From sle-updates at lists.suse.com Wed Mar 1 07:08:04 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 1 Mar 2017 15:08:04 +0100 (CET) Subject: SUSE-RU-2017:0583-1: moderate: Recommended update for vinagre Message-ID: <20170301140804.A2026FF7F@maintenance.suse.de> SUSE Recommended Update: Recommended update for vinagre ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0583-1 Rating: moderate References: #1002350 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for vinagre fixes certificate validation incompatibilities with FreeRDP 1.2 that could lead to failure to establish RDP connections. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-305=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-305=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): vinagre-3.20.2-10.1 vinagre-debuginfo-3.20.2-10.1 vinagre-debugsource-3.20.2-10.1 - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): vinagre-lang-3.20.2-10.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): vinagre-lang-3.20.2-10.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): vinagre-3.20.2-10.1 vinagre-debuginfo-3.20.2-10.1 vinagre-debugsource-3.20.2-10.1 References: https://bugzilla.suse.com/1002350 From sle-updates at lists.suse.com Wed Mar 1 07:08:29 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 1 Mar 2017 15:08:29 +0100 (CET) Subject: SUSE-RU-2017:0584-1: Recommended update for yast2-bootloader Message-ID: <20170301140829.CFE30FF82@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0584-1 Rating: low References: #1017776 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-bootloader fixes the following issue: - Do not try to write legacy_boot flag for msdos partition table in more disks scenario when there is also GPT disk (bsc#1017776) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-304=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-304=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-304=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): yast2-bootloader-3.1.207-28.6.11 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): yast2-bootloader-3.1.207-28.6.11 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): yast2-bootloader-3.1.207-28.6.11 References: https://bugzilla.suse.com/1017776 From sle-updates at lists.suse.com Wed Mar 1 13:07:51 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 1 Mar 2017 21:07:51 +0100 (CET) Subject: SUSE-SU-2017:0585-1: moderate: Security update for openssl Message-ID: <20170301200751.F29F9FF7F@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0585-1 Rating: moderate References: #1000677 #1001912 #1004499 #1005878 #1019334 #1021641 #984663 Cross-References: CVE-2016-2108 CVE-2016-7056 CVE-2016-8610 Affected Products: SUSE Studio Onsite 1.3 SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has four fixes is now available. Description: This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed: - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) Bugs fixed: - fix crash in openssl speed (bsc#1000677) - don't attempt session resumption if no ticket is present and session ID length is zero (bsc#984663) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-openssl-12999=1 - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openssl-12999=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-openssl-12999=1 - SUSE Manager 2.1: zypper in -t patch sleman21-openssl-12999=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-openssl-12999=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openssl-12999=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-openssl-12999=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-openssl-12999=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssl-12999=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openssl-12999=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): libopenssl-devel-0.9.8j-0.105.1 - SUSE OpenStack Cloud 5 (x86_64): libopenssl-devel-0.9.8j-0.105.1 libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-32bit-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Manager Proxy 2.1 (x86_64): libopenssl-devel-0.9.8j-0.105.1 libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-32bit-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Manager 2.1 (s390x x86_64): libopenssl-devel-0.9.8j-0.105.1 libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-32bit-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libopenssl-devel-0.9.8j-0.105.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libopenssl-devel-32bit-0.9.8j-0.105.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.105.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.105.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libopenssl0_9_8-x86-0.9.8j-0.105.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): libopenssl-devel-0.9.8j-0.105.1 libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libopenssl0_9_8-32bit-0.9.8j-0.105.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.105.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libopenssl-devel-0.9.8j-0.105.1 libopenssl0_9_8-0.9.8j-0.105.1 libopenssl0_9_8-hmac-0.9.8j-0.105.1 openssl-0.9.8j-0.105.1 openssl-doc-0.9.8j-0.105.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssl-debuginfo-0.9.8j-0.105.1 openssl-debugsource-0.9.8j-0.105.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): openssl-debuginfo-0.9.8j-0.105.1 openssl-debugsource-0.9.8j-0.105.1 References: https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-7056.html https://www.suse.com/security/cve/CVE-2016-8610.html https://bugzilla.suse.com/1000677 https://bugzilla.suse.com/1001912 https://bugzilla.suse.com/1004499 https://bugzilla.suse.com/1005878 https://bugzilla.suse.com/1019334 https://bugzilla.suse.com/1021641 https://bugzilla.suse.com/984663 From sle-updates at lists.suse.com Wed Mar 1 13:09:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 1 Mar 2017 21:09:25 +0100 (CET) Subject: SUSE-SU-2017:0586-1: moderate: Security update for ImageMagick Message-ID: <20170301200925.1FBE9FF82@maintenance.suse.de> SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0586-1 Rating: moderate References: #1017308 #1017310 #1017311 #1017312 #1017313 #1017314 #1017318 #1017319 #1017320 #1017321 #1017322 #1017324 #1017326 #1017421 #1020433 #1020435 #1020436 #1020439 #1020441 #1020443 #1020448 Cross-References: CVE-2016-10046 CVE-2016-10048 CVE-2016-10049 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10059 CVE-2016-10060 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10068 CVE-2016-10070 CVE-2016-10071 CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5511 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 21 vulnerabilities is now available. Description: This update for ImageMagick fixes the following issues: - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308) - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310) - CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311) - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312) - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313) - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314). - CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318) - CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319). - CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320). - CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321) - CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322) - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324) - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326) - CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326). - CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433). - CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435). - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443) - CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436). - CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439). - CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441). - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448) This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ImageMagick-12998=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ImageMagick-12998=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ImageMagick-12998=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-7.65.1 ImageMagick-devel-6.4.3.6-7.65.1 libMagick++-devel-6.4.3.6-7.65.1 libMagick++1-6.4.3.6-7.65.1 libMagickWand1-6.4.3.6-7.65.1 perl-PerlMagick-6.4.3.6-7.65.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-7.65.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-7.65.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-7.65.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-debuginfo-6.4.3.6-7.65.1 ImageMagick-debugsource-6.4.3.6-7.65.1 References: https://www.suse.com/security/cve/CVE-2016-10046.html https://www.suse.com/security/cve/CVE-2016-10048.html https://www.suse.com/security/cve/CVE-2016-10049.html https://www.suse.com/security/cve/CVE-2016-10050.html https://www.suse.com/security/cve/CVE-2016-10051.html https://www.suse.com/security/cve/CVE-2016-10052.html https://www.suse.com/security/cve/CVE-2016-10059.html https://www.suse.com/security/cve/CVE-2016-10060.html https://www.suse.com/security/cve/CVE-2016-10063.html https://www.suse.com/security/cve/CVE-2016-10064.html https://www.suse.com/security/cve/CVE-2016-10065.html https://www.suse.com/security/cve/CVE-2016-10068.html https://www.suse.com/security/cve/CVE-2016-10070.html https://www.suse.com/security/cve/CVE-2016-10071.html https://www.suse.com/security/cve/CVE-2016-10144.html https://www.suse.com/security/cve/CVE-2016-10145.html https://www.suse.com/security/cve/CVE-2016-10146.html https://www.suse.com/security/cve/CVE-2017-5506.html https://www.suse.com/security/cve/CVE-2017-5507.html https://www.suse.com/security/cve/CVE-2017-5508.html https://www.suse.com/security/cve/CVE-2017-5511.html https://bugzilla.suse.com/1017308 https://bugzilla.suse.com/1017310 https://bugzilla.suse.com/1017311 https://bugzilla.suse.com/1017312 https://bugzilla.suse.com/1017313 https://bugzilla.suse.com/1017314 https://bugzilla.suse.com/1017318 https://bugzilla.suse.com/1017319 https://bugzilla.suse.com/1017320 https://bugzilla.suse.com/1017321 https://bugzilla.suse.com/1017322 https://bugzilla.suse.com/1017324 https://bugzilla.suse.com/1017326 https://bugzilla.suse.com/1017421 https://bugzilla.suse.com/1020433 https://bugzilla.suse.com/1020435 https://bugzilla.suse.com/1020436 https://bugzilla.suse.com/1020439 https://bugzilla.suse.com/1020441 https://bugzilla.suse.com/1020443 https://bugzilla.suse.com/1020448 From sle-updates at lists.suse.com Thu Mar 2 10:08:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 18:08:58 +0100 (CET) Subject: SUSE-RU-2017:0591-1: Recommended update for gtk2 Message-ID: <20170302170858.B372FFF7F@maintenance.suse.de> SUSE Recommended Update: Recommended update for gtk2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0591-1 Rating: low References: #957400 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for gtk2 improves the tab completion functionality in GtkFileChooser, so it works the same as in gtk3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-309=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-309=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-309=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-309=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): gtk2-debugsource-2.24.24-5.1 typelib-1_0-Gtk-2_0-2.24.24-5.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gtk2-debugsource-2.24.24-5.1 gtk2-devel-2.24.24-5.1 gtk2-devel-debuginfo-2.24.24-5.1 typelib-1_0-Gtk-2_0-2.24.24-5.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gtk2-debugsource-2.24.24-5.1 gtk2-tools-2.24.24-5.1 gtk2-tools-debuginfo-2.24.24-5.1 libgtk-2_0-0-2.24.24-5.1 libgtk-2_0-0-debuginfo-2.24.24-5.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): gtk2-tools-32bit-2.24.24-5.1 gtk2-tools-debuginfo-32bit-2.24.24-5.1 libgtk-2_0-0-32bit-2.24.24-5.1 libgtk-2_0-0-debuginfo-32bit-2.24.24-5.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): gtk2-lang-2.24.24-5.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gtk2-debugsource-2.24.24-5.1 gtk2-tools-2.24.24-5.1 gtk2-tools-32bit-2.24.24-5.1 gtk2-tools-debuginfo-2.24.24-5.1 gtk2-tools-debuginfo-32bit-2.24.24-5.1 libgtk-2_0-0-2.24.24-5.1 libgtk-2_0-0-32bit-2.24.24-5.1 libgtk-2_0-0-debuginfo-2.24.24-5.1 libgtk-2_0-0-debuginfo-32bit-2.24.24-5.1 typelib-1_0-Gtk-2_0-2.24.24-5.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gtk2-lang-2.24.24-5.1 References: https://bugzilla.suse.com/957400 From sle-updates at lists.suse.com Thu Mar 2 10:09:26 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 18:09:26 +0100 (CET) Subject: SUSE-RU-2017:0592-1: moderate: Recommended update for haproxy Message-ID: <20170302170926.E78CDFF82@maintenance.suse.de> SUSE Recommended Update: Recommended update for haproxy ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0592-1 Rating: moderate References: #1023141 Affected Products: SUSE Linux Enterprise High Availability 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides haproxy 1.6.11, which brings several fixes and enhancements: - systemd-wrapper: Return correct exit codes. - srv-state: Properly restore the DRAIN state. - srv-state: Allow to have both CMAINT and FDRAIN flags. - servers: Properly propagate the maintenance states during startup. - vars: Fix 'set-var' converter because of a typo. - channel: Fix bad unlikely macro. - doc/ssl: Use correct wording for ca-sign-pass. - stick-table: Handle out-of-memory condition gracefully. - connection: Check the control layer before stopping polling. - stick-table: Fix regression caused by recent fix for out-of-memory. - cli: Properly decrement ref count on tables during failed dumps. - lua: In some case, the return of sample-fetches is ignored. - cli: Fix pointer size when reporting data/transport layer name. - cli: Dequeue from the proxy when changing a maxconn. - cli: Wake up the CLI's task after a timeout update. - freq-ctr: Make swrate_add() support larger values. - proxy: Return "none" and "unknown" for unknown LB algos. - stream: Fix session abort on resource shortage. - http: Don't send an extra CRLF after a Set-Cookie in a redirect. - variables: Some variable name can hide another ones. - cli: Be sure to always warn the cli applet when input buffer is full. - applet: Count number of (active) applets. - task: Rename run_queue and run_queue_cur counters. - stream: Save unprocessed events for a stream. - Fix how the list of entities waiting for a buffer is handled. - stream-int: Automatically release SI_FL_WAIT_DATA on SHUTW_NOW. - doc/lua: Section declared twice. - doc: Fix small typo in fe_id (backend instead of frontend). - lua: Fix memory leak executing tasks. - ssl: Properly reset the reused_sess during a forced handshake. - ssl: Avoid double free when releasing bind_confs. - backend: nbsrv() should return 0 if backend is disabled. - ssl: For a handshake when server-side SNI changes. - systemd: Prevent potential zombie processes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-308=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): haproxy-1.6.11-10.2 haproxy-debuginfo-1.6.11-10.2 haproxy-debugsource-1.6.11-10.2 References: https://bugzilla.suse.com/1023141 From sle-updates at lists.suse.com Thu Mar 2 13:07:48 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 21:07:48 +0100 (CET) Subject: SUSE-RU-2017:0593-1: Recommended update for gnome-online-accounts Message-ID: <20170302200748.24A5AFFBD@maintenance.suse.de> SUSE Recommended Update: Recommended update for gnome-online-accounts ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0593-1 Rating: low References: #1016000 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides gnome-online-accounts version 3.20.5 which fixes the following issues: - New API key for Google (bsc#1016000) - Updated translations Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-314=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-314=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-314=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-314=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-314=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): gnome-online-accounts-3.20.5-9.6 gnome-online-accounts-debuginfo-3.20.5-9.6 gnome-online-accounts-debugsource-3.20.5-9.6 libgoa-1_0-0-32bit-3.20.5-9.6 libgoa-1_0-0-debuginfo-32bit-3.20.5-9.6 typelib-1_0-Goa-1_0-3.20.5-9.6 - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): gnome-online-accounts-lang-3.20.5-9.6 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): gnome-online-accounts-debuginfo-3.20.5-9.6 gnome-online-accounts-debugsource-3.20.5-9.6 gnome-online-accounts-devel-3.20.5-9.6 typelib-1_0-Goa-1_0-3.20.5-9.6 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): gnome-online-accounts-debuginfo-3.20.5-9.6 gnome-online-accounts-debugsource-3.20.5-9.6 libgoa-1_0-0-3.20.5-9.6 libgoa-1_0-0-debuginfo-3.20.5-9.6 libgoa-backend-1_0-1-3.20.5-9.6 libgoa-backend-1_0-1-debuginfo-3.20.5-9.6 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): gnome-online-accounts-debuginfo-3.20.5-9.6 gnome-online-accounts-debugsource-3.20.5-9.6 libgoa-1_0-0-3.20.5-9.6 libgoa-1_0-0-debuginfo-3.20.5-9.6 libgoa-backend-1_0-1-3.20.5-9.6 libgoa-backend-1_0-1-debuginfo-3.20.5-9.6 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): gnome-online-accounts-3.20.5-9.6 gnome-online-accounts-debuginfo-3.20.5-9.6 gnome-online-accounts-debugsource-3.20.5-9.6 libgoa-1_0-0-3.20.5-9.6 libgoa-1_0-0-32bit-3.20.5-9.6 libgoa-1_0-0-debuginfo-3.20.5-9.6 libgoa-1_0-0-debuginfo-32bit-3.20.5-9.6 libgoa-backend-1_0-1-3.20.5-9.6 libgoa-backend-1_0-1-debuginfo-3.20.5-9.6 typelib-1_0-Goa-1_0-3.20.5-9.6 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): gnome-online-accounts-lang-3.20.5-9.6 References: https://bugzilla.suse.com/1016000 From sle-updates at lists.suse.com Thu Mar 2 13:08:10 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 21:08:10 +0100 (CET) Subject: SUSE-SU-2017:0594-1: moderate: Security update for bind Message-ID: <20170302200810.382F5FFC0@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0594-1 Rating: moderate References: #1024130 Cross-References: CVE-2017-3135 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-310=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-310=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): bind-9.9.9P1-28.29.1 bind-chrootenv-9.9.9P1-28.29.1 bind-debuginfo-9.9.9P1-28.29.1 bind-debugsource-9.9.9P1-28.29.1 bind-libs-32bit-9.9.9P1-28.29.1 bind-libs-9.9.9P1-28.29.1 bind-libs-debuginfo-32bit-9.9.9P1-28.29.1 bind-libs-debuginfo-9.9.9P1-28.29.1 bind-utils-9.9.9P1-28.29.1 bind-utils-debuginfo-9.9.9P1-28.29.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): bind-doc-9.9.9P1-28.29.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): bind-9.9.9P1-28.29.1 bind-chrootenv-9.9.9P1-28.29.1 bind-debuginfo-9.9.9P1-28.29.1 bind-debugsource-9.9.9P1-28.29.1 bind-libs-9.9.9P1-28.29.1 bind-libs-debuginfo-9.9.9P1-28.29.1 bind-utils-9.9.9P1-28.29.1 bind-utils-debuginfo-9.9.9P1-28.29.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): bind-libs-32bit-9.9.9P1-28.29.1 bind-libs-debuginfo-32bit-9.9.9P1-28.29.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): bind-doc-9.9.9P1-28.29.1 References: https://www.suse.com/security/cve/CVE-2017-3135.html https://bugzilla.suse.com/1024130 From sle-updates at lists.suse.com Thu Mar 2 13:08:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 21:08:37 +0100 (CET) Subject: SUSE-SU-2017:0595-1: moderate: Security update for bind Message-ID: <20170302200837.CFACDFFC0@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0595-1 Rating: moderate References: #1024130 Cross-References: CVE-2017-3135 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-bind-13000=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-bind-13000=1 - SUSE Manager 2.1: zypper in -t patch sleman21-bind-13000=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-bind-13000=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-bind-13000=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-bind-13000=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-bind-13000=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-bind-13000=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-bind-13000=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-32bit-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Manager Proxy 2.1 (x86_64): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-32bit-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Manager 2.1 (s390x x86_64): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-32bit-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-devel-9.9.6P1-0.39.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64): bind-devel-32bit-9.9.6P1-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): bind-libs-32bit-9.9.6P1-0.39.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): bind-libs-x86-9.9.6P1-0.39.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): bind-libs-32bit-9.9.6P1-0.39.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): bind-9.9.6P1-0.39.1 bind-chrootenv-9.9.6P1-0.39.1 bind-doc-9.9.6P1-0.39.1 bind-libs-9.9.6P1-0.39.1 bind-utils-9.9.6P1-0.39.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): bind-debuginfo-9.9.6P1-0.39.1 bind-debugsource-9.9.6P1-0.39.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): bind-debuginfo-9.9.6P1-0.39.1 bind-debugsource-9.9.6P1-0.39.1 References: https://www.suse.com/security/cve/CVE-2017-3135.html https://bugzilla.suse.com/1024130 From sle-updates at lists.suse.com Thu Mar 2 13:09:02 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Mar 2017 21:09:02 +0100 (CET) Subject: SUSE-SU-2017:0596-1: moderate: Security update for bind Message-ID: <20170302200902.564E6FFC0@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0596-1 Rating: moderate References: #1024130 Cross-References: CVE-2017-3135 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-312=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-312=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-312=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-312=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-312=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-312=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-312=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-devel-9.9.9P1-56.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-devel-9.9.9P1-56.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): bind-9.9.9P1-56.1 bind-chrootenv-9.9.9P1-56.1 bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-libs-9.9.9P1-56.1 bind-libs-debuginfo-9.9.9P1-56.1 bind-utils-9.9.9P1-56.1 bind-utils-debuginfo-9.9.9P1-56.