl3-hmac-3.17.2-8.2 libsoftokn3-3.17.2-8.2 libsoftokn3-debuginfo-3.17.2-8.2 libsoftokn3-hmac-3.17.2-8.2 mozilla-nss-3.17.2-8.2 mozilla-nss-certs-3.17.2-8.2 mozilla-nss-certs-debuginfo-3.17.2-8.2 mozilla-nss-debuginfo-3.17.2-8.2 mozilla-nss-debugsource-3.17.2-8.2 mozilla-nss-tools-3.17.2-8.2 mozilla-nss-tools-debuginfo-3.17.2-8.2 - SUSE Linux Enterprise Desktop 12 (x86_64): MozillaFirefox-31.2.0esr-6.4 MozillaFirefox-branding-SLE-31-4.1 MozillaFirefox-debuginfo-31.2.0esr-6.4 MozillaFirefox-debugsource-31.2.0esr-6.4 MozillaFirefox-translations-31.2.0esr-6.4 libfreebl3-3.17.2-8.2 libfreebl3-debuginfo-3.17.2-8.2 libsoftokn3-3.17.2-8.2 libsoftokn3-debuginfo-3.17.2-8.2 mozilla-nss-3.17.2-8.2 mozilla-nss-certs-3.17.2-8.2 mozilla-nss-certs-debuginfo-3.17.2-8.2 mozilla-nss-debuginfo-3.17.2-8.2 mozilla-nss-debugsource-3.17.2-8.2 mozilla-nss-tools-3.17.2-8.2 mozilla-nss-tools-debuginfo-3.17.2-8.2 References: http://support.novell.com/security/cve/CVE-2014-1568.html http://support.novell.com/security/cve/CVE-2014-1574.html http://support.novell.com/security/cve/CVE-2014-1575.html http://support.novell.com/security/cve/CVE-2014-1576.html http://support.novell.com/security/cve/CVE-2014-1577.html http://support.novell.com/security/cve/CVE-2014-1578.html http://support.novell.com/security/cve/CVE-2014-1581.html http://support.novell.com/security/cve/CVE-2014-1583.html http://support.novell.com/security/cve/CVE-2014-1585.html http://support.novell.com/security/cve/CVE-2014-1586.html https://bugzilla.suse.com/show_bug.cgi?id=897890 https://bugzilla.suse.com/show_bug.cgi?id=900941 From sle-updates at lists.suse.com Thu Nov 27 02:05:21 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Nov 2014 10:05:21 +0100 (CET) Subject: SUSE-SU-2014:1511-1: moderate: Security update for python, python-base, python-doc Message-ID: <20141127090521.9FF9632296@maintenance.suse.de> SUSE Security Update: Security update for python, python-base, python-doc ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1511-1 Rating: moderate References: #898572 Cross-References: CVE-2014-7185 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: python, python-base, python-doc was updated to fix one security issue. This security issue was fixed: - Fixed potential buffer overflow in buffer() (CVE-2014-7185). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2014-82 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-82 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-82 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-82 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): python-base-debuginfo-2.7.7-5.2 python-base-debugsource-2.7.7-5.2 python-devel-2.7.7-5.2 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): python-base-debuginfo-2.7.7-5.2 python-base-debugsource-2.7.7-5.2 python-devel-2.7.7-5.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpython2_7-1_0-2.7.7-5.2 libpython2_7-1_0-debuginfo-2.7.7-5.2 python-2.7.7-5.1 python-base-2.7.7-5.2 python-base-debuginfo-2.7.7-5.2 python-base-debugsource-2.7.7-5.2 python-curses-2.7.7-5.1 python-curses-debuginfo-2.7.7-5.1 python-debuginfo-2.7.7-5.1 python-debugsource-2.7.7-5.1 python-demo-2.7.7-5.1 python-gdbm-2.7.7-5.1 python-gdbm-debuginfo-2.7.7-5.1 python-idle-2.7.7-5.1 python-tk-2.7.7-5.1 python-tk-debuginfo-2.7.7-5.1 python-xml-2.7.7-5.2 python-xml-debuginfo-2.7.7-5.2 - SUSE Linux Enterprise Server 12 (noarch): python-doc-2.7.7-5.1 python-doc-pdf-2.7.7-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpython2_7-1_0-2.7.7-5.2 libpython2_7-1_0-debuginfo-2.7.7-5.2 python-2.7.7-5.1 python-base-2.7.7-5.2 python-base-debuginfo-2.7.7-5.2 python-base-debugsource-2.7.7-5.2 python-curses-2.7.7-5.1 python-curses-debuginfo-2.7.7-5.1 python-debuginfo-2.7.7-5.1 python-debugsource-2.7.7-5.1 python-devel-2.7.7-5.2 python-tk-2.7.7-5.1 python-tk-debuginfo-2.7.7-5.1 python-xml-2.7.7-5.2 python-xml-debuginfo-2.7.7-5.2 References: http://support.novell.com/security/cve/CVE-2014-7185.html https://bugzilla.suse.com/show_bug.cgi?id=898572 From sle-updates at lists.suse.com Thu Nov 27 02:05:38 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Nov 2014 10:05:38 +0100 (CET) Subject: SUSE-SU-2014:1512-1: moderate: Security update for compat-openssl098 Message-ID: <20141127090538.507CE32296@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl098 ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1512-1 Rating: moderate References: #901223 #901277 Cross-References: CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: compat-openssl098 was updated to fix three security issues. NOTE: this update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations. These security issues were fixed: - Session ticket memory leak (CVE-2014-3567). - Fixed build option no-ssl3 (CVE-2014-3568). - Added support for TLS_FALLBACK_SCSV (CVE-2014-3566). