From sle-updates at lists.suse.com Mon May 4 08:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 May 2015 16:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0815-1: Recommended update for OpenIPMI Message-ID: <20150504140453.A449932158@maintenance.suse.de> SUSE Recommended Update: Recommended update for OpenIPMI ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0815-1 Rating: low References: #854693 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for OpenIPMI fixes a segmentation fault in solterm(1) when using the option -bitrate. (bsc#854693) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-OpenIPMI=10457 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-OpenIPMI=10457 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-OpenIPMI=10457 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-OpenIPMI=10457 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): OpenIPMI-devel-2.0.16-0.15.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): OpenIPMI-2.0.16-0.15.1 OpenIPMI-python-2.0.16-0.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): OpenIPMI-2.0.16-0.15.1 OpenIPMI-python-2.0.16-0.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): OpenIPMI-2.0.16-0.15.1 References: https://bugzilla.suse.com/854693 https://download.suse.com/patch/finder/?keywords=de53856a28a2c6dc95a1fe029a20f766 From sle-updates at lists.suse.com Tue May 5 05:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 May 2015 13:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0816-1: Recommended update for python-ec2metadata Message-ID: <20150505110455.218E932159@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-ec2metadata ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0816-1 Rating: low References: #924626 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides python-ec2metadata 1.5.3, fixing the following issues: - Properly write metadata to file if no query argument is provided. - Properly generate XML for 'public-keys' query option. - Document the 'api' option in the help message. - Alpha sort the options displayed with the help message. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-181=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-ec2metadata-1.5.3-3.1 References: https://bugzilla.suse.com/924626 From sle-updates at lists.suse.com Tue May 5 06:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 May 2015 14:04:54 +0200 (CEST) Subject: SUSE-SU-2015:0817-1: moderate: Security update for mercurial Message-ID: <20150505120454.802B232159@maintenance.suse.de> SUSE Security Update: Security update for mercurial ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0817-1 Rating: moderate References: #923070 Cross-References: CVE-2014-9462 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: mercurial was updated to fix a potential command injection via sshpeer._validaterepo() (CVE-2014-9462) Security Issues: * CVE-2014-9462 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-mercurial=10521 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): mercurial-2.3.2-0.9.2 References: https://www.suse.com/security/cve/CVE-2014-9462.html https://bugzilla.suse.com/923070 https://download.suse.com/patch/finder/?keywords=fa402eab9dea85010456610711d523a0 From sle-updates at lists.suse.com Tue May 5 10:04:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 May 2015 18:04:50 +0200 (CEST) Subject: SUSE-OU-2015:0819-1: Initial release of Public Cloud Module for SLES 11 Message-ID: <20150505160450.DD15632159@maintenance.suse.de> SUSE Optional Update: Initial release of Public Cloud Module for SLES 11 ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:0819-1 Rating: low References: #915840 #928552 Affected Products: SUSE Linux Enterprise Public Cloud Module 11 SP3 ______________________________________________________________________________ An update that has two optional fixes can now be installed. Description: This release introduces the Public Cloud Module for SUSE Linux Enterprise Server 11. The new optional channel "SLE-11-Public-Cloud-Module" offers a collection of tools that enables you to create and manage cloud images from the commandline on SUSE Linux Enterprise Server. When building your own images with KIWI or SUSE Studio, initialization code specific to the target cloud is included in that image. Access to this channel is included in your SUSE Linux Enterprise Server subscription. The channel has a different lifecycle than SUSE Linux Enterprise Server itself (continuous integration). Packages usually follow the upstream development closely to enable you to take advantage of the most recent development in the public cloud space. Indications: Users deploying SLES on Public Clouds can install these packages. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Public Cloud Module 11 SP3: zypper in -t patch pubclsp3-public-cloud-201504=10642 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Public Cloud Module 11 SP3 (i586 ia64 ppc64 s390x x86_64): cloud-init-0.7.5-0.9.1 cloud-regionsrv-client-6.3.5-0.7.20 gcimagebundle-1.1.9-0.7.20 libyaml-0-2-0.1.3-0.10.16.11 python-Cheetah-2.4.4-0.9.69 python-PrettyTable-0.7.2-0.7.4 python-PyYAML-3.10-0.13.8 python-boto-2.7.0-0.7.4 python-ec2metadata-1.5.2-0.7.20 python-gcemetadata-0.2.0-0.7.4 python-jsonpatch-1.1-0.11.40 python-jsonpointer-1.0-0.11.39 python-oauth-1.0.1-7.9.16 python-pyserial-2.7-0.7.20 - SUSE Linux Enterprise Public Cloud Module 11 SP3 (noarch): WALinuxAgent-2.0.12-0.5.3 azuremetadata-4.0.0-0.7.4 google-daemon-1.1.9-0.7.16 google-startup-scripts-1.1.9-0.7.16 growpart-0.27-0.7.16 perl-JSON-2.53-0.12.62 regionServiceClientConfigAzure-0.0.3-0.7.4 regionServiceClientConfigEC2-1.0.1-0.7.16 regionServiceClientConfigGCE-2.1.1-0.7.16 regionServiceClientConfigHP-1.0.0-0.7.16 References: https://bugzilla.suse.com/915840 https://bugzilla.suse.com/928552 https://download.suse.com/patch/finder/?keywords=ec02b57c3a77e1cd340ac7f823cd23fd From sle-updates at lists.suse.com Wed May 6 12:05:04 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 May 2015 20:05:04 +0200 (CEST) Subject: SUSE-YU-2015:0825-1: YOU update for the Software Update Stack Message-ID: <20150506180504.3476F3215B@maintenance.suse.de> SUSE YOU Update: YOU update for the Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2015:0825-1 Rating: low References: #803669 #828631 #892431 #893294 #910462 #919709 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 6 YOU fixes can now be installed. It includes 5 new package versions. Description: This collective update for the Software Update Stack provides several fixes and enhancements. libsatsolver: * Support product end-of-life attribute. (FATE#300591) libzypp: * Improve conflict message for locked packages. (bsc#828631) * Add Product::endOfLife attribute. (FATE#316172, FATE#300591) PackageKit: * When a proxy server is configured, a default route is not mandatory. (bsc#910462) rpm: * Allow noscripts and notriggers on verify. (bsc#803669) yast2-pkg-bindings: * Use alias from URL query parameter if present. (bsc#892431) zypper: * A date limit must ignore newer patch candidates. (bsc#919709) * Show locked packages in zypper summary. (FATE#318256) * Refresh plugin services on 'lr' 'ls -r' and 'ref'. (bsc#893294, FATE#317863) * Enhance 'Digest verification failed' dialog. (FATE#315008) * Add Product::endOfLife attribute. (FATE#316172, FATE#300591) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-softwaremgmt-201503=10576 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-softwaremgmt-201503=10576 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-softwaremgmt-201503=10576 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-softwaremgmt-201503=10576 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.9 and 9.38.4]: PackageKit-devel-0.3.14-2.30.11 libpackagekit-glib10-devel-0.3.14-2.30.11 libpackagekit-qt10-0.3.14-2.30.11 libpackagekit-qt10-devel-0.3.14-2.30.11 libsatsolver-devel-0.17.9-0.5.2 libzypp-devel-9.38.4-0.7.10 popt-devel-1.7-37.63.64.1 rpm-devel-4.4.2.3-37.63.64.1 ruby-satsolver-0.44.5-0.5.194 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): rpm-32bit-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch) [New Version: 2.17.59.2]: yast2-pkg-bindings-devel-doc-2.17.59.2-0.8.13 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64): popt-devel-32bit-1.7-37.63.64.1 rpm-devel-32bit-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): rpm-x86-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.17.9,0.4,1.6.322,2.17.59.2 and 9.38.4]: PackageKit-0.3.14-2.30.11 PackageKit-lang-0.3.14-2.30.11 libpackagekit-glib10-0.3.14-2.30.11 libzypp-9.38.4-0.7.10 perl-satsolver-0.44.5-0.5.194 popt-1.7-37.63.64.1 python-satsolver-0.44.5-0.5.194 rpm-4.4.2.3-37.63.64.1 rpm-python-4.4.2.3-37.63.64.2 satsolver-tools-0.17.9-0.5.2 yast2-pkg-bindings-2.17.59.2-0.8.13 zypp-plugin-python-0.4-0.5.2 zypper-1.6.322-0.7.13 zypper-log-1.6.322-0.7.13 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): popt-32bit-1.7-37.63.64.1 rpm-32bit-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.17.9,0.4,1.6.322,2.17.59.2 and 9.38.4]: PackageKit-0.3.14-2.30.11 PackageKit-lang-0.3.14-2.30.11 libpackagekit-glib10-0.3.14-2.30.11 libzypp-9.38.4-0.7.10 perl-satsolver-0.44.5-0.5.194 popt-1.7-37.63.64.1 python-satsolver-0.44.5-0.5.194 rpm-4.4.2.3-37.63.64.1 rpm-python-4.4.2.3-37.63.64.2 satsolver-tools-0.17.9-0.5.2 yast2-pkg-bindings-2.17.59.2-0.8.13 zypp-plugin-python-0.4-0.5.2 zypper-1.6.322-0.7.13 zypper-log-1.6.322-0.7.13 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): popt-32bit-1.7-37.63.64.1 rpm-32bit-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): popt-x86-1.7-37.63.64.1 rpm-x86-4.4.2.3-37.63.64.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.17.9,0.4,1.6.322,2.17.59.2 and 9.38.4]: PackageKit-0.3.14-2.30.11 PackageKit-gstreamer-plugin-0.3.14-2.30.11 PackageKit-lang-0.3.14-2.30.11 libpackagekit-glib10-0.3.14-2.30.11 libzypp-9.38.4-0.7.10 perl-satsolver-0.44.5-0.5.194 popt-1.7-37.63.64.1 python-satsolver-0.44.5-0.5.194 rpm-4.4.2.3-37.63.64.1 rpm-python-4.4.2.3-37.63.64.2 satsolver-tools-0.17.9-0.5.2 yast2-pkg-bindings-2.17.59.2-0.8.13 zypp-plugin-python-0.4-0.5.2 zypper-1.6.322-0.7.13 zypper-log-1.6.322-0.7.13 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): popt-32bit-1.7-37.63.64.1 rpm-32bit-4.4.2.3-37.63.64.1 References: https://bugzilla.suse.com/803669 https://bugzilla.suse.com/828631 https://bugzilla.suse.com/892431 https://bugzilla.suse.com/893294 https://bugzilla.suse.com/910462 https://bugzilla.suse.com/919709 https://download.suse.com/patch/finder/?keywords=2365c909a681f17c69d4df4eec532166 From sle-updates at lists.suse.com Thu May 7 06:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 14:04:56 +0200 (CEST) Subject: SUSE-RU-2015:0829-1: moderate: Recommended update for docker Message-ID: <20150507120456.0980F32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for docker ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0829-1 Rating: moderate References: #908033 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Docker was updated to version 1.6.0 (2015-04-07) [bnc#908033] Major changes in docker 1.6.0: * Builder: + Building images from an image ID + build containers with resource constraints, ie `docker build --cpu-shares=100 --memory=1024m...` + `commit --change` to apply specified Dockerfile instructions while committing the image + `import --change` to apply specified Dockerfile instructions while importing the image + basic build cancellation * Client: + Windows Support * Runtime: + Container and image Labels + `--cgroup-parent` for specifying a parent cgroup to place container cgroup within + Logging drivers, `json-file`, `syslog`, or `none` + Pulling images by ID + `--ulimit` to set the ulimit on a container + `--default-ulimit` option on the daemon which applies to all created containers (and overwritten by `--ulimit` on run) * Support of Docker Registry API v2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-182=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): docker-1.6.0-26.1 docker-debuginfo-1.6.0-26.1 docker-debugsource-1.6.0-26.1 References: https://bugzilla.suse.com/908033 From sle-updates at lists.suse.com Thu May 7 09:04:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 17:04:50 +0200 (CEST) Subject: SUSE-RU-2015:0830-1: Recommended update for WALinuxAgent Message-ID: <20150507150450.F2ACB3215B@maintenance.suse.de> SUSE Recommended Update: Recommended update for WALinuxAgent ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0830-1 Rating: low References: #919244 #924135 #924137 Affected Products: SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for WALinuxAgent adds support for page blob status report and ensures the daemon is restarted after an update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-WALinuxAgent=10531 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (noarch): WALinuxAgent-2.0.12-0.5.1 References: https://bugzilla.suse.com/919244 https://bugzilla.suse.com/924135 https://bugzilla.suse.com/924137 https://download.suse.com/patch/finder/?keywords=cfc5497e4c99cdf55425eab2b1d5385d From sle-updates at lists.suse.com Thu May 7 12:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 20:04:52 +0200 (CEST) Subject: SUSE-SU-2015:0832-1: important: Security update for kgraft-patch-SLE12_Update_1, kgraft-patch-SLE12_Update_2 Message-ID: <20150507180452.A754332159@maintenance.suse.de> SUSE Security Update: Security update for kgraft-patch-SLE12_Update_1, kgraft-patch-SLE12_Update_2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0832-1 Rating: important References: #920633 #922004 Cross-References: CVE-2015-1421 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update supplies kgraft patches to fix one security vulnerability. CVE-2015-1421: A use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel allowed remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. This patch supplies kgraft patches for the first kernel update and the second kernel update published for SUSE Linux Enterprise Server 12. The third kernel update contains the patch already. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2015-183=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_32-33-default-2-3.1 kgraft-patch-3_12_32-33-xen-2-3.1 kgraft-patch-3_12_36-38-default-2-3.1 kgraft-patch-3_12_36-38-xen-2-3.1 References: https://www.suse.com/security/cve/CVE-2015-1421.html https://bugzilla.suse.com/920633 https://bugzilla.suse.com/922004 From sle-updates at lists.suse.com Thu May 7 13:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 21:04:53 +0200 (CEST) Subject: SUSE-SU-2015:0833-1: critical: Security update for java-1_7_0-openjdk Message-ID: <20150507190453.2195432159@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0833-1 Rating: critical References: #927591 Cross-References: CVE-2015-0458 CVE-2015-0459 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0484 CVE-2015-0488 CVE-2015-0491 CVE-2015-0492 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. It includes one version update. Description: OpenJDK was updated to version 2.5.5 - OpenJDK 7u79 to fix security issues and bugs. The following vulnerabilities have been fixed: * CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. * CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. * CVE-2015-0460: Hotspot: unauthenticated remote attackers could execute arbitrary code via multiple protocols. * CVE-2015-0469: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. * CVE-2015-0477: Beans: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols * CVE-2015-0478: JCE: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols * CVE-2015-0480: Tools: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols and cause a partial denial of service (partial DOS) * CVE-2015-0484: JavaFX: unauthenticated remote attackers could read, update, insert or delete access some Java accessible data via multiple protocols and cause a partial denial of service (partial DOS). * CVE-2015-0488: JSSE: unauthenticated remote attackers could cause a partial denial of service (partial DOS). * CVE-2015-0491: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. * CVE-2015-0492: JavaFX: unauthenticated remote attackers could execute arbitrary code via multiple protocols. Security Issues: * CVE-2015-0458 * CVE-2015-0459 * CVE-2015-0460 * CVE-2015-0469 * CVE-2015-0477 * CVE-2015-0478 * CVE-2015-0480 * CVE-2015-0484 * CVE-2015-0488 * CVE-2015-0491 * CVE-2015-0492 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk=10621 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.7.0.75]: java-1_7_0-openjdk-1.7.0.75-0.9.1 java-1_7_0-openjdk-demo-1.7.0.75-0.9.1 java-1_7_0-openjdk-devel-1.7.0.75-0.9.1 References: https://www.suse.com/security/cve/CVE-2015-0458.html https://www.suse.com/security/cve/CVE-2015-0459.html https://www.suse.com/security/cve/CVE-2015-0460.html https://www.suse.com/security/cve/CVE-2015-0469.html https://www.suse.com/security/cve/CVE-2015-0477.html https://www.suse.com/security/cve/CVE-2015-0478.html https://www.suse.com/security/cve/CVE-2015-0480.html https://www.suse.com/security/cve/CVE-2015-0484.html https://www.suse.com/security/cve/CVE-2015-0488.html https://www.suse.com/security/cve/CVE-2015-0491.html https://www.suse.com/security/cve/CVE-2015-0492.html https://bugzilla.suse.com/927591 https://download.suse.com/patch/finder/?keywords=2082b6af65787f83584579a0178ad27e From sle-updates at lists.suse.com Thu May 7 14:04:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 22:04:49 +0200 (CEST) Subject: SUSE-SU-2015:0834-1: Security update for emacs Message-ID: <20150507200449.BC4B53215B@maintenance.suse.de> SUSE Security Update: Security update for emacs ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0834-1 Rating: low References: #854683 #876847 Cross-References: CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: Emacs has been updated to fix the following issues: * Several cases of insecure usage of temporary files. (CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424) * Use of vc-annotate for renamed files when using Git. (bnc#854683) Security Issues: * CVE-2014-3421 * CVE-2014-3422 * CVE-2014-3423 * CVE-2014-3424 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-emacs=10519 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-emacs=10519 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-emacs=10519 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-emacs=10519 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): emacs-nox-22.3-4.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): emacs-22.3-4.42.1 emacs-el-22.3-4.42.1 emacs-info-22.3-4.42.1 emacs-nox-22.3-4.42.1 emacs-x11-22.3-4.42.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): emacs-22.3-4.42.1 emacs-el-22.3-4.42.1 emacs-info-22.3-4.42.1 emacs-nox-22.3-4.42.1 emacs-x11-22.3-4.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): emacs-22.3-4.42.1 emacs-info-22.3-4.42.1 emacs-x11-22.3-4.42.1 References: https://www.suse.com/security/cve/CVE-2014-3421.html https://www.suse.com/security/cve/CVE-2014-3422.html https://www.suse.com/security/cve/CVE-2014-3423.html https://www.suse.com/security/cve/CVE-2014-3424.html https://bugzilla.suse.com/854683 https://bugzilla.suse.com/876847 https://download.suse.com/patch/finder/?keywords=20e3126f230d7a9c81b38579822ebebf From sle-updates at lists.suse.com Thu May 7 14:05:22 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 May 2015 22:05:22 +0200 (CEST) Subject: SUSE-SU-2015:0835-1: Security update for gd Message-ID: <20150507200522.5BCD03215B@maintenance.suse.de> SUSE Security Update: Security update for gd ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0835-1 Rating: low References: #923945 Cross-References: CVE-2014-9709 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The graphics drawing library gd has been updated to fix one security issue: * possible buffer read overflow (CVE-2014-9709) Security Issues: * CVE-2014-9709 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gd=10530 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gd=10530 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gd=10530 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gd=10530 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): gd-devel-2.0.36.RC1-52.20.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gd-2.0.36.RC1-52.20.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gd-2.0.36.RC1-52.20.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gd-2.0.36.RC1-52.20.1 References: https://www.suse.com/security/cve/CVE-2014-9709.html https://bugzilla.suse.com/923945 https://download.suse.com/patch/finder/?keywords=f66cfcf1b5f869ab2fc28ffd776255a1 From sle-updates at lists.suse.com Fri May 8 03:04:58 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 11:04:58 +0200 (CEST) Subject: SUSE-SU-2015:0836-1: moderate: Security update for mercurial Message-ID: <20150508090458.CA0D63215C@maintenance.suse.de> SUSE Security Update: Security update for mercurial ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0836-1 Rating: moderate References: #923070 Cross-References: CVE-2014-9462 Affected Products: SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Mercurial was updated to fix a command injection via sshpeer._validaterepo() (CVE-2014-9462, bnc#923070): Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-184=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): mercurial-2.8.2-3.1 mercurial-debuginfo-2.8.2-3.1 mercurial-debugsource-2.8.2-3.1 References: https://www.suse.com/security/cve/CVE-2014-9462.html https://bugzilla.suse.com/923070 From sle-updates at lists.suse.com Fri May 8 07:05:00 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 15:05:00 +0200 (CEST) Subject: SUSE-OU-2015:0837-1: Optional update for vhostmd Message-ID: <20150508130500.840D33215C@maintenance.suse.de> SUSE Optional Update: Optional update for vhostmd ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:0837-1 Rating: low References: #924265 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: Packages vhostmd and vm-dump-metrics have been added to SUSE Linux Enterprise Server 12 for the POWER architecture. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-187=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-187=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le x86_64): vhostmd-debuginfo-0.4-20.1 vhostmd-debugsource-0.4-20.1 vm-dump-metrics-devel-0.4-20.1 vm-dump-metrics-devel-debuginfo-0.4-20.1 - SUSE Linux Enterprise Server 12 (ppc64le x86_64): vhostmd-0.4-20.1 vhostmd-debuginfo-0.4-20.1 vhostmd-debugsource-0.4-20.1 vm-dump-metrics-0.4-20.1 vm-dump-metrics-debuginfo-0.4-20.1 References: https://bugzilla.suse.com/924265 From sle-updates at lists.suse.com Fri May 8 07:05:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 15:05:20 +0200 (CEST) Subject: SUSE-RU-2015:0838-1: Recommended update for ant Message-ID: <20150508130520.43CDF3215C@maintenance.suse.de> SUSE Recommended Update: Recommended update for ant ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0838-1 Rating: low References: #875206 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ant fixes the zip package to detect the encoding bit set by more modern archivers when they write UTF-8 filenames and optionally set it when writing zips or jars. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-ant-201503=10454 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-ant-201503=10454 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-ant-201503=10454 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): ant-1.7.1-20.11.1 ant-antlr-1.7.1-16.11.1 ant-apache-bcel-1.7.1-16.11.1 ant-apache-bsf-1.7.1-16.11.1 ant-apache-log4j-1.7.1-16.11.1 ant-apache-oro-1.7.1-16.11.1 ant-apache-regexp-1.7.1-16.11.1 ant-apache-resolver-1.7.1-16.11.1 ant-commons-logging-1.7.1-16.11.1 ant-javadoc-1.7.1-20.11.1 ant-javamail-1.7.1-16.11.1 ant-jdepend-1.7.1-16.11.1 ant-jmf-1.7.1-16.11.1 ant-junit-1.7.1-16.11.1 ant-manual-1.7.1-20.11.1 ant-nodeps-1.7.1-16.11.1 ant-scripts-1.7.1-20.11.1 ant-swing-1.7.1-16.11.1 ant-trax-1.7.1-16.11.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): ant-1.7.1-20.11.1 ant-trax-1.7.1-16.11.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): ant-1.7.1-20.11.1 ant-trax-1.7.1-16.11.1 References: https://bugzilla.suse.com/875206 https://download.suse.com/patch/finder/?keywords=4e101d0c9a92d4cb25cffc4df5729080 From sle-updates at lists.suse.com Fri May 8 07:05:44 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 15:05:44 +0200 (CEST) Subject: SUSE-SU-2015:0839-1: important: Security update for DirectFB Message-ID: <20150508130545.00B1A3215C@maintenance.suse.de> SUSE Security Update: Security update for DirectFB ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0839-1 Rating: important References: #878345 #878349 Cross-References: CVE-2014-2977 CVE-2014-2978 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: DirectFB was updated to fix two security issues. The following vulnerabilities were fixed: * CVE-2014-2977: Multiple integer signedness errors could allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. * CVE-2014-2978: Remote attackers could cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-185=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-185=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-185=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-185=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libdirectfb-1_7-1-32bit-1.7.1-4.1 libdirectfb-1_7-1-debuginfo-32bit-1.7.1-4.