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): bind-doc-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): bind-9.9.9P1-56.1 bind-chrootenv-9.9.9P1-56.1 bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-libs-9.9.9P1-56.1 bind-libs-debuginfo-9.9.9P1-56.1 bind-utils-9.9.9P1-56.1 bind-utils-debuginfo-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): bind-libs-32bit-9.9.9P1-56.1 bind-libs-debuginfo-32bit-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): bind-doc-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): bind-9.9.9P1-56.1 bind-chrootenv-9.9.9P1-56.1 bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-libs-9.9.9P1-56.1 bind-libs-debuginfo-9.9.9P1-56.1 bind-utils-9.9.9P1-56.1 bind-utils-debuginfo-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): bind-libs-32bit-9.9.9P1-56.1 bind-libs-debuginfo-32bit-9.9.9P1-56.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): bind-doc-9.9.9P1-56.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-libs-32bit-9.9.9P1-56.1 bind-libs-9.9.9P1-56.1 bind-libs-debuginfo-32bit-9.9.9P1-56.1 bind-libs-debuginfo-9.9.9P1-56.1 bind-utils-9.9.9P1-56.1 bind-utils-debuginfo-9.9.9P1-56.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): bind-debuginfo-9.9.9P1-56.1 bind-debugsource-9.9.9P1-56.1 bind-libs-32bit-9.9.9P1-56.1 bind-libs-9.9.9P1-56.1 bind-libs-debuginfo-32bit-9.9.9P1-56.1 bind-libs-debuginfo-9.9.9P1-56.1 bind-utils-9.9.9P1-56.1 bind-utils-debuginfo-9.9.9P1-56.1 References: https://www.suse.com/security/cve/CVE-2017-3135.html https://bugzilla.suse.com/1024130 From sle-updates at lists.suse.com Fri Mar 3 13:07:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:07:44 +0100 (CET) Subject: SUSE-SU-2017:0599-1: moderate: Security update for lynx Message-ID: <20170303200744.CD399FFCF@maintenance.suse.de> SUSE Security Update: Security update for lynx ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0599-1 Rating: moderate References: #1008642 Cross-References: CVE-2016-9179 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for lynx fixes the following issues: - CVE-2016-9179: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host. (bsc#1008642) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-lynx-13003=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-lynx-13003=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): lynx-2.8.6-145.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): lynx-debuginfo-2.8.6-145.1 References: https://www.suse.com/security/cve/CVE-2016-9179.html https://bugzilla.suse.com/1008642 From sle-updates at lists.suse.com Fri Mar 3 13:08:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:08:05 +0100 (CET) Subject: SUSE-RU-2017:0600-1: Recommended update for ecryptfs-utils Message-ID: <20170303200805.F2100FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for ecryptfs-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0600-1 Rating: low References: #1016757 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for ecryptfs-utils fixes the following issue: - Initialize libgcrypt, otherwise warnings are posted to syslog all the time (bsc#1016757) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ecryptfs-utils-13001=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ecryptfs-utils-13001=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-61-1.38.2 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): ecryptfs-utils-32bit-61-1.38.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): ecryptfs-utils-x86-61-1.38.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ecryptfs-utils-debuginfo-61-1.38.2 ecryptfs-utils-debugsource-61-1.38.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): ecryptfs-utils-debuginfo-32bit-61-1.38.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): ecryptfs-utils-debuginfo-x86-61-1.38.2 References: https://bugzilla.suse.com/1016757 From sle-updates at lists.suse.com Fri Mar 3 13:08:29 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:08:29 +0100 (CET) Subject: SUSE-SU-2017:0601-1: moderate: Security update for compat-openssl097g Message-ID: <20170303200829.B164DFFCF@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl097g ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0601-1 Rating: moderate References: #1000677 #1001912 #1004499 #1005878 #1021641 #995075 #998190 Cross-References: CVE-2016-2108 CVE-2016-8610 Affected Products: SUSE Linux Enterprise Server for SAP 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has 5 fixes is now available. Description: This update for compat-openssl097g fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed: - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) Bugs fixed: - fix crash in openssl speed (bsc#1000677) - resume reading from /dev/urandom when interrupted by a signal (bsc#995075) - fix crash in print_notice (bsc#998190) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 11-SP4: zypper in -t patch slesappsp4-compat-openssl097g-13004=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-compat-openssl097g-13004=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 11-SP4 (ppc64 x86_64): compat-openssl097g-0.9.7g-146.22.50.1 compat-openssl097g-32bit-0.9.7g-146.22.50.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): compat-openssl097g-debuginfo-0.9.7g-146.22.50.1 compat-openssl097g-debugsource-0.9.7g-146.22.50.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): compat-openssl097g-debuginfo-32bit-0.9.7g-146.22.50.1 References: https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-8610.html https://bugzilla.suse.com/1000677 https://bugzilla.suse.com/1001912 https://bugzilla.suse.com/1004499 https://bugzilla.suse.com/1005878 https://bugzilla.suse.com/1021641 https://bugzilla.suse.com/995075 https://bugzilla.suse.com/998190 From sle-updates at lists.suse.com Fri Mar 3 13:09:54 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:09:54 +0100 (CET) Subject: SUSE-RU-2017:0602-1: Recommended update for apache2-mod_python Message-ID: <20170303200954.146F5FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for apache2-mod_python ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0602-1 Rating: low References: #1021750 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for apache2-mod_python provides the following fixes: - Do not import site.py for the main interpreter and fix Apache startup and reload failure. (bsc#1021750) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-315=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-315=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-315=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): apache2-mod_python-3.5.0-6.1 apache2-mod_python-debuginfo-3.5.0-6.1 apache2-mod_python-debugsource-3.5.0-6.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): apache2-mod_python-3.5.0-6.1 apache2-mod_python-debuginfo-3.5.0-6.1 apache2-mod_python-debugsource-3.5.0-6.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): apache2-mod_python-3.5.0-6.1 apache2-mod_python-debuginfo-3.5.0-6.1 apache2-mod_python-debugsource-3.5.0-6.1 References: https://bugzilla.suse.com/1021750 From sle-updates at lists.suse.com Fri Mar 3 13:10:26 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:10:26 +0100 (CET) Subject: SUSE-SU-2017:0603-1: moderate: Security update for openssh Message-ID: <20170303201026.06494FFCF@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0603-1 Rating: moderate References: #1005480 #1005893 #1006221 #1016366 #1016369 Cross-References: CVE-2016-10009 CVE-2016-10011 CVE-2016-8858 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480) - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366) - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369) Non security issues fixed: - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893) - fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openssh-13002=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssh-13002=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-6.6p1-35.1 openssh-askpass-gnome-6.6p1-35.4 openssh-fips-6.6p1-35.1 openssh-helpers-6.6p1-35.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-askpass-gnome-debuginfo-6.6p1-35.4 openssh-debuginfo-6.6p1-35.1 openssh-debugsource-6.6p1-35.1 References: https://www.suse.com/security/cve/CVE-2016-10009.html https://www.suse.com/security/cve/CVE-2016-10011.html https://www.suse.com/security/cve/CVE-2016-8858.html https://bugzilla.suse.com/1005480 https://bugzilla.suse.com/1005893 https://bugzilla.suse.com/1006221 https://bugzilla.suse.com/1016366 https://bugzilla.suse.com/1016369 From sle-updates at lists.suse.com Fri Mar 3 13:11:27 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:11:27 +0100 (CET) Subject: SUSE-RU-2017:0604-1: moderate: Recommended update for yast2-country Message-ID: <20170303201127.676B8FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-country ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0604-1 Rating: moderate References: #1009508 #1016004 #1020082 #1022094 #942896 #942899 #960307 #968183 #981008 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. Description: This update for yast2-country fixes the following issues: - If the X11Variant for a given keyboard layout is not specified by systemd, leave it blank instead of enforcing "basic". (bsc#1020082, bsc#1022094) - Read keyboard and console fonts from different files depending on the product. (bsc#1016004) - Correctly fallback to default language if the one returned by zypper is not supported. (bsc#1009508) - Added support for Asturian variant of Spanish keyboard and use it by default for the Asturian language. (bsc#981008) - Use the eurlatg font for all languages with Latin alphabet and simplify mapping between languages and fonts. (bsc#942899, bsc#942896) - Improved macintosh and sun keymaps. (bsc#968183) - Corrected console keyboard mapping for French (Canada) and Ukrainian. (bsc#960307, bsc#942899) - Use xkb converted console keymaps, which provide better systemd support, where applicable. (fate#318426) - Add support to set the timezone as read-only in the product's control file. (fate#321754) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-317=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-317=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-317=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): yast2-country-3.1.35-9.11.1 yast2-country-data-3.1.35-9.11.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): yast2-country-3.1.35-9.11.1 yast2-country-data-3.1.35-9.11.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): yast2-country-3.1.35-9.11.1 yast2-country-data-3.1.35-9.11.1 References: https://bugzilla.suse.com/1009508 https://bugzilla.suse.com/1016004 https://bugzilla.suse.com/1020082 https://bugzilla.suse.com/1022094 https://bugzilla.suse.com/942896 https://bugzilla.suse.com/942899 https://bugzilla.suse.com/960307 https://bugzilla.suse.com/968183 https://bugzilla.suse.com/981008 From sle-updates at lists.suse.com Fri Mar 3 13:13:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Mar 2017 21:13:32 +0100 (CET) Subject: SUSE-SU-2017:0605-1: moderate: Security update for compat-openssl098 Message-ID: <20170303201332.3A93EFFCF@maintenance.suse.de> SUSE Security Update: Security update for compat-openssl098 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0605-1 Rating: moderate References: #1000677 #1001912 #1004499 #1005878 #1019334 #1021641 #984663 Cross-References: CVE-2016-2108 CVE-2016-7056 CVE-2016-8610 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has four fixes is now available. Description: This update for compat-openssl098 fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed: - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) Bugs fixed: - fix crash in openssl speed (bsc#1000677) - don't attempt session resumption if no ticket is present and session ID length is zero (bsc#984663) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2017-319=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-319=1 - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2017-319=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-319=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-319=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): compat-openssl098-debugsource-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-debuginfo-0.9.8j-105.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): compat-openssl098-debugsource-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-debuginfo-0.9.8j-105.1 - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): compat-openssl098-debugsource-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-32bit-0.9.8j-105.1 libopenssl0_9_8-debuginfo-0.9.8j-105.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-105.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): compat-openssl098-debugsource-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-32bit-0.9.8j-105.1 libopenssl0_9_8-debuginfo-0.9.8j-105.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-105.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): compat-openssl098-debugsource-0.9.8j-105.1 libopenssl0_9_8-0.9.8j-105.1 libopenssl0_9_8-32bit-0.9.8j-105.1 libopenssl0_9_8-debuginfo-0.9.8j-105.1 libopenssl0_9_8-debuginfo-32bit-0.9.8j-105.1 References: https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-7056.html https://www.suse.com/security/cve/CVE-2016-8610.html https://bugzilla.suse.com/1000677 https://bugzilla.suse.com/1001912 https://bugzilla.suse.com/1004499 https://bugzilla.suse.com/1005878 https://bugzilla.suse.com/1019334 https://bugzilla.suse.com/1021641 https://bugzilla.suse.com/984663 From sle-updates at lists.suse.com Mon Mar 6 04:08:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 12:08:34 +0100 (CET) Subject: SUSE-SU-2017:0606-1: moderate: Security update for openssh Message-ID: <20170306110834.344F6FFC6@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0606-1 Rating: moderate References: #1005480 #1005893 #1016366 #1016369 Cross-References: CVE-2016-10009 CVE-2016-10011 CVE-2016-8858 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480) - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366) - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369) Non security issues fixed: - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-openssh-13005=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-openssh-13005=1 - SUSE Manager 2.1: zypper in -t patch sleman21-openssh-13005=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-openssh-13005=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-openssh-13005=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openssh-13005=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): openssh-6.2p2-0.40.1 openssh-askpass-6.2p2-0.40.1 openssh-askpass-gnome-6.2p2-0.40.3 - SUSE Manager Proxy 2.1 (x86_64): openssh-6.2p2-0.40.1 openssh-askpass-6.2p2-0.40.1 openssh-askpass-gnome-6.2p2-0.40.3 - SUSE Manager 2.1 (s390x x86_64): openssh-6.2p2-0.40.1 openssh-askpass-6.2p2-0.40.1 openssh-askpass-gnome-6.2p2-0.40.3 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): openssh-6.2p2-0.40.1 openssh-askpass-6.2p2-0.40.1 openssh-askpass-gnome-6.2p2-0.40.3 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): openssh-6.2p2-0.40.1 openssh-askpass-6.2p2-0.40.1 openssh-askpass-gnome-6.2p2-0.40.3 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): openssh-askpass-gnome-debuginfo-6.2p2-0.40.3 openssh-debuginfo-6.2p2-0.40.1 openssh-debugsource-6.2p2-0.40.1 References: https://www.suse.com/security/cve/CVE-2016-10009.html https://www.suse.com/security/cve/CVE-2016-10011.html https://www.suse.com/security/cve/CVE-2016-8858.html https://bugzilla.suse.com/1005480 https://bugzilla.suse.com/1005893 https://bugzilla.suse.com/1016366 https://bugzilla.suse.com/1016369 From sle-updates at lists.suse.com Mon Mar 6 07:07:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 15:07:44 +0100 (CET) Subject: SUSE-SU-2017:0607-1: moderate: Security update for openssh Message-ID: <20170306140744.B2C7CFFC0@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0607-1 Rating: moderate References: #1005480 #1005893 #1006221 #1016366 #1016369 Cross-References: CVE-2016-10009 CVE-2016-10011 CVE-2016-8858 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480) - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366) - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369) - Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221) - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-325=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): openssh-6.6p1-54.7.1 openssh-askpass-gnome-6.6p1-54.7.1 openssh-askpass-gnome-debuginfo-6.6p1-54.7.1 openssh-debuginfo-6.6p1-54.7.1 openssh-debugsource-6.6p1-54.7.1 openssh-fips-6.6p1-54.7.1 openssh-helpers-6.6p1-54.7.1 openssh-helpers-debuginfo-6.6p1-54.7.1 References: https://www.suse.com/security/cve/CVE-2016-10009.html https://www.suse.com/security/cve/CVE-2016-10011.html https://www.suse.com/security/cve/CVE-2016-8858.html https://bugzilla.suse.com/1005480 https://bugzilla.suse.com/1005893 https://bugzilla.suse.com/1006221 https://bugzilla.suse.com/1016366 https://bugzilla.suse.com/1016369 From sle-updates at lists.suse.com Mon Mar 6 10:08:14 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 18:08:14 +0100 (CET) Subject: SUSE-RU-2017:0608-1: Recommended update for openstack-neutron and -nova Message-ID: <20170306170814.6D819FFD8@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-neutron and -nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0608-1 Rating: low References: #1005120 #990448 #990664 #991985 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for openstack-neutron and -nova fixes the following issues: - Update to latest code from OpenStack Liberty. - neutron, nova: Improve systemd integration. (bsc#991985) - neutron-ha-tool: Allows migration of DVR routers via evacuate. (bsc#1005120) - nova: Add migrate_uri for invoking the migration. (bsc#990664) - nova: Fix sed bug so that nova-compute has Should-Start: on libvirtd. (bsc#990448) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-328=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (noarch): openstack-neutron-7.1.3~a0~dev23-14.1 openstack-neutron-dhcp-agent-7.1.3~a0~dev23-14.1 openstack-neutron-doc-7.1.3~a0~dev23-14.1 openstack-neutron-ha-tool-7.1.3~a0~dev23-14.1 openstack-neutron-l3-agent-7.1.3~a0~dev23-14.1 openstack-neutron-linuxbridge-agent-7.1.3~a0~dev23-14.1 openstack-neutron-metadata-agent-7.1.3~a0~dev23-14.1 openstack-neutron-metering-agent-7.1.3~a0~dev23-14.1 openstack-neutron-mlnx-agent-7.1.3~a0~dev23-14.1 openstack-neutron-nvsd-agent-7.1.3~a0~dev23-14.1 openstack-neutron-openvswitch-agent-7.1.3~a0~dev23-14.1 openstack-neutron-restproxy-agent-7.1.3~a0~dev23-14.1 openstack-neutron-server-7.1.3~a0~dev23-14.1 openstack-nova-12.0.6~a0~dev2-11.1 openstack-nova-api-12.0.6~a0~dev2-11.1 openstack-nova-cells-12.0.6~a0~dev2-11.1 openstack-nova-cert-12.0.6~a0~dev2-11.1 openstack-nova-compute-12.0.6~a0~dev2-11.1 openstack-nova-conductor-12.0.6~a0~dev2-11.1 openstack-nova-console-12.0.6~a0~dev2-11.1 openstack-nova-consoleauth-12.0.6~a0~dev2-11.1 openstack-nova-doc-12.0.6~a0~dev2-11.1 openstack-nova-novncproxy-12.0.6~a0~dev2-11.1 openstack-nova-objectstore-12.0.6~a0~dev2-11.1 openstack-nova-scheduler-12.0.6~a0~dev2-11.1 openstack-nova-serialproxy-12.0.6~a0~dev2-11.1 openstack-nova-vncproxy-12.0.6~a0~dev2-11.1 python-neutron-7.1.3~a0~dev23-14.1 python-nova-12.0.6~a0~dev2-11.1 References: https://bugzilla.suse.com/1005120 https://bugzilla.suse.com/990448 https://bugzilla.suse.com/990664 https://bugzilla.suse.com/991985 From sle-updates at lists.suse.com Mon Mar 6 10:09:23 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 18:09:23 +0100 (CET) Subject: SUSE-RU-2017:0609-1: Recommended update for several openstack-components Message-ID: <20170306170923.3845FFFD8@maintenance.suse.de> SUSE Recommended Update: Recommended update for several openstack-components ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0609-1 Rating: low References: #1010466 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openstack-cinder, -glance, -neutron-lbaas and -swift provides the latest version from OpenStack Liberty. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-327=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (noarch): openstack-cinder-7.0.3~a0~dev11-13.1 openstack-cinder-api-7.0.3~a0~dev11-13.1 openstack-cinder-backup-7.0.3~a0~dev11-13.1 openstack-cinder-doc-7.0.3~a0~dev11-13.1 openstack-cinder-scheduler-7.0.3~a0~dev11-13.1 openstack-cinder-volume-7.0.3~a0~dev11-13.1 openstack-glance-11.0.2~a0~dev19-13.1 openstack-glance-doc-11.0.2~a0~dev19-13.1 openstack-neutron-lbaas-7.1.3~a0~dev2-12.1 openstack-neutron-lbaas-agent-7.1.3~a0~dev2-12.1 openstack-neutron-lbaas-doc-7.1.3~a0~dev2-12.1 openstack-swift-2.2.2-9.1 openstack-swift-account-2.2.2-9.1 openstack-swift-container-2.2.2-9.1 openstack-swift-doc-2.2.2-9.1 openstack-swift-object-2.2.2-9.1 openstack-swift-proxy-2.2.2-9.1 python-cinder-7.0.3~a0~dev11-13.1 python-glance-11.0.2~a0~dev19-13.1 python-neutron-lbaas-7.1.3~a0~dev2-12.1 python-swift-2.2.2-9.1 References: https://bugzilla.suse.com/1010466 From sle-updates at lists.suse.com Mon Mar 6 10:09:48 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 18:09:48 +0100 (CET) Subject: SUSE-SU-2017:0610-1: moderate: Security update for libquicktime Message-ID: <20170306170948.152A2FFD8@maintenance.suse.de> SUSE Security Update: Security update for libquicktime ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0610-1 Rating: moderate References: #1022805 Cross-References: CVE-2016-2399 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libquicktime fixes the following issues: - A crafted MP4 file could have caused libquicktime to crash or lead to undefined behaviour (bsc#1022805, CVE-2016-2399) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-326=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-326=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-326=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-326=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-326=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-326=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-326=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime-devel-1.2.4-10.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime-devel-1.2.4-10.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libquicktime-debugsource-1.2.4-10.1 libquicktime0-1.2.4-10.1 libquicktime0-debuginfo-1.2.4-10.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime0-1.2.4-10.1 libquicktime0-debuginfo-1.2.4-10.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime0-1.2.4-10.1 libquicktime0-debuginfo-1.2.4-10.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime0-1.2.4-10.1 libquicktime0-debuginfo-1.2.4-10.