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2014-83 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-83 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): compat-openssl098-debugsource-0.9.8j-62.1 libopenssl0_9_8-0.9.8j-62.1 libopenssl0_9_8-debuginfo-0.9.8j-62.1 - SUSE Linux Enterprise Desktop 12 (x86_64): compat-openssl098-debugsource-0.9.8j-62.1 libopenssl0_9_8-0.9.8j-62.1 libopenssl0_9_8-debuginfo-0.9.8j-62.1 References: http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 From sle-updates at lists.suse.com Thu Nov 27 11:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Nov 2014 19:04:39 +0100 (CET) Subject: SUSE-RU-2014:1517-1: Recommended update for crowbar-barclamp-nova_dashboard Message-ID: <20141127180439.9AC9332295@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-nova_dashboard ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1517-1 Rating: low References: #894070 #897815 #900887 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for crowbar-barclamp-nova_dashboard provides stability fixes from the upstream OpenStack project: * Use a host specific memcache key for django_compressor (bnc#894070) * Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. * Use helpers from new crowbar-openstack cookbook * Fix apache with HA not running until second chef-client run * Configure horizon before configuring the vhost for horizon in apache * Avoid races with HA on "python manage.py syncdb" * Add dependency on crowbar-barclamp-openstack as Requires(post) and Requires to make sure the package is installed before the %post scriplet is executed (bnc#900887). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-nova_dashboard-9889 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-nova_dashboard-1.8+git.1410255987.ea30f00-0.11.1 References: https://bugzilla.suse.com/show_bug.cgi?id=894070 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=900887 http://download.suse.com/patch/finder/?keywords=8e5a6b4896b8f0e8ca9d7748ed211ebe From sle-updates at lists.suse.com Thu Nov 27 13:04:40 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 27 Nov 2014 21:04:40 +0100 (CET) Subject: SUSE-RU-2014:1275-5: Recommended update for suse-cloud-upgrade Message-ID: <20141127200440.6341332295@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-cloud-upgrade ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1275-5 Rating: low References: #897815 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for suse-cloud-upgrade provides the following stability fixes: * Fix barclamp install order * Improved the scrapping of the suse cloud version Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-suse-cloud-upgrade-9989 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): suse-cloud-upgrade-4+git.1412929393.4bc0a24-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=7c00aec7c88971beceac61daa879ea07 From sle-updates at lists.suse.com Thu Nov 27 19:04:43 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 03:04:43 +0100 (CET) Subject: SUSE-SU-2014:1518-1: moderate: Security update for Python Message-ID: <20141128020443.996243228D@maintenance.suse.de> SUSE Security Update: Security update for Python ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1518-1 Rating: moderate References: #898572 #901715 Cross-References: CVE-2014-7185 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: Python was updated to fix one security issue: * Potential wraparound/overflow in buffer() (CVE-2014-7185) As an additional hardening measure SSLv2 has been disabled (bnc#901715). Security Issues: * CVE-2014-7185 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-python-2014-11-19-9996 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-python-2014-11-19-9996 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-python-2014-11-19-9996 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-python-2014-11-19-9996 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: python-devel-2.6.9-0.33.