SUSE-RU-2017:2297-1: Recommended update for novnc

sle-updates at sle-updates at
Tue Aug 29 16:08:09 MDT 2017

   SUSE Recommended Update: Recommended update for novnc

Announcement ID:    SUSE-RU-2017:2297-1
Rating:             low
References:         #1052286 
Affected Products:
                    SUSE OpenStack Cloud 7

   An update that has one recommended fix can now be installed.


   This update provides novnc 0.6.2, which brings the following fixes and

   - Fixes a XSS issue in which the remote VNC server could inject arbitrary
     HTML into the noVNC web page via the messages propagated to the status
     field, such as the VNC server name.
   - Removes support for legacy browsers, namely IE9 and below. IE10 may
     receive "best-effort" support. IE 11+, Edge, Firefox 31+, and Chrome 44+
     continue to be supported.

   For a comprehensive list of changes please refer to the Release Notes at

Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2017-1413=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE OpenStack Cloud 7 (aarch64 s390x x86_64):



More information about the sle-updates mailing list