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libquicktime-debugsource-1.2.4-10.1 libquicktime0-1.2.4-10.1 libquicktime0-debuginfo-1.2.4-10.1 References: https://www.suse.com/security/cve/CVE-2016-2399.html https://bugzilla.suse.com/1022805 From sle-updates at lists.suse.com Mon Mar 6 13:07:29 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 21:07:29 +0100 (CET) Subject: SUSE-RU-2017:0611-1: Recommended update for ses-upgrade-helper Message-ID: <20170306200729.AB9D51001A@maintenance.suse.de> SUSE Recommended Update: Recommended update for ses-upgrade-helper ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0611-1 Rating: low References: #1012460 #1016561 Affected Products: SUSE Enterprise Storage 3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ses-upgrade-helper fixes the following issues: - Multiple documentation fixes (bsc#1016561). - Improved prompt output and allow incomplete answers (bsc#1012460). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 3: zypper in -t patch SUSE-Storage-3-2017-329=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 3 (noarch): ses-upgrade-helper-0.6+git.1482434903.71e1338-16.1 References: https://bugzilla.suse.com/1012460 https://bugzilla.suse.com/1016561 From sle-updates at lists.suse.com Mon Mar 6 13:08:02 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Mar 2017 21:08:02 +0100 (CET) Subject: SUSE-RU-2017:0612-1: Recommended update for ses-upgrade-helper Message-ID: <20170306200802.1701E1001A@maintenance.suse.de> SUSE Recommended Update: Recommended update for ses-upgrade-helper ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0612-1 Rating: low References: #1012460 #1016561 Affected Products: SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ses-upgrade-helper fixes the following issues: - Multiple documentation fixes (bsc#1016561). - Improved prompt output and allow incomplete answers (bsc#1012460). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-330=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 4 (noarch): ses-upgrade-helper-0.6+git.1482434903.71e1338-8.1 References: https://bugzilla.suse.com/1012460 https://bugzilla.suse.com/1016561 From sle-updates at lists.suse.com Mon Mar 6 19:07:57 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 03:07:57 +0100 (CET) Subject: SUSE-RU-2017:0617-1: moderate: Recommended update for powerpc-utils Message-ID: <20170307020757.AD3FDFFD8@maintenance.suse.de> SUSE Recommended Update: Recommended update for powerpc-utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0617-1 Rating: moderate References: #1012525 #957445 #994925 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides powerpc-utils version 1.3.2, which brings several fixes and enhancements. - Correct drmgr's LMB counting when discovering LMBs. This fixes dynamic addition of memory. (bsc#957445) - Fix segmentation fault when parsing /proc/interrupts. (bsc#994925) - Ignore whitespace at beginning of /proc/interrupts SPU line. - Adjust libvirt dependency service name. - If ofpathname is not supported on a platform, exit with 0. This will pevent grub2-install fail on PowerNV platform For a comprehensive list of changes please refer to the ChangeLog document included within the package's documentation. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-powerpc-utils-13007=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-powerpc-utils-13007=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (ppc64): powerpc-utils-1.3.2-9.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): powerpc-utils-debuginfo-1.3.2-9.1 powerpc-utils-debugsource-1.3.2-9.1 References: https://bugzilla.suse.com/1012525 https://bugzilla.suse.com/957445 https://bugzilla.suse.com/994925 From sle-updates at lists.suse.com Tue Mar 7 10:08:28 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 18:08:28 +0100 (CET) Subject: SUSE-SU-2017:0622-1: moderate: Security update for tigervnc Message-ID: <20170307170828.496EE1000F@maintenance.suse.de> SUSE Security Update: Security update for tigervnc ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0622-1 Rating: moderate References: #1019274 #1023012 Cross-References: CVE-2016-10207 CVE-2016-9941 CVE-2016-9942 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tigervnc provides the following fixes: - Prevent malicious server from crashing a server via a buffer overflow, a similar flaw as the LibVNCServer issues CVE-2016-9941 and CVE-2016-9942. (bsc#1019274) - CVE-2016-10207: Prevent potential crash due to insufficient clean-up after failure to establish TLS connection. (bsc#1023012) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-335=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-335=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-335=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libXvnc1-1.6.0-16.4 libXvnc1-debuginfo-1.6.0-16.4 tigervnc-1.6.0-16.4 tigervnc-debuginfo-1.6.0-16.4 tigervnc-debugsource-1.6.0-16.4 xorg-x11-Xvnc-1.6.0-16.4 xorg-x11-Xvnc-debuginfo-1.6.0-16.4 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libXvnc1-1.6.0-16.4 libXvnc1-debuginfo-1.6.0-16.4 tigervnc-1.6.0-16.4 tigervnc-debuginfo-1.6.0-16.4 tigervnc-debugsource-1.6.0-16.4 xorg-x11-Xvnc-1.6.0-16.4 xorg-x11-Xvnc-debuginfo-1.6.0-16.4 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libXvnc1-1.6.0-16.4 libXvnc1-debuginfo-1.6.0-16.4 tigervnc-1.6.0-16.4 tigervnc-debuginfo-1.6.0-16.4 tigervnc-debugsource-1.6.0-16.4 xorg-x11-Xvnc-1.6.0-16.4 xorg-x11-Xvnc-debuginfo-1.6.0-16.4 References: https://www.suse.com/security/cve/CVE-2016-10207.html https://www.suse.com/security/cve/CVE-2016-9941.html https://www.suse.com/security/cve/CVE-2016-9942.html https://bugzilla.suse.com/1019274 https://bugzilla.suse.com/1023012 From sle-updates at lists.suse.com Tue Mar 7 10:09:11 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 18:09:11 +0100 (CET) Subject: SUSE-RU-2017:0623-1: Recommended update for boost Message-ID: <20170307170911.0BABB1000F@maintenance.suse.de> SUSE Recommended Update: Recommended update for boost ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0623-1 Rating: low References: #1017048 #1019896 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 SUSE Enterprise Storage 3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for boost provides the following fixes: - Enable build of 32bit version of libboost_locale1_54_0. (bsc#1017048) - Ship ppc64le and s390x versions of libboost_random1_54_0. (bsc#1019896) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-332=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-332=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-332=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-332=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-332=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-332=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-332=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-332=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-332=1 - SUSE Enterprise Storage 3: zypper in -t patch SUSE-Storage-3-2017-332=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libboost_filesystem1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libboost_filesystem1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): boost-devel-1.54.0-25.1 libboost_chrono1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-1.54.0-25.1 libboost_graph1_54_0-1.54.0-25.1 libboost_graph_parallel1_54_0-1.54.0-25.1 libboost_locale1_54_0-1.54.0-25.1 libboost_log1_54_0-1.54.0-25.1 libboost_math1_54_0-1.54.0-25.1 libboost_mpi1_54_0-1.54.0-25.1 libboost_python1_54_0-1.54.0-25.1 libboost_random1_54_0-1.54.0-25.1 libboost_serialization1_54_0-1.54.0-25.1 libboost_test1_54_0-1.54.0-25.1 libboost_timer1_54_0-1.54.0-25.1 libboost_wave1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): libboost_chrono1_54_0-debuginfo-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 libboost_graph1_54_0-debuginfo-1.54.0-25.1 libboost_graph_parallel1_54_0-debuginfo-1.54.0-25.1 libboost_locale1_54_0-debuginfo-1.54.0-25.1 libboost_log1_54_0-debuginfo-1.54.0-25.1 libboost_math1_54_0-debuginfo-1.54.0-25.1 libboost_mpi1_54_0-debuginfo-1.54.0-25.1 libboost_python1_54_0-debuginfo-1.54.0-25.1 libboost_random1_54_0-debuginfo-1.54.0-25.1 libboost_serialization1_54_0-debuginfo-1.54.0-25.1 libboost_test1_54_0-debuginfo-1.54.0-25.1 libboost_timer1_54_0-debuginfo-1.54.0-25.1 libboost_wave1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le x86_64): libboost_context1_54_0-1.54.0-25.1 libboost_context1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): boost-devel-1.54.0-25.1 libboost_atomic1_54_0-1.54.0-25.1 libboost_atomic1_54_0-debuginfo-1.54.0-25.1 libboost_chrono1_54_0-1.54.0-25.1 libboost_chrono1_54_0-debuginfo-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_date_time1_54_0-debuginfo-1.54.0-25.1 libboost_filesystem1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 libboost_graph1_54_0-1.54.0-25.1 libboost_graph1_54_0-debuginfo-1.54.0-25.1 libboost_graph_parallel1_54_0-1.54.0-25.1 libboost_graph_parallel1_54_0-debuginfo-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-debuginfo-1.54.0-25.1 libboost_locale1_54_0-1.54.0-25.1 libboost_locale1_54_0-debuginfo-1.54.0-25.1 libboost_log1_54_0-1.54.0-25.1 libboost_log1_54_0-debuginfo-1.54.0-25.1 libboost_math1_54_0-1.54.0-25.1 libboost_math1_54_0-debuginfo-1.54.0-25.1 libboost_mpi1_54_0-1.54.0-25.1 libboost_mpi1_54_0-debuginfo-1.54.0-25.1 libboost_python1_54_0-1.54.0-25.1 libboost_python1_54_0-debuginfo-1.54.0-25.1 libboost_random1_54_0-1.54.0-25.1 libboost_random1_54_0-debuginfo-1.54.0-25.1 libboost_serialization1_54_0-1.54.0-25.1 libboost_serialization1_54_0-debuginfo-1.54.0-25.1 libboost_test1_54_0-1.54.0-25.1 libboost_test1_54_0-debuginfo-1.54.0-25.1 libboost_timer1_54_0-1.54.0-25.1 libboost_timer1_54_0-debuginfo-1.54.0-25.1 libboost_wave1_54_0-1.54.0-25.1 libboost_wave1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le x86_64): libboost_context1_54_0-1.54.0-25.1 libboost_context1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libboost_atomic1_54_0-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_program_options1_54_0-1.54.0-25.1 libboost_random1_54_0-1.54.0-25.1 libboost_regex1_54_0-1.54.0-25.1 libboost_signals1_54_0-1.54.0-25.1 libboost_system1_54_0-1.54.0-25.1 libboost_thread1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): boost-license1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libboost_atomic1_54_0-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_program_options1_54_0-1.54.0-25.1 libboost_random1_54_0-1.54.0-25.1 libboost_regex1_54_0-1.54.0-25.1 libboost_signals1_54_0-1.54.0-25.1 libboost_system1_54_0-1.54.0-25.1 libboost_thread1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): libboost_atomic1_54_0-debuginfo-1.54.0-25.1 libboost_date_time1_54_0-debuginfo-1.54.0-25.1 libboost_iostreams1_54_0-debuginfo-1.54.0-25.1 libboost_program_options1_54_0-debuginfo-1.54.0-25.1 libboost_random1_54_0-debuginfo-1.54.0-25.1 libboost_regex1_54_0-debuginfo-1.54.0-25.1 libboost_signals1_54_0-debuginfo-1.54.0-25.1 libboost_system1_54_0-debuginfo-1.54.0-25.1 libboost_thread1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): boost-license1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libboost_atomic1_54_0-1.54.0-25.1 libboost_atomic1_54_0-debuginfo-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_date_time1_54_0-debuginfo-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-debuginfo-1.54.0-25.1 libboost_program_options1_54_0-1.54.0-25.1 libboost_program_options1_54_0-debuginfo-1.54.0-25.1 libboost_regex1_54_0-1.54.0-25.1 libboost_regex1_54_0-debuginfo-1.54.0-25.1 libboost_signals1_54_0-1.54.0-25.1 libboost_signals1_54_0-debuginfo-1.54.0-25.1 libboost_system1_54_0-1.54.0-25.1 libboost_system1_54_0-debuginfo-1.54.0-25.1 libboost_thread1_54_0-1.54.0-25.1 libboost_thread1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): boost-license1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libboost_atomic1_54_0-1.54.0-25.1 libboost_atomic1_54_0-debuginfo-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_date_time1_54_0-debuginfo-1.54.0-25.1 libboost_filesystem1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-debuginfo-1.54.0-25.1 libboost_program_options1_54_0-1.54.0-25.1 libboost_program_options1_54_0-debuginfo-1.54.0-25.1 libboost_random1_54_0-1.54.0-25.1 libboost_random1_54_0-debuginfo-1.54.0-25.1 libboost_regex1_54_0-1.54.0-25.1 libboost_regex1_54_0-debuginfo-1.54.0-25.1 libboost_signals1_54_0-1.54.0-25.1 libboost_signals1_54_0-debuginfo-1.54.0-25.1 libboost_system1_54_0-1.54.0-25.1 libboost_system1_54_0-debuginfo-1.54.0-25.1 libboost_thread1_54_0-1.54.0-25.1 libboost_thread1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): boost-license1_54_0-1.54.0-25.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libboost_atomic1_54_0-1.54.0-25.1 libboost_atomic1_54_0-debuginfo-1.54.0-25.1 libboost_date_time1_54_0-1.54.0-25.1 libboost_date_time1_54_0-debuginfo-1.54.0-25.1 libboost_filesystem1_54_0-1.54.0-25.1 libboost_filesystem1_54_0-debuginfo-1.54.0-25.1 libboost_iostreams1_54_0-1.54.0-25.1 libboost_iostreams1_54_0-debuginfo-1.54.0-25.1 libboost_program_options1_54_0-1.54.0-25.1 libboost_program_options1_54_0-debuginfo-1.54.0-25.1 libboost_regex1_54_0-1.54.0-25.1 libboost_regex1_54_0-debuginfo-1.54.0-25.1 libboost_signals1_54_0-1.54.0-25.1 libboost_signals1_54_0-debuginfo-1.54.0-25.1 libboost_system1_54_0-1.54.0-25.1 libboost_system1_54_0-debuginfo-1.54.0-25.1 libboost_thread1_54_0-1.54.0-25.1 libboost_thread1_54_0-debuginfo-1.54.0-25.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): boost-license1_54_0-1.54.0-25.1 - SUSE Enterprise Storage 3 (aarch64 x86_64): libboost_random1_54_0-1.54.0-25.1 - SUSE Enterprise Storage 3 (x86_64): libboost_random1_54_0-debuginfo-1.54.0-25.1 References: https://bugzilla.suse.com/1017048 https://bugzilla.suse.com/1019896 From sle-updates at lists.suse.com Tue Mar 7 10:09:48 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 18:09:48 +0100 (CET) Subject: SUSE-SU-2017:0624-1: moderate: Security update for libquicktime Message-ID: <20170307170948.D7C841000F@maintenance.suse.de> SUSE Security Update: Security update for libquicktime ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0624-1 Rating: moderate References: #1022805 Cross-References: CVE-2016-2399 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libquicktime fixes the following issues: - A crafted MP4 file could have caused libquicktime to crash or lead to undefined behaviour (bsc#1022805, CVE-2016-2399) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libquicktime-13008=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libquicktime-13008=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libquicktime-1.0.3-5.2 libquicktime-devel-1.0.3-5.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libquicktime-debuginfo-1.0.3-5.2 libquicktime-debugsource-1.0.3-5.2 References: https://www.suse.com/security/cve/CVE-2016-2399.html https://bugzilla.suse.com/1022805 From sle-updates at lists.suse.com Tue Mar 7 10:10:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 18:10:15 +0100 (CET) Subject: SUSE-SU-2017:0625-1: important: Security update for qemu Message-ID: <20170307171015.8456D1000F@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0625-1 Rating: important References: #1014702 #1015169 #1016779 #1017081 #1017084 #1020491 #1020589 #1020928 #1021129 #1021195 #1021481 #1022541 #1023004 #1023053 #1023073 #1023907 #1024972 #1026583 #977027 Cross-References: CVE-2016-10028 CVE-2016-10029 CVE-2016-10155 CVE-2016-9921 CVE-2016-9922 CVE-2017-2615 CVE-2017-2620 CVE-2017-5525 CVE-2017-5526 CVE-2017-5552 CVE-2017-5578 CVE-2017-5667 CVE-2017-5856 CVE-2017-5857 CVE-2017-5898 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves 15 vulnerabilities and has four fixes is now available. Description: This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS (bsc#1023907). - CVE-2017-5857: The Virtio GPU Device emulator support was vulnerable to a host memory leakage issue allowing a guest user to leak host memory resulting in DoS (bsc#1023073). - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024972) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1023053) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2016-10029: The Virtio GPU Device emulator support was vulnerable to an OOB read issue allowing a guest user to crash the Qemu process instance resulting in Dos (bsc#1017081). - CVE-2016-10028: The Virtio GPU Device emulator support was vulnerable to an out of bounds memory access issue allowing a guest user to crash the Qemu process instance on a host, resulting in DoS (bsc#1017084). - CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021129) - CVE-2017-5552: The Virtio GPU Device emulator support was vulnerable to a memory leakage issue allowing a guest user to leak host memory resulting in DoS (bsc#1021195). - CVE-2017-5578: The Virtio GPU Device emulator support was vulnerable to a memory leakage issue allowing a guest user to leak host memory resulting in DoS (bsc#1021481). - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1020589). - CVE-2017-5525: The ac97 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1020491). - CVE-2017-5667: The SDHCI device emulation support was vulnerable to an OOB heap access issue allowing a privileged user inside the guest to crash the Qemu process resulting in DoS or potentially execute arbitrary code with privileges of the Qemu process on the host (bsc#1022541). - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow allowing a privileged user inside the guest to crash the Qemu process resulting in DoS (bnc#1023907) These non-security issues were fixed: - Fix name of s390x specific sysctl configuration file to end with .conf (bsc#1026583) - XHCI fixes (bsc#977027) - Fixed rare race during s390x guest reboot - Fixed various inaccuracies in cirrus vga device emulation - Fixed cause of infrequent migration failures from bad virtio device state (bsc#1020928) - Fixed graphical update errors introduced by previous security fix (bsc#1016779) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-336=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-336=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-336=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): qemu-2.6.2-41.9.1 qemu-arm-2.6.2-41.9.1 qemu-arm-debuginfo-2.6.2-41.9.1 qemu-block-curl-2.6.2-41.9.1 qemu-block-curl-debuginfo-2.6.2-41.9.1 qemu-block-rbd-2.6.2-41.9.1 qemu-block-rbd-debuginfo-2.6.2-41.9.1 qemu-block-ssh-2.6.2-41.9.1 qemu-block-ssh-debuginfo-2.6.2-41.9.1 qemu-debugsource-2.6.2-41.9.1 qemu-guest-agent-2.6.2-41.9.1 qemu-guest-agent-debuginfo-2.6.2-41.9.1 qemu-lang-2.6.2-41.9.1 qemu-tools-2.6.2-41.9.1 qemu-tools-debuginfo-2.6.2-41.9.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): qemu-ipxe-1.0.0-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): qemu-2.6.2-41.9.1 qemu-block-curl-2.6.2-41.9.1 qemu-block-curl-debuginfo-2.6.2-41.9.1 qemu-block-ssh-2.6.2-41.9.1 qemu-block-ssh-debuginfo-2.6.2-41.9.1 qemu-debugsource-2.6.2-41.9.1 qemu-guest-agent-2.6.2-41.9.1 qemu-guest-agent-debuginfo-2.6.2-41.9.1 qemu-lang-2.6.2-41.9.1 qemu-tools-2.6.2-41.9.1 qemu-tools-debuginfo-2.6.2-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 x86_64): qemu-block-rbd-2.6.2-41.9.1 qemu-block-rbd-debuginfo-2.6.2-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le): qemu-ppc-2.6.2-41.9.1 qemu-ppc-debuginfo-2.6.2-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64): qemu-arm-2.6.2-41.9.1 qemu-arm-debuginfo-2.6.2-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): qemu-kvm-2.6.2-41.9.1 qemu-x86-2.6.2-41.9.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): qemu-ipxe-1.0.0-41.9.1 qemu-seabios-1.9.1-41.9.1 qemu-sgabios-8-41.9.1 qemu-vgabios-1.9.1-41.9.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): qemu-2.6.2-41.9.1 qemu-block-curl-2.6.2-41.9.1 qemu-block-curl-debuginfo-2.6.2-41.9.1 qemu-debugsource-2.6.2-41.9.1 qemu-kvm-2.6.2-41.9.1 qemu-tools-2.6.2-41.9.1 qemu-tools-debuginfo-2.6.2-41.9.1 qemu-x86-2.6.2-41.9.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): qemu-ipxe-1.0.0-41.9.1 qemu-seabios-1.9.1-41.9.1 qemu-sgabios-8-41.9.1 qemu-vgabios-1.9.1-41.9.1 References: https://www.suse.com/security/cve/CVE-2016-10028.html https://www.suse.com/security/cve/CVE-2016-10029.html https://www.suse.com/security/cve/CVE-2016-10155.html https://www.suse.com/security/cve/CVE-2016-9921.html https://www.suse.com/security/cve/CVE-2016-9922.html https://www.suse.com/security/cve/CVE-2017-2615.html https://www.suse.com/security/cve/CVE-2017-2620.html https://www.suse.com/security/cve/CVE-2017-5525.html https://www.suse.com/security/cve/CVE-2017-5526.html https://www.suse.com/security/cve/CVE-2017-5552.html https://www.suse.com/security/cve/CVE-2017-5578.html https://www.suse.com/security/cve/CVE-2017-5667.html https://www.suse.com/security/cve/CVE-2017-5856.html https://www.suse.com/security/cve/CVE-2017-5857.html https://www.suse.com/security/cve/CVE-2017-5898.html https://bugzilla.suse.com/1014702 https://bugzilla.suse.com/1015169 https://bugzilla.suse.com/1016779 https://bugzilla.suse.com/1017081 https://bugzilla.suse.com/1017084 https://bugzilla.suse.com/1020491 https://bugzilla.suse.com/1020589 https://bugzilla.suse.com/1020928 https://bugzilla.suse.com/1021129 https://bugzilla.suse.com/1021195 https://bugzilla.suse.com/1021481 https://bugzilla.suse.com/1022541 https://bugzilla.suse.com/1023004 https://bugzilla.suse.com/1023053 https://bugzilla.suse.com/1023073 https://bugzilla.suse.com/1023907 https://bugzilla.suse.com/1024972 https://bugzilla.suse.com/1026583 https://bugzilla.suse.com/977027 From sle-updates at lists.suse.com Tue Mar 7 10:13:35 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Mar 2017 18:13:35 +0100 (CET) Subject: SUSE-RU-2017:0626-1: Recommended update for coreutils Message-ID: <20170307171335.37209FEDD@maintenance.suse.de> SUSE Recommended Update: Recommended update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0626-1 Rating: low References: #1024551 #954222 #994678 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for coreutils provides the following fixes: - Fix hanging df when remote mounts are inaccessible. (bsc#954222) - Fix erroneous warnings with chmod(1) -R --changes. (bsc#994678) - Allow install(1) options -D and -t to be used together. (bsc#1024551) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-333=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-333=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): coreutils-8.22-11.7.1 coreutils-debuginfo-8.22-11.7.1 coreutils-debugsource-8.22-11.7.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): coreutils-lang-8.22-11.7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): coreutils-8.22-11.7.1 coreutils-debuginfo-8.22-11.7.1 coreutils-debugsource-8.22-11.7.