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 2.6.9]: python-demo-2.6.9-0.33.1 python-gdbm-2.6.9-0.33.1 python-idle-2.6.9-0.33.1 python-tk-2.6.9-0.33.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 2.6.9]: python-32bit-2.6.9-0.33.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): python-doc-2.6-8.33.1 python-doc-pdf-2.6-8.33.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.33.1 python-2.6.9-0.33.1 python-base-2.6.9-0.33.1 python-curses-2.6.9-0.33.1 python-demo-2.6.9-0.33.1 python-gdbm-2.6.9-0.33.1 python-idle-2.6.9-0.33.1 python-tk-2.6.9-0.33.1 python-xml-2.6.9-0.33.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.33.1 python-32bit-2.6.9-0.33.1 python-base-32bit-2.6.9-0.33.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): python-doc-2.6-8.33.1 python-doc-pdf-2.6-8.33.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.33.1 python-2.6.9-0.33.1 python-base-2.6.9-0.33.1 python-curses-2.6.9-0.33.1 python-demo-2.6.9-0.33.1 python-gdbm-2.6.9-0.33.1 python-idle-2.6.9-0.33.1 python-tk-2.6.9-0.33.1 python-xml-2.6.9-0.33.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.33.1 python-32bit-2.6.9-0.33.1 python-base-32bit-2.6.9-0.33.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): python-doc-2.6-8.33.1 python-doc-pdf-2.6-8.33.1 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 2.6.9]: libpython2_6-1_0-x86-2.6.9-0.33.1 python-base-x86-2.6.9-0.33.1 python-x86-2.6.9-0.33.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.6.9]: libpython2_6-1_0-2.6.9-0.33.1 python-2.6.9-0.33.1 python-base-2.6.9-0.33.1 python-curses-2.6.9-0.33.1 python-devel-2.6.9-0.33.1 python-tk-2.6.9-0.33.1 python-xml-2.6.9-0.33.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 2.6.9]: libpython2_6-1_0-32bit-2.6.9-0.33.1 python-base-32bit-2.6.9-0.33.1 References: http://support.novell.com/security/cve/CVE-2014-7185.html https://bugzilla.suse.com/show_bug.cgi?id=898572 https://bugzilla.suse.com/show_bug.cgi?id=901715 http://download.suse.com/patch/finder/?keywords=c5b0994dea1693becfd8d76b2b716f87 From sle-updates at lists.suse.com Thu Nov 27 22:05:41 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 06:05:41 +0100 (CET) Subject: SUSE-SU-2014:1519-1: moderate: Security update for evolution-data-server Message-ID: <20141128050541.A346732295@maintenance.suse.de> SUSE Security Update: Security update for evolution-data-server ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1519-1 Rating: moderate References: #901553 Cross-References: CVE-2014-3566 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: evolution-data-server has been updated to disable support for SSLv3. This security issues has been fixed: * SSLv3 POODLE attack (CVE-2014-3566) Security Issues: * CVE-2014-3566 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-evolution-data-server-9969 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-evolution-data-server-9969 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-evolution-data-server-9969 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-evolution-data-server-9969 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): evolution-data-server-devel-2.28.2-0.32.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): evolution-data-server-2.28.2-0.32.1 evolution-data-server-lang-2.28.2-0.32.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): evolution-data-server-32bit-2.28.2-0.32.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): evolution-data-server-2.28.2-0.32.1 evolution-data-server-lang-2.28.2-0.32.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): evolution-data-server-32bit-2.28.2-0.32.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): evolution-data-server-x86-2.28.2-0.32.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): evolution-data-server-2.28.2-0.32.1 evolution-data-server-lang-2.28.2-0.32.