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): DirectFB-debuginfo-1.7.1-4.1 DirectFB-debugsource-1.7.1-4.1 DirectFB-devel-1.7.1-4.1 lib++dfb-devel-1.7.1-4.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): DirectFB-1.7.1-4.1 DirectFB-debuginfo-1.7.1-4.1 DirectFB-debugsource-1.7.1-4.1 lib++dfb-1_7-1-1.7.1-4.1 lib++dfb-1_7-1-debuginfo-1.7.1-4.1 libdirectfb-1_7-1-1.7.1-4.1 libdirectfb-1_7-1-debuginfo-1.7.1-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): DirectFB-1.7.1-4.1 DirectFB-debuginfo-1.7.1-4.1 DirectFB-debugsource-1.7.1-4.1 lib++dfb-1_7-1-1.7.1-4.1 lib++dfb-1_7-1-debuginfo-1.7.1-4.1 libdirectfb-1_7-1-1.7.1-4.1 libdirectfb-1_7-1-32bit-1.7.1-4.1 libdirectfb-1_7-1-debuginfo-1.7.1-4.1 libdirectfb-1_7-1-debuginfo-32bit-1.7.1-4.1 References: https://www.suse.com/security/cve/CVE-2014-2977.html https://www.suse.com/security/cve/CVE-2014-2978.html https://bugzilla.suse.com/878345 https://bugzilla.suse.com/878349 From sle-updates at lists.suse.com Fri May 8 07:06:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 15:06:16 +0200 (CEST) Subject: SUSE-RU-2015:0840-1: Recommended update for python-netifaces Message-ID: <20150508130616.D37813215C@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-netifaces ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0840-1 Rating: low References: #917053 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides python-netifaces 0.10.4, which brings many bug fixes and enhancements. For a comprehensive list of changes, please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-186=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): python-netifaces-0.10.4-8.1 python-netifaces-debuginfo-0.10.4-8.1 python-netifaces-debugsource-0.10.4-8.1 References: https://bugzilla.suse.com/917053 From sle-updates at lists.suse.com Fri May 8 10:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 May 2015 18:04:55 +0200 (CEST) Subject: SUSE-SU-2015:0841-1: moderate: Security update for Mono Message-ID: <20150508160455.E8AAD3215A@maintenance.suse.de> SUSE Security Update: Security update for Mono ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0841-1 Rating: moderate References: #921312 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Multiple SSL vulnerabilities were fixed in the Mono TLS implementation. * CVE-2015-2318: SKIP-TLS problem could be used to client impersonification. * CVE-2015-2319: A FREAK style SSL protocol downgrade problem was fixed. * CVE-2015-2320: The SSLv2 support was disabled. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-bytefx-data-mysql=10497 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-bytefx-data-mysql=10497 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-bytefx-data-mysql=10497 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-bytefx-data-mysql=10497 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc ppc64 s390x x86_64): bytefx-data-mysql-2.6.7-0.13.1 mono-data-firebird-2.6.7-0.13.1 mono-data-oracle-2.6.7-0.13.1 mono-data-sybase-2.6.7-0.13.1 mono-devel-2.6.7-0.13.1 mono-extras-2.6.7-0.13.1 mono-jscript-2.6.7-0.13.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): mono-wcf-2.6.7-0.13.1 mono-winfxcore-2.6.7-0.13.1 monodoc-core-2.6.7-0.13.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc ppc64): mono-core-2.6.7-0.13.1 mono-data-2.6.7-0.13.1 mono-data-postgresql-2.6.7-0.13.1 mono-data-sqlite-2.6.7-0.13.1 mono-locale-extras-2.6.7-0.13.1 mono-nunit-2.6.7-0.13.1 mono-web-2.6.7-0.13.1 mono-winforms-2.6.7-0.13.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): mono-core-2.6.7-0.13.1 mono-data-2.6.7-0.13.1 mono-data-postgresql-2.6.7-0.13.1 mono-data-sqlite-2.6.7-0.13.1 mono-locale-extras-2.6.7-0.13.1 mono-nunit-2.6.7-0.13.1 mono-web-2.6.7-0.13.1 mono-winforms-2.6.7-0.13.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc ppc64 s390x x86_64): mono-core-2.6.7-0.13.1 mono-data-2.6.7-0.13.1 mono-data-postgresql-2.6.7-0.13.1 mono-data-sqlite-2.6.7-0.13.1 mono-locale-extras-2.6.7-0.13.1 mono-nunit-2.6.7-0.13.1 mono-web-2.6.7-0.13.1 mono-winforms-2.6.7-0.13.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): bytefx-data-mysql-2.6.7-0.13.1 ibm-data-db2-2.6.7-0.13.1 mono-core-2.6.7-0.13.1 mono-data-2.6.7-0.13.1 mono-data-firebird-2.6.7-0.13.1 mono-data-oracle-2.6.7-0.13.1 mono-data-postgresql-2.6.7-0.13.1 mono-data-sqlite-2.6.7-0.13.1 mono-data-sybase-2.6.7-0.13.1 mono-devel-2.6.7-0.13.1 mono-extras-2.6.7-0.13.1 mono-jscript-2.6.7-0.13.1 mono-locale-extras-2.6.7-0.13.1 mono-nunit-2.6.7-0.13.1 mono-wcf-2.6.7-0.13.1 mono-web-2.6.7-0.13.1 mono-winforms-2.6.7-0.13.1 monodoc-core-2.6.7-0.13.1 References: https://bugzilla.suse.com/921312 https://download.suse.com/patch/finder/?keywords=70a16347ac03d3f99ffeaf3fc2a6181a From sle-updates at lists.suse.com Fri May 8 19:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 May 2015 03:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0844-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20150509010455.7A2ED3213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0844-1 Rating: moderate References: #915581 #919433 #920897 #924118 Affected Products: SUSE Manager Tools 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for SUSE Manager Client Tools provides the following fixes and enhancements: koan: - Fix virt-install version detection. (bsc#924118) - Fix parsing install_tree for SUSE. (bsc#924118) - Do not require obsoleted xend. (bsc#924118) - Fix boot configuration for XEN directly after VM creation, preventing installation loops. (bsc#924118) - Improve os-variant detection for SLES. - Use KVM acceleration if available. osad: - Introduce notify_threshold for osa-dispatcher. (bsc#915581) rhncfg: - Avoid addition of None and str, fixing config diff. (bsc#920897) spacewalksd: - Install new service and enable it. (bsc#919433) - Add service spacewalk-update-status. (bsc#919433) Packages rhnlib, spacecmd, spacewalk-backend-libs, spacewalk-client-tools, spacewalk-koan and suseRegisterInfo also received minor fixes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2015-188=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Tools 12 (ppc64le s390x x86_64): spacewalksd-5.0.14.7-8.1 spacewalksd-debuginfo-5.0.14.7-8.1 spacewalksd-debugsource-5.0.14.7-8.1 suseRegisterInfo-2.1.10-12.1 - SUSE Manager Tools 12 (noarch): koan-2.6.6-16.1 osad-5.11.33.8-14.1 rhncfg-5.10.65.11-14.1 rhncfg-actions-5.10.65.11-14.1 rhncfg-client-5.10.65.11-14.1 rhncfg-management-5.10.65.11-14.1 rhnlib-2.5.69.7-8.1 spacecmd-2.1.25.8-5.1 spacewalk-backend-libs-2.1.55.16-14.1 spacewalk-check-2.1.16.7-12.1 spacewalk-client-setup-2.1.16.7-12.1 spacewalk-client-tools-2.1.16.7-12.1 spacewalk-koan-2.1.4.12-11.1 References: https://bugzilla.suse.com/915581 https://bugzilla.suse.com/919433 https://bugzilla.suse.com/920897 https://bugzilla.suse.com/924118 From sle-updates at lists.suse.com Fri May 8 21:04:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 May 2015 05:04:49 +0200 (CEST) Subject: SUSE-RU-2015:0845-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20150509030449.D63DF32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0845-1 Rating: moderate References: #919433 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes four new package versions. Description: This update for SUSE Manager Client Tools provides the following fixes and enhancements: spacewalksd: * Install new service and enable it. (bsc#919433) * Add service spacewalk-update-status. (bsc#919433) Packages rhnlib, spacewalk-client-tools and suseRegisterInfo also received minor bug fixes. Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-client-tools-21-201504=10568 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-client-tools-21-201504=10568 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-client-tools-21-201504=10568 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.1.10,2.5.69.7 and 5.0.14.7]: rhnlib-2.5.69.7-0.7.1 spacewalksd-5.0.14.7-0.7.1 suseRegisterInfo-2.1.10-0.7.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 2.1.16.7]: spacewalk-check-2.1.16.7-0.7.1 spacewalk-client-setup-2.1.16.7-0.7.1 spacewalk-client-tools-2.1.16.7-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.1.10,2.5.69.7 and 5.0.14.7]: rhnlib-2.5.69.7-0.7.1 spacewalksd-5.0.14.7-0.7.1 suseRegisterInfo-2.1.10-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 2.1.16.7]: spacewalk-check-2.1.16.7-0.7.1 spacewalk-client-setup-2.1.16.7-0.7.1 spacewalk-client-tools-2.1.16.7-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.1.10,2.5.69.7 and 5.0.14.7]: rhnlib-2.5.69.7-0.7.1 spacewalksd-5.0.14.7-0.7.1 suseRegisterInfo-2.1.10-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 2.1.16.7]: spacewalk-check-2.1.16.7-0.7.1 spacewalk-client-setup-2.1.16.7-0.7.1 spacewalk-client-tools-2.1.16.7-0.7.1 References: https://bugzilla.suse.com/919433 https://download.suse.com/patch/finder/?keywords=958f0c21c946a2a679f625a28bb3842a From sle-updates at lists.suse.com Fri May 8 21:05:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 May 2015 05:05:10 +0200 (CEST) Subject: SUSE-RU-2015:0846-1: moderate: Recommended update for SUSE Manager Server 2.1 Message-ID: <20150509030510.DA37A32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 2.1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0846-1 Rating: moderate References: #883396 #887340 #889159 #889508 #895870 #898272 #909292 #910332 #910509 #913400 #915133 #915581 #916177 #916220 #918151 #918220 #918549 #918994 #919433 #920400 #920687 #921720 #922294 #922312 #922313 #922468 #922744 #924118 #926319 Affected Products: SUSE Manager Server ______________________________________________________________________________ An update that has 29 recommended fixes can now be installed. It includes 17 new package versions. Description: This collective update for SUSE Manager Server 2.1 provides the following fixes: osad: * Apply needed SElinux fix for RHEL7 and make use of systemd unit files. * Introduce notify_threshold for osa-dispatcher. (bsc#915581) spacewalk-backend: * Include package inventory and channel report into spacewalk-debug. * Add functionality on spacewalk-data-fsck to remove RPMs which don't match checksum. * Don't crash re-registrations if the original owner has been deleted. * Initialize the second DB connection only when needed. spacewalk-branding: * Fix path to action chain page. (bsc#921720) spacewalk-config: * Disable Cache-Control headers for non-dynamic content. (bsc#916220) spacewalk-java: * Fall-back to Basic auth from NTLM when both are supported. (bsc#926319) * Add SLE12-SAP product. (bsc#922744) * SCCRepository: only NOT NULL database columns can be mapped to primitive types in Hibernate. (bsc#922313) * Create only one errata cache worker per server. (bsc#918994) * In case multiple packages are available, pick the most recent. (bsc#924118) * Missing refactored SQL query for system available packages. (bsc#913400) * Fix path to action chain page. (bsc#921720) * Fix subscription check in case of an unset start date. (bsc#918220) * Avoid high CPU loads with SSH push. (bsc#920687) * Fix malformed repository metadata. (bsc#920400) * Fix typo in Web UI. (bsc#918151) * Revert fixing of versions, those should be regarded as historically correct rather than inconsistent. (bsc#910509) * Catch NumberFormatException and send error to the client. (bsc#916177) spacewalksd: * Install new service and enable it. (bsc#919433) * Add service spacewalk-update-status. (bsc#919433) spacewalk-setup: * Add read permissions for tomcat to the NCCcredentials file. spacewalk-utils: * Fix automatic assumption of first phase. (bsc#922294) supportutils-plugin-susemanager-client: * Write current service and repository configuration into supportconfig. susemanager-jsp_en and susemanager-manuals_en: * Update text and image files. (bsc#909292) * Bootstrap activation keys missing separation mark. (bsc#898272) * The example of connecting to AD is not correct. (bsc#895870) * Adjust RAM Requirements. (bsc#889508) * Resolve various DocComments. (bsc#889159) * Info on Expanded Support. (bsc#887340) * Fix smdba documentation. (bsc#883396) susemanager-schema: * Fix ORA-01403: no data found in update_needed_cache during re-registrations. * Avoid a deadlock when changing channel assignments. (bsc#918549) * Update adding aarch64 support to fix 1.7 to 2.1 update. (bsc#922468) * Delete cached metadata and regenerate them. (bsc#920400) susemanager: * Do not keep using expired tokens during refresh in mgr-sync. (bsc#922312) * Add tool to update the spacewalk public cert in the DB. * Prevent setup from being run twice when substantial configuration has been done. * Add hook at the end of the setup process. susemanager-sync-data: * Add SAP-Updates and AMD and NVidia channels to WE-SAP. * Add SLE12-SAP product. (bsc#922744) * Add SUSE Enterprise Storage 1. (bsc#910332) * Add SUSE Cloud 5. (bsc#915133) * Add Advanced Systems Management Module for s390x and ppc64le. Packages python-gzipstream, rhnlib, spacecmd, spacewalk-client-tools and suseRegisterInfo also received minor bug fixes. Package susemanager-nagios-plugin has been added to the product. How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-suse-manager-21-201504=10579 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (s390x x86_64) [New Version: 1.10.2.3,2.1.10,2.1.18,2.1.25.8,2.1.33.11,2.1.55.16,2.5.69.7 and 5.0.14.7]: python-gzipstream-1.10.2.3-0.7.2 rhnlib-2.5.69.7-0.7.2 spacecmd-2.1.25.8-0.7.2 spacewalk-backend-2.1.55.16-0.7.2 spacewalk-backend-app-2.1.55.16-0.7.2 spacewalk-backend-applet-2.1.55.16-0.7.2 spacewalk-backend-config-files-2.1.55.16-0.7.2 spacewalk-backend-config-files-common-2.1.55.16-0.7.2 spacewalk-backend-config-files-tool-2.1.55.16-0.7.2 spacewalk-backend-iss-2.1.55.16-0.7.2 spacewalk-backend-iss-export-2.1.55.16-0.7.2 spacewalk-backend-libs-2.1.55.16-0.7.2 spacewalk-backend-package-push-server-2.1.55.16-0.7.2 spacewalk-backend-server-2.1.55.16-0.7.2 spacewalk-backend-sql-2.1.55.16-0.7.2 spacewalk-backend-sql-oracle-2.1.55.16-0.7.2 spacewalk-backend-sql-postgresql-2.1.55.16-0.7.2 spacewalk-backend-tools-2.1.55.16-0.7.2 spacewalk-backend-xml-export-libs-2.1.55.16-0.7.2 spacewalk-backend-xmlrpc-2.1.55.16-0.7.2 spacewalk-branding-2.1.33.11-0.7.2 spacewalksd-5.0.14.7-0.7.2 suseRegisterInfo-2.1.10-0.7.2 susemanager-2.1.18-0.7.2 susemanager-tools-2.1.18-0.7.2 - SUSE Manager Server (noarch) [New Version: 1.0.4,2.1.14.11,2.1.16.7,2.1.165.16,2.1.27.13,2.1.5.5,2.1.50.12,2.1.6 and 5.11.33.8]: osa-dispatcher-5.11.33.8-0.7.2 spacewalk-check-2.1.16.7-0.7.2 spacewalk-client-setup-2.1.16.7-0.7.2 spacewalk-client-tools-2.1.16.7-0.7.2 spacewalk-config-2.1.5.5-0.7.2 spacewalk-java-2.1.165.16-0.7.1 spacewalk-java-config-2.1.165.16-0.7.1 spacewalk-java-lib-2.1.165.16-0.7.1 spacewalk-java-oracle-2.1.165.16-0.7.1 spacewalk-java-postgresql-2.1.165.16-0.7.1 spacewalk-setup-2.1.14.11-0.7.1 spacewalk-taskomatic-2.1.165.16-0.7.1 spacewalk-utils-2.1.27.13-0.7.5 supportutils-plugin-susemanager-client-1.0.4-0.8.2 susemanager-client-config_en-pdf-2.1-0.17.4 susemanager-install_en-pdf-2.1-0.17.4 susemanager-jsp_en-2.1-0.17.3 susemanager-manuals_en-2.1-0.17.4 susemanager-nagios-plugin-1.0.4-0.7.2 susemanager-proxy-quick_en-pdf-2.1-0.17.4 susemanager-reference_en-pdf-2.1-0.17.4 susemanager-schema-2.1.50.12-0.7.2 susemanager-sync-data-2.1.6-0.7.2 susemanager-user_en-pdf-2.1-0.17.4 References: https://bugzilla.suse.com/883396 https://bugzilla.suse.com/887340 https://bugzilla.suse.com/889159 https://bugzilla.suse.com/889508 https://bugzilla.suse.com/895870 https://bugzilla.suse.com/898272 https://bugzilla.suse.com/909292 https://bugzilla.suse.com/910332 https://bugzilla.suse.com/910509 https://bugzilla.suse.com/913400 https://bugzilla.suse.com/915133 https://bugzilla.suse.com/915581 https://bugzilla.suse.com/916177 https://bugzilla.suse.com/916220 https://bugzilla.suse.com/918151 https://bugzilla.suse.com/918220 https://bugzilla.suse.com/918549 https://bugzilla.suse.com/918994 https://bugzilla.suse.com/919433 https://bugzilla.suse.com/920400 https://bugzilla.suse.com/920687 https://bugzilla.suse.com/921720 https://bugzilla.suse.com/922294 https://bugzilla.suse.com/922312 https://bugzilla.suse.com/922313 https://bugzilla.suse.com/922468 https://bugzilla.suse.com/922744 https://bugzilla.suse.com/924118 https://bugzilla.suse.com/926319 https://download.suse.com/patch/finder/?keywords=5864e793e7171047a70fac57914340f8 From sle-updates at lists.suse.com Fri May 8 21:11:24 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 May 2015 05:11:24 +0200 (CEST) Subject: SUSE-RU-2015:0847-1: moderate: Recommended update for SUSE Manager Proxy 2.1 Message-ID: <20150509031124.6EEFE32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 2.1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0847-1 Rating: moderate References: #915581 #919433 #920897 Affected Products: SUSE Manager Proxy ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes 10 new package versions. Description: This collective update for SUSE Manager Proxy 2.1 provides the following fixes and enhancements: osad: * Apply needed SElinux fix for RHEL7 and make use of systemd unit files. rhncfg: * Avoid addition of None and str, fixes config diff. (bsc#920897) spacewalk-backend: * Include package inventory and channel report into spacewalk-debug. * Add functionality on spacewalk-data-fsck to remove RPMs which don't match checksum. * Don't crash re-registrations if the original owner has been deleted. * Initialize the second DB connection only when needed. spacewalk-proxy: * Don't read from wsgi.input more than one time. * Prevent Squid 3.2 from detecting forwarding loops. spacewalksd: * Install new service and enable it. (bsc#919433) * Add service spacewalk-update-status. (bsc#919433) supportutils-plugin-susemanager-client: * Write current service and repository configuration into supportconfig. Packages rhnlib, spacecmd, spacewalk-client-tools and suseRegisterInfo also received minor bug fixes. How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy: zypper in -t patch slemap21-suse-manager-proxy-21-201504=10566 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy (x86_64) [New Version: 2.1.10,2.1.25.8,2.1.55.16,2.5.69.7 and 5.0.14.7]: rhnlib-2.5.69.7-0.7.1 spacecmd-2.1.25.8-0.7.1 spacewalk-backend-2.1.55.16-0.7.1 spacewalk-backend-libs-2.1.55.16-0.7.1 spacewalksd-5.0.14.7-0.7.1 suseRegisterInfo-2.1.10-0.7.1 - SUSE Manager Proxy (noarch) [New Version: 1.0.4,2.1.15.6,2.1.16.7,5.10.65.11 and 5.11.33.8]: osad-5.11.33.8-0.7.1 rhncfg-5.10.65.11-0.7.1 rhncfg-actions-5.10.65.11-0.7.1 rhncfg-client-5.10.65.11-0.7.1 rhncfg-management-5.10.65.11-0.7.1 spacewalk-check-2.1.16.7-0.7.1 spacewalk-client-setup-2.1.16.7-0.7.1 spacewalk-client-tools-2.1.16.7-0.7.1 spacewalk-proxy-broker-2.1.15.6-0.7.1 spacewalk-proxy-common-2.1.15.6-0.7.1 spacewalk-proxy-management-2.1.15.6-0.7.1 spacewalk-proxy-package-manager-2.1.15.6-0.7.1 spacewalk-proxy-redirect-2.1.15.6-0.7.1 supportutils-plugin-susemanager-client-1.0.4-0.8.1 References: https://bugzilla.suse.com/915581 https://bugzilla.suse.com/919433 https://bugzilla.suse.com/920897 https://download.suse.com/patch/finder/?keywords=1c588f9b88c289ed8594246c2f30bb3d From sle-updates at lists.suse.com Fri May 8 21:12:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 May 2015 05:12:11 +0200 (CEST) Subject: SUSE-RU-2015:0848-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20150509031211.40B2032161@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0848-1 Rating: moderate References: #919433 #920897 Affected Products: SUSE Manager Client Tools for SLE 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for SUSE Manager Client Tools provides the following fixes and enhancements: rhncfg: * Avoid addition of None and str, fixes config diff. (bsc#920897) spacewalksd: * Install new service and enable it. (bsc#919433) * Add service spacewalk-update-status. (bsc#919433) supportutils-plugin-susemanager-client: * Write current service and repository configuration into supportconfig. Packages osad, rhnlib, spacecmd, spacewalk-backend-libs, spacewalk-client-tools, spacewalk-koan and suseRegisterInfo also received minor bug fixes. Indications: Everybody should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP3: zypper in -t patch slesctsp3-client-tools-21-201504=10565 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP3 (i586 ia64 ppc64 s390x x86_64): rhnlib-2.5.69.7-0.7.1 spacecmd-2.1.25.8-0.7.1 spacewalk-backend-libs-2.1.55.16-0.7.1 spacewalksd-5.0.14.7-0.7.1 suseRegisterInfo-2.1.10-0.7.1 - SUSE Manager Client Tools for SLE 11 SP3 (noarch): osad-5.11.33.8-0.7.1 rhncfg-5.10.65.11-0.7.1 rhncfg-actions-5.10.65.11-0.7.1 rhncfg-client-5.10.65.11-0.7.1 rhncfg-management-5.10.65.11-0.7.1 spacewalk-check-2.1.16.7-0.7.1 spacewalk-client-setup-2.1.16.7-0.7.1 spacewalk-client-tools-2.1.16.7-0.7.1 spacewalk-koan-2.1.4.12-0.7.1 supportutils-plugin-susemanager-client-1.0.4-0.8.1 References: https://bugzilla.suse.com/919433 https://bugzilla.suse.com/920897 https://download.suse.com/patch/finder/?keywords=da0ba3fa1966220d8a40314b91fe9d91 From sle-updates at lists.suse.com Mon May 11 10:04:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 May 2015 18:04:50 +0200 (CEST) Subject: SUSE-RU-2015:0850-1: moderate: Recommended update for nfs-utils Message-ID: <20150511160450.3D47F32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for nfs-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0850-1 Rating: moderate References: #925984 #927325 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for nfs-utils fixes the following issues: * A regression in the support of exporting sub-directories of case-insensitive filesystems. (bsc#927325) * Clarify in the man page that NFSv4 is not the default NFS version mounted. (bsc#925984) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-nfs-client=10633 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-nfs-client=10633 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-nfs-client=10633 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): nfs-client-1.2.3-18.38.43.1 nfs-doc-1.2.3-18.38.43.1 nfs-kernel-server-1.2.3-18.38.43.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): nfs-client-1.2.3-18.38.43.1 nfs-doc-1.2.3-18.38.43.1 nfs-kernel-server-1.2.3-18.38.43.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): nfs-client-1.2.3-18.38.43.1 nfs-kernel-server-1.2.3-18.38.43.1 References: https://bugzilla.suse.com/925984 https://bugzilla.suse.com/927325 https://download.suse.com/patch/finder/?keywords=eec656c61b25cc60c143182b614e04e2 From sle-updates at lists.suse.com Mon May 11 10:05:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 May 2015 18:05:19 +0200 (CEST) Subject: SUSE-RU-2015:0851-1: Recommended update for crowbar-barclamp-hyperv Message-ID: <20150511160519.1F01B32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-hyperv ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0851-1 Rating: low References: #887944 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crowbar-barclamp-hyperv provides the following fixes: * Installing missing dependency for Hyperv-V Management Console. (bnc#887944) * Installing all dependencies for windows features. (bnc#887944) * Updated windows cookbook to support /all and restart attributes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-hyperv=10591 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-hyperv-1.9+git.1427187213.451bc2b-0.7.2 crowbar-barclamp-hyperv-data-1.9+git.1427187213.451bc2b-0.7.2 References: https://bugzilla.suse.com/887944 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=5f1f044fee78c9d94abf0c7fa76731ab From sle-updates at lists.suse.com Tue May 12 08:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 May 2015 16:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0852-1: important: Recommended update for dracut Message-ID: <20150512140453.2D29E32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for dracut ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0852-1 Rating: important References: #930175 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes generation of ramdisks on systems where /usr is a separate partition. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-190=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): dracut-037-49.1 dracut-debuginfo-037-49.1 dracut-debugsource-037-49.1 dracut-fips-037-49.1 References: https://bugzilla.suse.com/930175 From sle-updates at lists.suse.com Tue May 12 11:04:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 May 2015 19:04:51 +0200 (CEST) Subject: SUSE-RU-2015:0852-2: important: Recommended update for dracut Message-ID: <20150512170451.D4E2A32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for dracut ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0852-2 Rating: important References: #930175 Affected Products: SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes generation of ramdisks on systems where /usr is a separate partition. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-190=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 12 (x86_64): dracut-037-49.1 dracut-debuginfo-037-49.1 dracut-debugsource-037-49.1 References: https://bugzilla.suse.com/930175 From sle-updates at lists.suse.com Tue May 12 11:05:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 May 2015 19:05:11 +0200 (CEST) Subject: SUSE-RU-2015:0862-1: Recommended update for studio-help Message-ID: <20150512170511.5658A32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for studio-help ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0862-1 Rating: low References: #827777 #868925 #887893 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update provides the latest revision of SUSE Studio documentation, bringing the following enhancements: * #887893: Add documentation of API changelog request. * #868925: Make link text an actual URL in documentation. * #827777: Images show below the menu, leaving unnecessary empty space. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-studio-help=10374 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (noarch) [New Version: 1.3.20]: studio-help-1.3.20-0.5.1 References: https://bugzilla.suse.com/827777 https://bugzilla.suse.com/868925 https://bugzilla.suse.com/887893 https://download.suse.com/patch/finder/?keywords=63d300e5399d722c32f5434b6114221d From sle-updates at lists.suse.com Tue May 12 11:05:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 May 2015 19:05:52 +0200 (CEST) Subject: SUSE-SU-2015:0863-1: Security update for SUSE Studio Message-ID: <20150512170552.56F5E32161@maintenance.suse.de> SUSE Security Update: Security update for SUSE Studio ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0863-1 Rating: low References: #852794 #876313 #880078 #887893 #904372 #904375 #912512 #914765 #918203 #918239 #918395 #919037 Cross-References: CVE-2014-7818 CVE-2014-7819 CVE-2014-7829 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that solves three vulnerabilities and has 9 fixes is now available. It includes one version update. Description: This update provides SUSE Studio 1.3.10, including Amazon's EC2 support for SUSE Linux Enterprise 12 appliances. Additionally, the update includes fixes for the following issues: * #904372 - Arbitrary file existence disclosure in sprockets gem (CVE-2014-7819) * #904375 - Arbitrary file existence disclosure in Action Pack gem (CVE-2014-7818) * #918203 - Arbitrary file existence disclosure in Studio Onsite (CVE-2014-7829) * #852794 - SLES 11-SP3 templates fail to build x86_64 EC2 images * #914765 - Change of appliance name is not displayed in appliance's change log * #887893 - Change log not accessible via API * #918239 - Failure to create new appliances after upgrade to Studio Onsite 1.3.9 * #918395 - Remove 32bit as target for building EC2 appliances * #912512 - Studio doesn't allow duplicated repositories * #880078 - Studio packages contain files that get modified (by Studio) after installation. * #919037 - Can't open appliance on Gallery: undefined restructure_unsupportable_packages method. Security Issues: * CVE-2014-7819 * CVE-2014-7818 * CVE-2014-7829 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-susestudio-1310-201502=10411 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64) [New Version: 1.3.10]: Containment-Studio-SLE11_SP3-5.05.81-20150505234825 susestudio-1.3.10-0.17.45 susestudio-bundled-packages-1.3.10-0.17.45 susestudio-common-1.3.10-0.17.45 susestudio-runner-1.3.10-0.17.45 susestudio-sid-1.3.10-0.17.45 susestudio-ui-server-1.3.10-0.17.45 References: https://www.suse.com/security/cve/CVE-2014-7818.html https://www.suse.com/security/cve/CVE-2014-7819.html https://www.suse.com/security/cve/CVE-2014-7829.html https://bugzilla.suse.com/852794 https://bugzilla.suse.com/876313 https://bugzilla.suse.com/880078 https://bugzilla.suse.com/887893 https://bugzilla.suse.com/904372 https://bugzilla.suse.com/904375 https://bugzilla.suse.com/912512 https://bugzilla.suse.com/914765 https://bugzilla.suse.com/918203 https://bugzilla.suse.com/918239 https://bugzilla.suse.com/918395 https://bugzilla.suse.com/919037 https://download.suse.com/patch/finder/?keywords=47874d473d5972d4857f71d4a1d418be From sle-updates at lists.suse.com Wed May 13 06:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 14:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0864-1: Recommended update for sssd Message-ID: <20150513120453.6A25632159@maintenance.suse.de> SUSE Recommended Update: Recommended update for sssd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0864-1 Rating: low References: #904638 #919519 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for sssd adds a new sub-package "libsss_sudo", which contains a library to allow communication between sudo and SSSD. Additionally, unused functions conflicting with Samba types have been removed from the source code, fixing the build against newer versions of Samba. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-191=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-191=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-191=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libipa_hbac-devel-1.11.5.1-8.4 libsss_idmap-devel-1.11.5.1-8.4 libsss_nss_idmap-devel-1.11.5.1-8.4 libsss_nss_idmap0-1.11.5.1-8.4 libsss_nss_idmap0-debuginfo-1.11.5.1-8.4 sssd-debuginfo-1.11.5.1-8.4 sssd-debugsource-1.11.5.1-8.4 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libipa_hbac0-1.11.5.1-8.4 libipa_hbac0-debuginfo-1.11.5.1-8.4 libsss_idmap0-1.11.5.1-8.4 libsss_idmap0-debuginfo-1.11.5.1-8.4 libsss_sudo-1.11.5.1-8.4 libsss_sudo-debuginfo-1.11.5.1-8.4 python-sssd-config-1.11.5.1-8.4 python-sssd-config-debuginfo-1.11.5.1-8.4 sssd-1.11.5.1-8.4 sssd-ad-1.11.5.1-8.4 sssd-ad-debuginfo-1.11.5.1-8.4 sssd-debuginfo-1.11.5.1-8.4 sssd-debugsource-1.11.5.1-8.4 sssd-ipa-1.11.5.1-8.4 sssd-ipa-debuginfo-1.11.5.1-8.4 sssd-krb5-1.11.5.1-8.4 sssd-krb5-common-1.11.5.1-8.4 sssd-krb5-common-debuginfo-1.11.5.1-8.4 sssd-krb5-debuginfo-1.11.5.1-8.4 sssd-ldap-1.11.5.1-8.4 sssd-ldap-debuginfo-1.11.5.1-8.4 sssd-proxy-1.11.5.1-8.4 sssd-proxy-debuginfo-1.11.5.1-8.4 sssd-tools-1.11.5.1-8.4 sssd-tools-debuginfo-1.11.5.1-8.4 - SUSE Linux Enterprise Server 12 (s390x x86_64): sssd-32bit-1.11.5.1-8.4 sssd-debuginfo-32bit-1.11.5.1-8.4 - SUSE Linux Enterprise Desktop 12 (x86_64): libipa_hbac0-1.11.5.1-8.4 libipa_hbac0-debuginfo-1.11.5.1-8.4 libsss_idmap0-1.11.5.1-8.4 libsss_idmap0-debuginfo-1.11.5.1-8.4 libsss_sudo-1.11.5.1-8.4 libsss_sudo-debuginfo-1.11.5.1-8.4 python-sssd-config-1.11.5.1-8.4 python-sssd-config-debuginfo-1.11.5.1-8.4 sssd-1.11.5.1-8.4 sssd-32bit-1.11.5.1-8.4 sssd-ad-1.11.5.1-8.4 sssd-ad-debuginfo-1.11.5.1-8.4 sssd-debuginfo-1.11.5.1-8.4 sssd-debuginfo-32bit-1.11.5.1-8.4 sssd-debugsource-1.11.5.1-8.4 sssd-ipa-1.11.5.1-8.4 sssd-ipa-debuginfo-1.11.5.1-8.4 sssd-krb5-1.11.5.1-8.4 sssd-krb5-common-1.11.5.1-8.4 sssd-krb5-common-debuginfo-1.11.5.1-8.4 sssd-krb5-debuginfo-1.11.5.1-8.4 sssd-ldap-1.11.5.1-8.4 sssd-ldap-debuginfo-1.11.5.1-8.4 sssd-proxy-1.11.5.1-8.4 sssd-proxy-debuginfo-1.11.5.1-8.4 sssd-tools-1.11.5.1-8.4 sssd-tools-debuginfo-1.11.5.1-8.4 References: https://bugzilla.suse.com/904638 https://bugzilla.suse.com/919519 From sle-updates at lists.suse.com Wed May 13 07:04:58 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 15:04:58 +0200 (CEST) Subject: SUSE-SU-2015:0865-1: moderate: Security update for ntp Message-ID: <20150513130458.64DC032159@maintenance.suse.de> SUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0865-1 Rating: moderate References: #918342 #924202 #928321 Cross-References: CVE-2015-1798 CVE-2015-1799 CVE-2015-3405 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: ntp was updated to fix two security related flaws as well as "slew" mode handling for leap seconds. The following vulnerabilities were fixe: * ntpd could accept unauthenticated packets with symmetric key crypto. (CVE-2015-1798) * ntpd authentication did not protect symmetric associations against DoS attacks (CVE-2015-1799) * ntp-keygen may generate non-random symmetric keys on big-endian systems (bsc#928321, CVE-2015-3405). The following non-security issues were fixed: * Fix slew mode for leap seconds (bnc#918342). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-193=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-193=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): ntp-4.2.6p5-44.1 ntp-debuginfo-4.2.6p5-44.1 ntp-debugsource-4.2.6p5-44.1 ntp-doc-4.2.6p5-44.1 - SUSE Linux Enterprise Desktop 12 (x86_64): ntp-4.2.6p5-44.1 ntp-debuginfo-4.2.6p5-44.1 ntp-debugsource-4.2.6p5-44.1 ntp-doc-4.2.6p5-44.1 References: https://www.suse.com/security/cve/CVE-2015-1798.html https://www.suse.com/security/cve/CVE-2015-1799.html https://www.suse.com/security/cve/CVE-2015-3405.html https://bugzilla.suse.com/918342 https://bugzilla.suse.com/924202 https://bugzilla.suse.com/928321 From sle-updates at lists.suse.com Wed May 13 07:05:43 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 15:05:43 +0200 (CEST) Subject: SUSE-SU-2015:0866-1: Security update for gd Message-ID: <20150513130543.A3C4C32161@maintenance.suse.de> SUSE Security Update: Security update for gd ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0866-1 Rating: low References: #923945 Cross-References: CVE-2014-9709 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The graphics drawing library gd was updated to fix one security issue. The following vulnerability was fixed: * possible buffer read overflow (CVE-2014-9709) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-194=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-194=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-194=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-194=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): gd-32bit-2.1.0-5.1 gd-debuginfo-32bit-2.1.0-5.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gd-debuginfo-2.1.0-5.1 gd-debugsource-2.1.0-5.1 gd-devel-2.1.0-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gd-2.1.0-5.1 gd-debuginfo-2.1.0-5.1 gd-debugsource-2.1.0-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gd-2.1.0-5.1 gd-32bit-2.1.0-5.1 gd-debuginfo-2.1.0-5.1 gd-debuginfo-32bit-2.1.0-5.1 gd-debugsource-2.1.0-5.1 References: https://www.suse.com/security/cve/CVE-2014-9709.html https://bugzilla.suse.com/923945 From sle-updates at lists.suse.com Wed May 13 07:06:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 15:06:03 +0200 (CEST) Subject: SUSE-RU-2015:0867-1: Recommended update for crowbar-barclamp-crowbar Message-ID: <20150513130603.1B54432159@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0867-1 Rating: low References: #916221 #917541 #918785 #919469 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for crowbar-barclamp-crowbar provides the following fixes: * Fix for link_to_device on SLE12 for virtio disks (bnc#919469) * Do not use node handle as fallback for switch name (bnc#918785) * Render 404 on barclamp_index in HTML (bnc#916221) * Increase timeout for nodelist flashes (bnc#917541) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-crowbar=10590 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-crowbar-1.9+git.1427293575.49c870b-0.7.2 References: https://bugzilla.suse.com/916221 https://bugzilla.suse.com/917541 https://bugzilla.suse.com/918785 https://bugzilla.suse.com/919469 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=1661dad27bf2cd60ccc1908096719753 From sle-updates at lists.suse.com Wed May 13 07:07:03 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 15:07:03 +0200 (CEST) Subject: SUSE-SU-2015:0868-1: important: Security update for php5 Message-ID: <20150513130703.49F1832161@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0868-1 Rating: important References: #922022 #922451 #922452 #923946 #924970 #924972 #925109 #928408 #928506 #928511 Cross-References: CVE-2014-9705 CVE-2014-9709 CVE-2015-2301 CVE-2015-2305 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has one errata is now available. Description: PHP was updated to fix ten security issues. The following vulnerabilities were fixed: * CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd (bnc#923946) * CVE-2015-2301: Memory was use after it was freed in PHAR (bnc#922022) * CVE-2015-2305: heap overflow vulnerability in regcomp.c (bnc#922452) * CVE-2014-9705: heap buffer overflow in Enchant (bnc#922451) * CVE-2015-2787: use-after-free vulnerability in the process_nested_data function (bnc#924972) * unserialize SoapClient type confusion (bnc#925109) * CVE-2015-2348: move_uploaded_file truncates a pathNAME upon encountering a x00 character (bnc#924970) * CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 (apache2handler), allow arbitrary code execution (bnc#928506) * CVE-2015-3329: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer overflow (bnc#928506) * CVE-2015-2783: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer over-read (bnc#928511) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-192=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2015-192=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-22.1 php5-debugsource-5.5.14-22.1 php5-devel-5.5.14-22.1 - SUSE Linux Enterprise Module for Web Scripting 12 (ppc64le s390x x86_64): apache2-mod_php5-5.5.14-22.1 apache2-mod_php5-debuginfo-5.5.14-22.1 php5-5.5.14-22.1 php5-bcmath-5.5.14-22.1 php5-bcmath-debuginfo-5.5.14-22.1 php5-bz2-5.5.14-22.1 php5-bz2-debuginfo-5.5.14-22.1 php5-calendar-5.5.14-22.1 php5-calendar-debuginfo-5.5.14-22.1 php5-ctype-5.5.14-22.1 php5-ctype-debuginfo-5.5.14-22.1 php5-curl-5.5.14-22.1 php5-curl-debuginfo-5.5.14-22.1 php5-dba-5.5.14-22.1 php5-dba-debuginfo-5.5.14-22.1 php5-debuginfo-5.5.14-22.1 php5-debugsource-5.5.14-22.1 php5-dom-5.5.14-22.1 php5-dom-debuginfo-5.5.14-22.1 php5-enchant-5.5.14-22.1 php5-enchant-debuginfo-5.5.14-22.1 php5-exif-5.5.14-22.1 php5-exif-debuginfo-5.5.14-22.1 php5-fastcgi-5.5.14-22.1 php5-fastcgi-debuginfo-5.5.14-22.1 php5-fileinfo-5.5.14-22.1 php5-fileinfo-debuginfo-5.5.14-22.1 php5-fpm-5.5.14-22.1 php5-fpm-debuginfo-5.5.14-22.1 php5-ftp-5.5.14-22.1 php5-ftp-debuginfo-5.5.14-22.1 php5-gd-5.5.14-22.1 php5-gd-debuginfo-5.5.14-22.1 php5-gettext-5.5.14-22.1 php5-gettext-debuginfo-5.5.14-22.1 php5-gmp-5.5.14-22.1 php5-gmp-debuginfo-5.5.14-22.1 php5-iconv-5.5.14-22.1 php5-iconv-debuginfo-5.5.14-22.1 php5-intl-5.5.14-22.1 php5-intl-debuginfo-5.5.14-22.1 php5-json-5.5.14-22.1 php5-json-debuginfo-5.5.14-22.1 php5-ldap-5.5.14-22.1 php5-ldap-debuginfo-5.5.14-22.1 php5-mbstring-5.5.14-22.1 php5-mbstring-debuginfo-5.5.14-22.1 php5-mcrypt-5.5.14-22.1 php5-mcrypt-debuginfo-5.5.14-22.1 php5-mysql-5.5.14-22.1 php5-mysql-debuginfo-5.5.14-22.1 php5-odbc-5.5.14-22.1 php5-odbc-debuginfo-5.5.14-22.1 php5-openssl-5.5.14-22.1 php5-openssl-debuginfo-5.5.14-22.1 php5-pcntl-5.5.14-22.1 php5-pcntl-debuginfo-5.5.14-22.1 php5-pdo-5.5.14-22.1 php5-pdo-debuginfo-5.5.14-22.1 php5-pgsql-5.5.14-22.1 php5-pgsql-debuginfo-5.5.14-22.1 php5-pspell-5.5.14-22.1 php5-pspell-debuginfo-5.5.14-22.1 php5-shmop-5.5.14-22.1 php5-shmop-debuginfo-5.5.14-22.1 php5-snmp-5.5.14-22.1 php5-snmp-debuginfo-5.5.14-22.1 php5-soap-5.5.14-22.1 php5-soap-debuginfo-5.5.14-22.1 php5-sockets-5.5.14-22.1 php5-sockets-debuginfo-5.5.14-22.1 php5-sqlite-5.5.14-22.1 php5-sqlite-debuginfo-5.5.14-22.1 php5-suhosin-5.5.14-22.1 php5-suhosin-debuginfo-5.5.14-22.1 php5-sysvmsg-5.5.14-22.1 php5-sysvmsg-debuginfo-5.5.14-22.1 php5-sysvsem-5.5.14-22.1 php5-sysvsem-debuginfo-5.5.14-22.1 php5-sysvshm-5.5.14-22.1 php5-sysvshm-debuginfo-5.5.14-22.1 php5-tokenizer-5.5.14-22.1 php5-tokenizer-debuginfo-5.5.14-22.1 php5-wddx-5.5.14-22.1 php5-wddx-debuginfo-5.5.14-22.1 php5-xmlreader-5.5.14-22.1 php5-xmlreader-debuginfo-5.5.14-22.1 php5-xmlrpc-5.5.14-22.1 php5-xmlrpc-debuginfo-5.5.14-22.1 php5-xmlwriter-5.5.14-22.1 php5-xmlwriter-debuginfo-5.5.14-22.1 php5-xsl-5.5.14-22.1 php5-xsl-debuginfo-5.5.14-22.1 php5-zip-5.5.14-22.1 php5-zip-debuginfo-5.5.14-22.1 php5-zlib-5.5.14-22.1 php5-zlib-debuginfo-5.5.14-22.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php5-pear-5.5.14-22.1 References: https://www.suse.com/security/cve/CVE-2014-9705.html https://www.suse.com/security/cve/CVE-2014-9709.html https://www.suse.com/security/cve/CVE-2015-2301.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2348.html https://www.suse.com/security/cve/CVE-2015-2783.html https://www.suse.com/security/cve/CVE-2015-2787.html https://www.suse.com/security/cve/CVE-2015-3329.html https://www.suse.com/security/cve/CVE-2015-3330.html https://bugzilla.suse.com/922022 https://bugzilla.suse.com/922451 https://bugzilla.suse.com/922452 https://bugzilla.suse.com/923946 https://bugzilla.suse.com/924970 https://bugzilla.suse.com/924972 https://bugzilla.suse.com/925109 https://bugzilla.suse.com/928408 https://bugzilla.suse.com/928506 https://bugzilla.suse.com/928511 From sle-updates at lists.suse.com Wed May 13 14:04:48 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 22:04:48 +0200 (CEST) Subject: SUSE-SU-2015:0870-1: important: Security update for kvm Message-ID: <20150513200448.C166A32159@maintenance.suse.de> SUSE Security Update: Security update for kvm ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0870-1 Rating: important References: #920571 #924018 Cross-References: CVE-2015-1779 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: This update for KVM fixes an issue in the virtio-blk driver which could result in incorrectly setting its WCE configuration. Under some circumstances, this misconfiguration could cause severe file system corruption, because cache flushes were not generated as they ought to have been. The update also addresses one security vulnerability: * CVE-2015-1779: Insufficient resource limiting in VNC websockets decoder. (bsc#924018) Security Issues: * CVE-2015-1779 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kvm=10645 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kvm=10645 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.25.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.25.1 References: https://www.suse.com/security/cve/CVE-2015-1779.html https://bugzilla.suse.com/920571 https://bugzilla.suse.com/924018 https://download.suse.com/patch/finder/?keywords=5ce7157b96103bdd850e596ab6dff1ba From sle-updates at lists.suse.com Wed May 13 14:05:18 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 22:05:18 +0200 (CEST) Subject: SUSE-SU-2015:0871-1: moderate: Security update for clamav Message-ID: <20150513200518.3FC4C32161@maintenance.suse.de> SUSE Security Update: Security update for clamav ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0871-1 Rating: moderate References: #929192 Cross-References: CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. It includes one version update. Description: The ClamAV antivirus engine was updated to version 0.98.7 to fix several security issues: * CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2221: Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. * CVE-2015-2222: Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2668: Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. * CVE-2015-2305: Apply upstream patch for possible heap overflow in Henry Spencer's regex library. Security Issues: * CVE-2015-2170 * CVE-2015-2221 * CVE-2015-2222 * CVE-2015-2668 * CVE-2015-2305 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-clamav=10664 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-clamav=10664 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-clamav=10664 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.98.7]: clamav-0.98.7-0.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.98.7]: clamav-0.98.7-0.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.98.7]: clamav-0.98.7-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-2170.html https://www.suse.com/security/cve/CVE-2015-2221.html https://www.suse.com/security/cve/CVE-2015-2222.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2668.html https://bugzilla.suse.com/929192 https://download.suse.com/patch/finder/?keywords=6f6828dce478f4baf653977c4fb6fce3 From sle-updates at lists.suse.com Wed May 13 14:05:34 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 May 2015 22:05:34 +0200 (CEST) Subject: SUSE-RU-2015:0872-1: Recommended update for yast2-crowbar Message-ID: <20150513200534.34ABF32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0872-1 Rating: low References: #920384 #926421 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. It includes one version update. Description: This update for yast2-crowbar provides the following stability fixes and improvements: * Fix name of SLE12 repositories. (bsc#926421) * Offer SUSE Enterprise Storage repositories by default. (bsc#920384) * Offer correct target platform for default repositories. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-yast2-crowbar=10604 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch) [New Version: 2.17.43]: yast2-crowbar-2.17.43-0.7.1 References: https://bugzilla.suse.com/920384 https://bugzilla.suse.com/926421 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=fc81e6b7966a3e6cb93f93ceafaebaf0 From sle-updates at lists.suse.com Thu May 14 09:04:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 17:04:59 +0200 (CEST) Subject: SUSE-RU-2015:0873-1: moderate: Recommended update for openssh Message-ID: <20150514150459.7667C32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for openssh ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0873-1 Rating: moderate References: #916473 #916905 #924476 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to openssh brings small FIPS 140-2 certification related adjustments. - The integrity checking was changed to use an HMAC instead of a plain checksum. The license was changed to 2-clause BSD to match the sources better. The openssh and openssh-fips package have now versioned requirements and also restarting the sshd service on update has been changed from the openssh to the openssh-fips package, if the openssh-fips package is installed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-195=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-195=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): openssh-6.6p1-24.1 openssh-askpass-gnome-6.6p1-24.1 openssh-askpass-gnome-debuginfo-6.6p1-24.1 openssh-debuginfo-6.6p1-24.1 openssh-debugsource-6.6p1-24.1 openssh-fips-6.6p1-24.1 openssh-helpers-6.6p1-24.1 openssh-helpers-debuginfo-6.6p1-24.1 - SUSE Linux Enterprise Desktop 12 (x86_64): openssh-6.6p1-24.1 openssh-askpass-gnome-6.6p1-24.1 openssh-askpass-gnome-debuginfo-6.6p1-24.1 openssh-debuginfo-6.6p1-24.1 openssh-debugsource-6.6p1-24.1 openssh-helpers-6.6p1-24.1 openssh-helpers-debuginfo-6.6p1-24.1 References: https://bugzilla.suse.com/916473 https://bugzilla.suse.com/916905 https://bugzilla.suse.com/924476 From sle-updates at lists.suse.com Thu May 14 09:05:39 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 17:05:39 +0200 (CEST) Subject: SUSE-RU-2015:0874-1: Recommended update for facter Message-ID: <20150514150539.51C9C32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for facter ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0874-1 Rating: low References: #878129 #920446 Affected Products: SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for facter provides the following fixes: - Use "ip link" instead of "ifconfig" for retrieving interface names. (bsc#878129) - Define 'operatingsystemmajorelease' variable properly for openSUSE and SLE. (bsc#920446) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2015-196=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-196=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): facter-2.0.2-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): facter-2.0.2-6.1 References: https://bugzilla.suse.com/878129 https://bugzilla.suse.com/920446 From sle-updates at lists.suse.com Thu May 14 09:06:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 17:06:10 +0200 (CEST) Subject: SUSE-RU-2015:0875-1: moderate: Recommended update for tightvnc Message-ID: <20150514150610.4B01E32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for tightvnc ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0875-1 Rating: moderate References: #907806 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Newer versions of the Java plug-in will no longer work with unsigned applets offered by VNC servers. This update signs the Java applet provided by tightvnc. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-tightvnc=10510 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-tightvnc=10510 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-tightvnc=10510 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): tightvnc-1.3.9-81.15.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): tightvnc-1.3.9-81.15.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): tightvnc-1.3.9-81.15.1 References: https://bugzilla.suse.com/907806 https://download.suse.com/patch/finder/?keywords=079097500610ba22357e8ad8d779e6a8 From sle-updates at lists.suse.com Thu May 14 10:04:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 18:04:51 +0200 (CEST) Subject: SUSE-RU-2015:0876-1: Recommended update for mailx Message-ID: <20150514160451.809C632159@maintenance.suse.de> SUSE Recommended Update: Recommended update for mailx ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0876-1 Rating: low References: #922543 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for mailx provides the following fixes: * Allow Form Feed as a valid text character within mail messages. (bsc#922543) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-mailx=10577 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-mailx=10577 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-mailx=10577 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): mailx-12.5-1.9.