From sle-updates at lists.suse.com Mon Jan 4 04:11:53 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 12:11:53 +0100 (CET) Subject: SUSE-SU-2016:0008-1: moderate: Security update for libksba Message-ID: <20160104111153.0BE09320D8@maintenance.suse.de> SUSE Security Update: Security update for libksba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0008-1 Rating: moderate References: #926826 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: The libksba package was updated to fix the following security issues: - Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libksba-1482=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libksba-1482=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libksba-1482=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libksba-1482=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libksba-1482=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libksba-1482=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libksba-1482=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libksba-1482=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libksba-1482=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libksba-devel-1.0.4-1.20.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libksba-devel-1.0.4-1.20.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libksba-1.0.4-1.20.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libksba-1.0.4-1.20.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libksba-1.0.4-1.20.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libksba-1.0.4-1.20.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libksba-1.0.4-1.20.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libksba-debuginfo-1.0.4-1.20.1 libksba-debugsource-1.0.4-1.20.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libksba-debuginfo-1.0.4-1.20.1 libksba-debugsource-1.0.4-1.20.1 References: https://bugzilla.suse.com/926826 From sle-updates at lists.suse.com Mon Jan 4 06:11:18 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 14:11:18 +0100 (CET) Subject: SUSE-OU-2016:0009-1: moderate: Optional update for openssh-openssl1 Message-ID: <20160104131118.C74DC320D8@maintenance.suse.de> SUSE Optional Update: Optional update for openssh-openssl1 ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0009-1 Rating: moderate References: #932017 Affected Products: SUSE Linux Enterprise Server 11-SECURITY ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update brings a variant of openssh 6.6p1 based on openssl 1.0.1 for the SUSE Linux Enterprise 11 Security Module. The sourcelevel is the same as openssh on SUSE Linux Enterprise 11 SP4 and SUSE Linux Enterprise 12 GA. Only one of openssh or openssh-openssl1 can be installed. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-openssh-openssl1-12292=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): openssh-openssl1-6.6p1-7.1 openssh-openssl1-helpers-6.6p1-7.1 References: https://bugzilla.suse.com/932017 From sle-updates at lists.suse.com Mon Jan 4 06:11:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 14:11:44 +0100 (CET) Subject: SUSE-SU-2016:0010-1: important: Security update for kvm Message-ID: <20160104131144.3A1A0320D8@maintenance.suse.de> SUSE Security Update: Security update for kvm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0010-1 Rating: important References: #947164 #950590 #953187 #956829 #957162 Cross-References: CVE-2015-7512 CVE-2015-8345 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for kvm fixes the following issues: Security issues fixed: - CVE-2015-7512: The receive packet size is now checked in the emulated pcnet driver, eliminating buffer overflow and potential security issue by malicious guest systems. (bsc#957162) - CVE-2015-8345: A infinite loop in processing command block list was fixed that could be exploit by malicious guest systems (bsc#956829). Other bugs fixed: - To assist users past the migration incompatibility discussed in bsc#950590 (restore migration compatibility with SLE11 SP3 and SLE12, at the unfortunate expense to prior SLE11 SP4 kvm release compatability when a virtio-net device is used), print a message which references the support document TID 7017048. See https://www.suse.com/support/kb/doc.php?id=7017048 - Fix cases of wrong clock values in kvmclock timekeeping (bsc#947164 and bsc#953187) - Enforce pxe rom sizes to ensure migration compatibility. (bsc#950590) - Fix kvm live migration fails between sles11 sp3 and sp4 (bsc#950590) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kvm-12293=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-kvm-12293=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 s390x x86_64): kvm-1.4.2-35.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): kvm-1.4.2-35.1 References: https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8345.html https://bugzilla.suse.com/947164 https://bugzilla.suse.com/950590 https://bugzilla.suse.com/953187 https://bugzilla.suse.com/956829 https://bugzilla.suse.com/957162 From sle-updates at lists.suse.com Mon Jan 4 06:12:54 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 14:12:54 +0100 (CET) Subject: SUSE-SU-2016:0011-1: moderate: Security update for libmspack Message-ID: <20160104131254.51A96320D8@maintenance.suse.de> SUSE Security Update: Security update for libmspack ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0011-1 Rating: moderate References: #934524 #934525 #934526 #934527 #934528 #934529 Cross-References: CVE-2014-9732 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: libmspack was updated to fix security issues. These security issues were fixed: * CVE-2014-9732: The cabd_extract function in cabd.c in libmspack did not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive (bnc#934524). * CVE-2015-4467: The chmd_init_decomp function in chmd.c in libmspack did not properly validate the reset interval, which allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file (bnc#934525). * CVE-2015-4468: Multiple integer overflows in the search_chunk function in chmd.c in libmspack allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file (bnc#934526). * CVE-2015-4469: The chmd_read_headers function in chmd.c in libmspack did not validate name lengths, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file (bnc#934526). * CVE-2015-4470: Off-by-one error in the inflate function in mszipd.c in libmspack allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive (bnc#934527). * CVE-2015-4471: Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack allowed remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive (bnc#934528). * CVE-2015-4472: Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file (bnc#934529). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-2=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-2=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-2=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-2=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-2=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-2=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libmspack-debugsource-0.4-14.4 libmspack-devel-0.4-14.4 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libmspack-debugsource-0.4-14.4 libmspack-devel-0.4-14.4 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libmspack-debugsource-0.4-14.4 libmspack0-0.4-14.4 libmspack0-debuginfo-0.4-14.4 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libmspack-debugsource-0.4-14.4 libmspack0-0.4-14.4 libmspack0-debuginfo-0.4-14.4 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libmspack-debugsource-0.4-14.4 libmspack0-0.4-14.4 libmspack0-debuginfo-0.4-14.4 - SUSE Linux Enterprise Desktop 12 (x86_64): libmspack-debugsource-0.4-14.4 libmspack0-0.4-14.4 libmspack0-debuginfo-0.4-14.4 References: https://www.suse.com/security/cve/CVE-2014-9732.html https://www.suse.com/security/cve/CVE-2015-4467.html https://www.suse.com/security/cve/CVE-2015-4468.html https://www.suse.com/security/cve/CVE-2015-4469.html https://www.suse.com/security/cve/CVE-2015-4470.html https://www.suse.com/security/cve/CVE-2015-4471.html https://www.suse.com/security/cve/CVE-2015-4472.html https://bugzilla.suse.com/934524 https://bugzilla.suse.com/934525 https://bugzilla.suse.com/934526 https://bugzilla.suse.com/934527 https://bugzilla.suse.com/934528 https://bugzilla.suse.com/934529 From sle-updates at lists.suse.com Mon Jan 4 07:11:03 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 15:11:03 +0100 (CET) Subject: SUSE-RU-2016:0012-1: Recommended update for python-google-apputils Message-ID: <20160104141103.A3B19320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-google-apputils ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0012-1 Rating: low References: #958110 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides python-google-apputils 0.4.2 which, among other minor corrections, fixes the dependency specification of python-dateutil. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-5=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-google-apputils-0.4.2-3.1 References: https://bugzilla.suse.com/958110 From sle-updates at lists.suse.com Mon Jan 4 07:11:15 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 15:11:15 +0100 (CET) Subject: SUSE-RU-2016:0013-1: Recommended update for python-rsa Message-ID: <20160104141115.7FAD7320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-rsa ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0013-1 Rating: low References: #935595 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The python-rsa module was updated from 3.1.2 to 3.1.4. This minor version update provides fixes for a few minor issues. Additionally, the update adds coreutils to the list of python-rsa requirements. This ensures rm(1) will be available at installation time. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-4=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-rsa-3.1.4-8.1 References: https://bugzilla.suse.com/935595 From sle-updates at lists.suse.com Mon Jan 4 12:11:09 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 20:11:09 +0100 (CET) Subject: SUSE-RU-2016:0014-1: moderate: Recommended update for shim Message-ID: <20160104191109.F0942320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for shim ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0014-1 Rating: moderate References: #919675 #920515 #945178 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The shim bootloader for UEFI secure boot support was updated to the unified version 0.9 between SUSE Linux Enterprise versions (same as SUSE Linux Enterprise 12 SP1). (FATE#318904) This also fixes two bugs: * RSOD comes when you enter and exit from grub commandline (bsc#919675) * StrCpy() could crash fallback.efi due to the under-allocated buffer (bsc#920515) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-6=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-6=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (x86_64): shim-0.9-15.3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): shim-0.9-15.3.1 References: https://bugzilla.suse.com/919675 https://bugzilla.suse.com/920515 https://bugzilla.suse.com/945178 From sle-updates at lists.suse.com Mon Jan 4 12:11:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 20:11:44 +0100 (CET) Subject: SUSE-RU-2016:0015-1: moderate: Recommended update for docker Message-ID: <20160104191144.58B4C320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for docker ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0015-1 Rating: moderate References: #954797 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for docker fixes the following issue: - Allow removal of containers even when the entry point failed. (bsc#954797) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-7=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): docker-1.8.3-55.2 docker-debuginfo-1.8.3-55.2 docker-debugsource-1.8.3-55.2 References: https://bugzilla.suse.com/954797 From sle-updates at lists.suse.com Mon Jan 4 15:11:40 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 4 Jan 2016 23:11:40 +0100 (CET) Subject: SUSE-RU-2016:0017-1: Recommended update for poppler Message-ID: <20160104221140.93443320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for poppler ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0017-1 Rating: low References: #914316 #927466 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: Poppler was updated to fix multiple display issues. * bsc#914316: Graphical issue with a fillable PDF file -fix annotations with transparent color in PDF files * bsc#927466: poppler die not display standard ligatures correctly Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-9=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-9=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-9=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-9=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-9=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-9=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libpoppler-devel-0.24.4-9.2 libpoppler-glib-devel-0.24.4-9.2 libpoppler-qt4-devel-0.24.4-9.1 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 typelib-1_0-Poppler-0_18-0.24.4-9.2 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libpoppler-devel-0.24.4-9.2 libpoppler-glib-devel-0.24.4-9.2 libpoppler-qt4-devel-0.24.4-9.1 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 typelib-1_0-Poppler-0_18-0.24.4-9.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpoppler-glib8-0.24.4-9.2 libpoppler-glib8-debuginfo-0.24.4-9.2 libpoppler-qt4-4-0.24.4-9.1 libpoppler-qt4-4-debuginfo-0.24.4-9.1 libpoppler44-0.24.4-9.2 libpoppler44-debuginfo-0.24.4-9.2 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 poppler-tools-0.24.4-9.2 poppler-tools-debuginfo-0.24.4-9.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpoppler-glib8-0.24.4-9.2 libpoppler-glib8-debuginfo-0.24.4-9.2 libpoppler-qt4-4-0.24.4-9.1 libpoppler-qt4-4-debuginfo-0.24.4-9.1 libpoppler44-0.24.4-9.2 libpoppler44-debuginfo-0.24.4-9.2 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 poppler-tools-0.24.4-9.2 poppler-tools-debuginfo-0.24.4-9.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpoppler-glib8-0.24.4-9.2 libpoppler-glib8-debuginfo-0.24.4-9.2 libpoppler-qt4-4-0.24.4-9.1 libpoppler-qt4-4-debuginfo-0.24.4-9.1 libpoppler44-0.24.4-9.2 libpoppler44-debuginfo-0.24.4-9.2 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 poppler-tools-0.24.4-9.2 poppler-tools-debuginfo-0.24.4-9.2 - SUSE Linux Enterprise Desktop 12 (x86_64): libpoppler-glib8-0.24.4-9.2 libpoppler-glib8-debuginfo-0.24.4-9.2 libpoppler-qt4-4-0.24.4-9.1 libpoppler-qt4-4-debuginfo-0.24.4-9.1 libpoppler44-0.24.4-9.2 libpoppler44-debuginfo-0.24.4-9.2 poppler-debugsource-0.24.4-9.2 poppler-qt-debugsource-0.24.4-9.1 poppler-tools-0.24.4-9.2 poppler-tools-debuginfo-0.24.4-9.2 References: https://bugzilla.suse.com/914316 https://bugzilla.suse.com/927466 From sle-updates at lists.suse.com Tue Jan 5 07:11:07 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 15:11:07 +0100 (CET) Subject: SUSE-SU-2016:0020-1: important: Security update for kvm Message-ID: <20160105141107.AA445320D8@maintenance.suse.de> SUSE Security Update: Security update for kvm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0020-1 Rating: important References: #947164 #950590 #953187 #956829 #957162 Cross-References: CVE-2015-7512 CVE-2015-8345 Affected Products: SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for kvm fixes the following issues: Security issues fixed: - CVE-2015-7512: The receive packet size is now checked in the emulated pcnet driver, eliminating buffer overflow and potential security issue by malicious guest systems. (bsc#957162) - CVE-2015-8345: A infinite loop in processing command block list was fixed that could be exploit by malicious guest systems (bsc#956829). Bugs fixed: - Fix cases of wrong clock values in kvmclock timekeeping (bsc#947164 and bsc#953187) - Enforce pxe rom sizes to ensure migration compatibility. (bsc#950590) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-kvm-12294=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-kvm-12294=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3 (i586 s390x x86_64): kvm-1.4.2-37.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): kvm-1.4.2-37.1 References: https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8345.html https://bugzilla.suse.com/947164 https://bugzilla.suse.com/950590 https://bugzilla.suse.com/953187 https://bugzilla.suse.com/956829 https://bugzilla.suse.com/957162 From sle-updates at lists.suse.com Tue Jan 5 07:12:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 15:12:16 +0100 (CET) Subject: SUSE-SU-2016:0021-1: moderate: Security update for qemu Message-ID: <20160105141216.DB1B4320D8@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0021-1 Rating: moderate References: #947164 #953187 #956829 #957162 Cross-References: CVE-2015-7512 CVE-2015-8345 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update fixes the following security issues: - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. (bsc#957162 CVE-2015-7512) - Infinite loop in processing command block list. CVE-2015-8345 (bsc#956829): Also a non-security bug fixed: - Fix cases of wrong clock values in kvmclock timekeeping (bsc#947164 and bsc#953187) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-11=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-11=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): qemu-2.0.2-48.12.1 qemu-block-curl-2.0.2-48.12.1 qemu-block-curl-debuginfo-2.0.2-48.12.1 qemu-debugsource-2.0.2-48.12.1 qemu-guest-agent-2.0.2-48.12.1 qemu-guest-agent-debuginfo-2.0.2-48.12.1 qemu-lang-2.0.2-48.12.1 qemu-tools-2.0.2-48.12.1 qemu-tools-debuginfo-2.0.2-48.12.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): qemu-kvm-2.0.2-48.12.1 - SUSE Linux Enterprise Server 12 (ppc64le): qemu-ppc-2.0.2-48.12.1 qemu-ppc-debuginfo-2.0.2-48.12.1 - SUSE Linux Enterprise Server 12 (noarch): qemu-ipxe-1.0.0-48.12.1 qemu-seabios-1.7.4-48.12.1 qemu-sgabios-8-48.12.1 qemu-vgabios-1.7.4-48.12.1 - SUSE Linux Enterprise Server 12 (x86_64): qemu-block-rbd-2.0.2-48.12.1 qemu-block-rbd-debuginfo-2.0.2-48.12.1 qemu-x86-2.0.2-48.12.1 qemu-x86-debuginfo-2.0.2-48.12.1 - SUSE Linux Enterprise Server 12 (s390x): qemu-s390-2.0.2-48.12.1 qemu-s390-debuginfo-2.0.2-48.12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): qemu-2.0.2-48.12.1 qemu-block-curl-2.0.2-48.12.1 qemu-block-curl-debuginfo-2.0.2-48.12.1 qemu-debugsource-2.0.2-48.12.1 qemu-kvm-2.0.2-48.12.1 qemu-tools-2.0.2-48.12.1 qemu-tools-debuginfo-2.0.2-48.12.1 qemu-x86-2.0.2-48.12.1 qemu-x86-debuginfo-2.0.2-48.12.1 - SUSE Linux Enterprise Desktop 12 (noarch): qemu-ipxe-1.0.0-48.12.1 qemu-seabios-1.7.4-48.12.1 qemu-sgabios-8-48.12.1 qemu-vgabios-1.7.4-48.12.1 References: https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8345.html https://bugzilla.suse.com/947164 https://bugzilla.suse.com/953187 https://bugzilla.suse.com/956829 https://bugzilla.suse.com/957162 From sle-updates at lists.suse.com Tue Jan 5 07:13:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 15:13:08 +0100 (CET) Subject: SUSE-RU-2016:0022-1: Recommended update for ucode-intel Message-ID: <20160105141308.369C4320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for ucode-intel ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0022-1 Rating: low References: #954423 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides Intel's CPU microcode version 20151106. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-10=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-10=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-10=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-10=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (x86_64): ucode-intel-20151106-6.1 ucode-intel-debuginfo-20151106-6.1 ucode-intel-debugsource-20151106-6.1 - SUSE Linux Enterprise Server 12 (x86_64): ucode-intel-20151106-6.1 ucode-intel-debuginfo-20151106-6.1 ucode-intel-debugsource-20151106-6.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ucode-intel-20151106-6.1 ucode-intel-debuginfo-20151106-6.1 ucode-intel-debugsource-20151106-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): ucode-intel-20151106-6.1 ucode-intel-debuginfo-20151106-6.1 ucode-intel-debugsource-20151106-6.1 References: https://bugzilla.suse.com/954423 From sle-updates at lists.suse.com Tue Jan 5 09:11:53 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 17:11:53 +0100 (CET) Subject: SUSE-OU-2016:0023-1: Initial release of s3fs Message-ID: <20160105161153.E4C8E320AA@maintenance.suse.de> SUSE Optional Update: Initial release of s3fs ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0023-1 Rating: low References: #958186 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds s3fs to the Public Cloud 12 Module. s3fs is a FUSE-based file system backed by Amazon S3. Users can mount a bucket as a local file system and store files and folders natively and transparently. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-13=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (ppc64le s390x x86_64): s3fs-1.79-3.1 s3fs-debuginfo-1.79-3.1 s3fs-debugsource-1.79-3.1 References: https://bugzilla.suse.com/958186 From sle-updates at lists.suse.com Tue Jan 5 09:12:17 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 17:12:17 +0100 (CET) Subject: SUSE-RU-2016:0024-1: Recommended update for yast2-bootloader Message-ID: <20160105161217.F3790320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0024-1 Rating: low References: #805275 #937108 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-bootloader provides the following fixes: - Fix validation of AutoYaST profiles. (bsc#805275) - Unify Xen names to fix removal of duplicated entries at the end of installation. (bsc#937108) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-bootloader-12295=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-bootloader-12295=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): yast2-bootloader-2.17.99-3.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): yast2-bootloader-2.17.99-3.3 References: https://bugzilla.suse.com/805275 https://bugzilla.suse.com/937108 From sle-updates at lists.suse.com Tue Jan 5 09:13:00 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 17:13:00 +0100 (CET) Subject: SUSE-RU-2016:0025-1: Recommended update for yast2-bootloader Message-ID: <20160105161300.A30CA320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0025-1 Rating: low References: #805275 #916342 #916935 #937108 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for yast2-bootloader provides the following fixes: - Fix validation of AutoYaST profiles. (bsc#805275) - Unify Xen names to fix removal of duplicated entries at the end of installation. (bsc#937108) - Make more collumns if there is too much options for bootloader. (bsc#916342) - Allow PReP on GPT as possible bootloader location. (bsc#916935) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-bootloader-12296=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-bootloader-12296=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-bootloader-12296=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): yast2-bootloader-2.17.99-9.6 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-bootloader-2.17.99-9.6 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): yast2-bootloader-2.17.99-9.6 References: https://bugzilla.suse.com/805275 https://bugzilla.suse.com/916342 https://bugzilla.suse.com/916935 https://bugzilla.suse.com/937108 From sle-updates at lists.suse.com Tue Jan 5 11:11:29 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 19:11:29 +0100 (CET) Subject: SUSE-RU-2016:0026-1: Recommended update for release-notes-sled Message-ID: <20160105181129.0DAA8320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0026-1 Rating: low References: #956325 #957800 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides the latest version of the release notes for SUSE Linux Enterprise Desktop 12-SP1: - New: Creating an AutoYaST XML File. (fate#319930, bsc#956325) - Updated: If You Are Using Proprietary Graphics Drivers, Perform an Online Upgrade (Behavior applies to all third-party KMPs). (fate#319890) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-19=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-19=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (noarch): release-notes-sled-12.1.20151203-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): release-notes-sled-12.1.20151203-3.1 References: https://bugzilla.suse.com/956325 https://bugzilla.suse.com/957800 From sle-updates at lists.suse.com Tue Jan 5 11:12:02 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 19:12:02 +0100 (CET) Subject: SUSE-SU-2016:0027-1: moderate: Security update for libpng16 Message-ID: <20160105181202.D2F3D320D8@maintenance.suse.de> SUSE Security Update: Security update for libpng16 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0027-1 Rating: moderate References: #954980 Cross-References: CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue: * CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-16=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-16=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-16=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-16=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-16=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-16=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libpng16-compat-devel-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 libpng16-devel-1.6.8-11.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libpng16-compat-devel-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 libpng16-devel-1.6.8-11.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpng16-16-1.6.8-11.1 libpng16-16-debuginfo-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libpng16-16-32bit-1.6.8-11.1 libpng16-16-debuginfo-32bit-1.6.8-11.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpng16-16-1.6.8-11.1 libpng16-16-debuginfo-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libpng16-16-32bit-1.6.8-11.1 libpng16-16-debuginfo-32bit-1.6.8-11.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpng16-16-1.6.8-11.1 libpng16-16-32bit-1.6.8-11.1 libpng16-16-debuginfo-1.6.8-11.1 libpng16-16-debuginfo-32bit-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpng16-16-1.6.8-11.1 libpng16-16-32bit-1.6.8-11.1 libpng16-16-debuginfo-1.6.8-11.1 libpng16-16-debuginfo-32bit-1.6.8-11.1 libpng16-debugsource-1.6.8-11.1 References: https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Tue Jan 5 11:12:27 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 19:12:27 +0100 (CET) Subject: SUSE-RU-2016:0028-1: Recommended update for release-notes-sles Message-ID: <20160105181227.09A18320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0028-1 Rating: low References: #956726 #957749 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12-SP1 have been updated to document: - Specifying Registration Code for Module Installation. (fate#320019, bsc#956726) - Improve text in HTTP Proxy for Registration section. (fate#318488) - Fix typo in YaST Modules Dropped section. (fate#314685, bsc#957749) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-18=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): release-notes-sles-12.1.20151203-3.1 References: https://bugzilla.suse.com/956726 https://bugzilla.suse.com/957749 From sle-updates at lists.suse.com Tue Jan 5 11:12:59 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 19:12:59 +0100 (CET) Subject: SUSE-RU-2016:0029-1: Recommended update for libnet Message-ID: <20160105181259.E714A320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for libnet ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0029-1 Rating: low References: #949391 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libnet ensures the library is always built with AF_PACKET support enabled. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-17=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-17=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-17=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-17=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libnet-debugsource-1.2~rc3-3.1 libnet-devel-1.2~rc3-3.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libnet-debugsource-1.2~rc3-3.1 libnet-devel-1.2~rc3-3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libnet-debugsource-1.2~rc3-3.1 libnet9-1.2~rc3-3.1 libnet9-debuginfo-1.2~rc3-3.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libnet-debugsource-1.2~rc3-3.1 libnet9-1.2~rc3-3.1 libnet9-debuginfo-1.2~rc3-3.1 References: https://bugzilla.suse.com/949391 From sle-updates at lists.suse.com Tue Jan 5 12:11:18 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 20:11:18 +0100 (CET) Subject: SUSE-SU-2016:0030-1: moderate: Security update for libxml2 Message-ID: <20160105191118.2067E320AA@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0030-1 Rating: moderate References: #928193 #951734 #951735 #956018 #956021 #956260 #957105 #957106 #957107 #957109 #957110 Cross-References: CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update fixes the following security issues: * CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193] * CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734] * CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735] * CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018] * CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021] * CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260] * CVE-2015-5312 Fix another entity expansion issue [bnc#957105] * CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106] * CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107] * CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109] * CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libxml2-20151221-12298=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libxml2-20151221-12298=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libxml2-20151221-12298=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libxml2-20151221-12298=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libxml2-20151221-12298=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libxml2-20151221-12298=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libxml2-20151221-12298=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libxml2-20151221-12298=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libxml2-20151221-12298=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.34.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.34.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libxml2-2.7.6-0.34.1 libxml2-doc-2.7.6-0.34.1 libxml2-python-2.7.6-0.34.4 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libxml2-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.34.1 libxml2-doc-2.7.6-0.34.1 libxml2-python-2.7.6-0.34.4 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libxml2-x86-2.7.6-0.34.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.34.1 libxml2-doc-2.7.6-0.34.1 libxml2-python-2.7.6-0.34.4 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libxml2-x86-2.7.6-0.34.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libxml2-2.7.6-0.34.1 libxml2-python-2.7.6-0.34.4 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libxml2-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libxml2-2.7.6-0.34.1 libxml2-python-2.7.6-0.34.4 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libxml2-32bit-2.7.6-0.34.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-debuginfo-2.7.6-0.34.1 libxml2-debugsource-2.7.6-0.34.1 libxml2-python-debuginfo-2.7.6-0.34.4 libxml2-python-debugsource-2.7.6-0.34.4 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-debuginfo-2.7.6-0.34.1 libxml2-debugsource-2.7.6-0.34.1 libxml2-python-debuginfo-2.7.6-0.34.4 libxml2-python-debugsource-2.7.6-0.34.4 References: https://www.suse.com/security/cve/CVE-2015-1819.html https://www.suse.com/security/cve/CVE-2015-5312.html https://www.suse.com/security/cve/CVE-2015-7497.html https://www.suse.com/security/cve/CVE-2015-7498.html https://www.suse.com/security/cve/CVE-2015-7499.html https://www.suse.com/security/cve/CVE-2015-7500.html https://www.suse.com/security/cve/CVE-2015-7941.html https://www.suse.com/security/cve/CVE-2015-7942.html https://www.suse.com/security/cve/CVE-2015-8241.html https://www.suse.com/security/cve/CVE-2015-8242.html https://www.suse.com/security/cve/CVE-2015-8317.html https://bugzilla.suse.com/928193 https://bugzilla.suse.com/951734 https://bugzilla.suse.com/951735 https://bugzilla.suse.com/956018 https://bugzilla.suse.com/956021 https://bugzilla.suse.com/956260 https://bugzilla.suse.com/957105 https://bugzilla.suse.com/957106 https://bugzilla.suse.com/957107 https://bugzilla.suse.com/957109 https://bugzilla.suse.com/957110 From sle-updates at lists.suse.com Tue Jan 5 12:13:41 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 20:13:41 +0100 (CET) Subject: SUSE-RU-2016:0031-1: moderate: Recommended update for libXfont Message-ID: <20160105191341.379D1320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for libXfont ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0031-1 Rating: moderate References: #958383 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libXfont fixes the following issues: - The original fix for CVE-2015-1804 prevented DWIDTH to be negative. However, the spec states that "DWIDTH [...] is a vector indicating the position of the next glyph's origin relative to the origin of this glyph". Consequently, negative DWIDTH values should be allowed. (bsc#958383) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-22=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-22=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-22=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-22=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-22=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-22=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-7.1 libXfont-devel-1.4.7-7.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-7.1 libXfont-devel-1.4.7-7.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-7.1 libXfont1-1.4.7-7.1 libXfont1-debuginfo-1.4.7-7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libXfont-debugsource-1.4.7-7.1 libXfont1-1.4.7-7.1 libXfont1-debuginfo-1.4.7-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libXfont-debugsource-1.4.7-7.1 libXfont1-1.4.7-7.1 libXfont1-debuginfo-1.4.7-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libXfont-debugsource-1.4.7-7.1 libXfont1-1.4.7-7.1 libXfont1-debuginfo-1.4.7-7.1 References: https://bugzilla.suse.com/958383 From sle-updates at lists.suse.com Tue Jan 5 12:14:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 5 Jan 2016 20:14:05 +0100 (CET) Subject: SUSE-SU-2016:0032-1: important: Security update for samba Message-ID: <20160105191405.18ACA320D8@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0032-1 Rating: important References: #295284 #773464 #901813 #912457 #913304 #934299 #948244 #949022 #958582 #958583 #958584 #958586 Cross-References: CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that solves four vulnerabilities and has 8 fixes is now available. Description: This update for Samba fixes the following security issues: - CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586). - CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582). - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584). - CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583). Non-security issues fixed: - Prevent null pointer access in samlogon fallback when security credentials are null (bnc#949022). - Address unrecoverable winbind failure: "key length too large" (bnc#934299). - Take resource group sids into account when caching netsamlogon data (bnc#912457). - Use domain name if search by domain SID fails to send SIDHistory lookups to correct idmap backend (bnc#773464). - Remove deprecated base_rid example from idmap_rid manpage (bnc#913304). - Purge printer name cache on spoolss SetPrinter change (bnc#901813). - Fix lookup of groups with "Local Domain" scope from Active Directory (bnc#948244). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-samba-12297=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-samba-12297=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): ldapsmb-1.34b-45.2 libldb1-3.6.3-45.2 libsmbclient0-3.6.3-45.2 libtalloc2-3.6.3-45.2 libtdb1-3.6.3-45.2 libtevent0-3.6.3-45.2 libwbclient0-3.6.3-45.2 samba-3.6.3-45.2 samba-client-3.6.3-45.2 samba-krb-printing-3.6.3-45.2 samba-winbind-3.6.3-45.2 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-45.2 libtalloc2-32bit-3.6.3-45.2 libtdb1-32bit-3.6.3-45.2 libtevent0-32bit-3.6.3-45.2 libwbclient0-32bit-3.6.3-45.2 samba-32bit-3.6.3-45.2 samba-client-32bit-3.6.3-45.2 samba-winbind-32bit-3.6.3-45.2 - SUSE Linux Enterprise Server 11-SP2-LTSS (noarch): samba-doc-3.6.3-45.2 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): samba-debuginfo-3.6.3-45.2 samba-debugsource-3.6.3-45.2 - SUSE Linux Enterprise Debuginfo 11-SP2 (s390x x86_64): samba-debuginfo-32bit-3.6.3-45.2 References: https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://bugzilla.suse.com/295284 https://bugzilla.suse.com/773464 https://bugzilla.suse.com/901813 https://bugzilla.suse.com/912457 https://bugzilla.suse.com/913304 https://bugzilla.suse.com/934299 https://bugzilla.suse.com/948244 https://bugzilla.suse.com/949022 https://bugzilla.suse.com/958582 https://bugzilla.suse.com/958583 https://bugzilla.suse.com/958584 https://bugzilla.suse.com/958586 From sle-updates at lists.suse.com Wed Jan 6 07:11:07 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jan 2016 15:11:07 +0100 (CET) Subject: SUSE-RU-2016:0033-1: Recommended update for yast2-ldap-client Message-ID: <20160106141107.83E4B320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-ldap-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0033-1 Rating: low References: #805275 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-ldap-client fixes validation of AutoYaST profiles. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-ldap-client-12299=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-ldap-client-12299=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-ldap-client-12299=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-ldap-client-12299=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-ldap-client-12299=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): yast2-ldap-client-2.17.39-12.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): yast2-ldap-client-2.17.39-12.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): yast2-ldap-client-2.17.39-12.1 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): yast2-ldap-client-2.17.39-12.1 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): yast2-ldap-client-2.17.39-12.1 References: https://bugzilla.suse.com/805275 From sle-updates at lists.suse.com Wed Jan 6 07:11:35 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jan 2016 15:11:35 +0100 (CET) Subject: SUSE-RU-2016:0034-1: moderate: Recommended update for slms Message-ID: <20160106141135.5D203320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for slms ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0034-1 Rating: moderate References: #931788 #943835 Affected Products: SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides SLMS 1.3.10, which brings the following fixes and enhancements: - Add support for SLE 11-SP4. (bsc#931788) - Always use the latest generated update file. (bsc#943835) - Explicitly require yaml to not crash during update generation with updated rubygems. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-slms-12301=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Lifecycle Management Server 1.3 (noarch): slms-1.3.10-9.2 slms-core-1.3.10-9.2 slms-customer-center-1.3.10-9.2 slms-devel-doc-1.3.10-9.2 slms-external-1.3.10-9.2 slms-registration-1.3.10-9.2 slms-testsuite-1.3.10-9.2 References: https://bugzilla.suse.com/931788 https://bugzilla.suse.com/943835 From sle-updates at lists.suse.com Wed Jan 6 07:12:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 6 Jan 2016 15:12:05 +0100 (CET) Subject: SUSE-RU-2016:0035-1: moderate: Recommended update for susestudio Message-ID: <20160106141205.7E8EF320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for susestudio ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0035-1 Rating: moderate References: #916850 #935744 #938524 #941140 #942185 #945075 #945877 #946408 #960285 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: This update provides SUSE Studio 1.3.12, including fixes for the following issues: - Ownership changed on directories after SLMS pushes out a new patch. (bsc#916850) - Template error message "The repository and template setup failed" can not be removed. (bsc#945877) - Symbolic link between /etc/HOSTNAME and /etc/hostname gets broken. (bsc#941140) - Unable to change NCC Mirror Credentials. (bsc#945075) - Repositories in Studio displays "Used by: appliances" incorrectly. (bsc#938524) - SLES 11 SP4 Templates for SUSE Studio Onsite. (bsc#942185) - Building EC2 fails with "An internal build error occurred". (bsc#935744) - Add SUSEConnect to default package selection. (bsc#946408) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-susestudio-12300=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): Containment-Studio-SLE11_SP4-5.05.88-20160104154157 susestudio-1.3.12-33.1 susestudio-bundled-packages-1.3.12-33.1 susestudio-common-1.3.12-33.1 susestudio-runner-1.3.12-33.1 susestudio-sid-1.3.12-33.1 susestudio-ui-server-1.3.12-33.1 References: https://bugzilla.suse.com/916850 https://bugzilla.suse.com/935744 https://bugzilla.suse.com/938524 https://bugzilla.suse.com/941140 https://bugzilla.suse.com/942185 https://bugzilla.suse.com/945075 https://bugzilla.suse.com/945877 https://bugzilla.suse.com/946408 https://bugzilla.suse.com/960285 From sle-updates at lists.suse.com Wed Jan 6 17:11:09 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 01:11:09 +0100 (CET) Subject: SUSE-RU-2016:0037-1: Recommended update for python-ec2uploadimg Message-ID: <20160107001109.0F92F31FCD@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-ec2uploadimg ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0037-1 Rating: low References: #955993 #960585 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for python-ec2uploadimg fixes the following issues: - Add python-paramiko as dependency. (bsc#960585) - Fix typo in package description. (bsc#955993) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-26=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-ec2uploadimg-0.7.1-8.1 References: https://bugzilla.suse.com/955993 https://bugzilla.suse.com/960585 From sle-updates at lists.suse.com Wed Jan 6 17:11:41 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 01:11:41 +0100 (CET) Subject: SUSE-RU-2016:0038-1: Recommended update for patterns-public-cloud Message-ID: <20160107001141.4BDE3320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for patterns-public-cloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0038-1 Rating: low References: #957130 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The software patterns of the Public Cloud Module have been updated. Generic changes: - Added python-susepubliccloudinfo for all Cloud Providers Amazon EC2 specific changes: - Added python-ec2metadata - Added python-ec2deprecateimg - Added python-ec2publishimg - Added python-ec2uploadimg - Added python-ec2utilsbase Microsoft Azure specific changes: - Removed cloud-init recommends (not used on Azure) - Added azuremetadata - Added python-azurectl - Added python-azure-sdk Google Cloud Platform specific changes: - Added python-gcemetadata. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-27=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (ppc64le s390x x86_64): patterns-public-cloud-Amazon-Web-Services-12-7.1 patterns-public-cloud-Google-Cloud-Platform-12-7.1 patterns-public-cloud-Microsoft-Azure-12-7.1 patterns-public-cloud-OpenStack-12-7.1 References: https://bugzilla.suse.com/957130 From sle-updates at lists.suse.com Thu Jan 7 02:11:11 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 10:11:11 +0100 (CET) Subject: SUSE-RU-2016:0039-1: moderate: Recommended update for os-prober Message-ID: <20160107091111.7BAAD320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for os-prober ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0039-1 Rating: moderate References: #910654 #947487 #953987 #954225 #956337 #957018 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for os-prober fixes the following issues: - Detect Operating System on default sub-volume in btrfs snapshot. (bsc#954225) - Fix detection of Windows 8. (bsc#910654) - Detect Windows 10 installations. (bsc#947487) - Also skip legacy grub if /boot/grub2/grub.cfg is present. (bsc#956337) - Fix failure to detect operating system in btrfs root trees. (bsc#957018) - Optimize identification of Linux distributions, avoiding expensive file system traversal. (bsc#953987) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-30=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-30=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-30=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x): os-prober-1.61-21.1 os-prober-debuginfo-1.61-21.1 os-prober-debugsource-1.61-21.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): os-prober-1.61-21.1 os-prober-debuginfo-1.61-21.1 os-prober-debugsource-1.61-21.1 - SUSE Linux Enterprise Desktop 12 (x86_64): os-prober-1.61-21.1 os-prober-debuginfo-1.61-21.1 os-prober-debugsource-1.61-21.1 References: https://bugzilla.suse.com/910654 https://bugzilla.suse.com/947487 https://bugzilla.suse.com/953987 https://bugzilla.suse.com/954225 https://bugzilla.suse.com/956337 https://bugzilla.suse.com/957018 From sle-updates at lists.suse.com Thu Jan 7 05:11:15 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 13:11:15 +0100 (CET) Subject: SUSE-SU-2016:0040-1: moderate: Security update for python-Django Message-ID: <20160107121115.183A2320AA@maintenance.suse.de> SUSE Security Update: Security update for python-Django ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0040-1 Rating: moderate References: #955412 Cross-References: CVE-2015-8213 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-Django fixes the following issues: - Prevent settings leak in date template filter. (bsc#955412, CVE-2015-8213) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-python-Django-12302=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): python-Django-1.6.11-13.1 References: https://www.suse.com/security/cve/CVE-2015-8213.html https://bugzilla.suse.com/955412 From sle-updates at lists.suse.com Thu Jan 7 06:12:06 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 14:12:06 +0100 (CET) Subject: SUSE-SU-2016:0041-1: moderate: Security update for libpng15 Message-ID: <20160107131206.C8996320D8@maintenance.suse.de> SUSE Security Update: Security update for libpng15 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0041-1 Rating: moderate References: #954980 Cross-References: CVE-2015-8126 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue: * CVE-2015-8126 Possible buffer overflow vulnerabilities in png_get_PLTE and png_set_PLTE functions could cause a denial of service (application crash) or possibly have an unspecified impact [bsc#954980] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-33=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-33=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpng15-15-1.5.22-4.1 libpng15-15-debuginfo-1.5.22-4.1 libpng15-debugsource-1.5.22-4.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpng15-15-1.5.22-4.1 libpng15-15-debuginfo-1.5.22-4.1 libpng15-debugsource-1.5.22-4.1 References: https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Thu Jan 7 06:12:45 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 14:12:45 +0100 (CET) Subject: SUSE-RU-2016:0039-2: moderate: Recommended update for os-prober Message-ID: <20160107131245.E83D1320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for os-prober ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0039-2 Rating: moderate References: #910654 #947487 #953987 #954225 #956337 #957018 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for os-prober fixes the following issues: - Detect Operating System on default sub-volume in btrfs snapshot. (bsc#954225) - Fix detection of Windows 8. (bsc#910654) - Detect Windows 10 installations. (bsc#947487) - Also skip legacy grub if /boot/grub2/grub.cfg is present. (bsc#956337) - Fix failure to detect operating system in btrfs root trees. (bsc#957018) - Optimize identification of Linux distributions, avoiding expensive file system traversal. (bsc#953987) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-31=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-31=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (x86_64): os-prober-1.61-21.1 os-prober-debuginfo-1.61-21.1 os-prober-debugsource-1.61-21.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): os-prober-1.61-21.1 os-prober-debuginfo-1.61-21.1 os-prober-debugsource-1.61-21.1 References: https://bugzilla.suse.com/910654 https://bugzilla.suse.com/947487 https://bugzilla.suse.com/953987 https://bugzilla.suse.com/954225 https://bugzilla.suse.com/956337 https://bugzilla.suse.com/957018 From sle-updates at lists.suse.com Thu Jan 7 06:15:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 14:15:08 +0100 (CET) Subject: SUSE-SU-2016:0042-1: moderate: Security update for rubygem-passenger Message-ID: <20160107131508.6D72D320D8@maintenance.suse.de> SUSE Security Update: Security update for rubygem-passenger ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0042-1 Rating: moderate References: #828005 #919726 #956281 Cross-References: CVE-2013-2119 CVE-2013-4136 CVE-2015-7519 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update fixes the following security issues: - CVE-2015-7519: Passenger is not filtering environment like apache is doing (bnc#956281) - CVE-2013-4136: Fixed security issue Passenger would reuse existing server instance directories (temporary directories) which could cause Passenger to remove or overwrite files belonging to other instances. Solution: If the server instance directory already exists, it will now be removed first in order get correct directory permissions. If the directory still exists after removal, Phusion Passenger aborts to avoid writing to a directory with unexpected permissions.(bnc#919726) - CVE-2013-2119: Fixed security issue related with incorrect temporary file usage (bnc#828005) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-passenger-12303=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-passenger-12303=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-passenger-12303=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-passenger-3.0.14-0.14.1 rubygem-passenger-nginx-3.0.14-0.14.1 - SUSE Studio Onsite 1.3 (x86_64): rubygem-passenger-3.0.14-0.14.1 rubygem-passenger-nginx-3.0.14-0.14.1 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-passenger-3.0.14-0.14.1 rubygem-passenger-apache2-3.0.14-0.14.1 rubygem-passenger-nginx-3.0.14-0.14.1 References: https://www.suse.com/security/cve/CVE-2013-2119.html https://www.suse.com/security/cve/CVE-2013-4136.html https://www.suse.com/security/cve/CVE-2015-7519.html https://bugzilla.suse.com/828005 https://bugzilla.suse.com/919726 https://bugzilla.suse.com/956281 From sle-updates at lists.suse.com Thu Jan 7 07:11:33 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 15:11:33 +0100 (CET) Subject: SUSE-SU-2016:0043-1: moderate: Security update for subversion Message-ID: <20160107141133.24F8D320D8@maintenance.suse.de> SUSE Security Update: Security update for subversion ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0043-1 Rating: moderate References: #958300 Cross-References: CVE-2015-5343 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue: CVE-2015-5343: Possible remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. (bnc#958300) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-34=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-34=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libsvn_auth_gnome_keyring-1-0-1.8.10-18.2 libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-18.2 libsvn_auth_kwallet-1-0-1.8.10-18.2 libsvn_auth_kwallet-1-0-debuginfo-1.8.10-18.2 subversion-1.8.10-18.2 subversion-debuginfo-1.8.10-18.2 subversion-debugsource-1.8.10-18.2 subversion-devel-1.8.10-18.2 subversion-perl-1.8.10-18.2 subversion-perl-debuginfo-1.8.10-18.2 subversion-python-1.8.10-18.2 subversion-python-debuginfo-1.8.10-18.2 subversion-server-1.8.10-18.2 subversion-server-debuginfo-1.8.10-18.2 subversion-tools-1.8.10-18.2 subversion-tools-debuginfo-1.8.10-18.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): subversion-bash-completion-1.8.10-18.2 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libsvn_auth_gnome_keyring-1-0-1.8.10-18.2 libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.10-18.2 libsvn_auth_kwallet-1-0-1.8.10-18.2 libsvn_auth_kwallet-1-0-debuginfo-1.8.10-18.2 subversion-1.8.10-18.2 subversion-debuginfo-1.8.10-18.2 subversion-debugsource-1.8.10-18.2 subversion-devel-1.8.10-18.2 subversion-perl-1.8.10-18.2 subversion-perl-debuginfo-1.8.10-18.2 subversion-python-1.8.10-18.2 subversion-python-debuginfo-1.8.10-18.2 subversion-server-1.8.10-18.2 subversion-server-debuginfo-1.8.10-18.2 subversion-tools-1.8.10-18.2 subversion-tools-debuginfo-1.8.10-18.2 - SUSE Linux Enterprise Software Development Kit 12 (noarch): subversion-bash-completion-1.8.10-18.2 References: https://www.suse.com/security/cve/CVE-2015-5343.html https://bugzilla.suse.com/958300 From sle-updates at lists.suse.com Thu Jan 7 07:11:54 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 15:11:54 +0100 (CET) Subject: SUSE-SU-2016:0044-1: moderate: Security update for python-Django Message-ID: <20160107141154.81E40320D8@maintenance.suse.de> SUSE Security Update: Security update for python-Django ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0044-1 Rating: moderate References: #937522 #937523 #941587 #955412 Cross-References: CVE-2015-5143 CVE-2015-5144 CVE-2015-5963 CVE-2015-8213 Affected Products: SUSE Enterprise Storage 2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update fixes the following security issues: - (bnc#955412, CVE-2015-8213) Possible settings leak in date template filter - (bnc#937522, CVE-2015-5143) Possible denial-of-service in session store - (bnc#937523, CVE-2015-5144) Possible Header injection - (bnc#941587, CVE-2015-5963) Possible denial-of-service by filling session store via logout() Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 2: zypper in -t patch SUSE-Storage-2-2016-35=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 2 (noarch): python-Django-1.6.11-3.1 References: https://www.suse.com/security/cve/CVE-2015-5143.html https://www.suse.com/security/cve/CVE-2015-5144.html https://www.suse.com/security/cve/CVE-2015-5963.html https://www.suse.com/security/cve/CVE-2015-8213.html https://bugzilla.suse.com/937522 https://bugzilla.suse.com/937523 https://bugzilla.suse.com/941587 https://bugzilla.suse.com/955412 From sle-updates at lists.suse.com Thu Jan 7 07:12:45 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 15:12:45 +0100 (CET) Subject: SUSE-RU-2016:0045-1: moderate: Recommended update for ksh Message-ID: <20160107141245.6CAAD320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for ksh ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0045-1 Rating: moderate References: #887320 #924043 #924318 #926172 #934437 #953533 #954856 #955221 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes one version update. Description: This update for KSH provides the following fixes: * Fix hangs when doing command substitution in backticks with large output. (bsc#887320, bsc#926172, bsc#934437, bsc#953533, bsc#955221) * Fix file descriptor leak when doing redirects in a sub shell. (bsc#954856) * Fix job list corruption. (bsc#924318) * Fix double free if an array is turned into a compound variable and then unset. (bsc#924043) * Fix a segmentation fault with 'typeset -RF'. Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 93u]: ksh-93u-0.33.1 ksh-devel-93u-0.33.1 References: https://bugzilla.suse.com/887320 https://bugzilla.suse.com/924043 https://bugzilla.suse.com/924318 https://bugzilla.suse.com/926172 https://bugzilla.suse.com/934437 https://bugzilla.suse.com/953533 https://bugzilla.suse.com/954856 https://bugzilla.suse.com/955221 https://download.suse.com/patch/finder/?keywords=b5ad6badc1425297ce867f5fe7626324 From sle-updates at lists.suse.com Thu Jan 7 08:11:28 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 16:11:28 +0100 (CET) Subject: SUSE-RU-2016:0046-1: moderate: Recommended update for ceph Message-ID: <20160107151128.09BAA320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for ceph ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0046-1 Rating: moderate References: #954116 Affected Products: SUSE Enterprise Storage 2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Ceph has been updated to version 0.94.5, which brings several fixes and enhancements. For a comprehensive list of changes, please refer to the package's change log or the upstream release notes: - http://docs.ceph.com/docs/master/release-notes/#v0-94-5-hammer - http://docs.ceph.com/docs/master/release-notes/#v0-94-4-hammer Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 2: zypper in -t patch SUSE-Storage-2-2016-36=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 2 (x86_64): ceph-0.94.5+git.1446971359.1d0909a-7.1 ceph-common-0.94.5+git.1446971359.1d0909a-7.1 ceph-common-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 ceph-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 ceph-debugsource-0.94.5+git.1446971359.1d0909a-7.1 ceph-fuse-0.94.5+git.1446971359.1d0909a-7.1 ceph-fuse-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 ceph-radosgw-0.94.5+git.1446971359.1d0909a-7.1 ceph-radosgw-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 ceph-test-0.94.5+git.1446971359.1d0909a-7.1 ceph-test-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 libcephfs1-0.94.5+git.1446971359.1d0909a-7.1 libcephfs1-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 librados2-0.94.5+git.1446971359.1d0909a-7.1 librados2-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 libradosstriper1-0.94.5+git.1446971359.1d0909a-7.1 libradosstriper1-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 librbd1-0.94.5+git.1446971359.1d0909a-7.1 librbd1-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 python-cephfs-0.94.5+git.1446971359.1d0909a-7.1 python-rados-0.94.5+git.1446971359.1d0909a-7.1 python-rbd-0.94.5+git.1446971359.1d0909a-7.1 rbd-fuse-0.94.5+git.1446971359.1d0909a-7.1 rbd-fuse-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 rest-bench-0.94.5+git.1446971359.1d0909a-7.1 rest-bench-debuginfo-0.94.5+git.1446971359.1d0909a-7.1 References: https://bugzilla.suse.com/954116 From sle-updates at lists.suse.com Thu Jan 7 09:11:27 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 17:11:27 +0100 (CET) Subject: SUSE-SU-2016:0047-1: moderate: Security update for rubygem-activesupport-3_2 Message-ID: <20160107161127.DE97B320AA@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activesupport-3_2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0047-1 Rating: moderate References: #934800 Cross-References: CVE-2015-3227 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: rubygem-activesupport-3_2 was updated to fix one security issue. This security issue was fixed: - CVE-2015-3227: Possible Denial of Service attack in Active Support (bsc#934800). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-activesupport-3_2-12304=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-activesupport-3_2-12304=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-rubygem-activesupport-3_2-12304=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-rubygem-activesupport-3_2-12304=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-activesupport-3_2-12304=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-3_2-3.2.12-0.14.3 - SUSE Studio Onsite 1.3 (x86_64): rubygem-activesupport-3_2-3.2.12-0.14.3 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-3_2-3.2.12-0.14.3 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): rubygem-activesupport-3_2-3.2.12-0.14.3 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-activesupport-3_2-3.2.12-0.14.3 References: https://www.suse.com/security/cve/CVE-2015-3227.html https://bugzilla.suse.com/934800 From sle-updates at lists.suse.com Thu Jan 7 09:11:56 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 17:11:56 +0100 (CET) Subject: SUSE-RU-2016:0048-1: Recommended update for yast2-bootloader Message-ID: <20160107161156.61FBA320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0048-1 Rating: low References: #926843 #945479 #954412 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-bootloader provides the following fixes: - Fix validation of AutoYaST profiles. (bsc#954412) - Empty kernel command lines are now properly written. (bsc#945479) - Add missing cleaning of temporary files. (bsc#926843) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-40=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-40=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-40=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): yast2-bootloader-devel-doc-3.1.94.9-5.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): yast2-bootloader-3.1.94.9-5.2 - SUSE Linux Enterprise Desktop 12 (x86_64): yast2-bootloader-3.1.94.9-5.2 References: https://bugzilla.suse.com/926843 https://bugzilla.suse.com/945479 https://bugzilla.suse.com/954412 From sle-updates at lists.suse.com Thu Jan 7 09:12:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 17:12:44 +0100 (CET) Subject: SUSE-SU-2016:0049-1: moderate: Security update for libxml2 Message-ID: <20160107161244.AD66C320D8@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0049-1 Rating: moderate References: #928193 #951734 #951735 #954429 #956018 #956021 #956260 #957105 #957106 #957107 #957109 #957110 Cross-References: CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: - security update: This update fixes the following security issues: * CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193] * CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734] * CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735] * CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018] * CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021] * CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260] * CVE-2015-5312 Fix another entity expansion issue [bnc#957105] * CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106] * CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107] * CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109] * CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260] * CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429] * CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-38=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-38=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-38=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-38=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-38=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-38=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libxml2-debugsource-2.9.1-13.1 libxml2-devel-2.9.1-13.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libxml2-debugsource-2.9.1-13.1 libxml2-devel-2.9.1-13.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libxml2-2-2.9.1-13.1 libxml2-2-debuginfo-2.9.1-13.1 libxml2-debugsource-2.9.1-13.1 libxml2-tools-2.9.1-13.1 libxml2-tools-debuginfo-2.9.1-13.1 python-libxml2-2.9.1-13.1 python-libxml2-debuginfo-2.9.1-13.1 python-libxml2-debugsource-2.9.1-13.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libxml2-2-32bit-2.9.1-13.1 libxml2-2-debuginfo-32bit-2.9.1-13.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): libxml2-doc-2.9.1-13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libxml2-2-2.9.1-13.1 libxml2-2-debuginfo-2.9.1-13.1 libxml2-debugsource-2.9.1-13.1 libxml2-tools-2.9.1-13.1 libxml2-tools-debuginfo-2.9.1-13.1 python-libxml2-2.9.1-13.1 python-libxml2-debuginfo-2.9.1-13.1 python-libxml2-debugsource-2.9.1-13.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libxml2-2-32bit-2.9.1-13.1 libxml2-2-debuginfo-32bit-2.9.1-13.1 - SUSE Linux Enterprise Server 12 (noarch): libxml2-doc-2.9.1-13.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libxml2-2-2.9.1-13.1 libxml2-2-32bit-2.9.1-13.1 libxml2-2-debuginfo-2.9.1-13.1 libxml2-2-debuginfo-32bit-2.9.1-13.1 libxml2-debugsource-2.9.1-13.1 libxml2-tools-2.9.1-13.1 libxml2-tools-debuginfo-2.9.1-13.1 python-libxml2-2.9.1-13.1 python-libxml2-debuginfo-2.9.1-13.1 python-libxml2-debugsource-2.9.1-13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libxml2-2-2.9.1-13.1 libxml2-2-32bit-2.9.1-13.1 libxml2-2-debuginfo-2.9.1-13.1 libxml2-2-debuginfo-32bit-2.9.1-13.1 libxml2-debugsource-2.9.1-13.1 libxml2-tools-2.9.1-13.1 libxml2-tools-debuginfo-2.9.1-13.1 python-libxml2-2.9.1-13.1 python-libxml2-debuginfo-2.9.1-13.1 python-libxml2-debugsource-2.9.1-13.1 References: https://www.suse.com/security/cve/CVE-2015-1819.html https://www.suse.com/security/cve/CVE-2015-5312.html https://www.suse.com/security/cve/CVE-2015-7497.html https://www.suse.com/security/cve/CVE-2015-7498.html https://www.suse.com/security/cve/CVE-2015-7499.html https://www.suse.com/security/cve/CVE-2015-7500.html https://www.suse.com/security/cve/CVE-2015-7941.html https://www.suse.com/security/cve/CVE-2015-7942.html https://www.suse.com/security/cve/CVE-2015-8035.html https://www.suse.com/security/cve/CVE-2015-8241.html https://www.suse.com/security/cve/CVE-2015-8242.html https://www.suse.com/security/cve/CVE-2015-8317.html https://bugzilla.suse.com/928193 https://bugzilla.suse.com/951734 https://bugzilla.suse.com/951735 https://bugzilla.suse.com/954429 https://bugzilla.suse.com/956018 https://bugzilla.suse.com/956021 https://bugzilla.suse.com/956260 https://bugzilla.suse.com/957105 https://bugzilla.suse.com/957106 https://bugzilla.suse.com/957107 https://bugzilla.suse.com/957109 https://bugzilla.suse.com/957110 From sle-updates at lists.suse.com Thu Jan 7 09:15:02 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 17:15:02 +0100 (CET) Subject: SUSE-SU-2016:0050-1: moderate: Security update for libpng12 Message-ID: <20160107161502.32903320D8@maintenance.suse.de> SUSE Security Update: Security update for libpng12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0050-1 Rating: moderate References: #954980 Cross-References: CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue * CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-37=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-37=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-37=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-37=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-37=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-37=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libpng12-compat-devel-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 libpng12-devel-1.2.50-13.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libpng12-compat-devel-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 libpng12-devel-1.2.50-13.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpng12-0-1.2.50-13.1 libpng12-0-debuginfo-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libpng12-0-32bit-1.2.50-13.1 libpng12-0-debuginfo-32bit-1.2.50-13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpng12-0-1.2.50-13.1 libpng12-0-debuginfo-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libpng12-0-32bit-1.2.50-13.1 libpng12-0-debuginfo-32bit-1.2.50-13.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpng12-0-1.2.50-13.1 libpng12-0-32bit-1.2.50-13.1 libpng12-0-debuginfo-1.2.50-13.1 libpng12-0-debuginfo-32bit-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpng12-0-1.2.50-13.1 libpng12-0-32bit-1.2.50-13.1 libpng12-0-debuginfo-1.2.50-13.1 libpng12-0-debuginfo-32bit-1.2.50-13.1 libpng12-debugsource-1.2.50-13.1 References: https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Thu Jan 7 09:15:32 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 17:15:32 +0100 (CET) Subject: SUSE-RU-2016:0051-1: Recommended update for pesign-obs-integration Message-ID: <20160107161532.8EA37320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for pesign-obs-integration ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0051-1 Rating: low References: #905420 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pesign-obs-integration provides the following fixes: - Add support for file verify flags. (bsc#905420) - Sort the parts of the repackage spec file for easier debugging. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-pesign-obs-integration-12305=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-pesign-obs-integration-12305=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-pesign-obs-integration-12305=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-pesign-obs-integration-12305=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-pesign-obs-integration-12305=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): pesign-obs-integration-10.0-0.24.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): pesign-obs-integration-10.0-0.24.3 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): pesign-obs-integration-10.0-0.24.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): pesign-obs-integration-10.0-0.24.3 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): pesign-obs-integration-10.0-0.24.3 References: https://bugzilla.suse.com/905420 From sle-updates at lists.suse.com Thu Jan 7 14:10:52 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 7 Jan 2016 22:10:52 +0100 (CET) Subject: SUSE-RU-2016:0053-1: Recommended update for yast2-services-manager Message-ID: <20160107211052.BF0E2320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-services-manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0053-1 Rating: low References: #909745 #909768 #954412 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for yast2-services-manager provides the following fixes: - Add X-SuSE-YaST-AutoInstSchema declaration so services-manager.rnc could be included in yast2-schema. Fixes validation of AutoYaST profiles. (bsc#954412) - Move code from autoyast2 package to import function of services_manager_target. (bsc#909745) - AutoYaST import: initialize Yast::I18n correctly. (bsc#909768) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-42=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-42=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (noarch): yast2-services-manager-3.1.34.4-7.3.1 - SUSE Linux Enterprise Desktop 12 (noarch): yast2-services-manager-3.1.34.4-7.3.1 References: https://bugzilla.suse.com/909745 https://bugzilla.suse.com/909768 https://bugzilla.suse.com/954412 From sle-updates at lists.suse.com Fri Jan 8 08:12:12 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 16:12:12 +0100 (CET) Subject: SUSE-RU-2016:0055-1: Recommended update for python-httplib2 Message-ID: <20160108151212.3C297320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-httplib2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0055-1 Rating: low References: #954690 Affected Products: SUSE OpenStack Cloud Compute 5 SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The Python module httplib2 has been updated to version 0.9.2, which brings some fixes and enhancements: - Fix incorrect ResponseNotReady exceptions, retry on transient errors. - Fix a problem with headers when a binary string - like b'Authorization'- is passed. - Default to doing DNS resolution through a proxy server if present. - Add an updated cacerts.txt file and fix some tests. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2016-43=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-43=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-httplib2-0.9.2-6.1 - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-httplib2-0.9.2-6.1 References: https://bugzilla.suse.com/954690 From sle-updates at lists.suse.com Fri Jan 8 08:12:40 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 16:12:40 +0100 (CET) Subject: SUSE-RU-2016:0056-1: moderate: Recommended update for sg3_utils Message-ID: <20160108151240.184C0320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0056-1 Rating: moderate References: #949796 #955222 #955856 #956815 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for sg3_utils provides the following fixes: - Always set ID_WWN_WITH_EXTENSION, as expected by udev. (bsc#949796) - Fix sg_inq to deal with invalid strings in inquiry data. (bsc#956815) - Fix rescan-scsi-bus.sh to use safe temporary files. (bsc#955856) - Correctly quote $MULTIPATH in rescan-scsi-bus.sh. (bsc#955222) - Read VPD pages from sysfs. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-44=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-44=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-44=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libsgutils-devel-1.41-5.1 sg3_utils-debuginfo-1.41-5.1 sg3_utils-debugsource-1.41-5.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libsgutils2-2-1.41-5.1 libsgutils2-2-debuginfo-1.41-5.1 sg3_utils-1.41-5.1 sg3_utils-debuginfo-1.41-5.1 sg3_utils-debugsource-1.41-5.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libsgutils2-2-1.41-5.1 libsgutils2-2-debuginfo-1.41-5.1 sg3_utils-1.41-5.1 sg3_utils-debuginfo-1.41-5.1 sg3_utils-debugsource-1.41-5.1 References: https://bugzilla.suse.com/949796 https://bugzilla.suse.com/955222 https://bugzilla.suse.com/955856 https://bugzilla.suse.com/956815 From sle-updates at lists.suse.com Fri Jan 8 08:13:49 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 16:13:49 +0100 (CET) Subject: SUSE-RU-2016:0057-1: moderate: Recommended update for gcr, gnome-keyring, libgcrypt, libsecret Message-ID: <20160108151349.71827320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for gcr, gnome-keyring, libgcrypt, libsecret ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0057-1 Rating: moderate References: #932232 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for gcr, gnome-keyring, libgcrypt, libsecret fixes issues when the system operates in FIPS mode. The various GNOME libraries and tool have been changed to use the default libgcrypt allocators. GNOME keyring was changed not to use MD5 anymore. libgcrypt was adjusted to free the DRBG on exit to avoid crashes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-46=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-46=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-46=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-46=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-46=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-46=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-46=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-46=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libgck-1-0-32bit-3.10.1-3.12 libgck-1-0-debuginfo-32bit-3.10.1-3.12 libgcr-3-1-32bit-3.10.1-3.12 libgcr-3-1-debuginfo-32bit-3.10.1-3.12 libsecret-debugsource-0.18-3.3 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libgck-1-0-32bit-3.10.1-3.12 libgck-1-0-debuginfo-32bit-3.10.1-3.12 libgcr-3-1-32bit-3.10.1-3.12 libgcr-3-1-debuginfo-32bit-3.10.1-3.12 libsecret-debugsource-0.18-3.3 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gcr-debugsource-3.10.1-3.12 libgck-devel-3.10.1-3.12 libgcr-devel-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt-devel-1.6.1-16.21.1 libgcrypt-devel-debuginfo-1.6.1-16.21.1 libsecret-debugsource-0.18-3.3 libsecret-devel-0.18-3.3 typelib-1_0-GcrUi-3-3.10.1-3.12 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gcr-debugsource-3.10.1-3.12 libgck-devel-3.10.1-3.12 libgcr-devel-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt-devel-1.6.1-16.21.1 libgcrypt-devel-debuginfo-1.6.1-16.21.1 libsecret-debugsource-0.18-3.3 libsecret-devel-0.18-3.3 typelib-1_0-GcrUi-3-3.10.1-3.12 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gcr-data-3.10.1-3.12 gcr-debugsource-3.10.1-3.12 gcr-prompter-3.10.1-3.12 gcr-prompter-debuginfo-3.10.1-3.12 gnome-keyring-3.10.1-14.2 gnome-keyring-debuginfo-3.10.1-14.2 gnome-keyring-debugsource-3.10.1-14.2 gnome-keyring-pam-3.10.1-14.2 gnome-keyring-pam-debuginfo-3.10.1-14.2 libgck-1-0-3.10.1-3.12 libgck-1-0-debuginfo-3.10.1-3.12 libgck-modules-gnome-keyring-3.10.1-14.2 libgck-modules-gnome-keyring-debuginfo-3.10.1-14.2 libgcr-3-1-3.10.1-3.12 libgcr-3-1-debuginfo-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt20-1.6.1-16.21.1 libgcrypt20-debuginfo-1.6.1-16.21.1 libgcrypt20-hmac-1.6.1-16.21.1 libsecret-1-0-0.18-3.3 libsecret-1-0-debuginfo-0.18-3.3 libsecret-debugsource-0.18-3.3 typelib-1_0-Gck-1-3.10.1-3.12 typelib-1_0-Gcr-3-3.10.1-3.12 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): gnome-keyring-32bit-3.10.1-14.2 gnome-keyring-debuginfo-32bit-3.10.1-14.2 gnome-keyring-pam-32bit-3.10.1-14.2 gnome-keyring-pam-debuginfo-32bit-3.10.1-14.2 libgcrypt20-32bit-1.6.1-16.21.1 libgcrypt20-debuginfo-32bit-1.6.1-16.21.1 libgcrypt20-hmac-32bit-1.6.1-16.21.1 libsecret-1-0-32bit-0.18-3.3 libsecret-1-0-debuginfo-32bit-0.18-3.3 - SUSE Linux Enterprise Server 12-SP1 (noarch): gcr-lang-3.10.1-3.12 gnome-keyring-lang-3.10.1-14.2 libsecret-lang-0.18-3.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gcr-data-3.10.1-3.12 gcr-debugsource-3.10.1-3.12 gcr-prompter-3.10.1-3.12 gcr-prompter-debuginfo-3.10.1-3.12 gnome-keyring-3.10.1-14.2 gnome-keyring-debuginfo-3.10.1-14.2 gnome-keyring-debugsource-3.10.1-14.2 gnome-keyring-pam-3.10.1-14.2 gnome-keyring-pam-debuginfo-3.10.1-14.2 libgck-1-0-3.10.1-3.12 libgck-1-0-debuginfo-3.10.1-3.12 libgck-modules-gnome-keyring-3.10.1-14.2 libgck-modules-gnome-keyring-debuginfo-3.10.1-14.2 libgcr-3-1-3.10.1-3.12 libgcr-3-1-debuginfo-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt20-1.6.1-16.21.1 libgcrypt20-debuginfo-1.6.1-16.21.1 libgcrypt20-hmac-1.6.1-16.21.1 libsecret-1-0-0.18-3.3 libsecret-1-0-debuginfo-0.18-3.3 libsecret-debugsource-0.18-3.3 typelib-1_0-Gck-1-3.10.1-3.12 typelib-1_0-Gcr-3-3.10.1-3.12 - SUSE Linux Enterprise Server 12 (s390x x86_64): gnome-keyring-32bit-3.10.1-14.2 gnome-keyring-debuginfo-32bit-3.10.1-14.2 gnome-keyring-pam-32bit-3.10.1-14.2 gnome-keyring-pam-debuginfo-32bit-3.10.1-14.2 libgcrypt20-32bit-1.6.1-16.21.1 libgcrypt20-debuginfo-32bit-1.6.1-16.21.1 libgcrypt20-hmac-32bit-1.6.1-16.21.1 libsecret-1-0-32bit-0.18-3.3 libsecret-1-0-debuginfo-32bit-0.18-3.3 - SUSE Linux Enterprise Server 12 (noarch): gcr-lang-3.10.1-3.12 gnome-keyring-lang-3.10.1-14.2 libsecret-lang-0.18-3.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gcr-data-3.10.1-3.12 gcr-debugsource-3.10.1-3.12 gcr-prompter-3.10.1-3.12 gcr-prompter-debuginfo-3.10.1-3.12 gnome-keyring-3.10.1-14.2 gnome-keyring-32bit-3.10.1-14.2 gnome-keyring-debuginfo-3.10.1-14.2 gnome-keyring-debuginfo-32bit-3.10.1-14.2 gnome-keyring-debugsource-3.10.1-14.2 gnome-keyring-pam-3.10.1-14.2 gnome-keyring-pam-32bit-3.10.1-14.2 gnome-keyring-pam-debuginfo-3.10.1-14.2 gnome-keyring-pam-debuginfo-32bit-3.10.1-14.2 libgck-1-0-3.10.1-3.12 libgck-1-0-32bit-3.10.1-3.12 libgck-1-0-debuginfo-3.10.1-3.12 libgck-1-0-debuginfo-32bit-3.10.1-3.12 libgck-modules-gnome-keyring-3.10.1-14.2 libgck-modules-gnome-keyring-debuginfo-3.10.1-14.2 libgcr-3-1-3.10.1-3.12 libgcr-3-1-32bit-3.10.1-3.12 libgcr-3-1-debuginfo-3.10.1-3.12 libgcr-3-1-debuginfo-32bit-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt20-1.6.1-16.21.1 libgcrypt20-32bit-1.6.1-16.21.1 libgcrypt20-debuginfo-1.6.1-16.21.1 libgcrypt20-debuginfo-32bit-1.6.1-16.21.1 libsecret-1-0-0.18-3.3 libsecret-1-0-32bit-0.18-3.3 libsecret-1-0-debuginfo-0.18-3.3 libsecret-1-0-debuginfo-32bit-0.18-3.3 libsecret-debugsource-0.18-3.3 typelib-1_0-Gck-1-3.10.1-3.12 typelib-1_0-Gcr-3-3.10.1-3.12 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gcr-lang-3.10.1-3.12 gnome-keyring-lang-3.10.1-14.2 libsecret-lang-0.18-3.3 - SUSE Linux Enterprise Desktop 12 (x86_64): gcr-data-3.10.1-3.12 gcr-debugsource-3.10.1-3.12 gcr-prompter-3.10.1-3.12 gcr-prompter-debuginfo-3.10.1-3.12 gnome-keyring-3.10.1-14.2 gnome-keyring-32bit-3.10.1-14.2 gnome-keyring-debuginfo-3.10.1-14.2 gnome-keyring-debuginfo-32bit-3.10.1-14.2 gnome-keyring-debugsource-3.10.1-14.2 gnome-keyring-pam-3.10.1-14.2 gnome-keyring-pam-32bit-3.10.1-14.2 gnome-keyring-pam-debuginfo-3.10.1-14.2 gnome-keyring-pam-debuginfo-32bit-3.10.1-14.2 libgck-1-0-3.10.1-3.12 libgck-1-0-32bit-3.10.1-3.12 libgck-1-0-debuginfo-3.10.1-3.12 libgck-1-0-debuginfo-32bit-3.10.1-3.12 libgck-modules-gnome-keyring-3.10.1-14.2 libgck-modules-gnome-keyring-debuginfo-3.10.1-14.2 libgcr-3-1-3.10.1-3.12 libgcr-3-1-32bit-3.10.1-3.12 libgcr-3-1-debuginfo-3.10.1-3.12 libgcr-3-1-debuginfo-32bit-3.10.1-3.12 libgcrypt-debugsource-1.6.1-16.21.1 libgcrypt20-1.6.1-16.21.1 libgcrypt20-32bit-1.6.1-16.21.1 libgcrypt20-debuginfo-1.6.1-16.21.1 libgcrypt20-debuginfo-32bit-1.6.1-16.21.1 libsecret-1-0-0.18-3.3 libsecret-1-0-32bit-0.18-3.3 libsecret-1-0-debuginfo-0.18-3.3 libsecret-1-0-debuginfo-32bit-0.18-3.3 libsecret-debugsource-0.18-3.3 typelib-1_0-Gck-1-3.10.1-3.12 typelib-1_0-Gcr-3-3.10.1-3.12 typelib-1_0-Secret-1-0.18-3.3 - SUSE Linux Enterprise Desktop 12 (noarch): gcr-lang-3.10.1-3.12 gnome-keyring-lang-3.10.1-14.2 libsecret-lang-0.18-3.3 References: https://bugzilla.suse.com/932232 From sle-updates at lists.suse.com Fri Jan 8 08:14:31 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 16:14:31 +0100 (CET) Subject: SUSE-RU-2016:0058-1: moderate: Recommended update for sg3_utils Message-ID: <20160108151431.BC512320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0058-1 Rating: moderate References: #943817 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sg3_utils fixes the following issues: - Fix regular expression in rescan-scsi-bus.sh to not produce strings with white spaces. (bsc#943817) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sg3_utils-12306=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sg3_utils-12306=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-sg3_utils-12306=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sg3_utils-12306=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-devel-1.40-0.18.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-1.40-0.18.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): sg3_utils-1.40-0.18.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sg3_utils-debuginfo-1.40-0.18.1 sg3_utils-debugsource-1.40-0.18.1 References: https://bugzilla.suse.com/943817 From sle-updates at lists.suse.com Fri Jan 8 10:11:32 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 18:11:32 +0100 (CET) Subject: SUSE-RU-2016:0059-1: moderate: Recommended update for open-iscsi Message-ID: <20160108171132.41808320AA@maintenance.suse.de> SUSE Recommended Update: Recommended update for open-iscsi ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0059-1 Rating: moderate References: #950441 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for open-iscsi provides the following fixes: - Convert iscsiadm's '-r' argument to an integer before checking if it is a path. (bsc#950441) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-open-iscsi-12307=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-open-iscsi-12307=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-open-iscsi-12307=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-2.0.873-0.41.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): open-iscsi-2.0.873-0.41.3 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): open-iscsi-debuginfo-2.0.873-0.41.3 open-iscsi-debugsource-2.0.873-0.41.3 References: https://bugzilla.suse.com/950441 From sle-updates at lists.suse.com Fri Jan 8 10:12:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 18:12:08 +0100 (CET) Subject: SUSE-RU-2016:0060-1: moderate: Recommended update for open-iscsi Message-ID: <20160108171208.A5B9D320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for open-iscsi ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0060-1 Rating: moderate References: #950249 #950441 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for open-iscsi provides the following fixes: - Convert iscsiadm's '-r' argument to an integer before checking if it is a path. (bsc#950441) - Add two enums to sync iscsi_if.h with kernel, for support of IB/iSER. (bsc#950249) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-open-iscsi-12308=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-open-iscsi-12308=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-open-iscsi-12308=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-open-iscsi-12308=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): open-iscsi-2.0.873-0.37.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): open-iscsi-2.0.873-0.37.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): open-iscsi-2.0.873-0.37.