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): coreutils-lang-8.22-11.7.1 References: https://bugzilla.suse.com/1024551 https://bugzilla.suse.com/954222 https://bugzilla.suse.com/994678 From sle-updates at lists.suse.com Tue Mar 7 16:07:38 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 00:07:38 +0100 (CET) Subject: SUSE-RU-2017:0627-1: Recommended update for sssd Message-ID: <20170307230738.5CE0C1000F@maintenance.suse.de> SUSE Recommended Update: Recommended update for sssd ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0627-1 Rating: low References: #1009710 #1010064 #1012440 #992599 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for sssd provides fixes and enhancements: - Introduce new configuration option "ignore_group_members" that can be used to disable retrieval of group members from LDAP servers when issuing group lookups. (fate#320926) - In addition to sudoRunAsUser and sudoRunAsGroup, fetch also sudoRunAs attribute from LDAP to be compatible with older versions of sudo. (bsc#1009710) - Fix a rare segmentation fault in the PAM responder code. (bsc#992599) - Fix a rare segmentation fault in ldb_msg_sanity_check(). (bsc#1010064) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-sssd-13009=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-sssd-13009=1 - SUSE Manager 2.1: zypper in -t patch sleman21-sssd-13009=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sssd-13009=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sssd-13009=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-sssd-13009=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-sssd-13009=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sssd-13009=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-sssd-13009=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-32bit-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Manager Proxy 2.1 (x86_64): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-32bit-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Manager 2.1 (s390x x86_64): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-32bit-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsss_idmap-devel-1.9.4-0.33.1 libsss_sudo-devel-1.9.4-0.33.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): sssd-32bit-1.9.4-0.33.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): sssd-32bit-1.9.4-0.33.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libsss_idmap0-1.9.4-0.33.1 python-sssd-config-1.9.4-0.33.1 sssd-1.9.4-0.33.1 sssd-tools-1.9.4-0.33.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sssd-debuginfo-1.9.4-0.33.1 sssd-debugsource-1.9.4-0.33.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): sssd-debuginfo-32bit-1.9.4-0.33.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): sssd-debuginfo-1.9.4-0.33.1 sssd-debugsource-1.9.4-0.33.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): sssd-debuginfo-32bit-1.9.4-0.33.1 References: https://bugzilla.suse.com/1009710 https://bugzilla.suse.com/1010064 https://bugzilla.suse.com/1012440 https://bugzilla.suse.com/992599 From sle-updates at lists.suse.com Wed Mar 8 07:37:01 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:37:01 +0100 (CET) Subject: SUSE-RU-2017:0629-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20170308143701.5ACC010010@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0629-1 Rating: moderate References: #1013938 #1015136 #1019360 Affected Products: SUSE Manager Tools 12 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update fixes the following issues: spacecmd: - Removed obsolete code. (bsc#1013938) spacewalk-backend: - Add incomplete_package_import option to speed reposync up. spacewalk-client-tools: - Traditional registration: Resolve /etc/hostname if not FQDN. (bsc#1019360) spacewalk-koan: - Updated registry hostname for mgr subdomain. spacewalksd: - Use spacewalk-update-status only on registered systems. (bsc#1015136) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2017-346=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64): spacewalksd-5.0.19.2-20.1 spacewalksd-debuginfo-5.0.19.2-20.1 spacewalksd-debugsource-5.0.19.2-20.1 - SUSE Manager Tools 12 (noarch): spacecmd-2.5.5.4-31.1 spacewalk-backend-libs-2.5.24.8-46.1 spacewalk-check-2.5.13.7-45.1 spacewalk-client-setup-2.5.13.7-45.1 spacewalk-client-tools-2.5.13.7-45.1 spacewalk-koan-2.5.0.3-20.1 References: https://bugzilla.suse.com/1013938 https://bugzilla.suse.com/1015136 https://bugzilla.suse.com/1019360 From sle-updates at lists.suse.com Wed Mar 8 07:37:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:37:43 +0100 (CET) Subject: SUSE-RU-2017:0630-1: moderate: Recommended update for Salt Message-ID: <20170308143743.1031F10010@maintenance.suse.de> SUSE Recommended Update: Recommended update for Salt ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0630-1 Rating: moderate References: #1011304 #1017078 Affected Products: SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for salt fixes the following issues: - Fix invalid chars allowed for data IDs. (bsc#1011304) - Fix timezone: Should be always in UTC. (bsc#1017078) - Fixes wrong "enabled" opts for yumnotify plugin. - SSH-option parameter for salt-ssh command. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS: zypper in -t patch slesctsp4-salt-13016=1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-salt-13016=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): salt-2015.8.12-30.1 salt-doc-2015.8.12-30.1 salt-minion-2015.8.12-30.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (ppc64 s390x x86_64): salt-2015.8.12-30.1 salt-doc-2015.8.12-30.1 salt-minion-2015.8.12-30.1 References: https://bugzilla.suse.com/1011304 https://bugzilla.suse.com/1017078 From sle-updates at lists.suse.com Wed Mar 8 07:38:20 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:38:20 +0100 (CET) Subject: SUSE-RU-2017:0631-1: moderate: Recommended update for SUSE Manager Server 3.0 Message-ID: <20170308143820.B30A110010@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 3.0 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0631-1 Rating: moderate References: #1011962 #1012365 #1013145 #1013938 #1014498 #1015414 #1015790 #1015967 #1016344 #1016960 #1017078 #1017505 #1019360 #1019451 #1019893 #1019965 #1020027 #1020180 #1020232 #1020902 #1021381 #1021884 #1022735 #1023133 #1024471 #1024473 #1024482 #1024486 #1024496 #973421 #993209 Affected Products: SUSE Manager Server 3.0 ______________________________________________________________________________ An update that has 31 recommended fixes can now be installed. Description: This update fixes the following issues: salt-netapi-client: - Prevent wrong target types from being passed to salt ssh. - Implementation of callAsync that resolves results via eventstream. - Fixed status.uptime + status module tests. - Added salt.modules.minion module. - Support for config.get and additional result types. spacecmd: - Removed obsolete code. (bsc#1013938) spacewalk-backend: - Add incomplete_package_import option to speed reposync up. spacewalk-client-tools: - Traditional registration: Resolve /etc/hostname if not FQDN. (bsc#1019360) spacewalk-config: - Add wss: to apache Content-Security-Policy. - Make remote commands UI async. (bsc#993209) spacewalk-java: - Create tmp directory in spec file. (bsc#1024486, bsc#1024482) - Store rosters in SALT_FILE_GENERATION_TEMP_PATH. (bsc#1024486, bsc#1024482) - Show only allowed minions in remote commands UI. (bsc#1024496) - Reject tokens not assigned to minions. (bsc#1019965) - Apply addon system types from activation key during registration. (bsc#1020180) - Remote commands: No blocking when minions are down. (bsc#993209) - Log authentication failure as error. (bsc#1017505) - Apply highstate as the last step of a registration in case an activation key was provided. (bsc#1020232) - Add severity to updateinfo. (bsc#1012365) - Hide migration targets without valid subscriptions. (bsc#1019893) - Fix SP migration when the SUSE Manager Tools product is installed. (bsc#1014498) - Fix timezone handling for rpm installtime. (bsc#1017078) - Validate activation key values. (bsc#1015967) - Pass user-preferred localtime to the highstate UI. (bsc#1020027) - Send ChannelsChangedEventMessage in SSM. (bsc#1019451) - Fix token refresh logic. (bsc#973421) - Ignore case when comparing virtualization type. (bsc#1016960) - XMLRPC: Allow specifying config revision by natural attributes when adding to action chain. (bsc#1011962) - Do not execute package list refresh twice. (bsc#1016344) - Fix spacecmd cannot be executed by RO user (bsc#1015790) spacewalk-web: - Remote commands: No blocking when minions are down. (bsc#993209) - Validate activation key values. (bsc#1015967) - Pass user-preferred localtime to the highstate UI. (bsc#1020027) susemanager: - Add missing '-y' parameter for salt-key call. (bsc#1024473) - Create bootstrap repository for Raspberry Pi. (bsc#1023133) - Add an "IMPORTANT" note after migration is done. (bsc#1013145) - Create bootstrap repository for SLES for SAP ppc64le. susemanager-docs_en: - Commented out White Papers book. - Fixed broken help link. (Bug 1021648) susemanager-schema: - Fix error on channel delete with tokens. (bsc#1024471) - Add severity to updateinfo. (bsc#1012365) - Drop index before it gets re-created and use if exists for postgres. (bsc#1021381) susemanager-sls: - Configure mine.update to submit a job return event. (bsc#1022735) - Disable spacewalksd and spacewalk-update-status when switching to salt registration. (bsc#1020902) - Fix timezone handling for rpm installtime. (bsc#1017078) susemanager-sync-data: - Support SUSE-PackageHub. (bsc#1021884) - Support SLES for SAP on ppc64le. (bsc#1015414) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-348=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (noarch): salt-netapi-client-0.10.0-9.1 spacecmd-2.5.5.4-9.1 spacewalk-backend-2.5.24.8-17.1 spacewalk-backend-app-2.5.24.8-17.1 spacewalk-backend-applet-2.5.24.8-17.1 spacewalk-backend-config-files-2.5.24.8-17.1 spacewalk-backend-config-files-common-2.5.24.8-17.1 spacewalk-backend-config-files-tool-2.5.24.8-17.1 spacewalk-backend-iss-2.5.24.8-17.1 spacewalk-backend-iss-export-2.5.24.8-17.1 spacewalk-backend-libs-2.5.24.8-17.1 spacewalk-backend-package-push-server-2.5.24.8-17.1 spacewalk-backend-server-2.5.24.8-17.1 spacewalk-backend-sql-2.5.24.8-17.1 spacewalk-backend-sql-oracle-2.5.24.8-17.1 spacewalk-backend-sql-postgresql-2.5.24.8-17.1 spacewalk-backend-tools-2.5.24.8-17.1 spacewalk-backend-xml-export-libs-2.5.24.8-17.1 spacewalk-backend-xmlrpc-2.5.24.8-17.1 spacewalk-base-2.5.7.14-18.1 spacewalk-base-minimal-2.5.7.14-18.1 spacewalk-base-minimal-config-2.5.7.14-18.1 spacewalk-client-tools-2.5.13.7-14.2 spacewalk-config-2.5.2.6-9.1 spacewalk-html-2.5.7.14-18.1 spacewalk-java-2.5.59.13-20.1 spacewalk-java-config-2.5.59.13-20.1 spacewalk-java-lib-2.5.59.13-20.1 spacewalk-java-oracle-2.5.59.13-20.1 spacewalk-java-postgresql-2.5.59.13-20.1 spacewalk-taskomatic-2.5.59.13-20.1 susemanager-advanced-topics_en-pdf-3-24.3 susemanager-best-practices_en-pdf-3-24.3 susemanager-docs_en-3-24.3 susemanager-getting-started_en-pdf-3-24.3 susemanager-jsp_en-3-24.3 susemanager-reference_en-pdf-3-24.3 susemanager-schema-3.0.18-18.2 susemanager-sls-0.1.19-20.1 susemanager-sync-data-3.0.14-18.1 - SUSE Manager Server 3.0 (x86_64): susemanager-3.0.20-18.1 susemanager-tools-3.0.20-18.1 References: https://bugzilla.suse.com/1011962 https://bugzilla.suse.com/1012365 https://bugzilla.suse.com/1013145 https://bugzilla.suse.com/1013938 https://bugzilla.suse.com/1014498 https://bugzilla.suse.com/1015414 https://bugzilla.suse.com/1015790 https://bugzilla.suse.com/1015967 https://bugzilla.suse.com/1016344 https://bugzilla.suse.com/1016960 https://bugzilla.suse.com/1017078 https://bugzilla.suse.com/1017505 https://bugzilla.suse.com/1019360 https://bugzilla.suse.com/1019451 https://bugzilla.suse.com/1019893 https://bugzilla.suse.com/1019965 https://bugzilla.suse.com/1020027 https://bugzilla.suse.com/1020180 https://bugzilla.suse.com/1020232 https://bugzilla.suse.com/1020902 https://bugzilla.suse.com/1021381 https://bugzilla.suse.com/1021884 https://bugzilla.suse.com/1022735 https://bugzilla.suse.com/1023133 https://bugzilla.suse.com/1024471 https://bugzilla.suse.com/1024473 https://bugzilla.suse.com/1024482 https://bugzilla.suse.com/1024486 https://bugzilla.suse.com/1024496 https://bugzilla.suse.com/973421 https://bugzilla.suse.com/993209 From sle-updates at lists.suse.com Wed Mar 8 07:43:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:43:15 +0100 (CET) Subject: SUSE-RU-2017:0632-1: Recommended update for release-notes-susemanager Message-ID: <20170308144315.D6C0D10010@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0632-1 Rating: low References: #1015414 #1021884 Affected Products: SUSE Manager Server 3.0 SUSE Manager Proxy 3.0 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: SUSE Manager 3.0 Release Notes have been updated to document: - New products: + SUSE Package Hub + SLES for SAP on ppc64le - SUSE Manager Server bugs fixed by latest updates: + bsc#973421, bsc#993209, bsc#1011304, bsc#1011962, bsc#1012365 bsc#1013145, bsc#1013938, bsc#1014498, bsc#1015136, bsc#1015414 bsc#1015967, bsc#1016344, bsc#1016960, bsc#1017078, bsc#1017505 bsc#1019360, bsc#1019451, bsc#1019893, bsc#1019965, bsc#1020027 bsc#1020180, bsc#1020232, bsc#1020902, bsc#1021381, bsc#1021648 bsc#1021884, bsc#1022735, bsc#1023133, bsc#1024471, bsc#1024473 bsc#1024486, bsc#1024496 - SUSE Manager Proxy bugs fixed by latest updates: + bsc#993209, bsc#1000110, bsc#1012787, bsc#1015136, bsc#1015967 bsc#1017078, bsc#1017094, bsc#1019360, bsc#1020027, bsc#1020902 bsc#1022735 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-339=1 - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2017-339=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (x86_64): release-notes-susemanager-3.0.4-0.49.1 - SUSE Manager Proxy 3.0 (x86_64): release-notes-susemanager-proxy-3.0.4-0.24.1 References: https://bugzilla.suse.com/1015414 https://bugzilla.suse.com/1021884 From sle-updates at lists.suse.com Wed Mar 8 07:43:49 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:43:49 +0100 (CET) Subject: SUSE-RU-2017:0633-1: moderate: Recommended update for SUSE Manager Proxy 3.0 Message-ID: <20170308144349.EF7BF10010@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Proxy 3.0 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0633-1 Rating: moderate References: #1000110 #1012787 #1015136 #1015967 #1017078 #1017094 #1019360 #1020027 #1020902 #1022735 #993209 Affected Products: SUSE Manager Proxy 3.0 ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. Description: This update fixes the following issues: spacewalk-backend: - Add incomplete_package_import option to speed reposync up. spacewalk-client-tools: - Traditional registration: Resolve /etc/hostname if not FQDN. (bsc#1019360) spacewalk-proxy: - Add rcsalt-broker script. (bsc#1012787) - Fix handling of authentication token and headers in rhnBroker. (bsc#1017094) - Use SUSE product names instead of spacewalk/rhn. (bsc#1000110) spacewalk-web: - Remote commands: No blocking when minions are down. (bsc#993209) - Validate activation key values. (bsc#1015967) - Pass user-preferred localtime to the highstate UI. (bsc#1020027) spacewalksd: - Use spacewalk-update-status only on registered systems. (bsc#1015136) susemanager-sls: - Configure mine.update to submit a job return event. (bsc#1022735) - Disable spacewalksd and spacewalk-update-status when switching to salt registration. (bsc#1020902) - Fix timezone handling for rpm install-time. (bsc#1017078) How to apply this update: 1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy start Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2017-348=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 3.0 (noarch): spacewalk-backend-2.5.24.8-17.1 spacewalk-backend-libs-2.5.24.8-17.1 spacewalk-base-minimal-2.5.7.14-18.1 spacewalk-base-minimal-config-2.5.7.14-18.1 spacewalk-check-2.5.13.7-14.2 spacewalk-client-setup-2.5.13.7-14.2 spacewalk-client-tools-2.5.13.7-14.2 spacewalk-proxy-broker-2.5.1.6-12.1 spacewalk-proxy-common-2.5.1.6-12.1 spacewalk-proxy-management-2.5.1.6-12.1 spacewalk-proxy-package-manager-2.5.1.6-12.1 spacewalk-proxy-redirect-2.5.1.6-12.1 spacewalk-proxy-salt-2.5.1.6-12.1 susemanager-sls-0.1.19-20.1 - SUSE Manager Proxy 3.0 (x86_64): spacewalksd-5.0.19.2-3.1 spacewalksd-debuginfo-5.0.19.2-3.1 spacewalksd-debugsource-5.0.19.2-3.1 References: https://bugzilla.suse.com/1000110 https://bugzilla.suse.com/1012787 https://bugzilla.suse.com/1015136 https://bugzilla.suse.com/1015967 https://bugzilla.suse.com/1017078 https://bugzilla.suse.com/1017094 https://bugzilla.suse.com/1019360 https://bugzilla.suse.com/1020027 https://bugzilla.suse.com/1020902 https://bugzilla.suse.com/1022735 https://bugzilla.suse.com/993209 From sle-updates at lists.suse.com Wed Mar 8 07:45:51 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:45:51 +0100 (CET) Subject: SUSE-RU-2017:0634-1: moderate: Recommended update for Salt Message-ID: <20170308144551.EDC0510010@maintenance.suse.de> SUSE Recommended Update: Recommended update for Salt ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0634-1 Rating: moderate References: #1011304 #1017078 Affected Products: SUSE Manager Tools 12 SUSE Manager Server 3.0 SUSE Manager Proxy 3.0 SUSE Linux Enterprise Point of Sale 12-SP2 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Enterprise Storage 4 SUSE Enterprise Storage 3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for salt fixes the following issues: - Fix invalid chars allowed for data IDs. (bsc#1011304) - Fix timezone: Should be always in UTC. (bsc#1017078) - Fixes wrong "enabled" opts for yumnotify plugin. - SSH-option parameter for salt-ssh command. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2017-347=1 - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-347=1 - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2017-347=1 - SUSE Linux Enterprise Point of Sale 12-SP2: zypper in -t patch SUSE-SLE-POS-12-SP2-2017-347=1 - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2017-347=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-347=1 - SUSE Enterprise Storage 3: zypper in -t patch SUSE-Storage-3-2017-347=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64): salt-2015.8.12-33.1 salt-doc-2015.8.12-33.1 salt-minion-2015.8.12-33.1 - SUSE Manager Server 3.0 (noarch): salt-bash-completion-2015.8.12-33.1 salt-zsh-completion-2015.8.12-33.1 - SUSE Manager Server 3.0 (x86_64): salt-2015.8.12-33.1 salt-api-2015.8.12-33.1 salt-doc-2015.8.12-33.1 salt-master-2015.8.12-33.1 salt-minion-2015.8.12-33.1 salt-proxy-2015.8.12-33.1 salt-ssh-2015.8.12-33.1 salt-syndic-2015.8.12-33.1 - SUSE Manager Proxy 3.0 (noarch): salt-bash-completion-2015.8.12-33.1 salt-zsh-completion-2015.8.12-33.1 - SUSE Manager Proxy 3.0 (x86_64): salt-2015.8.12-33.1 salt-api-2015.8.12-33.1 salt-doc-2015.8.12-33.1 salt-master-2015.8.12-33.1 salt-minion-2015.8.12-33.1 salt-proxy-2015.8.12-33.1 salt-ssh-2015.8.12-33.1 salt-syndic-2015.8.12-33.1 - SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64): salt-2015.8.12-33.1 salt-minion-2015.8.12-33.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): salt-2015.8.12-33.1 salt-api-2015.8.12-33.1 salt-cloud-2015.8.12-33.1 salt-doc-2015.8.12-33.1 salt-master-2015.8.12-33.1 salt-minion-2015.8.12-33.1 salt-proxy-2015.8.12-33.1 salt-ssh-2015.8.12-33.1 salt-syndic-2015.8.12-33.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch): salt-bash-completion-2015.8.12-33.1 salt-zsh-completion-2015.8.12-33.1 - SUSE Enterprise Storage 4 (aarch64 x86_64): salt-2015.8.12-33.1 salt-master-2015.8.12-33.1 salt-minion-2015.8.12-33.1 - SUSE Enterprise Storage 3 (aarch64 x86_64): salt-2015.8.12-33.1 salt-master-2015.8.12-33.1 salt-minion-2015.8.12-33.1 References: https://bugzilla.suse.com/1011304 https://bugzilla.suse.com/1017078 From sle-updates at lists.suse.com Wed Mar 8 07:46:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 15:46:25 +0100 (CET) Subject: SUSE-RU-2017:0635-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <20170308144625.70ADD10010@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0635-1 Rating: moderate References: #1013938 #1015136 #1019360 Affected Products: SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update fixes the following issues: spacecmd: - Removed obsolete code. (bsc#1013938) spacewalk-backend: - Add incomplete_package_import option to speed reposync up. spacewalk-client-tools: - Traditional registration: Resolve /etc/hostname if not FQDN. (bsc#1019360) spacewalk-koan: - Updated registry hostname for mgr subdomain. spacewalksd: - Use spacewalk-update-status only on registered systems. (bsc#1015136) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS: zypper in -t patch slesctsp4-client-tools-201702-13015=1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-client-tools-201702-13015=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): spacecmd-2.5.5.4-11.1 spacewalk-backend-libs-2.5.24.8-19.3 spacewalksd-5.0.19.2-5.1 - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (noarch): spacewalk-check-2.5.13.7-20.1 spacewalk-client-setup-2.5.13.7-20.1 spacewalk-client-tools-2.5.13.7-20.1 spacewalk-koan-2.5.0.3-5.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): spacecmd-2.5.5.4-11.1 spacewalk-backend-libs-2.5.24.8-19.3 spacewalksd-5.0.19.2-5.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (noarch): spacewalk-check-2.5.13.7-20.1 spacewalk-client-setup-2.5.13.7-20.1 spacewalk-client-tools-2.5.13.7-20.1 spacewalk-koan-2.5.0.3-5.1 References: https://bugzilla.suse.com/1013938 https://bugzilla.suse.com/1015136 https://bugzilla.suse.com/1019360 From sle-updates at lists.suse.com Wed Mar 8 10:08:16 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 18:08:16 +0100 (CET) Subject: SUSE-RU-2017:0636-1: moderate: Recommended update for yast2-registration Message-ID: <20170308170816.D815410010@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-registration ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0636-1 Rating: moderate References: #1024464 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for yast2-registration fixes the layout of the "Extension and Module Selection" dialog in text mode to make all items visible. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-350=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-350=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): yast2-registration-3.1.166.4-12.