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): evolution-data-server-32bit-2.28.2-0.32.1 References: http://support.novell.com/security/cve/CVE-2014-3566.html https://bugzilla.suse.com/show_bug.cgi?id=901553 http://download.suse.com/patch/finder/?keywords=d055797f8ab348539e157aa0f7d403c6 From sle-updates at lists.suse.com Thu Nov 27 23:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 07:04:39 +0100 (CET) Subject: SUSE-SU-2014:1520-1: moderate: Security update for wireshark Message-ID: <20141128060439.F3C7232295@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1520-1 Rating: moderate References: #899303 #905245 #905246 #905247 #905248 Cross-References: CVE-2014-8710 CVE-2014-8711 CVE-2014-8712 CVE-2014-8713 CVE-2014-8714 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. It includes one version update. Description: wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed: * SigComp UDVM buffer overflow (CVE-2014-8710). * AMQP dissector crash (CVE-2014-8711). * NCP dissector crashes (CVE-2014-8712, CVE-2014-8713). * TN5250 infinite loops (CVE-2014-8714). This non-security issue has been fixed: * enable zlib (bnc#899303). Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html Security Issues: * CVE-2014-8711 * CVE-2014-8710 * CVE-2014-8714 * CVE-2014-8712 * CVE-2014-8713 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-wireshark-9968 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-wireshark-9968 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-wireshark-9968 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-wireshark-9968 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.10.11]: wireshark-devel-1.10.11-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 1.10.11]: wireshark-1.10.11-0.2.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.10.11]: wireshark-1.10.11-0.2.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.10.11]: wireshark-1.10.11-0.2.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.10.11]: wireshark-1.10.11-0.2.1 References: http://support.novell.com/security/cve/CVE-2014-8710.html http://support.novell.com/security/cve/CVE-2014-8711.html http://support.novell.com/security/cve/CVE-2014-8712.html http://support.novell.com/security/cve/CVE-2014-8713.html http://support.novell.com/security/cve/CVE-2014-8714.html https://bugzilla.suse.com/show_bug.cgi?id=899303 https://bugzilla.suse.com/show_bug.cgi?id=905245 https://bugzilla.suse.com/show_bug.cgi?id=905246 https://bugzilla.suse.com/show_bug.cgi?id=905247 https://bugzilla.suse.com/show_bug.cgi?id=905248 http://download.suse.com/patch/finder/?keywords=3492e3c53fb11fb448076c7c42a49659 From sle-updates at lists.suse.com Fri Nov 28 03:04:46 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 11:04:46 +0100 (CET) Subject: SUSE-RU-2014:1521-1: Recommended update for rpcbind Message-ID: <20141128100446.8F3D532296@maintenance.suse.de> SUSE Recommended Update: Recommended update for rpcbind ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1521-1 Rating: low References: #905042 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for rpcbind disables debug code which could fill up the system log files. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-87 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-87 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): rpcbind-0.2.1_rc4-11.1 rpcbind-debuginfo-0.2.1_rc4-11.1 rpcbind-debugsource-0.2.1_rc4-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): rpcbind-0.2.1_rc4-11.1 rpcbind-debuginfo-0.2.1_rc4-11.1 rpcbind-debugsource-0.2.1_rc4-11.1 References: https://bugzilla.suse.com/show_bug.cgi?id=905042 From sle-updates at lists.suse.com Fri Nov 28 03:05:02 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 11:05:02 +0100 (CET) Subject: SUSE-RU-2014:1522-1: moderate: Recommended update for dirmngr Message-ID: <20141128100502.BDDAE32299@maintenance.suse.de> SUSE Recommended Update: Recommended update for dirmngr ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1522-1 Rating: moderate References: #901845 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for dirmngr fixes a segmentation fault at start up. (bnc#901845) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-85 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-85 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): dirmngr-1.1.1-4.1 