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): open-iscsi-debuginfo-2.0.873-0.37.2 open-iscsi-debugsource-2.0.873-0.37.2 References: https://bugzilla.suse.com/950249 https://bugzilla.suse.com/950441 From sle-updates at lists.suse.com Fri Jan 8 11:11:32 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 8 Jan 2016 19:11:32 +0100 (CET) Subject: SUSE-SU-2016:0061-1: moderate: Security update for libpng12-0 Message-ID: <20160108181132.3128D320AA@maintenance.suse.de> SUSE Security Update: Security update for libpng12-0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0061-1 Rating: moderate References: #954980 Cross-References: CVE-2015-8126 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: - security update: This update fixes the following securit issue: * CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libpng12-0-12309=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libpng12-0-12309=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libpng12-0-12309=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libpng12-0-12309=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libpng12-0-12309=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libpng12-0-12309=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libpng12-0-12309=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libpng12-0-12309=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libpng12-0-12309=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.38.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.38.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libpng12-0-1.2.31-5.38.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libpng12-0-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libpng12-0-x86-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libpng12-0-x86-1.2.31-5.38.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libpng12-0-1.2.31-5.38.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libpng12-0-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libpng12-0-1.2.31-5.38.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libpng12-0-32bit-1.2.31-5.38.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-debuginfo-1.2.31-5.38.1 libpng12-0-debugsource-1.2.31-5.38.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libpng12-0-debuginfo-1.2.31-5.38.1 libpng12-0-debugsource-1.2.31-5.38.1 References: https://www.suse.com/security/cve/CVE-2015-8126.html https://bugzilla.suse.com/954980 From sle-updates at lists.suse.com Sat Jan 9 01:05:20 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 Jan 2016 09:05:20 +0100 (CET) Subject: SUSE-RU-2016:0062-1: moderate: Recommended update for SUSE Manager Server 3 Message-ID: <20160109080520.F1C7D320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0062-1 Rating: moderate References: #955577 #956002 #956613 #956724 #959560 #959572 #959585 #959670 #960035 Affected Products: SUSE Manager Server 3.0 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: This update for SUSE Manager Server 3 fixes the following issues: salt: - Update zypper-utf-8.patch for Python 2.6. - Require glibc-locale. (bsc#959572) spacecmd: - Build spacecmd noarch only on new systems. spacewalk-backend: - Update CPU only if it has changed. - Set "last_boot" and "os" for the host. - Read SystemInfomation, create a foreign mainframe system and link to virtual instance. - Add "mainframe_sysinfo" capability. spacewalk-branding: - Add "Manage Package States" to the packages index page. spacewalk-java: - Fix list-key-name. (bsc#956613) - Ignore cookies from SCC. (bsc#959585) - SP migration: use correct CSS path. (bsc#956613) - Add/Refactor equals() and hashCode() for Credentials and CredentialsType. - Fix hibernate exception when refreshing subscriptions. - Delete also subscriptions with null credentials on refresh. - Make available packages search case insensitive. - Add subscriptions and orders data files. - Package release cannot be NULL. Use "0" if none is provided by salt. (bsc#960035) - Set a generated jid to the tokens. - Minion crashes on reg if getting DMI fails. (bsc#959670) - Add "Manage Package States" to the packages index page. - Enable the "Software Channels" tab for all salt clients. - Return empty map if no dmi records. - Fix markup after merge error. - Fill General and DMI hw info on minion reg. - Fix internal Server Error for Schedule > Completed Actions. (bsc#956002) spacewalk-utils: - Add delimiter option for spacewalk-manage-channel-lifecycle. spacewalk-web: - Fix list-key-name. (bsc#956613) - Add feedback for failure/success and waiting states. - Fix changed view behavior. - Update package states in all views after save. - Reuse local search results if search term does not change. subscription-matcher: - Product names not correct in the CSV report. - Return correct matches when many systems are involved. - Logging improvements. - Handle free products and systems with no products correctly. - Man page updated. - Handle systems without hosts or CPU information gracefully. susemanager: - Remove reference to mgr-sync on setup finish screen. (bsc#955577) susemanager-sls: - Fill General and DMI hw info on minion registration. susemanager-sync-data: - Add IBM-DLPAR repos to SLES12 SP1. - Add support for SUSE-Manager-Proxy-3. (bsc#959560) - Remove SUSE Manager Server 2.1. (bsc#959560) - Add Containers Module for s390x and ppc64le. (bsc#956724) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2016-51=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (x86_64): salt-2015.8.3-3.3 salt-api-2015.8.3-3.3 salt-doc-2015.8.3-3.3 salt-master-2015.8.3-3.3 salt-minion-2015.8.3-3.3 salt-proxy-2015.8.3-3.3 salt-ssh-2015.8.3-3.3 salt-syndic-2015.8.3-3.3 spacewalk-branding-2.5.1.3-3.2 susemanager-3.0.7-3.2 susemanager-tools-3.0.7-3.2 - SUSE Manager Server 3.0 (noarch): salt-bash-completion-2015.8.3-3.3 salt-zsh-completion-2015.8.3-3.3 spacecmd-2.5.1.2-3.2 spacewalk-backend-2.5.8.2-3.2 spacewalk-backend-app-2.5.8.2-3.2 spacewalk-backend-applet-2.5.8.2-3.2 spacewalk-backend-config-files-2.5.8.2-3.2 spacewalk-backend-config-files-common-2.5.8.2-3.2 spacewalk-backend-config-files-tool-2.5.8.2-3.2 spacewalk-backend-iss-2.5.8.2-3.2 spacewalk-backend-iss-export-2.5.8.2-3.2 spacewalk-backend-libs-2.5.8.2-3.2 spacewalk-backend-package-push-server-2.5.8.2-3.2 spacewalk-backend-server-2.5.8.2-3.2 spacewalk-backend-sql-2.5.8.2-3.2 spacewalk-backend-sql-postgresql-2.5.8.2-3.2 spacewalk-backend-tools-2.5.8.2-3.2 spacewalk-backend-xml-export-libs-2.5.8.2-3.2 spacewalk-backend-xmlrpc-2.5.8.2-3.2 spacewalk-base-2.5.6.2-3.2 spacewalk-base-minimal-2.5.6.2-3.2 spacewalk-base-minimal-config-2.5.6.2-3.2 spacewalk-html-2.5.6.2-3.2 spacewalk-java-2.5.26.2-3.7 spacewalk-java-config-2.5.26.2-3.7 spacewalk-java-lib-2.5.26.2-3.7 spacewalk-java-postgresql-2.5.26.2-3.7 spacewalk-taskomatic-2.5.26.2-3.7 spacewalk-utils-2.5.3.2-3.2 subscription-matcher-0.9-3.2 susemanager-sls-0.1.4-3.2 susemanager-sync-data-3.0.4-3.2 References: https://bugzilla.suse.com/955577 https://bugzilla.suse.com/956002 https://bugzilla.suse.com/956613 https://bugzilla.suse.com/956724 https://bugzilla.suse.com/959560 https://bugzilla.suse.com/959572 https://bugzilla.suse.com/959585 https://bugzilla.suse.com/959670 https://bugzilla.suse.com/960035 From sle-updates at lists.suse.com Sat Jan 9 01:09:53 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 Jan 2016 09:09:53 +0100 (CET) Subject: SUSE-RU-2016:0063-1: Recommended update for yast2-printer Message-ID: <20160109080953.C7068320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-printer ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0063-1 Rating: low References: #805275 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-printer provides the following fixes: - Add X-SuSE-YaST-AutoInstSchema declaration so printer.rnc could be included in yast2-schema package. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-yast2-printer-12310=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-yast2-printer-12310=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-printer-12310=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-printer-12310=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-printer-12310=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-printer-12310=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-printer-12310=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): yast2-printer-devel-doc-2.17.64-4.4 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-printer-devel-doc-2.17.64-4.4 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): yast2-printer-2.17.64-4.4 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): yast2-printer-2.17.64-4.4 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-printer-2.17.64-4.4 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): yast2-printer-2.17.64-4.4 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): yast2-printer-2.17.64-4.4 References: https://bugzilla.suse.com/805275 From sle-updates at lists.suse.com Sat Jan 9 01:10:46 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 9 Jan 2016 09:10:46 +0100 (CET) Subject: SUSE-RU-2016:0064-1: moderate: Recommended update for SUSE Manager Proxy 3 Message-ID: <20160109081046.9B4E0320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0064-1 Rating: moderate References: #954602 #956613 #959572 Affected Products: SUSE Manager Proxy 3.0 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for SUSE Manager Proxy 3 fixes the following issues: salt: - Update zypper-utf-8.patch for Python 2.6. - Require glibc-locale. (bsc#959572) spacewalk-backend: - Update CPU only if it has changed. - Set "last_boot" and "os" for the host. - Read SystemInfomation, create a foreign mainframe system and link to virtual instance. - Add "mainframe_sysinfo" capability. spacewalk-web: - Fix list-key-name. (bsc#956613) - Add feedback for failure/success and waiting states. - Fix changed view behavior. - Update package states in all views after save. - Reuse local search results if search term does not change. How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2016-51=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 3.0 (x86_64): salt-2015.8.3-3.3 salt-api-2015.8.3-3.3 salt-doc-2015.8.3-3.3 salt-master-2015.8.3-3.3 salt-minion-2015.8.3-3.3 salt-proxy-2015.8.3-3.3 salt-ssh-2015.8.3-3.3 salt-syndic-2015.8.3-3.3 - SUSE Manager Proxy 3.0 (noarch): salt-bash-completion-2015.8.3-3.3 salt-zsh-completion-2015.8.3-3.3 spacewalk-backend-2.5.8.2-3.2 spacewalk-backend-libs-2.5.8.2-3.2 spacewalk-base-minimal-2.5.6.2-3.2 spacewalk-base-minimal-config-2.5.6.2-3.2 References: https://bugzilla.suse.com/954602 https://bugzilla.suse.com/956613 https://bugzilla.suse.com/959572 From sle-updates at lists.suse.com Mon Jan 11 11:11:26 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Jan 2016 19:11:26 +0100 (CET) Subject: SUSE-RU-2016:0076-1: Recommended update for pesign-obs-integration Message-ID: <20160111181126.6D075320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for pesign-obs-integration ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0076-1 Rating: low References: #961042 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for pesign-obs-integration fixes the following issues: - Use "md5" instead of "filedigest" in %verify flags. (bsc#961042) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-pesign-obs-integration-12311=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-pesign-obs-integration-12311=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-pesign-obs-integration-12311=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-pesign-obs-integration-12311=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-pesign-obs-integration-12311=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): pesign-obs-integration-10.0-0.28.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): pesign-obs-integration-10.0-0.28.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): pesign-obs-integration-10.0-0.28.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): pesign-obs-integration-10.0-0.28.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): pesign-obs-integration-10.0-0.28.1 References: https://bugzilla.suse.com/961042 From sle-updates at lists.suse.com Mon Jan 11 12:11:24 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Jan 2016 20:11:24 +0100 (CET) Subject: SUSE-SU-2016:0077-1: moderate: Security update for gnutls Message-ID: <20160111191124.6BFA8320AA@maintenance.suse.de> SUSE Security Update: Security update for gnutls ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0077-1 Rating: moderate References: #924828 #947271 #957568 Cross-References: CVE-2015-2806 CVE-2015-8313 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for gnutls fixes the following security issues: - CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568) - CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-gnutls-12312=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-gnutls-12312=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-gnutls-12312=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-gnutls-12312=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-gnutls-12312=1 - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-gnutls-12312=1 - SUSE Linux Enterprise High Availability Extension 11-SP3: zypper in -t patch slehasp3-gnutls-12312=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-gnutls-12312=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-gnutls-12312=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-gnutls-12312=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-gnutls-12312=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgnutls-devel-2.4.1-24.39.60.1 libgnutls-extra-devel-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libgnutls-devel-2.4.1-24.39.60.1 libgnutls-extra-devel-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): gnutls-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libgnutls26-32bit-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): gnutls-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libgnutls26-32bit-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libgnutls26-x86-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): gnutls-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libgnutls26-32bit-2.4.1-24.39.60.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libgnutls26-x86-2.4.1-24.39.60.1 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgnutls-extra26-2.4.1-24.39.60.1 - SUSE Linux Enterprise High Availability Extension 11-SP3 (i586 ia64 ppc64 s390x x86_64): libgnutls-extra26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): gnutls-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libgnutls26-32bit-2.4.1-24.39.60.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): gnutls-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libgnutls26-32bit-2.4.1-24.39.60.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): gnutls-debuginfo-2.4.1-24.39.60.1 gnutls-debugsource-2.4.1-24.39.60.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): gnutls-debuginfo-2.4.1-24.39.60.1 gnutls-debugsource-2.4.1-24.39.60.1 References: https://www.suse.com/security/cve/CVE-2015-2806.html https://www.suse.com/security/cve/CVE-2015-8313.html https://bugzilla.suse.com/924828 https://bugzilla.suse.com/947271 https://bugzilla.suse.com/957568 From sle-updates at lists.suse.com Mon Jan 11 13:11:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 11 Jan 2016 21:11:05 +0100 (CET) Subject: SUSE-RU-2016:0078-1: Recommended update for crowbar-barclamp-glance and crowbar-barclamp-heat Message-ID: <20160111201105.89918320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-glance and crowbar-barclamp-heat ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0078-1 Rating: low References: #950187 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar-barclamp-glance and crowbar-barclamp-heat provides various fixes and improvements. crowbar-barclamp-glance: - Align identity_uri value with what is used for all other services. - Allow switching the Keystone API version. - Set swift_store_auth_version correctly for keystone v3. - Make max_header_line configurable. crowbar-barclamp-heat: - Allow switching the Keystone API version. - Make max_header_line configurable. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-heat-glance-201510-12313=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-glance-1.9+git.1440076184.b4efb7c-13.2 crowbar-barclamp-heat-1.9+git.1440076200.80d8c67-12.2 References: https://bugzilla.suse.com/950187 From sle-updates at lists.suse.com Tue Jan 12 07:12:01 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 15:12:01 +0100 (CET) Subject: SUSE-RU-2016:0080-1: Recommended update for yast2-audit-laf Message-ID: <20160112141201.3A835320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-audit-laf ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0080-1 Rating: low References: #702654 #805275 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-audit-laf provides the following fixes: - Add X-SuSE-YaST-AutoInstSchema declaration so audit-laf.rnc could be included in yast2-schema package. (bsc#805275) - Typos corrected in help text. (bsc#702654) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-audit-laf-12315=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-audit-laf-12315=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-audit-laf-12315=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-audit-laf-12315=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-audit-laf-12315=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): yast2-audit-laf-2.17.11-4.3 - SUSE Linux Enterprise Server 11-SP4 (noarch): yast2-audit-laf-2.17.11-4.3 - SUSE Linux Enterprise Server 11-SP3 (noarch): yast2-audit-laf-2.17.11-4.3 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): yast2-audit-laf-2.17.11-4.3 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): yast2-audit-laf-2.17.11-4.3 References: https://bugzilla.suse.com/702654 https://bugzilla.suse.com/805275 From sle-updates at lists.suse.com Tue Jan 12 07:12:53 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 15:12:53 +0100 (CET) Subject: SUSE-RU-2016:0081-1: moderate: Recommended update for openCryptoki Message-ID: <20160112141253.6EF80320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openCryptoki ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0081-1 Rating: moderate References: #957910 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openCryptoki fixes the following issues: - Removed %ghost keyword from /var/lock/* directories. - Added ep11tok, lite and icsf directories to /var/lock/openCryptoki. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-openCryptoki-12316=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openCryptoki-12316=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openCryptoki-12316=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): openCryptoki-devel-3.2-0.21.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): openCryptoki-3.2-0.21.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390 s390x x86_64): openCryptoki-3.2-0.21.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): openCryptoki-64bit-3.2-0.21.1 - SUSE Linux Enterprise Server 11-SP4 (i586 s390): openCryptoki-32bit-3.2-0.21.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): openCryptoki-debuginfo-3.2-0.21.1 openCryptoki-debugsource-3.2-0.21.1 References: https://bugzilla.suse.com/957910 From sle-updates at lists.suse.com Tue Jan 12 07:13:22 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 15:13:22 +0100 (CET) Subject: SUSE-SU-2016:0082-1: moderate: Security update for rubygem-activesupport-4_1 Message-ID: <20160112141322.BC30C320E8@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activesupport-4_1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0082-1 Rating: moderate References: #934799 #934800 Cross-References: CVE-2015-3226 CVE-2015-3227 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes the following security issues: - CVE-2015-3227: Possible Denial of Service attack in Active Support (bnc#934800) - CVE-2015-3226: XSS Vulnerability in ActiveSupport::JSON (bnc#934799) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-rubygem-activesupport-4_1-12314=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): ruby2.1-rubygem-activesupport-4_1-4.1.9-9.2 References: https://www.suse.com/security/cve/CVE-2015-3226.html https://www.suse.com/security/cve/CVE-2015-3227.html https://bugzilla.suse.com/934799 https://bugzilla.suse.com/934800 From sle-updates at lists.suse.com Tue Jan 12 07:13:56 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 15:13:56 +0100 (CET) Subject: SUSE-OU-2016:0083-1: Initial release of SLES 12-SP1 Docker image Message-ID: <20160112141356.36A20320E8@maintenance.suse.de> SUSE Optional Update: Initial release of SLES 12-SP1 Docker image ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0083-1 Rating: low References: #960605 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides the initial version of the SUSE Linux Enterprise Server 12 SP1 Docker image. The following package has been added to the Containers Module: sles12sp1-docker-image. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-59=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le): sles12sp1-docker-image-1.0.3-20160105173720 - SUSE Linux Enterprise Module for Containers 12 (x86_64): sles12sp1-docker-image-1.0.3-20160105173704 - SUSE Linux Enterprise Module for Containers 12 (s390x): sles12sp1-docker-image-1.0.3-20160105173907 References: https://bugzilla.suse.com/960605 From sle-updates at lists.suse.com Tue Jan 12 09:12:04 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 17:12:04 +0100 (CET) Subject: SUSE-RU-2016:0085-1: Recommended update for suse-xsl-stylesheets Message-ID: <20160112161204.42FE8320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-xsl-stylesheets ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0085-1 Rating: low References: #929630 #954969 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for suse-xsl-stylesheets provides the following fixes: - Fix wrong company name displayed in PDF builds. (bsc#929630) - Make sure that FOP does not cut off long admonitions. - Make sure that the string "Publication Date" is always capitalized. - Add Hungarian translation for "Publication Date" string. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-60=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): suse-xsl-stylesheets-2.0.3.2-3.2 References: https://bugzilla.suse.com/929630 https://bugzilla.suse.com/954969 From sle-updates at lists.suse.com Tue Jan 12 11:11:59 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 19:11:59 +0100 (CET) Subject: SUSE-RU-2016:0086-1: Recommended update for deltarpm Message-ID: <20160112181159.3CBA9320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for deltarpm ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0086-1 Rating: low References: #948504 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for deltarpm provides the following fixes: - Fix off-by-one error in delta generation code which could lead to a segmentation fault in some rare circumstances. (bsc#948504) - Return error rather than crashing if memory allocation fails. - Add newline in missing prelink error. - Do not finish applydeltarpm jobs when in the middle of a request. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-61=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-61=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-61=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-61=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-61=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-61=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 python-deltarpm-3.6.1-5.1 python-deltarpm-debuginfo-3.6.1-5.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 python-deltarpm-3.6.1-5.1 python-deltarpm-debuginfo-3.6.1-5.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): deltarpm-3.6.1-5.1 deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 python-deltarpm-3.6.1-5.1 python-deltarpm-debuginfo-3.6.1-5.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): deltarpm-3.6.1-5.1 deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 python-deltarpm-3.6.1-5.1 python-deltarpm-debuginfo-3.6.1-5.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): deltarpm-3.6.1-5.1 deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 - SUSE Linux Enterprise Desktop 12 (x86_64): deltarpm-3.6.1-5.1 deltarpm-debuginfo-3.6.1-5.1 deltarpm-debugsource-3.6.1-5.1 References: https://bugzilla.suse.com/948504 From sle-updates at lists.suse.com Tue Jan 12 11:12:27 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 19:12:27 +0100 (CET) Subject: SUSE-RU-2016:0087-1: Recommended update for gnome-shell Message-ID: <20160112181227.E63AC320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-shell ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0087-1 Rating: low References: #875481 #939315 #940159 #948802 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for gnome-shell provides the following fixes: - Prevent flickering on non-primary monitors when unlocking the screen lock. (bsc#939315) - Fix icon misalignment in user logout screen. (bsc#948802) - Fix black screen when switching virtual terminals after user logged off. (bsc#940159) - Display banner message even when user list is disabled. (bsc#875481) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-62=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-62=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-62=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-62=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-62=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-62=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-62=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-62=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): gnome-shell-calendar-3.10.4-49.1 gnome-shell-calendar-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): gnome-shell-calendar-3.10.4-49.1 gnome-shell-calendar-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 gnome-shell-devel-3.10.4-49.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 gnome-shell-devel-3.10.4-49.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gnome-shell-3.10.4-49.1 gnome-shell-browser-plugin-3.10.4-49.1 gnome-shell-browser-plugin-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): gnome-shell-lang-3.10.4-49.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gnome-shell-3.10.4-49.1 gnome-shell-browser-plugin-3.10.4-49.1 gnome-shell-browser-plugin-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Server 12 (noarch): gnome-shell-lang-3.10.4-49.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gnome-shell-3.10.4-49.1 gnome-shell-browser-plugin-3.10.4-49.1 gnome-shell-browser-plugin-debuginfo-3.10.4-49.1 gnome-shell-calendar-3.10.4-49.1 gnome-shell-calendar-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gnome-shell-lang-3.10.4-49.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gnome-shell-3.10.4-49.1 gnome-shell-browser-plugin-3.10.4-49.1 gnome-shell-browser-plugin-debuginfo-3.10.4-49.1 gnome-shell-calendar-3.10.4-49.1 gnome-shell-calendar-debuginfo-3.10.4-49.1 gnome-shell-debuginfo-3.10.4-49.1 gnome-shell-debugsource-3.10.4-49.1 - SUSE Linux Enterprise Desktop 12 (noarch): gnome-shell-lang-3.10.4-49.1 References: https://bugzilla.suse.com/875481 https://bugzilla.suse.com/939315 https://bugzilla.suse.com/940159 https://bugzilla.suse.com/948802 From sle-updates at lists.suse.com Tue Jan 12 12:11:31 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 20:11:31 +0100 (CET) Subject: SUSE-RU-2016:0088-1: Recommended update for deltarpm Message-ID: <20160112191131.93B2C320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for deltarpm ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0088-1 Rating: low References: #948504 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for deltarpm provides the following fixes: - Fix off-by-one error in delta generation code which could lead to a segmentation fault in some rare circumstances. (bsc#948504) - Return error rather than crashing if memory allocation fails. - Add newline in missing prelink error. - Do not finish applydeltarpm jobs when in the middle of a request. - Fix failing applydeltarpm with gzip -9 compression. - Add a couple of man pages. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-deltarpm-12318=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-deltarpm-12318=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-deltarpm-12318=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-deltarpm-12318=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-deltarpm-12318=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-deltarpm-12318=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-deltarpm-12318=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-deltarpm-12318=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): python-deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): python-deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): deltarpm-3.6.1-4.11.1 python-deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): deltarpm-3.6.1-4.11.1 python-deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): deltarpm-3.6.1-4.11.1 python-deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): deltarpm-3.6.1-4.11.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): deltarpm-debuginfo-3.6.1-4.11.1 deltarpm-debugsource-3.6.1-4.11.1 References: https://bugzilla.suse.com/948504 From sle-updates at lists.suse.com Tue Jan 12 12:12:47 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 20:12:47 +0100 (CET) Subject: SUSE-SU-2016:0090-1: moderate: Security update for openldap2 Message-ID: <20160112191247.B9815320D8@maintenance.suse.de> SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0090-1 Rating: moderate References: #945582 Cross-References: CVE-2015-6908 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue: - CVE-2015-6908. Passing a crafted packet to the function ber_get_next(), an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-openldap2-20151222-12317=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-openldap2-20151222-12317=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-openldap2-20151222-12317=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openldap2-20151222-12317=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-openldap2-20151222-12317=1 - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-openldap2-20151222-12317=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-openldap2-20151222-12317=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-openldap2-20151222-12317=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openldap2-20151222-12317=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openldap2-20151222-12317=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): openldap2-back-perl-2.4.26-0.62.2 openldap2-devel-2.4.26-0.62.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): openldap2-devel-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): openldap2-2.4.26-0.62.2 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): openldap2-back-perl-2.4.26-0.62.2 openldap2-devel-2.4.26-0.62.2 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): openldap2-devel-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): openldap2-2.4.26-0.62.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): compat-libldap-2_3-0-2.3.37-2.62.2 libldap-2_4-2-2.4.26-0.62.2 openldap2-2.4.26-0.62.2 openldap2-back-meta-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libldap-2_4-2-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): compat-libldap-2_3-0-2.3.37-2.62.2 libldap-2_4-2-2.4.26-0.62.2 openldap2-2.4.26-0.62.2 openldap2-back-meta-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libldap-2_4-2-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): libldap-2_4-2-x86-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): compat-libldap-2_3-0-2.3.37-2.62.2 libldap-2_4-2-2.4.26-0.62.2 openldap2-2.4.26-0.62.2 openldap2-back-meta-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libldap-2_4-2-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SP3 (ia64): libldap-2_4-2-x86-2.4.26-0.62.2 - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): libldap-openssl1-2_4-2-2.4.26-0.62.3 - SUSE Linux Enterprise Server 11-SECURITY (ppc64 s390x x86_64): libldap-openssl1-2_4-2-32bit-2.4.26-0.62.3 - SUSE Linux Enterprise Server 11-SECURITY (ia64): libldap-openssl1-2_4-2-x86-2.4.26-0.62.3 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libldap-2_4-2-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libldap-2_4-2-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libldap-2_4-2-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libldap-2_4-2-32bit-2.4.26-0.62.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openldap2-client-debuginfo-2.4.26-0.62.2 openldap2-client-debugsource-2.4.26-0.62.2 openldap2-debuginfo-2.4.26-0.62.2 openldap2-debugsource-2.4.26-0.62.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): openldap2-client-debuginfo-2.4.26-0.62.2 openldap2-client-debugsource-2.4.26-0.62.2 openldap2-client-openssl1-debuginfo-2.4.26-0.62.3 openldap2-client-openssl1-debugsource-2.4.26-0.62.3 openldap2-debuginfo-2.4.26-0.62.2 openldap2-debugsource-2.4.26-0.62.2 References: https://www.suse.com/security/cve/CVE-2015-6908.html https://bugzilla.suse.com/945582 From sle-updates at lists.suse.com Tue Jan 12 13:12:54 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 21:12:54 +0100 (CET) Subject: SUSE-RU-2016:0091-1: Recommended update for yast2-users Message-ID: <20160112201254.50979320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-users ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0091-1 Rating: low References: #805275 #904645 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-users provides the following fixes: - Allow changing of CN values if LDAP user is not yet saved. (bsc#904645) - Fix validation of AutoYaST profiles. (bsc#805275) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-users-12319=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-users-12319=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-users-12319=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-yast2-users-12319=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): yast2-users-2.17.56-8.6.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-users-2.17.56-8.6.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): yast2-users-2.17.56-8.6.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-users-debuginfo-2.17.56-8.6.1 yast2-users-debugsource-2.17.56-8.6.1 References: https://bugzilla.suse.com/805275 https://bugzilla.suse.com/904645 From sle-updates at lists.suse.com Tue Jan 12 14:11:07 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 12 Jan 2016 22:11:07 +0100 (CET) Subject: SUSE-SU-2016:0092-1: moderate: Security update for cups-filters Message-ID: <20160112211107.A6411320D8@maintenance.suse.de> SUSE Security Update: Security update for cups-filters ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0092-1 Rating: moderate References: #957531 Cross-References: CVE-2015-8327 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes the following security issue: CVE-2015-8327 adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-66=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-66=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-66=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-66=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): cups-filters-1.0.58-13.1 cups-filters-cups-browsed-1.0.58-13.1 cups-filters-cups-browsed-debuginfo-1.0.58-13.1 cups-filters-debuginfo-1.0.58-13.1 cups-filters-debugsource-1.0.58-13.1 cups-filters-foomatic-rip-1.0.58-13.1 cups-filters-foomatic-rip-debuginfo-1.0.58-13.1 cups-filters-ghostscript-1.0.58-13.1 cups-filters-ghostscript-debuginfo-1.0.58-13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cups-filters-1.0.58-13.1 cups-filters-cups-browsed-1.0.58-13.1 cups-filters-cups-browsed-debuginfo-1.0.58-13.1 cups-filters-debuginfo-1.0.58-13.1 cups-filters-debugsource-1.0.58-13.1 cups-filters-foomatic-rip-1.0.58-13.1 cups-filters-foomatic-rip-debuginfo-1.0.58-13.1 cups-filters-ghostscript-1.0.58-13.1 cups-filters-ghostscript-debuginfo-1.0.58-13.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): cups-filters-1.0.58-13.1 cups-filters-cups-browsed-1.0.58-13.1 cups-filters-cups-browsed-debuginfo-1.0.58-13.1 cups-filters-debuginfo-1.0.58-13.1 cups-filters-debugsource-1.0.58-13.1 cups-filters-foomatic-rip-1.0.58-13.1 cups-filters-foomatic-rip-debuginfo-1.0.58-13.1 cups-filters-ghostscript-1.0.58-13.1 cups-filters-ghostscript-debuginfo-1.0.58-13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cups-filters-1.0.58-13.1 cups-filters-cups-browsed-1.0.58-13.1 cups-filters-cups-browsed-debuginfo-1.0.58-13.1 cups-filters-debuginfo-1.0.58-13.1 cups-filters-debugsource-1.0.58-13.1 cups-filters-foomatic-rip-1.0.58-13.1 cups-filters-foomatic-rip-debuginfo-1.0.58-13.1 cups-filters-ghostscript-1.0.58-13.1 cups-filters-ghostscript-debuginfo-1.0.58-13.1 References: https://www.suse.com/security/cve/CVE-2015-8327.html https://bugzilla.suse.com/957531 From sle-updates at lists.suse.com Wed Jan 13 06:11:14 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 14:11:14 +0100 (CET) Subject: SUSE-RU-2016:0093-1: Recommended update for gnome-shell-extensions Message-ID: <20160113131114.21B2F320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-shell-extensions ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0093-1 Rating: low References: #947381 #948793 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for gnome-shell-extensions provides fixes for the following issues: - A mismatch between declared icon sizes and available space in the running applications' bar. (bsc#948793) - An integer conversion error that could result in failure to process mouse click events in the Applications Menu. (bsc#947381) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-67=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-67=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-67=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-67=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): gnome-shell-classic-3.10.1-24.9.5 gnome-shell-extensions-common-3.10.1-24.9.5 gnome-shell-extensions-common-lang-3.10.1-24.9.5 - SUSE Linux Enterprise Server 12 (noarch): gnome-shell-classic-3.10.1-24.9.5 gnome-shell-extensions-common-3.10.1-24.9.5 gnome-shell-extensions-common-lang-3.10.1-24.9.5 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gnome-shell-classic-3.10.1-24.9.5 gnome-shell-extensions-common-3.10.1-24.9.5 gnome-shell-extensions-common-lang-3.10.1-24.9.5 - SUSE Linux Enterprise Desktop 12 (noarch): gnome-shell-classic-3.10.1-24.9.5 gnome-shell-extensions-common-3.10.1-24.9.5 gnome-shell-extensions-common-lang-3.10.1-24.9.5 References: https://bugzilla.suse.com/947381 https://bugzilla.suse.com/948793 From sle-updates at lists.suse.com Wed Jan 13 06:11:51 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 14:11:51 +0100 (CET) Subject: SUSE-RU-2016:0094-1: moderate: Recommended update for powerpc-utils Message-ID: <20160113131151.9FD112BF0A@maintenance.suse.de> SUSE Recommended Update: Recommended update for powerpc-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0094-1 Rating: moderate References: #957448 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for powerpc-utils fixes the following issues: - When adding a node to the device tree, the drmgr command writes a termination NULL in the first character past the end of the allocated buffer. This results in a SIGABRT being generated by libc when the buffer is free'ed. (bsc#957448) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-68=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le): powerpc-utils-1.2.26-8.1 powerpc-utils-debuginfo-1.2.26-8.1 powerpc-utils-debugsource-1.2.26-8.1 References: https://bugzilla.suse.com/957448 From sle-updates at lists.suse.com Wed Jan 13 06:12:14 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 14:12:14 +0100 (CET) Subject: SUSE-RU-2016:0095-1: Recommended update for zypper-migration-plugin Message-ID: <20160113131214.308EE2BF0A@maintenance.suse.de> SUSE Recommended Update: Recommended update for zypper-migration-plugin ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0095-1 Rating: low References: #940771 #941458 #941460 #941565 #941630 #943267 #943269 #945030 #945462 #945619 #945681 #946003 #946206 #946750 #946858 #947270 #959134 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has 17 recommended fixes can now be installed. Description: This update for zypper-migration-plugin fixes the following issues: - Do not add --recommends by default. (bsc#959134) - Added Supplements for zypper and SUSEConnect to ensure automatic installation. - Use stable sort for product list returned by SCC. - Fixed obsoleted service check to work with SMT. - Backup of /etc/zypp. (bsc#946858) - Do not create extra snapshots. (bsc#947270) - Correctly handle zypper failures. (bsc#946750) - Better exception handling. (bsc#946003, bsc#945681, bsc#946206) - Sync output. (bsc#945619) - Use --no-refresh where possible. (bsc#945462) - Rollback. (bsc#941458) - Use --updatestack-only. (bsc#945030) - Install patches, restart after updates. (bsc#943267) - Sort product list, put installed products at the end. (bsc#943269) - Handle api exceptions. (bsc#940771) - Create snapshots. (bsc#941460) - Use releasever. (bsc#941565) - Do not print internal product name. (bsc#941630) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-70=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-70=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): zypper-migration-plugin-0.8-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): zypper-migration-plugin-0.8-3.1 References: https://bugzilla.suse.com/940771 https://bugzilla.suse.com/941458 https://bugzilla.suse.com/941460 https://bugzilla.suse.com/941565 https://bugzilla.suse.com/941630 https://bugzilla.suse.com/943267 https://bugzilla.suse.com/943269 https://bugzilla.suse.com/945030 https://bugzilla.suse.com/945462 https://bugzilla.suse.com/945619 https://bugzilla.suse.com/945681 https://bugzilla.suse.com/946003 https://bugzilla.suse.com/946206 https://bugzilla.suse.com/946750 https://bugzilla.suse.com/946858 https://bugzilla.suse.com/947270 https://bugzilla.suse.com/959134 From sle-updates at lists.suse.com Wed Jan 13 06:16:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 14:16:08 +0100 (CET) Subject: SUSE-RU-2016:0096-1: Recommended update for polkit-default-privs Message-ID: <20160113131608.5B0802BF0A@maintenance.suse.de> SUSE Recommended Update: Recommended update for polkit-default-privs ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0096-1 Rating: low References: #927275 #946210 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for polkit-default-privs provides the following fixes: - Specify an explicit umask of 0022 to create rule files with appropriate file permissions. (bsc#946210) - PowerDevil action names have been updated. (bsc#927275) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-71=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-71=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-71=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-71=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): polkit-default-privs-13.2-15.1 - SUSE Linux Enterprise Server 12 (noarch): polkit-default-privs-13.2-15.