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): mailx-12.5-1.9.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): mailx-12.5-1.9.1 References: https://bugzilla.suse.com/922543 https://download.suse.com/patch/finder/?keywords=4e9dbab8ceded0ba8a8a4a9d3c9c8f0b From sle-updates at lists.suse.com Thu May 14 10:05:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 18:05:08 +0200 (CEST) Subject: SUSE-YU-2015:0877-1: moderate: YOU update for the Software Update Stack Message-ID: <20150514160508.9D01032161@maintenance.suse.de> SUSE YOU Update: YOU update for the Software Update Stack ______________________________________________________________________________ Announcement ID: SUSE-YU-2015:0877-1 Rating: moderate References: #889363 #903405 #925696 #927261 #929483 #929593 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has 6 YOU fixes can now be installed. It includes four new package versions. Description: This collective update for the Software Update Stack provides fixes and enhancements. libzypp: * Fix SEGV when dumping rpm header with epoch. (bsc#929483) * POODLE: libzypp should only talk TLS. (bsc#903405) yast2-pkg-bindings: * Add "eol" flag to product data to report "End Of Life" product date. (FATE#300591) zypp-plugin: * Force usage of the official python VM; no longer use "/usr/bin/env python". (bsc#889363) zypper: * Clarify 'zypper lp --date' description. (bsc#929593) * Fix manpage format. (bsc#927261) * Fix prompt returning undefined default value after wrong input. (bsc#925696) Special Instructions and Notes: This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. Patch Instructions: To install this SUSE YOU Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-softwaremgmt-201505=10662 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-softwaremgmt-201505=10662 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-softwaremgmt-201505=10662 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-softwaremgmt-201505=10662 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.38.7]: libzypp-devel-9.38.7-0.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch) [New Version: 2.17.61]: yast2-pkg-bindings-devel-doc-2.17.61-0.7.2 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 0.5,1.6.325,2.17.61 and 9.38.7]: libzypp-9.38.7-0.7.1 yast2-pkg-bindings-2.17.61-0.7.2 zypp-plugin-python-0.5-0.5.1 zypper-1.6.325-0.7.3 zypper-log-1.6.325-0.7.3 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.5,1.6.325,2.17.61 and 9.38.7]: libzypp-9.38.7-0.7.1 yast2-pkg-bindings-2.17.61-0.7.2 zypp-plugin-python-0.5-0.5.1 zypper-1.6.325-0.7.3 zypper-log-1.6.325-0.7.3 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 0.5,1.6.325,2.17.61 and 9.38.7]: libzypp-9.38.7-0.7.1 yast2-pkg-bindings-2.17.61-0.7.2 zypp-plugin-python-0.5-0.5.1 zypper-1.6.325-0.7.3 zypper-log-1.6.325-0.7.3 References: https://bugzilla.suse.com/889363 https://bugzilla.suse.com/903405 https://bugzilla.suse.com/925696 https://bugzilla.suse.com/927261 https://bugzilla.suse.com/929483 https://bugzilla.suse.com/929593 https://download.suse.com/patch/finder/?keywords=118ae603f47e1b5f08bc7245189b962c From sle-updates at lists.suse.com Thu May 14 12:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 May 2015 20:04:54 +0200 (CEST) Subject: SUSE-SU-2015:0878-1: important: Security update for flash-player Message-ID: <20150514180454.C672632159@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0878-1 Rating: important References: #930677 Cross-References: CVE-2015-3044 CVE-2015-3077 CVE-2015-3078 CVE-2015-3079 CVE-2015-3080 CVE-2015-3081 CVE-2015-3082 CVE-2015-3083 CVE-2015-3084 CVE-2015-3085 CVE-2015-3086 CVE-2015-3087 CVE-2015-3088 CVE-2015-3089 CVE-2015-3090 CVE-2015-3091 CVE-2015-3092 CVE-2015-3093 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 18 vulnerabilities is now available. Description: The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues. The following vulnerabilities were fixed (bsc#930677): * APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087, CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091, CVE-2015-3092, CVE-2015-3093 More information can be found at the Adobe Security Bulletin APSB15-09: https://helpx.adobe.com/security/products/flash-player/apsb15-09.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-197=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-197=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (i586 x86_64): flash-player-11.2.202.460-83.1 flash-player-gnome-11.2.202.460-83.1 - SUSE Linux Enterprise Desktop 12 (i586 x86_64): flash-player-11.2.202.460-83.1 flash-player-gnome-11.2.202.460-83.1 References: https://www.suse.com/security/cve/CVE-2015-3044.html https://www.suse.com/security/cve/CVE-2015-3077.html https://www.suse.com/security/cve/CVE-2015-3078.html https://www.suse.com/security/cve/CVE-2015-3079.html https://www.suse.com/security/cve/CVE-2015-3080.html https://www.suse.com/security/cve/CVE-2015-3081.html https://www.suse.com/security/cve/CVE-2015-3082.html https://www.suse.com/security/cve/CVE-2015-3083.html https://www.suse.com/security/cve/CVE-2015-3084.html https://www.suse.com/security/cve/CVE-2015-3085.html https://www.suse.com/security/cve/CVE-2015-3086.html https://www.suse.com/security/cve/CVE-2015-3087.html https://www.suse.com/security/cve/CVE-2015-3088.html https://www.suse.com/security/cve/CVE-2015-3089.html https://www.suse.com/security/cve/CVE-2015-3090.html https://www.suse.com/security/cve/CVE-2015-3091.html https://www.suse.com/security/cve/CVE-2015-3092.html https://www.suse.com/security/cve/CVE-2015-3093.html https://bugzilla.suse.com/930677 From sle-updates at lists.suse.com Thu May 14 16:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 00:04:53 +0200 (CEST) Subject: SUSE-SU-2015:0880-1: moderate: Security update for flash-player Message-ID: <20150514220453.CEBC032159@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0880-1 Rating: moderate References: #930677 Cross-References: CVE-2015-3044 CVE-2015-3077 CVE-2015-3078 CVE-2015-3079 CVE-2015-3080 CVE-2015-3081 CVE-2015-3082 CVE-2015-3083 CVE-2015-3084 CVE-2015-3085 CVE-2015-3086 CVE-2015-3087 CVE-2015-3088 CVE-2015-3089 CVE-2015-3090 CVE-2015-3091 CVE-2015-3092 CVE-2015-3093 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 18 vulnerabilities is now available. It includes one version update. Description: The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues: APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087, CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091, CVE-2015-3092, CVE-2015-3093. More information can be found at the Adobe Security Bulletin APSB15-09: https://helpx.adobe.com/security/products/flash-player/apsb15-09.html . Security Issues: * CVE-2015-3044 * CVE-2015-3077 * CVE-2015-3078 * CVE-2015-3079 * CVE-2015-3080 * CVE-2015-3081 * CVE-2015-3082 * CVE-2015-3083 * CVE-2015-3084 * CVE-2015-3085 * CVE-2015-3086 * CVE-2015-3087 * CVE-2015-3088 * CVE-2015-3089 * CVE-2015-3090 * CVE-2015-3091 * CVE-2015-3092 * CVE-2015-3093 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player=10680 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.460]: flash-player-11.2.202.460-0.3.1 flash-player-gnome-11.2.202.460-0.3.1 flash-player-kde4-11.2.202.460-0.3.1 References: https://www.suse.com/security/cve/CVE-2015-3044.html https://www.suse.com/security/cve/CVE-2015-3077.html https://www.suse.com/security/cve/CVE-2015-3078.html https://www.suse.com/security/cve/CVE-2015-3079.html https://www.suse.com/security/cve/CVE-2015-3080.html https://www.suse.com/security/cve/CVE-2015-3081.html https://www.suse.com/security/cve/CVE-2015-3082.html https://www.suse.com/security/cve/CVE-2015-3083.html https://www.suse.com/security/cve/CVE-2015-3084.html https://www.suse.com/security/cve/CVE-2015-3085.html https://www.suse.com/security/cve/CVE-2015-3086.html https://www.suse.com/security/cve/CVE-2015-3087.html https://www.suse.com/security/cve/CVE-2015-3088.html https://www.suse.com/security/cve/CVE-2015-3089.html https://www.suse.com/security/cve/CVE-2015-3090.html https://www.suse.com/security/cve/CVE-2015-3091.html https://www.suse.com/security/cve/CVE-2015-3092.html https://www.suse.com/security/cve/CVE-2015-3093.html https://bugzilla.suse.com/930677 https://download.suse.com/patch/finder/?keywords=7d7013992fb3ccd36d13c089427c8daa From sle-updates at lists.suse.com Thu May 14 16:05:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 00:05:10 +0200 (CEST) Subject: SUSE-RU-2015:0881-1: moderate: Recommended update for kdump Message-ID: <20150514220510.959B232161@maintenance.suse.de> SUSE Recommended Update: Recommended update for kdump ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0881-1 Rating: moderate References: #718684 #876230 #881425 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for Kdump provides the following fixes: * Create mount point or symlink for kernel debuginfo files (bsc#881425). * Generate udev rules conditionally, based on target architecture (bsc#876230). * Make udev rules completely empty for s390x (bsc#876230). * Use RUN instead of PROGRAM in the udev rules (bsc#876230). * Remove "unknown_nmi_panic" from kdump command line (bsc#718684). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-kdump=10380 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kdump=10380 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kdump=10380 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): kdump-0.8.4-0.43.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): kdump-0.8.4-0.43.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): kdump-0.8.4-0.43.1 References: https://bugzilla.suse.com/718684 https://bugzilla.suse.com/876230 https://bugzilla.suse.com/881425 https://download.suse.com/patch/finder/?keywords=d7ac9a6dfe799f5da36e487e00be04ea From sle-updates at lists.suse.com Fri May 15 04:05:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 12:05:20 +0200 (CEST) Subject: SUSE-SU-2015:0882-1: moderate: Security update for clamav Message-ID: <20150515100520.CE64A32161@maintenance.suse.de> SUSE Security Update: Security update for clamav ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0882-1 Rating: moderate References: #929192 Cross-References: CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: The ClamAV antivirus engine was updated to version 0.98.7 to fix several security and non security issues. The following vulnerabilities were fixed (bsc#929192): * CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2221: Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. * CVE-2015-2222: Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2668: Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. * CVE-2015-2305: Apply upstream patch for possible heap overflow in Henry Spencer's regex library. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-198=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x): clamav-0.98.7-13.1 clamav-debuginfo-0.98.7-13.1 clamav-debugsource-0.98.7-13.1 References: https://www.suse.com/security/cve/CVE-2015-2170.html https://www.suse.com/security/cve/CVE-2015-2221.html https://www.suse.com/security/cve/CVE-2015-2222.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2668.html https://bugzilla.suse.com/929192 From sle-updates at lists.suse.com Fri May 15 09:05:06 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 17:05:06 +0200 (CEST) Subject: SUSE-SU-2015:0882-2: moderate: Security update for clamav Message-ID: <20150515150506.2D47E32161@maintenance.suse.de> SUSE Security Update: Security update for clamav ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0882-2 Rating: moderate References: #929192 Cross-References: CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: The ClamAV antivirus engine was updated to version 0.98.7 to fix several security and non security issues. The following vulnerabilities were fixed (bsc#929192): * CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2221: Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. * CVE-2015-2222: Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2668: Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. * CVE-2015-2305: Apply upstream patch for possible heap overflow in Henry Spencer's regex library. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-198=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-198=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): clamav-0.98.7-13.1 clamav-debuginfo-0.98.7-13.1 clamav-debugsource-0.98.7-13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): clamav-0.98.7-13.1 clamav-debuginfo-0.98.7-13.1 clamav-debugsource-0.98.7-13.1 References: https://www.suse.com/security/cve/CVE-2015-2170.html https://www.suse.com/security/cve/CVE-2015-2221.html https://www.suse.com/security/cve/CVE-2015-2222.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2668.html https://bugzilla.suse.com/929192 From sle-updates at lists.suse.com Fri May 15 10:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 18:04:55 +0200 (CEST) Subject: SUSE-SU-2015:0884-1: important: Security update for spice Message-ID: <20150515160455.66B9832159@maintenance.suse.de> SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0884-1 Rating: important References: #848279 Cross-References: CVE-2013-4282 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The remote desktop software SPICE was updated to address one security issue. The following vulnerabilitiy was fixed: * A stack-based buffer overflow in the password handling code allowed remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. (bsc#848279, CVE-2013-4282) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-199=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-199=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): libspice-server1-0.12.4-6.1 libspice-server1-debuginfo-0.12.4-6.1 spice-debugsource-0.12.4-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libspice-server1-0.12.4-6.1 libspice-server1-debuginfo-0.12.4-6.1 spice-debugsource-0.12.4-6.1 References: https://www.suse.com/security/cve/CVE-2013-4282.html https://bugzilla.suse.com/848279 From sle-updates at lists.suse.com Fri May 15 11:04:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 19:04:50 +0200 (CEST) Subject: SUSE-RU-2015:0885-1: moderate: Recommended update for udev Message-ID: <20150515170450.9CE0E32159@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0885-1 Rating: moderate References: #928391 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for udev adds rules that create persistent names for NVMe devices. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libgudev-1_0-0=10655 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libgudev-1_0-0=10655 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libgudev-1_0-0=10655 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libgudev-1_0-0=10655 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.102.1 libudev-devel-147-0.102.1 libudev0-147-0.102.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libgudev-1_0-0-147-0.102.1 libudev0-147-0.102.1 udev-147-0.102.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.102.1 libudev0-32bit-147-0.102.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.102.1 libudev0-147-0.102.1 udev-147-0.102.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.102.1 libudev0-32bit-147-0.102.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libgudev-1_0-0-x86-147-0.102.1 libudev0-x86-147-0.102.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libgudev-1_0-0-147-0.102.1 libudev0-147-0.102.1 udev-147-0.102.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgudev-1_0-0-32bit-147-0.102.1 libudev0-32bit-147-0.102.1 References: https://bugzilla.suse.com/928391 https://download.suse.com/patch/finder/?keywords=a96058fd951c1d354939686f41b8ddee From sle-updates at lists.suse.com Fri May 15 14:04:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 22:04:51 +0200 (CEST) Subject: SUSE-SU-2015:0886-1: moderate: Security update for struts Message-ID: <20150515200451.0731932159@maintenance.suse.de> SUSE Security Update: Security update for struts ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0886-1 Rating: moderate References: #924887 Cross-References: CVE-2015-0899 Affected Products: SUSE Manager Server SUSE Manager 1.7 for SLE 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Apache Struts was updated to fix one security issue: * The input validation could be bypassed in MultiPageValidator. (bnc#924887, CVE-2015-0899) Security Issues: * CVE-2015-0899 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-struts=10679 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-struts=10678 - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-struts=10679 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (noarch): struts-1.2.9-162.37.1 - SUSE Manager 1.7 for SLE 11 SP2 (noarch): struts-1.2.9-162.37.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (noarch): struts-1.2.9-162.37.1 struts-javadoc-1.2.9-162.37.1 struts-manual-1.2.9-162.37.1 References: https://www.suse.com/security/cve/CVE-2015-0899.html https://bugzilla.suse.com/924887 https://download.suse.com/patch/finder/?keywords=9790bac0758b865888f6d56ab5241b01 https://download.suse.com/patch/finder/?keywords=d687ee32a48a395f483c9124673424df From sle-updates at lists.suse.com Fri May 15 14:05:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 May 2015 22:05:09 +0200 (CEST) Subject: SUSE-SU-2015:0887-1: moderate: Security update for openldap2 Message-ID: <20150515200509.498FA32161@maintenance.suse.de> SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0887-1 Rating: moderate References: #846389 #905959 #916897 #916914 Cross-References: CVE-2013-4449 CVE-2015-1545 CVE-2015-1546 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Security Module 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: openldap2 was updated to fix three security issues and one non-security bug. The following vulnerabilities were fixed: * A remote attacker could cause a denial of service (slapd crash) by unbinding immediately after a search request. (bnc#846389, CVE-2013-4449) * A remote attacker could cause a denial of service through a NULL pointer dereference and crash via an empty attribute list in a deref control in a search request. (bnc#916897, CVE-2015-1545) * A remote attacker could cause a denial of service (crash) via a crafted search query with a matched values control. (bnc#916914, CVE-2015-1546) The following non-security bug was fixed: * Prevent connection-0 (internal connection) from showing up in the monitor back-end. (bnc#905959) Security Issues: * CVE-2015-1546 * CVE-2015-1545 * CVE-2013-4449 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-openldap2-20150423=10635 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-openldap2-20150423=10635 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-openldap2-20150423=10635 - SUSE Linux Enterprise Security Module 11 SP3: zypper in -t patch secsp3-openldap2-20150423=10635 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-openldap2-20150423=10635 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): openldap2-back-perl-2.4.26-0.30.1 openldap2-devel-2.4.26-0.30.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): openldap2-devel-32bit-2.4.26-0.30.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): openldap2-2.4.26-0.30.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): compat-libldap-2_3-0-2.3.37-2.30.1 libldap-2_4-2-2.4.26-0.30.1 openldap2-2.4.26-0.30.1 openldap2-back-meta-2.4.26-0.30.1 openldap2-client-2.4.26-0.30.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libldap-2_4-2-32bit-2.4.26-0.30.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): compat-libldap-2_3-0-2.3.37-2.30.1 libldap-2_4-2-2.4.26-0.30.1 openldap2-2.4.26-0.30.1 openldap2-back-meta-2.4.26-0.30.1 openldap2-client-2.4.26-0.30.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libldap-2_4-2-32bit-2.4.26-0.30.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libldap-2_4-2-x86-2.4.26-0.30.1 - SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64): libldap-openssl1-2_4-2-2.4.26-0.30.2 - SUSE Linux Enterprise Security Module 11 SP3 (ppc64 s390x x86_64): libldap-openssl1-2_4-2-32bit-2.4.26-0.30.2 - SUSE Linux Enterprise Security Module 11 SP3 (ia64): libldap-openssl1-2_4-2-x86-2.4.26-0.30.2 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libldap-2_4-2-2.4.26-0.30.1 openldap2-client-2.4.26-0.30.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libldap-2_4-2-32bit-2.4.26-0.30.1 References: https://www.suse.com/security/cve/CVE-2013-4449.html https://www.suse.com/security/cve/CVE-2015-1545.html https://www.suse.com/security/cve/CVE-2015-1546.html https://bugzilla.suse.com/846389 https://bugzilla.suse.com/905959 https://bugzilla.suse.com/916897 https://bugzilla.suse.com/916914 https://download.suse.com/patch/finder/?keywords=0928f5c9a167750a8d91b2beccf9a178 From sle-updates at lists.suse.com Fri May 15 16:04:48 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 May 2015 00:04:48 +0200 (CEST) Subject: SUSE-SU-2015:0889-1: important: Security update for KVM Message-ID: <20150515220448.9ED2C32159@maintenance.suse.de> SUSE Security Update: Security update for KVM ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0889-1 Rating: important References: #929339 Cross-References: CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: KVM was updated to fix a buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. (CVE-2015-3456) Security Issues: * CVE-2015-3456 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-kvm=10672 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-kvm=10672 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.27.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]: kvm-1.4.2-0.22.27.1 References: https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=0004a1b76b4d8709b2022934a3603519 From sle-updates at lists.suse.com Fri May 15 16:05:21 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 May 2015 00:05:21 +0200 (CEST) Subject: SUSE-RU-2015:0891-1: Recommended update for microcode_ctl Message-ID: <20150515220521.1F90F32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0891-1 Rating: low References: #913005 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides Intel's CPU microcode version 20150121. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-microcode_ctl=10558 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-microcode_ctl=10558 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-microcode_ctl=10558 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): microcode_ctl-1.17-102.78.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): microcode_ctl-1.17-102.78.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): microcode_ctl-1.17-102.78.1 References: https://bugzilla.suse.com/913005 https://download.suse.com/patch/finder/?keywords=b0b15332e4b08e749c1ffde8b30aa763 From sle-updates at lists.suse.com Fri May 15 17:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 16 May 2015 01:04:52 +0200 (CEST) Subject: SUSE-SU-2015:0884-2: important: Security update for spice Message-ID: <20150515230452.D246B3213D@maintenance.suse.de> SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0884-2 Rating: important References: #848279 Cross-References: CVE-2013-4282 Affected Products: SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The remote desktop software SPICE was updated to address one security issue. The following vulnerabilitiy was fixed: * A stack-based buffer overflow in the password handling code allowed remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. (bsc#848279, CVE-2013-4282) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-199=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (x86_64): libspice-server-devel-0.12.4-6.1 spice-debugsource-0.12.4-6.1 References: https://www.suse.com/security/cve/CVE-2013-4282.html https://bugzilla.suse.com/848279 From sle-updates at lists.suse.com Mon May 18 09:05:00 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 17:05:00 +0200 (CEST) Subject: SUSE-SU-2015:0896-1: important: Security update for qemu Message-ID: <20150518150500.A313832161@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0896-1 Rating: important References: #886378 #924018 #929339 Cross-References: CVE-2015-1779 CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: qemu / kvm was updated to fix a security issue and some bugs. Security issue fixed: * CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. * CVE-2015-1779: Fixed insufficient resource limiting in the VNC websockets decoder. Bugs fixed: - qemu truncates vhd images in virt-rescue (bsc#886378) - Update kvm-supported.txt with the current rbd support status. - enable rbd build on x86_64 (qemu-block-rbd package) (FATE#318349) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-200=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-200=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): qemu-2.0.2-46.1 qemu-block-curl-2.0.2-46.1 qemu-block-curl-debuginfo-2.0.2-46.1 qemu-debugsource-2.0.2-46.1 qemu-guest-agent-2.0.2-46.1 qemu-guest-agent-debuginfo-2.0.2-46.1 qemu-lang-2.0.2-46.1 qemu-tools-2.0.2-46.1 qemu-tools-debuginfo-2.0.2-46.