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): yast2-registration-3.1.166.4-12.1 References: https://bugzilla.suse.com/1024464 From sle-updates at lists.suse.com Wed Mar 8 10:08:39 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Mar 2017 18:08:39 +0100 (CET) Subject: SUSE-RU-2017:0637-1: moderate: Recommended update for POS_Image3 Message-ID: <20170308170839.CF9EE10010@maintenance.suse.de> SUSE Recommended Update: Recommended update for POS_Image3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0637-1 Rating: moderate References: #1025279 Affected Products: SUSE Linux Enterprise Point of Sale 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for POS_Image3 fixes parsing of permanent MAC addresses from hwinfo(8)'s output. This problem could lead to failure to register the terminal. (bsc#1025279) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Sale 12-SP2: zypper in -t patch SUSE-SLE-POS-12-SP2-2017-349=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Sale 12-SP2 (noarch): POS_Image-Netboot-hooks-3.4.0-5.1 POS_Image-Tools-3.4.0-5.1 POS_Image3-3.6.0-5.1 References: https://bugzilla.suse.com/1025279 From sle-updates at lists.suse.com Wed Mar 8 19:07:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 03:07:37 +0100 (CET) Subject: SUSE-RU-2017:0638-1: Recommended update for libreoffice Message-ID: <20170309020737.30B24FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for libreoffice ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0638-1 Rating: low References: #1010961 #1014896 #1015467 #945446 #946674 #952640 #955548 #957991 #959168 #980734 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has 10 recommended fixes can now be installed. Description: This update for libreoffice provides version 5.2.5.1 and fixes the following issues: - Libreoffice freezing when running a hyphenate all (bsc#1014896) - Change tracking: everything is a change, and accepting changes (bsc#1010961) - LibreOffice missing contents in PPTX deck (bsc#980734) - Clone Formatting ignores vertical text alignment (bsc#945446) - CTRL+Z not working to undo changes performed through Navigator crash fix (bsc#955548) - Undo does not revert bundled font size changes for table cells (bsc#946674) - Cut and Paste (at the same position) changes bullet point formatting (bsc#952640) - CTRL+Z not working to undo changes performed through Navigator (bsc#955548) - Undo on bullet point style change only works when focus is not set (bsc#959168) - Improve pivot cache reading performance (bsc#957991) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-351=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-351=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-351=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-351=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-351=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-351=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): libreoffice-icon-theme-galaxy-5.2.5.1-38.5 libreoffice-icon-theme-tango-5.2.5.1-38.5 libreoffice-l10n-af-5.2.5.1-38.5 libreoffice-l10n-ar-5.2.5.1-38.5 libreoffice-l10n-bg-5.2.5.1-38.5 libreoffice-l10n-ca-5.2.5.1-38.5 libreoffice-l10n-cs-5.2.5.1-38.5 libreoffice-l10n-da-5.2.5.1-38.5 libreoffice-l10n-de-5.2.5.1-38.5 libreoffice-l10n-en-5.2.5.1-38.5 libreoffice-l10n-es-5.2.5.1-38.5 libreoffice-l10n-fi-5.2.5.1-38.5 libreoffice-l10n-fr-5.2.5.1-38.5 libreoffice-l10n-gu-5.2.5.1-38.5 libreoffice-l10n-hi-5.2.5.1-38.5 libreoffice-l10n-hr-5.2.5.1-38.5 libreoffice-l10n-hu-5.2.5.1-38.5 libreoffice-l10n-it-5.2.5.1-38.5 libreoffice-l10n-ja-5.2.5.1-38.5 libreoffice-l10n-ko-5.2.5.1-38.5 libreoffice-l10n-lt-5.2.5.1-38.5 libreoffice-l10n-nb-5.2.5.1-38.5 libreoffice-l10n-nl-5.2.5.1-38.5 libreoffice-l10n-nn-5.2.5.1-38.5 libreoffice-l10n-pl-5.2.5.1-38.5 libreoffice-l10n-pt_BR-5.2.5.1-38.5 libreoffice-l10n-pt_PT-5.2.5.1-38.5 libreoffice-l10n-ro-5.2.5.1-38.5 libreoffice-l10n-ru-5.2.5.1-38.5 libreoffice-l10n-sk-5.2.5.1-38.5 libreoffice-l10n-sv-5.2.5.1-38.5 libreoffice-l10n-uk-5.2.5.1-38.5 libreoffice-l10n-xh-5.2.5.1-38.5 libreoffice-l10n-zh_CN-5.2.5.1-38.5 libreoffice-l10n-zh_TW-5.2.5.1-38.5 libreoffice-l10n-zu-5.2.5.1-38.5 - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libetonyek-0_1-1-0.1.6-9.2 libetonyek-0_1-1-debuginfo-0.1.6-9.2 libetonyek-debugsource-0.1.6-9.2 libreoffice-5.2.5.1-38.5 libreoffice-base-5.2.5.1-38.5 libreoffice-base-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-mysql-5.2.5.1-38.5 libreoffice-base-drivers-mysql-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-debuginfo-5.2.5.1-38.5 libreoffice-calc-5.2.5.1-38.5 libreoffice-calc-debuginfo-5.2.5.1-38.5 libreoffice-calc-extensions-5.2.5.1-38.5 libreoffice-debuginfo-5.2.5.1-38.5 libreoffice-debugsource-5.2.5.1-38.5 libreoffice-draw-5.2.5.1-38.5 libreoffice-draw-debuginfo-5.2.5.1-38.5 libreoffice-filters-optional-5.2.5.1-38.5 libreoffice-gnome-5.2.5.1-38.5 libreoffice-gnome-debuginfo-5.2.5.1-38.5 libreoffice-impress-5.2.5.1-38.5 libreoffice-impress-debuginfo-5.2.5.1-38.5 libreoffice-mailmerge-5.2.5.1-38.5 libreoffice-math-5.2.5.1-38.5 libreoffice-math-debuginfo-5.2.5.1-38.5 libreoffice-officebean-5.2.5.1-38.5 libreoffice-officebean-debuginfo-5.2.5.1-38.5 libreoffice-pyuno-5.2.5.1-38.5 libreoffice-pyuno-debuginfo-5.2.5.1-38.5 libreoffice-writer-5.2.5.1-38.5 libreoffice-writer-debuginfo-5.2.5.1-38.5 libreoffice-writer-extensions-5.2.5.1-38.5 libreofficekit-5.2.5.1-38.5 - SUSE Linux Enterprise Workstation Extension 12-SP1 (noarch): libreoffice-icon-theme-galaxy-5.2.5.1-38.5 libreoffice-icon-theme-tango-5.2.5.1-38.5 libreoffice-l10n-af-5.2.5.1-38.5 libreoffice-l10n-ar-5.2.5.1-38.5 libreoffice-l10n-ca-5.2.5.1-38.5 libreoffice-l10n-cs-5.2.5.1-38.5 libreoffice-l10n-da-5.2.5.1-38.5 libreoffice-l10n-de-5.2.5.1-38.5 libreoffice-l10n-en-5.2.5.1-38.5 libreoffice-l10n-es-5.2.5.1-38.5 libreoffice-l10n-fi-5.2.5.1-38.5 libreoffice-l10n-fr-5.2.5.1-38.5 libreoffice-l10n-gu-5.2.5.1-38.5 libreoffice-l10n-hi-5.2.5.1-38.5 libreoffice-l10n-hu-5.2.5.1-38.5 libreoffice-l10n-it-5.2.5.1-38.5 libreoffice-l10n-ja-5.2.5.1-38.5 libreoffice-l10n-ko-5.2.5.1-38.5 libreoffice-l10n-nb-5.2.5.1-38.5 libreoffice-l10n-nl-5.2.5.1-38.5 libreoffice-l10n-nn-5.2.5.1-38.5 libreoffice-l10n-pl-5.2.5.1-38.5 libreoffice-l10n-pt_BR-5.2.5.1-38.5 libreoffice-l10n-pt_PT-5.2.5.1-38.5 libreoffice-l10n-ru-5.2.5.1-38.5 libreoffice-l10n-sk-5.2.5.1-38.5 libreoffice-l10n-sv-5.2.5.1-38.5 libreoffice-l10n-xh-5.2.5.1-38.5 libreoffice-l10n-zh_CN-5.2.5.1-38.5 libreoffice-l10n-zh_TW-5.2.5.1-38.5 libreoffice-l10n-zu-5.2.5.1-38.5 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libetonyek-0_1-1-0.1.6-9.2 libetonyek-0_1-1-debuginfo-0.1.6-9.2 libetonyek-debugsource-0.1.6-9.2 libreoffice-5.2.5.1-38.5 libreoffice-base-5.2.5.1-38.5 libreoffice-base-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-mysql-5.2.5.1-38.5 libreoffice-base-drivers-mysql-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-debuginfo-5.2.5.1-38.5 libreoffice-calc-5.2.5.1-38.5 libreoffice-calc-debuginfo-5.2.5.1-38.5 libreoffice-calc-extensions-5.2.5.1-38.5 libreoffice-debuginfo-5.2.5.1-38.5 libreoffice-debugsource-5.2.5.1-38.5 libreoffice-draw-5.2.5.1-38.5 libreoffice-draw-debuginfo-5.2.5.1-38.5 libreoffice-filters-optional-5.2.5.1-38.5 libreoffice-gnome-5.2.5.1-38.5 libreoffice-gnome-debuginfo-5.2.5.1-38.5 libreoffice-impress-5.2.5.1-38.5 libreoffice-impress-debuginfo-5.2.5.1-38.5 libreoffice-mailmerge-5.2.5.1-38.5 libreoffice-math-5.2.5.1-38.5 libreoffice-math-debuginfo-5.2.5.1-38.5 libreoffice-officebean-5.2.5.1-38.5 libreoffice-officebean-debuginfo-5.2.5.1-38.5 libreoffice-pyuno-5.2.5.1-38.5 libreoffice-pyuno-debuginfo-5.2.5.1-38.5 libreoffice-writer-5.2.5.1-38.5 libreoffice-writer-debuginfo-5.2.5.1-38.5 libreoffice-writer-extensions-5.2.5.1-38.5 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libetonyek-debugsource-0.1.6-9.2 libetonyek-devel-0.1.6-9.2 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64): libreoffice-debuginfo-5.2.5.1-38.5 libreoffice-debugsource-5.2.5.1-38.5 libreoffice-sdk-5.2.5.1-38.5 libreoffice-sdk-debuginfo-5.2.5.1-38.5 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): libetonyek-devel-doc-0.1.6-9.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libetonyek-debugsource-0.1.6-9.2 libetonyek-devel-0.1.6-9.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): libetonyek-devel-doc-0.1.6-9.2 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): libreoffice-icon-theme-galaxy-5.2.5.1-38.5 libreoffice-icon-theme-tango-5.2.5.1-38.5 libreoffice-l10n-af-5.2.5.1-38.5 libreoffice-l10n-ar-5.2.5.1-38.5 libreoffice-l10n-ca-5.2.5.1-38.5 libreoffice-l10n-cs-5.2.5.1-38.5 libreoffice-l10n-da-5.2.5.1-38.5 libreoffice-l10n-de-5.2.5.1-38.5 libreoffice-l10n-en-5.2.5.1-38.5 libreoffice-l10n-es-5.2.5.1-38.5 libreoffice-l10n-fi-5.2.5.1-38.5 libreoffice-l10n-fr-5.2.5.1-38.5 libreoffice-l10n-gu-5.2.5.1-38.5 libreoffice-l10n-hi-5.2.5.1-38.5 libreoffice-l10n-hu-5.2.5.1-38.5 libreoffice-l10n-it-5.2.5.1-38.5 libreoffice-l10n-ja-5.2.5.1-38.5 libreoffice-l10n-ko-5.2.5.1-38.5 libreoffice-l10n-nb-5.2.5.1-38.5 libreoffice-l10n-nl-5.2.5.1-38.5 libreoffice-l10n-nn-5.2.5.1-38.5 libreoffice-l10n-pl-5.2.5.1-38.5 libreoffice-l10n-pt_BR-5.2.5.1-38.5 libreoffice-l10n-pt_PT-5.2.5.1-38.5 libreoffice-l10n-ro-5.2.5.1-38.5 libreoffice-l10n-ru-5.2.5.1-38.5 libreoffice-l10n-sk-5.2.5.1-38.5 libreoffice-l10n-sv-5.2.5.1-38.5 libreoffice-l10n-xh-5.2.5.1-38.5 libreoffice-l10n-zh_CN-5.2.5.1-38.5 libreoffice-l10n-zh_TW-5.2.5.1-38.5 libreoffice-l10n-zu-5.2.5.1-38.5 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libetonyek-0_1-1-0.1.6-9.2 libetonyek-0_1-1-debuginfo-0.1.6-9.2 libetonyek-debugsource-0.1.6-9.2 libreoffice-5.2.5.1-38.5 libreoffice-base-5.2.5.1-38.5 libreoffice-base-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-mysql-5.2.5.1-38.5 libreoffice-base-drivers-mysql-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-debuginfo-5.2.5.1-38.5 libreoffice-calc-5.2.5.1-38.5 libreoffice-calc-debuginfo-5.2.5.1-38.5 libreoffice-calc-extensions-5.2.5.1-38.5 libreoffice-debuginfo-5.2.5.1-38.5 libreoffice-debugsource-5.2.5.1-38.5 libreoffice-draw-5.2.5.1-38.5 libreoffice-draw-debuginfo-5.2.5.1-38.5 libreoffice-filters-optional-5.2.5.1-38.5 libreoffice-gnome-5.2.5.1-38.5 libreoffice-gnome-debuginfo-5.2.5.1-38.5 libreoffice-impress-5.2.5.1-38.5 libreoffice-impress-debuginfo-5.2.5.1-38.5 libreoffice-mailmerge-5.2.5.1-38.5 libreoffice-math-5.2.5.1-38.5 libreoffice-math-debuginfo-5.2.5.1-38.5 libreoffice-officebean-5.2.5.1-38.5 libreoffice-officebean-debuginfo-5.2.5.1-38.5 libreoffice-pyuno-5.2.5.1-38.5 libreoffice-pyuno-debuginfo-5.2.5.1-38.5 libreoffice-writer-5.2.5.1-38.5 libreoffice-writer-debuginfo-5.2.5.1-38.5 libreoffice-writer-extensions-5.2.5.1-38.5 libreofficekit-5.2.5.1-38.5 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): libreoffice-icon-theme-galaxy-5.2.5.1-38.5 libreoffice-icon-theme-tango-5.2.5.1-38.5 libreoffice-l10n-af-5.2.5.1-38.5 libreoffice-l10n-ar-5.2.5.1-38.5 libreoffice-l10n-ca-5.2.5.1-38.5 libreoffice-l10n-cs-5.2.5.1-38.5 libreoffice-l10n-da-5.2.5.1-38.5 libreoffice-l10n-de-5.2.5.1-38.5 libreoffice-l10n-en-5.2.5.1-38.5 libreoffice-l10n-es-5.2.5.1-38.5 libreoffice-l10n-fi-5.2.5.1-38.5 libreoffice-l10n-fr-5.2.5.1-38.5 libreoffice-l10n-gu-5.2.5.1-38.5 libreoffice-l10n-hi-5.2.5.1-38.5 libreoffice-l10n-hu-5.2.5.1-38.5 libreoffice-l10n-it-5.2.5.1-38.5 libreoffice-l10n-ja-5.2.5.1-38.5 libreoffice-l10n-ko-5.2.5.1-38.5 libreoffice-l10n-nb-5.2.5.1-38.5 libreoffice-l10n-nl-5.2.5.1-38.5 libreoffice-l10n-nn-5.2.5.1-38.5 libreoffice-l10n-pl-5.2.5.1-38.5 libreoffice-l10n-pt_BR-5.2.5.1-38.5 libreoffice-l10n-pt_PT-5.2.5.1-38.5 libreoffice-l10n-ru-5.2.5.1-38.5 libreoffice-l10n-sk-5.2.5.1-38.5 libreoffice-l10n-sv-5.2.5.1-38.5 libreoffice-l10n-xh-5.2.5.1-38.5 libreoffice-l10n-zh_CN-5.2.5.1-38.5 libreoffice-l10n-zh_TW-5.2.5.1-38.5 libreoffice-l10n-zu-5.2.5.1-38.5 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libetonyek-0_1-1-0.1.6-9.2 libetonyek-0_1-1-debuginfo-0.1.6-9.2 libetonyek-debugsource-0.1.6-9.2 libreoffice-5.2.5.1-38.5 libreoffice-base-5.2.5.1-38.5 libreoffice-base-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-mysql-5.2.5.1-38.5 libreoffice-base-drivers-mysql-debuginfo-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-5.2.5.1-38.5 libreoffice-base-drivers-postgresql-debuginfo-5.2.5.1-38.5 libreoffice-calc-5.2.5.1-38.5 libreoffice-calc-debuginfo-5.2.5.1-38.5 libreoffice-calc-extensions-5.2.5.1-38.5 libreoffice-debuginfo-5.2.5.1-38.5 libreoffice-debugsource-5.2.5.1-38.5 libreoffice-draw-5.2.5.1-38.5 libreoffice-draw-debuginfo-5.2.5.1-38.5 libreoffice-filters-optional-5.2.5.1-38.5 libreoffice-gnome-5.2.5.1-38.5 libreoffice-gnome-debuginfo-5.2.5.1-38.5 libreoffice-impress-5.2.5.1-38.5 libreoffice-impress-debuginfo-5.2.5.1-38.5 libreoffice-mailmerge-5.2.5.1-38.5 libreoffice-math-5.2.5.1-38.5 libreoffice-math-debuginfo-5.2.5.1-38.5 libreoffice-officebean-5.2.5.1-38.5 libreoffice-officebean-debuginfo-5.2.5.1-38.5 libreoffice-pyuno-5.2.5.1-38.5 libreoffice-pyuno-debuginfo-5.2.5.1-38.5 libreoffice-writer-5.2.5.1-38.5 libreoffice-writer-debuginfo-5.2.5.1-38.5 libreoffice-writer-extensions-5.2.5.1-38.5 References: https://bugzilla.suse.com/1010961 https://bugzilla.suse.com/1014896 https://bugzilla.suse.com/1015467 https://bugzilla.suse.com/945446 https://bugzilla.suse.com/946674 https://bugzilla.suse.com/952640 https://bugzilla.suse.com/955548 https://bugzilla.suse.com/957991 https://bugzilla.suse.com/959168 https://bugzilla.suse.com/980734 From sle-updates at lists.suse.com Thu Mar 9 01:07:45 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 09:07:45 +0100 (CET) Subject: SUSE-RU-2017:0630-2: moderate: Recommended update for Salt Message-ID: <20170309080745.082D1FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for Salt ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0630-2 Rating: moderate References: #1011304 #1017078 Affected Products: SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for salt fixes the following issues: - Fix invalid chars allowed for data IDs. (bsc#1011304) - Fix timezone: Should be always in UTC. (bsc#1017078) - Fixes wrong "enabled" opts for yumnotify plugin. - SSH-option parameter for salt-ssh command. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-salt-13016=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (i586 ia64): salt-2015.8.12-30.1 salt-doc-2015.8.12-30.1 salt-minion-2015.8.12-30.1 References: https://bugzilla.suse.com/1011304 https://bugzilla.suse.com/1017078 From sle-updates at lists.suse.com Thu Mar 9 01:08:22 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 09:08:22 +0100 (CET) Subject: SUSE-SU-2017:0607-2: moderate: Security update for openssh Message-ID: <20170309080822.8BD04FFCF@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0607-2 Rating: moderate References: #1005480 #1005893 #1006221 #1016366 #1016369 Cross-References: CVE-2016-10009 CVE-2016-10011 CVE-2016-8858 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480) - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366) - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369) - Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221) - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-325=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-325=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-325=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): openssh-6.6p1-54.7.1 openssh-askpass-gnome-6.6p1-54.7.1 openssh-askpass-gnome-debuginfo-6.6p1-54.7.1 openssh-debuginfo-6.6p1-54.7.1 openssh-debugsource-6.6p1-54.7.1 openssh-fips-6.6p1-54.7.1 openssh-helpers-6.6p1-54.7.1 openssh-helpers-debuginfo-6.6p1-54.7.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le): openssh-6.6p1-54.7.1 openssh-askpass-gnome-6.6p1-54.7.1 openssh-askpass-gnome-debuginfo-6.6p1-54.7.1 openssh-debuginfo-6.6p1-54.7.1 openssh-debugsource-6.6p1-54.7.1 openssh-fips-6.6p1-54.7.1 openssh-helpers-6.6p1-54.7.1 openssh-helpers-debuginfo-6.6p1-54.7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): openssh-6.6p1-54.7.1 openssh-askpass-gnome-6.6p1-54.7.1 openssh-askpass-gnome-debuginfo-6.6p1-54.7.1 openssh-debuginfo-6.6p1-54.7.1 openssh-debugsource-6.6p1-54.7.1 openssh-helpers-6.6p1-54.7.1 openssh-helpers-debuginfo-6.6p1-54.7.1 References: https://www.suse.com/security/cve/CVE-2016-10009.html https://www.suse.com/security/cve/CVE-2016-10011.html https://www.suse.com/security/cve/CVE-2016-8858.html https://bugzilla.suse.com/1005480 https://bugzilla.suse.com/1005893 https://bugzilla.suse.com/1006221 https://bugzilla.suse.com/1016366 https://bugzilla.suse.com/1016369 From sle-updates at lists.suse.com Thu Mar 9 01:09:31 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 09:09:31 +0100 (CET) Subject: SUSE-SU-2017:0639-1: moderate: Security update for unzip Message-ID: <20170309080931.626E2FFCF@maintenance.suse.de> SUSE Security Update: Security update for unzip ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0639-1 Rating: moderate References: #1013992 #1013993 #950110 #950111 Cross-References: CVE-2014-9913 CVE-2015-7696 CVE-2015-7697 CVE-2016-9844 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for unzip fixes the following issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993) - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110) - CVE-2015-7697: Specially crafted zip files could trigger an endless loop and lead to denial of service (bsc#950111) - CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-unzip-13006=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): unzip-6.00-11.17.1 References: https://www.suse.com/security/cve/CVE-2014-9913.html https://www.suse.com/security/cve/CVE-2015-7696.html https://www.suse.com/security/cve/CVE-2015-7697.html https://www.suse.com/security/cve/CVE-2016-9844.html https://bugzilla.suse.com/1013992 https://bugzilla.suse.com/1013993 https://bugzilla.suse.com/950110 https://bugzilla.suse.com/950111 From sle-updates at lists.suse.com Thu Mar 9 04:08:57 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 12:08:57 +0100 (CET) Subject: SUSE-SU-2017:0607-3: moderate: Security update for openssh Message-ID: <20170309110857.8377AFFCF@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0607-3 Rating: moderate References: #1005480 #1005893 #1006221 #1016366 #1016369 Cross-References: CVE-2016-10009 CVE-2016-10011 CVE-2016-8858 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480) - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366) - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369) - Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221) - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-325=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): openssh-6.6p1-54.7.1 openssh-askpass-gnome-6.6p1-54.7.1 openssh-askpass-gnome-debuginfo-6.6p1-54.7.1 openssh-debuginfo-6.6p1-54.7.1 openssh-debugsource-6.6p1-54.7.1 openssh-fips-6.6p1-54.7.1 openssh-helpers-6.6p1-54.7.1 openssh-helpers-debuginfo-6.6p1-54.7.1 References: https://www.suse.com/security/cve/CVE-2016-10009.html https://www.suse.com/security/cve/CVE-2016-10011.html https://www.suse.com/security/cve/CVE-2016-8858.html https://bugzilla.suse.com/1005480 https://bugzilla.suse.com/1005893 https://bugzilla.suse.com/1006221 https://bugzilla.suse.com/1016366 https://bugzilla.suse.com/1016369 From sle-updates at lists.suse.com Thu Mar 9 04:09:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 12:09:58 +0100 (CET) Subject: SUSE-RU-2017:0640-1: Recommended update for evolution-data-server Message-ID: <20170309110958.EC6EBFFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for evolution-data-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0640-1 Rating: low References: #1016000 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides evolution-data-server version 3.20.6 which fixes the following issues: - Improve handling of the Google OAuth2 tokens in Calendar (bsc#1016000) - Junk check fails due to empty cache file - Avoid crash when untagged response doesn't have a token Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-313=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-313=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-313=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): evolution-data-server-3.20.6-16.7 evolution-data-server-32bit-3.20.6-16.7 evolution-data-server-debuginfo-3.20.6-16.7 evolution-data-server-debuginfo-32bit-3.20.6-16.7 evolution-data-server-debugsource-3.20.6-16.7 libcamel-1_2-57-3.20.6-16.7 libcamel-1_2-57-32bit-3.20.6-16.7 libcamel-1_2-57-debuginfo-3.20.6-16.7 libcamel-1_2-57-debuginfo-32bit-3.20.6-16.7 libebackend-1_2-10-3.20.6-16.7 libebackend-1_2-10-32bit-3.20.6-16.7 libebackend-1_2-10-debuginfo-3.20.6-16.7 libebackend-1_2-10-debuginfo-32bit-3.20.6-16.7 libebook-1_2-16-3.20.6-16.7 libebook-1_2-16-32bit-3.20.6-16.7 libebook-1_2-16-debuginfo-3.20.6-16.7 libebook-1_2-16-debuginfo-32bit-3.20.6-16.7 libebook-contacts-1_2-2-3.20.6-16.7 libebook-contacts-1_2-2-32bit-3.20.6-16.7 libebook-contacts-1_2-2-debuginfo-3.20.6-16.7 libebook-contacts-1_2-2-debuginfo-32bit-3.20.6-16.7 libecal-1_2-19-3.20.6-16.7 libecal-1_2-19-32bit-3.20.6-16.7 libecal-1_2-19-debuginfo-3.20.6-16.7 libecal-1_2-19-debuginfo-32bit-3.20.6-16.7 libedata-book-1_2-25-3.20.6-16.7 libedata-book-1_2-25-32bit-3.20.6-16.7 libedata-book-1_2-25-debuginfo-3.20.6-16.7 libedata-book-1_2-25-debuginfo-32bit-3.20.6-16.7 libedata-cal-1_2-28-3.20.6-16.7 libedata-cal-1_2-28-32bit-3.20.6-16.7 libedata-cal-1_2-28-debuginfo-3.20.6-16.7 libedata-cal-1_2-28-debuginfo-32bit-3.20.6-16.7 libedataserver-1_2-21-3.20.6-16.7 libedataserver-1_2-21-32bit-3.20.6-16.7 libedataserver-1_2-21-debuginfo-3.20.6-16.7 libedataserver-1_2-21-debuginfo-32bit-3.20.6-16.7 libedataserverui-1_2-1-3.20.6-16.7 libedataserverui-1_2-1-debuginfo-3.20.6-16.7 - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): evolution-data-server-lang-3.20.6-16.7 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): evolution-data-server-debuginfo-3.20.6-16.7 evolution-data-server-debugsource-3.20.6-16.7 evolution-data-server-devel-3.20.6-16.7 typelib-1_0-EBook-1_2-3.20.6-16.7 typelib-1_0-EBookContacts-1_2-3.20.6-16.7 typelib-1_0-EDataServer-1_2-3.20.6-16.7 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): evolution-data-server-lang-3.20.6-16.7 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): evolution-data-server-3.20.6-16.7 evolution-data-server-32bit-3.20.6-16.7 evolution-data-server-debuginfo-3.20.6-16.7 evolution-data-server-debuginfo-32bit-3.20.6-16.7 evolution-data-server-debugsource-3.20.6-16.7 libcamel-1_2-57-3.20.6-16.7 libcamel-1_2-57-32bit-3.20.6-16.7 libcamel-1_2-57-debuginfo-3.20.6-16.7 libcamel-1_2-57-debuginfo-32bit-3.20.6-16.7 libebackend-1_2-10-3.20.6-16.7 libebackend-1_2-10-32bit-3.20.6-16.7 libebackend-1_2-10-debuginfo-3.20.6-16.7 libebackend-1_2-10-debuginfo-32bit-3.20.6-16.7 libebook-1_2-16-3.20.6-16.7 libebook-1_2-16-32bit-3.20.6-16.7 libebook-1_2-16-debuginfo-3.20.6-16.7 libebook-1_2-16-debuginfo-32bit-3.20.6-16.7 libebook-contacts-1_2-2-3.20.6-16.7 libebook-contacts-1_2-2-32bit-3.20.6-16.7 libebook-contacts-1_2-2-debuginfo-3.20.6-16.7 libebook-contacts-1_2-2-debuginfo-32bit-3.20.6-16.7 libecal-1_2-19-3.20.6-16.7 libecal-1_2-19-32bit-3.20.6-16.7 libecal-1_2-19-debuginfo-3.20.6-16.7 libecal-1_2-19-debuginfo-32bit-3.20.6-16.7 libedata-book-1_2-25-3.20.6-16.7 libedata-book-1_2-25-32bit-3.20.6-16.7 libedata-book-1_2-25-debuginfo-3.20.6-16.7 libedata-book-1_2-25-debuginfo-32bit-3.20.6-16.7 libedata-cal-1_2-28-3.20.6-16.7 libedata-cal-1_2-28-32bit-3.20.6-16.7 libedata-cal-1_2-28-debuginfo-3.20.6-16.7 libedata-cal-1_2-28-debuginfo-32bit-3.20.6-16.7 libedataserver-1_2-21-3.20.6-16.7 libedataserver-1_2-21-32bit-3.20.6-16.7 libedataserver-1_2-21-debuginfo-3.20.6-16.7 libedataserver-1_2-21-debuginfo-32bit-3.20.6-16.7 libedataserverui-1_2-1-3.20.6-16.7 libedataserverui-1_2-1-debuginfo-3.20.6-16.7 References: https://bugzilla.suse.com/1016000 From sle-updates at lists.suse.com Thu Mar 9 07:08:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 15:08:24 +0100 (CET) Subject: SUSE-SU-2017:0641-1: moderate: Security update for dracut Message-ID: <20170309140824.0BBE41001A@maintenance.suse.de> SUSE Security Update: Security update for dracut ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0641-1 Rating: moderate References: #1005410 #1006118 #1007925 #1008340 #1017695 #986734 #986838 Cross-References: CVE-2016-8637 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has 6 fixes is now available. Description: This update for dracut fixes the following issues: Security issues fixed: - CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd would be read-only available for all users, allowing local users to retrieve secrets stored in the initial ramdisk. (bsc#1008340) Non security issues fixed: - Allow booting from degraded MD arrays with systemd. (bsc#1017695) - Start multipath services before local-fs-pre.target. (bsc#1005410, bsc#1006118, bsc#1007925, bsc#986734, bsc#986838) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-353=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-353=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): dracut-037-91.1 dracut-debuginfo-037-91.1 dracut-debugsource-037-91.1 dracut-fips-037-91.