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): polkit-default-privs-13.2-15.1 - SUSE Linux Enterprise Desktop 12 (noarch): polkit-default-privs-13.2-15.1 References: https://bugzilla.suse.com/927275 https://bugzilla.suse.com/946210 From sle-updates at lists.suse.com Wed Jan 13 06:16:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 14:16:44 +0100 (CET) Subject: SUSE-RU-2016:0097-1: Recommended update for gnome-control-center Message-ID: <20160113131644.398452BF0A@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-control-center ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0097-1 Rating: low References: #880303 #947761 #951122 #951590 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for gnome-control-center provides the following fixes: - Fix untranslated title on the "Add Profile" dialog on Color Panel settings. (bsc#947761) - Add missing "libgnomekbd" dependency. (bsc#951122) - Fix untranslated "Change Password" text. (bsc#880303) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-69=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-69=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-69=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-69=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): gnome-control-center-color-3.10.3-14.7.1 gnome-control-center-debuginfo-3.10.3-14.7.1 gnome-control-center-debugsource-3.10.3-14.7.1 gnome-control-center-goa-3.10.3-14.7.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gnome-control-center-debuginfo-3.10.3-14.7.1 gnome-control-center-debugsource-3.10.3-14.7.1 gnome-control-center-devel-3.10.3-14.7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gnome-control-center-3.10.3-14.7.1 gnome-control-center-debuginfo-3.10.3-14.7.1 gnome-control-center-debugsource-3.10.3-14.7.1 - SUSE Linux Enterprise Server 12 (noarch): gnome-control-center-lang-3.10.3-14.7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gnome-control-center-3.10.3-14.7.1 gnome-control-center-color-3.10.3-14.7.1 gnome-control-center-debuginfo-3.10.3-14.7.1 gnome-control-center-debugsource-3.10.3-14.7.1 gnome-control-center-goa-3.10.3-14.7.1 - SUSE Linux Enterprise Desktop 12 (noarch): gnome-control-center-lang-3.10.3-14.7.1 References: https://bugzilla.suse.com/880303 https://bugzilla.suse.com/947761 https://bugzilla.suse.com/951122 https://bugzilla.suse.com/951590 From sle-updates at lists.suse.com Wed Jan 13 08:11:28 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 16:11:28 +0100 (CET) Subject: SUSE-RU-2016:0099-1: Recommended update for release-notes-sled Message-ID: <20160113151128.BAE74320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0099-1 Rating: low References: #951480 #953728 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12 have been updated to fix minor issues. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-72=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-72=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (noarch): release-notes-sled-12.0.20151229-38.2 - SUSE Linux Enterprise Desktop 12 (noarch): release-notes-sled-12.0.20151229-38.2 References: https://bugzilla.suse.com/951480 https://bugzilla.suse.com/953728 From sle-updates at lists.suse.com Wed Jan 13 08:12:02 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 16:12:02 +0100 (CET) Subject: SUSE-RU-2016:0100-1: Recommended update for release-notes-sles Message-ID: <20160113151202.D0B92320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0100-1 Rating: low References: #950143 #955779 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides the latest revision of the Release Notes for SUSE Linux Enterprise Server 11 SP4: - Remove misleading statement about zypper. (bsc#955779) - Document availability of updated toolchain for SLES 11 SP4. (fate#319015) - List YaST modules deprecated on SLE 12. (fate#319469) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-release-notes-sles-12320=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): release-notes-sles-11.4.22-0.21.1 References: https://bugzilla.suse.com/950143 https://bugzilla.suse.com/955779 From sle-updates at lists.suse.com Wed Jan 13 09:11:21 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 17:11:21 +0100 (CET) Subject: SUSE-SU-2016:0101-1: moderate: Security update for openstack-glance Message-ID: <20160113161121.D6E4F2BF0A@maintenance.suse.de> SUSE Security Update: Security update for openstack-glance ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0101-1 Rating: moderate References: #945051 #945994 #947735 Cross-References: CVE-2015-5251 CVE-2015-5286 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for openstack-glance provides the following fixes: - Catch NotAuthenticated exception in import task. (bsc#947735, CVE-2015-5286) - Cleanup chunks for deleted image if token expired. (bsc#947735, CVE-2015-5286) - Prevent image status being directly modified via v1. (bsc#945994, CVE-2015-5251) - Fix error when downloading image status is not active. (bsc#945051) - Add ability to deactivate an image. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-glance-12321=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-glance-2014.2.4.juno-14.1 python-glance-2014.2.4.juno-14.1 - SUSE OpenStack Cloud 5 (noarch): openstack-glance-doc-2014.2.4.juno-14.1 References: https://www.suse.com/security/cve/CVE-2015-5251.html https://www.suse.com/security/cve/CVE-2015-5286.html https://bugzilla.suse.com/945051 https://bugzilla.suse.com/945994 https://bugzilla.suse.com/947735 From sle-updates at lists.suse.com Wed Jan 13 10:14:43 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 18:14:43 +0100 (CET) Subject: SUSE-SU-2016:0107-1: moderate: Security update for python-rsa Message-ID: <20160113171443.D4FB82BF0A@maintenance.suse.de> SUSE Security Update: Security update for python-rsa ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0107-1 Rating: moderate References: #960680 Cross-References: CVE-2016-1494 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-rsa fixes the following security issue: * CVE-2016-1494: Possible signature forgery via Bleichenbacher attack (bsc#960680) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-75=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-rsa-3.1.4-11.1 References: https://www.suse.com/security/cve/CVE-2016-1494.html https://bugzilla.suse.com/960680 From sle-updates at lists.suse.com Wed Jan 13 11:12:14 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 19:12:14 +0100 (CET) Subject: SUSE-SU-2016:0109-1: Security update for wireshark Message-ID: <20160113181214.1D0652BF0A@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0109-1 Rating: low References: #950437 #960382 Cross-References: CVE-2015-7830 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 24 vulnerabilities is now available. Description: This update contains Wireshark 1.12.9 and fixes the following issues: * CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437) * CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. * CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. * CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. * CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression. * CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. * CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted * CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. * CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. * CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. * CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet. * CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. * CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet. * CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-76=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-76=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-76=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-76=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-76=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-76=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 wireshark-devel-1.12.9-22.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 wireshark-devel-1.12.9-22.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): wireshark-1.12.9-22.1 wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): wireshark-1.12.9-22.1 wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): wireshark-1.12.9-22.1 wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 - SUSE Linux Enterprise Desktop 12 (x86_64): wireshark-1.12.9-22.1 wireshark-debuginfo-1.12.9-22.1 wireshark-debugsource-1.12.9-22.1 References: https://www.suse.com/security/cve/CVE-2015-7830.html https://www.suse.com/security/cve/CVE-2015-8711.html https://www.suse.com/security/cve/CVE-2015-8712.html https://www.suse.com/security/cve/CVE-2015-8713.html https://www.suse.com/security/cve/CVE-2015-8714.html https://www.suse.com/security/cve/CVE-2015-8715.html https://www.suse.com/security/cve/CVE-2015-8716.html https://www.suse.com/security/cve/CVE-2015-8717.html https://www.suse.com/security/cve/CVE-2015-8718.html https://www.suse.com/security/cve/CVE-2015-8719.html https://www.suse.com/security/cve/CVE-2015-8720.html https://www.suse.com/security/cve/CVE-2015-8721.html https://www.suse.com/security/cve/CVE-2015-8722.html https://www.suse.com/security/cve/CVE-2015-8723.html https://www.suse.com/security/cve/CVE-2015-8724.html https://www.suse.com/security/cve/CVE-2015-8725.html https://www.suse.com/security/cve/CVE-2015-8726.html https://www.suse.com/security/cve/CVE-2015-8727.html https://www.suse.com/security/cve/CVE-2015-8728.html https://www.suse.com/security/cve/CVE-2015-8729.html https://www.suse.com/security/cve/CVE-2015-8730.html https://www.suse.com/security/cve/CVE-2015-8731.html https://www.suse.com/security/cve/CVE-2015-8732.html https://www.suse.com/security/cve/CVE-2015-8733.html https://bugzilla.suse.com/950437 https://bugzilla.suse.com/960382 From sle-updates at lists.suse.com Wed Jan 13 12:15:22 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 20:15:22 +0100 (CET) Subject: SUSE-SU-2016:0110-1: Security update for wireshark Message-ID: <20160113191522.9C29232074@maintenance.suse.de> SUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0110-1 Rating: low References: #950437 #960382 Cross-References: CVE-2015-7830 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 24 vulnerabilities is now available. Description: This update contains Wireshark 1.12.9 and fixes the following issues: * CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437) * CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. * CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. * CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. * CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. * CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression. * CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. * CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted * CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. * CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. * CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. * CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet. * CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. * CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet. * CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. * CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-wireshark-12322=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-wireshark-12322=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-wireshark-12322=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-wireshark-12322=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-wireshark-12322=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-wireshark-12322=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-wireshark-12322=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-wireshark-12322=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-wireshark-12322=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-devel-1.12.9-0.12.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): wireshark-devel-1.12.9-0.12.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): wireshark-1.12.9-0.12.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): wireshark-debuginfo-1.12.9-0.12.1 wireshark-debugsource-1.12.9-0.12.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): wireshark-debuginfo-1.12.9-0.12.1 wireshark-debugsource-1.12.9-0.12.1 References: https://www.suse.com/security/cve/CVE-2015-7830.html https://www.suse.com/security/cve/CVE-2015-8711.html https://www.suse.com/security/cve/CVE-2015-8712.html https://www.suse.com/security/cve/CVE-2015-8713.html https://www.suse.com/security/cve/CVE-2015-8714.html https://www.suse.com/security/cve/CVE-2015-8715.html https://www.suse.com/security/cve/CVE-2015-8716.html https://www.suse.com/security/cve/CVE-2015-8717.html https://www.suse.com/security/cve/CVE-2015-8718.html https://www.suse.com/security/cve/CVE-2015-8719.html https://www.suse.com/security/cve/CVE-2015-8720.html https://www.suse.com/security/cve/CVE-2015-8721.html https://www.suse.com/security/cve/CVE-2015-8722.html https://www.suse.com/security/cve/CVE-2015-8723.html https://www.suse.com/security/cve/CVE-2015-8724.html https://www.suse.com/security/cve/CVE-2015-8725.html https://www.suse.com/security/cve/CVE-2015-8726.html https://www.suse.com/security/cve/CVE-2015-8727.html https://www.suse.com/security/cve/CVE-2015-8728.html https://www.suse.com/security/cve/CVE-2015-8729.html https://www.suse.com/security/cve/CVE-2015-8730.html https://www.suse.com/security/cve/CVE-2015-8731.html https://www.suse.com/security/cve/CVE-2015-8732.html https://www.suse.com/security/cve/CVE-2015-8733.html https://bugzilla.suse.com/950437 https://bugzilla.suse.com/960382 From sle-updates at lists.suse.com Wed Jan 13 13:11:24 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 21:11:24 +0100 (CET) Subject: SUSE-RU-2016:0111-1: Recommended update for yast2-kdump Message-ID: <20160113201124.EB570320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-kdump ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0111-1 Rating: low References: #805275 #930950 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-kdump provides the following fixes: - Fix validation of AutoYaST profiles. (bsc#805275) - AutoYaST: "add_crashkernel_param" will be set by using autoinst.xml and will not be overwritten by proposal. (bsc#930950) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-yast2-kdump-12323=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-kdump-12323=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-kdump-12323=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-kdump-12323=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 x86_64): yast2-kdump-2.17.28-9.3.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): yast2-kdump-2.17.28-9.3.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-kdump-2.17.28-9.3.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): yast2-kdump-2.17.28-9.3.2 References: https://bugzilla.suse.com/805275 https://bugzilla.suse.com/930950 From sle-updates at lists.suse.com Wed Jan 13 13:12:06 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 21:12:06 +0100 (CET) Subject: SUSE-SU-2016:0112-1: moderate: Security update for foomatic-filters Message-ID: <20160113201206.D2080320DF@maintenance.suse.de> SUSE Security Update: Security update for foomatic-filters ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0112-1 Rating: moderate References: #957531 Cross-References: CVE-2015-8327 CVE-2015-8560 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes the following security issues: CVE-2015-8327: adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531). CVE-2015-8560: fixed code execution via improper escaping of ; (bsc#957531). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-foomatic-filters-12324=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-foomatic-filters-12324=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-foomatic-filters-12324=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-foomatic-filters-12324=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-foomatic-filters-12324=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): foomatic-filters-3.0.2-269.39.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): foomatic-filters-3.0.2-269.39.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): foomatic-filters-3.0.2-269.39.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): foomatic-filters-3.0.2-269.39.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): foomatic-filters-3.0.2-269.39.1 References: https://www.suse.com/security/cve/CVE-2015-8327.html https://www.suse.com/security/cve/CVE-2015-8560.html https://bugzilla.suse.com/957531 From sle-updates at lists.suse.com Wed Jan 13 14:11:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 13 Jan 2016 22:11:08 +0100 (CET) Subject: SUSE-SU-2016:0113-1: important: Security update for java-1_6_0-ibm Message-ID: <20160113211108.A5448320DF@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0113-1 Rating: important References: #955131 #960286 #960402 Cross-References: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. Description: This version update for java-1_6_0-ibm to version 6.0.16.15 fixes the following issues: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 For more information please visit: http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_Nove mber_2015 Security Issues: * CVE-2015-4734 * CVE-2015-4803 * CVE-2015-4805 * CVE-2015-4806 * CVE-2015-4810 * CVE-2015-4835 * CVE-2015-4840 * CVE-2015-4842 * CVE-2015-4843 * CVE-2015-4844 * CVE-2015-4860 * CVE-2015-4871 * CVE-2015-4872 * CVE-2015-4882 * CVE-2015-4883 * CVE-2015-4893 * CVE-2015-4902 * CVE-2015-4903 * CVE-2015-4911 * CVE-2015-5006 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.15-0.16.1 java-1_6_0-ibm-devel-1.6.0_sr16.15-0.16.1 java-1_6_0-ibm-fonts-1.6.0_sr16.15-0.16.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.15-0.16.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): java-1_6_0-ibm-32bit-1.6.0_sr16.15-0.16.1 java-1_6_0-ibm-devel-32bit-1.6.0_sr16.15-0.16.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.15-0.16.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64): java-1_6_0-ibm-alsa-32bit-1.6.0_sr16.15-0.16.1 java-1_6_0-ibm-plugin-32bit-1.6.0_sr16.15-0.16.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.15-0.16.1 References: https://www.suse.com/security/cve/CVE-2015-4734.html https://www.suse.com/security/cve/CVE-2015-4803.html https://www.suse.com/security/cve/CVE-2015-4805.html https://www.suse.com/security/cve/CVE-2015-4806.html https://www.suse.com/security/cve/CVE-2015-4810.html https://www.suse.com/security/cve/CVE-2015-4835.html https://www.suse.com/security/cve/CVE-2015-4840.html https://www.suse.com/security/cve/CVE-2015-4842.html https://www.suse.com/security/cve/CVE-2015-4843.html https://www.suse.com/security/cve/CVE-2015-4844.html https://www.suse.com/security/cve/CVE-2015-4860.html https://www.suse.com/security/cve/CVE-2015-4871.html https://www.suse.com/security/cve/CVE-2015-4872.html https://www.suse.com/security/cve/CVE-2015-4882.html https://www.suse.com/security/cve/CVE-2015-4883.html https://www.suse.com/security/cve/CVE-2015-4893.html https://www.suse.com/security/cve/CVE-2015-4902.html https://www.suse.com/security/cve/CVE-2015-4903.html https://www.suse.com/security/cve/CVE-2015-4911.html https://www.suse.com/security/cve/CVE-2015-5006.html https://bugzilla.suse.com/955131 https://bugzilla.suse.com/960286 https://bugzilla.suse.com/960402 https://download.suse.com/patch/finder/?keywords=750c96f801a1b590f58f15adc3b52b3d From sle-updates at lists.suse.com Wed Jan 13 16:11:06 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 00:11:06 +0100 (CET) Subject: SUSE-SU-2016:0114-1: moderate: Security update for python-requests Message-ID: <20160113231106.A5AF1320B7@maintenance.suse.de> SUSE Security Update: Security update for python-requests ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0114-1 Rating: moderate References: #922448 #929736 #961596 Cross-References: CVE-2015-2296 Affected Products: SUSE OpenStack Cloud Compute 5 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Enterprise Storage 2 SUSE Enterprise Storage 1.0 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: The python-requests module has been updated to version 2.8.1, which brings several fixes and enhancements: - Fix handling of cookies on redirect. Previously a cookie without a host value set would use the hostname for the redirected URL exposing requests users to session fixation attacks and potentially cookie stealing. (bsc#922448, CVE-2015-2296) - Add support for per-host proxies. This allows the proxies dictionary to have entries of the form {'://': ''}. Host-specific proxies will be used in preference to the previously-supported scheme-specific ones, but the previous syntax will continue to work. - Update certificate bundle to match "certifi" 2015.9.6.2's weak certificate bundle. - Response.raise_for_status now prints the URL that failed as part of the exception message. - requests.utils.get_netrc_auth now takes an raise_errors kwarg, defaulting to False. When True, errors parsing .netrc files cause exceptions to be thrown. - Change to bundled projects import logic to make it easier to unbundle requests downstream. - Change the default User-Agent string to avoid leaking data on Linux: now contains only the requests version. - The json parameter to post() and friends will now only be used if neither data nor files are present, consistent with the documentation. - Empty fields in the NO_PROXY environment variable are now ignored. - Fix problem where httplib.BadStatusLine would get raised if combining stream=True with contextlib.closing. - Prevent bugs where we would attempt to return the same connection back to the connection pool twice when sending a Chunked body. - Digest Auth support is now thread safe. - Resolved several bugs involving chunked transfer encoding and response framing. - Copy a PreparedRequest's CookieJar more reliably. - Support bytearrays when passed as parameters in the "files" argument. - Avoid data duplication when creating a request with "str", "bytes", or "bytearray" input to the "files" argument. - "Connection: keep-alive" header is now sent automatically. - Support for connect timeouts. Timeout now accepts a tuple (connect, read) which is used to set individual connect and read timeouts. For a comprehensive list of changes please refer to the package's change log or the Release Notes at http://docs.python-requests.org/en/latest/community/updates/#id3 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2016-80=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-80=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-80=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-80=1 - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2016-80=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-80=1 - SUSE Enterprise Storage 2: zypper in -t patch SUSE-Storage-2-2016-80=1 - SUSE Enterprise Storage 1.0: zypper in -t patch SUSE-Storage-1.0-2016-80=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-requests-2.8.1-6.9.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): python-requests-2.8.1-6.9.1 - SUSE Linux Enterprise Server 12 (noarch): python-requests-2.8.1-6.9.1 - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-requests-2.8.1-6.9.1 - SUSE Linux Enterprise High Availability 12 (noarch): python-requests-2.8.1-6.9.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): python-requests-2.8.1-6.9.1 - SUSE Enterprise Storage 2 (noarch): python-requests-2.8.1-6.9.1 - SUSE Enterprise Storage 1.0 (noarch): python-requests-2.8.1-6.9.1 References: https://www.suse.com/security/cve/CVE-2015-2296.html https://bugzilla.suse.com/922448 https://bugzilla.suse.com/929736 https://bugzilla.suse.com/961596 From sle-updates at lists.suse.com Thu Jan 14 09:11:29 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 17:11:29 +0100 (CET) Subject: SUSE-RU-2016:0115-1: moderate: Recommended update for SUSEConnect Message-ID: <20160114161129.77F97320B7@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSEConnect ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0115-1 Rating: moderate References: #946183 #949424 #951671 #954266 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update provides SUSEConnect 0.2.32, which fixes the following issues: - Remove unneeded link in %post which caused a warning. (bsc#946183) - Correct RPM group and further packaging improvements. (bsc#946183) - Include SCCcredentials file as a ghost entry. (bsc#946183) - Change packaging: One `SUSEConnect` package to rule them all. (bsc#951671) - Update manpages to match the latest CLI options. - Silently ignore malformed lscpu lines instead of failing. (bsc#954266) - Properly handle empty repository lists from zypper. - Ensure version of SUSEConnect is bumped in order to be able to distinct requests from affected YaST version in SCC API. (bsc#949424) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-82=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-82=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): SUSEConnect-0.2.32-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): SUSEConnect-0.2.32-3.1 References: https://bugzilla.suse.com/946183 https://bugzilla.suse.com/949424 https://bugzilla.suse.com/951671 https://bugzilla.suse.com/954266 From sle-updates at lists.suse.com Thu Jan 14 09:12:30 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 17:12:30 +0100 (CET) Subject: SUSE-RU-2016:0116-1: Recommended update for brp-check-suse Message-ID: <20160114161230.0BEB9320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for brp-check-suse ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0116-1 Rating: low References: #443364 #781101 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for brp-check-suse provides many fixes and enhancements: - Do not fail over new DefaultLayout element. - Handle symbolic links to root directory properly. (bsc#781101) - Update applications.menu from desktop-data to accept new Categories. (bsc#443364) - The scripts brp-40-rootfs, brp-60-hook and brp-50-check-python received several minor fixes. - The script brp-25-symlink has been rewritten to reduce number of calls. - All GTK apps are allowed to assume the presence of the Adwaita-icon-theme package. As a result, we now accept icons in icons/Adwaita on the whitelist. - Remove brp-20-check-la. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-81=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-81=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): brp-check-suse-13.2+git20150521.971ea2f-5.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): brp-check-suse-13.2+git20150521.971ea2f-5.1 References: https://bugzilla.suse.com/443364 https://bugzilla.suse.com/781101 From sle-updates at lists.suse.com Thu Jan 14 12:11:30 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 20:11:30 +0100 (CET) Subject: SUSE-SU-2016:0117-1: critical: Security update for openssh-openssl1 Message-ID: <20160114191130.1740B320D8@maintenance.suse.de> SUSE Security Update: Security update for openssh-openssl1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0117-1 Rating: critical References: #961642 #961645 Cross-References: CVE-2016-0777 CVE-2016-0778 Affected Products: SUSE Linux Enterprise Server 11-SECURITY ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for openssh-openssl1 fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642) - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645) This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-openssh-openssl1-12327=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): openssh-openssl1-6.6p1-10.1 openssh-openssl1-helpers-6.6p1-10.1 References: https://www.suse.com/security/cve/CVE-2016-0777.html https://www.suse.com/security/cve/CVE-2016-0778.html https://bugzilla.suse.com/961642 https://bugzilla.suse.com/961645 From sle-updates at lists.suse.com Thu Jan 14 12:12:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 20:12:08 +0100 (CET) Subject: SUSE-SU-2016:0118-1: critical: Security update for openssh Message-ID: <20160114191208.A3088320E8@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0118-1 Rating: critical References: #961642 #961645 Cross-References: CVE-2016-0777 CVE-2016-0778 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642) - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645) This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-85=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-85=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-85=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-85=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): openssh-6.6p1-33.1 openssh-askpass-gnome-6.6p1-33.1 openssh-askpass-gnome-debuginfo-6.6p1-33.1 openssh-debuginfo-6.6p1-33.1 openssh-debugsource-6.6p1-33.1 openssh-fips-6.6p1-33.1 openssh-helpers-6.6p1-33.1 openssh-helpers-debuginfo-6.6p1-33.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): openssh-6.6p1-33.1 openssh-askpass-gnome-6.6p1-33.1 openssh-askpass-gnome-debuginfo-6.6p1-33.1 openssh-debuginfo-6.6p1-33.1 openssh-debugsource-6.6p1-33.1 openssh-fips-6.6p1-33.1 openssh-helpers-6.6p1-33.1 openssh-helpers-debuginfo-6.6p1-33.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): openssh-6.6p1-33.1 openssh-askpass-gnome-6.6p1-33.1 openssh-askpass-gnome-debuginfo-6.6p1-33.1 openssh-debuginfo-6.6p1-33.1 openssh-debugsource-6.6p1-33.1 openssh-helpers-6.6p1-33.1 openssh-helpers-debuginfo-6.6p1-33.1 - SUSE Linux Enterprise Desktop 12 (x86_64): openssh-6.6p1-33.1 openssh-askpass-gnome-6.6p1-33.1 openssh-askpass-gnome-debuginfo-6.6p1-33.1 openssh-debuginfo-6.6p1-33.1 openssh-debugsource-6.6p1-33.1 openssh-helpers-6.6p1-33.1 openssh-helpers-debuginfo-6.6p1-33.1 References: https://www.suse.com/security/cve/CVE-2016-0777.html https://www.suse.com/security/cve/CVE-2016-0778.html https://bugzilla.suse.com/961642 https://bugzilla.suse.com/961645 From sle-updates at lists.suse.com Thu Jan 14 12:12:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 20:12:44 +0100 (CET) Subject: SUSE-SU-2016:0119-1: critical: Security update for openssh Message-ID: <20160114191245.01BE6320E8@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0119-1 Rating: critical References: #961642 #961645 Cross-References: CVE-2016-0777 CVE-2016-0778 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642) - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645) This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-openssh-2016011301-12325=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-openssh-2016011301-12325=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-openssh-2016011301-12325=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openssh-2016011301-12325=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): openssh-6.2p2-0.24.1 openssh-askpass-6.2p2-0.24.1 openssh-askpass-gnome-6.2p2-0.24.3 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): openssh-6.2p2-0.24.1 openssh-askpass-6.2p2-0.24.1 openssh-askpass-gnome-6.2p2-0.24.3 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): openssh-6.2p2-0.24.1 openssh-askpass-6.2p2-0.24.1 openssh-askpass-gnome-6.2p2-0.24.3 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): openssh-askpass-gnome-debuginfo-6.2p2-0.24.3 openssh-debuginfo-6.2p2-0.24.1 openssh-debugsource-6.2p2-0.24.1 References: https://www.suse.com/security/cve/CVE-2016-0777.html https://www.suse.com/security/cve/CVE-2016-0778.html https://bugzilla.suse.com/961642 https://bugzilla.suse.com/961645 From sle-updates at lists.suse.com Thu Jan 14 12:13:21 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 20:13:21 +0100 (CET) Subject: SUSE-SU-2016:0120-1: critical: Security update for openssh Message-ID: <20160114191321.D1E00320E8@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0120-1 Rating: critical References: #961642 #961645 Cross-References: CVE-2016-0777 CVE-2016-0778 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642) - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645) This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openssh-2016011302-12326=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-openssh-2016011302-12326=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssh-2016011302-12326=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-6.6p1-16.1 openssh-askpass-gnome-6.6p1-16.4 openssh-fips-6.6p1-16.1 openssh-helpers-6.6p1-16.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): openssh-6.6p1-16.1 openssh-askpass-gnome-6.6p1-16.4 openssh-helpers-6.6p1-16.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-askpass-gnome-debuginfo-6.6p1-16.4 openssh-debuginfo-6.6p1-16.1 openssh-debugsource-6.6p1-16.1 References: https://www.suse.com/security/cve/CVE-2016-0777.html https://www.suse.com/security/cve/CVE-2016-0778.html https://bugzilla.suse.com/961642 https://bugzilla.suse.com/961645 From sle-updates at lists.suse.com Thu Jan 14 13:11:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 21:11:16 +0100 (CET) Subject: SUSE-SU-2016:0121-1: moderate: Security update for mariadb Message-ID: <20160114201116.CF2C1320E8@maintenance.suse.de> SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0121-1 Rating: moderate References: #934401 #937258 #937343 #937787 #958789 #958790 Cross-References: CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4895 CVE-2015-4913 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: MariaDB has been updated to version 10.0.22, which brings fixes for many security issues and other improvements. The following CVEs have been fixed: - 10.0.22: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792 - 10.0.21: CVE-2015-4816, CVE-2015-4819, CVE-2015-4879, CVE-2015-4895 The following non-security issues have been fixed: - Fix rc.mysql-multi script to properly start instances after restart. (bsc#934401) - Fix rc.mysql-multi script to restart after crash. (bsc#937258) For a comprehensive list of changes refer to the upstream Release Notes and Change Log documents: - https://kb.askmonty.org/en/mariadb-10022-release-notes/ - https://kb.askmonty.org/en/mariadb-10021-release-notes/ - https://kb.askmonty.org/en/mariadb-10022-changelog/ - https://kb.askmonty.org/en/mariadb-10021-changelog/ Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-87=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-87=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-87=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-87=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libmysqlclient_r18-10.0.22-20.3.1 libmysqlclient_r18-32bit-10.0.22-20.3.1 mariadb-debuginfo-10.0.22-20.3.1 mariadb-debugsource-10.0.22-20.3.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libmysqlclient-devel-10.0.22-20.3.1 libmysqlclient_r18-10.0.22-20.3.1 libmysqld-devel-10.0.22-20.3.1 libmysqld18-10.0.22-20.3.1 libmysqld18-debuginfo-10.0.22-20.3.1 mariadb-debuginfo-10.0.22-20.3.1 mariadb-debugsource-10.0.22-20.3.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libmysqlclient18-10.0.22-20.3.1 libmysqlclient18-debuginfo-10.0.22-20.3.1 mariadb-10.0.22-20.3.1 mariadb-client-10.0.22-20.3.1 mariadb-client-debuginfo-10.0.22-20.3.1 mariadb-debuginfo-10.0.22-20.3.1 mariadb-debugsource-10.0.22-20.3.1 mariadb-errormessages-10.0.22-20.3.1 mariadb-tools-10.0.22-20.3.1 mariadb-tools-debuginfo-10.0.22-20.3.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libmysqlclient18-32bit-10.0.22-20.3.1 libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libmysqlclient18-10.0.22-20.3.1 libmysqlclient18-32bit-10.0.22-20.3.1 libmysqlclient18-debuginfo-10.0.22-20.3.1 libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1 libmysqlclient_r18-10.0.22-20.3.1 libmysqlclient_r18-32bit-10.0.22-20.3.1 mariadb-10.0.22-20.3.1 mariadb-client-10.0.22-20.3.1 mariadb-client-debuginfo-10.0.22-20.3.1 mariadb-debuginfo-10.0.22-20.3.1 mariadb-debugsource-10.0.22-20.3.1 mariadb-errormessages-10.0.22-20.3.1 References: https://www.suse.com/security/cve/CVE-2015-4792.html https://www.suse.com/security/cve/CVE-2015-4802.html https://www.suse.com/security/cve/CVE-2015-4807.html https://www.suse.com/security/cve/CVE-2015-4815.html https://www.suse.com/security/cve/CVE-2015-4816.html https://www.suse.com/security/cve/CVE-2015-4819.html https://www.suse.com/security/cve/CVE-2015-4826.html https://www.suse.com/security/cve/CVE-2015-4830.html https://www.suse.com/security/cve/CVE-2015-4836.html https://www.suse.com/security/cve/CVE-2015-4858.html https://www.suse.com/security/cve/CVE-2015-4861.html https://www.suse.com/security/cve/CVE-2015-4870.html https://www.suse.com/security/cve/CVE-2015-4879.html https://www.suse.com/security/cve/CVE-2015-4895.html https://www.suse.com/security/cve/CVE-2015-4913.html https://bugzilla.suse.com/934401 https://bugzilla.suse.com/937258 https://bugzilla.suse.com/937343 https://bugzilla.suse.com/937787 https://bugzilla.suse.com/958789 https://bugzilla.suse.com/958790 From sle-updates at lists.suse.com Thu Jan 14 14:11:41 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 14 Jan 2016 22:11:41 +0100 (CET) Subject: SUSE-RU-2016:0122-1: moderate: Recommended update for sssd Message-ID: <20160114211141.1C89F320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sssd ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0122-1 Rating: moderate References: #927139 #935303 #941121 #945041 #948305 #951007 #952438 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This update for sssd provides the following fixes: - Fix a segmentation fault when processing group memberships. (bsc#927139) - Fix a segmentation fault when processing nested groups. (bsc#945041) - Fix handling of SSH keys stored in LDAP attributes. (bsc#941121) - Fix a problem that could lead to excessive memory usage. (bsc#948305) - Distribute libsss_autofs in the main package. (fate#318814, bsc#952438) - Enhance the debugging information of sudo provider. (bsc#951007) - Fix an issue with SudoNotAfter time restriction being ignored. (bsc#951007) - Check for empty arrays to prevent segmentation faults in memberOf requests. (bsc#935303) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sssd-12328=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-sssd-12328=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-sssd-12328=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sssd-12328=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-sssd-12328=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-sssd-12328=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-sssd-12328=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sssd-12328=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-sssd-12328=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsss_idmap-devel-1.9.4-0.26.1 libsss_sudo-devel-1.9.4-0.26.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsss_idmap-devel-1.9.4-0.26.1 libsss_sudo-devel-1.9.4-0.26.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libsss_idmap0-1.9.4-0.26.1 python-sssd-config-1.9.4-0.26.1 sssd-1.9.4-0.26.1 sssd-tools-1.9.4-0.26.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): sssd-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsss_idmap0-1.9.4-0.26.1 python-sssd-config-1.9.4-0.26.1 sssd-1.9.4-0.26.1 sssd-tools-1.9.4-0.26.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): sssd-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libsss_idmap0-1.9.4-0.26.1 python-sssd-config-1.9.4-0.26.1 sssd-1.9.4-0.26.1 sssd-tools-1.9.4-0.26.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): sssd-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libsss_idmap0-1.9.4-0.26.1 python-sssd-config-1.9.4-0.26.1 sssd-1.9.4-0.26.1 sssd-tools-1.9.4-0.26.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): sssd-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libsss_idmap0-1.9.4-0.26.1 python-sssd-config-1.9.4-0.26.1 sssd-1.9.4-0.26.1 sssd-tools-1.9.4-0.26.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): sssd-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sssd-debuginfo-1.9.4-0.26.1 sssd-debugsource-1.9.4-0.26.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): sssd-debuginfo-32bit-1.9.4-0.26.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): sssd-debuginfo-1.9.4-0.26.1 sssd-debugsource-1.9.4-0.26.