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): qemu-kvm-2.0.2-46.1 - SUSE Linux Enterprise Server 12 (ppc64le): qemu-ppc-2.0.2-46.1 qemu-ppc-debuginfo-2.0.2-46.1 - SUSE Linux Enterprise Server 12 (noarch): qemu-ipxe-1.0.0-46.1 qemu-seabios-1.7.4-46.1 qemu-sgabios-8-46.1 qemu-vgabios-1.7.4-46.1 - SUSE Linux Enterprise Server 12 (x86_64): qemu-block-rbd-2.0.2-46.1 qemu-block-rbd-debuginfo-2.0.2-46.1 qemu-x86-2.0.2-46.1 qemu-x86-debuginfo-2.0.2-46.1 - SUSE Linux Enterprise Server 12 (s390x): qemu-s390-2.0.2-46.1 qemu-s390-debuginfo-2.0.2-46.1 - SUSE Linux Enterprise Desktop 12 (x86_64): qemu-2.0.2-46.1 qemu-block-curl-2.0.2-46.1 qemu-block-curl-debuginfo-2.0.2-46.1 qemu-debugsource-2.0.2-46.1 qemu-kvm-2.0.2-46.1 qemu-tools-2.0.2-46.1 qemu-tools-debuginfo-2.0.2-46.1 qemu-x86-2.0.2-46.1 qemu-x86-debuginfo-2.0.2-46.1 - SUSE Linux Enterprise Desktop 12 (noarch): qemu-ipxe-1.0.0-46.1 qemu-seabios-1.7.4-46.1 qemu-sgabios-8-46.1 qemu-vgabios-1.7.4-46.1 References: https://www.suse.com/security/cve/CVE-2015-1779.html https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/886378 https://bugzilla.suse.com/924018 https://bugzilla.suse.com/929339 From sle-updates at lists.suse.com Mon May 18 09:05:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 17:05:49 +0200 (CEST) Subject: SUSE-OU-2015:0897-1: Optional update for libgnomecups Message-ID: <20150518150549.85F8432161@maintenance.suse.de> SUSE Optional Update: Optional update for libgnomecups ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:0897-1 Rating: low References: #923385 Affected Products: SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds the library libgnomecups to SUSE Linux Enterprise Desktop 12. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-201=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 12 (x86_64): libgnomecups-0.2.3-138.1 libgnomecups-32bit-0.2.3-138.1 libgnomecups-debuginfo-0.2.3-138.1 libgnomecups-debuginfo-32bit-0.2.3-138.1 libgnomecups-debugsource-0.2.3-138.1 sled-release-12-5.1 - SUSE Linux Enterprise Desktop 12 (noarch): libgnomecups-lang-0.2.3-138.1 References: https://bugzilla.suse.com/923385 From sle-updates at lists.suse.com Mon May 18 11:04:59 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 19:04:59 +0200 (CEST) Subject: SUSE-RU-2015:0898-1: Recommended update for release-notes-sled Message-ID: <20150518170459.1B59732159@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0898-1 Rating: low References: #922682 #922978 #923961 #926387 #927030 #930359 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update provides the latest revision of the release notes for SUSE Linux Enterprise Desktop 12. - Updated: Remote Login with XDMCP (fate#317876). - Updated: Life-cycle information (bsc#923961). - Updated: Availability of kernel-extra (bsc#922978, fate#316706). - New: Support Notice for Desktop Software Components (fate#318185). - New: Document YaST GTK removal (bsc#927030, fate#318929). - New: Developing and running 32bit applications on SLE12 (fate#317890). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-202=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-202=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (noarch): release-notes-sled-12.0.20150511-26.2 - SUSE Linux Enterprise Desktop 12 (noarch): release-notes-sled-12.0.20150511-26.2 References: https://bugzilla.suse.com/922682 https://bugzilla.suse.com/922978 https://bugzilla.suse.com/923961 https://bugzilla.suse.com/926387 https://bugzilla.suse.com/927030 https://bugzilla.suse.com/930359 From sle-updates at lists.suse.com Mon May 18 11:06:11 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 19:06:11 +0200 (CEST) Subject: SUSE-RU-2015:0899-1: Recommended update for Samba Message-ID: <20150518170611.8C50D32161@maintenance.suse.de> SUSE Recommended Update: Recommended update for Samba ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0899-1 Rating: low References: #773464 #901813 #913304 #922825 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for Samba provides the following fixes: * Purge printer name cache on spoolss SetPrinter change. (bsc#901813, bso#11210) * Remove deprecated base_rid example from idmap_rid manpage. (bsc#913304, bso#11169) * Use domain name if search by domain SID fails to send SIDHistory lookups to correct idmap backend. (bsc#773464) * Add samba-test sub-package with smbtorture and other binaries to the SDK. (bsc#922825, fate#317094) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-samba-201504=10651 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-samba-201504=10651 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-samba-201504=10651 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-samba-201504=10651 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-0.58.1 libnetapi-devel-3.6.3-0.58.1 libnetapi0-3.6.3-0.58.1 libsmbclient-devel-3.6.3-0.58.1 libsmbsharemodes-devel-3.6.3-0.58.1 libsmbsharemodes0-3.6.3-0.58.1 libtalloc-devel-3.6.3-0.58.1 libtdb-devel-3.6.3-0.58.1 libtevent-devel-3.6.3-0.58.1 libwbclient-devel-3.6.3-0.58.1 samba-devel-3.6.3-0.58.1 samba-test-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): ldapsmb-1.34b-12.58.1 libldb1-3.6.3-0.58.1 libsmbclient0-3.6.3-0.58.1 libtalloc2-3.6.3-0.58.1 libtdb1-3.6.3-0.58.1 libtevent0-3.6.3-0.58.1 libwbclient0-3.6.3-0.58.1 samba-3.6.3-0.58.1 samba-client-3.6.3-0.58.1 samba-krb-printing-3.6.3-0.58.1 samba-winbind-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libsmbclient0-32bit-3.6.3-0.58.1 libtalloc2-32bit-3.6.3-0.58.1 libtdb1-32bit-3.6.3-0.58.1 libtevent0-32bit-3.6.3-0.58.1 libwbclient0-32bit-3.6.3-0.58.1 samba-32bit-3.6.3-0.58.1 samba-client-32bit-3.6.3-0.58.1 samba-winbind-32bit-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (noarch): samba-doc-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-12.58.1 libldb1-3.6.3-0.58.1 libsmbclient0-3.6.3-0.58.1 libtalloc2-3.6.3-0.58.1 libtdb1-3.6.3-0.58.1 libtevent0-3.6.3-0.58.1 libwbclient0-3.6.3-0.58.1 samba-3.6.3-0.58.1 samba-client-3.6.3-0.58.1 samba-krb-printing-3.6.3-0.58.1 samba-winbind-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-0.58.1 libtalloc2-32bit-3.6.3-0.58.1 libtdb1-32bit-3.6.3-0.58.1 libtevent0-32bit-3.6.3-0.58.1 libwbclient0-32bit-3.6.3-0.58.1 samba-32bit-3.6.3-0.58.1 samba-client-32bit-3.6.3-0.58.1 samba-winbind-32bit-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 (noarch): samba-doc-3.6.3-0.58.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libsmbclient0-x86-3.6.3-0.58.1 libtalloc2-x86-3.6.3-0.58.1 libtdb1-x86-3.6.3-0.58.1 libwbclient0-x86-3.6.3-0.58.1 samba-client-x86-3.6.3-0.58.1 samba-winbind-x86-3.6.3-0.58.1 samba-x86-3.6.3-0.58.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libldb1-3.6.3-0.58.1 libsmbclient0-3.6.3-0.58.1 libtalloc2-3.6.3-0.58.1 libtdb1-3.6.3-0.58.1 libtevent0-3.6.3-0.58.1 libwbclient0-3.6.3-0.58.1 samba-3.6.3-0.58.1 samba-client-3.6.3-0.58.1 samba-krb-printing-3.6.3-0.58.1 samba-winbind-3.6.3-0.58.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libldb1-32bit-3.6.3-0.58.1 libsmbclient0-32bit-3.6.3-0.58.1 libtalloc2-32bit-3.6.3-0.58.1 libtdb1-32bit-3.6.3-0.58.1 libtevent0-32bit-3.6.3-0.58.1 libwbclient0-32bit-3.6.3-0.58.1 samba-32bit-3.6.3-0.58.1 samba-client-32bit-3.6.3-0.58.1 samba-winbind-32bit-3.6.3-0.58.1 - SUSE Linux Enterprise Desktop 11 SP3 (noarch): samba-doc-3.6.3-0.58.1 References: https://bugzilla.suse.com/773464 https://bugzilla.suse.com/901813 https://bugzilla.suse.com/913304 https://bugzilla.suse.com/922825 https://download.suse.com/patch/finder/?keywords=02cc21334f7c493de16d9c02b3063f06 From sle-updates at lists.suse.com Mon May 18 11:07:10 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 19:07:10 +0200 (CEST) Subject: SUSE-RU-2015:0900-1: Recommended update for SLED 12 Manuals Message-ID: <20150518170710.8EB4032161@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLED 12 Manuals ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0900-1 Rating: low References: #743874 #857639 #883393 #902463 #904182 #904186 #904188 #905330 #906362 #907504 #907506 #907648 #907754 #909494 #910121 #910132 #910133 #910137 #910142 #910148 #911390 #911409 #912700 #912882 #913640 #914727 #918599 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 27 recommended fixes can now be installed. Description: This update for SUSE Linux Enterprise Desktop 12 Manuals brings several enhancements and fixes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-203=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-203=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (noarch): sled-admin_en-pdf-12-28.1 sled-deployment_en-pdf-12-28.1 sled-gnomeuser_en-pdf-12-28.1 sled-installquick_en-pdf-12-28.1 sled-manuals_en-12-28.1 sled-security_en-pdf-12-28.1 sled-tuning_en-pdf-12-28.1 - SUSE Linux Enterprise Desktop 12 (noarch): sled-admin_en-pdf-12-28.1 sled-deployment_en-pdf-12-28.1 sled-gnomeuser_en-pdf-12-28.1 sled-installquick_en-pdf-12-28.1 sled-manuals_en-12-28.1 sled-security_en-pdf-12-28.1 sled-tuning_en-pdf-12-28.1 References: https://bugzilla.suse.com/743874 https://bugzilla.suse.com/857639 https://bugzilla.suse.com/883393 https://bugzilla.suse.com/902463 https://bugzilla.suse.com/904182 https://bugzilla.suse.com/904186 https://bugzilla.suse.com/904188 https://bugzilla.suse.com/905330 https://bugzilla.suse.com/906362 https://bugzilla.suse.com/907504 https://bugzilla.suse.com/907506 https://bugzilla.suse.com/907648 https://bugzilla.suse.com/907754 https://bugzilla.suse.com/909494 https://bugzilla.suse.com/910121 https://bugzilla.suse.com/910132 https://bugzilla.suse.com/910133 https://bugzilla.suse.com/910137 https://bugzilla.suse.com/910142 https://bugzilla.suse.com/910148 https://bugzilla.suse.com/911390 https://bugzilla.suse.com/911409 https://bugzilla.suse.com/912700 https://bugzilla.suse.com/912882 https://bugzilla.suse.com/913640 https://bugzilla.suse.com/914727 https://bugzilla.suse.com/918599 From sle-updates at lists.suse.com Mon May 18 11:12:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 19:12:09 +0200 (CEST) Subject: SUSE-SU-2015:0901-1: moderate: Security update for libtasn1 Message-ID: <20150518171209.3E6CE32159@maintenance.suse.de> SUSE Security Update: Security update for libtasn1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0901-1 Rating: moderate References: #924828 Cross-References: CVE-2015-2806 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The ASN.1 parsing library libtasn1 was updated to fix one memory handling issue: * CVE-2015-2806: A stack-based buffer overflow in libtasn1 allowed remote attackers to have unspecified impact via unknown vectors. Security Issues: * CVE-2015-2806 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libtasn1=10659 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libtasn1=10659 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libtasn1=10659 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libtasn1=10659 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libtasn1-devel-1.5-1.30.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libtasn1-1.5-1.30.1 libtasn1-3-1.5-1.30.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libtasn1-3-32bit-1.5-1.30.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libtasn1-1.5-1.30.1 libtasn1-3-1.5-1.30.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libtasn1-3-32bit-1.5-1.30.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libtasn1-3-x86-1.5-1.30.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libtasn1-1.5-1.30.1 libtasn1-3-1.5-1.30.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libtasn1-3-32bit-1.5-1.30.1 References: https://www.suse.com/security/cve/CVE-2015-2806.html https://bugzilla.suse.com/924828 https://download.suse.com/patch/finder/?keywords=a6116d09000e5a9dea5b5ce0264d3dce From sle-updates at lists.suse.com Mon May 18 14:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 22:04:53 +0200 (CEST) Subject: SUSE-OU-2015:0902-1: Optional update for libapr-util1 Message-ID: <20150518200453.8BDA632159@maintenance.suse.de> SUSE Optional Update: Optional update for libapr-util1 ______________________________________________________________________________ Announcement ID: SUSE-OU-2015:0902-1 Rating: low References: #929182 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: libapr-util1 has been rebuild in order to synchronize revisions in all supported architectures. There are no code changes in this update. Indications: Any user can install this update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libapr-util1=10677 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libapr-util1=10677 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libapr-util1=10677 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libapr-util1-devel-1.3.4-12.22.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): libapr-util1-1.3.4-12.22.23.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64): libapr-util1-devel-32bit-1.3.4-12.22.23.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libapr-util1-1.3.4-12.22.23.1 libapr-util1-dbd-sqlite3-1.3.4-12.22.23.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libapr-util1-1.3.4-12.22.23.1 libapr-util1-dbd-sqlite3-1.3.4-12.22.23.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64): libapr-util1-32bit-1.3.4-12.22.23.1 References: https://bugzilla.suse.com/929182 https://download.suse.com/patch/finder/?keywords=0861f445be322d637d89de9e5d616419 From sle-updates at lists.suse.com Mon May 18 15:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 May 2015 23:04:52 +0200 (CEST) Subject: SUSE-RU-2015:0903-1: Recommended update for crowbar Message-ID: <20150518210452.C789532159@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0903-1 Rating: low References: #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar provides the following stability fixes and improvements from the upstream OpenStack project: * Update macros.crowbar: patch Rakefile in %crowbar_barclamp_build to not depend on rspec gem for the build. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-crowbar=10596 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-1.9+git.1424364775.ca0d017-0.9.1 crowbar-devel-1.9+git.1424364775.ca0d017-0.9.1 References: https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=c7943558650ac8df4ce7a7ee8c693eff From sle-updates at lists.suse.com Tue May 19 03:05:09 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 May 2015 11:05:09 +0200 (CEST) Subject: SUSE-SU-2015:0904-1: Security update for libtasn1 Message-ID: <20150519090509.EC62E32159@maintenance.suse.de> SUSE Security Update: Security update for libtasn1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0904-1 Rating: low References: #924828 Cross-References: CVE-2015-2806 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The ASN.1 parsing library libtasn1 was updated to fix one memory handling issue. The following vulnerability was fixed: * CVE-2015-2806: A stack-based buffer overflow in libtasn1 allowed remote attackers to have unspecified impact via unknown vectors. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-204=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-204=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-204=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libtasn1-debuginfo-3.7-4.1 libtasn1-debugsource-3.7-4.1 libtasn1-devel-3.7-4.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libtasn1-3.7-4.1 libtasn1-6-3.7-4.1 libtasn1-6-debuginfo-3.7-4.1 libtasn1-debuginfo-3.7-4.1 libtasn1-debugsource-3.7-4.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libtasn1-6-32bit-3.7-4.1 libtasn1-6-debuginfo-32bit-3.7-4.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libtasn1-3.7-4.1 libtasn1-6-3.7-4.1 libtasn1-6-32bit-3.7-4.1 libtasn1-6-debuginfo-3.7-4.1 libtasn1-6-debuginfo-32bit-3.7-4.1 libtasn1-debuginfo-3.7-4.1 libtasn1-debugsource-3.7-4.1 References: https://www.suse.com/security/cve/CVE-2015-2806.html https://bugzilla.suse.com/924828 From sle-updates at lists.suse.com Tue May 19 06:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 May 2015 14:04:56 +0200 (CEST) Subject: SUSE-SU-2015:0907-1: moderate: Security update for oracle-update Message-ID: <20150519120456.AE6AE32006@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0907-1 Rating: moderate References: #927281 Cross-References: CVE-2015-0455 CVE-2015-0457 CVE-2015-0479 CVE-2015-0483 Affected Products: SUSE Manager Server SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: The embedded Oracle database was updated to fix four security issues: * CVE-2015-0455: The XDB - XML Database component of Oracle Database Server could allow remote authenticated users unauthorized read access to arbitrary operating system files. * CVE-2015-0457: The Java VM component of Oracle Database Server could allow remote authenticated users with Create Session privileges to execute arbitrary code. * CVE-2015-0479: The XDK and XDB - XML Database component of Oracle Database Server could allow remote authenticated users with Create Session privileges to cause a partial denial of service (partial DOS) of XDK and XDB - XML Database. * CVE-2015-0483: Remote authenticated users with Create Session privileges could update, insert or delete Core RDBMS accessible data. Security Issues: * CVE-2015-0457 * CVE-2015-0455 * CVE-2015-0483 * CVE-2015-0479 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-oracle-update=10626 - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-oracle-update=10625 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (x86_64): oracle-update-1.7-0.31.1 - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): oracle-update-1.7-0.31.1 References: https://www.suse.com/security/cve/CVE-2015-0455.html https://www.suse.com/security/cve/CVE-2015-0457.html https://www.suse.com/security/cve/CVE-2015-0479.html https://www.suse.com/security/cve/CVE-2015-0483.html https://bugzilla.suse.com/927281 https://download.suse.com/patch/finder/?keywords=e4e431aad0cdac971cd12987f82a71e0 https://download.suse.com/patch/finder/?keywords=ff6d4e47f771462926466be1acb8b95c From sle-updates at lists.suse.com Tue May 19 09:05:13 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 May 2015 17:05:13 +0200 (CEST) Subject: SUSE-RU-2015:0915-1: Recommended update for librtas Message-ID: <20150519150513.3AE9132163@maintenance.suse.de> SUSE Recommended Update: Recommended update for librtas ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0915-1 Rating: low References: #902243 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for librtas provides fixes for ppc64 little-endian support. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-205=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le): librtas-debugsource-1.3.12-4.1 librtas1-1.3.12-4.1 librtas1-debuginfo-1.3.12-4.1 References: https://bugzilla.suse.com/902243 From sle-updates at lists.suse.com Tue May 19 11:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 May 2015 19:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0916-1: important: Recommended update for spacewalk-koan Message-ID: <20150519170455.B0D173215E@maintenance.suse.de> SUSE Recommended Update: Recommended update for spacewalk-koan ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0916-1 Rating: important References: #920748 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for spacewalk-koan fixes a crash when installing via DHCP. Indications: Everybody should update. Package List: - SLE CLIENT TOOLS 10 for x86_64 (noarch): spacewalk-koan-1.7.1.8-0.5.1 - SLE CLIENT TOOLS 10 for s390x (noarch): spacewalk-koan-1.7.1.8-0.5.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): spacewalk-koan-1.7.1.8-0.5.1 - SLE CLIENT TOOLS 10 for PPC (noarch): spacewalk-koan-1.7.1.8-0.5.1 - SLE CLIENT TOOLS 10 (noarch): spacewalk-koan-1.7.1.8-0.5.1 References: https://bugzilla.suse.com/920748 https://download.suse.com/patch/finder/?keywords=6635f547396515956452a35500c8c30f From sle-updates at lists.suse.com Tue May 19 19:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 May 2015 03:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0917-1: Recommended update for crowbar-barclamp-ntp Message-ID: <20150520010453.238C23215E@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-ntp ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0917-1 Rating: low References: #881196 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crowbar-barclamp-ntp provides the following fixes and improvements from the upstream OpenStack project: * Ntpd listens on admin interface only (bnc#881196) * Added badges and dummy rspec * Watch specific branches with travis Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-ntp=10594 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (noarch): crowbar-barclamp-ntp-1.9+git.1426753113.067821c-0.7.2 References: https://bugzilla.suse.com/881196 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=de2ab7e4796d75d037fd82d3dddfd9be From sle-updates at lists.suse.com Tue May 19 19:05:23 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 May 2015 03:05:23 +0200 (CEST) Subject: SUSE-RU-2015:0918-1: Recommended update for net-tools Message-ID: <20150520010523.EC7D63215E@maintenance.suse.de> SUSE Recommended Update: Recommended update for net-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0918-1 Rating: low References: #861302 #898716 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for net-tools provides the following fixes: * Fixed hostname -f call if only ipv6 addresses are associated. (bsc#898716) * Fixed display of inode if the value exceeds signed int. (bsc#861302) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-net-tools=10578 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-net-tools=10578 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-net-tools=10578 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): net-tools-1.60-725.35.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): net-tools-1.60-725.35.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): net-tools-1.60-725.35.1 References: https://bugzilla.suse.com/861302 https://bugzilla.suse.com/898716 https://download.suse.com/patch/finder/?keywords=742a127071cd0e38a21c17278158cda1 From sle-updates at lists.suse.com Wed May 20 11:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 May 2015 19:04:52 +0200 (CEST) Subject: SUSE-SU-2015:0921-1: important: Security update for gstreamer-0_10-plugins-bad Message-ID: <20150520170452.2D59C3215E@maintenance.suse.de> SUSE Security Update: Security update for gstreamer-0_10-plugins-bad ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0921-1 Rating: important References: #927559 Cross-References: CVE-2015-0797 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797). Security Issues: * CVE-2015-0797 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gstreamer-0_10-plugins-bad=10643 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gstreamer-0_10-plugins-bad-0.10.22-7.11.1 gstreamer-0_10-plugins-bad-lang-0.10.22-7.11.1 libgstbasecamerabinsrc-0_10-0-0.10.22-7.11.1 libgstbasevideo-0_10-0-0.10.22-7.11.1 libgstphotography-0_10-0-0.10.22-7.11.1 libgstsignalprocessor-0_10-0-0.10.22-7.11.1 libgstvdp-0_10-0-0.10.22-7.11.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libgstbasecamerabinsrc-0_10-0-32bit-0.10.22-7.11.1 libgstbasevideo-0_10-0-32bit-0.10.22-7.11.1 libgstphotography-0_10-0-32bit-0.10.22-7.11.1 libgstsignalprocessor-0_10-0-32bit-0.10.22-7.11.1 libgstvdp-0_10-0-32bit-0.10.22-7.11.1 References: https://www.suse.com/security/cve/CVE-2015-0797.html https://bugzilla.suse.com/927559 https://download.suse.com/patch/finder/?keywords=f7ccd0598b1d14e206c07e76854611ef From sle-updates at lists.suse.com Wed May 20 14:04:47 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 May 2015 22:04:47 +0200 (CEST) Subject: SUSE-SU-2015:0922-1: Security update for OpenSLP Message-ID: <20150520200448.00CC532163@maintenance.suse.de> SUSE Security Update: Security update for OpenSLP ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0922-1 Rating: low References: #778508 #855385 Cross-References: CVE-2012-4428 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for OpenSLP fixes a bug in SLPIntersectStringList that could lead to an out-of-bounds read (CVE-2012-4428). Additionally, the SLP daemon now always use localtime(3) when writing to log files to avoid having timestamps with different timezones. Security Issues: * CVE-2012-4428 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-openslp=10654 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-openslp=10654 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-openslp=10654 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-openslp=10654 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): openslp-devel-1.2.0-172.24.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): openslp-server-1.2.0-172.24.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): openslp-1.2.0-172.24.1 openslp-server-1.2.0-172.24.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): openslp-32bit-1.2.0-172.24.