dirmngr-debuginfo-1.1.1-4.1 dirmngr-debugsource-1.1.1-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): dirmngr-1.1.1-4.1 dirmngr-debuginfo-1.1.1-4.1 dirmngr-debugsource-1.1.1-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=901845 From sle-updates at lists.suse.com Fri Nov 28 03:05:19 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 11:05:19 +0100 (CET) Subject: SUSE-RU-2014:1523-1: Recommended update for release-notes-sles Message-ID: <20141128100519.7552B32299@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1523-1 Rating: low References: #888469 #900083 #900771 #902380 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update provides the latest revision of the release notes for SUSE Linux Enterprise Server 12: - Fix URLs to documentation (bsc#902868) - Add life cycle of SUSE Linux Enterprise modules. - Fixed typo in section 5.3.6.7 suseRegister replaced by SUSEConnect (bsc#900771, fate#316585) - Cosmetic changes in section 3.2.1 (bsc#888469, fate#317042) - Added a new entry about Support for Intel PSM API (fate#315889) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-86 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): release-notes-sles-12.0.20141028-6.1 References: https://bugzilla.suse.com/show_bug.cgi?id=888469 https://bugzilla.suse.com/show_bug.cgi?id=900083 https://bugzilla.suse.com/show_bug.cgi?id=900771 https://bugzilla.suse.com/show_bug.cgi?id=902380 From sle-updates at lists.suse.com Fri Nov 28 03:06:06 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 11:06:06 +0100 (CET) Subject: SUSE-SU-2014:1524-1: moderate: Security update for openssl Message-ID: <20141128100606.2E38C32299@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1524-1 Rating: moderate References: #901223 #901277 Cross-References: CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: openssl was updated to fix four security issues. These security issues were fixed: - SRTP Memory Leak (CVE-2014-3513). - Session Ticket Memory Leak (CVE-2014-3567). - Fixed incomplete no-ssl3 build option (CVE-2014-3568). - Add support for TLS_FALLBACK_SCSV (CVE-2014-3566). NOTE: This update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-84 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-84 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-84 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libopenssl-devel-1.0.1i-5.1 openssl-debuginfo-1.0.1i-5.1 openssl-debugsource-1.0.1i-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libopenssl1_0_0-1.0.1i-5.1 libopenssl1_0_0-debuginfo-1.0.1i-5.1 libopenssl1_0_0-hmac-1.0.1i-5.1 openssl-1.0.1i-5.1 openssl-debuginfo-1.0.1i-5.1 openssl-debugsource-1.0.1i-5.1 - SUSE Linux Enterprise Server 12 (noarch): openssl-doc-1.0.1i-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libopenssl1_0_0-1.0.1i-5.1 libopenssl1_0_0-debuginfo-1.0.1i-5.1 openssl-1.0.1i-5.1 openssl-debuginfo-1.0.1i-5.1 openssl-debugsource-1.0.1i-5.1 References: http://support.novell.com/security/cve/CVE-2014-3513.html http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-3567.html http://support.novell.com/security/cve/CVE-2014-3568.html https://bugzilla.suse.com/show_bug.cgi?id=901223 https://bugzilla.suse.com/show_bug.cgi?id=901277 From sle-updates at lists.suse.com Fri Nov 28 08:04:39 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 16:04:39 +0100 (CET) Subject: SUSE-RU-2014:1525-1: Recommended update for release-notes-sdk Message-ID: <20141128150439.8D7FA3229F@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sdk ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1525-1 Rating: low References: #902405 Affected Products: SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest revision of the release notes for SUSE Linux Enterprise Software Development Kit 12, documenting that Valgrind on System z is a Technology Preview. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2014-88 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (noarch): release-notes-sdk-12.0.20141027-4.1 References: https://bugzilla.suse.com/show_bug.cgi?id=902405 From sle-updates at lists.suse.com Fri Nov 28 11:05:38 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 19:05:38 +0100 (CET) Subject: SUSE-SU-2014:1526-1: important: Security update for IBM Java Message-ID: <20141128180538.29F63322A1@maintenance.suse.de> SUSE Security Update: Security update for IBM Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1526-1 Rating: important References: #904889 Cross-References: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that fixes 21 vulnerabilities is now available. Description: java-1_7_0-ibm has been updated to version 1.7.0_sr7.2 to fix 21 security issues. These security issues have been fixed: * Unspecified vulnerability (CVE-2014-3065). * The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue (CVE-2014-3566). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT (CVE-2014-6513). * Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2014-6456). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532 (CVE-2014-6503). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503 (CVE-2014-6532). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532 (CVE-2014-4288). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532 (CVE-2014-6493). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6492). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6458). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Internet Explorer, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6466). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-6506). * Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527 (CVE-2014-6476). * Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment (CVE-2014-6515). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D (CVE-2014-6511). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries (CVE-2014-6531). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries (CVE-2014-6512). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE (CVE-2014-6457). * Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476 (CVE-2014-6527). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries (CVE-2014-6502). * Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security (CVE-2014-6558). More information can be found at http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_Nove mber_2014 Security Issues: * CVE-2014-3065 * CVE-2014-3566 * CVE-2014-6506 * CVE-2014-6511 * CVE-2014-6531 * CVE-2014-6512 * CVE-2014-6457 * CVE-2014-6502 * CVE-2014-6558 * CVE-2014-6513 * CVE-2014-6503 * CVE-2014-4288 * CVE-2014-6493 * CVE-2014-6532 * CVE-2014-6492 * CVE-2014-6458 * CVE-2014-6466 * CVE-2014-6515 * CVE-2014-6456 * CVE-2014-6476 * CVE-2014-6527 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-java-1_6_0-ibm-9992 sdksp3-java-1_7_0-ibm-9999 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-java-1_6_0-ibm-9992 slessp3-java-1_7_0-ibm-9999 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-java-1_6_0-ibm-9992 slessp3-java-1_7_0-ibm-9999 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-devel-1.6.0_sr16.2-0.3.1 java-1_7_0-ibm-devel-1.7.0_sr8.0-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): java-1_6_0-ibm-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-plugin-1.6.0_sr16.2-0.3.1 java-1_7_0-ibm-1.7.0_sr8.0-0.5.1 java-1_7_0-ibm-alsa-1.7.0_sr8.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr8.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr8.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.2-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ppc64 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-fonts-1.6.0_sr16.2-0.3.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.2-0.3.1 java-1_7_0-ibm-1.7.0_sr8.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr8.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.2-0.3.1 java-1_7_0-ibm-alsa-1.7.0_sr8.