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x): sssd-debuginfo-32bit-1.9.4-0.26.1 References: https://bugzilla.suse.com/927139 https://bugzilla.suse.com/935303 https://bugzilla.suse.com/941121 https://bugzilla.suse.com/945041 https://bugzilla.suse.com/948305 https://bugzilla.suse.com/951007 https://bugzilla.suse.com/952438 From sle-updates at lists.suse.com Fri Jan 15 11:11:24 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 19:11:24 +0100 (CET) Subject: SUSE-RU-2016:0135-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20160115181124.57C2D320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0135-1 Rating: moderate References: #948245 #950372 #952844 #954602 #956981 Affected Products: SUSE Manager Tools 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for SUSE Manager Client Tools fixes the following issues: cobbler: - The cobbler main package should see a SUSE system as systemd only. (bsc#952844) rhn-virtualization: - Fix guest report of virtual hosts. (bsc#950372) spacecmd: - Mimetype detection to set the binary flag requires 'file' tool. - Set binary mode on uploaded files based on content. (bsc#948245) spacewalk-backend: - Avoid referencing unassigned variable. (bsc#956981) spacewalk-client-tools: - Fix client registration for network interfaces with labels. (bsc#956981) zypp-plugin-spacewalk: - Convert zypper output to valid UTF-8. (bsc#954602) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2016-95=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Tools 12 (ppc64le s390x x86_64): zypp-plugin-spacewalk-0.9.12-20.1 - SUSE Manager Tools 12 (noarch): koan-2.6.6-19.1 rhn-virtualization-common-5.4.50.6-8.1 rhn-virtualization-host-5.4.50.6-8.1 spacecmd-2.1.25.11-14.1 spacewalk-backend-libs-2.1.55.23-23.1 spacewalk-check-2.1.16.10-21.1 spacewalk-client-setup-2.1.16.10-21.1 spacewalk-client-tools-2.1.16.10-21.1 References: https://bugzilla.suse.com/948245 https://bugzilla.suse.com/950372 https://bugzilla.suse.com/952844 https://bugzilla.suse.com/954602 https://bugzilla.suse.com/956981 From sle-updates at lists.suse.com Fri Jan 15 11:12:40 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 19:12:40 +0100 (CET) Subject: SUSE-RU-2016:0136-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20160115181240.8D2E7320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0136-1 Rating: moderate References: #948245 #950372 #954602 #956981 Affected Products: SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for SUSE Manager Client Tools fixes the following issues: rhn-virtualization: - Fix guest report of virtual hosts. (bsc#950372) spacecmd: - Mimetype detection to set the binary flag requires 'file' tool. - Set binary mode on uploaded files based on content. (bsc#948245) spacewalk-backend: - Avoid referencing unassigned variable. (bsc#956981) spacewalk-client-tools: - Fix client registration for network interfaces with labels. (bsc#956981) zypp-plugin-spacewalk: - Convert zypper output to valid UTF-8. (bsc#954602) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS: zypper in -t patch slesctsp4-client-tools-201512-12331=1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-client-tools-201512-12331=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): spacecmd-2.1.25.11-15.3 spacewalk-backend-libs-2.1.55.23-18.3 zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (noarch): rhn-virtualization-common-5.4.50.6-11.7 rhn-virtualization-host-5.4.50.6-11.7 spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): spacecmd-2.1.25.11-15.3 spacewalk-backend-libs-2.1.55.23-18.3 zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (noarch): rhn-virtualization-common-5.4.50.6-11.7 rhn-virtualization-host-5.4.50.6-11.7 spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 References: https://bugzilla.suse.com/948245 https://bugzilla.suse.com/950372 https://bugzilla.suse.com/954602 https://bugzilla.suse.com/956981 From sle-updates at lists.suse.com Fri Jan 15 11:13:41 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 19:13:41 +0100 (CET) Subject: SUSE-RU-2016:0137-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20160115181341.222BB320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0137-1 Rating: moderate References: #954602 #956981 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for SUSE Manager Client Tools provides the following fixes and enhancements: spacewalk-client-tools: - Fix client registration for network interfaces with labels. (bsc#956981) zypp-plugin-spacewalk: - Convert zypper output to valid UTF-8. (bsc#954602) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-client-tools-21-201512-12331=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-client-tools-21-201512-12331=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-client-tools-21-201512-12331=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-client-tools-21-201512-12331=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-client-tools-21-201512-12331=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Server 11-SP4 (noarch): spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Server 11-SP3 (noarch): spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 References: https://bugzilla.suse.com/954602 https://bugzilla.suse.com/956981 From sle-updates at lists.suse.com Fri Jan 15 11:15:10 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 19:15:10 +0100 (CET) Subject: SUSE-RU-2016:0139-1: moderate: Recommended update for SUSE Manager Server 2.1 Message-ID: <20160115181510.1CE2F320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 2.1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0139-1 Rating: moderate References: #932966 #934865 #935375 #937802 #943517 #945719 #948238 #948245 #948964 #949158 #949285 #949516 #949528 #949554 #949726 #950372 #950748 #950975 #951549 #953584 #953825 #954602 #954983 #955204 #956981 #958395 Affected Products: SUSE Manager 2.1 ______________________________________________________________________________ An update that has 26 recommended fixes can now be installed. Description: This update for SUSE Manager Server 2.1 fixes the following issues: smdba: - Memory calculation optimization bugfix. (bsc#932966) - Added "max_locks_per_transaction" and "max_connections" tuning parameters . spacecmd: - Mimetype detection to set the binary flag requires 'file' tool. - Set binary mode on uploaded files based on content. (bsc#948245) spacewalk-admin: - Config-defaults directory changed, read rhn_audit defaults from new location. spacewalk-backend: - Fix undefined variable if --sync-kickstart is used. (bsc#958395) - Avoid referencing unassigned variable. (bsc#956981) - Fix patch syncing if no issued date is given. Use "now" as date. (bsc#953584) - Fix SUSE patch style detection for RES4. (bsc#953825) - Additional debug data: listing of /srv/www/htdocs/pub and activation keys. spacewalk-branding: - Calculate and set correctly height of aside menu. (bsc#934865) - Branding: fix image urls. spacewalk-certs-tools: - Fixed issue with sudo being checked, even if not set. spacewalk-client-tools: - Fix client registration for network interfaces with labels. (bsc#956981) spacewalk-java: - Prevent returning null on merging path slices. (bsc#950975) - Sort channel list by name. (bsc#955204) - Consider old products only if no patch is available. (bsc#954983) - Avoid updating channel family counts when changing cloned channels via API. (bsc#949158) - Use non-immediate errata cache rebuilding on channel unsubscription. (bsc#949158) - Add support for timing out on an ssh connection. (bsc#945719) - Remove inconsistency and make more general the action description for package page title and tab-title in Schedule. (bsc#935375) - Use the new algorithm based on package names to determine if patch is applicable or not. (bsc#948964) - Remove url decoding since values are already decoded at this point. (bsc#951549) - Fix broken link from blue 'not-checking-in' system status icon. (bsc#943517) - Fix incomplete enabling of config actions via snippet. (bsc#949528) - Deactivate all non spacewalk plugin services and repos via snippet. (bsc#949554) - Add SUSE Enterprise Storage 2. (bsc#949285) - Add snippet to wait for NetworkManager. (bsc#937802) - Support for SLE12 SP1 product family. (bsc#949726) spacewalk-web: - Add custom rule to scroll to the url hash for pages in 'rhn/systems/ssm/misc' path. (bsc#934865) - Calculate and set correctly height of aside menu. (bsc#934865) - Add default setting for task timeout. susemanager-schema: - When deleting a server, delete all associated rhnSet entries, even if it was migrated to a different Org. (bsc#950748) - Adding on delete cascade to sppf_pid_fk. (bsc#948238) susemanager-sync-data: - Add IBM DLPAR channels to SLES 12 SP1 ppc64le. (bsc#949726) zypp-plugin-spacewalk: - Convert zypper output to valid UTF-8. (bsc#954602) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 2.1: zypper in -t patch sleman21-suse-manager-21-201512-12331=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 2.1 (s390x x86_64): smdba-1.5.2-0.9.2 spacecmd-2.1.25.11-15.3 spacewalk-backend-2.1.55.23-18.3 spacewalk-backend-app-2.1.55.23-18.3 spacewalk-backend-applet-2.1.55.23-18.3 spacewalk-backend-config-files-2.1.55.23-18.3 spacewalk-backend-config-files-common-2.1.55.23-18.3 spacewalk-backend-config-files-tool-2.1.55.23-18.3 spacewalk-backend-iss-2.1.55.23-18.3 spacewalk-backend-iss-export-2.1.55.23-18.3 spacewalk-backend-libs-2.1.55.23-18.3 spacewalk-backend-package-push-server-2.1.55.23-18.3 spacewalk-backend-server-2.1.55.23-18.3 spacewalk-backend-sql-2.1.55.23-18.3 spacewalk-backend-sql-oracle-2.1.55.23-18.3 spacewalk-backend-sql-postgresql-2.1.55.23-18.3 spacewalk-backend-tools-2.1.55.23-18.3 spacewalk-backend-xml-export-libs-2.1.55.23-18.3 spacewalk-backend-xmlrpc-2.1.55.23-18.3 spacewalk-branding-2.1.33.14-12.2 zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Manager 2.1 (noarch): spacewalk-admin-2.1.2.5-9.2 spacewalk-base-2.1.60.14-12.3 spacewalk-base-minimal-2.1.60.14-12.3 spacewalk-base-minimal-config-2.1.60.14-12.3 spacewalk-certs-tools-2.1.6.8-12.3 spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 spacewalk-grail-2.1.60.14-12.3 spacewalk-html-2.1.60.14-12.3 spacewalk-java-2.1.165.20-12.3 spacewalk-java-config-2.1.165.20-12.3 spacewalk-java-lib-2.1.165.20-12.3 spacewalk-java-oracle-2.1.165.20-12.3 spacewalk-java-postgresql-2.1.165.20-12.3 spacewalk-pxt-2.1.60.14-12.3 spacewalk-sniglets-2.1.60.14-12.3 spacewalk-taskomatic-2.1.165.20-12.3 susemanager-schema-2.1.50.15-12.3 susemanager-sync-data-2.1.11-18.2 References: https://bugzilla.suse.com/932966 https://bugzilla.suse.com/934865 https://bugzilla.suse.com/935375 https://bugzilla.suse.com/937802 https://bugzilla.suse.com/943517 https://bugzilla.suse.com/945719 https://bugzilla.suse.com/948238 https://bugzilla.suse.com/948245 https://bugzilla.suse.com/948964 https://bugzilla.suse.com/949158 https://bugzilla.suse.com/949285 https://bugzilla.suse.com/949516 https://bugzilla.suse.com/949528 https://bugzilla.suse.com/949554 https://bugzilla.suse.com/949726 https://bugzilla.suse.com/950372 https://bugzilla.suse.com/950748 https://bugzilla.suse.com/950975 https://bugzilla.suse.com/951549 https://bugzilla.suse.com/953584 https://bugzilla.suse.com/953825 https://bugzilla.suse.com/954602 https://bugzilla.suse.com/954983 https://bugzilla.suse.com/955204 https://bugzilla.suse.com/956981 https://bugzilla.suse.com/958395 From sle-updates at lists.suse.com Fri Jan 15 11:20:19 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 19:20:19 +0100 (CET) Subject: SUSE-RU-2016:0140-1: moderate: Recommended update for SUSE Manager Proxy 2.1 Message-ID: <20160115182019.8C968320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 2.1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0140-1 Rating: moderate References: #934865 #948245 #949516 #953584 #953825 #954602 #956981 #958395 Affected Products: SUSE Manager Proxy 2.1 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update for SUSE Manager Proxy 2.1 fixes the following issues: spacecmd: - Mimetype detection to set the binary flag requires 'file' tool. - Set binary mode on uploaded files based on content. (bsc#948245) spacewalk-backend: - Fix undefined variable if --sync-kickstart is used. (bsc#958395) - Avoid referencing unassigned variable. (bsc#956981) - Fix patch syning if no issued date is given. Use "now" as date. (bsc#953584) - Fix SUSE patch style detection for RES4. (bsc#953825) - Additional debug data: listing of /srv/www/htdocs/pub and activation keys. spacewalk-certs-tools: - Fixed issue with sudo being checked, even if not set. spacewalk-client-tools: - Fix client registration for network interfaces with labels. (bsc#956981) spacewalk-proxy-installer: - Make sure ssl-build dir exists. (bsc#949516) spacewalk-web: - Add custom rule to scroll to the url hash for pages in 'rhn/systems/ssm/misc' path. (bsc#934865) - Calculate and set correctly height of aside menu. (bsc#934865) - Add default setting for task timeout. zypp-plugin-spacewalk: - Convert zypper output to valid UTF-8. (bsc#954602) How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-suse-manager-proxy-21-201512-12331=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 2.1 (x86_64): spacecmd-2.1.25.11-15.3 spacewalk-backend-2.1.55.23-18.3 spacewalk-backend-libs-2.1.55.23-18.3 zypp-plugin-spacewalk-0.9.12-18.3 - SUSE Manager Proxy 2.1 (noarch): spacewalk-base-minimal-2.1.60.14-12.3 spacewalk-base-minimal-config-2.1.60.14-12.3 spacewalk-certs-tools-2.1.6.8-12.3 spacewalk-check-2.1.16.10-15.2 spacewalk-client-setup-2.1.16.10-15.2 spacewalk-client-tools-2.1.16.10-15.2 spacewalk-proxy-installer-2.1.6.10-9.3 References: https://bugzilla.suse.com/934865 https://bugzilla.suse.com/948245 https://bugzilla.suse.com/949516 https://bugzilla.suse.com/953584 https://bugzilla.suse.com/953825 https://bugzilla.suse.com/954602 https://bugzilla.suse.com/956981 https://bugzilla.suse.com/958395 From sle-updates at lists.suse.com Fri Jan 15 12:11:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 20:11:05 +0100 (CET) Subject: SUSE-RU-2016:0141-1: moderate: Recommended update for snapper Message-ID: <20160115191105.4929F320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for snapper ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0141-1 Rating: moderate References: #954445 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for snapper ensures a roll-back operation will only be executed for the root file system. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-96=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-96=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-96=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libsnapper-devel-0.2.9.1-3.1 snapper-debuginfo-0.2.9.1-3.1 snapper-debugsource-0.2.9.1-3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libsnapper3-0.2.9.1-3.1 libsnapper3-debuginfo-0.2.9.1-3.1 pam_snapper-0.2.9.1-3.1 pam_snapper-debuginfo-0.2.9.1-3.1 snapper-0.2.9.1-3.1 snapper-debuginfo-0.2.9.1-3.1 snapper-debugsource-0.2.9.1-3.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): snapper-zypp-plugin-0.2.9.1-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libsnapper3-0.2.9.1-3.1 libsnapper3-debuginfo-0.2.9.1-3.1 pam_snapper-0.2.9.1-3.1 pam_snapper-debuginfo-0.2.9.1-3.1 snapper-0.2.9.1-3.1 snapper-debuginfo-0.2.9.1-3.1 snapper-debugsource-0.2.9.1-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): snapper-zypp-plugin-0.2.9.1-3.1 References: https://bugzilla.suse.com/954445 From sle-updates at lists.suse.com Fri Jan 15 14:11:09 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 15 Jan 2016 22:11:09 +0100 (CET) Subject: SUSE-OU-2016:0142-1: Optional update for SLE HA manuals Message-ID: <20160115211109.C7F39320D8@maintenance.suse.de> SUSE Optional Update: Optional update for SLE HA manuals ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0142-1 Rating: low References: #959404 Affected Products: SUSE Linux Enterprise High Availability 12-SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: The SUSE Linux Enterprise High Availability Extension manuals have been translated to Japanese, Chinese simplified and Chinese traditional. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2016-97=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12-SP1 (noarch): sle-ha-guide_ja-pdf-12.1-5.1 sle-ha-guide_zh_CN-pdf-12.1-5.1 sle-ha-guide_zh_TW-pdf-12.1-5.1 sle-ha-manuals_ja-12.1-5.1 sle-ha-manuals_zh_CN-12.1-5.1 sle-ha-manuals_zh_TW-12.1-5.1 References: https://bugzilla.suse.com/959404 From sle-updates at lists.suse.com Mon Jan 18 06:12:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 14:12:16 +0100 (CET) Subject: SUSE-SU-2016:0149-1: moderate: Security update for mozilla-nss Message-ID: <20160118131216.6E82D320E8@maintenance.suse.de> SUSE Security Update: Security update for mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0149-1 Rating: moderate References: #959888 Cross-References: CVE-2015-7575 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update contains mozilla-nss 3.19.2.2 and fixes the following security issue: - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-98=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-98=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-98=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-98=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-98=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-98=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-devel-3.19.2.2-32.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-devel-3.19.2.2-32.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libfreebl3-3.19.2.2-32.1 libfreebl3-debuginfo-3.19.2.2-32.1 libfreebl3-hmac-3.19.2.2-32.1 libsoftokn3-3.19.2.2-32.1 libsoftokn3-debuginfo-3.19.2.2-32.1 libsoftokn3-hmac-3.19.2.2-32.1 mozilla-nss-3.19.2.2-32.1 mozilla-nss-certs-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-3.19.2.2-32.1 mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-sysinit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1 mozilla-nss-tools-3.19.2.2-32.1 mozilla-nss-tools-debuginfo-3.19.2.2-32.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libfreebl3-32bit-3.19.2.2-32.1 libfreebl3-debuginfo-32bit-3.19.2.2-32.1 libfreebl3-hmac-32bit-3.19.2.2-32.1 libsoftokn3-32bit-3.19.2.2-32.1 libsoftokn3-debuginfo-32bit-3.19.2.2-32.1 libsoftokn3-hmac-32bit-3.19.2.2-32.1 mozilla-nss-32bit-3.19.2.2-32.1 mozilla-nss-certs-32bit-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libfreebl3-3.19.2.2-32.1 libfreebl3-debuginfo-3.19.2.2-32.1 libfreebl3-hmac-3.19.2.2-32.1 libsoftokn3-3.19.2.2-32.1 libsoftokn3-debuginfo-3.19.2.2-32.1 libsoftokn3-hmac-3.19.2.2-32.1 mozilla-nss-3.19.2.2-32.1 mozilla-nss-certs-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-3.19.2.2-32.1 mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-sysinit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1 mozilla-nss-tools-3.19.2.2-32.1 mozilla-nss-tools-debuginfo-3.19.2.2-32.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libfreebl3-32bit-3.19.2.2-32.1 libfreebl3-debuginfo-32bit-3.19.2.2-32.1 libfreebl3-hmac-32bit-3.19.2.2-32.1 libsoftokn3-32bit-3.19.2.2-32.1 libsoftokn3-debuginfo-32bit-3.19.2.2-32.1 libsoftokn3-hmac-32bit-3.19.2.2-32.1 mozilla-nss-32bit-3.19.2.2-32.1 mozilla-nss-certs-32bit-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libfreebl3-3.19.2.2-32.1 libfreebl3-32bit-3.19.2.2-32.1 libfreebl3-debuginfo-3.19.2.2-32.1 libfreebl3-debuginfo-32bit-3.19.2.2-32.1 libsoftokn3-3.19.2.2-32.1 libsoftokn3-32bit-3.19.2.2-32.1 libsoftokn3-debuginfo-3.19.2.2-32.1 libsoftokn3-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-3.19.2.2-32.1 mozilla-nss-32bit-3.19.2.2-32.1 mozilla-nss-certs-3.19.2.2-32.1 mozilla-nss-certs-32bit-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-sysinit-3.19.2.2-32.1 mozilla-nss-sysinit-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-tools-3.19.2.2-32.1 mozilla-nss-tools-debuginfo-3.19.2.2-32.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libfreebl3-3.19.2.2-32.1 libfreebl3-32bit-3.19.2.2-32.1 libfreebl3-debuginfo-3.19.2.2-32.1 libfreebl3-debuginfo-32bit-3.19.2.2-32.1 libsoftokn3-3.19.2.2-32.1 libsoftokn3-32bit-3.19.2.2-32.1 libsoftokn3-debuginfo-3.19.2.2-32.1 libsoftokn3-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-3.19.2.2-32.1 mozilla-nss-32bit-3.19.2.2-32.1 mozilla-nss-certs-3.19.2.2-32.1 mozilla-nss-certs-32bit-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-3.19.2.2-32.1 mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debuginfo-3.19.2.2-32.1 mozilla-nss-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-debugsource-3.19.2.2-32.1 mozilla-nss-sysinit-3.19.2.2-32.1 mozilla-nss-sysinit-32bit-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1 mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1 mozilla-nss-tools-3.19.2.2-32.1 mozilla-nss-tools-debuginfo-3.19.2.2-32.1 References: https://www.suse.com/security/cve/CVE-2015-7575.html https://bugzilla.suse.com/959888 From sle-updates at lists.suse.com Mon Jan 18 08:11:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 16:11:16 +0100 (CET) Subject: SUSE-RU-2016:0150-1: Recommended update for crowbar-barclamp-keystone Message-ID: <20160118151116.418C2320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-barclamp-keystone ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0150-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for crowbar-barclamp-keystone fixes the following issues: - Add --insecure flag to openstack command when using self-signed certificates. - Add warning for keystone timeout. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-crowbar-barclamp-keystone-12335=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): crowbar-barclamp-keystone-1.9+git.1447846735.56dd9cb-16.4 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 18 11:11:37 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 19:11:37 +0100 (CET) Subject: SUSE-RU-2016:0155-1: Recommended update for sle-ha-manuals_en Message-ID: <20160118181137.DA3ED320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sle-ha-manuals_en ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0155-1 Rating: low References: #959403 Affected Products: SUSE Linux Enterprise High Availability 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The Administrator Guide for SUSE Linux Enterprise High Availability Extension 12-SP1 has been updated to include a new chapter about Hawk 2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2016-102=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12-SP1 (noarch): sle-ha-guide_en-pdf-12.1-8.5 sle-ha-manuals_en-12.1-8.5 sle-ha-nfs-quick_en-pdf-12.1-8.5 References: https://bugzilla.suse.com/959403 From sle-updates at lists.suse.com Mon Jan 18 11:12:00 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 19:12:00 +0100 (CET) Subject: SUSE-OU-2016:0156-1: Optional update for libica2 Message-ID: <20160118181200.646EE320E8@maintenance.suse.de> SUSE Optional Update: Optional update for libica2 ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0156-1 Rating: low References: #943085 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: The SUSE Linux Enterprise Software Development Kit 11 SP4 missed to include the zSeries specific libica2-devel package. This update supplies this package. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libica2-12336=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libica2-12336=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libica2-12336=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (s390x): libica2-devel-2.4.2-0.14.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): libica2-2.4.2-0.14.1 libica2-32bit-2.4.2-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (s390x): libica2-debuginfo-2.4.2-0.14.1 libica2-debuginfo-32bit-2.4.2-0.14.1 libica2-debugsource-2.4.2-0.14.1 References: https://bugzilla.suse.com/943085 From sle-updates at lists.suse.com Mon Jan 18 14:13:02 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 22:13:02 +0100 (CET) Subject: SUSE-RU-2016:0159-1: Recommended update for sblim-cmpi-devel Message-ID: <20160118211302.39E0F320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-cmpi-devel ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0159-1 Rating: low References: #955721 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sblim-cmpi-devel fixes memory leaks in CmpiObjectPath methods. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sblim-cmpi-devel-12337=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-sblim-cmpi-devel-12337=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-sblim-cmpi-devel-12337=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sblim-cmpi-devel-12337=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-sblim-cmpi-devel-12337=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sblim-cmpi-devel-12337=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): sblim-cmpi-devel-2.0.1-5.6.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): sblim-cmpi-devel-2.0.1-5.6.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libcmpiCppImpl0-2.0.1-5.6.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libcmpiCppImpl0-2.0.1-5.6.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libcmpiCppImpl0-2.0.1-5.6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sblim-cmpi-devel-debuginfo-2.0.1-5.6.1 sblim-cmpi-devel-debugsource-2.0.1-5.6.1 References: https://bugzilla.suse.com/955721 From sle-updates at lists.suse.com Mon Jan 18 14:13:37 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 18 Jan 2016 22:13:37 +0100 (CET) Subject: SUSE-SU-2016:0160-1: moderate: Security update for tiff Message-ID: <20160118211337.39348320D8@maintenance.suse.de> SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0160-1 Rating: moderate References: #942690 #960341 Cross-References: CVE-2015-7554 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update to tiff 4.0.6 fixes the following issues: - CVE-2015-7554: Out-of-bounds write in the thumbnail and tiffcmp tools allowed attacker to cause a denial of service or have unspecified further impact (bsc#960341) - bsc#942690: potential out-of-bound write in NeXTDecode() (#2508) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-104=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-104=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-104=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-104=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-104=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-104=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libtiff-devel-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libtiff-devel-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libtiff5-4.0.6-19.1 libtiff5-debuginfo-4.0.6-19.1 tiff-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libtiff5-32bit-4.0.6-19.1 libtiff5-debuginfo-32bit-4.0.6-19.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libtiff5-4.0.6-19.1 libtiff5-debuginfo-4.0.6-19.1 tiff-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libtiff5-32bit-4.0.6-19.1 libtiff5-debuginfo-32bit-4.0.6-19.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libtiff5-32bit-4.0.6-19.1 libtiff5-4.0.6-19.1 libtiff5-debuginfo-32bit-4.0.6-19.1 libtiff5-debuginfo-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libtiff5-32bit-4.0.6-19.1 libtiff5-4.0.6-19.1 libtiff5-debuginfo-32bit-4.0.6-19.1 libtiff5-debuginfo-4.0.6-19.1 tiff-debuginfo-4.0.6-19.1 tiff-debugsource-4.0.6-19.1 References: https://www.suse.com/security/cve/CVE-2015-7554.html https://bugzilla.suse.com/942690 https://bugzilla.suse.com/960341 From sle-updates at lists.suse.com Tue Jan 19 05:11:46 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 13:11:46 +0100 (CET) Subject: SUSE-SU-2016:0164-1: important: Security update for samba Message-ID: <20160119121146.739B5320E8@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0164-1 Rating: important References: #295284 #912457 #934299 #936909 #948244 #949022 #953382 #958582 #958583 #958584 #958586 Cross-References: CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has 7 fixes is now available. Description: This update for Samba fixes the following security issues: - CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586) - CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582) - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584) - CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583) Non-security issues fixed: - Prevent null pointer access in samlogon fallback when security credentials are null (bnc#949022) - Ensure samlogon fall-back requests are rerouted after kerberos failure (bnc#953382) - Ensure "Your account is disabled" message is displayed when attempting to ssh into locked account (bnc#953382) - Address unrecoverable winbind failure: "key length too large" (bnc#934299) - Take resource group sids into account when caching netsamlogon data (bnc#912457) - Fix lookup of groups with "Local Domain" scope from Active Directory (bnc#948244) - dependency issue with samba-winbind (bnc#936909) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-20160113-12338=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-samba-20160113-12338=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-samba-20160113-12338=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-20160113-12338=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-samba-20160113-12338=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-samba-20160113-12338=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-samba-20160113-12338=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-20160113-12338=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-20160113-12338=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-64.1 libnetapi-devel-3.6.3-64.1 libnetapi0-3.6.3-64.1 libsmbclient-devel-3.6.3-64.1 libsmbsharemodes-devel-3.6.3-64.1 libsmbsharemodes0-3.6.3-64.1 libtalloc-devel-3.6.3-64.1 libtdb-devel-3.6.3-64.1 libtevent-devel-3.6.3-64.1 libwbclient-devel-3.6.3-64.1 samba-devel-3.6.3-64.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64 ppc64 s390x x86_64): samba-test-3.6.3-64.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-64.1 libnetapi-devel-3.6.3-64.1 libnetapi0-3.6.3-64.1 libsmbclient-devel-3.6.3-64.1 libsmbsharemodes-devel-3.6.3-64.1 libsmbsharemodes0-3.6.3-64.1 libtalloc-devel-3.6.3-64.1 libtdb-devel-3.6.3-64.1 libtevent-devel-3.6.3-64.1 libwbclient-devel-3.6.3-64.1 samba-devel-3.6.3-64.1 samba-test-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-64.1 libtalloc2-x86-3.6.3-64.1 libtdb1-x86-3.6.3-64.1 libtevent0-x86-3.6.3-64.1 libwbclient0-x86-3.6.3-64.1 samba-client-x86-3.6.3-64.1 samba-winbind-x86-3.6.3-64.1 samba-x86-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libsmbclient0-x86-3.6.3-64.1 libtalloc2-x86-3.6.3-64.1 libtdb1-x86-3.6.3-64.1 libwbclient0-x86-3.6.3-64.1 samba-client-x86-3.6.3-64.1 samba-winbind-x86-3.6.3-64.1 samba-x86-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libldb1-32bit-3.6.3-64.1 libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libldb1-32bit-3.6.3-64.1 libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-64.1 samba-debugsource-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-64.1 samba-debugsource-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x): samba-debuginfo-32bit-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): samba-debuginfo-x86-3.6.3-64.1 References: https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://bugzilla.suse.com/295284 https://bugzilla.suse.com/912457 https://bugzilla.suse.com/934299 https://bugzilla.suse.com/936909 https://bugzilla.suse.com/948244 https://bugzilla.suse.com/949022 https://bugzilla.suse.com/953382 https://bugzilla.suse.com/958582 https://bugzilla.suse.com/958583 https://bugzilla.suse.com/958584 https://bugzilla.suse.com/958586 From sle-updates at lists.suse.com Tue Jan 19 06:11:17 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 14:11:17 +0100 (CET) Subject: SUSE-RU-2016:0165-1: Recommended update for python-glanceclient Message-ID: <20160119131117.CAA89320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-glanceclient ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0165-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for python-glanceclient adds support for creating images from instances with a multibyte name. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-python-glanceclient-12340=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): python-glanceclient-0.15.0-12.3 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Tue Jan 19 06:11:40 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 14:11:40 +0100 (CET) Subject: SUSE-RU-2016:0166-1: Recommended update for powerpc-utils Message-ID: <20160119131140.33221320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for powerpc-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0166-1 Rating: low References: #936383 #940462 Affected Products: SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for powerpc-utils provides the following fixes: - Drop requirement on 'tgt' package. - Warn users about deprecated support SLES 12 onwards. - Ignore deprecated /proc/ network files. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-108=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le): powerpc-utils-1.2.22-14.5.2 powerpc-utils-debuginfo-1.2.22-14.5.2 powerpc-utils-debugsource-1.2.22-14.5.2 References: https://bugzilla.suse.com/936383 https://bugzilla.suse.com/940462 From sle-updates at lists.suse.com Tue Jan 19 06:12:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 14:12:16 +0100 (CET) Subject: SUSE-RU-2016:0167-1: Recommended update for openstack-tempest Message-ID: <20160119131216.38295320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-tempest ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0167-1 Rating: low References: #932598 #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-tempest fixes the following issues: - Skip cinder encrypted volume tests. (bsc#932598) - Test deactivate feature in the image service. - Set the correct API version for the V2 identity client. - Bump rpm package version to 4.juno to avoid downgrade. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-tempest-12341=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-tempest-4.juno-13.1 openstack-tempest-test-4.juno-13.1 python-tempest-4.juno-13.1 References: https://bugzilla.suse.com/932598 https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Tue Jan 19 06:12:52 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 14:12:52 +0100 (CET) Subject: SUSE-SU-2016:0168-1: important: Security update for the Linux Kernel Message-ID: <20160119131252.941B4320E8@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0168-1 Rating: important References: #758040 #902606 #924919 #935087 #937261 #943959 #945649 #949440 #951155 #951199 #951392 #951615 #951638 #952579 #952976 #956708 #956801 #956876 #957395 #957546 #957988 #957990 #958463 #958504 #958510 #958647 #958886 #958951 #959190 #959364 #959399 #959436 #959705 #960300 Cross-References: CVE-2015-7550 CVE-2015-8539 CVE-2015-8543 CVE-2015-8550 CVE-2015-8551 CVE-2015-8552 CVE-2015-8569 CVE-2015-8575 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 26 fixes is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). The following non-security bugs were fixed: - ACPICA: Correctly cleanup after a ACPI table load failure (bnc#937261). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - Re-add copy_page_vector_to_user() - Refresh patches.xen/xen3-patch-3.12.46-47 (bsc#959705). - Refresh patches.xen/xen3-patch-3.9 (bsc#951155). - Update patches.suse/btrfs-8361-Btrfs-keep-dropped-roots-in-cache-until-transaction -.patch (bnc#935087, bnc#945649, bnc#951615). - bcache: Add btree_insert_node() (bnc#951638). - bcache: Add explicit keylist arg to btree_insert() (bnc#951638). - bcache: Clean up keylist code (bnc#951638). - bcache: Convert btree_insert_check_key() to btree_insert_node() (bnc#951638). - bcache: Convert bucket_wait to wait_queue_head_t (bnc#951638). - bcache: Convert try_wait to wait_queue_head_t (bnc#951638). - bcache: Explicitly track btree node's parent (bnc#951638). - bcache: Fix a bug when detaching (bsc#951638). - bcache: Fix a lockdep splat in an error path (bnc#951638). - bcache: Fix a shutdown bug (bsc#951638). - bcache: Fix more early shutdown bugs (bsc#951638). - bcache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - bcache: Insert multiple keys at a time (bnc#951638). - bcache: Refactor journalling flow control (bnc#951638). - bcache: Refactor request_write() (bnc#951638). - bcache: Use blkdev_issue_discard() (bnc#951638). - bcache: backing device set to clean after finishing detach (bsc#951638). - bcache: kill closure locking usage (bnc#951638). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - block: Always check queue limits for cloned requests (bsc#902606). - btrfs: Add qgroup tracing (bnc#935087, bnc#945649). - btrfs: Adjust commit-transaction condition to avoid NO_SPACE more (bsc#958647). - btrfs: Fix out-of-space bug (bsc#958647). - btrfs: Fix tail space processing in find_free_dev_extent() (bsc#958647). - btrfs: Set relative data on clear btrfs_block_group_cache->pinned (bsc#958647). - btrfs: Update btrfs qgroup status item when rescan is done (bnc#960300). - btrfs: backref: Add special time_seq == (u64)-1 case for btrfs_find_all_roots() (bnc#935087, bnc#945649). - btrfs: backref: Do not merge refs which are not for same block (bnc#935087, bnc#945649). - btrfs: cleanup: remove no-used alloc_chunk in btrfs_check_data_free_space() (bsc#958647). - btrfs: delayed-ref: Cleanup the unneeded functions (bnc#935087, bnc#945649). - btrfs: delayed-ref: Use list to replace the ref_root in ref_head (bnc#935087, bnc#945649). - btrfs: extent-tree: Use ref_node to replace unneeded parameters in __inc_extent_ref() and __free_extent() (bnc#935087, bnc#945649). - btrfs: fix comp_oper to get right order (bnc#935087, bnc#945649). - btrfs: fix condition of commit transaction (bsc#958647). - btrfs: fix leak in qgroup_subtree_accounting() error path (bnc#935087, bnc#945649). - btrfs: fix order by which delayed references are run (bnc#949440). - btrfs: fix qgroup sanity tests (bnc#951615). - btrfs: fix race waiting for qgroup rescan worker (bnc#960300). - btrfs: fix regression running delayed references when using qgroups (bnc#951615). - btrfs: fix regression when running delayed references (bnc#951615). - btrfs: fix sleeping inside atomic context in qgroup rescan worker (bnc#960300). - btrfs: fix the number of transaction units needed to remove a block group (bsc#958647). - btrfs: keep dropped roots in cache until transaction commit (bnc#935087, bnc#945649). - btrfs: qgroup: Add function qgroup_update_counters() (bnc#935087, bnc#945649). - btrfs: qgroup: Add function qgroup_update_refcnt() (bnc#935087, bnc#945649). - btrfs: qgroup: Add new function to record old_roots (bnc#935087, bnc#945649). - btrfs: qgroup: Add new qgroup calculation function btrfs_qgroup_account_extents() (bnc#935087, bnc#945649). - btrfs: qgroup: Add the ability to skip given qgroup for old/new_roots (bnc#935087, bnc#945649). - btrfs: qgroup: Cleanup open-coded old/new_refcnt update and read (bnc#935087, bnc#945649). - btrfs: qgroup: Cleanup the old ref_node-oriented mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Do not copy extent buffer to do qgroup rescan (bnc#960300). - btrfs: qgroup: Fix a regression in qgroup reserved space (bnc#935087, bnc#945649). - btrfs: qgroup: Make snapshot accounting work with new extent-oriented qgroup (bnc#935087, bnc#945649). - btrfs: qgroup: Record possible quota-related extent for qgroup (bnc#935087, bnc#945649). - btrfs: qgroup: Switch rescan to new mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Switch self test to extent-oriented qgroup mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Switch to new extent-oriented qgroup mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: account shared subtree during snapshot delete (bnc#935087, bnc#945649). - btrfs: qgroup: clear STATUS_FLAG_ON in disabling quota (bnc#960300). - btrfs: qgroup: exit the rescan worker during umount (bnc#960300). - btrfs: qgroup: fix quota disable during rescan (bnc#960300). - btrfs: qgroup: move WARN_ON() to the correct location (bnc#935087, bnc#945649). - btrfs: remove transaction from send (bnc#935087, bnc#945649). - btrfs: ulist: Add ulist_del() function (bnc#935087, bnc#945649). - btrfs: use btrfs_get_fs_root in resolve_indirect_ref (bnc#935087, bnc#945649). - btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#958647). - cache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#957395). - drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040). - drm: Allocate new master object when client becomes master (bsc#956876, bsc#956801). - drm: Fix KABI of "struct drm_file" (bsc#956876, bsc#956801). - e1000e: Do not read ICR in Other interrupt (bsc#924919). - e1000e: Do not write lsc to ics in msi-x mode (bsc#924919). - e1000e: Fix msi-x interrupt automask (bsc#924919). - e1000e: Remove unreachable code (bsc#924919). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - ipv6: fix tunnel error handling (bsc#952579). - lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392). - mm/mempolicy.c: convert the shared_policy lock to a rwlock (bnc#959436). - mm: remove PG_waiters from PAGE_FLAGS_CHECK_AT_FREE (bnc#943959). - pm, hinernate: use put_page in release_swap_writer (bnc#943959). - sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#957395). - udp: properly support MSG_PEEK with truncated buffers (bsc#951199 bsc#959364). - xhci: Workaround to get Intel xHCI reset working more reliably (bnc#957546). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-107=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-107=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-107=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-107=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-107=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-107=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): kernel-default-debuginfo-3.12.51-52.34.1 kernel-default-debugsource-3.12.51-52.34.1 kernel-default-extra-3.12.51-52.34.1 kernel-default-extra-debuginfo-3.12.51-52.34.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): kernel-obs-build-3.12.51-52.34.1 kernel-obs-build-debugsource-3.12.51-52.34.1 - SUSE Linux Enterprise Software Development Kit 12 (noarch): kernel-docs-3.12.51-52.34.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): kernel-default-3.12.51-52.34.1 kernel-default-base-3.12.51-52.34.1 kernel-default-base-debuginfo-3.12.51-52.34.1 kernel-default-debuginfo-3.12.51-52.34.1 kernel-default-debugsource-3.12.51-52.34.1 kernel-default-devel-3.12.51-52.34.1 kernel-syms-3.12.51-52.34.1 - SUSE Linux Enterprise Server 12 (x86_64): kernel-xen-3.12.51-52.34.1 kernel-xen-base-3.12.51-52.34.1 kernel-xen-base-debuginfo-3.12.51-52.34.1 kernel-xen-debuginfo-3.12.51-52.34.1 kernel-xen-debugsource-3.12.51-52.34.1 kernel-xen-devel-3.12.51-52.34.1 - SUSE Linux Enterprise Server 12 (noarch): kernel-devel-3.12.51-52.34.1 kernel-macros-3.12.51-52.34.1 kernel-source-3.12.51-52.34.1 - SUSE Linux Enterprise Server 12 (s390x): kernel-default-man-3.12.51-52.34.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.51-52.34.1 kernel-ec2-debuginfo-3.12.51-52.34.1 kernel-ec2-debugsource-3.12.51-52.34.1 kernel-ec2-devel-3.12.51-52.34.1 kernel-ec2-extra-3.12.51-52.34.1 kernel-ec2-extra-debuginfo-3.12.51-52.34.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_34-default-1-2.1 kgraft-patch-3_12_51-52_34-xen-1-2.1 - SUSE Linux Enterprise Desktop 12 (x86_64): kernel-default-3.12.51-52.34.1 kernel-default-debuginfo-3.12.51-52.34.1 kernel-default-debugsource-3.12.51-52.34.1 kernel-default-devel-3.12.51-52.34.1 kernel-default-extra-3.12.51-52.34.1 kernel-default-extra-debuginfo-3.12.51-52.34.1 kernel-syms-3.12.51-52.34.1 kernel-xen-3.12.51-52.34.1 kernel-xen-debuginfo-3.12.51-52.34.1 kernel-xen-debugsource-3.12.51-52.34.1 kernel-xen-devel-3.12.51-52.34.1 - SUSE Linux Enterprise Desktop 12 (noarch): kernel-devel-3.12.51-52.34.1 kernel-macros-3.12.51-52.34.1 kernel-source-3.12.51-52.34.1 References: https://www.suse.com/security/cve/CVE-2015-7550.html https://www.suse.com/security/cve/CVE-2015-8539.html https://www.suse.com/security/cve/CVE-2015-8543.