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): openslp-1.2.0-172.24.1 openslp-server-1.2.0-172.24.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): openslp-32bit-1.2.0-172.24.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): openslp-x86-1.2.0-172.24.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): openslp-1.2.0-172.24.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): openslp-32bit-1.2.0-172.24.1 References: https://www.suse.com/security/cve/CVE-2012-4428.html https://bugzilla.suse.com/778508 https://bugzilla.suse.com/855385 https://download.suse.com/patch/finder/?keywords=ff6cb64881ceac3b2f3c581c50088fa7 From sle-updates at lists.suse.com Thu May 21 01:04:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 May 2015 09:04:51 +0200 (CEST) Subject: SUSE-SU-2015:0923-1: important: Security update for xen Message-ID: <20150521070451.B2DF532161@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0923-1 Rating: important References: #922705 #922709 #927967 #929339 Cross-References: CVE-2015-2751 CVE-2015-2752 CVE-2015-3340 CVE-2015-3456 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: XEN was updated to fix two security issues and bugs. Security issues fixed: * CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. * CVE-2015-2751: Xen, when using toolstack disaggregation, allowed remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations. * CVE-2015-2752: The XEN_DOMCTL_memory_mapping hypercall in Xen, when using a PCI passthrough device, was not preemptable, which allowed local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm). * CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. Bugs fixed: - xentop: Fix memory leak on read failure Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-206=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-206=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-206=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (x86_64): xen-debugsource-4.4.2_04-18.1 xen-devel-4.4.2_04-18.1 - SUSE Linux Enterprise Server 12 (x86_64): xen-4.4.2_04-18.1 xen-debugsource-4.4.2_04-18.1 xen-doc-html-4.4.2_04-18.1 xen-kmp-default-4.4.2_04_k3.12.39_47-18.1 xen-kmp-default-debuginfo-4.4.2_04_k3.12.39_47-18.1 xen-libs-32bit-4.4.2_04-18.1 xen-libs-4.4.2_04-18.1 xen-libs-debuginfo-32bit-4.4.2_04-18.1 xen-libs-debuginfo-4.4.2_04-18.1 xen-tools-4.4.2_04-18.1 xen-tools-debuginfo-4.4.2_04-18.1 xen-tools-domU-4.4.2_04-18.1 xen-tools-domU-debuginfo-4.4.2_04-18.1 - SUSE Linux Enterprise Desktop 12 (x86_64): xen-4.4.2_04-18.1 xen-debugsource-4.4.2_04-18.1 xen-kmp-default-4.4.2_04_k3.12.39_47-18.1 xen-kmp-default-debuginfo-4.4.2_04_k3.12.39_47-18.1 xen-libs-32bit-4.4.2_04-18.1 xen-libs-4.4.2_04-18.1 xen-libs-debuginfo-32bit-4.4.2_04-18.1 xen-libs-debuginfo-4.4.2_04-18.1 References: https://www.suse.com/security/cve/CVE-2015-2751.html https://www.suse.com/security/cve/CVE-2015-2752.html https://www.suse.com/security/cve/CVE-2015-3340.html https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/922705 https://bugzilla.suse.com/922709 https://bugzilla.suse.com/927967 https://bugzilla.suse.com/929339 From sle-updates at lists.suse.com Thu May 21 11:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 May 2015 19:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0924-1: moderate: Recommended update for wicked Message-ID: <20150521170455.227E532161@maintenance.suse.de> SUSE Recommended Update: Recommended update for wicked ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0924-1 Rating: moderate References: #904323 #905421 #907215 #907694 #909307 #911299 #911562 #914792 #918662 #920070 #920889 #921218 #927065 #927616 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 14 recommended fixes can now be installed. Description: This update for Wicked provides the following fixes: - Initial pre/post-up/down script and systemd service start support. (bsc#920070, bsc#907215) - Fixed lease address owner and lifetime tracking to update address lifetimes on dhcp6 renewal, correctly drop (requesting/deferred) leases in wickedd not (yet) existing as lease in dhcp supplicants and avoid address exists error messages. (bsc#920889, bsc#907694) - Add missed wpa_supplicant's wireless mode names. (bsc#927616) - schema: Require macvlan lower device same as vlan. (bsc#927065) - Fixes to use only ready devices by name to avoid dependency confusion mapping config to wrong device, event races and wrong use of the link-up instead of the wireless link-associated event. (bsc#918662, bsc#921218) - nanny: Fix a memory-leak on policy load failure. - ifreload: Fix segmentation fault handling argument for --timeout option. - client/nanny: Initial handing of link-detection/require-link and timeout control flags (LINK_REQUIRED, LINK_READY_WAIT variables in suse ifcfg) to continue setup without ready link when requested in the config or based on device requirements (bsc#911562,bsc#914792). - client/nanny: Wait for event ACKs from wickedd instead to continue on successful request results where possible, to minimize the risk of an event backlog (bsc#905421). - client/nanny: fsm timer and cleanup related fixes and improvements, fix to use "device-setup" (MAC, bond/bridge options, ...) as state name instead of "device-up" and use "device-up" as state when the device/link is administratively set UP. Separated waitLinkUp method to wait for link/carrier from linkUp setting it administratively UP. - wireless: Consider auth-proto parameter (wpa1|wpa2) (bsc#911299). - dhcp4: Do not set/query mtu if set in the config (bsc#904323). - dhcp4: Limit MTU to be lower-equal 576 as before. - dhcp4: Completed user-class option support permitting an rfc3004 formatted option or as non-rfc, but widely used string (bsc#909307). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-207=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-207=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libwicked-0-6-0.6.18-16.1 libwicked-0-6-debuginfo-0.6.18-16.1 wicked-0.6.18-16.1 wicked-debuginfo-0.6.18-16.1 wicked-debugsource-0.6.18-16.1 wicked-service-0.6.18-16.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libwicked-0-6-0.6.18-16.1 libwicked-0-6-debuginfo-0.6.18-16.1 wicked-0.6.18-16.1 wicked-debuginfo-0.6.18-16.1 wicked-debugsource-0.6.18-16.1 wicked-service-0.6.18-16.1 References: https://bugzilla.suse.com/904323 https://bugzilla.suse.com/905421 https://bugzilla.suse.com/907215 https://bugzilla.suse.com/907694 https://bugzilla.suse.com/909307 https://bugzilla.suse.com/911299 https://bugzilla.suse.com/911562 https://bugzilla.suse.com/914792 https://bugzilla.suse.com/918662 https://bugzilla.suse.com/920070 https://bugzilla.suse.com/920889 https://bugzilla.suse.com/921218 https://bugzilla.suse.com/927065 https://bugzilla.suse.com/927616 From sle-updates at lists.suse.com Thu May 21 12:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 May 2015 20:04:54 +0200 (CEST) Subject: SUSE-SU-2015:0925-1: moderate: Security update for python-PyYAML Message-ID: <20150521180454.1709727FF2@maintenance.suse.de> SUSE Security Update: Security update for python-PyYAML ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0925-1 Rating: moderate References: #921588 Cross-References: CVE-2014-9130 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise High Availability 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: python-PyYAML was updated to fix one security issue which could have allowed an attacker to cause a denial of service by supplying specially crafted strings The following issue was fixed: - #921588: python-PyYAML: assert failure when processing wrapped strings (equivalent to CVE-2014-9130 in LibYAML) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-208=1 - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2015-208=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (ppc64le s390x x86_64): python-PyYAML-3.10-15.1 python-PyYAML-debuginfo-3.10-15.1 python-PyYAML-debugsource-3.10-15.1 - SUSE Linux Enterprise High Availability 12 (s390x x86_64): python-PyYAML-3.10-15.1 python-PyYAML-debuginfo-3.10-15.1 python-PyYAML-debugsource-3.10-15.1 References: https://www.suse.com/security/cve/CVE-2014-9130.html https://bugzilla.suse.com/921588 From sle-updates at lists.suse.com Thu May 21 14:04:49 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 May 2015 22:04:49 +0200 (CEST) Subject: SUSE-RU-2015:0926-1: Recommended update for openstack-dashboard-theme-SUSE Message-ID: <20150521200449.CFA4D27FF2@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-dashboard-theme-SUSE ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0926-1 Rating: low References: #921940 #926549 Affected Products: SUSE Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-dashboard-theme-SUSE changes the logo text from "SUSE Cloud Openstack" to "SUSE Cloud OpenStack". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 5: zypper in -t patch sleclo50sp3-openstack-dashboard-theme-SUSE=10597 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 5 (x86_64): openstack-dashboard-theme-SUSE-2014.2-0.13.1 References: https://bugzilla.suse.com/921940 https://bugzilla.suse.com/926549 https://download.suse.com/patch/finder/?keywords=1dbd2534bd9358b8b4a9279640cc1ad0 From sle-updates at lists.suse.com Thu May 21 16:04:45 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 May 2015 00:04:45 +0200 (CEST) Subject: SUSE-SU-2015:0927-1: important: Security update for Xen Message-ID: <20150521220445.DEC2B27FF2@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0927-1 Rating: important References: #910441 #927967 #929339 Cross-References: CVE-2015-3456 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: Xen was updated to fix two security issues and a bug: * CVE-2015-3456: A buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. * CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. * An exception in setCPUAffinity when restoring guests. (bsc#910441) Security Issues: * CVE-2015-3456 * CVE-2015-3340 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-xen=10673 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-xen=10673 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-xen=10673 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64): xen-devel-4.2.5_06-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64): xen-kmp-default-4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs-4.2.5_06-0.7.1 xen-tools-domU-4.2.5_06-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (x86_64): xen-4.2.5_06-0.7.1 xen-doc-html-4.2.5_06-0.7.1 xen-doc-pdf-4.2.5_06-0.7.1 xen-libs-32bit-4.2.5_06-0.7.1 xen-tools-4.2.5_06-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586): xen-kmp-pae-4.2.5_06_3.0.101_0.47.52-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): xen-kmp-default-4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs-4.2.5_06-0.7.1 xen-tools-domU-4.2.5_06-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): xen-4.2.5_06-0.7.1 xen-doc-html-4.2.5_06-0.7.1 xen-doc-pdf-4.2.5_06-0.7.1 xen-libs-32bit-4.2.5_06-0.7.1 xen-tools-4.2.5_06-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586): xen-kmp-pae-4.2.5_06_3.0.101_0.47.52-0.7.1 References: https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/910441 https://bugzilla.suse.com/927967 https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=beaa1b0c2d4c1d543469208fc416ea1e From sle-updates at lists.suse.com Thu May 21 16:05:31 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 May 2015 00:05:31 +0200 (CEST) Subject: SUSE-SU-2015:0928-1: important: Security update for SUSE Manager Server 1.7 Message-ID: <20150521220532.010CC27FF2@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Server 1.7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0928-1 Rating: important References: #799068 #809927 #814954 #864246 #870159 #879904 #881111 #896238 #896244 #898426 #900956 #901108 #902915 #903723 #906850 #912886 #922525 Cross-References: CVE-2014-7811 CVE-2014-7812 CVE-2014-8162 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 ______________________________________________________________________________ An update that solves three vulnerabilities and has 14 fixes is now available. It includes 9 new package versions. Description: This collective update for SUSE Manager 1.7 provides several fixes and enhancements. smdba: * Space reclamation caused ORA-00942 (table or view does not exist). (bsc#906850) * Optimized space reclamation for Oracle. * Implement fully hot operations for PostgreSQL. * System check breaks backup and other configuration. * Implement rotating PostgreSQL backup feature. (bsc#896244) * Set PostgreSQL max connections to the same value as for Oracle. sm-ncc-sync-data: * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108) spacecmd: * Fix call to setCustomOptions(). (bsc#879904) spacewalk-backend: * Fix encoding of submit message. * Trigger generation of metadata if the repository contains no packages. (bsc#870159) spacewalk-branding: * Update default Spacewalk entitlement certificate. spacewalk-java: * Introduce improved parser for xmlrpc. (CVE-2014-8162, bsc#922525) * Fix more cross-site scripting bugs. (CVE-2014-7811, bsc#902915) * Ffix CVE audit in case of multiversion package installed and patch in multi channels. (bsc#903723) * Fix automatic configuration file deployment via snippet. (bsc#898426) * Download CSV button does not export all columns ("Base Channel" missing). (bsc#896238) * Fix cross-site scripting in system-group. (CVE-2014-7812, bsc#912886) spacewalk-setup: * Fix XML RPC API External Entities file disclosure. (CVE-2014-8162, bsc#922525) * No activation if db population should be skipped. (bsc#900956) susemanager-schema: * Fix evr_t schema upgrade. (bsc#881111) susemanager: * Add tool to update the spacewalk public cert in the DB. * Fix the test for the mirror credentials. (bsc#864246) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Security Issues: * CVE-2014-7811 * CVE-2014-7812 * CVE-2014-8162 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-sm-ncc-sync-data=10671 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64) [New Version: 1.5,1.7.1.13,1.7.30,1.7.38.34 and 1.7.7.12]: smdba-1.5-0.6.2.1 spacecmd-1.7.7.12-0.5.1 spacewalk-backend-1.7.38.34-0.5.1 spacewalk-backend-app-1.7.38.34-0.5.1 spacewalk-backend-applet-1.7.38.34-0.5.1 spacewalk-backend-config-files-1.7.38.34-0.5.1 spacewalk-backend-config-files-common-1.7.38.34-0.5.1 spacewalk-backend-config-files-tool-1.7.38.34-0.5.1 spacewalk-backend-iss-1.7.38.34-0.5.1 spacewalk-backend-iss-export-1.7.38.34-0.5.1 spacewalk-backend-libs-1.7.38.34-0.5.1 spacewalk-backend-package-push-server-1.7.38.34-0.5.1 spacewalk-backend-server-1.7.38.34-0.5.1 spacewalk-backend-sql-1.7.38.34-0.5.1 spacewalk-backend-sql-oracle-1.7.38.34-0.5.1 spacewalk-backend-sql-postgresql-1.7.38.34-0.5.1 spacewalk-backend-tools-1.7.38.34-0.5.1 spacewalk-backend-xml-export-libs-1.7.38.34-0.5.1 spacewalk-backend-xmlrpc-1.7.38.34-0.5.1 spacewalk-backend-xp-1.7.38.34-0.5.1 spacewalk-branding-1.7.1.13-0.5.1 susemanager-1.7.30-0.5.2 susemanager-tools-1.7.30-0.5.2 - SUSE Manager 1.7 for SLE 11 SP2 (noarch) [New Version: 1.7.21,1.7.54.34,1.7.56.24 and 1.7.9.12]: sm-ncc-sync-data-1.7.21-0.5.1 spacewalk-java-1.7.54.34-0.5.1 spacewalk-java-config-1.7.54.34-0.5.1 spacewalk-java-lib-1.7.54.34-0.5.1 spacewalk-java-oracle-1.7.54.34-0.5.1 spacewalk-java-postgresql-1.7.54.34-0.5.1 spacewalk-setup-1.7.9.12-0.5.1 spacewalk-taskomatic-1.7.54.34-0.5.1 susemanager-schema-1.7.56.24-0.7.1 References: https://www.suse.com/security/cve/CVE-2014-7811.html https://www.suse.com/security/cve/CVE-2014-7812.html https://www.suse.com/security/cve/CVE-2014-8162.html https://bugzilla.suse.com/799068 https://bugzilla.suse.com/809927 https://bugzilla.suse.com/814954 https://bugzilla.suse.com/864246 https://bugzilla.suse.com/870159 https://bugzilla.suse.com/879904 https://bugzilla.suse.com/881111 https://bugzilla.suse.com/896238 https://bugzilla.suse.com/896244 https://bugzilla.suse.com/898426 https://bugzilla.suse.com/900956 https://bugzilla.suse.com/901108 https://bugzilla.suse.com/902915 https://bugzilla.suse.com/903723 https://bugzilla.suse.com/906850 https://bugzilla.suse.com/912886 https://bugzilla.suse.com/922525 https://download.suse.com/patch/finder/?keywords=8028a25587947641ad45132e4992e11d From sle-updates at lists.suse.com Thu May 21 16:08:51 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 May 2015 00:08:51 +0200 (CEST) Subject: SUSE-SU-2015:0929-1: important: Security update for KVM Message-ID: <20150521220851.410B327FF2@maintenance.suse.de> SUSE Security Update: Security update for KVM ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0929-1 Rating: important References: #877642 #877645 #929339 Cross-References: CVE-2014-0222 CVE-2014-0223 CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: KVM was updated to fix the following security issues: * CVE-2015-3456: Buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. * CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c in QEMU allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. * CVE-2014-0223: Integer overflow in the qcow_open function in block/qcow.c in QEMU allowed local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. Security Issues: * CVE-2015-3456 * CVE-2014-0222 * CVE-2014-0223 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-kvm=10683 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64) [New Version: 0.12.5]: kvm-0.12.5-1.26.1 References: https://www.suse.com/security/cve/CVE-2014-0222.html https://www.suse.com/security/cve/CVE-2014-0223.html https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/877642 https://bugzilla.suse.com/877645 https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=a793805e5c8b31d54aefde03808c673c From sle-updates at lists.suse.com Mon May 25 11:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 May 2015 19:04:52 +0200 (CEST) Subject: SUSE-RU-2015:0938-1: Recommended update for nautilus, file-roller Message-ID: <20150525170452.BAA7532163@maintenance.suse.de> SUSE Recommended Update: Recommended update for nautilus, file-roller ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0938-1 Rating: low References: #896702 #923449 #923740 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for nautilus and file-roller fixes the following issues: - When attempting to move a ".desktop" file of type "link", Nautilus would move the linked content instead of the link itself. - File Roller incorrectly extracts sparse files. This update also adds nautilus-file-roller to SUSE Linux Enterprise. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-209=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-209=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-209=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-209=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libnautilus-extension1-32bit-3.10.1-9.5 libnautilus-extension1-debuginfo-32bit-3.10.1-9.5 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): nautilus-debuginfo-3.10.1-9.5 nautilus-debugsource-3.10.1-9.5 nautilus-devel-3.10.1-9.5 typelib-1_0-Nautilus-3_0-3.10.1-9.5 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): file-roller-3.10.2.1-5.1 file-roller-debuginfo-3.10.2.1-5.1 file-roller-debugsource-3.10.2.1-5.1 gnome-shell-search-provider-nautilus-3.10.1-9.5 libnautilus-extension1-3.10.1-9.5 libnautilus-extension1-debuginfo-3.10.1-9.5 nautilus-3.10.1-9.5 nautilus-debuginfo-3.10.1-9.5 nautilus-debugsource-3.10.1-9.5 nautilus-file-roller-3.10.2.1-5.1 nautilus-file-roller-debuginfo-3.10.2.1-5.1 - SUSE Linux Enterprise Server 12 (noarch): file-roller-lang-3.10.2.1-5.1 nautilus-lang-3.10.1-9.5 - SUSE Linux Enterprise Desktop 12 (x86_64): file-roller-3.10.2.1-5.1 file-roller-debuginfo-3.10.2.1-5.1 file-roller-debugsource-3.10.2.1-5.1 gnome-shell-search-provider-nautilus-3.10.1-9.5 libnautilus-extension1-3.10.1-9.5 libnautilus-extension1-32bit-3.10.1-9.5 libnautilus-extension1-debuginfo-3.10.1-9.5 libnautilus-extension1-debuginfo-32bit-3.10.1-9.5 nautilus-3.10.1-9.5 nautilus-debuginfo-3.10.1-9.5 nautilus-debugsource-3.10.1-9.5 nautilus-file-roller-3.10.2.1-5.1 nautilus-file-roller-debuginfo-3.10.2.1-5.1 - SUSE Linux Enterprise Desktop 12 (noarch): file-roller-lang-3.10.2.1-5.1 nautilus-lang-3.10.1-9.5 References: https://bugzilla.suse.com/896702 https://bugzilla.suse.com/923449 https://bugzilla.suse.com/923740 From sle-updates at lists.suse.com Tue May 26 03:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 11:04:56 +0200 (CEST) Subject: SUSE-SU-2015:0939-1: moderate: Security update for tigervnc, fltk Message-ID: <20150526090456.5E2B532163@maintenance.suse.de> SUSE Security Update: Security update for tigervnc, fltk ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0939-1 Rating: moderate References: #908738 #911577 #915782 #915810 #920969 Cross-References: CVE-2015-0255 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: tigervnc and fltk were updated to fix security issues and non-security bugs. This security issue was fixed: - CVE-2015-0255: Information leak in the XkbSetGeometry request of X servers (bnc#915810). These non-security issues were fixed: - vncviewer-tigervnc does not display mouse cursor shape changes (bnc#908738). - vnc module for Xorg fails to load on startup, module mismatch (bnc#911577). - An Xvnc session may become unusable when user logs out (bnc#920969) fltk was updated to fix one non-security issue: - vncviewer-tigervnc does not display mouse cursor shape changes (bnc#908738). Additionally tigervnc was updated to 1.4.1, the contained X server was updated to to 1.15.2. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-210=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-210=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-210=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): fltk-debugsource-1.3.2-10.2 fltk-devel-1.3.2-10.2 fltk-devel-debuginfo-1.3.2-10.2 fltk-devel-static-1.3.2-10.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): fltk-debugsource-1.3.2-10.2 libfltk1-1.3.2-10.2 libfltk1-debuginfo-1.3.2-10.2 tigervnc-1.4.1-32.1 tigervnc-debuginfo-1.4.1-32.1 tigervnc-debugsource-1.4.1-32.1 xorg-x11-Xvnc-1.4.1-32.1 xorg-x11-Xvnc-debuginfo-1.4.1-32.1 - SUSE Linux Enterprise Desktop 12 (x86_64): fltk-debugsource-1.3.2-10.2 libfltk1-1.3.2-10.2 libfltk1-debuginfo-1.3.2-10.2 tigervnc-1.4.1-32.1 tigervnc-debuginfo-1.4.1-32.1 tigervnc-debugsource-1.4.1-32.1 xorg-x11-Xvnc-1.4.1-32.1 xorg-x11-Xvnc-debuginfo-1.4.1-32.1 References: https://www.suse.com/security/cve/CVE-2015-0255.html https://bugzilla.suse.com/908738 https://bugzilla.suse.com/911577 https://bugzilla.suse.com/915782 https://bugzilla.suse.com/915810 https://bugzilla.suse.com/920969 From sle-updates at lists.suse.com Tue May 26 06:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:04:55 +0200 (CEST) Subject: SUSE-SU-2015:0940-1: important: Security update for Xen Message-ID: <20150526120455.D3A2527FF2@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0940-1 Rating: important References: #927967 #929339 Cross-References: CVE-2015-3340 CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 11 SP1 LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Xen was updated to fix two security issues: * CVE-2015-3456: A buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. * CVE-2015-3340: An information leak through XEN_DOMCTL_gettscinfo(). (XSA-132) Security Issues: * CVE-2015-3456 * CVE-2015-3340 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-xen=10684 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64): xen-4.0.3_21548_18-0.21.1 xen-doc-html-4.0.3_21548_18-0.21.1 xen-doc-pdf-4.0.3_21548_18-0.21.1 xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-libs-4.0.3_21548_18-0.21.1 xen-tools-4.0.3_21548_18-0.21.1 xen-tools-domU-4.0.3_21548_18-0.21.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586): xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1 References: https://www.suse.com/security/cve/CVE-2015-3340.html https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/927967 https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=aee7c643a4c4513e4350b80ada2e9e6f From sle-updates at lists.suse.com Tue May 26 06:05:37 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:05:37 +0200 (CEST) Subject: SUSE-RU-2015:0941-1: Recommended update for yast2-services-manager Message-ID: <20150526120537.B3DFF27FF2@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-services-manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0941-1 Rating: low References: #893622 #895023 #906730 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-services-manager provides the following fixes: - Fixed adjusting service state according to new settings. Previously, already loaded services were ignored. (bnc#906730) - Fixed installation to use the localized version of the default target name. (bnc#895023) - Added minimal commandline support: just 'help'. (bnc#893622) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-212=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-212=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-services-manager-3.1.34.1-6.