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr8.0-0.5.1 - SUSE Linux Enterprise Server 11 SP3 (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.2-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-3065.html http://support.novell.com/security/cve/CVE-2014-3566.html http://support.novell.com/security/cve/CVE-2014-4288.html http://support.novell.com/security/cve/CVE-2014-6456.html http://support.novell.com/security/cve/CVE-2014-6457.html http://support.novell.com/security/cve/CVE-2014-6458.html http://support.novell.com/security/cve/CVE-2014-6466.html http://support.novell.com/security/cve/CVE-2014-6476.html http://support.novell.com/security/cve/CVE-2014-6492.html http://support.novell.com/security/cve/CVE-2014-6493.html http://support.novell.com/security/cve/CVE-2014-6502.html http://support.novell.com/security/cve/CVE-2014-6503.html http://support.novell.com/security/cve/CVE-2014-6506.html http://support.novell.com/security/cve/CVE-2014-6511.html http://support.novell.com/security/cve/CVE-2014-6512.html http://support.novell.com/security/cve/CVE-2014-6513.html http://support.novell.com/security/cve/CVE-2014-6515.html http://support.novell.com/security/cve/CVE-2014-6527.html http://support.novell.com/security/cve/CVE-2014-6531.html http://support.novell.com/security/cve/CVE-2014-6532.html http://support.novell.com/security/cve/CVE-2014-6558.html https://bugzilla.suse.com/show_bug.cgi?id=904889 http://download.suse.com/patch/finder/?keywords=47835bf177c54f65a9963dc0f95bf5a8 http://download.suse.com/patch/finder/?keywords=7276d3e6b69f3806941401a132b58c6b From sle-updates at lists.suse.com Fri Nov 28 13:05:13 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 28 Nov 2014 21:05:13 +0100 (CET) Subject: SUSE-RU-2014:1275-6: Recommended update for openstack-heat Message-ID: <20141128200513.E410C322A1@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-heat ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1275-6 Rating: low References: #897815 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for openstack-heat provides stability fixes from the upstream OpenStack project: * Catch NotFound error during loadbalancer deleting * Prevent excessive validation for maxPersonality limit * Only delete stack user project from correct domain * Updated from global requirements * Handle NotFoundException when deleting alarm * Support multiple heatclient versions for SD * Fix ownership of /etc/heat/api-paste.ini * use %_rundir if available, otherwise /var/run * Set python hash seed to 0 in tox.ini * Stop periodic watcher tasks before deleting stack * Sync threadgroup module from the oslo stable branch Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-openstack-heat-1114-10002 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (x86_64) [New Version: 2014.1.4.dev6.g60cbd5b]: openstack-heat-2014.1.4.dev6.g60cbd5b-0.7.1 openstack-heat-api-2014.1.4.dev6.g60cbd5b-0.7.1 openstack-heat-api-cfn-2014.1.4.dev6.g60cbd5b-0.7.1 openstack-heat-api-cloudwatch-2014.1.4.dev6.g60cbd5b-0.7.1 openstack-heat-engine-2014.1.4.dev6.g60cbd5b-0.7.1 python-heat-2014.1.4.dev6.g60cbd5b-0.7.1 - SUSE Cloud 4 (noarch) [New Version: 2014.1.4.dev6.g60cbd5b]: openstack-heat-doc-2014.1.4.dev6.g60cbd5b-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=897815 http://download.suse.com/patch/finder/?keywords=1580df125f9ac5eeea3e8deb7b5e9e8d From sle-updates at lists.suse.com Fri Nov 28 17:04:42 2014 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 29 Nov 2014 01:04:42 +0100 (CET) Subject: SUSE-RU-2014:1527-1: Recommended update for crowbar-barclamp-nova Message-ID: <20141129000442.589883228D@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2014:1527-1 Rating: low References: #896481 #897815 #900887 #900966 Affected Products: SUSE Cloud 4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for crowbar-barclamp-nova provides the following fixes: * Use region from keystone settings (bnc#896481) * Generate certs on all nodes for HA * Set keystone_ec2_url in nova.conf * Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. * Use helpers from new crowbar-openstack cookbook * Avoid unneeded search for nagios when nagios isn't used * Fix dependencies on crowbar-barclamp-openstack to satisfy %post scripts (bnc#900887). * Fix live migration when HA is enabled in nova (bnc#900966) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 4: zypper in -t patch sleclo40sp3-crowbar-barclamp-nova-9941 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 4 (noarch): crowbar-barclamp-nova-1.8+git.1415289597.fc428d3-0.7.1 References: https://bugzilla.suse.com/show_bug.cgi?id=896481 https://bugzilla.suse.com/show_bug.cgi?id=897815 https://bugzilla.suse.com/show_bug.cgi?id=900887 https://bugzilla.suse.com/show_bug.cgi?id=900966 http://download.suse.com/patch/finder/?keywords=793ca3cd4c6d0bc1bd37b8c60566fe0d