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8551.html https://www.suse.com/security/cve/CVE-2015-8552.html https://www.suse.com/security/cve/CVE-2015-8569.html https://www.suse.com/security/cve/CVE-2015-8575.html https://bugzilla.suse.com/758040 https://bugzilla.suse.com/902606 https://bugzilla.suse.com/924919 https://bugzilla.suse.com/935087 https://bugzilla.suse.com/937261 https://bugzilla.suse.com/943959 https://bugzilla.suse.com/945649 https://bugzilla.suse.com/949440 https://bugzilla.suse.com/951155 https://bugzilla.suse.com/951199 https://bugzilla.suse.com/951392 https://bugzilla.suse.com/951615 https://bugzilla.suse.com/951638 https://bugzilla.suse.com/952579 https://bugzilla.suse.com/952976 https://bugzilla.suse.com/956708 https://bugzilla.suse.com/956801 https://bugzilla.suse.com/956876 https://bugzilla.suse.com/957395 https://bugzilla.suse.com/957546 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/957990 https://bugzilla.suse.com/958463 https://bugzilla.suse.com/958504 https://bugzilla.suse.com/958510 https://bugzilla.suse.com/958647 https://bugzilla.suse.com/958886 https://bugzilla.suse.com/958951 https://bugzilla.suse.com/959190 https://bugzilla.suse.com/959364 https://bugzilla.suse.com/959399 https://bugzilla.suse.com/959436 https://bugzilla.suse.com/959705 https://bugzilla.suse.com/960300 From sle-updates at lists.suse.com Tue Jan 19 08:11:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 19 Jan 2016 16:11:05 +0100 (CET) Subject: SUSE-RU-2016:0169-1: Recommended update for supportutils-plugin-susemanager Message-ID: <20160119151105.77727320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for supportutils-plugin-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0169-1 Rating: low References: #959848 Affected Products: SUSE Manager 2.1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for supportutils-plugin-susemanager fixes the following issues: - Check PostgreSQL instead of Oracle. (bsc#959848) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 2.1: zypper in -t patch sleman21-supportutils-plugin-susemanager-12342=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 2.1 (noarch): supportutils-plugin-susemanager-1.0.6-7.1 References: https://bugzilla.suse.com/959848 From sle-updates at lists.suse.com Tue Jan 19 16:11:06 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 00:11:06 +0100 (CET) Subject: SUSE-SU-2016:0173-1: moderate: Security update for rsync Message-ID: <20160119231106.E19F0320D8@maintenance.suse.de> SUSE Security Update: Security update for rsync ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0173-1 Rating: moderate References: #898513 #900914 #915410 #922710 Cross-References: CVE-2014-8242 CVE-2014-9512 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for rsync fixes two security issues and two non-security bugs. The following vulnerabilities were fixed: - CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914) - CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410) The following non-security bugs were fixed: - bsc#922710: Prevent rsyncd from spamming the log when trying to register SLP. - bsc#898513: slp support broke rsync usage. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-113=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-113=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-113=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-113=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): rsync-3.1.0-6.1 rsync-debuginfo-3.1.0-6.1 rsync-debugsource-3.1.0-6.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): rsync-3.1.0-6.1 rsync-debuginfo-3.1.0-6.1 rsync-debugsource-3.1.0-6.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): rsync-3.1.0-6.1 rsync-debuginfo-3.1.0-6.1 rsync-debugsource-3.1.0-6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): rsync-3.1.0-6.1 rsync-debuginfo-3.1.0-6.1 rsync-debugsource-3.1.0-6.1 References: https://www.suse.com/security/cve/CVE-2014-8242.html https://www.suse.com/security/cve/CVE-2014-9512.html https://bugzilla.suse.com/898513 https://bugzilla.suse.com/900914 https://bugzilla.suse.com/915410 https://bugzilla.suse.com/922710 From sle-updates at lists.suse.com Tue Jan 19 16:12:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 00:12:05 +0100 (CET) Subject: SUSE-SU-2016:0174-1: important: Security update for bind Message-ID: <20160119231205.C2493320E8@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0174-1 Rating: important References: #962189 Cross-References: CVE-2015-8704 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-114=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-114=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-114=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): bind-debuginfo-9.9.6P1-35.1 bind-debugsource-9.9.6P1-35.1 bind-devel-9.9.6P1-35.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): bind-9.9.6P1-35.1 bind-chrootenv-9.9.6P1-35.1 bind-debuginfo-9.9.6P1-35.1 bind-debugsource-9.9.6P1-35.1 bind-libs-9.9.6P1-35.1 bind-libs-debuginfo-9.9.6P1-35.1 bind-utils-9.9.6P1-35.1 bind-utils-debuginfo-9.9.6P1-35.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): bind-libs-32bit-9.9.6P1-35.1 bind-libs-debuginfo-32bit-9.9.6P1-35.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): bind-doc-9.9.6P1-35.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): bind-debuginfo-9.9.6P1-35.1 bind-debugsource-9.9.6P1-35.1 bind-libs-32bit-9.9.6P1-35.1 bind-libs-9.9.6P1-35.1 bind-libs-debuginfo-32bit-9.9.6P1-35.1 bind-libs-debuginfo-9.9.6P1-35.1 bind-utils-9.9.6P1-35.1 bind-utils-debuginfo-9.9.6P1-35.1 References: https://www.suse.com/security/cve/CVE-2015-8704.html https://bugzilla.suse.com/962189 From sle-updates at lists.suse.com Tue Jan 19 18:10:59 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 02:10:59 +0100 (CET) Subject: SUSE-RU-2016:0175-1: Recommended update for yast2-schema Message-ID: <20160120011059.2C97731FCD@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-schema ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0175-1 Rating: low References: #805275 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-schema fixes validation of AutoYaST profiles. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-yast2-schema-12343=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-yast2-schema-12343=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): yast2-schema-2.17.7-8.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): yast2-schema-2.17.7-8.1 References: https://bugzilla.suse.com/805275 From sle-updates at lists.suse.com Wed Jan 20 05:11:49 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 13:11:49 +0100 (CET) Subject: SUSE-SU-2016:0176-1: moderate: Security update for rsync Message-ID: <20160120121150.01BB3320D8@maintenance.suse.de> SUSE Security Update: Security update for rsync ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0176-1 Rating: moderate References: #900914 #915410 Cross-References: CVE-2014-8242 CVE-2014-9512 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rsync fixes two security issues: - CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914) - CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-rsync-12344=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-rsync-12344=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-rsync-12344=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-rsync-12344=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-rsync-12344=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-rsync-12344=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-rsync-12344=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): rsync-3.0.4-2.49.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): rsync-3.0.4-2.49.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): rsync-3.0.4-2.49.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): rsync-3.0.4-2.49.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): rsync-3.0.4-2.49.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): rsync-debuginfo-3.0.4-2.49.1 rsync-debugsource-3.0.4-2.49.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): rsync-debuginfo-3.0.4-2.49.1 rsync-debugsource-3.0.4-2.49.1 References: https://www.suse.com/security/cve/CVE-2014-8242.html https://www.suse.com/security/cve/CVE-2014-9512.html https://bugzilla.suse.com/900914 https://bugzilla.suse.com/915410 From sle-updates at lists.suse.com Wed Jan 20 09:11:42 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 17:11:42 +0100 (CET) Subject: SUSE-SU-2016:0178-1: moderate: Security update for libxml2 Message-ID: <20160120161142.C0AA0320D8@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0178-1 Rating: moderate References: #960674 Cross-References: CVE-2015-8710 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libxml2 fixes the following security issue: - CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-117=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-117=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-117=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-117=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-117=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-117=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libxml2-debugsource-2.9.1-17.1 libxml2-devel-2.9.1-17.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libxml2-debugsource-2.9.1-17.1 libxml2-devel-2.9.1-17.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libxml2-2-2.9.1-17.1 libxml2-2-debuginfo-2.9.1-17.1 libxml2-debugsource-2.9.1-17.1 libxml2-tools-2.9.1-17.1 libxml2-tools-debuginfo-2.9.1-17.1 python-libxml2-2.9.1-17.1 python-libxml2-debuginfo-2.9.1-17.1 python-libxml2-debugsource-2.9.1-17.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libxml2-2-32bit-2.9.1-17.1 libxml2-2-debuginfo-32bit-2.9.1-17.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): libxml2-doc-2.9.1-17.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libxml2-2-2.9.1-17.1 libxml2-2-debuginfo-2.9.1-17.1 libxml2-debugsource-2.9.1-17.1 libxml2-tools-2.9.1-17.1 libxml2-tools-debuginfo-2.9.1-17.1 python-libxml2-2.9.1-17.1 python-libxml2-debuginfo-2.9.1-17.1 python-libxml2-debugsource-2.9.1-17.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libxml2-2-32bit-2.9.1-17.1 libxml2-2-debuginfo-32bit-2.9.1-17.1 - SUSE Linux Enterprise Server 12 (noarch): libxml2-doc-2.9.1-17.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libxml2-2-2.9.1-17.1 libxml2-2-32bit-2.9.1-17.1 libxml2-2-debuginfo-2.9.1-17.1 libxml2-2-debuginfo-32bit-2.9.1-17.1 libxml2-debugsource-2.9.1-17.1 libxml2-tools-2.9.1-17.1 libxml2-tools-debuginfo-2.9.1-17.1 python-libxml2-2.9.1-17.1 python-libxml2-debuginfo-2.9.1-17.1 python-libxml2-debugsource-2.9.1-17.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libxml2-2-2.9.1-17.1 libxml2-2-32bit-2.9.1-17.1 libxml2-2-debuginfo-2.9.1-17.1 libxml2-2-debuginfo-32bit-2.9.1-17.1 libxml2-debugsource-2.9.1-17.1 libxml2-tools-2.9.1-17.1 libxml2-tools-debuginfo-2.9.1-17.1 python-libxml2-2.9.1-17.1 python-libxml2-debuginfo-2.9.1-17.1 python-libxml2-debugsource-2.9.1-17.1 References: https://www.suse.com/security/cve/CVE-2015-8710.html https://bugzilla.suse.com/960674 From sle-updates at lists.suse.com Wed Jan 20 10:11:18 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 18:11:18 +0100 (CET) Subject: SUSE-SU-2016:0180-1: important: Security update for bind Message-ID: <20160120171118.59821320D8@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0180-1 Rating: important References: #962189 Cross-References: CVE-2015-8704 Affected Products: SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-118=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-118=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-118=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): bind-debuginfo-9.9.6P1-28.9.1 bind-debugsource-9.9.6P1-28.9.1 bind-devel-9.9.6P1-28.9.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): bind-9.9.6P1-28.9.1 bind-chrootenv-9.9.6P1-28.9.1 bind-debuginfo-9.9.6P1-28.9.1 bind-debugsource-9.9.6P1-28.9.1 bind-libs-9.9.6P1-28.9.1 bind-libs-debuginfo-9.9.6P1-28.9.1 bind-utils-9.9.6P1-28.9.1 bind-utils-debuginfo-9.9.6P1-28.9.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): bind-libs-32bit-9.9.6P1-28.9.1 bind-libs-debuginfo-32bit-9.9.6P1-28.9.1 - SUSE Linux Enterprise Server 12 (noarch): bind-doc-9.9.6P1-28.9.1 - SUSE Linux Enterprise Desktop 12 (x86_64): bind-debuginfo-9.9.6P1-28.9.1 bind-debugsource-9.9.6P1-28.9.1 bind-libs-32bit-9.9.6P1-28.9.1 bind-libs-9.9.6P1-28.9.1 bind-libs-debuginfo-32bit-9.9.6P1-28.9.1 bind-libs-debuginfo-9.9.6P1-28.9.1 bind-utils-9.9.6P1-28.9.1 bind-utils-debuginfo-9.9.6P1-28.9.1 References: https://www.suse.com/security/cve/CVE-2015-8704.html https://bugzilla.suse.com/962189 From sle-updates at lists.suse.com Wed Jan 20 11:11:16 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 19:11:16 +0100 (CET) Subject: SUSE-RU-2016:0181-1: Recommended update for susemanager-sync-data Message-ID: <20160120181116.3BB65320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for susemanager-sync-data ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0181-1 Rating: low References: #956724 Affected Products: SUSE Manager 2.1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for susemanager-sync-data adds support for the Container Module 12 on s390x and ppc64le architectures. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 2.1: zypper in -t patch sleman21-susemanager-sync-data-12345=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 2.1 (noarch): susemanager-sync-data-2.1.12-21.1 References: https://bugzilla.suse.com/956724 From sle-updates at lists.suse.com Wed Jan 20 11:11:38 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 19:11:38 +0100 (CET) Subject: SUSE-RU-2016:0182-1: moderate: Recommended update for Machinery Message-ID: <20160120181138.1EC39320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for Machinery ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0182-1 Rating: moderate References: #959558 #961011 #961176 Affected Products: SUSE Linux Enterprise Module for Advanced Systems Management 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides Machinery 1.16.4, which brings the following fixes and enhancements: - The unmanaged-files scope filter will not include "/boot" by default anymore. - Fix crash during image build on SLES 12-SP1. - Reduce version restrictions for gems to the major version. (bnc#961176) - Remove concept of "supported systems" in favor of letting Machinery run everywhere. Whether a system can be built, exported, etc will be validated from its related task by checking if the proper tooling is installed. - Remove hint for `show`, when `inspect-container` is run with `--show` option. - Rephrase the startup messages and warn messages when starting the HTTP server for compare, show, or serve system descriptions. - Change `serve` command to always list all system descriptions. - Fix crash when the user does not have enough permissions to create the image directory for the `build` command. - Fix wrong hint for docker containers while running `analyze` command. - Add a new hint when using the `--public` option for the `serve` command that it makes all descriptions publicly available. - Fix Machinery failing to inspect changed config files in case of restrictive permissions. - Remove hint for `show`, when `inspect` is run with `--show` option. - Fix repository inspection on hosts that have a LANGUAGE variable set. - Empty scopes now display a message in HTML and CLI views. - Fix SLES 11 SP4 inspector output to be similar to SLES 11 SP3. - Fix AutoYaST export on openSUSE Leap and Tumbleweed. - Allow building of openSUSE Leap and Tumbleweed on openSUSE Leap and Tumbleweed. - Allow building of SLES 11 and SLES 12 on openSUSE Leap. - Add HTML landing page, which lists all system descriptions on your system. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2016-120=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): machinery-1.16.4-45.1 machinery-debuginfo-1.16.4-45.1 machinery-debugsource-1.16.4-45.1 References: https://bugzilla.suse.com/959558 https://bugzilla.suse.com/961011 https://bugzilla.suse.com/961176 From sle-updates at lists.suse.com Wed Jan 20 11:12:21 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 19:12:21 +0100 (CET) Subject: SUSE-RU-2016:0183-1: Recommended update for gnome-settings-daemon Message-ID: <20160120181221.BB07F320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-settings-daemon ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0183-1 Rating: low References: #899530 #931527 #945348 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for gnome-settings-daemon provides the following fixes: - Add English keyboard layout when using ibus. (bsc#899530) - Prevent cursor from disappearing on mutter restart. (bsc#945348) - Do not store auto-detected keyboard settings to allow system-wide changes take effect. (bsc#931527) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-121=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-121=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-121=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-121=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-121=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-121=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 gnome-settings-daemon-devel-3.10.2-27.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 gnome-settings-daemon-devel-3.10.2-27.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gnome-settings-daemon-3.10.2-27.1 gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): gnome-settings-daemon-lang-3.10.2-27.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gnome-settings-daemon-3.10.2-27.1 gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 - SUSE Linux Enterprise Server 12 (noarch): gnome-settings-daemon-lang-3.10.2-27.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gnome-settings-daemon-3.10.2-27.1 gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gnome-settings-daemon-lang-3.10.2-27.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gnome-settings-daemon-3.10.2-27.1 gnome-settings-daemon-debuginfo-3.10.2-27.1 gnome-settings-daemon-debugsource-3.10.2-27.1 - SUSE Linux Enterprise Desktop 12 (noarch): gnome-settings-daemon-lang-3.10.2-27.1 References: https://bugzilla.suse.com/899530 https://bugzilla.suse.com/931527 https://bugzilla.suse.com/945348 From sle-updates at lists.suse.com Wed Jan 20 12:11:19 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 20:11:19 +0100 (CET) Subject: SUSE-RU-2016:0184-1: Recommended update for release-notes-sles Message-ID: <20160120191119.61CD3320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0184-1 Rating: low References: #957447 #957796 #959576 #959614 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12-SP1 have been updated to document: - AutoYaST uses wrong crashkernel value during first boot. (fate#320203, bsc#957447) - New method of Online Migration between Service Packs. (fate#315161, bsc#959576) - Docker is a fully supported technology. (bsc#959614) - Lots of other entries changed to improve spelling, grammar, terminology and readability. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-122=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): release-notes-sles-12.1.20160108-6.1 References: https://bugzilla.suse.com/957447 https://bugzilla.suse.com/957796 https://bugzilla.suse.com/959576 https://bugzilla.suse.com/959614 From sle-updates at lists.suse.com Wed Jan 20 12:12:13 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 20:12:13 +0100 (CET) Subject: SUSE-RU-2016:0185-1: Recommended update for release-notes-sles Message-ID: <20160120191213.D4E3A320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0185-1 Rating: low References: #954889 #958635 #960322 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides the latest revision of the Release Notes for SUSE Linux Enterprise Server 11 SP4: - Clarify IBM Java 1.7.1 support status. (bsc#954889, fate#317600) - Fix Security Module description. (bsc#958635) - Document support for OpenSSH in the SLE 11 Security module. (fate#318862) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-release-notes-sles-12346=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): release-notes-sles-11.4.23-0.24.1 References: https://bugzilla.suse.com/954889 https://bugzilla.suse.com/958635 https://bugzilla.suse.com/960322 From sle-updates at lists.suse.com Wed Jan 20 13:11:27 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 20 Jan 2016 21:11:27 +0100 (CET) Subject: SUSE-SU-2016:0186-1: important: Security update for the Linux Kernel Message-ID: <20160120201127.D2564320D8@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0186-1 Rating: important References: #962075 Cross-References: CVE-2016-0728 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to receive a security fix. Following security bug was fixed: - A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075, CVE-2016-0728). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-124=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-124=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-124=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-124=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-124=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-124=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.51-60.25.1 kernel-default-debugsource-3.12.51-60.25.1 kernel-default-extra-3.12.51-60.25.1 kernel-default-extra-debuginfo-3.12.51-60.25.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.51-60.25.1 kernel-obs-build-debugsource-3.12.51-60.25.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.51-60.25.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.51-60.25.1 kernel-default-base-3.12.51-60.25.1 kernel-default-base-debuginfo-3.12.51-60.25.1 kernel-default-debuginfo-3.12.51-60.25.1 kernel-default-debugsource-3.12.51-60.25.1 kernel-default-devel-3.12.51-60.25.1 kernel-syms-3.12.51-60.25.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.51-60.25.1 kernel-xen-base-3.12.51-60.25.1 kernel-xen-base-debuginfo-3.12.51-60.25.1 kernel-xen-debuginfo-3.12.51-60.25.1 kernel-xen-debugsource-3.12.51-60.25.1 kernel-xen-devel-3.12.51-60.25.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.51-60.25.1 kernel-macros-3.12.51-60.25.1 kernel-source-3.12.51-60.25.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.51-60.25.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.51-60.25.1 kernel-ec2-debuginfo-3.12.51-60.25.1 kernel-ec2-debugsource-3.12.51-60.25.1 kernel-ec2-devel-3.12.51-60.25.1 kernel-ec2-extra-3.12.51-60.25.1 kernel-ec2-extra-debuginfo-3.12.51-60.25.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_25-default-1-2.2 kgraft-patch-3_12_51-60_25-xen-1-2.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.51-60.25.1 kernel-default-debuginfo-3.12.51-60.25.1 kernel-default-debugsource-3.12.51-60.25.1 kernel-default-devel-3.12.51-60.25.1 kernel-default-extra-3.12.51-60.25.1 kernel-default-extra-debuginfo-3.12.51-60.25.1 kernel-syms-3.12.51-60.25.1 kernel-xen-3.12.51-60.25.1 kernel-xen-debuginfo-3.12.51-60.25.1 kernel-xen-debugsource-3.12.51-60.25.1 kernel-xen-devel-3.12.51-60.25.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.51-60.25.1 kernel-macros-3.12.51-60.25.1 kernel-source-3.12.51-60.25.1 References: https://www.suse.com/security/cve/CVE-2016-0728.html https://bugzilla.suse.com/962075 From sle-updates at lists.suse.com Thu Jan 21 09:12:45 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 17:12:45 +0100 (CET) Subject: SUSE-SU-2016:0187-1: moderate: Security update for libxml2 Message-ID: <20160121161245.56BF5320E8@maintenance.suse.de> SUSE Security Update: Security update for libxml2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0187-1 Rating: moderate References: #960674 Cross-References: CVE-2015-8710 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libxml2 fixes the following security issue: - CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libxml2-20160113-12347=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-libxml2-20160113-12347=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-libxml2-20160113-12347=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libxml2-20160113-12347=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-libxml2-20160113-12347=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-libxml2-20160113-12347=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-libxml2-20160113-12347=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libxml2-20160113-12347=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libxml2-20160113-12347=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.37.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-devel-2.7.6-0.37.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): libxml2-devel-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libxml2-2.7.6-0.37.1 libxml2-doc-2.7.6-0.37.1 libxml2-python-2.7.6-0.37.4 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libxml2-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.37.1 libxml2-doc-2.7.6-0.37.1 libxml2-python-2.7.6-0.37.4 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libxml2-x86-2.7.6-0.37.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-2.7.6-0.37.1 libxml2-doc-2.7.6-0.37.1 libxml2-python-2.7.6-0.37.4 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libxml2-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libxml2-x86-2.7.6-0.37.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libxml2-2.7.6-0.37.1 libxml2-python-2.7.6-0.37.4 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libxml2-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libxml2-2.7.6-0.37.1 libxml2-python-2.7.6-0.37.4 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libxml2-32bit-2.7.6-0.37.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libxml2-debuginfo-2.7.6-0.37.1 libxml2-debugsource-2.7.6-0.37.1 libxml2-python-debuginfo-2.7.6-0.37.4 libxml2-python-debugsource-2.7.6-0.37.4 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): libxml2-debuginfo-2.7.6-0.37.1 libxml2-debugsource-2.7.6-0.37.1 libxml2-python-debuginfo-2.7.6-0.37.4 libxml2-python-debugsource-2.7.6-0.37.4 References: https://www.suse.com/security/cve/CVE-2015-8710.html https://bugzilla.suse.com/960674 From sle-updates at lists.suse.com Thu Jan 21 09:13:46 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 17:13:46 +0100 (CET) Subject: SUSE-SU-2016:0189-1: moderate: Security update for mozilla-nss Message-ID: <20160121161346.447AA320E8@maintenance.suse.de> SUSE Security Update: Security update for mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0189-1 Rating: moderate References: #959888 Cross-References: CVE-2015-7575 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update contains mozilla-nss 3.19.2.2 and fixes the following security issue: - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-mozilla-nss-12348=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-mozilla-nss-12348=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-mozilla-nss-12348=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-mozilla-nss-12348=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-mozilla-nss-12348=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-mozilla-nss-12348=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-mozilla-nss-12348=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-mozilla-nss-12348=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-mozilla-nss-12348=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): mozilla-nss-devel-3.19.2.2-22.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): mozilla-nss-devel-3.19.2.2-22.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libfreebl3-3.19.2.2-22.1 libsoftokn3-3.19.2.2-22.1 mozilla-nss-3.19.2.2-22.1 mozilla-nss-tools-3.19.2.2-22.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libfreebl3-32bit-3.19.2.2-22.1 libsoftokn3-32bit-3.19.2.2-22.1 mozilla-nss-32bit-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libfreebl3-3.19.2.2-22.1 libsoftokn3-3.19.2.2-22.1 mozilla-nss-3.19.2.2-22.1 mozilla-nss-tools-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libfreebl3-32bit-3.19.2.2-22.1 libsoftokn3-32bit-3.19.2.2-22.1 mozilla-nss-32bit-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libfreebl3-x86-3.19.2.2-22.1 libsoftokn3-x86-3.19.2.2-22.1 mozilla-nss-x86-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libfreebl3-3.19.2.2-22.1 libsoftokn3-3.19.2.2-22.1 mozilla-nss-3.19.2.2-22.1 mozilla-nss-tools-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libfreebl3-32bit-3.19.2.2-22.1 libsoftokn3-32bit-3.19.2.2-22.1 mozilla-nss-32bit-3.19.2.2-22.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libfreebl3-x86-3.19.2.2-22.1 libsoftokn3-x86-3.19.2.2-22.1 mozilla-nss-x86-3.19.2.2-22.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libfreebl3-3.19.2.2-22.1 libsoftokn3-3.19.2.2-22.1 mozilla-nss-3.19.2.2-22.1 mozilla-nss-tools-3.19.2.2-22.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libfreebl3-32bit-3.19.2.2-22.1 libsoftokn3-32bit-3.19.2.2-22.1 mozilla-nss-32bit-3.19.2.2-22.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libfreebl3-3.19.2.2-22.1 libsoftokn3-3.19.2.2-22.1 mozilla-nss-3.19.2.2-22.1 mozilla-nss-tools-3.19.2.2-22.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libfreebl3-32bit-3.19.2.2-22.1 libsoftokn3-32bit-3.19.2.2-22.1 mozilla-nss-32bit-3.19.2.2-22.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): mozilla-nss-debuginfo-3.19.2.2-22.1 mozilla-nss-debugsource-3.19.2.2-22.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): mozilla-nss-debuginfo-3.19.2.2-22.1 mozilla-nss-debugsource-3.19.2.2-22.1 References: https://www.suse.com/security/cve/CVE-2015-7575.html https://bugzilla.suse.com/959888 From sle-updates at lists.suse.com Thu Jan 21 11:12:17 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 19:12:17 +0100 (CET) Subject: SUSE-RU-2016:0190-1: Recommended update for suse-cloud-upgrade Message-ID: <20160121181217.26D4B320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-cloud-upgrade ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0190-1 Rating: low References: #953289 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for suse-cloud-upgrade fixes the following issues: - Change horizon session timeout on upgrade. (bsc#953289) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-suse-cloud-upgrade-12350=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): suse-cloud-upgrade-5+git.1448888320.89517fc-9.1 References: https://bugzilla.suse.com/953289 From sle-updates at lists.suse.com Thu Jan 21 12:11:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 20:11:44 +0100 (CET) Subject: SUSE-RU-2016:0191-1: Recommended update for release-notes-susemanager Message-ID: <20160121191144.85EA5320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0191-1 Rating: low References: #949285 #949726 Affected Products: SUSE Manager 2.1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: SUSE Manager 2.1 Release Notes have been updated to document: - New channels available: - SLES 12 SP1 - IBM DLPAR channels for SLES 12 SP1 ppc64le - SUSE Enterprise Storage 2 - New SUSE Manager features: - Support distribution upgrade with --no-allow-vendor-change for SLE 12 - Bugs fixed by latest updates: bsc#932966, bsc#934865, bsc#935375, bsc#937802, bsc#943517, bsc#945719, bsc#948238, bsc#948245, bsc#948964, bsc#949158, bsc#949285, bsc#949528, bsc#949554, bsc#949726, bsc#950748, bsc#950975, bsc#951549, bsc#953584, bsc#953825, bsc#954602, bsc#954983, bsc#955204, bsc#956981, bsc#958395, bsc#959848 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 2.1: zypper in -t patch sleman21-release-notes-susemanager-12351=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 2.1 (s390x x86_64): release-notes-susemanager-2.1.0-0.44.2 References: https://bugzilla.suse.com/949285 https://bugzilla.suse.com/949726 From sle-updates at lists.suse.com Thu Jan 21 13:11:42 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 21:11:42 +0100 (CET) Subject: SUSE-SU-2016:0192-1: moderate: Security update for giflib Message-ID: <20160121201142.A209C320E8@maintenance.suse.de> SUSE Security Update: Security update for giflib ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0192-1 Rating: moderate References: #960319 Cross-References: CVE-2015-7555 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for giflib fixes the following issues: - CVE-2015-7555: Heap overflow in giffix (bsc#960319) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-giflib-12353=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-giflib-12353=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-giflib-12353=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-giflib-12353=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-giflib-12353=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-giflib-12353=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-giflib-12353=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-giflib-12353=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-giflib-12353=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-devel-4.1.6-13.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): giflib-devel-32bit-4.1.6-13.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): giflib-devel-4.1.6-13.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64 s390x x86_64): giflib-devel-32bit-4.1.6-13.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): giflib-4.1.6-13.1 giflib-progs-4.1.6-13.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): giflib-32bit-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-4.1.6-13.1 giflib-progs-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): giflib-32bit-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): giflib-x86-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): giflib-4.1.6-13.1 giflib-progs-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): giflib-32bit-4.1.6-13.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): giflib-x86-4.1.6-13.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): giflib-4.1.6-13.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): giflib-32bit-4.1.6-13.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): giflib-4.1.6-13.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): giflib-32bit-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): giflib-debuginfo-4.1.6-13.1 giflib-debugsource-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): giflib-debuginfo-32bit-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): giflib-debuginfo-x86-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): giflib-debuginfo-4.1.6-13.1 giflib-debugsource-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x x86_64): giflib-debuginfo-32bit-4.1.6-13.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): giflib-debuginfo-x86-4.1.6-13.1 References: https://www.suse.com/security/cve/CVE-2015-7555.html https://bugzilla.suse.com/960319 From sle-updates at lists.suse.com Thu Jan 21 13:12:12 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 21:12:12 +0100 (CET) Subject: SUSE-RU-2016:0193-1: Recommended update for yast2-schema Message-ID: <20160121201212.DB2A6320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-schema ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0193-1 Rating: low References: #805275 #962620 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for yast2-schema fixes validation of AutoYaST profiles. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-yast2-schema-12352=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-yast2-schema-12352=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-yast2-schema-12352=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): yast2-bootloader-2.17.100-12.2 yast2-schema-2.17.6-8.5 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): yast2-bootloader-2.17.100-12.2 yast2-schema-2.17.6-8.5 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): yast2-bootloader-2.17.100-12.2 yast2-schema-2.17.6-8.5 References: https://bugzilla.suse.com/805275 https://bugzilla.suse.com/962620 From sle-updates at lists.suse.com Thu Jan 21 13:12:49 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 21:12:49 +0100 (CET) Subject: SUSE-RU-2016:0194-1: moderate: Recommended update for sapconf Message-ID: <20160121201249.BF49A320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for sapconf ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0194-1 Rating: moderate References: #962059 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sapconf fixes a misplaced optimization routine that should have been applied to SAP HANA but in fact was applied to SAP NetWeaver. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-130=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): sapconf-4.1-3.1 References: https://bugzilla.suse.com/962059 From sle-updates at lists.suse.com Thu Jan 21 13:13:12 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 21 Jan 2016 21:13:12 +0100 (CET) Subject: SUSE-RU-2016:0195-1: moderate: Recommended update for cairo Message-ID: <20160121201312.EF7CF320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for cairo ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0195-1 Rating: moderate References: #958844 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for cairo fixes mutex deadlocks when processing certain documents. This issue could prevent evince from correctly displaying some PDF files. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-133=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-133=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-133=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-133=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-133=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-133=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-8.1 cairo-devel-1.12.16-8.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-8.1 cairo-devel-1.12.16-8.1 libcairo-script-interpreter2-1.12.16-8.1 libcairo-script-interpreter2-debuginfo-1.12.16-8.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-8.1 libcairo-gobject2-1.12.16-8.1 libcairo-gobject2-debuginfo-1.12.16-8.1 libcairo-script-interpreter2-1.12.16-8.1 libcairo-script-interpreter2-debuginfo-1.12.16-8.1 libcairo2-1.12.16-8.1 libcairo2-debuginfo-1.12.16-8.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libcairo-gobject2-32bit-1.12.16-8.1 libcairo-gobject2-debuginfo-32bit-1.12.16-8.1 libcairo2-32bit-1.12.16-8.1 libcairo2-debuginfo-32bit-1.12.16-8.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): cairo-debugsource-1.12.16-8.1 libcairo-gobject2-1.12.16-8.1 libcairo-gobject2-debuginfo-1.12.16-8.1 libcairo2-1.12.16-8.1 libcairo2-debuginfo-1.12.16-8.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libcairo-gobject2-32bit-1.12.16-8.1 libcairo-gobject2-debuginfo-32bit-1.12.16-8.1 libcairo2-32bit-1.12.16-8.1 libcairo2-debuginfo-32bit-1.12.16-8.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): cairo-debugsource-1.12.16-8.1 libcairo-gobject2-1.12.16-8.1 libcairo-gobject2-32bit-1.12.16-8.1 libcairo-gobject2-debuginfo-1.12.16-8.1 libcairo-gobject2-debuginfo-32bit-1.12.16-8.1 libcairo-script-interpreter2-1.12.16-8.1 libcairo-script-interpreter2-debuginfo-1.12.16-8.1 libcairo2-1.12.16-8.1 libcairo2-32bit-1.12.16-8.1 libcairo2-debuginfo-1.12.16-8.1 libcairo2-debuginfo-32bit-1.12.16-8.1 - SUSE Linux Enterprise Desktop 12 (x86_64): cairo-debugsource-1.12.16-8.1 libcairo-gobject2-1.12.16-8.1 libcairo-gobject2-32bit-1.12.16-8.1 libcairo-gobject2-debuginfo-1.12.16-8.1 libcairo-gobject2-debuginfo-32bit-1.12.16-8.1 libcairo2-1.12.16-8.1 libcairo2-32bit-1.12.16-8.1 libcairo2-debuginfo-1.12.16-8.1 libcairo2-debuginfo-32bit-1.12.16-8.1 References: https://bugzilla.suse.com/958844 From sle-updates at lists.suse.com Fri Jan 22 06:11:58 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jan 2016 14:11:58 +0100 (CET) Subject: SUSE-RU-2016:0198-1: moderate: Recommended update for aaa_base Message-ID: <20160122131158.C983C320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0198-1 Rating: moderate References: #954909 #960393 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for aaa_base fixes the following issues: - Replace UNICODE double dash with simple ASCII single dash. (bsc#954909) - Use '+' for find's -exec option as this also respects white spaces in files names and is more like xargs. - Respect status lines of screen sessions. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-134=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-134=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-134=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-134=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-134=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-134=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-malloccheck-13.2+git20140911.61c1681-12.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-malloccheck-13.2+git20140911.61c1681-12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): aaa_base-13.2+git20140911.61c1681-12.1 aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-extras-13.2+git20140911.61c1681-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): aaa_base-13.2+git20140911.61c1681-12.1 aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-extras-13.2+git20140911.61c1681-12.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): aaa_base-13.2+git20140911.61c1681-12.1 aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-extras-13.2+git20140911.61c1681-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): aaa_base-13.2+git20140911.61c1681-12.1 aaa_base-debuginfo-13.2+git20140911.61c1681-12.1 aaa_base-debugsource-13.2+git20140911.61c1681-12.1 aaa_base-extras-13.2+git20140911.61c1681-12.1 References: https://bugzilla.suse.com/954909 https://bugzilla.suse.com/960393 From sle-updates at lists.suse.com Fri Jan 22 07:12:26 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jan 2016 15:12:26 +0100 (CET) Subject: SUSE-SU-2016:0200-1: important: Security update for bind Message-ID: <20160122141226.AF026320D8@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0200-1 Rating: important References: #962189 Cross-References: CVE-2015-8704 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-bind-12354=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-bind-12354=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-bind-12354=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-bind-12354=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-bind-12354=1 - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-bind-12354=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-bind-12354=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-bind-12354=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-bind-12354=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-bind-12354=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-bind-12354=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-devel-9.9.6P1-0.22.