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): dracut-037-91.1 dracut-debuginfo-037-91.1 dracut-debugsource-037-91.1 References: https://www.suse.com/security/cve/CVE-2016-8637.html https://bugzilla.suse.com/1005410 https://bugzilla.suse.com/1006118 https://bugzilla.suse.com/1007925 https://bugzilla.suse.com/1008340 https://bugzilla.suse.com/1017695 https://bugzilla.suse.com/986734 https://bugzilla.suse.com/986838 From sle-updates at lists.suse.com Thu Mar 9 07:10:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 15:10:37 +0100 (CET) Subject: SUSE-RU-2017:0642-1: Recommended update for timezone Message-ID: <20170309141037.D4D321001A@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0642-1 Rating: low References: #1024676 #1024677 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides the latest timezone information (2017a) for your system, including the following changes: - Mongolia no longer observes DST. (bsc#1024676) - Chile's Region of Magallanes moves from -04/-03 to -03 year-round starting 2017-05-13 23:00. Split from America/Santiago creating a new zone America/Punta_Arenas. Also affects Antarctica/Palmer. (bsc#1024677) - Fixes to historical time stamps: Spain, Ecuador, Atyrau, Oral. - Switch to numeric, or commonly used time zone abbreviations. - zic(8) no longer mishandles some transitions in January 2038. - date and strftime now cause %z to generate "-0000" instead of "+0000" when the UT offset is zero and the time zone abbreviation begins with "-". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-timezone-13018=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-timezone-13018=1 - SUSE Manager 2.1: zypper in -t patch sleman21-timezone-13018=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-timezone-13018=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-timezone-13018=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-timezone-13018=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-timezone-13018=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-timezone-13018=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-timezone-13018=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): timezone-java-2017a-0.48.2 - SUSE OpenStack Cloud 5 (x86_64): timezone-2017a-0.48.1 - SUSE Manager Proxy 2.1 (x86_64): timezone-2017a-0.48.1 - SUSE Manager Proxy 2.1 (noarch): timezone-java-2017a-0.48.2 - SUSE Manager 2.1 (s390x x86_64): timezone-2017a-0.48.1 - SUSE Manager 2.1 (noarch): timezone-java-2017a-0.48.2 - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): timezone-java-2017a-0.48.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): timezone-2017a-0.48.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): timezone-java-2017a-0.48.2 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): timezone-2017a-0.48.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): timezone-java-2017a-0.48.2 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): timezone-java-2017a-0.48.2 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): timezone-2017a-0.48.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): timezone-debuginfo-2017a-0.48.1 timezone-debugsource-2017a-0.48.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): timezone-debuginfo-2017a-0.48.1 timezone-debugsource-2017a-0.48.1 References: https://bugzilla.suse.com/1024676 https://bugzilla.suse.com/1024677 From sle-updates at lists.suse.com Thu Mar 9 07:11:10 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 15:11:10 +0100 (CET) Subject: SUSE-RU-2017:0643-1: Recommended update for timezone Message-ID: <20170309141110.8EBAB1001C@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0643-1 Rating: low References: #1024676 #1024677 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides the latest timezone information (2017a) for your system, including the following changes: - Mongolia no longer observes DST. (bsc#1024676) - Chile's Region of Magallanes moves from -04/-03 to -03 year-round starting 2017-05-13 23:00. Split from America/Santiago creating a new zone America/Punta_Arenas. Also affects Antarctica/Palmer. (bsc#1024677) - Fixes to historical time stamps: Spain, Ecuador, Atyrau, Oral. - Switch to numeric, or commonly used time zone abbreviations. - zic(8) no longer mishandles some transitions in January 2038. - date and strftime now cause %z to generate "-0000" instead of "+0000" when the UT offset is zero and the time zone abbreviation begins with "-". Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-354=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-354=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-354=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-354=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-354=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-354=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-354=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-354=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): timezone-java-2017a-0.70.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): timezone-java-2017a-0.70.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): timezone-2017a-70.1 timezone-debuginfo-2017a-70.1 timezone-debugsource-2017a-70.1 References: https://bugzilla.suse.com/1024676 https://bugzilla.suse.com/1024677 From sle-updates at lists.suse.com Thu Mar 9 07:11:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 15:11:43 +0100 (CET) Subject: SUSE-SU-2017:0644-1: moderate: Security update for xorg-x11-libX11 Message-ID: <20170309141143.E387F1001C@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-libX11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0644-1 Rating: moderate References: #1019642 Cross-References: CVE-2013-1997 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xorg-x11-libX11 fixes the following issues: - a regression introduced by the security fix for CVE-2013-1997 (bnc#824294). Keyboard mappings for special characters on Non-English keyboards might have been broken. (bnc#1019642) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xorg-x11-libX11-13017=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xorg-x11-libX11-13017=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xorg-x11-libX11-13017=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libX11-devel-7.4-5.11.68.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): xorg-x11-libX11-devel-32bit-7.4-5.11.68.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libX11-7.4-5.11.68.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): xorg-x11-libX11-32bit-7.4-5.11.68.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): xorg-x11-libX11-x86-7.4-5.11.68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): xorg-x11-libX11-debuginfo-7.4-5.11.68.1 xorg-x11-libX11-debugsource-7.4-5.11.68.1 References: https://www.suse.com/security/cve/CVE-2013-1997.html https://bugzilla.suse.com/1019642 From sle-updates at lists.suse.com Thu Mar 9 10:08:59 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 18:08:59 +0100 (CET) Subject: SUSE-RU-2017:0645-1: moderate: Recommended update for gtk3 Message-ID: <20170309170859.D757A1001A@maintenance.suse.de> SUSE Recommended Update: Recommended update for gtk3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0645-1 Rating: moderate References: #1021476 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The GTK3 library was updated to version 3.20.10, which brings many stability fixes. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-356=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-356=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-356=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-356=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): gtk3-debugsource-3.20.10-13.1 gtk3-devel-3.20.10-13.1 gtk3-devel-debuginfo-3.20.10-13.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): gtk3-debugsource-3.20.10-13.1 gtk3-tools-3.20.10-13.1 gtk3-tools-debuginfo-3.20.10-13.1 libgtk-3-0-3.20.10-13.1 libgtk-3-0-debuginfo-3.20.10-13.1 typelib-1_0-Gtk-3_0-3.20.10-13.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): gtk3-data-3.20.10-13.1 gtk3-lang-3.20.10-13.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): gtk3-debugsource-3.20.10-13.1 gtk3-tools-3.20.10-13.1 gtk3-tools-debuginfo-3.20.10-13.1 libgtk-3-0-3.20.10-13.1 libgtk-3-0-debuginfo-3.20.10-13.1 typelib-1_0-Gtk-3_0-3.20.10-13.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): gtk3-tools-32bit-3.20.10-13.1 gtk3-tools-debuginfo-32bit-3.20.10-13.1 libgtk-3-0-32bit-3.20.10-13.1 libgtk-3-0-debuginfo-32bit-3.20.10-13.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): gtk3-data-3.20.10-13.1 gtk3-lang-3.20.10-13.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): gtk3-data-3.20.10-13.1 gtk3-lang-3.20.10-13.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): gtk3-debugsource-3.20.10-13.1 gtk3-tools-3.20.10-13.1 gtk3-tools-32bit-3.20.10-13.1 gtk3-tools-debuginfo-3.20.10-13.1 gtk3-tools-debuginfo-32bit-3.20.10-13.1 libgtk-3-0-3.20.10-13.1 libgtk-3-0-32bit-3.20.10-13.1 libgtk-3-0-debuginfo-3.20.10-13.1 libgtk-3-0-debuginfo-32bit-3.20.10-13.1 typelib-1_0-Gtk-3_0-3.20.10-13.1 References: https://bugzilla.suse.com/1021476 From sle-updates at lists.suse.com Thu Mar 9 13:07:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Mar 2017 21:07:34 +0100 (CET) Subject: SUSE-RU-2017:0646-1: Recommended update for jasper Message-ID: <20170309200734.ED2D110019@maintenance.suse.de> SUSE Recommended Update: Recommended update for jasper ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0646-1 Rating: low References: #1028070 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for jasper provides the following fixes: - Add -D_BSD_SOURCE to fix redefinition of system types in jas_config.h, which could lead to build failures on ppc64le, s390 and s390x. (bsc#1028070) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-357=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-357=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-357=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-357=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-357=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-357=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-357=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper-devel-1.900.14-187.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper-devel-1.900.14-187.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper1-1.900.14-187.1 libjasper1-debuginfo-1.900.14-187.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper1-1.900.14-187.1 libjasper1-debuginfo-1.900.14-187.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libjasper1-32bit-1.900.14-187.1 libjasper1-debuginfo-32bit-1.900.14-187.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper1-1.900.14-187.1 libjasper1-debuginfo-1.900.14-187.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libjasper1-32bit-1.900.14-187.1 libjasper1-debuginfo-32bit-1.900.14-187.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper1-1.900.14-187.1 libjasper1-32bit-1.900.14-187.1 libjasper1-debuginfo-1.900.14-187.1 libjasper1-debuginfo-32bit-1.900.14-187.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): jasper-debuginfo-1.900.14-187.1 jasper-debugsource-1.900.14-187.1 libjasper1-1.900.14-187.1 libjasper1-32bit-1.900.14-187.1 libjasper1-debuginfo-1.900.14-187.1 libjasper1-debuginfo-32bit-1.900.14-187.1 References: https://bugzilla.suse.com/1028070 From sle-updates at lists.suse.com Thu Mar 9 16:07:35 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 00:07:35 +0100 (CET) Subject: SUSE-SU-2017:0647-1: important: Security update for xen Message-ID: <20170309230735.8BC67FF5E@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0647-1 Rating: important References: #1000195 #1002496 #1013657 #1013668 #1014490 #1014507 #1015169 #1016340 #1022627 #1022871 #1023004 #1024183 #1024186 #1024307 #1024834 #1025188 #907805 #987002 Cross-References: CVE-2014-8106 CVE-2016-10155 CVE-2016-9101 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 CVE-2017-2615 CVE-2017-2620 CVE-2017-5579 CVE-2017-5856 CVE-2017-5898 CVE-2017-5973 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 14 vulnerabilities and has four fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025188) - CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183) - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834) - CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1024186) - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS (bsc#1024307) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805) - CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1022627) - CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014490) - CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668) - CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657) - A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871) These non-security issues were fixed: - bsc#1000195: Prevent panic on CPU0 while booting on SLES 11 SP3 - bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd - bsc#987002: Prevent crash of domU' after they were migrated from SP3 HV to SP4 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-13019=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-13019=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-13019=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_14-51.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_14_3.0.101_94-51.1 xen-libs-4.4.4_14-51.1 xen-tools-domU-4.4.4_14-51.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_14-51.1 xen-doc-html-4.4.4_14-51.1 xen-libs-32bit-4.4.4_14-51.1 xen-tools-4.4.4_14-51.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_14_3.0.101_94-51.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_14-51.1 xen-debugsource-4.4.4_14-51.1 References: https://www.suse.com/security/cve/CVE-2014-8106.html https://www.suse.com/security/cve/CVE-2016-10155.html https://www.suse.com/security/cve/CVE-2016-9101.html https://www.suse.com/security/cve/CVE-2016-9776.html https://www.suse.com/security/cve/CVE-2016-9907.html https://www.suse.com/security/cve/CVE-2016-9911.html https://www.suse.com/security/cve/CVE-2016-9921.html https://www.suse.com/security/cve/CVE-2016-9922.html https://www.suse.com/security/cve/CVE-2017-2615.html https://www.suse.com/security/cve/CVE-2017-2620.html https://www.suse.com/security/cve/CVE-2017-5579.html https://www.suse.com/security/cve/CVE-2017-5856.html https://www.suse.com/security/cve/CVE-2017-5898.html https://www.suse.com/security/cve/CVE-2017-5973.html https://bugzilla.suse.com/1000195 https://bugzilla.suse.com/1002496 https://bugzilla.suse.com/1013657 https://bugzilla.suse.com/1013668 https://bugzilla.suse.com/1014490 https://bugzilla.suse.com/1014507 https://bugzilla.suse.com/1015169 https://bugzilla.suse.com/1016340 https://bugzilla.suse.com/1022627 https://bugzilla.suse.com/1022871 https://bugzilla.suse.com/1023004 https://bugzilla.suse.com/1024183 https://bugzilla.suse.com/1024186 https://bugzilla.suse.com/1024307 https://bugzilla.suse.com/1024834 https://bugzilla.suse.com/1025188 https://bugzilla.suse.com/907805 https://bugzilla.suse.com/987002 From sle-updates at lists.suse.com Fri Mar 10 10:08:22 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 18:08:22 +0100 (CET) Subject: SUSE-RU-2017:0651-1: moderate: Recommended update for crowbar-ha Message-ID: <20170310170822.F358EFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for crowbar-ha ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0651-1 Rating: moderate References: #1001164 #971771 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for crowbar-ha fixes the following issues: - corosync: Increase various timeouts. (bsc#1001164) - corosync: Don't restart when corosync.conf changes. (bsc#1001164) - drbd: Add missing call to "drbdadm up" on setup. - drbd: Do not use drbd-overview while creating the drbd resource. - crowbar-pacemaker: Do not start or restart drbd service. (bsc#971771) - crowbar-pacemaker: Don't tell systemd to enable drbd. (bsc#971771) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-360=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (noarch): crowbar-ha-3.0+git.1484155881.c5ce757-10.1 References: https://bugzilla.suse.com/1001164 https://bugzilla.suse.com/971771 From sle-updates at lists.suse.com Fri Mar 10 10:10:30 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 18:10:30 +0100 (CET) Subject: SUSE-SU-2017:0656-1: moderate: Security update for tcpdump Message-ID: <20170310171030.5C814FFC5@maintenance.suse.de> SUSE Security Update: Security update for tcpdump ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0656-1 Rating: moderate References: #1020940 Cross-References: CVE-2016-7922 CVE-2016-7923 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7931 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 28 vulnerabilities is now available. Description: This update for tcpdump fixes the following issues: Security issues fixed (bsc#1020940): - CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print(). - CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print(). - CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print(). - CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print(). - CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print(). - CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print(). - CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print(). - CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print(). - CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print(). - CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions). - CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions). - CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c. - CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions). - CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print(). - CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print(). - CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c. - CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.). - CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print(). - CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print(). - CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print(). - CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print(). - CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse(). - CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print(). - CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap(). - CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print(). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-tcpdump-13021=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-tcpdump-13021=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): tcpdump-3.9.8-1.29.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): tcpdump-debuginfo-3.9.8-1.29.1 tcpdump-debugsource-3.9.8-1.29.1 References: https://www.suse.com/security/cve/CVE-2016-7922.html https://www.suse.com/security/cve/CVE-2016-7923.html https://www.suse.com/security/cve/CVE-2016-7925.html https://www.suse.com/security/cve/CVE-2016-7926.html https://www.suse.com/security/cve/CVE-2016-7927.html https://www.suse.com/security/cve/CVE-2016-7928.html https://www.suse.com/security/cve/CVE-2016-7931.html https://www.suse.com/security/cve/CVE-2016-7934.html https://www.suse.com/security/cve/CVE-2016-7935.html https://www.suse.com/security/cve/CVE-2016-7936.html https://www.suse.com/security/cve/CVE-2016-7937.html https://www.suse.com/security/cve/CVE-2016-7939.html https://www.suse.com/security/cve/CVE-2016-7940.html https://www.suse.com/security/cve/CVE-2016-7973.html https://www.suse.com/security/cve/CVE-2016-7974.html https://www.suse.com/security/cve/CVE-2016-7975.html https://www.suse.com/security/cve/CVE-2016-7983.html https://www.suse.com/security/cve/CVE-2016-7984.html https://www.suse.com/security/cve/CVE-2016-7992.html https://www.suse.com/security/cve/CVE-2016-7993.html https://www.suse.com/security/cve/CVE-2016-8574.html https://www.suse.com/security/cve/CVE-2017-5202.html https://www.suse.com/security/cve/CVE-2017-5203.html https://www.suse.com/security/cve/CVE-2017-5204.html https://www.suse.com/security/cve/CVE-2017-5483.html https://www.suse.com/security/cve/CVE-2017-5484.html https://www.suse.com/security/cve/CVE-2017-5485.html https://www.suse.com/security/cve/CVE-2017-5486.html https://bugzilla.suse.com/1020940 From sle-updates at lists.suse.com Fri Mar 10 10:11:13 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 18:11:13 +0100 (CET) Subject: SUSE-RU-2017:0658-1: Recommended update for release-notes-sles Message-ID: <20170310171113.8D64EFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0658-1 Rating: low References: #1016953 #1027428 #1027463 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12 SP1 have been updated to document: - Software Requiring Specific Contracts (fate#316990) - Added information about non-L3 supported software (bsc#1027428) - KVM Nested Virtualization (fate#316354) - Memory Compression with zswap (fate#318829, bsc#1016953) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-361=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): release-notes-sles-12.1.20170301-25.12.1 References: https://bugzilla.suse.com/1016953 https://bugzilla.suse.com/1027428 https://bugzilla.suse.com/1027463 From sle-updates at lists.suse.com Fri Mar 10 10:11:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 18:11:56 +0100 (CET) Subject: SUSE-RU-2017:0659-1: Recommended update for release-notes-sles Message-ID: <20170310171156.2176EFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0659-1 Rating: low References: #1016953 #1027428 #1027455 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 12 SP2 have been updated to document: - Software Requiring Specific Contracts (fate#316990) - Added information about non-L3 supported software (bsc#1027428) - KVM Nested Virtualization (fate#316354) - Server Component of Puppet Is Deprecated (fate#321117) - Enhanced Accounting and Reporting of shmem Swap Usage (fate#313774) - Memory Compression with zswap (fate#318829) - Online Migration with Live Patching Enabled (fate#321493) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-362=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-362=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): release-notes-sles-12.2.20170301-5.13.