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-services-manager-3.1.34.1-6.1 References: https://bugzilla.suse.com/893622 https://bugzilla.suse.com/895023 https://bugzilla.suse.com/906730 From sle-updates at lists.suse.com Tue May 26 06:06:30 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:06:30 +0200 (CEST) Subject: SUSE-SU-2015:0942-1: moderate: Security update for gstreamer-0_10-plugins-bad Message-ID: <20150526120630.1C77027FF2@maintenance.suse.de> SUSE Security Update: Security update for gstreamer-0_10-plugins-bad ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0942-1 Rating: moderate References: #927559 Cross-References: CVE-2015-0797 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-211=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-211=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-211=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): gstreamer-0_10-plugins-bad-0.10.23-17.1 gstreamer-0_10-plugins-bad-debuginfo-0.10.23-17.1 gstreamer-0_10-plugins-bad-debuginfo-32bit-0.10.23-17.1 gstreamer-0_10-plugins-bad-debugsource-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-debuginfo-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstbasevideo-0_10-23-0.10.23-17.1 libgstbasevideo-0_10-23-32bit-0.10.23-17.1 libgstbasevideo-0_10-23-debuginfo-0.10.23-17.1 libgstbasevideo-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstcodecparsers-0_10-23-0.10.23-17.1 libgstcodecparsers-0_10-23-debuginfo-0.10.23-17.1 libgstphotography-0_10-23-0.10.23-17.1 libgstphotography-0_10-23-32bit-0.10.23-17.1 libgstphotography-0_10-23-debuginfo-0.10.23-17.1 libgstphotography-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstsignalprocessor-0_10-23-0.10.23-17.1 libgstsignalprocessor-0_10-23-32bit-0.10.23-17.1 libgstsignalprocessor-0_10-23-debuginfo-0.10.23-17.1 libgstsignalprocessor-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstvdp-0_10-23-0.10.23-17.1 libgstvdp-0_10-23-32bit-0.10.23-17.1 libgstvdp-0_10-23-debuginfo-0.10.23-17.1 libgstvdp-0_10-23-debuginfo-32bit-0.10.23-17.1 - SUSE Linux Enterprise Workstation Extension 12 (noarch): gstreamer-0_10-plugins-bad-lang-0.10.23-17.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gstreamer-0_10-plugins-bad-debuginfo-0.10.23-17.1 gstreamer-0_10-plugins-bad-debugsource-0.10.23-17.1 gstreamer-0_10-plugins-bad-devel-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-debuginfo-0.10.23-17.1 libgstbasevideo-0_10-23-0.10.23-17.1 libgstbasevideo-0_10-23-debuginfo-0.10.23-17.1 libgstcodecparsers-0_10-23-0.10.23-17.1 libgstcodecparsers-0_10-23-debuginfo-0.10.23-17.1 libgstphotography-0_10-23-0.10.23-17.1 libgstphotography-0_10-23-debuginfo-0.10.23-17.1 libgstsignalprocessor-0_10-23-0.10.23-17.1 libgstsignalprocessor-0_10-23-debuginfo-0.10.23-17.1 libgstvdp-0_10-23-0.10.23-17.1 libgstvdp-0_10-23-debuginfo-0.10.23-17.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gstreamer-0_10-plugins-bad-0.10.23-17.1 gstreamer-0_10-plugins-bad-debuginfo-0.10.23-17.1 gstreamer-0_10-plugins-bad-debuginfo-32bit-0.10.23-17.1 gstreamer-0_10-plugins-bad-debugsource-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-debuginfo-0.10.23-17.1 libgstbasecamerabinsrc-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstbasevideo-0_10-23-0.10.23-17.1 libgstbasevideo-0_10-23-32bit-0.10.23-17.1 libgstbasevideo-0_10-23-debuginfo-0.10.23-17.1 libgstbasevideo-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstcodecparsers-0_10-23-0.10.23-17.1 libgstcodecparsers-0_10-23-debuginfo-0.10.23-17.1 libgstphotography-0_10-23-0.10.23-17.1 libgstphotography-0_10-23-32bit-0.10.23-17.1 libgstphotography-0_10-23-debuginfo-0.10.23-17.1 libgstphotography-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstsignalprocessor-0_10-23-0.10.23-17.1 libgstsignalprocessor-0_10-23-32bit-0.10.23-17.1 libgstsignalprocessor-0_10-23-debuginfo-0.10.23-17.1 libgstsignalprocessor-0_10-23-debuginfo-32bit-0.10.23-17.1 libgstvdp-0_10-23-0.10.23-17.1 libgstvdp-0_10-23-32bit-0.10.23-17.1 libgstvdp-0_10-23-debuginfo-0.10.23-17.1 libgstvdp-0_10-23-debuginfo-32bit-0.10.23-17.1 - SUSE Linux Enterprise Desktop 12 (noarch): gstreamer-0_10-plugins-bad-lang-0.10.23-17.1 References: https://www.suse.com/security/cve/CVE-2015-0797.html https://bugzilla.suse.com/927559 From sle-updates at lists.suse.com Tue May 26 06:06:50 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:06:50 +0200 (CEST) Subject: SUSE-SU-2015:0889-2: important: Security update for Xen Message-ID: <20150526120650.B9C0227FF2@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0889-2 Rating: important References: #929339 Cross-References: CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Xen was updated to fix a buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. (CVE-2015-3456) Security Issues: * CVE-2015-3456 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64): xen-3.2.3_17040_46-0.15.1 xen-devel-3.2.3_17040_46-0.15.1 xen-doc-html-3.2.3_17040_46-0.15.1 xen-doc-pdf-3.2.3_17040_46-0.15.1 xen-doc-ps-3.2.3_17040_46-0.15.1 xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-libs-3.2.3_17040_46-0.15.1 xen-tools-3.2.3_17040_46-0.15.1 xen-tools-domU-3.2.3_17040_46-0.15.1 xen-tools-ioemu-3.2.3_17040_46-0.15.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64): xen-libs-32bit-3.2.3_17040_46-0.15.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586): xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 References: https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=114b7cce479b39879add5cf1937e0e2d From sle-updates at lists.suse.com Tue May 26 06:07:12 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:07:12 +0200 (CEST) Subject: SUSE-SU-2015:0943-1: important: Security update for KVM Message-ID: <20150526120712.695DA27FF2@maintenance.suse.de> SUSE Security Update: Security update for KVM ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0943-1 Rating: important References: #834196 #929339 Cross-References: CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: KVM was updated to fix the following issues: * CVE-2015-3456: A buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. * Validate VMDK4 version field so we don't process versions we know nothing about. (bsc#834196) Security Issues: * CVE-2015-3456 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-kvm=10682 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64): kvm-0.15.1-0.29.1 References: https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/834196 https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=8fa4cd2e0df2fbbbef8a56f2725a253f From sle-updates at lists.suse.com Tue May 26 06:07:44 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:07:44 +0200 (CEST) Subject: SUSE-SU-2015:0944-1: important: Security update for Xen Message-ID: <20150526120744.0D31E27FF2@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0944-1 Rating: important References: #910441 #927967 #929339 Cross-References: CVE-2015-3340 CVE-2015-3456 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: Xen was updated to fix two security issues and a bug: * CVE-2015-3456: A buffer overflow in the floppy drive emulation, which could be used to carry out denial of service attacks or potential code execution against the host. This vulnerability is also known as VENOM. * CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. * An exception in setCPUAffinity when restoring guests. (bsc#910441) Security Issues: * CVE-2015-3456 * CVE-2015-3340 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-xen=10685 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64): xen-devel-4.1.6_08-0.11.1 xen-kmp-default-4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-trace-4.1.6_08_3.0.101_0.7.29-0.11.1 xen-libs-4.1.6_08-0.11.1 xen-tools-domU-4.1.6_08-0.11.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (x86_64): xen-4.1.6_08-0.11.1 xen-doc-html-4.1.6_08-0.11.1 xen-doc-pdf-4.1.6_08-0.11.1 xen-libs-32bit-4.1.6_08-0.11.1 xen-tools-4.1.6_08-0.11.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (i586): xen-kmp-pae-4.1.6_08_3.0.101_0.7.29-0.11.1 References: https://www.suse.com/security/cve/CVE-2015-3340.html https://www.suse.com/security/cve/CVE-2015-3456.html https://bugzilla.suse.com/910441 https://bugzilla.suse.com/927967 https://bugzilla.suse.com/929339 https://download.suse.com/patch/finder/?keywords=8be2bb05e7093a3facd3bc07a934547b From sle-updates at lists.suse.com Tue May 26 06:08:38 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 14:08:38 +0200 (CEST) Subject: SUSE-SU-2015:0945-1: moderate: Security update for spacewalk-java, spacewalk-setup Message-ID: <20150526120838.E97A227FF2@maintenance.suse.de> SUSE Security Update: Security update for spacewalk-java, spacewalk-setup ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0945-1 Rating: moderate References: #922525 Cross-References: CVE-2014-8162 Affected Products: SUSE Manager Server ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes two new package versions. Description: The spacewalk-java and spacewalk-setup packages were updated to fix one security issue: * CVE-2014-8162: RPC API XML External Entities file disclosure. (bsc#922525) Security Issues: * CVE-2014-8162 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-suse-manager-21-201505=10670 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (noarch) [New Version: 2.1.14.11 and 2.1.165.16.1]: spacewalk-java-2.1.165.16.1-0.8.1 spacewalk-java-config-2.1.165.16.1-0.8.1 spacewalk-java-lib-2.1.165.16.1-0.8.1 spacewalk-java-oracle-2.1.165.16.1-0.8.1 spacewalk-java-postgresql-2.1.165.16.1-0.8.1 spacewalk-setup-2.1.14.11-0.9.1 spacewalk-taskomatic-2.1.165.16.1-0.8.1 References: https://www.suse.com/security/cve/CVE-2014-8162.html https://bugzilla.suse.com/922525 https://download.suse.com/patch/finder/?keywords=6dcea76dbded139373ed78a4502ca5bc From sle-updates at lists.suse.com Tue May 26 07:04:52 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 15:04:52 +0200 (CEST) Subject: SUSE-SU-2015:0946-1: important: Security update for MySQL Message-ID: <20150526130452.E143A27FF2@maintenance.suse.de> SUSE Security Update: Security update for MySQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0946-1 Rating: important References: #922043 #927623 Cross-References: CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0405 CVE-2015-0423 CVE-2015-0433 CVE-2015-0438 CVE-2015-0439 CVE-2015-0441 CVE-2015-0498 CVE-2015-0499 CVE-2015-0500 CVE-2015-0501 CVE-2015-0503 CVE-2015-0505 CVE-2015-0506 CVE-2015-0507 CVE-2015-0508 CVE-2015-0511 CVE-2015-2305 CVE-2015-2566 CVE-2015-2567 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-2576 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 31 vulnerabilities is now available. It includes one version update. Description: MySQL was updated to version 5.5.43 to fix several security and non security issues: * CVEs fixed: CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0405, CVE-2015-0423, CVE-2015-0433, CVE-2015-0438, CVE-2015-0439, CVE-2015-0441, CVE-2015-0498, CVE-2015-0499, CVE-2015-0500, CVE-2015-0501, CVE-2015-0503, CVE-2015-0505, CVE-2015-0506, CVE-2015-0507, CVE-2015-0508, CVE-2015-0511, CVE-2015-2566, CVE-2015-2567, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573, CVE-2015-2576. * Fix integer overflow in regcomp (Henry Spencer's regex library) for excessively long pattern strings. (bnc#922043, CVE-2015-2305) For a comprehensive list of changes, refer to http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-43.html . Security Issues: * CVE-2014-3569 * CVE-2014-3570 * CVE-2014-3571 * CVE-2014-3572 * CVE-2014-8275 * CVE-2015-0204 * CVE-2015-0205 * CVE-2015-0206 * CVE-2015-0405 * CVE-2015-0423 * CVE-2015-0433 * CVE-2015-0438 * CVE-2015-0439 * CVE-2015-0441 * CVE-2015-0498 * CVE-2015-0499 * CVE-2015-0500 * CVE-2015-0501 * CVE-2015-0503 * CVE-2015-0505 * CVE-2015-0506 * CVE-2015-0507 * CVE-2015-0508 * CVE-2015-0511 * CVE-2015-2566 * CVE-2015-2567 * CVE-2015-2568 * CVE-2015-2571 * CVE-2015-2573 * CVE-2015-2576 * CVE-2015-2305 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libmysql55client18=10661 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libmysql55client18=10661 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libmysql55client18=10661 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libmysql55client18=10661 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libmysql55client_r18-32bit-5.5.43-0.7.3 libmysqlclient_r15-32bit-5.0.96-0.6.20 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libmysql55client_r18-x86-5.5.43-0.7.3 libmysqlclient_r15-x86-5.0.96-0.6.20 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 5.5.43]: libmysql55client18-5.5.43-0.7.3 libmysql55client_r18-5.5.43-0.7.3 libmysqlclient15-5.0.96-0.6.20 libmysqlclient_r15-5.0.96-0.6.20 mysql-5.5.43-0.7.3 mysql-client-5.5.43-0.7.3 mysql-tools-5.5.43-0.7.3 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 5.5.43]: libmysql55client18-32bit-5.5.43-0.7.3 libmysqlclient15-32bit-5.0.96-0.6.20 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.5.43]: libmysql55client18-5.5.43-0.7.3 libmysql55client_r18-5.5.43-0.7.3 libmysqlclient15-5.0.96-0.6.20 libmysqlclient_r15-5.0.96-0.6.20 mysql-5.5.43-0.7.3 mysql-client-5.5.43-0.7.3 mysql-tools-5.5.43-0.7.3 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64) [New Version: 5.5.43]: libmysql55client18-32bit-5.5.43-0.7.3 libmysqlclient15-32bit-5.0.96-0.6.20 - SUSE Linux Enterprise Server 11 SP3 (ia64) [New Version: 5.5.43]: libmysql55client18-x86-5.5.43-0.7.3 libmysqlclient15-x86-5.0.96-0.6.20 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 5.5.43]: libmysql55client18-5.5.43-0.7.3 libmysql55client_r18-5.5.43-0.7.3 libmysqlclient15-5.0.96-0.6.20 libmysqlclient_r15-5.0.96-0.6.20 mysql-5.5.43-0.7.3 mysql-client-5.5.43-0.7.3 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 5.5.43]: libmysql55client18-32bit-5.5.43-0.7.3 libmysql55client_r18-32bit-5.5.43-0.7.3 libmysqlclient15-32bit-5.0.96-0.6.20 libmysqlclient_r15-32bit-5.0.96-0.6.20 References: https://www.suse.com/security/cve/CVE-2014-3569.html https://www.suse.com/security/cve/CVE-2014-3570.html https://www.suse.com/security/cve/CVE-2014-3571.html https://www.suse.com/security/cve/CVE-2014-3572.html https://www.suse.com/security/cve/CVE-2014-8275.html https://www.suse.com/security/cve/CVE-2015-0204.html https://www.suse.com/security/cve/CVE-2015-0205.html https://www.suse.com/security/cve/CVE-2015-0206.html https://www.suse.com/security/cve/CVE-2015-0405.html https://www.suse.com/security/cve/CVE-2015-0423.html https://www.suse.com/security/cve/CVE-2015-0433.html https://www.suse.com/security/cve/CVE-2015-0438.html https://www.suse.com/security/cve/CVE-2015-0439.html https://www.suse.com/security/cve/CVE-2015-0441.html https://www.suse.com/security/cve/CVE-2015-0498.html https://www.suse.com/security/cve/CVE-2015-0499.html https://www.suse.com/security/cve/CVE-2015-0500.html https://www.suse.com/security/cve/CVE-2015-0501.html https://www.suse.com/security/cve/CVE-2015-0503.html https://www.suse.com/security/cve/CVE-2015-0505.html https://www.suse.com/security/cve/CVE-2015-0506.html https://www.suse.com/security/cve/CVE-2015-0507.html https://www.suse.com/security/cve/CVE-2015-0508.html https://www.suse.com/security/cve/CVE-2015-0511.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2566.html https://www.suse.com/security/cve/CVE-2015-2567.html https://www.suse.com/security/cve/CVE-2015-2568.html https://www.suse.com/security/cve/CVE-2015-2571.html https://www.suse.com/security/cve/CVE-2015-2573.html https://www.suse.com/security/cve/CVE-2015-2576.html https://bugzilla.suse.com/922043 https://bugzilla.suse.com/927623 https://download.suse.com/patch/finder/?keywords=bf7ed7fc98aa76bac61b9bec767d2098 From sle-updates at lists.suse.com Tue May 26 10:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 May 2015 18:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0947-1: Recommended update for yast2-packager Message-ID: <20150526160453.C037032164@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-packager ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0947-1 Rating: low References: #922232 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update makes yast2-packager skip EULAs also when running in "auto-upgrade mode". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-yast2-packager=10460 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-yast2-packager=10460 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-yast2-packager=10460 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 2.17.107.1]: yast2-packager-2.17.107.1-0.7.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.107.1]: yast2-packager-2.17.107.1-0.7.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 2.17.107.1]: yast2-packager-2.17.107.1-0.7.1 References: https://bugzilla.suse.com/922232 https://download.suse.com/patch/finder/?keywords=1fec4f3ac0b0f77250e4d840a403af08 From sle-updates at lists.suse.com Wed May 27 06:05:08 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 14:05:08 +0200 (CEST) Subject: SUSE-RU-2015:0950-1: moderate: Recommended update for util-linux Message-ID: <20150527120508.A72AC31FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for util-linux ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0950-1 Rating: moderate References: #888678 #900935 #926945 #930236 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for util-linux provides the following enhancements: - Recognize Unisys s-Par as hypervisor. (FATE#318231) - Backport new script(1) implementation to fix all known hangs. (bsc#888678, bsc#930236) Additionally, various bugs were fixed: - flock: Handle zero timeout as valid. (bsc#926945) - Fix lack of I18N support in util-linux-systemd (mis-compilation). (bsc#900935) - Fix uuidd socket activation. (bnc#900935) - Remove obsolete sysvinit script for uuidd. - Remove no more needed uuidd permissions stuff. - Replace PreReq for obsolete pwdutils by names of binaries. - Add fstrim service scripts and rcfstrim helper. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-213=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-213=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-213=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-213=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libuuid-devel-2.25-22.1 util-linux-debuginfo-2.25-22.1 util-linux-debugsource-2.25-22.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libblkid-devel-2.25-22.1 libmount-devel-2.25-22.1 libsmartcols-devel-2.25-22.1 libuuid-devel-2.25-22.1 util-linux-debuginfo-2.25-22.1 util-linux-debugsource-2.25-22.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libblkid1-2.25-22.1 libblkid1-debuginfo-2.25-22.1 libmount1-2.25-22.1 libmount1-debuginfo-2.25-22.1 libsmartcols1-2.25-22.1 libsmartcols1-debuginfo-2.25-22.1 libuuid1-2.25-22.1 libuuid1-debuginfo-2.25-22.1 python-libmount-2.25-22.1 python-libmount-debuginfo-2.25-22.1 python-libmount-debugsource-2.25-22.1 util-linux-2.25-22.1 util-linux-debuginfo-2.25-22.1 util-linux-debugsource-2.25-22.1 util-linux-systemd-2.25-22.1 util-linux-systemd-debuginfo-2.25-22.1 util-linux-systemd-debugsource-2.25-22.1 uuidd-2.25-22.1 uuidd-debuginfo-2.25-22.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libblkid1-32bit-2.25-22.1 libblkid1-debuginfo-32bit-2.25-22.1 libmount1-32bit-2.25-22.1 libmount1-debuginfo-32bit-2.25-22.1 libuuid1-32bit-2.25-22.1 libuuid1-debuginfo-32bit-2.25-22.1 - SUSE Linux Enterprise Server 12 (noarch): util-linux-lang-2.25-22.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libblkid1-2.25-22.1 libblkid1-32bit-2.25-22.1 libblkid1-debuginfo-2.25-22.1 libblkid1-debuginfo-32bit-2.25-22.1 libmount1-2.25-22.1 libmount1-32bit-2.25-22.1 libmount1-debuginfo-2.25-22.1 libmount1-debuginfo-32bit-2.25-22.1 libsmartcols1-2.25-22.1 libsmartcols1-debuginfo-2.25-22.1 libuuid-devel-2.25-22.1 libuuid1-2.25-22.1 libuuid1-32bit-2.25-22.1 libuuid1-debuginfo-2.25-22.1 libuuid1-debuginfo-32bit-2.25-22.1 python-libmount-2.25-22.1 python-libmount-debuginfo-2.25-22.1 python-libmount-debugsource-2.25-22.1 util-linux-2.25-22.1 util-linux-debuginfo-2.25-22.1 util-linux-debugsource-2.25-22.1 util-linux-systemd-2.25-22.1 util-linux-systemd-debuginfo-2.25-22.1 util-linux-systemd-debugsource-2.25-22.1 uuidd-2.25-22.1 uuidd-debuginfo-2.25-22.1 - SUSE Linux Enterprise Desktop 12 (noarch): util-linux-lang-2.25-22.1 References: https://bugzilla.suse.com/888678 https://bugzilla.suse.com/900935 https://bugzilla.suse.com/926945 https://bugzilla.suse.com/930236 From sle-updates at lists.suse.com Wed May 27 06:06:19 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 14:06:19 +0200 (CEST) Subject: SUSE-RU-2015:0951-1: moderate: Recommended update for duperemove Message-ID: <20150527120619.D575732000@maintenance.suse.de> SUSE Recommended Update: Recommended update for duperemove ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0951-1 Rating: moderate References: #923277 #924577 #926098 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for duperemove provides the following fixes: - Fix hang during file scan phase. - Fallback to stat on filesystems that don't report file type from readdir. - Don't assert on failed open during dedupe. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-214=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-214=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): duperemove-0.09.3-9.1 duperemove-debuginfo-0.09.3-9.1 duperemove-debugsource-0.09.3-9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): duperemove-0.09.3-9.1 duperemove-debuginfo-0.09.3-9.1 duperemove-debugsource-0.09.3-9.1 References: https://bugzilla.suse.com/923277 https://bugzilla.suse.com/924577 https://bugzilla.suse.com/926098 From sle-updates at lists.suse.com Wed May 27 09:04:54 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 17:04:54 +0200 (CEST) Subject: SUSE-RU-2015:0952-1: moderate: Recommended update for vsftpd Message-ID: <20150527150454.3B0A032000@maintenance.suse.de> SUSE Recommended Update: Recommended update for vsftpd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0952-1 Rating: moderate References: #922538 #925963 #927612 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update fixes regressions with using wildcards that had been introduced by the previous update (bnc#922538, bnc#927612). Additionally, stat(2) could be sometimes called on the wrong path, resulting incorrectly in ENOENT (bnc#925963). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-vsftpd=10623 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-vsftpd=10623 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): vsftpd-2.0.7-4.35.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): vsftpd-2.0.7-4.35.1 References: https://bugzilla.suse.com/922538 https://bugzilla.suse.com/925963 https://bugzilla.suse.com/927612 https://download.suse.com/patch/finder/?keywords=a68443d1d94f820c11071ada0fe5024f From sle-updates at lists.suse.com Wed May 27 09:05:36 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 17:05:36 +0200 (CEST) Subject: SUSE-SU-2015:0953-1: moderate: Security update for perl-YAML-LibYAML Message-ID: <20150527150536.98D2432000@maintenance.suse.de> SUSE Security Update: Security update for perl-YAML-LibYAML ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0953-1 Rating: moderate References: #860617 #868944 #907809 #911782 Cross-References: CVE-2013-6393 CVE-2014-2525 CVE-2014-9130 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: perl-YAML-LibYAML was updated to fix three security issues. These security issues were fixed: - CVE-2013-6393: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performed an incorrect cast, which allowed remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggered a heap-based buffer overflow (bnc#860617, bnc#911782). - CVE-2014-9130: scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allowed context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping (bnc#907809, bnc#911782). - CVE-2014-2525: Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allowed context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file (bnc#868944, bnc#911782). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-215=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x): perl-YAML-LibYAML-0.38-10.1 perl-YAML-LibYAML-debuginfo-0.38-10.1 perl-YAML-LibYAML-debugsource-0.38-10.1 References: https://www.suse.com/security/cve/CVE-2013-6393.html https://www.suse.com/security/cve/CVE-2014-2525.html https://www.suse.com/security/cve/CVE-2014-9130.html https://bugzilla.suse.com/860617 https://bugzilla.suse.com/868944 https://bugzilla.suse.com/907809 https://bugzilla.suse.com/911782 From sle-updates at lists.suse.com Wed May 27 10:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 18:04:56 +0200 (CEST) Subject: SUSE-RU-2015:0954-1: moderate: Recommended update for SMT Message-ID: <20150527160456.E592131FFD@maintenance.suse.de> SUSE Recommended Update: Recommended update for SMT ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0954-1 Rating: moderate References: #927554 Affected Products: Subscription Management Tool for SUSE Linux Enterprise 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update for SMT fixes errors about duplicated entries in the database when migrating from NCC to SCC. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - Subscription Management Tool for SUSE Linux Enterprise 11 SP3: zypper in -t patch slesmtsp3-res-signingkeys=10695 To bring your system up-to-date, use "zypper patch". Package List: - Subscription Management Tool for SUSE Linux Enterprise 11 SP3 (i586 s390x x86_64) [New Version: 2.0.12]: res-signingkeys-2.0.12-0.7.1 smt-2.0.12-0.7.1 smt-support-2.0.12-0.7.1 References: https://bugzilla.suse.com/927554 https://download.suse.com/patch/finder/?keywords=0d2fe660a05469d69714ff8b7285f7aa From sle-updates at lists.suse.com Wed May 27 10:05:15 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 May 2015 18:05:15 +0200 (CEST) Subject: SUSE-SU-2015:0953-2: moderate: Security update for perl-YAML-LibYAML Message-ID: <20150527160515.CF10032000@maintenance.suse.de> SUSE Security Update: Security update for perl-YAML-LibYAML ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0953-2 Rating: moderate References: #860617 #868944 #907809 #911782 Cross-References: CVE-2013-6393 CVE-2014-2525 CVE-2014-9130 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: perl-YAML-LibYAML was updated to fix three security issues. These security issues were fixed: - CVE-2013-6393: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performed an incorrect cast, which allowed remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggered a heap-based buffer overflow (bnc#860617, bnc#911782). - CVE-2014-9130: scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allowed context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping (bnc#907809, bnc#911782). - CVE-2014-2525: Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allowed context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file (bnc#868944, bnc#911782). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-215=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-215=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): perl-YAML-LibYAML-0.38-10.1 perl-YAML-LibYAML-debuginfo-0.38-10.1 perl-YAML-LibYAML-debugsource-0.38-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): perl-YAML-LibYAML-0.38-10.1 perl-YAML-LibYAML-debuginfo-0.38-10.1 perl-YAML-LibYAML-debugsource-0.38-10.1 References: https://www.suse.com/security/cve/CVE-2013-6393.html https://www.suse.com/security/cve/CVE-2014-2525.html https://www.suse.com/security/cve/CVE-2014-9130.html https://bugzilla.suse.com/860617 https://bugzilla.suse.com/868944 https://bugzilla.suse.com/907809 https://bugzilla.suse.com/911782 From sle-updates at lists.suse.com Thu May 28 04:05:01 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 12:05:01 +0200 (CEST) Subject: SUSE-SU-2015:0960-1: important: Security update for MozillaFirefox Message-ID: <20150528100501.20F0E32007@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0960-1 Rating: important References: #930622 Cross-References: CVE-2015-0797 CVE-2015-2708 CVE-2015-2709 CVE-2015-2710 CVE-2015-2713 CVE-2015-2716 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update to Firefox 31.7.0 ESR (bsc#930622) fixes the following issues: * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 (bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474) Miscellaneous memory safety hazards (rv:38.0 / rv:31.7) * MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-217=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-217=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-217=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-31.7.0esr-34.1 MozillaFirefox-debugsource-31.7.0esr-34.1 MozillaFirefox-devel-31.7.0esr-34.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): MozillaFirefox-31.7.0esr-34.1 MozillaFirefox-debuginfo-31.7.0esr-34.1 MozillaFirefox-debugsource-31.7.0esr-34.1 MozillaFirefox-translations-31.7.0esr-34.1 - SUSE Linux Enterprise Desktop 12 (x86_64): MozillaFirefox-31.7.0esr-34.1 MozillaFirefox-debuginfo-31.7.0esr-34.1 MozillaFirefox-debugsource-31.7.0esr-34.1 MozillaFirefox-translations-31.7.0esr-34.1 References: https://www.suse.com/security/cve/CVE-2015-0797.html https://www.suse.com/security/cve/CVE-2015-2708.html https://www.suse.com/security/cve/CVE-2015-2709.html https://www.suse.com/security/cve/CVE-2015-2710.html https://www.suse.com/security/cve/CVE-2015-2713.html https://www.suse.com/security/cve/CVE-2015-2716.html https://bugzilla.suse.com/930622 From sle-updates at lists.suse.com Thu May 28 06:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 14:04:56 +0200 (CEST) Subject: SUSE-RU-2015:0961-1: important: Recommended update for kiwi Message-ID: <20150528120456.54F4532007@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0961-1 Rating: important References: #908011 #921013 #921017 #921062 #921970 #928090 #928550 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: Kiwi was updated to version 5.06.182, which brings several fixes and enhancements: - Implement support for creating Google Compute Engine ready images to be uploaded into a bucket in the Google Cloud Storage. - Implement support for importing Google Compute Engine license. - Add restore of btrfs subvolumes in restore mode. (bsc#908011) - Increase the EFI/vboot fat partition from 32 to 200MB. (bsc#921017) - Pick the right grub2 package (grub2-x86_64-efi on SLE11). (bsc#921013) - Move boot loader install tool check to the right place. (bsc#921062) - Mount EFI partition only if not already mounted. (bsc#921970) - Fixed use of fdasd on SLE12. (bsc#928550) - Fixed console initialization on exception. (bsc#928090) - Fix handling of source rpms. - Add support for custom qemu-img format options. - Add support for s390 emulated DASD devices - Fix recovery of EFI bootdata. For a comprehensive list of changes refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-220=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x): kiwi-5.06.182-15.1 kiwi-debugsource-5.06.182-15.1 kiwi-desc-netboot-5.06.182-15.1 kiwi-desc-oemboot-5.06.182-15.1 kiwi-desc-vmxboot-5.06.182-15.1 kiwi-templates-5.06.182-15.1 kiwi-tools-5.06.182-15.1 kiwi-tools-debuginfo-5.06.182-15.1 - SUSE Linux Enterprise Server 12 (noarch): kiwi-doc-5.06.182-15.1 References: https://bugzilla.suse.com/908011 https://bugzilla.suse.com/921013 https://bugzilla.suse.com/921017 https://bugzilla.suse.com/921062 https://bugzilla.suse.com/921970 https://bugzilla.suse.com/928090 https://bugzilla.suse.com/928550 From sle-updates at lists.suse.com Thu May 28 07:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 15:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0961-2: important: Recommended update for kiwi Message-ID: <20150528130453.9B56C3204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0961-2 Rating: important References: #908011 #921013 #921017 #921062 #921970 #928090 #928550 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: Kiwi was updated to version 5.06.182, which brings several fixes and enhancements: - Implement support for creating Google Compute Engine ready images to be uploaded into a bucket in the Google Cloud Storage. - Implement support for importing Google Compute Engine license. - Add restore of btrfs subvolumes in restore mode. (bsc#908011) - Increase the EFI/vboot fat partition from 32 to 200MB. (bsc#921017) - Pick the right grub2 package (grub2-x86_64-efi on SLE11). (bsc#921013) - Move boot loader install tool check to the right place. (bsc#921062) - Mount EFI partition only if not already mounted. (bsc#921970) - Fixed use of fdasd on SLE12. (bsc#928550) - Fixed console initialization on exception. (bsc#928090) - Fix handling of source rpms. - Add support for custom qemu-img format options. - Add support for s390 emulated DASD devices - Fix recovery of EFI bootdata. For a comprehensive list of changes refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-220=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-220=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): kiwi-5.06.182-15.1 kiwi-debugsource-5.06.182-15.1 kiwi-desc-isoboot-5.06.182-15.1 kiwi-desc-netboot-5.06.182-15.1 kiwi-desc-oemboot-5.06.182-15.1 kiwi-desc-vmxboot-5.06.182-15.1 kiwi-templates-5.06.182-15.1 kiwi-tools-5.06.182-15.1 kiwi-tools-debuginfo-5.06.182-15.1 - SUSE Linux Enterprise Server 12 (noarch): kiwi-doc-5.06.182-15.1 - SUSE Linux Enterprise Desktop 12 (x86_64): kiwi-debugsource-5.06.182-15.1 kiwi-tools-5.06.182-15.1 kiwi-tools-debuginfo-5.06.182-15.1 References: https://bugzilla.suse.com/908011 https://bugzilla.suse.com/921013 https://bugzilla.suse.com/921017 https://bugzilla.suse.com/921062 https://bugzilla.suse.com/921970 https://bugzilla.suse.com/928090 https://bugzilla.suse.com/928550 From sle-updates at lists.suse.com Thu May 28 08:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 16:04:57 +0200 (CEST) Subject: SUSE-SU-2015:0962-1: moderate: Security update for curl Message-ID: <20150528140457.29C923204C@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:0962-1 Rating: moderate References: #927174 #927556 #927746 #928533 Cross-References: CVE-2015-3143 CVE-2015-3148 CVE-2015-3153 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: The curl tool and libcurl4 library have been updated to fix several security and non-security issues. The following vulnerabilities have been fixed: * CVE-2015-3143: Re-using authenticated connection when unauthenticated. (bsc#927556) * CVE-2015-3148: Negotiate not treated as connection-oriented. (bsc#927746) * CVE-2015-3153: Sensitive HTTP server headers also sent to proxies. (bsc#928533) The following non-security issue has been fixed: * git fails to clone from https repository. (bsc#927174) Security Issues: * CVE-2015-3143 * CVE-2015-3148 * CVE-2015-3153 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-curl=10660 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-curl=10660 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-curl=10660 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-curl=10660 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libcurl-devel-7.19.7-1.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): curl-7.19.7-1.42.1 libcurl4-7.19.7-1.42.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): libcurl4-32bit-7.19.7-1.42.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): curl-7.19.7-1.42.1 libcurl4-7.19.7-1.42.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): libcurl4-32bit-7.19.7-1.42.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): libcurl4-x86-7.19.7-1.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): curl-7.19.7-1.42.1 libcurl4-7.19.7-1.42.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): libcurl4-32bit-7.19.7-1.42.1 References: https://www.suse.com/security/cve/CVE-2015-3143.html https://www.suse.com/security/cve/CVE-2015-3148.html https://www.suse.com/security/cve/CVE-2015-3153.html https://bugzilla.suse.com/927174 https://bugzilla.suse.com/927556 https://bugzilla.suse.com/927746 https://bugzilla.suse.com/928533 https://download.suse.com/patch/finder/?keywords=15283cac05d947363283c7ddcb466af0 From sle-updates at lists.suse.com Thu May 28 10:04:53 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 18:04:53 +0200 (CEST) Subject: SUSE-RU-2015:0963-1: Recommended update for gvfs Message-ID: <20150528160453.AD88732007@maintenance.suse.de> SUSE Recommended Update: Recommended update for gvfs ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0963-1 Rating: low References: #924621 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for gvfs fixes a memory leak in gvfs-hal-volume-monitor. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-gvfs=10613 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-gvfs=10613 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-gvfs=10613 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-gvfs=10613 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): gvfs-devel-1.4.3-0.17.21.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): gvfs-1.4.3-0.17.21.1 gvfs-backends-1.4.3-0.17.21.1 gvfs-fuse-1.4.3-0.17.21.1 gvfs-lang-1.4.3-0.17.21.1 libgvfscommon0-1.4.3-0.17.21.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): gvfs-1.4.3-0.17.21.1 gvfs-backends-1.4.3-0.17.21.1 gvfs-fuse-1.4.3-0.17.21.1 gvfs-lang-1.4.3-0.17.21.1 libgvfscommon0-1.4.3-0.17.21.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): gvfs-1.4.3-0.17.21.1 gvfs-backends-1.4.3-0.17.21.1 gvfs-fuse-1.4.3-0.17.21.1 gvfs-lang-1.4.3-0.17.21.1 libgvfscommon0-1.4.3-0.17.21.1 References: https://bugzilla.suse.com/924621 https://download.suse.com/patch/finder/?keywords=3ebf235526d09d0bba698e1adb1ea7bb From sle-updates at lists.suse.com Thu May 28 10:05:12 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 May 2015 18:05:12 +0200 (CEST) Subject: SUSE-RU-2015:0964-1: Recommended update for SLES 12 Manuals Message-ID: <20150528160512.9A73C3204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLES 12 Manuals ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0964-1 Rating: low References: #743874 #857639 #883393 #889317 #902463 #904182 #904186 #904188 #905330 #906362 #907504 #907506 #907648 #907754 #909494 #910121 #910132 #910133 #910137 #910142 #910148 #911390 #911409 #912700 #912882 #913640 #914727 #918598 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 28 recommended fixes can now be installed. Description: This update for SUSE Linux Enterprise Server 12 Manuals brings several enhancements and fixes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-221=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-221=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): sles-admin_en-pdf-12-29.2 sles-autoyast_en-pdf-12-29.2 sles-deployment_en-pdf-12-29.2 sles-gnomeuser_en-pdf-12-29.2 sles-hardening_en-pdf-12-29.2 sles-installquick_en-pdf-12-29.2 sles-manuals_en-12-29.2 sles-security_en-pdf-12-29.2 sles-storage_en-pdf-12-29.2 sles-tuning_en-pdf-12-29.2 sles-virtualization_en-pdf-12-29.2 - SUSE Linux Enterprise Desktop 12 (noarch): sles-virtualization_en-pdf-12-29.2 References: https://bugzilla.suse.com/743874 https://bugzilla.suse.com/857639 https://bugzilla.suse.com/883393 https://bugzilla.suse.com/889317 https://bugzilla.suse.com/902463 https://bugzilla.suse.com/904182 https://bugzilla.suse.com/904186 https://bugzilla.suse.com/904188 https://bugzilla.suse.com/905330 https://bugzilla.suse.com/906362 https://bugzilla.suse.com/907504 https://bugzilla.suse.com/907506 https://bugzilla.suse.com/907648 https://bugzilla.suse.com/907754 https://bugzilla.suse.com/909494 https://bugzilla.suse.com/910121 https://bugzilla.suse.com/910132 https://bugzilla.suse.com/910133 https://bugzilla.suse.com/910137 https://bugzilla.suse.com/910142 https://bugzilla.suse.com/910148 https://bugzilla.suse.com/911390 https://bugzilla.suse.com/911409 https://bugzilla.suse.com/912700 https://bugzilla.suse.com/912882 https://bugzilla.suse.com/913640 https://bugzilla.suse.com/914727 https://bugzilla.suse.com/918598 From sle-updates at lists.suse.com Fri May 29 07:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 15:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0965-1: moderate: Recommended update for supportutils Message-ID: <20150529130455.C49D33204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0965-1 Rating: moderate References: #890604 #912797 #915888 #918641 #920795 #922607 #924738 #924760 #924761 #925230 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 10 recommended fixes can now be installed. Description: This update for supportutils provides the following fixes: - Fixed xz system logs compressed (bnc#924761) - Fixed xz compressed logs in updates.txt (bnc#924760) - Added docker support in docker.txt with OPTION_DOCKER=1 (bnc#925230) - Added missing SUSEConnect (bnc#924738) - Fixed kdumptool error (bnc#922607) - Added missing wicked configuration to network.txt (bnc#920795) - Fixed vmcp detection (bnc#915888) - Included DNS fix (bnc#918641) - Use /etc/drbd.conf for test instead of rpm (bnc#890604) - Added missing taint flag E (bnc#912797) - Added lsinitrd to boot.txt for SLE12. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-222=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-222=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): supportutils-3.0-62.1 - SUSE Linux Enterprise Desktop 12 (noarch): supportutils-3.0-62.1 References: https://bugzilla.suse.com/890604 https://bugzilla.suse.com/912797 https://bugzilla.suse.com/915888 https://bugzilla.suse.com/918641 https://bugzilla.suse.com/920795 https://bugzilla.suse.com/922607 https://bugzilla.suse.com/924738 https://bugzilla.suse.com/924760 https://bugzilla.suse.com/924761 https://bugzilla.suse.com/925230 From sle-updates at lists.suse.com Fri May 29 09:04:55 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 17:04:55 +0200 (CEST) Subject: SUSE-RU-2015:0966-1: important: Recommended update for glibc Message-ID: <20150529150455.2ED2032007@maintenance.suse.de> SUSE Recommended Update: Recommended update for glibc ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0966-1 Rating: important References: #842291 #892065 #920965 #926939 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for glibc provides the following fixes: * Fix reading of the $LANG environment variable. (bsc#926939) * Avoid unbound alloca() in setenv(). (bsc#892065) * Fix rare segmentation fault in _wait_lookup_done(). (bsc#842291, bsc#920965) Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 i686 s390x x86_64): glibc-2.4-31.119.2 glibc-devel-2.4-31.119.2 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): glibc-html-2.4-31.119.2 glibc-i18ndata-2.4-31.119.2 glibc-info-2.4-31.119.2 glibc-locale-2.4-31.119.2 glibc-profile-2.4-31.119.2 nscd-2.4-31.119.2 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): glibc-32bit-2.4-31.119.2 glibc-devel-32bit-2.4-31.119.2 glibc-locale-32bit-2.4-31.119.2 glibc-profile-32bit-2.4-31.119.2 References: https://bugzilla.suse.com/842291 https://bugzilla.suse.com/892065 https://bugzilla.suse.com/920965 https://bugzilla.suse.com/926939 https://download.suse.com/patch/finder/?keywords=eb400ba12a85dee11fec438a30e10200 From sle-updates at lists.suse.com Fri May 29 10:04:56 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 18:04:56 +0200 (CEST) Subject: SUSE-RU-2015:0970-1: moderate: Recommended update for vsftpd Message-ID: <20150529160456.CCE5832007@maintenance.suse.de> SUSE Recommended Update: Recommended update for vsftpd ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0970-1 Rating: moderate References: #900326 #915522 #922538 #925963 #927612 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: vsftpd was updated to improve upon previous fixes and address a regression. The following bugs have been fixed: - Handle the deny_file option better. (bnc#900326, bnc#915522) - Avoid wildcard regressions introduced by previous update. (bnc#922538, bnc#927612) - stat(2) is sometimes run on wrong path and results in ENOENT. (bnc#925963) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-224=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): vsftpd-3.0.2-24.1 vsftpd-debuginfo-3.0.2-24.1 vsftpd-debugsource-3.0.2-24.1 References: https://bugzilla.suse.com/900326 https://bugzilla.suse.com/915522 https://bugzilla.suse.com/922538 https://bugzilla.suse.com/925963 https://bugzilla.suse.com/927612 From sle-updates at lists.suse.com Fri May 29 10:06:16 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 18:06:16 +0200 (CEST) Subject: SUSE-RU-2015:0971-1: moderate: Recommended update for cmirrord Message-ID: <20150529160616.4C9743204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for cmirrord ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0971-1 Rating: moderate References: #890452 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes an endianness issue which could lead to cmirrord failing to start on the s390x architecture. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP3: zypper in -t patch slehasp3-cmirrord=10666 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64): cmirrord-2.02.98-0.11.1 References: https://bugzilla.suse.com/890452 https://download.suse.com/patch/finder/?keywords=84346e14732b57cffdb6eb9206acb5f4 From sle-updates at lists.suse.com Fri May 29 11:04:57 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 19:04:57 +0200 (CEST) Subject: SUSE-RU-2015:0972-1: important: Recommended update for libgtop Message-ID: <20150529170457.8729132007@maintenance.suse.de> SUSE Recommended Update: Recommended update for libgtop ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0972-1 Rating: important References: #929509 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The latest libgtop update increased the GLIBTOP_NCPU constant from 256 to 1024. Because this value is part of libgtop's ABI, changing it would require a rebuild of all applications that link against the library. This update reverts the value of GLIBTOP_NCPU to 256. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-libgtop=10714 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-libgtop=10714 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-libgtop=10714 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-libgtop=10714 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgtop-devel-2.28.0-1.13.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ppc64 s390x x86_64): libgtop-2_0-7-32bit-2.28.0-1.13.1 - SUSE Linux Enterprise Software Development Kit 11 SP3 (ia64): libgtop-2_0-7-x86-2.28.0-1.13.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): libgtop-2.28.0-1.13.1 libgtop-2_0-7-2.28.0-1.13.1 libgtop-doc-2.28.0-1.13.1 libgtop-lang-2.28.0-1.13.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): libgtop-2.28.0-1.13.1 libgtop-2_0-7-2.28.0-1.13.1 libgtop-doc-2.28.0-1.13.1 libgtop-lang-2.28.0-1.13.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): libgtop-2.28.0-1.13.1 libgtop-2_0-7-2.28.0-1.13.1 libgtop-lang-2.28.0-1.13.1 References: https://bugzilla.suse.com/929509 https://download.suse.com/patch/finder/?keywords=e12a3bc20ebeebe10c680ca95b45fc1c From sle-updates at lists.suse.com Fri May 29 11:05:20 2015 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 May 2015 19:05:20 +0200 (CEST) Subject: SUSE-RU-2015:0973-1: Recommended update for Mesa Message-ID: <20150529170520.8A4673204C@maintenance.suse.de> SUSE Recommended Update: Recommended update for Mesa ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:0973-1 Rating: low References: #899106 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for Mesa fixes the following issue: - Mapping textures in swrast may crash if no image slices array is allocated. This may happen in some software fallback paths. (bsc#899106) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2015-225=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2015-225=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2015-225=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2015-225=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): Mesa-debuginfo-32bit-10.0.2-90.17 Mesa-libGLESv2-2-32bit-10.0.2-90.17 Mesa-libGLESv2-2-debuginfo-32bit-10.0.2-90.17 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): Mesa-debuginfo-10.0.2-90.17 Mesa-debugsource-10.0.2-90.17 Mesa-devel-10.0.2-90.17 Mesa-libEGL-devel-10.0.2-90.17 Mesa-libGL-devel-10.0.2-90.17 Mesa-libGLESv1_CM-devel-10.0.2-90.17 Mesa-libGLESv1_CM1-10.0.2-90.17 Mesa-libGLESv1_CM1-debuginfo-10.0.2-90.17 Mesa-libGLESv2-devel-10.0.2-90.17 Mesa-libGLESv3-devel-10.0.2-90.17 Mesa-libglapi-devel-10.0.2-90.17 libOSMesa-devel-10.0.2-90.17 libOSMesa9-10.0.2-90.17 libOSMesa9-debuginfo-10.0.2-90.17 libgbm-devel-10.0.2-90.17 libxatracker-devel-1.0.0-90.17 - SUSE Linux Enterprise Software Development Kit 12 (s390x x86_64): libOSMesa9-32bit-10.0.2-90.17 libOSMesa9-debuginfo-32bit-10.0.2-90.17 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): Mesa-10.0.2-90.17 Mesa-debuginfo-10.0.2-90.17 Mesa-debugsource-10.0.2-90.17 Mesa-libEGL1-10.0.2-90.17 Mesa-libEGL1-debuginfo-10.0.2-90.17 Mesa-libGL1-10.0.2-90.17 Mesa-libGL1-debuginfo-10.0.2-90.17 Mesa-libGLESv2-2-10.0.2-90.17 Mesa-libGLESv2-2-debuginfo-10.0.2-90.17 Mesa-libglapi0-10.0.2-90.17 Mesa-libglapi0-debuginfo-10.0.2-90.17 libgbm1-10.0.2-90.17 libgbm1-debuginfo-10.0.2-90.17 libxatracker2-1.0.0-90.17 libxatracker2-debuginfo-1.0.0-90.17 - SUSE Linux Enterprise Server 12 (s390x x86_64): Mesa-32bit-10.0.2-90.17 Mesa-debuginfo-32bit-10.0.2-90.17 Mesa-libEGL1-32bit-10.0.2-90.17 Mesa-libEGL1-debuginfo-32bit-10.0.2-90.17 Mesa-libGL1-32bit-10.0.2-90.17 Mesa-libGL1-debuginfo-32bit-10.0.2-90.17 Mesa-libglapi0-32bit-10.0.2-90.17 Mesa-libglapi0-debuginfo-32bit-10.0.2-90.17 libgbm1-32bit-10.0.2-90.17 libgbm1-debuginfo-32bit-10.0.2-90.17 - SUSE Linux Enterprise Desktop 12 (x86_64): Mesa-10.0.2-90.17 Mesa-32bit-10.0.2-90.17 Mesa-debuginfo-10.0.2-90.17 Mesa-debuginfo-32bit-10.0.2-90.17 Mesa-debugsource-10.0.2-90.17 Mesa-libEGL1-10.0.2-90.17 Mesa-libEGL1-32bit-10.0.2-90.17 Mesa-libEGL1-debuginfo-10.0.2-90.17 Mesa-libEGL1-debuginfo-32bit-10.0.2-90.17 Mesa-libGL1-10.0.2-90.17 Mesa-libGL1-32bit-10.0.2-90.17 Mesa-libGL1-debuginfo-10.0.2-90.17 Mesa-libGL1-debuginfo-32bit-10.0.2-90.17 Mesa-libGLESv2-2-10.0.2-90.17 Mesa-libGLESv2-2-32bit-10.0.2-90.17 Mesa-libGLESv2-2-debuginfo-10.0.2-90.17 Mesa-libGLESv2-2-debuginfo-32bit-10.0.2-90.17 Mesa-libglapi0-10.0.2-90.17 Mesa-libglapi0-32bit-10.0.2-90.17 Mesa-libglapi0-debuginfo-10.0.2-90.17 Mesa-libglapi0-debuginfo-32bit-10.0.2-90.17 libgbm1-10.0.2-90.17 libgbm1-32bit-10.0.2-90.17 libgbm1-debuginfo-10.0.2-90.17 libgbm1-debuginfo-32bit-10.0.2-90.17 libxatracker2-1.0.0-90.17 libxatracker2-debuginfo-1.0.0-90.17 References: https://bugzilla.suse.com/899106