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64): bind-devel-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): bind-devel-9.9.6P1-0.22.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64): bind-devel-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): bind-9.9.6P1-0.22.1 bind-chrootenv-9.9.6P1-0.22.1 bind-doc-9.9.6P1-0.22.1 bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-9.9.6P1-0.22.1 bind-chrootenv-9.9.6P1-0.22.1 bind-doc-9.9.6P1-0.22.1 bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): bind-libs-x86-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): bind-9.9.6P1-0.22.1 bind-chrootenv-9.9.6P1-0.22.1 bind-doc-9.9.6P1-0.22.1 bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): bind-libs-x86-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): bind-9.9.6P1-0.22.1 bind-chrootenv-9.9.6P1-0.22.1 bind-devel-9.9.6P1-0.22.1 bind-doc-9.9.6P1-0.22.1 bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): bind-libs-9.9.6P1-0.22.1 bind-utils-9.9.6P1-0.22.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): bind-libs-32bit-9.9.6P1-0.22.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-debuginfo-9.9.6P1-0.22.1 bind-debugsource-9.9.6P1-0.22.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): bind-debuginfo-9.9.6P1-0.22.1 bind-debugsource-9.9.6P1-0.22.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): bind-debuginfo-9.9.6P1-0.22.1 bind-debugsource-9.9.6P1-0.22.1 References: https://www.suse.com/security/cve/CVE-2015-8704.html https://bugzilla.suse.com/962189 From sle-updates at lists.suse.com Fri Jan 22 07:13:30 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jan 2016 15:13:30 +0100 (CET) Subject: SUSE-SU-2016:0202-1: moderate: Security update for giflib Message-ID: <20160122141330.972A7320E8@maintenance.suse.de> SUSE Security Update: Security update for giflib ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0202-1 Rating: moderate References: #949160 #960319 Cross-References: CVE-2015-7555 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for giflib fixes the following issues: - CVE-2015-7555: Heap overflow in giffix (bsc#960319) - bsc#949160: Fix a memory leak Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-136=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-136=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-136=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-136=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-136=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-136=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-7.1 giflib-devel-5.0.5-7.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-7.1 giflib-devel-5.0.5-7.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-7.1 giflib-progs-5.0.5-7.1 giflib-progs-debuginfo-5.0.5-7.1 libgif6-5.0.5-7.1 libgif6-debuginfo-5.0.5-7.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgif6-32bit-5.0.5-7.1 libgif6-debuginfo-32bit-5.0.5-7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): giflib-debugsource-5.0.5-7.1 giflib-progs-5.0.5-7.1 giflib-progs-debuginfo-5.0.5-7.1 libgif6-5.0.5-7.1 libgif6-debuginfo-5.0.5-7.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): libgif6-32bit-5.0.5-7.1 libgif6-debuginfo-32bit-5.0.5-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): giflib-debugsource-5.0.5-7.1 libgif6-32bit-5.0.5-7.1 libgif6-5.0.5-7.1 libgif6-debuginfo-32bit-5.0.5-7.1 libgif6-debuginfo-5.0.5-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): giflib-debugsource-5.0.5-7.1 libgif6-32bit-5.0.5-7.1 libgif6-5.0.5-7.1 libgif6-debuginfo-32bit-5.0.5-7.1 libgif6-debuginfo-5.0.5-7.1 References: https://www.suse.com/security/cve/CVE-2015-7555.html https://bugzilla.suse.com/949160 https://bugzilla.suse.com/960319 From sle-updates at lists.suse.com Fri Jan 22 10:12:29 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jan 2016 18:12:29 +0100 (CET) Subject: SUSE-SU-2016:0205-1: important: Security update for the Linux Kernel Message-ID: <20160122171229.8B04A320E8@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0205-1 Rating: important References: #962075 Cross-References: CVE-2016-0728 Affected Products: SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to receive a security fix. Following security bug was fixed: - A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075, CVE-2016-0728). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-137=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-137=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-137=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-137=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-137=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-137=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12 (x86_64): kernel-default-debuginfo-3.12.51-52.39.1 kernel-default-debugsource-3.12.51-52.39.1 kernel-default-extra-3.12.51-52.39.1 kernel-default-extra-debuginfo-3.12.51-52.39.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): kernel-obs-build-3.12.51-52.39.1 kernel-obs-build-debugsource-3.12.51-52.39.1 - SUSE Linux Enterprise Software Development Kit 12 (noarch): kernel-docs-3.12.51-52.39.3 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): kernel-default-3.12.51-52.39.1 kernel-default-base-3.12.51-52.39.1 kernel-default-base-debuginfo-3.12.51-52.39.1 kernel-default-debuginfo-3.12.51-52.39.1 kernel-default-debugsource-3.12.51-52.39.1 kernel-default-devel-3.12.51-52.39.1 kernel-syms-3.12.51-52.39.1 - SUSE Linux Enterprise Server 12 (x86_64): kernel-xen-3.12.51-52.39.1 kernel-xen-base-3.12.51-52.39.1 kernel-xen-base-debuginfo-3.12.51-52.39.1 kernel-xen-debuginfo-3.12.51-52.39.1 kernel-xen-debugsource-3.12.51-52.39.1 kernel-xen-devel-3.12.51-52.39.1 - SUSE Linux Enterprise Server 12 (noarch): kernel-devel-3.12.51-52.39.1 kernel-macros-3.12.51-52.39.1 kernel-source-3.12.51-52.39.1 - SUSE Linux Enterprise Server 12 (s390x): kernel-default-man-3.12.51-52.39.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.51-52.39.1 kernel-ec2-debuginfo-3.12.51-52.39.1 kernel-ec2-debugsource-3.12.51-52.39.1 kernel-ec2-devel-3.12.51-52.39.1 kernel-ec2-extra-3.12.51-52.39.1 kernel-ec2-extra-debuginfo-3.12.51-52.39.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-52_39-default-1-2.3 kgraft-patch-3_12_51-52_39-xen-1-2.3 - SUSE Linux Enterprise Desktop 12 (x86_64): kernel-default-3.12.51-52.39.1 kernel-default-debuginfo-3.12.51-52.39.1 kernel-default-debugsource-3.12.51-52.39.1 kernel-default-devel-3.12.51-52.39.1 kernel-default-extra-3.12.51-52.39.1 kernel-default-extra-debuginfo-3.12.51-52.39.1 kernel-syms-3.12.51-52.39.1 kernel-xen-3.12.51-52.39.1 kernel-xen-debuginfo-3.12.51-52.39.1 kernel-xen-debugsource-3.12.51-52.39.1 kernel-xen-devel-3.12.51-52.39.1 - SUSE Linux Enterprise Desktop 12 (noarch): kernel-devel-3.12.51-52.39.1 kernel-macros-3.12.51-52.39.1 kernel-source-3.12.51-52.39.1 References: https://www.suse.com/security/cve/CVE-2016-0728.html https://bugzilla.suse.com/962075 From sle-updates at lists.suse.com Fri Jan 22 11:12:03 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 22 Jan 2016 19:12:03 +0100 (CET) Subject: SUSE-RU-2016:0208-1: Recommended update for suseRegister Message-ID: <20160122181203.DF3E6320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for suseRegister ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0208-1 Rating: low References: #903464 #922550 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for suseRegister provides the following fixes: - Do not ignore --no-proxy option. (bsc#922550) - In isEC2(), call curl with --max-time and --noproxy to avoid hangs. (bsc#903464) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-suseRegister-12355=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-suseRegister-12355=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-suseRegister-12355=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): suseRegister-1.4-1.37.2 - SUSE Linux Enterprise Server 11-SP3 (noarch): suseRegister-1.4-1.37.2 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): suseRegister-1.4-1.37.2 References: https://bugzilla.suse.com/903464 https://bugzilla.suse.com/922550 From sle-updates at lists.suse.com Mon Jan 25 05:12:04 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 13:12:04 +0100 (CET) Subject: SUSE-SU-2016:0224-1: important: Security update for openldap2 Message-ID: <20160125121204.22CB3320E8@maintenance.suse.de> SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0224-1 Rating: important References: #937766 #945582 #955210 Cross-References: CVE-2015-4000 CVE-2015-6908 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) It also fixes the following non-security bugs: - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment This update adds the following functionality: - fate#319300: SHA2 password hashing module that can be loaded on-demand. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-139=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-139=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2016-139=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-139=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-139=1 - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2016-139=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-139=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-139=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): openldap2-back-perl-2.4.41-18.13.4 openldap2-back-perl-debuginfo-2.4.41-18.13.4 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 openldap2-debuginfo-2.4.41-18.13.4 openldap2-debugsource-2.4.41-18.13.4 openldap2-devel-2.4.41-18.13.1 openldap2-devel-static-2.4.41-18.13.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): openldap2-back-perl-2.4.41-18.13.4 openldap2-back-perl-debuginfo-2.4.41-18.13.4 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 openldap2-debuginfo-2.4.41-18.13.4 openldap2-debugsource-2.4.41-18.13.4 openldap2-devel-2.4.41-18.13.1 openldap2-devel-static-2.4.41-18.13.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): compat-libldap-2_3-0-2.3.37-18.13.4 compat-libldap-2_3-0-debuginfo-2.3.37-18.13.4 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.13.1 libldap-2_4-2-debuginfo-2.4.41-18.13.1 openldap2-2.4.41-18.13.4 openldap2-back-meta-2.4.41-18.13.4 openldap2-back-meta-debuginfo-2.4.41-18.13.4 openldap2-client-2.4.41-18.13.1 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 openldap2-debuginfo-2.4.41-18.13.4 openldap2-debugsource-2.4.41-18.13.4 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.13.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.13.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.13.1 libldap-2_4-2-debuginfo-2.4.41-18.13.1 openldap2-2.4.41-18.13.4 openldap2-back-meta-2.4.41-18.13.4 openldap2-back-meta-debuginfo-2.4.41-18.13.4 openldap2-client-2.4.41-18.13.1 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 openldap2-debuginfo-2.4.41-18.13.4 openldap2-debugsource-2.4.41-18.13.4 - SUSE Linux Enterprise Server 12 (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.13.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.13.1 - SUSE Linux Enterprise Module for Legacy Software 12 (ppc64le s390x x86_64): compat-libldap-2_3-0-2.3.37-18.13.4 compat-libldap-2_3-0-debuginfo-2.3.37-18.13.4 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libldap-2_4-2-2.4.41-18.13.1 libldap-2_4-2-32bit-2.4.41-18.13.1 libldap-2_4-2-debuginfo-2.4.41-18.13.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.13.1 openldap2-client-2.4.41-18.13.1 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libldap-2_4-2-2.4.41-18.13.1 libldap-2_4-2-32bit-2.4.41-18.13.1 libldap-2_4-2-debuginfo-2.4.41-18.13.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.13.1 openldap2-client-2.4.41-18.13.1 openldap2-client-debuginfo-2.4.41-18.13.1 openldap2-client-debugsource-2.4.41-18.13.1 References: https://www.suse.com/security/cve/CVE-2015-4000.html https://www.suse.com/security/cve/CVE-2015-6908.html https://bugzilla.suse.com/937766 https://bugzilla.suse.com/945582 https://bugzilla.suse.com/955210 From sle-updates at lists.suse.com Mon Jan 25 05:13:00 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 13:13:00 +0100 (CET) Subject: SUSE-SU-2016:0225-1: moderate: Security update for gdk-pixbuf Message-ID: <20160125121300.2F380320E8@maintenance.suse.de> SUSE Security Update: Security update for gdk-pixbuf ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0225-1 Rating: moderate References: #958963 #960155 Cross-References: CVE-2015-7552 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for gdk-pixbuf fixes the following security issues: - CVE-2015-7552: various overflows, including heap overflow in flipping bmp files (bsc#958963) The following non-security issue was fixed: - bsc#960155: fix a possible divide by zero Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-140=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-140=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-140=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-140=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-140=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-140=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-devel-2.30.6-10.1 gdk-pixbuf-devel-debuginfo-2.30.6-10.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-devel-2.30.6-10.1 gdk-pixbuf-devel-debuginfo-2.30.6-10.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-query-loaders-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-2.30.6-10.1 libgdk_pixbuf-2_0-0-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-2.30.6-10.1 typelib-1_0-GdkPixbuf-2_0-2.30.6-10.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): gdk-pixbuf-query-loaders-32bit-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.30.6-10.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): gdk-pixbuf-lang-2.30.6-10.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-query-loaders-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-2.30.6-10.1 libgdk_pixbuf-2_0-0-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-2.30.6-10.1 typelib-1_0-GdkPixbuf-2_0-2.30.6-10.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): gdk-pixbuf-query-loaders-32bit-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.30.6-10.1 - SUSE Linux Enterprise Server 12 (noarch): gdk-pixbuf-lang-2.30.6-10.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-query-loaders-2.30.6-10.1 gdk-pixbuf-query-loaders-32bit-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-2.30.6-10.1 libgdk_pixbuf-2_0-0-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.30.6-10.1 typelib-1_0-GdkPixbuf-2_0-2.30.6-10.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gdk-pixbuf-lang-2.30.6-10.1 - SUSE Linux Enterprise Desktop 12 (x86_64): gdk-pixbuf-debugsource-2.30.6-10.1 gdk-pixbuf-query-loaders-2.30.6-10.1 gdk-pixbuf-query-loaders-32bit-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-2.30.6-10.1 gdk-pixbuf-query-loaders-debuginfo-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-2.30.6-10.1 libgdk_pixbuf-2_0-0-32bit-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-2.30.6-10.1 libgdk_pixbuf-2_0-0-debuginfo-32bit-2.30.6-10.1 typelib-1_0-GdkPixbuf-2_0-2.30.6-10.1 - SUSE Linux Enterprise Desktop 12 (noarch): gdk-pixbuf-lang-2.30.6-10.1 References: https://www.suse.com/security/cve/CVE-2015-7552.html https://bugzilla.suse.com/958963 https://bugzilla.suse.com/960155 From sle-updates at lists.suse.com Mon Jan 25 07:11:45 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 15:11:45 +0100 (CET) Subject: SUSE-SU-2016:0227-1: important: Security update for bind Message-ID: <20160125141145.E9110320E8@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0227-1 Rating: important References: #939567 #944066 #958861 #962189 Cross-References: CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 CVE-2015-8704 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This update for bind fixes the following issues: * CVE-2015-8000: Remote denial of service by mis-parsing incoming responses. (bsc#958861) * CVE-2015-5722: DoS against servers performing validation on DNSSEC-signed records. (bsc#944066) * CVE-2015-5477: DoS against authoritative and recursive servers. * CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189) Security Issues: * CVE-2015-8000 * CVE-2015-5722 * CVE-2015-5477 * CVE-2015-8704 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 9.6ESVR11P1]: bind-9.6ESVR11P1-0.18.1 bind-chrootenv-9.6ESVR11P1-0.18.1 bind-devel-9.6ESVR11P1-0.18.1 bind-doc-9.6ESVR11P1-0.18.1 bind-libs-9.6ESVR11P1-0.18.1 bind-utils-9.6ESVR11P1-0.18.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 9.6ESVR11P1]: bind-libs-32bit-9.6ESVR11P1-0.18.1 References: https://www.suse.com/security/cve/CVE-2015-5477.html https://www.suse.com/security/cve/CVE-2015-5722.html https://www.suse.com/security/cve/CVE-2015-8000.html https://www.suse.com/security/cve/CVE-2015-8704.html https://bugzilla.suse.com/939567 https://bugzilla.suse.com/944066 https://bugzilla.suse.com/958861 https://bugzilla.suse.com/962189 https://download.suse.com/patch/finder/?keywords=6c9cd85bd7aa9140126fe2cf192d0ac0 From sle-updates at lists.suse.com Mon Jan 25 07:12:46 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 15:12:46 +0100 (CET) Subject: SUSE-SU-2016:0228-1: moderate: Security update for apache-commons-collections Message-ID: <20160125141246.DC352320E8@maintenance.suse.de> SUSE Security Update: Security update for apache-commons-collections ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0228-1 Rating: moderate References: #954102 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update to apache-commons-collections 3.2.2 fixes the following security issues: * bsc#954102: code execution by unserialization Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-142=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-142=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): apache-commons-collections-3.2.2-6.1 apache-commons-collections-javadoc-3.2.2-6.1 - SUSE Linux Enterprise Server 12 (noarch): apache-commons-collections-3.2.2-6.1 apache-commons-collections-javadoc-3.2.2-6.1 References: https://bugzilla.suse.com/954102 From sle-updates at lists.suse.com Mon Jan 25 08:11:49 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 16:11:49 +0100 (CET) Subject: SUSE-RU-2016:0229-1: Recommended update for corosync Message-ID: <20160125151149.35B83320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for corosync ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0229-1 Rating: low References: #929586 Affected Products: SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: corosync was updated to fix an error selecting network IP addresses specified with the bindnetaddr configuration option. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-corosync-12356=1 - SUSE Linux Enterprise High Availability Extension 11-SP3: zypper in -t patch slehasp3-corosync-12356=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-corosync-12356=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-corosync-12356=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): corosync-1.4.7-0.23.5 libcorosync-devel-1.4.7-0.23.5 libcorosync4-1.4.7-0.23.5 - SUSE Linux Enterprise High Availability Extension 11-SP3 (i586 ia64 ppc64 s390x x86_64): corosync-1.4.7-0.23.5 libcorosync-devel-1.4.7-0.23.5 libcorosync4-1.4.7-0.23.5 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): corosync-debuginfo-1.4.7-0.23.5 corosync-debugsource-1.4.7-0.23.5 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): corosync-debuginfo-1.4.7-0.23.5 corosync-debugsource-1.4.7-0.23.5 References: https://bugzilla.suse.com/929586 From sle-updates at lists.suse.com Mon Jan 25 08:12:20 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 16:12:20 +0100 (CET) Subject: SUSE-RU-2016:0230-1: moderate: Recommended update for zypper-docker Message-ID: <20160125151220.7FAC2320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for zypper-docker ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0230-1 Rating: moderate References: #957967 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for zypper-docker fixes the following issues: - The patch and the update commands no longer pollute the resulting image. - Parse the image name:tag with distribution's reference package. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-143=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): zypper-docker-1.1.2-11.1 zypper-docker-debuginfo-1.1.2-11.1 - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x): zypper-docker-debugsource-1.1.2-11.1 References: https://bugzilla.suse.com/957967 From sle-updates at lists.suse.com Mon Jan 25 11:11:57 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:11:57 +0100 (CET) Subject: SUSE-RU-2016:0231-1: moderate: Recommended update for openstack-heat Message-ID: <20160125181157.B1A60320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-heat ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0231-1 Rating: moderate References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-heat fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrade. - Expose stack_user_project_id in stack-show. - Always fetch temp URL key before generation. - Validate nova server's metadata. - Make sure template resource's metadata is refreshed. - Update template paths for environment-mapped TemplateResources. - Don't re-bind environment for get_file during stack update. - Fix stack delete failure when instance is soft deleted. - ASG scaling account for cool-down timestamp and in-progress. - Detect container failure when checking create complete. - Save updated-in-place resources to backup stack. - Only write to template files if template data changes. - Fix stack-list after failed update. - Make ResourceDefinition round-trip stable to avoid extra writes. - Prevent hanging in DELETE_IN_PROGRESS. - Make sure to delete stack when SNAPSHOT_IN_PROGRESS. - Fix TypeError exception during cancel stack update. - Catch v3 keystone unauthorized error when creating stack. - Fix the topic and server that the listener client uses. - Add oslo.serialization to heat requirements. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-heat-12359=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-heat-2014.2.4.juno-12.3 openstack-heat-api-2014.2.4.juno-12.3 openstack-heat-api-cfn-2014.2.4.juno-12.3 openstack-heat-api-cloudwatch-2014.2.4.juno-12.3 openstack-heat-engine-2014.2.4.juno-12.3 python-heat-2014.2.4.juno-12.3 - SUSE OpenStack Cloud 5 (noarch): openstack-heat-doc-2014.2.4.juno-12.2 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:12:18 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:12:18 +0100 (CET) Subject: SUSE-RU-2016:0232-1: moderate: Recommended update for openstack-dashboard Message-ID: <20160125181218.427CA320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-dashboard ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0232-1 Rating: moderate References: #954754 #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-dashboard and openstack-dashboard-theme-SUSE fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrades. - Handle situation when endpoint is deleted. - Silently drop access to non-existent flavours. - Require apache2/openstack-dashboard as postrequires. - Add triggerin for openstack-dashboard. (bsc#954754) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-dashboard-12358=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-dashboard-2014.2.4.juno-16.2 openstack-dashboard-theme-SUSE-2014.2-16.5 python-horizon-2014.2.4.juno-16.2 References: https://bugzilla.suse.com/954754 https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:12:47 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:12:47 +0100 (CET) Subject: SUSE-RU-2016:0233-1: moderate: Recommended update for openstack-neutron Message-ID: <20160125181247.8B171320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-neutron ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0233-1 Rating: moderate References: #917069 #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-neutron fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrade. - Resubmit of "Remove bridge cleanup call" fix. - Fix inconsistency in DHCPv6 hosts and options generation. - Remove patch for bsc#917069 now that the underlying problem was fixed in Studio. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-neutron-12360=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-neutron-2014.2.4.juno-19.2 openstack-neutron-dhcp-agent-2014.2.4.juno-19.2 openstack-neutron-ha-tool-2014.2.4.juno-19.2 openstack-neutron-ibm-agent-2014.2.4.juno-19.2 openstack-neutron-l3-agent-2014.2.4.juno-19.2 openstack-neutron-lbaas-agent-2014.2.4.juno-19.2 openstack-neutron-linuxbridge-agent-2014.2.4.juno-19.2 openstack-neutron-metadata-agent-2014.2.4.juno-19.2 openstack-neutron-metering-agent-2014.2.4.juno-19.2 openstack-neutron-mlnx-agent-2014.2.4.juno-19.2 openstack-neutron-nec-agent-2014.2.4.juno-19.2 openstack-neutron-nvsd-agent-2014.2.4.juno-19.2 openstack-neutron-openvswitch-agent-2014.2.4.juno-19.2 openstack-neutron-plugin-cisco-2014.2.4.juno-19.2 openstack-neutron-restproxy-agent-2014.2.4.juno-19.2 openstack-neutron-ryu-agent-2014.2.4.juno-19.2 openstack-neutron-server-2014.2.4.juno-19.2 openstack-neutron-vpn-agent-2014.2.4.juno-19.2 python-neutron-2014.2.4.juno-19.2 - SUSE OpenStack Cloud 5 (noarch): openstack-neutron-doc-2014.2.4.juno-19.6 References: https://bugzilla.suse.com/917069 https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:13:20 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:13:20 +0100 (CET) Subject: SUSE-RU-2016:0234-1: Recommended update for openstack-trove Message-ID: <20160125181320.C16CF320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-trove ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0234-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-trove fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrade. - Expect ValidationError on an empty user update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-trove-12364=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-trove-2014.2.4.juno-12.2 openstack-trove-api-2014.2.4.juno-12.2 openstack-trove-conductor-2014.2.4.juno-12.2 openstack-trove-guestagent-2014.2.4.juno-12.2 openstack-trove-taskmanager-2014.2.4.juno-12.2 python-trove-2014.2.4.juno-12.2 - SUSE OpenStack Cloud 5 (noarch): openstack-trove-doc-2014.2.4.juno-12.3 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:13:40 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:13:40 +0100 (CET) Subject: SUSE-RU-2016:0235-1: Recommended update for openstack-ceilometer Message-ID: <20160125181340.DE5EE320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-ceilometer ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0235-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-ceilometer fixes the following issues: - Remove dependency on sphinxcontrib-docbookrestapi. - Remove log message when process notification. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-ceilometer-12362=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-ceilometer-2014.2.4.juno-12.5 openstack-ceilometer-agent-central-2014.2.4.juno-12.5 openstack-ceilometer-agent-compute-2014.2.4.juno-12.5 openstack-ceilometer-agent-ipmi-2014.2.4.juno-12.5 openstack-ceilometer-agent-notification-2014.2.4.juno-12.5 openstack-ceilometer-alarm-evaluator-2014.2.4.juno-12.5 openstack-ceilometer-alarm-notifier-2014.2.4.juno-12.5 openstack-ceilometer-api-2014.2.4.juno-12.5 openstack-ceilometer-collector-2014.2.4.juno-12.5 python-ceilometer-2014.2.4.juno-12.5 - SUSE OpenStack Cloud 5 (noarch): openstack-ceilometer-doc-2014.2.4.juno-12.2 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:13:59 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:13:59 +0100 (CET) Subject: SUSE-RU-2016:0236-1: moderate: Recommended update for openstack-keystone Message-ID: <20160125181359.C27A7320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0236-1 Rating: moderate References: #943764 #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for openstack-keystone fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrade. - Make assertion on checking password in SQL backend use a message. - Mask passwords in debug log on user password operations. - Fix eventlet green threads not released back to pool. - Fix xmldsig import. - Fix tempest failures caused by large tokens. (bsc#943764) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-keystone-12361=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-keystone-2014.2.4.juno-14.5 python-keystone-2014.2.4.juno-14.5 - SUSE OpenStack Cloud 5 (noarch): openstack-keystone-doc-2014.2.4.juno-14.4 References: https://bugzilla.suse.com/943764 https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:14:31 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:14:31 +0100 (CET) Subject: SUSE-RU-2016:0237-1: Recommended update for openstack-nova Message-ID: <20160125181432.02B1A320D8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0237-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-nova fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrade. - Fix failure when attaching volume to iso instance using libvirt. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-nova-12363=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-nova-2014.2.4.juno-23.2 openstack-nova-api-2014.2.4.juno-23.2 openstack-nova-cells-2014.2.4.juno-23.2 openstack-nova-cert-2014.2.4.juno-23.2 openstack-nova-compute-2014.2.4.juno-23.2 openstack-nova-conductor-2014.2.4.juno-23.2 openstack-nova-console-2014.2.4.juno-23.2 openstack-nova-consoleauth-2014.2.4.juno-23.2 openstack-nova-novncproxy-2014.2.4.juno-23.2 openstack-nova-objectstore-2014.2.4.juno-23.2 openstack-nova-scheduler-2014.2.4.juno-23.2 openstack-nova-serialproxy-2014.2.4.juno-23.2 openstack-nova-vncproxy-2014.2.4.juno-23.2 python-nova-2014.2.4.juno-23.2 - SUSE OpenStack Cloud 5 (noarch): openstack-nova-doc-2014.2.4.juno-23.4 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 11:14:52 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 19:14:52 +0100 (CET) Subject: SUSE-RU-2016:0238-1: moderate: Recommended update for openstack-cinder Message-ID: <20160125181452.79E27320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-cinder ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0238-1 Rating: moderate References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-cinder fixes the following issues: - Bump rpm package version to 2014.2.4.juno to avoid downgrades. - Fix HDS HNAS driver logging password as plain text. - Use a SLE-11 variant without the pam_session flags as SLE-11's sudo doesn't recognize it. - Don't create pam session for cinder-rootwrap to avoid excessive logging. - Disable logging to syslog for cinder. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-cinder-12357=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-cinder-2014.2.4.juno-12.2 openstack-cinder-api-2014.2.4.juno-12.2 openstack-cinder-backup-2014.2.4.juno-12.2 openstack-cinder-scheduler-2014.2.4.juno-12.2 openstack-cinder-volume-2014.2.4.juno-12.2 python-cinder-2014.2.4.juno-12.2 - SUSE OpenStack Cloud 5 (noarch): openstack-cinder-doc-2014.2.4.juno-12.3 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Mon Jan 25 13:12:00 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 21:12:00 +0100 (CET) Subject: SUSE-RU-2016:0240-1: moderate: Recommended update for polkit Message-ID: <20160125201200.EEDFA320E8@maintenance.suse.de> SUSE Recommended Update: Recommended update for polkit ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0240-1 Rating: moderate References: #954139 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The previous version update of polkit to fix security and stability issues brought a small regression in session activeness detection. This update reverts the small part responsible for the regression. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-155=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-155=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-155=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-155=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-155=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-155=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-155=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-155=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libpolkit0-32bit-0.113-5.6.1 libpolkit0-debuginfo-32bit-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libpolkit0-32bit-0.113-5.6.1 libpolkit0-debuginfo-32bit-0.113-5.6.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 polkit-devel-0.113-5.6.1 polkit-devel-debuginfo-0.113-5.6.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 polkit-devel-0.113-5.6.1 polkit-devel-debuginfo-0.113-5.6.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpolkit0-0.113-5.6.1 libpolkit0-debuginfo-0.113-5.6.1 polkit-0.113-5.6.1 polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 typelib-1_0-Polkit-1_0-0.113-5.6.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libpolkit0-0.113-5.6.1 libpolkit0-debuginfo-0.113-5.6.1 polkit-0.113-5.6.1 polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 typelib-1_0-Polkit-1_0-0.113-5.6.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpolkit0-0.113-5.6.1 libpolkit0-32bit-0.113-5.6.1 libpolkit0-debuginfo-0.113-5.6.1 libpolkit0-debuginfo-32bit-0.113-5.6.1 polkit-0.113-5.6.1 polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 typelib-1_0-Polkit-1_0-0.113-5.6.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libpolkit0-0.113-5.6.1 libpolkit0-32bit-0.113-5.6.1 libpolkit0-debuginfo-0.113-5.6.1 libpolkit0-debuginfo-32bit-0.113-5.6.1 polkit-0.113-5.6.1 polkit-debuginfo-0.113-5.6.1 polkit-debugsource-0.113-5.6.1 typelib-1_0-Polkit-1_0-0.113-5.6.1 References: https://bugzilla.suse.com/954139 From sle-updates at lists.suse.com Mon Jan 25 13:12:28 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 21:12:28 +0100 (CET) Subject: SUSE-SU-2016:0241-1: moderate: Security update for ecryptfs-utils Message-ID: <20160125201228.C95C1320E8@maintenance.suse.de> SUSE Security Update: Security update for ecryptfs-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0241-1 Rating: moderate References: #920160 #962052 Cross-References: CVE-2014-9687 CVE-2016-1572 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for ecryptfs-utils fixes the following issues: - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems (bsc#962052) - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks (bsc#920160) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-153=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-153=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-153=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-153=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): ecryptfs-utils-103-7.1 ecryptfs-utils-debuginfo-103-7.1 ecryptfs-utils-debugsource-103-7.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): ecryptfs-utils-32bit-103-7.1 ecryptfs-utils-debuginfo-32bit-103-7.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): ecryptfs-utils-103-7.1 ecryptfs-utils-debuginfo-103-7.1 ecryptfs-utils-debugsource-103-7.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): ecryptfs-utils-32bit-103-7.1 ecryptfs-utils-debuginfo-32bit-103-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ecryptfs-utils-103-7.1 ecryptfs-utils-32bit-103-7.1 ecryptfs-utils-debuginfo-103-7.1 ecryptfs-utils-debuginfo-32bit-103-7.1 ecryptfs-utils-debugsource-103-7.1 - SUSE Linux Enterprise Desktop 12 (x86_64): ecryptfs-utils-103-7.1 ecryptfs-utils-32bit-103-7.1 ecryptfs-utils-debuginfo-103-7.1 ecryptfs-utils-debuginfo-32bit-103-7.1 ecryptfs-utils-debugsource-103-7.1 References: https://www.suse.com/security/cve/CVE-2014-9687.html https://www.suse.com/security/cve/CVE-2016-1572.html https://bugzilla.suse.com/920160 https://bugzilla.suse.com/962052 From sle-updates at lists.suse.com Mon Jan 25 13:13:05 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 25 Jan 2016 21:13:05 +0100 (CET) Subject: SUSE-SU-2016:0242-1: moderate: Security update for jakarta-commons-collections Message-ID: <20160125201305.D9083320E8@maintenance.suse.de> SUSE Security Update: Security update for jakarta-commons-collections ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0242-1 Rating: moderate References: #954102 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update to jakarta-commons-collections 3.2.2 fixes the following security issues: * bsc#954102 code-execution by unserialization Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-jakarta-commons-collections-12365=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-jakarta-commons-collections-12365=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-jakarta-commons-collections-12365=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): jakarta-commons-collections-3.2.2-88.36.1 jakarta-commons-collections-javadoc-3.2.2-88.36.1 jakarta-commons-collections-tomcat5-3.2.2-88.36.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): jakarta-commons-collections-3.2.2-88.36.1 jakarta-commons-collections-javadoc-3.2.2-88.36.1 jakarta-commons-collections-tomcat5-3.2.2-88.36.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): jakarta-commons-collections-3.2.2-88.36.1 jakarta-commons-collections-javadoc-3.2.2-88.36.1 jakarta-commons-collections-tomcat5-3.2.2-88.36.1 References: https://bugzilla.suse.com/954102 From sle-updates at lists.suse.com Tue Jan 26 07:11:21 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jan 2016 15:11:21 +0100 (CET) Subject: SUSE-RU-2016:0248-1: moderate: Recommended update for Docker Message-ID: <20160126141121.89BB23213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for Docker ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0248-1 Rating: moderate References: #954737 #954812 #956434 #958255 #959405 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: Docker has been updated to version 1.9.1, bringing several fixes, enhancements and new features. Runtime: - Do not prevent daemon from booting if images could not be restored. - Force IPC mount to unmount on daemon shutdown/init. - Turn IPC unmount errors into warnings. - Fix 'docker stats' performance regression. - Clarify cryptic error message upon 'docker logs' if '--log-driver=none'. - Fix opq whiteouts problems for files with dot prefix. - Do not make network calls when normalizing names. - Output block IO metrics on 'docker stats'. - Detail network stats per interface on 'docker stats'. - Add 'ancestor=' filter to 'docker ps --filter' flag to filter containers based on their ancestor images. - Add 'label=' filter to 'docker ps --filter' to filter containers based on label. - Add '--kernel-memory' flag to 'docker run'. - Add '--message' flag to 'docker import' allowing to specify an optional message. - Add '--privileged' flag to 'docker exec'. - Add '--stop-signal' flag to 'docker run' to replace the container process stopping signal. - Add a new 'unless-stopped' restart policy. - Inspecting an image now returns tags. - Add container size information to 'docker inspect'. - Add 'RepoTags' and 'RepoDigests' field to '/images/{name:.*}/json'. - Remove the deprecated '/container/ps' endpoint from the API. - Send and document correct HTTP codes for '/exec//start'. - Share shm and mqueue between containers sharing IPC namespace. - Event stream now shows OOM status when '--oom-kill-disable' is set. - Ensure special network files (e.g. /etc/hosts) are read-only if bind-mounted with 'ro' option. - Improve 'rmi' performance. - Do not update /etc/hosts for the default bridge network, except for links. - Fix conflict with duplicate container names. - Fix an issue with incorrect template execution in 'docker inspect'. - Deprecate '-c' short flag variant for '--cpu-shares' in 'docker run'. - Change systemd unit file to no longer use the deprecated "-d" option. (bsc#954737) - Use file system cgroups by default. Client: - Fix bug with 'docker inspect' output when not connected to daemon. - Fix 'docker inspect -f {{.HostConfig.Dns}} somecontainer'. - Allow 'docker import' to import from local files. Builder: - Fix regression with symlink behavior in ADD/COPY. - Add a 'STOPSIGNAL' Dockerfile instruction allowing to set a different stop-signal for the container process. - Add an 'ARG' Dockerfile instruction and a '--build-arg' flag to 'docker build' that allows to add build-time environment variables. - Improve cache miss performance. Storage: - Try defaulting to xfs instead of ext4 for performance reasons. - Fix displayed file system in docker info. - Implement deferred deletion capability in devicemapper. Networking: - Promote 'docker network' from experimental to part of the standard release. - New network top-level concept, with associated subcommands and API. WARNING: the API is different from the experimental API. - Support for multiple isolated/micro-segmented networks. - Built-in multihost networking using VXLAN based overlay driver. - Support for third-party network plugins. - Ability to dynamically connect containers to multiple networks. - Support for user-defined IP address management via pluggable IPAM drivers. - Allow passing a network ID as an argument for '--net'. - Fix connect to host and prevent disconnect from host for 'host' network. - Fix '--fixed-cidr' issue when gateway ip falls in ip-range and ip-range is not the first block in the network. - Restore deterministic 'IPv6' generation from 'MAC' address on default 'bridge' network. - Allow port-mapping only for endpoints created on docker run. - Fixed an endpoint delete issue with a possible stale sbox. - Add daemon flags '--cluster-store' and '--cluster-advertise' for built-in nodes discovery. - Add '--cluster-store-opt' for setting up TLS settings. - Add '--dns-opt' to the daemon. - Deprecate the following container 'NetworkSettings' fields in API v1.21: 'EndpointID', 'Gateway', 'GlobalIPv6Address', 'GlobalIPv6PrefixLen', 'IPAddress', 'IPPrefixLen', 'IPv6Gateway' and 'MacAddress'. Those are now specific to the 'bridge' network. Use 'NetworkSettings.Networks' to inspect the networking settings of a container per network. Distribution: - Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent. - Make 'docker search' work with partial names. - Push optimization by avoiding buffering to file. - The daemon will display progress for images that were already being pulled by another client. - Only permissions required for the current action being performed are requested. - Renaming trust keys (and respective environment variables) from 'offline' to 'root' and 'tagging' to 'repository'. - Deprecate trust key environment variables 'DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE' and 'DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE'. Volumes: - New top-level 'volume' sub-command and API. - Move API volume driver settings to host-specific config. - Print an error message if volume name is not unique. - Ensure volumes created from Dockerfiles always use the local volume driver. - Deprecate auto-creating missing host paths for bind mounts. Logging: - Add 'awslogs' logging driver for Amazon CloudWatch. - Add generic 'tag' log option to allow customizing container/image information passed to driver (e.g. show container names). - Implement the 'docker logs' endpoint for the journald driver. - Deprecate driver-specific log tags (e.g. 'syslog-tag', etc.). Security: - Only relabel if user requested so with the 'z' option. (SELinux) - Add SELinux profiles to the rpm package. - Add AppArmor policy that prevents writing to /proc. - Fix creation of AppArmor profiles. (bsc#958255) - Add rules for auditd. (bsc#959405) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2016-156=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): docker-1.9.1-58.1 docker-debuginfo-1.9.1-58.1 docker-debugsource-1.9.1-58.1 References: https://bugzilla.suse.com/954737 https://bugzilla.suse.com/954812 https://bugzilla.suse.com/956434 https://bugzilla.suse.com/958255 https://bugzilla.suse.com/959405 From sle-updates at lists.suse.com Tue Jan 26 09:14:17 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jan 2016 17:14:17 +0100 (CET) Subject: SUSE-RU-2015:1986-2: moderate: Recommended update for ruby-common Message-ID: <20160126161417.2F5CF3213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for ruby-common ______________________________________________________________________________ Announcement ID: SUSE-RU-2015:1986-2 Rating: moderate References: #934328 #953771 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ruby-common provides several fixes and enhancements: - Help the solver to pick the right gem2rpm for the default Ruby version. (bsc#934328) - Fix premature return from from gem install. - Fail early if gem install fails, avoiding confusing error messages at the end of the build. - Implement cleaner solution for the extensions doc dir. - Do not overwrite options.otheropts. - Fixed forwarding of options to gem install. - Call ruby with -x from shell wrappers otherwise it might run into an endless loop. - Add shell-launcher to avoid dependency on a fixed Ruby version. - Ignore any files found in */.gem/*. In some versions of rubygems, gems that are installed are also copied to ~/.gem/. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-157=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-157=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): ruby-common-2.1-16.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): ruby-common-2.1-16.1 References: https://bugzilla.suse.com/934328 https://bugzilla.suse.com/953771 From sle-updates at lists.suse.com Tue Jan 26 11:11:32 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jan 2016 19:11:32 +0100 (CET) Subject: SUSE-RU-2016:0253-1: moderate: Recommended update for mdadm Message-ID: <20160126181132.468E63213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for mdadm ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0253-1 Rating: moderate References: #930417 #939124 #952644 #958597 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for mdadm fixes the following issues: - Fix corruption of DDF anchor. (bsc#930417) - Fix problem with adding spare to degraded array. (bsc#958597) - Fix regression in "mdadm /dev/mdXX --remove failed" handling. (bsc#952644) - Fix crash when running --detail on a dm device which contains an md device. (bsc#939124) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-mdadm-12367=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-mdadm-12367=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-mdadm-12367=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): mdadm-3.3.1-9.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): mdadm-3.3.1-9.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): mdadm-debuginfo-3.3.1-9.1 mdadm-debugsource-3.3.1-9.1 References: https://bugzilla.suse.com/930417 https://bugzilla.suse.com/939124 https://bugzilla.suse.com/952644 https://bugzilla.suse.com/958597 From sle-updates at lists.suse.com Tue Jan 26 11:12:35 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 26 Jan 2016 19:12:35 +0100 (CET) Subject: SUSE-RU-2016:0254-1: Recommended update for openstack-sahara Message-ID: <20160126181235.AA4423213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-sahara ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0254-1 Rating: low References: #958966 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-sahara fixes the following issues: - Remove token information from debug log. - Fix problem with using volumes for HDFS data in vanilla plugin. - Bump rpm package version to 2014.2.4.juno to avoid downgrade. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openstack-sahara-12366=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openstack-sahara-2014.2.4.juno-12.2 openstack-sahara-api-2014.2.4.juno-12.2 openstack-sahara-engine-2014.2.4.juno-12.2 python-sahara-2014.2.4.juno-12.2 - SUSE OpenStack Cloud 5 (noarch): openstack-sahara-doc-2014.2.4.juno-12.3 References: https://bugzilla.suse.com/958966 From sle-updates at lists.suse.com Wed Jan 27 07:13:38 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 15:13:38 +0100 (CET) Subject: SUSE-SU-2016:0256-1: critical: Security update for java-1_8_0-openjdk Message-ID: <20160127141338.C96CF3213D@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0256-1 Rating: critical References: #960996 #962743 Cross-References: CVE-2015-7575 CVE-2015-8126 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. (bsc#962743) The following vulnerabilities were fixed: - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-160=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-160=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.72-3.2 java-1_8_0-openjdk-debuginfo-1.8.0.72-3.2 java-1_8_0-openjdk-debugsource-1.8.0.72-3.2 java-1_8_0-openjdk-demo-1.8.0.72-3.2 java-1_8_0-openjdk-demo-debuginfo-1.8.0.72-3.2 java-1_8_0-openjdk-devel-1.8.0.72-3.2 java-1_8_0-openjdk-headless-1.8.0.72-3.2 java-1_8_0-openjdk-headless-debuginfo-1.8.0.72-3.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_8_0-openjdk-1.8.0.72-3.2 java-1_8_0-openjdk-debuginfo-1.8.0.72-3.2 java-1_8_0-openjdk-debugsource-1.8.0.72-3.2 java-1_8_0-openjdk-headless-1.8.0.72-3.2 java-1_8_0-openjdk-headless-debuginfo-1.8.0.72-3.2 References: https://www.suse.com/security/cve/CVE-2015-7575.html https://www.suse.com/security/cve/CVE-2015-8126.html https://www.suse.com/security/cve/CVE-2016-0402.html https://www.suse.com/security/cve/CVE-2016-0448.html https://www.suse.com/security/cve/CVE-2016-0466.html https://www.suse.com/security/cve/CVE-2016-0475.html https://www.suse.com/security/cve/CVE-2016-0483.html https://www.suse.com/security/cve/CVE-2016-0494.html https://bugzilla.suse.com/960996 https://bugzilla.suse.com/962743 From sle-updates at lists.suse.com Wed Jan 27 08:11:59 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 16:11:59 +0100 (CET) Subject: SUSE-SU-2016:0257-1: moderate: Security update for mono-core Message-ID: <20160127151159.3112C320E8@maintenance.suse.de> SUSE Security Update: Security update for mono-core ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0257-1 Rating: moderate References: #739119 #958097 Cross-References: CVE-2009-0689 CVE-2012-3543 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: mono-core was updated to fix the following vulnerabilities: - CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation (bsc#958097) - CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU consumption due to lack of protection against predictable hash collisions when processing form parameters (bsc#739119) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-mono-core-12369=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-mono-core-12369=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-mono-core-12369=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-mono-core-12369=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-mono-core-12369=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-mono-core-12369=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): bytefx-data-mysql-2.6.7-0.16.1 mono-data-firebird-2.6.7-0.16.1 mono-data-oracle-2.6.7-0.16.1 mono-data-sybase-2.6.7-0.16.1 mono-devel-2.6.7-0.16.1 mono-extras-2.6.7-0.16.1 mono-jscript-2.6.7-0.16.1 mono-wcf-2.6.7-0.16.1 mono-winfxcore-2.6.7-0.16.1 monodoc-core-2.6.7-0.16.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64): mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x): bytefx-data-mysql-2.6.7-0.16.1 mono-data-firebird-2.6.7-0.16.1 mono-data-oracle-2.6.7-0.16.1 mono-data-sybase-2.6.7-0.16.1 mono-devel-2.6.7-0.16.1 mono-extras-2.6.7-0.16.1 mono-jscript-2.6.7-0.16.1 mono-wcf-2.6.7-0.16.1 mono-winfxcore-2.6.7-0.16.1 monodoc-core-2.6.7-0.16.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64): mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 - SUSE Linux Enterprise Server 11-SP3 (ia64 ppc64 s390x): mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): bytefx-data-mysql-2.6.7-0.16.1 ibm-data-db2-2.6.7-0.16.1 mono-core-2.6.7-0.16.1 mono-data-2.6.7-0.16.1 mono-data-firebird-2.6.7-0.16.1 mono-data-oracle-2.6.7-0.16.1 mono-data-postgresql-2.6.7-0.16.1 mono-data-sqlite-2.6.7-0.16.1 mono-data-sybase-2.6.7-0.16.1 mono-devel-2.6.7-0.16.1 mono-extras-2.6.7-0.16.1 mono-jscript-2.6.7-0.16.1 mono-locale-extras-2.6.7-0.16.1 mono-nunit-2.6.7-0.16.1 mono-wcf-2.6.7-0.16.1 mono-web-2.6.7-0.16.1 mono-winforms-2.6.7-0.16.1 monodoc-core-2.6.7-0.16.1 References: https://www.suse.com/security/cve/CVE-2009-0689.html https://www.suse.com/security/cve/CVE-2012-3543.html https://bugzilla.suse.com/739119 https://bugzilla.suse.com/958097 From sle-updates at lists.suse.com Wed Jan 27 09:11:41 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 17:11:41 +0100 (CET) Subject: SUSE-RU-2016:0259-1: moderate: Recommended update for udev Message-ID: <20160127161141.1299D3213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0259-1 Rating: moderate References: #958208 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for udev adjusts the persistent network device name rules to skip Mellanox virtual devices. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-udev-12370=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-udev-12370=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-udev-12370=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-udev-12370=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-udev-12370=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.107.1 libudev-devel-147-0.107.1 libudev0-147-0.107.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): libgudev-1_0-0-147-0.107.1 libudev0-147-0.107.1 udev-147-0.107.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libgudev-1_0-0-32bit-147-0.107.1 libudev0-32bit-147-0.107.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.107.1 libudev0-147-0.107.1 udev-147-0.107.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.107.1 libudev0-32bit-147-0.107.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libgudev-1_0-0-x86-147-0.107.1 libudev0-x86-147-0.107.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libgudev-1_0-0-147-0.107.1 libudev0-147-0.107.1 udev-147-0.107.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libgudev-1_0-0-32bit-147-0.107.1 libudev0-32bit-147-0.107.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): udev-debuginfo-147-0.107.1 udev-debugsource-147-0.107.1 References: https://bugzilla.suse.com/958208 From sle-updates at lists.suse.com Wed Jan 27 09:12:12 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 17:12:12 +0100 (CET) Subject: SUSE-RU-2016:0260-1: moderate: Recommended update for udev Message-ID: <20160127161212.A9F723213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0260-1 Rating: moderate References: #958208 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for udev adjusts the persistent network device name rules to skip Mellanox virtual devices. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-udev-12371=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-udev-12371=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-udev-12371=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-udev-12371=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.110.1 libudev-devel-147-0.110.1 libudev0-147-0.110.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.110.1 libudev0-147-0.110.1 udev-147-0.110.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.110.1 libudev0-32bit-147-0.110.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libgudev-1_0-0-x86-147-0.110.1 libudev0-x86-147-0.110.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libgudev-1_0-0-147-0.110.1 libudev0-147-0.110.1 udev-147-0.110.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libgudev-1_0-0-32bit-147-0.110.1 libudev0-32bit-147-0.110.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): udev-debuginfo-147-0.110.1 udev-debugsource-147-0.110.1 References: https://bugzilla.suse.com/958208 From sle-updates at lists.suse.com Wed Jan 27 11:12:35 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 19:12:35 +0100 (CET) Subject: SUSE-SU-2016:0262-1: important: Security update for openldap2 Message-ID: <20160127181235.BF5BA3213D@maintenance.suse.de> SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0262-1 Rating: important References: #937766 #945582 Cross-References: CVE-2015-4000 CVE-2015-6908 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-openldap2-20160114-12372=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): openldap2-devel-2.4.26-0.17.23.1 References: https://www.suse.com/security/cve/CVE-2015-4000.html https://www.suse.com/security/cve/CVE-2015-6908.html https://bugzilla.suse.com/937766 https://bugzilla.suse.com/945582 From sle-updates at lists.suse.com Wed Jan 27 13:12:12 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 21:12:12 +0100 (CET) Subject: SUSE-SU-2016:0265-1: critical: Security update for java-1_7_0-openjdk Message-ID: <20160127201212.5C7213213D@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0265-1 Rating: critical References: #939523 #960996 #962743 Cross-References: CVE-2015-4871 CVE-2015-7575 CVE-2015-8126 CVE-2015-8472 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions The following bugs were fixed: - bsc#939523: java-1_7_0-openjdk-headless had X dependencies, move libjavagtk to full package Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-169=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-169=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-169=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-169=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.95-24.2 java-1_7_0-openjdk-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-debugsource-1.7.0.95-24.2 java-1_7_0-openjdk-demo-1.7.0.95-24.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-devel-1.7.0.95-24.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-headless-1.7.0.95-24.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.95-24.2 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.95-24.2 java-1_7_0-openjdk-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-debugsource-1.7.0.95-24.2 java-1_7_0-openjdk-demo-1.7.0.95-24.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-devel-1.7.0.95-24.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-headless-1.7.0.95-24.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.95-24.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_7_0-openjdk-1.7.0.95-24.2 java-1_7_0-openjdk-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-debugsource-1.7.0.95-24.2 java-1_7_0-openjdk-headless-1.7.0.95-24.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.95-24.2 - SUSE Linux Enterprise Desktop 12 (x86_64): java-1_7_0-openjdk-1.7.0.95-24.2 java-1_7_0-openjdk-debuginfo-1.7.0.95-24.2 java-1_7_0-openjdk-debugsource-1.7.0.95-24.2 java-1_7_0-openjdk-headless-1.7.0.95-24.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.95-24.2 References: https://www.suse.com/security/cve/CVE-2015-4871.html https://www.suse.com/security/cve/CVE-2015-7575.html https://www.suse.com/security/cve/CVE-2015-8126.html https://www.suse.com/security/cve/CVE-2015-8472.html https://www.suse.com/security/cve/CVE-2016-0402.html https://www.suse.com/security/cve/CVE-2016-0448.html https://www.suse.com/security/cve/CVE-2016-0466.html https://www.suse.com/security/cve/CVE-2016-0483.html https://www.suse.com/security/cve/CVE-2016-0494.html https://bugzilla.suse.com/939523 https://bugzilla.suse.com/960996 https://bugzilla.suse.com/962743 From sle-updates at lists.suse.com Wed Jan 27 13:12:53 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 21:12:53 +0100 (CET) Subject: SUSE-OU-2016:0266-1: Initial release of docker-img-store-setup Message-ID: <20160127201253.395083213D@maintenance.suse.de> SUSE Optional Update: Initial release of docker-img-store-setup ______________________________________________________________________________ Announcement ID: SUSE-OU-2016:0266-1 Rating: low References: #956085 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: By default Docker uses loopback mounted "devices" to store docker images and metadata. This default storage configuration (100 GB for image storage) leads to a rather lengthy start up phase of docker when initially launched. When docker is enabled by default, such as in the Amazon Container Service images for SUSE Linux Enterprise, the slow start up time of docker upon instance creation provides a sub optimal user experience. Additionally other services that depend on docker being operational may time out. The script and systemd unit file in the docker-img-store-setup package address the problem described above. The script creates a 100 GB device file that is then formatted with btrfs. The mounted device allows docker to use the btrfs storage driver and the start up process is very fast. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-170=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): docker-img-store-setup-1.0.0-2.1 References: https://bugzilla.suse.com/956085 From sle-updates at lists.suse.com Wed Jan 27 13:13:14 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 21:13:14 +0100 (CET) Subject: SUSE-SU-2016:0267-1: moderate: Security update for rubygem-mail-2_4 Message-ID: <20160127201314.C404F3213D@maintenance.suse.de> SUSE Security Update: Security update for rubygem-mail-2_4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0267-1 Rating: moderate References: #959129 Affected Products: SUSE Webyast 1.3 SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Lifecycle Management Server 1.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for rubygem-mail-2_4 fixes the following issues: * bsc#959129: SMTP Injection via recipient email addresses Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Webyast 1.3: zypper in -t patch slewyst13-rubygem-mail-2_4-12373=1 - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-rubygem-mail-2_4-12373=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-rubygem-mail-2_4-12373=1 - SUSE Lifecycle Management Server 1.3: zypper in -t patch sleslms13-rubygem-mail-2_4-12373=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Webyast 1.3 (i586 ia64 ppc64 s390x x86_64): rubygem-mail-2_4-2.4.4-0.10.2 - SUSE Studio Onsite 1.3 (x86_64): rubygem-mail-2_4-2.4.4-0.10.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): rubygem-mail-2_4-2.4.4-0.10.2 - SUSE Lifecycle Management Server 1.3 (x86_64): rubygem-mail-2_4-2.4.4-0.10.2 References: https://bugzilla.suse.com/959129 From sle-updates at lists.suse.com Wed Jan 27 13:14:11 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 27 Jan 2016 21:14:11 +0100 (CET) Subject: SUSE-SU-2016:0269-1: critical: Security update for java-1_7_0-openjdk Message-ID: <20160127201411.422B93213D@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0269-1 Rating: critical References: #960996 #962743 Cross-References: CVE-2015-4871 CVE-2015-7575 CVE-2015-8126 CVE-2015-8472 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 Affected Products: SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-java-1_7_0-openjdk-12374=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-java-1_7_0-openjdk-12374=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-java-1_7_0-openjdk-12374=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-java-1_7_0-openjdk-12374=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): java-1_7_0-openjdk-1.7.0.95-0.17.2 java-1_7_0-openjdk-demo-1.7.0.95-0.17.2 java-1_7_0-openjdk-devel-1.7.0.95-0.17.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): java-1_7_0-openjdk-1.7.0.95-0.17.2 java-1_7_0-openjdk-demo-1.7.0.95-0.17.2 java-1_7_0-openjdk-devel-1.7.0.95-0.17.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): java-1_7_0-openjdk-debuginfo-1.7.0.95-0.17.2 java-1_7_0-openjdk-debugsource-1.7.0.95-0.17.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): java-1_7_0-openjdk-debuginfo-1.7.0.95-0.17.2 java-1_7_0-openjdk-debugsource-1.7.0.95-0.17.2 References: https://www.suse.com/security/cve/CVE-2015-4871.html https://www.suse.com/security/cve/CVE-2015-7575.html https://www.suse.com/security/cve/CVE-2015-8126.html https://www.suse.com/security/cve/CVE-2015-8472.html https://www.suse.com/security/cve/CVE-2016-0402.html https://www.suse.com/security/cve/CVE-2016-0448.html https://www.suse.com/security/cve/CVE-2016-0466.html https://www.suse.com/security/cve/CVE-2016-0483.html https://www.suse.com/security/cve/CVE-2016-0494.html https://bugzilla.suse.com/960996 https://bugzilla.suse.com/962743 From sle-updates at lists.suse.com Thu Jan 28 10:11:36 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jan 2016 18:11:36 +0100 (CET) Subject: SUSE-RU-2016:0275-1: Recommended update for python-netaddr Message-ID: <20160128171136.4BEE43213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-netaddr ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0275-1 Rating: low References: #961341 Affected Products: SUSE OpenStack Cloud Compute 5 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The python-netaddr module was updated to version 0.7.12, which brings many fixes and enhancements: - Performance of IPSet increased dramatically. - IPSet has two new methods: iscontiguous() and iprange(). - Networks 128.0.0.0/16, 191.255.0.0/16, and 223.255.255.0/24 are not marked as reserved IPv4 addresses any more. For a comprehensive list of changes please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Compute 5: zypper in -t patch SUSE-SLE12-CLOUD-5-2016-171=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-171=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-171=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud Compute 5 (noarch): python-netaddr-0.7.12-14.2 - SUSE Linux Enterprise Server 12-SP1 (noarch): python-netaddr-0.7.12-14.2 - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-netaddr-0.7.12-14.2 References: https://bugzilla.suse.com/961341 From sle-updates at lists.suse.com Thu Jan 28 11:11:35 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 28 Jan 2016 19:11:35 +0100 (CET) Subject: SUSE-RU-2016:0278-1: Recommended update for python-ceilometerclient Message-ID: <20160128181135.3D4AE3213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-ceilometerclient ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0278-1 Rating: low References: #930052 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: python-ceilometerclient has been updated to version 1.0.12. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-python-ceilometerclient-12375=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): python-ceilometerclient-1.0.12-9.1 References: https://bugzilla.suse.com/930052 From sle-updates at lists.suse.com Fri Jan 29 08:11:56 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 16:11:56 +0100 (CET) Subject: SUSE-SU-2016:0282-1: moderate: Security update for gdk2 Message-ID: <20160129151156.D166C3213C@maintenance.suse.de> SUSE Security Update: Security update for gdk2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0282-1 Rating: moderate References: #958963 #960155 Cross-References: CVE-2015-7552 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for gdk2 fixes the following security issues: - CVE-2015-7552: various overflows, including heap overflow in flipping bmp files (bsc#958963) The following non-security issues were fixed: - bsc#960155: fix a possible divide by zero Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-gtk2-12376=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-gtk2-12376=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-gtk2-12376=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-gtk2-12376=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-gtk2-12376=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-gtk2-12376=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-gtk2-12376=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-gtk2-12376=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): gtk2-devel-2.18.9-0.39.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64): gtk2-devel-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): gtk2-devel-2.18.9-0.39.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (ppc64): gtk2-devel-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): gtk2-2.18.9-0.39.1 gtk2-doc-2.18.9-0.39.1 gtk2-lang-2.18.9-0.39.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): gtk2-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): gtk2-2.18.9-0.39.1 gtk2-doc-2.18.9-0.39.1 gtk2-lang-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): gtk2-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): gtk2-x86-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): gtk2-2.18.9-0.39.1 gtk2-doc-2.18.9-0.39.1 gtk2-lang-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): gtk2-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): gtk2-x86-2.18.9-0.39.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): gtk2-2.18.9-0.39.1 gtk2-lang-2.18.9-0.39.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): gtk2-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): gtk2-2.18.9-0.39.1 gtk2-lang-2.18.9-0.39.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): gtk2-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): gtk2-debuginfo-2.18.9-0.39.1 gtk2-debugsource-2.18.9-0.39.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): gtk2-debuginfo-32bit-2.18.9-0.39.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): gtk2-debuginfo-x86-2.18.9-0.39.1 References: https://www.suse.com/security/cve/CVE-2015-7552.html https://bugzilla.suse.com/958963 https://bugzilla.suse.com/960155 From sle-updates at lists.suse.com Fri Jan 29 08:12:44 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 16:12:44 +0100 (CET) Subject: SUSE-RU-2016:0283-1: Recommended update for WALinuxAgent Message-ID: <20160129151244.1658B3213C@maintenance.suse.de> SUSE Recommended Update: Recommended update for WALinuxAgent ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0283-1 Rating: low References: #962589 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for WALinuxAgent fixes the following issues: - Add support for rdma driver installation and update. - Handle 410 when reporting health. - Add timeout to HTTP requests. - Fix multiple issues with extension handling. - Fix descriptions for naming of the product. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-176=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): WALinuxAgent-2.0.17-17.1 References: https://bugzilla.suse.com/962589 From sle-updates at lists.suse.com Fri Jan 29 08:13:08 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 16:13:08 +0100 (CET) Subject: SUSE-SU-2016:0284-1: moderate: Security update for php5 Message-ID: <20160129151308.853E93213C@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0284-1 Rating: moderate References: #949961 #962057 Cross-References: CVE-2015-7803 CVE-2016-1903 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for php5 fixes the following issues: - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-174=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-174=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2016-174=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-42.2 php5-debugsource-5.5.14-42.2 php5-devel-5.5.14-42.2 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-42.2 php5-debugsource-5.5.14-42.2 php5-devel-5.5.14-42.2 - SUSE Linux Enterprise Module for Web Scripting 12 (ppc64le s390x x86_64): apache2-mod_php5-5.5.14-42.2 apache2-mod_php5-debuginfo-5.5.14-42.2 php5-5.5.14-42.2 php5-bcmath-5.5.14-42.2 php5-bcmath-debuginfo-5.5.14-42.2 php5-bz2-5.5.14-42.2 php5-bz2-debuginfo-5.5.14-42.2 php5-calendar-5.5.14-42.2 php5-calendar-debuginfo-5.5.14-42.2 php5-ctype-5.5.14-42.2 php5-ctype-debuginfo-5.5.14-42.2 php5-curl-5.5.14-42.2 php5-curl-debuginfo-5.5.14-42.2 php5-dba-5.5.14-42.2 php5-dba-debuginfo-5.5.14-42.2 php5-debuginfo-5.5.14-42.2 php5-debugsource-5.5.14-42.2 php5-dom-5.5.14-42.2 php5-dom-debuginfo-5.5.14-42.2 php5-enchant-5.5.14-42.2 php5-enchant-debuginfo-5.5.14-42.2 php5-exif-5.5.14-42.2 php5-exif-debuginfo-5.5.14-42.2 php5-fastcgi-5.5.14-42.2 php5-fastcgi-debuginfo-5.5.14-42.2 php5-fileinfo-5.5.14-42.2 php5-fileinfo-debuginfo-5.5.14-42.2 php5-fpm-5.5.14-42.2 php5-fpm-debuginfo-5.5.14-42.2 php5-ftp-5.5.14-42.2 php5-ftp-debuginfo-5.5.14-42.2 php5-gd-5.5.14-42.2 php5-gd-debuginfo-5.5.14-42.2 php5-gettext-5.5.14-42.2 php5-gettext-debuginfo-5.5.14-42.2 php5-gmp-5.5.14-42.2 php5-gmp-debuginfo-5.5.14-42.2 php5-iconv-5.5.14-42.2 php5-iconv-debuginfo-5.5.14-42.2 php5-intl-5.5.14-42.2 php5-intl-debuginfo-5.5.14-42.2 php5-json-5.5.14-42.2 php5-json-debuginfo-5.5.14-42.2 php5-ldap-5.5.14-42.2 php5-ldap-debuginfo-5.5.14-42.2 php5-mbstring-5.5.14-42.2 php5-mbstring-debuginfo-5.5.14-42.2 php5-mcrypt-5.5.14-42.2 php5-mcrypt-debuginfo-5.5.14-42.2 php5-mysql-5.5.14-42.2 php5-mysql-debuginfo-5.5.14-42.2 php5-odbc-5.5.14-42.2 php5-odbc-debuginfo-5.5.14-42.2 php5-opcache-5.5.14-42.2 php5-opcache-debuginfo-5.5.14-42.2 php5-openssl-5.5.14-42.2 php5-openssl-debuginfo-5.5.14-42.2 php5-pcntl-5.5.14-42.2 php5-pcntl-debuginfo-5.5.14-42.2 php5-pdo-5.5.14-42.2 php5-pdo-debuginfo-5.5.14-42.2 php5-pgsql-5.5.14-42.2 php5-pgsql-debuginfo-5.5.14-42.2 php5-posix-5.5.14-42.2 php5-posix-debuginfo-5.5.14-42.2 php5-pspell-5.5.14-42.2 php5-pspell-debuginfo-5.5.14-42.2 php5-shmop-5.5.14-42.2 php5-shmop-debuginfo-5.5.14-42.2 php5-snmp-5.5.14-42.2 php5-snmp-debuginfo-5.5.14-42.2 php5-soap-5.5.14-42.2 php5-soap-debuginfo-5.5.14-42.2 php5-sockets-5.5.14-42.2 php5-sockets-debuginfo-5.5.14-42.2 php5-sqlite-5.5.14-42.2 php5-sqlite-debuginfo-5.5.14-42.2 php5-suhosin-5.5.14-42.2 php5-suhosin-debuginfo-5.5.14-42.2 php5-sysvmsg-5.5.14-42.2 php5-sysvmsg-debuginfo-5.5.14-42.2 php5-sysvsem-5.5.14-42.2 php5-sysvsem-debuginfo-5.5.14-42.2 php5-sysvshm-5.5.14-42.2 php5-sysvshm-debuginfo-5.5.14-42.2 php5-tokenizer-5.5.14-42.2 php5-tokenizer-debuginfo-5.5.14-42.2 php5-wddx-5.5.14-42.2 php5-wddx-debuginfo-5.5.14-42.2 php5-xmlreader-5.5.14-42.2 php5-xmlreader-debuginfo-5.5.14-42.2 php5-xmlrpc-5.5.14-42.2 php5-xmlrpc-debuginfo-5.5.14-42.2 php5-xmlwriter-5.5.14-42.2 php5-xmlwriter-debuginfo-5.5.14-42.2 php5-xsl-5.5.14-42.2 php5-xsl-debuginfo-5.5.14-42.2 php5-zip-5.5.14-42.2 php5-zip-debuginfo-5.5.14-42.2 php5-zlib-5.5.14-42.2 php5-zlib-debuginfo-5.5.14-42.2 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php5-pear-5.5.14-42.2 References: https://www.suse.com/security/cve/CVE-2015-7803.html https://www.suse.com/security/cve/CVE-2016-1903.html https://bugzilla.suse.com/949961 https://bugzilla.suse.com/962057 From sle-updates at lists.suse.com Fri Jan 29 10:12:18 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 18:12:18 +0100 (CET) Subject: SUSE-RU-2016:0285-1: Recommended update for suse-xsl-stylesheets Message-ID: <20160129171218.C6DBD2800C@maintenance.suse.de> SUSE Recommended Update: Recommended update for suse-xsl-stylesheets ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0285-1 Rating: low References: #955663 #962402 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: suse-xsl-stylesheets was updated to version 2.0.4, which brings several fixes and enhancements: Schema: - Allow constant and see (inside ); make db.all.blocks zero or more (*) for question - Remove XLinks from DB5 elements - Disallow db.all.blocks in lists - Remove from guiinlines (Novdoc) - Allow in titles (Novdoc) Stylesheets (PDF): - "Unbolded" admonition titles - Odd space in footer where used to be, not displayed on book title page - Fix style of titles (bsc#955663) - FOP doesn't like empty s - Make handling a little more elegant - Attribute sets: fix logic for replacing bold/italic in CJK languages Stylesheets (XHTML): - Make Callouts "uncopyable" - Don't link inline images - Publication date is incorrectly capitalized - Create better plain-text output via DAPS - debug.filename-id: Use xml:id for metadata - Various fixes for JS code for tracker - Style for Common Stylesheet Changes: - xrefs to variablelists in another book are broken - Trim spaces/newlines at beginning/end of verbatim elements - Fix bugtracker for db4. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-177=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): suse-xsl-stylesheets-2.0.4-6.2 References: https://bugzilla.suse.com/955663 https://bugzilla.suse.com/962402 From sle-updates at lists.suse.com Fri Jan 29 13:11:42 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 21:11:42 +0100 (CET) Subject: SUSE-RU-2016:0286-1: moderate: Recommended update for xorg-x11-server Message-ID: <20160129201142.11FCB320DF@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0286-1 Rating: moderate References: #960068 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for xorg-x11-server fixes the following issue: The Xserver did not handle the unwrapping/(re)wrapping on EnterVT correctly. After the 1st VT switch, the function chain was incorrect, so after the 2nd VT switch, some functions were missed and thus a DRI2 client blocked. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xorg-x11-server-12378=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-xorg-x11-server-12378=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-xorg-x11-server-12378=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xorg-x11-server-12378=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-xorg-x11-server-12378=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-xorg-x11-server-12378=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-xorg-x11-server-12378=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xorg-x11-server-12378=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-xorg-x11-server-12378=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-sdk-7.4-27.114.2 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-sdk-7.4-27.114.2 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): xorg-x11-Xvnc-7.4-27.114.2 xorg-x11-server-7.4-27.114.2 xorg-x11-server-extra-7.4-27.114.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-Xvnc-7.4-27.114.2 xorg-x11-server-7.4-27.114.2 xorg-x11-server-extra-7.4-27.114.2 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-Xvnc-7.4-27.114.2 xorg-x11-server-7.4-27.114.2 xorg-x11-server-extra-7.4-27.114.2 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): xorg-x11-Xvnc-7.4-27.114.2 xorg-x11-server-7.4-27.114.2 xorg-x11-server-extra-7.4-27.114.2 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): xorg-x11-Xvnc-7.4-27.114.2 xorg-x11-server-7.4-27.114.2 xorg-x11-server-extra-7.4-27.114.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-debuginfo-7.4-27.114.2 xorg-x11-server-debugsource-7.4-27.114.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): xorg-x11-server-debuginfo-7.4-27.114.2 xorg-x11-server-debugsource-7.4-27.114.2 References: https://bugzilla.suse.com/960068 From sle-updates at lists.suse.com Fri Jan 29 13:12:15 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 21:12:15 +0100 (CET) Subject: SUSE-RU-2016:0287-1: Recommended update for CFEngine Message-ID: <20160129201215.E10493213C@maintenance.suse.de> SUSE Recommended Update: Recommended update for CFEngine ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0287-1 Rating: low References: #958941 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: CFEngine was updated from version 3.6.1 to 3.7.1, bringing new features and many fixes. See https://github.com/cfengine/core/blob/3.7.x/ChangeLog for the comprehensive list of changes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-179=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-179=1 - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2016-179=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): cfengine-debuginfo-3.7.1-10.3 cfengine-debugsource-3.7.1-10.3 libpromises-devel-3.7.1-10.3 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): cfengine-debuginfo-3.7.1-10.3 cfengine-debugsource-3.7.1-10.3 libpromises-devel-3.7.1-10.3 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): cfengine-3.7.1-10.3 cfengine-debuginfo-3.7.1-10.3 cfengine-debugsource-3.7.1-10.3 cfengine-doc-3.7.1-10.3 libpromises3-3.7.1-10.3 libpromises3-debuginfo-3.7.1-10.3 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch): cfengine-masterfiles-3.7.1-3.1 References: https://bugzilla.suse.com/958941 From sle-updates at lists.suse.com Fri Jan 29 13:12:43 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 29 Jan 2016 21:12:43 +0100 (CET) Subject: SUSE-RU-2016:0288-1: moderate: Recommended update for zypper Message-ID: <20160129201243.0AD653213C@maintenance.suse.de> SUSE Recommended Update: Recommended update for zypper ______________________________________________________________________________ Announcement ID: SUSE-RU-2016:0288-1 Rating: moderate References: #793424 #893833 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for zypper fixes the following issues: - Fix different data returned in xml and text output of lu/lp commands. (bsc#793424, bsc#893833) - Also report needed but locked patches in 'pchk'. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-zypper-12377=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-zypper-12377=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-zypper-12377=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-zypper-12377=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-zypper-12377=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-zypper-12377=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): zypper-1.6.327-9.9 zypper-log-1.6.327-9.9 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): zypper-1.6.327-9.9 zypper-log-1.6.327-9.9 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): zypper-1.6.327-9.9 zypper-log-1.6.327-9.9 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): zypper-1.6.327-9.9 zypper-log-1.6.327-9.9 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): zypper-1.6.327-9.9 zypper-log-1.6.327-9.9 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): zypper-debuginfo-1.6.327-9.9 zypper-debugsource-1.6.327-9.9 References: https://bugzilla.suse.com/793424 https://bugzilla.suse.com/893833 From sle-updates at lists.suse.com Sat Jan 30 16:11:47 2016 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sun, 31 Jan 2016 00:11:47 +0100 (CET) Subject: SUSE-SU-2016:0290-1: moderate: Security update for ecryptfs-utils Message-ID: <20160130231147.920AC3213D@maintenance.suse.de> SUSE Security Update: Security update for ecryptfs-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0290-1 Rating: moderate References: #920160 #962052 Cross-References: CVE-2014-9687 CVE-2016-1572 Affected Products: SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for ecryptfs-utils fixes the following issues: - CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems (bsc#962052) - CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks (bsc#920160) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ecryptfs-utils-12379=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-ecryptfs-utils-12379=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): ecryptfs-utils-61-1.35.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): ecryptfs-utils-32bit-61-1.35.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-61-1.35.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): ecryptfs-utils-32bit-61-1.35.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): ecryptfs-utils-x86-61-1.35.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-61-1.35.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): ecryptfs-utils-32bit-61-1.35.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): ecryptfs-utils-x86-61-1.35.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): ecryptfs-utils-61-1.35.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): ecryptfs-utils-32bit-61-1.35.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): ecryptfs-utils-61-1.35.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): ecryptfs-utils-32bit-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-debuginfo-61-1.35.1 ecryptfs-utils-debugsource-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 x86_64): ecryptfs-utils-debuginfo-32bit-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): ecryptfs-utils-debuginfo-x86-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-debuginfo-61-1.35.1 ecryptfs-utils-debugsource-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 x86_64): ecryptfs-utils-debuginfo-32bit-61-1.35.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): ecryptfs-utils-debuginfo-x86-61-1.35.1 References: https://www.suse.com/security/cve/CVE-2014-9687.html https://www.suse.com/security/cve/CVE-2016-1572.html https://bugzilla.suse.com/920160 https://bugzilla.suse.com/962052