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): release-notes-sles-12.2.20170301-5.13.1 References: https://bugzilla.suse.com/1016953 https://bugzilla.suse.com/1027428 https://bugzilla.suse.com/1027455 From sle-updates at lists.suse.com Fri Mar 10 13:08:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 21:08:05 +0100 (CET) Subject: SUSE-RU-2017:0660-1: Recommended update for xorg-x11-server, xf86-video-qxl Message-ID: <20170310200805.41DD7FFDA@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-server, xf86-video-qxl ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0660-1 Rating: low References: #1021865 #1022050 #1025002 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for xorg-x11-server and xf86-video-qxl provides the following fixes: - Fix unpainted areas when glamor is in use. (bsc#1022050) - Fix 8-bit depth support. (fate#321052 bsc#1021865) - Prevent crash in qxl driver caused by X server fix. (bsc#1025002) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-364=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-364=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-364=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-364=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): xorg-x11-server-debuginfo-7.6_1.18.3-61.4 xorg-x11-server-debugsource-7.6_1.18.3-61.4 xorg-x11-server-sdk-7.6_1.18.3-61.4 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): xf86-video-qxl-0.1.4-10.9 xf86-video-qxl-debuginfo-0.1.4-10.9 xf86-video-qxl-debugsource-0.1.4-10.9 xorg-x11-server-7.6_1.18.3-61.4 xorg-x11-server-debuginfo-7.6_1.18.3-61.4 xorg-x11-server-debugsource-7.6_1.18.3-61.4 xorg-x11-server-extra-7.6_1.18.3-61.4 xorg-x11-server-extra-debuginfo-7.6_1.18.3-61.4 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): xf86-video-qxl-0.1.4-10.9 xf86-video-qxl-debuginfo-0.1.4-10.9 xf86-video-qxl-debugsource-0.1.4-10.9 xorg-x11-server-7.6_1.18.3-61.4 xorg-x11-server-debuginfo-7.6_1.18.3-61.4 xorg-x11-server-debugsource-7.6_1.18.3-61.4 xorg-x11-server-extra-7.6_1.18.3-61.4 xorg-x11-server-extra-debuginfo-7.6_1.18.3-61.4 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): xf86-video-qxl-0.1.4-10.9 xf86-video-qxl-debuginfo-0.1.4-10.9 xf86-video-qxl-debugsource-0.1.4-10.9 xorg-x11-server-7.6_1.18.3-61.4 xorg-x11-server-debuginfo-7.6_1.18.3-61.4 xorg-x11-server-debugsource-7.6_1.18.3-61.4 xorg-x11-server-extra-7.6_1.18.3-61.4 xorg-x11-server-extra-debuginfo-7.6_1.18.3-61.4 References: https://bugzilla.suse.com/1021865 https://bugzilla.suse.com/1022050 https://bugzilla.suse.com/1025002 From sle-updates at lists.suse.com Fri Mar 10 13:08:55 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 21:08:55 +0100 (CET) Subject: SUSE-SU-2017:0661-1: important: Security update for qemu Message-ID: <20170310200855.773E1FFE1@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0661-1 Rating: important References: #1013285 #1014109 #1014111 #1014702 #1015048 #1015169 #1016779 #1021129 #1022541 #1023004 #1023053 #1023907 #1024972 Cross-References: CVE-2016-10155 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 CVE-2017-2615 CVE-2017-2620 CVE-2017-5667 CVE-2017-5856 CVE-2017-5898 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves 11 vulnerabilities and has two fixes is now available. Description: This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024972) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1023053) - CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013285) - CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014111) - CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014109) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702) - CVE-2017-5667: The SDHCI device emulation support was vulnerable to an OOB heap access issue allowing a privileged user inside the guest to crash the Qemu process resulting in DoS or potentially execute arbitrary code with privileges of the Qemu process on the host (bsc#1022541) - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow allowing a privileged user inside the guest to crash the Qemu process resulting in DoS (bnc#1023907) - CVE-2016-10155: The i6300esb watchdog emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to leak memory on the host resulting in DoS (bnc#1021129) These non-security issues were fixed: - Fixed various inaccuracies in cirrus vga device emulation - Fixed virtio interface failure (bsc#1015048) - Fixed graphical update errors introduced by previous security fix (bsc#1016779) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-366=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-366=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (noarch): qemu-ipxe-1.0.0-48.31.1 qemu-seabios-1.7.4-48.31.1 qemu-sgabios-8-48.31.1 qemu-vgabios-1.7.4-48.31.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): qemu-2.0.2-48.31.1 qemu-block-curl-2.0.2-48.31.1 qemu-block-curl-debuginfo-2.0.2-48.31.1 qemu-block-rbd-2.0.2-48.31.1 qemu-block-rbd-debuginfo-2.0.2-48.31.1 qemu-debugsource-2.0.2-48.31.1 qemu-guest-agent-2.0.2-48.31.1 qemu-guest-agent-debuginfo-2.0.2-48.31.1 qemu-kvm-2.0.2-48.31.1 qemu-lang-2.0.2-48.31.1 qemu-tools-2.0.2-48.31.1 qemu-tools-debuginfo-2.0.2-48.31.1 qemu-x86-2.0.2-48.31.1 qemu-x86-debuginfo-2.0.2-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): qemu-2.0.2-48.31.1 qemu-block-curl-2.0.2-48.31.1 qemu-block-curl-debuginfo-2.0.2-48.31.1 qemu-debugsource-2.0.2-48.31.1 qemu-guest-agent-2.0.2-48.31.1 qemu-guest-agent-debuginfo-2.0.2-48.31.1 qemu-lang-2.0.2-48.31.1 qemu-tools-2.0.2-48.31.1 qemu-tools-debuginfo-2.0.2-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): qemu-kvm-2.0.2-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le): qemu-ppc-2.0.2-48.31.1 qemu-ppc-debuginfo-2.0.2-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): qemu-block-rbd-2.0.2-48.31.1 qemu-block-rbd-debuginfo-2.0.2-48.31.1 qemu-x86-2.0.2-48.31.1 qemu-x86-debuginfo-2.0.2-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): qemu-ipxe-1.0.0-48.31.1 qemu-seabios-1.7.4-48.31.1 qemu-sgabios-8-48.31.1 qemu-vgabios-1.7.4-48.31.1 - SUSE Linux Enterprise Server 12-LTSS (s390x): qemu-s390-2.0.2-48.31.1 qemu-s390-debuginfo-2.0.2-48.31.1 References: https://www.suse.com/security/cve/CVE-2016-10155.html https://www.suse.com/security/cve/CVE-2016-9776.html https://www.suse.com/security/cve/CVE-2016-9907.html https://www.suse.com/security/cve/CVE-2016-9911.html https://www.suse.com/security/cve/CVE-2016-9921.html https://www.suse.com/security/cve/CVE-2016-9922.html https://www.suse.com/security/cve/CVE-2017-2615.html https://www.suse.com/security/cve/CVE-2017-2620.html https://www.suse.com/security/cve/CVE-2017-5667.html https://www.suse.com/security/cve/CVE-2017-5856.html https://www.suse.com/security/cve/CVE-2017-5898.html https://bugzilla.suse.com/1013285 https://bugzilla.suse.com/1014109 https://bugzilla.suse.com/1014111 https://bugzilla.suse.com/1014702 https://bugzilla.suse.com/1015048 https://bugzilla.suse.com/1015169 https://bugzilla.suse.com/1016779 https://bugzilla.suse.com/1021129 https://bugzilla.suse.com/1022541 https://bugzilla.suse.com/1023004 https://bugzilla.suse.com/1023053 https://bugzilla.suse.com/1023907 https://bugzilla.suse.com/1024972 From sle-updates at lists.suse.com Fri Mar 10 13:11:23 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Mar 2017 21:11:23 +0100 (CET) Subject: SUSE-RU-2017:0662-1: Recommended update for sg3_utils Message-ID: <20170310201123.467B9FFE1@maintenance.suse.de> SUSE Recommended Update: Recommended update for sg3_utils ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0662-1 Rating: low References: #1006175 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for sg3_utils fixes the following issue: - Add udev rules to handle legacy CCISS devices (bsc#1006175) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-365=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-365=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-365=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-365=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libsgutils-devel-1.43-15.4 sg3_utils-debuginfo-1.43-15.4 sg3_utils-debugsource-1.43-15.4 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libsgutils2-2-1.43-15.4 libsgutils2-2-debuginfo-1.43-15.4 sg3_utils-1.43-15.4 sg3_utils-debuginfo-1.43-15.4 sg3_utils-debugsource-1.43-15.4 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libsgutils2-2-1.43-15.4 libsgutils2-2-debuginfo-1.43-15.4 sg3_utils-1.43-15.4 sg3_utils-debuginfo-1.43-15.4 sg3_utils-debugsource-1.43-15.4 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libsgutils2-2-1.43-15.4 libsgutils2-2-debuginfo-1.43-15.4 sg3_utils-1.43-15.4 sg3_utils-debuginfo-1.43-15.4 sg3_utils-debugsource-1.43-15.4 References: https://bugzilla.suse.com/1006175 From sle-updates at lists.suse.com Mon Mar 13 08:21:45 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Mar 2017 15:21:45 +0100 (CET) Subject: SUSE-RU-2017:0672-1: Recommended update for cloud-regionsrv-client Message-ID: <20170313142145.CAF9FFFD5@maintenance.suse.de> SUSE Recommended Update: Recommended update for cloud-regionsrv-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0672-1 Rating: low References: #1027298 #1027299 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for cloud-regionsrv-client provides the following fixes: - Set the current SMT server after failover. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-367=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): cloud-regionsrv-client-7.0.3-48.1 cloud-regionsrv-client-generic-config-1.0.0-48.1 cloud-regionsrv-client-plugin-gce-1.0.0-48.1 References: https://bugzilla.suse.com/1027298 https://bugzilla.suse.com/1027299 From sle-updates at lists.suse.com Mon Mar 13 14:08:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Mar 2017 21:08:19 +0100 (CET) Subject: SUSE-RU-2017:0683-1: Recommended update for cloud-init Message-ID: <20170313200819.950D7FFDD@maintenance.suse.de> SUSE Recommended Update: Recommended update for cloud-init ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0683-1 Rating: low References: #1017832 #1024709 #930524 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for cloud-init provides the following fixes: - Do not set mount options for ephemeral drive, use the defaults that are built into the code. (bsc#930524) - Fix path to cloud-init.target in cloud-init-generator. (bsc#1024709) - Exit with a proper error message when user attempts to use the "query" command. (bsc#1017832) - Require net-tools for network setup. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-369=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-369=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (aarch64 ppc64le s390x x86_64): cloud-init-0.7.8-36.1 cloud-init-config-suse-0.7.8-36.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): cloud-init-0.7.8-36.1 References: https://bugzilla.suse.com/1017832 https://bugzilla.suse.com/1024709 https://bugzilla.suse.com/930524 From sle-updates at lists.suse.com Mon Mar 13 14:09:03 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Mar 2017 21:09:03 +0100 (CET) Subject: SUSE-RU-2017:0684-1: Recommended update for susemanager-sync-data Message-ID: <20170313200903.95E4DFFDD@maintenance.suse.de> SUSE Recommended Update: Recommended update for susemanager-sync-data ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0684-1 Rating: low References: #1026696 Affected Products: SUSE Manager Server 3.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for susemanager-sync-data adds support for SUSE Manager Proxy 3.0 as extension for SUSE Linux Enterprise Server 12 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-370=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (noarch): susemanager-sync-data-3.0.15-21.1 References: https://bugzilla.suse.com/1026696 From sle-updates at lists.suse.com Mon Mar 13 14:09:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Mar 2017 21:09:24 +0100 (CET) Subject: SUSE-RU-2017:0685-1: Recommended update for cloud-regionsrv-client Message-ID: <20170313200924.56F05FFDD@maintenance.suse.de> SUSE Recommended Update: Recommended update for cloud-regionsrv-client ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0685-1 Rating: low References: #1024794 #1027298 #1027299 Affected Products: SUSE Linux Enterprise Server 11-PUBCLOUD ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for cloud-regionsrv-client provides the following fixes: - Set the current SMT server after failover. - Fix list name for loops in failover code path. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-PUBCLOUD: zypper in -t patch pubclsp3-cloud-regionsrv-client-13022=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-PUBCLOUD (i586 ia64 ppc64 s390x x86_64): cloud-regionsrv-client-7.0.3-24.1 References: https://bugzilla.suse.com/1024794 https://bugzilla.suse.com/1027298 https://bugzilla.suse.com/1027299 From sle-updates at lists.suse.com Mon Mar 13 17:07:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 14 Mar 2017 00:07:19 +0100 (CET) Subject: SUSE-RU-2017:0686-1: important: Recommended update for xorg-x11-server Message-ID: <20170313230719.ED2F9FC53@maintenance.suse.de> SUSE Recommended Update: Recommended update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0686-1 Rating: important References: #1029093 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for xorg-x11-server fixes a regression caused by adding 8-bit depth support. (bsc#1029093) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-372=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-372=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-372=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-372=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): xorg-x11-server-debuginfo-7.6_1.18.3-64.1 xorg-x11-server-debugsource-7.6_1.18.3-64.1 xorg-x11-server-sdk-7.6_1.18.3-64.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): xorg-x11-server-7.6_1.18.3-64.1 xorg-x11-server-debuginfo-7.6_1.18.3-64.1 xorg-x11-server-debugsource-7.6_1.18.3-64.1 xorg-x11-server-extra-7.6_1.18.3-64.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-64.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): xorg-x11-server-7.6_1.18.3-64.1 xorg-x11-server-debuginfo-7.6_1.18.3-64.1 xorg-x11-server-debugsource-7.6_1.18.3-64.1 xorg-x11-server-extra-7.6_1.18.3-64.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-64.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): xorg-x11-server-7.6_1.18.3-64.1 xorg-x11-server-debuginfo-7.6_1.18.3-64.1 xorg-x11-server-debugsource-7.6_1.18.3-64.1 xorg-x11-server-extra-7.6_1.18.3-64.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-64.1 References: https://bugzilla.suse.com/1029093 From sle-updates at lists.suse.com Tue Mar 14 11:10:00 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 14 Mar 2017 18:10:00 +0100 (CET) Subject: SUSE-RU-2017:0691-1: Recommended update for spice-gtk Message-ID: <20170314171000.2500710019@maintenance.suse.de> SUSE Recommended Update: Recommended update for spice-gtk ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0691-1 Rating: low References: #1010188 #1016291 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for spice-gtk fixes the following issues: - Fix virt-manager crash when used over ssh X redirection (bsc#1010188) - Fix numlocks / capslocks problems (bsc#1016291) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-373=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-373=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-373=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-373=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): spice-gtk-debuginfo-0.31-9.5 spice-gtk-debugsource-0.31-9.5 spice-gtk-devel-0.31-9.5 typelib-1_0-SpiceClientGtk-2_0-0.31-9.5 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libspice-client-glib-2_0-8-0.31-9.5 libspice-client-glib-2_0-8-debuginfo-0.31-9.5 libspice-client-glib-helper-0.31-9.5 libspice-client-glib-helper-debuginfo-0.31-9.5 libspice-client-gtk-2_0-4-0.31-9.5 libspice-client-gtk-2_0-4-debuginfo-0.31-9.5 libspice-client-gtk-3_0-4-0.31-9.5 libspice-client-gtk-3_0-4-debuginfo-0.31-9.5 libspice-controller0-0.31-9.5 libspice-controller0-debuginfo-0.31-9.5 spice-gtk-debuginfo-0.31-9.5 spice-gtk-debugsource-0.31-9.5 typelib-1_0-SpiceClientGlib-2_0-0.31-9.5 typelib-1_0-SpiceClientGtk-3_0-0.31-9.5 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libspice-client-glib-2_0-8-0.31-9.5 libspice-client-glib-2_0-8-debuginfo-0.31-9.5 libspice-client-glib-helper-0.31-9.5 libspice-client-glib-helper-debuginfo-0.31-9.5 libspice-client-gtk-2_0-4-0.31-9.5 libspice-client-gtk-2_0-4-debuginfo-0.31-9.5 libspice-client-gtk-3_0-4-0.31-9.5 libspice-client-gtk-3_0-4-debuginfo-0.31-9.5 libspice-controller0-0.31-9.5 libspice-controller0-debuginfo-0.31-9.5 spice-gtk-debuginfo-0.31-9.5 spice-gtk-debugsource-0.31-9.5 typelib-1_0-SpiceClientGlib-2_0-0.31-9.5 typelib-1_0-SpiceClientGtk-3_0-0.31-9.5 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libspice-client-glib-2_0-8-0.31-9.5 libspice-client-glib-2_0-8-debuginfo-0.31-9.5 libspice-client-glib-helper-0.31-9.5 libspice-client-glib-helper-debuginfo-0.31-9.5 libspice-client-gtk-2_0-4-0.31-9.5 libspice-client-gtk-2_0-4-debuginfo-0.31-9.5 libspice-client-gtk-3_0-4-0.31-9.5 libspice-client-gtk-3_0-4-debuginfo-0.31-9.5 libspice-controller0-0.31-9.5 libspice-controller0-debuginfo-0.31-9.5 spice-gtk-debuginfo-0.31-9.5 spice-gtk-debugsource-0.31-9.5 typelib-1_0-SpiceClientGlib-2_0-0.31-9.5 typelib-1_0-SpiceClientGtk-3_0-0.31-9.5 References: https://bugzilla.suse.com/1010188 https://bugzilla.suse.com/1016291 From sle-updates at lists.suse.com Tue Mar 14 23:08:36 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 06:08:36 +0100 (CET) Subject: SUSE-RU-2017:0692-1: moderate: Recommended update for systemd Message-ID: <20170315050836.C582FFFD9@maintenance.suse.de> SUSE Recommended Update: Recommended update for systemd ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0692-1 Rating: moderate References: #1001790 #1005404 #1005497 #1012266 #1012591 #1013989 #1018399 #1020083 #909418 #912715 #945340 #963290 #964168 #968183 #990538 #997682 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that has 16 recommended fixes can now be installed. Description: This update for systemd provides the following fixes: - rule: Don't automatically online standby memory on s390x. (bsc#997682) - systemctl: Remove duplicate entries showed by list-dependencies. (bsc#1012266) - systemctl: Add ConsistsOf as the inverse of PartOf. (bsc#1020083) - man: Reword list-dependencies description. - man: Improve description of systemctl's --after/--before. - rules: Set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 only with ADD event. (bsc#963290, bsc#990538) - core: Make sure to not call device_is_bound_by_mounts() when dev is null. (bsc#1018399) - core: Make mount units from /proc/self/mountinfo possibly bind to a device. (bsc#909418, bsc#912715, bsc#945340) - core: Do not bind a mount unit to a device, if it was from mountinfo. - rules: Don't ignore CDROM devices even if not ready. - unit: Use weaker dependencies between mount and device units in --user mode. - rules: Clean up stale CD drive mounts after ejection. - core: Add dependencies to dynamically mounted mounts too. - fstab-generator: Remove bogus condition. (bsc#1013989) - coredumpctl: Let gdb handle the SIGINT signal. (bsc#1012591) - Rename kbd-model-map-extra into kbd-model-map.legacy. - man: Explain that *KeyIgnoreInhibited only apply to a subset of locks. - Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf". (bsc#1001790, bsc#1005404) - systemctl: Make sure list-jobs doesn't return failure on success. (bsc#1005497) - manager: Be stricter with incoming notifications, warn properly about too large ones. - manager: Don't ever busy loop when we get a notification message we can't process. - Disable seccomp for ppc64le. (bsc#964168) - Add "mac-us" to kbd-model-map-extra. (bsc#968183) - Add kbd-model-map-extra file which contains the additional maps needed by YaST. - Drop localfs.service: unused and not needed anymore. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-375=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-375=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (noarch): systemd-bash-completion-210-70.61.5 - SUSE Linux Enterprise Server for SAP 12 (x86_64): libgudev-1_0-0-210-70.61.5 libgudev-1_0-0-32bit-210-70.61.5 libgudev-1_0-0-debuginfo-210-70.61.5 libgudev-1_0-0-debuginfo-32bit-210-70.61.5 libudev1-210-70.61.5 libudev1-32bit-210-70.61.5 libudev1-debuginfo-210-70.61.5 libudev1-debuginfo-32bit-210-70.61.5 systemd-210-70.61.5 systemd-32bit-210-70.61.5 systemd-debuginfo-210-70.61.5 systemd-debuginfo-32bit-210-70.61.5 systemd-debugsource-210-70.61.5 systemd-sysvinit-210-70.61.5 udev-210-70.61.5 udev-debuginfo-210-70.61.5 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): libgudev-1_0-0-210-70.61.5 libgudev-1_0-0-debuginfo-210-70.61.5 libudev1-210-70.61.5 libudev1-debuginfo-210-70.61.5 systemd-210-70.61.5 systemd-debuginfo-210-70.61.5 systemd-debugsource-210-70.61.5 systemd-sysvinit-210-70.61.5 udev-210-70.61.5 udev-debuginfo-210-70.61.5 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libgudev-1_0-0-32bit-210-70.61.5 libgudev-1_0-0-debuginfo-32bit-210-70.61.5 libudev1-32bit-210-70.61.5 libudev1-debuginfo-32bit-210-70.61.5 systemd-32bit-210-70.61.5 systemd-debuginfo-32bit-210-70.61.5 - SUSE Linux Enterprise Server 12-LTSS (noarch): systemd-bash-completion-210-70.61.5 References: https://bugzilla.suse.com/1001790 https://bugzilla.suse.com/1005404 https://bugzilla.suse.com/1005497 https://bugzilla.suse.com/1012266 https://bugzilla.suse.com/1012591 https://bugzilla.suse.com/1013989 https://bugzilla.suse.com/1018399 https://bugzilla.suse.com/1020083 https://bugzilla.suse.com/909418 https://bugzilla.suse.com/912715 https://bugzilla.suse.com/945340 https://bugzilla.suse.com/963290 https://bugzilla.suse.com/964168 https://bugzilla.suse.com/968183 https://bugzilla.suse.com/990538 https://bugzilla.suse.com/997682 From sle-updates at lists.suse.com Tue Mar 14 23:12:39 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 06:12:39 +0100 (CET) Subject: SUSE-RU-2017:0693-1: moderate: Recommended update for systemd Message-ID: <20170315051239.4AB8EFFD9@maintenance.suse.de> SUSE Recommended Update: Recommended update for systemd ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0693-1 Rating: moderate References: #1012266 #1012591 #1013989 #1018399 #1020083 #909418 #912715 #945340 #963290 #990538 #997682 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. Description: This update for systemd provides the following fixes: - rule: Don't automatically online standby memory on s390x. (bsc#997682) - systemctl: Remove duplicate entries showed by list-dependencies. (bsc#1012266) - systemctl: Add ConsistsOf as the inverse of PartOf. (bsc#1020083) - man: Reword list-dependencies description. - man: Improve description of systemctl's --after/--before. - rules: Set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 only with ADD event. (bsc#963290, bsc#990538) - core: Make sure to not call device_is_bound_by_mounts() when dev is null. (bsc#1018399) - core: Make mount units from /proc/self/mountinfo possibly bind to a device. (bsc#909418, bsc#912715, bsc#945340) - core: Do not bind a mount unit to a device, if it was from mountinfo. - rules: Don't ignore CDROM devices even if not ready. - unit: Use weaker dependencies between mount and device units in --user mode. - rules: Clean up stale CD drive mounts after ejection. - core: Add dependencies to dynamically mounted mounts too. - fstab-generator: Remove bogus condition. (bsc#1013989) - coredumpctl: Let gdb handle the SIGINT signal. (bsc#1012591) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-374=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-374=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-374=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libgudev-1_0-devel-210-116.6.6 libudev-devel-210-116.6.6 systemd-debuginfo-210-116.6.6 systemd-debugsource-210-116.6.6 systemd-devel-210-116.6.6 typelib-1_0-GUdev-1_0-210-116.6.6 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libgudev-1_0-0-210-116.6.6 libgudev-1_0-0-debuginfo-210-116.6.6 libudev1-210-116.6.6 libudev1-debuginfo-210-116.6.6 systemd-210-116.6.6 systemd-debuginfo-210-116.6.6 systemd-debugsource-210-116.6.6 systemd-sysvinit-210-116.6.6 udev-210-116.6.6 udev-debuginfo-210-116.6.6 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgudev-1_0-0-32bit-210-116.6.6 libgudev-1_0-0-debuginfo-32bit-210-116.6.6 libudev1-32bit-210-116.6.6 libudev1-debuginfo-32bit-210-116.6.6 systemd-32bit-210-116.6.6 systemd-debuginfo-32bit-210-116.6.6 - SUSE Linux Enterprise Server 12-SP1 (noarch): systemd-bash-completion-210-116.6.6 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libgudev-1_0-0-210-116.6.6 libgudev-1_0-0-32bit-210-116.6.6 libgudev-1_0-0-debuginfo-210-116.6.6 libgudev-1_0-0-debuginfo-32bit-210-116.6.6 libudev1-210-116.6.6 libudev1-32bit-210-116.6.6 libudev1-debuginfo-210-116.6.6 libudev1-debuginfo-32bit-210-116.6.6 systemd-210-116.6.6 systemd-32bit-210-116.6.6 systemd-debuginfo-210-116.6.6 systemd-debuginfo-32bit-210-116.6.6 systemd-debugsource-210-116.6.6 systemd-sysvinit-210-116.6.6 udev-210-116.6.6 udev-debuginfo-210-116.6.6 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): systemd-bash-completion-210-116.6.6 References: https://bugzilla.suse.com/1012266 https://bugzilla.suse.com/1012591 https://bugzilla.suse.com/1013989 https://bugzilla.suse.com/1018399 https://bugzilla.suse.com/1020083 https://bugzilla.suse.com/909418 https://bugzilla.suse.com/912715 https://bugzilla.suse.com/945340 https://bugzilla.suse.com/963290 https://bugzilla.suse.com/990538 https://bugzilla.suse.com/997682 From sle-updates at lists.suse.com Wed Mar 15 08:08:03 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 15:08:03 +0100 (CET) Subject: SUSE-SU-2017:0694-1: moderate: Security update for gegl Message-ID: <20170315140803.BC109FFD9@maintenance.suse.de> SUSE Security Update: Security update for gegl ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0694-1 Rating: moderate References: #789835 Cross-References: CVE-2012-4433 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gegl fixes the following issues: Security issue fixed: - Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to ppm-load op (bsc#789835). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-378=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-378=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-378=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): gegl-0_2-lang-0.2.0-14.3 - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): gegl-0_2-0.2.0-14.3 gegl-0_2-debuginfo-0.2.0-14.3 gegl-debuginfo-0.2.0-14.3 gegl-debugsource-0.2.0-14.3 libgegl-0_2-0-0.2.0-14.3 libgegl-0_2-0-debuginfo-0.2.0-14.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): gegl-debuginfo-0.2.0-14.3 gegl-debugsource-0.2.0-14.3 gegl-devel-0.2.0-14.3 libgegl-0_2-0-0.2.0-14.3 libgegl-0_2-0-debuginfo-0.2.0-14.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): gegl-0_2-0.2.0-14.3 gegl-0_2-debuginfo-0.2.0-14.3 gegl-debuginfo-0.2.0-14.3 gegl-debugsource-0.2.0-14.3 libgegl-0_2-0-0.2.0-14.3 libgegl-0_2-0-debuginfo-0.2.0-14.3 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): gegl-0_2-lang-0.2.0-14.3 References: https://www.suse.com/security/cve/CVE-2012-4433.html https://bugzilla.suse.com/789835 From sle-updates at lists.suse.com Wed Mar 15 08:08:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 15:08:37 +0100 (CET) Subject: SUSE-SU-2017:0695-1: Recommended update for dbus-1 Message-ID: <20170315140837.57D07FFD9@maintenance.suse.de> SUSE Security Update: Recommended update for dbus-1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0695-1 Rating: low References: #1025950 #1025951 #974092 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for dbus-1 fixes the following issues: Security issues fixed: - Symlink attack in nonce-tcp transport. (bsc#1025950) - Symlink attack in unit tests. (bsc#1025951) Bugfixes: - Remove sysvinit script, not used under systemd. (bsc#974092) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-376=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-376=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-376=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-376=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-376=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-376=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-376=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-376=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-devel-1.8.22-24.8.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): dbus-1-devel-doc-1.8.22-24.8.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-devel-1.8.22-24.8.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): dbus-1-devel-doc-1.8.22-24.8.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): dbus-1-debuginfo-32bit-1.8.22-24.8.1 libdbus-1-3-32bit-1.8.22-24.8.1 libdbus-1-3-debuginfo-32bit-1.8.22-24.8.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): dbus-1-debuginfo-32bit-1.8.22-24.8.1 libdbus-1-3-32bit-1.8.22-24.8.1 libdbus-1-3-debuginfo-32bit-1.8.22-24.8.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debuginfo-32bit-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-32bit-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 libdbus-1-3-debuginfo-32bit-1.8.22-24.8.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debuginfo-32bit-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-32bit-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 libdbus-1-3-debuginfo-32bit-1.8.22-24.8.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): dbus-1-1.8.22-24.8.1 dbus-1-debuginfo-1.8.22-24.8.1 dbus-1-debugsource-1.8.22-24.8.1 dbus-1-x11-debuginfo-1.8.22-24.8.1 dbus-1-x11-debugsource-1.8.22-24.8.1 libdbus-1-3-1.8.22-24.8.1 libdbus-1-3-debuginfo-1.8.22-24.8.1 References: https://bugzilla.suse.com/1025950 https://bugzilla.suse.com/1025951 https://bugzilla.suse.com/974092 From sle-updates at lists.suse.com Wed Mar 15 08:09:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 15:09:25 +0100 (CET) Subject: SUSE-SU-2017:0696-1: moderate: Security update for gegl Message-ID: <20170315140925.79BC7FFD9@maintenance.suse.de> SUSE Security Update: Security update for gegl ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0696-1 Rating: moderate References: #789835 Cross-References: CVE-2012-4433 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gegl fixes the following issues: Security issue fixed: - Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to ppm-load op (bsc#789835). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-377=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-377=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-377=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): gegl-0_2-0.2.0-10.3.3 gegl-0_2-debuginfo-0.2.0-10.3.3 gegl-debuginfo-0.2.0-10.3.3 gegl-debugsource-0.2.0-10.3.3 libgegl-0_2-0-0.2.0-10.3.3 libgegl-0_2-0-debuginfo-0.2.0-10.3.3 - SUSE Linux Enterprise Workstation Extension 12-SP1 (noarch): gegl-0_2-lang-0.2.0-10.3.3 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gegl-debuginfo-0.2.0-10.3.3 gegl-debugsource-0.2.0-10.3.3 gegl-devel-0.2.0-10.3.3 libgegl-0_2-0-0.2.0-10.3.3 libgegl-0_2-0-debuginfo-0.2.0-10.3.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gegl-0_2-0.2.0-10.3.3 gegl-0_2-debuginfo-0.2.0-10.3.3 gegl-debuginfo-0.2.0-10.3.3 gegl-debugsource-0.2.0-10.3.3 libgegl-0_2-0-0.2.0-10.3.3 libgegl-0_2-0-debuginfo-0.2.0-10.3.3 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gegl-0_2-lang-0.2.0-10.3.3 References: https://www.suse.com/security/cve/CVE-2012-4433.html https://bugzilla.suse.com/789835 From sle-updates at lists.suse.com Wed Mar 15 11:08:40 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 18:08:40 +0100 (CET) Subject: SUSE-RU-2017:0697-1: Recommended update for plymouth Message-ID: <20170315170840.C65EEFFD9@maintenance.suse.de> SUSE Recommended Update: Recommended update for plymouth ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0697-1 Rating: low References: #955227 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for plymouth fixes the following issues: - Write all escape sequences to the devices of the system console but do filter it for the boot log file (bsc#955227) - Avoid allocating/freeing memory for each line of input Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-379=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-379=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-379=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-379=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): plymouth-debuginfo-0.9.2-31.3 plymouth-debugsource-0.9.2-31.3 plymouth-devel-0.9.2-31.3 plymouth-plugin-tribar-0.9.2-31.3 plymouth-plugin-tribar-debuginfo-0.9.2-31.3 plymouth-x11-renderer-0.9.2-31.3 plymouth-x11-renderer-debuginfo-0.9.2-31.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): plymouth-theme-tribar-0.9.2-31.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libply-boot-client4-0.9.2-31.3 libply-boot-client4-debuginfo-0.9.2-31.3 libply-splash-core4-0.9.2-31.3 libply-splash-core4-debuginfo-0.9.2-31.3 libply-splash-graphics4-0.9.2-31.3 libply-splash-graphics4-debuginfo-0.9.2-31.3 libply4-0.9.2-31.3 libply4-debuginfo-0.9.2-31.3 plymouth-0.9.2-31.3 plymouth-debuginfo-0.9.2-31.3 plymouth-debugsource-0.9.2-31.3 plymouth-dracut-0.9.2-31.3 plymouth-plugin-label-0.9.2-31.3 plymouth-plugin-label-debuginfo-0.9.2-31.3 plymouth-plugin-label-ft-0.9.2-31.3 plymouth-plugin-label-ft-debuginfo-0.9.2-31.3 plymouth-plugin-script-0.9.2-31.3 plymouth-plugin-script-debuginfo-0.9.2-31.3 plymouth-scripts-0.9.2-31.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libply-boot-client4-0.9.2-31.3 libply-boot-client4-debuginfo-0.9.2-31.3 libply-splash-core4-0.9.2-31.3 libply-splash-core4-debuginfo-0.9.2-31.3 libply-splash-graphics4-0.9.2-31.3 libply-splash-graphics4-debuginfo-0.9.2-31.3 libply4-0.9.2-31.3 libply4-debuginfo-0.9.2-31.3 plymouth-0.9.2-31.3 plymouth-debuginfo-0.9.2-31.3 plymouth-debugsource-0.9.2-31.3 plymouth-dracut-0.9.2-31.3 plymouth-plugin-label-0.9.2-31.3 plymouth-plugin-label-debuginfo-0.9.2-31.3 plymouth-plugin-label-ft-0.9.2-31.3 plymouth-plugin-label-ft-debuginfo-0.9.2-31.3 plymouth-plugin-script-0.9.2-31.3 plymouth-plugin-script-debuginfo-0.9.2-31.3 plymouth-scripts-0.9.2-31.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libply-boot-client4-0.9.2-31.3 libply-boot-client4-debuginfo-0.9.2-31.3 libply-splash-core4-0.9.2-31.3 libply-splash-core4-debuginfo-0.9.2-31.3 libply-splash-graphics4-0.9.2-31.3 libply-splash-graphics4-debuginfo-0.9.2-31.3 libply4-0.9.2-31.3 libply4-debuginfo-0.9.2-31.3 plymouth-0.9.2-31.3 plymouth-debuginfo-0.9.2-31.3 plymouth-debugsource-0.9.2-31.3 plymouth-dracut-0.9.2-31.3 plymouth-plugin-label-0.9.2-31.3 plymouth-plugin-label-debuginfo-0.9.2-31.3 plymouth-plugin-label-ft-0.9.2-31.3 plymouth-plugin-label-ft-debuginfo-0.9.2-31.3 plymouth-plugin-script-0.9.2-31.3 plymouth-plugin-script-debuginfo-0.9.2-31.3 plymouth-scripts-0.9.2-31.3 References: https://bugzilla.suse.com/955227 From sle-updates at lists.suse.com Wed Mar 15 11:09:16 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 18:09:16 +0100 (CET) Subject: SUSE-RU-2017:0698-1: moderate: Recommended update for python-azure-agent Message-ID: <20170315170916.6E2AFFFD9@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-azure-agent ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0698-1 Rating: moderate References: #1018369 #1029223 #1029224 Affected Products: SUSE Linux Enterprise Server 11-PUBCLOUD ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for python-azure-agent provides version 2.2.6 and brings the following fixes and improvements: - Improve logging when interface detection fails. - Retry when get thumbprint fails. - Ensure host plugin calls fail gracefully. - Handle interface resets more gracefully. - Wait for partition before mounting. - Correct check for heartbeat freshness. - Fix RDMA reboot issue. - Changed permissions for log directory. - Fix potential sync issue with incarnation number and cache. - Extend VM health status. - Improve mount call and logging. - Cleanup SUSE configuration. - Update RDMA configuration. - Add a log message when primary nic is not found. - Add telemetry event for host plugin usage. - Prevent duplicates in sysinfo. - Add support for Match blocks in sshd configuration. - Support offline hostname changes. - Ensure configuration file is updated correctly. - Support NetworkManager leases. - Fix password encoding. - Fix for hostnamectl. - Fix password encrypting failure in python 2.*. - Handle interrupt signal. - Fix the issues for mounting resourcedisk. - Support for F5 Networks BIG-IP. - Fix sfdisk options. - Fix for fetch manifest. - Fix issue with xfs swapon. - Handle deprovisioning interruption. - Reduce goal state logging. - Increase polling rate. - Support OnHold flag. - Fix for decode_config. - Azure stack certificate fix. - Enable over-provisioning support. - Enable host plugin scenarios. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-PUBCLOUD: zypper in -t patch pubclsp3-python-azure-agent-13023=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-PUBCLOUD (x86_64): python-azure-agent-2.2.6-21.1 References: https://bugzilla.suse.com/1018369 https://bugzilla.suse.com/1029223 https://bugzilla.suse.com/1029224 From sle-updates at lists.suse.com Wed Mar 15 11:10:06 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 18:10:06 +0100 (CET) Subject: SUSE-RU-2017:0700-1: moderate: Recommended update for python-azure-agent Message-ID: <20170315171006.E634BFFD9@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-azure-agent ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0700-1 Rating: moderate References: #1029223 #1029224 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for python-azure-agent provides version 2.2.6 and brings the following fixes and improvements: - Improve logging when interface detection fails. - Retry when get thumbprint fails. - Ensure host plugin calls fail gracefully. - Handle interface resets more gracefully. - Wait for partition before mounting. - Correct check for heartbeat freshness. - Fix RDMA reboot issue. - Changed permissions for log directory. - Fix potential sync issue with incarnation number and cache. - Extend VM health status. - Improve mount call and logging. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-380=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): python-azure-agent-2.2.6-27.1 References: https://bugzilla.suse.com/1029223 https://bugzilla.suse.com/1029224 From sle-updates at lists.suse.com Wed Mar 15 14:07:59 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 21:07:59 +0100 (CET) Subject: SUSE-SU-2017:0701-1: moderate: Security update for open-vm-tools Message-ID: <20170315200759.660BEFFC5@maintenance.suse.de> SUSE Security Update: Security update for open-vm-tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0701-1 Rating: moderate References: #1006796 #1007600 #1011057 #1013496 #1024200 #913727 #938593 #941384 #971031 #978424 #985110 #994598 Cross-References: CVE-2015-5191 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has 11 fixes is now available. Description: This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues: - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework (CAF) - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand - Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796) - Fix for CVE-2015-5191 (bsc#1007600) - Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496) - Add udev rule to increase VMware virtual disk timeout values (bsc#994598) - Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031) - Fix copy-n-paste and drag-n-drop regressions (bsc#978424) - Add new vmblock-fuse.service - Fix a suspend with systemd issue (bsc#913727) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-384=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-384=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (x86_64): libvmtools0-10.1.0-5.3.1 libvmtools0-debuginfo-10.1.0-5.3.1 open-vm-tools-10.1.0-5.3.1 open-vm-tools-debuginfo-10.1.0-5.3.1 open-vm-tools-debugsource-10.1.0-5.3.1 open-vm-tools-desktop-10.1.0-5.3.1 open-vm-tools-desktop-debuginfo-10.1.0-5.3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libvmtools0-10.1.0-5.3.1 libvmtools0-debuginfo-10.1.0-5.3.1 open-vm-tools-10.1.0-5.3.1 open-vm-tools-debuginfo-10.1.0-5.3.1 open-vm-tools-debugsource-10.1.0-5.3.1 open-vm-tools-desktop-10.1.0-5.3.1 open-vm-tools-desktop-debuginfo-10.1.0-5.3.1 References: https://www.suse.com/security/cve/CVE-2015-5191.html https://bugzilla.suse.com/1006796 https://bugzilla.suse.com/1007600 https://bugzilla.suse.com/1011057 https://bugzilla.suse.com/1013496 https://bugzilla.suse.com/1024200 https://bugzilla.suse.com/913727 https://bugzilla.suse.com/938593 https://bugzilla.suse.com/941384 https://bugzilla.suse.com/971031 https://bugzilla.suse.com/978424 https://bugzilla.suse.com/985110 https://bugzilla.suse.com/994598 From sle-updates at lists.suse.com Wed Mar 15 14:10:36 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 21:10:36 +0100 (CET) Subject: SUSE-SU-2017:0702-1: moderate: Security update for open-vm-tools Message-ID: <20170315201036.E04E8FFC5@maintenance.suse.de> SUSE Security Update: Security update for open-vm-tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0702-1 Rating: moderate References: #1006796 #1007600 #1011057 #1013496 #1024200 #971031 #994598 Cross-References: CVE-2015-5191 Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves one vulnerability and has 6 fixes is now available. Description: This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues: - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework (CAF) - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand - Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796) - Fix for CVE-2015-5191 (bsc#1007600) - Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496) - Add udev rule to increase VMware virtual disk timeout values (bsc#994598) - Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-382=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-382=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP2 (x86_64): libvmtools0-10.1.0-8.1 libvmtools0-debuginfo-10.1.0-8.1 open-vm-tools-10.1.0-8.1 open-vm-tools-debuginfo-10.1.0-8.1 open-vm-tools-debugsource-10.1.0-8.1 open-vm-tools-desktop-10.1.0-8.1 open-vm-tools-desktop-debuginfo-10.1.0-8.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libvmtools0-10.1.0-8.1 libvmtools0-debuginfo-10.1.0-8.1 open-vm-tools-10.1.0-8.1 open-vm-tools-debuginfo-10.1.0-8.1 open-vm-tools-debugsource-10.1.0-8.1 open-vm-tools-desktop-10.1.0-8.1 open-vm-tools-desktop-debuginfo-10.1.0-8.1 References: https://www.suse.com/security/cve/CVE-2015-5191.html https://bugzilla.suse.com/1006796 https://bugzilla.suse.com/1007600 https://bugzilla.suse.com/1011057 https://bugzilla.suse.com/1013496 https://bugzilla.suse.com/1024200 https://bugzilla.suse.com/971031 https://bugzilla.suse.com/994598 From sle-updates at lists.suse.com Wed Mar 15 14:11:53 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 21:11:53 +0100 (CET) Subject: SUSE-SU-2017:0703-1: important: Security update for flash-player Message-ID: <20170315201153.8024CFFC5@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0703-1 Rating: important References: #1029374 Cross-References: CVE-2017-2997 CVE-2017-2998 CVE-2017-2999 CVE-2017-3000 CVE-2017-3001 CVE-2017-3002 CVE-2017-3003 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for flash-player fixes the following issues: Security update to 25.0.0.127 (bsc#1029374), fixing the following vulnerabilities advised under APSB17-07: - CVE-2017-2997: This update resolves a buffer overflow vulnerability that could lead to code execution. - CVE-2017-2998, CVE-2017-2999: This update resolves memory corruption vulnerabilities that could lead to code execution. - CVE-2017-3000: This update resolves a random number generator vulnerability used for constant blinding that could lead to information disclosure. - CVE-2017-3001, CVE-2017-3002, CVE-2017-3003: This update resolves use-after-free vulnerabilities that could lead to code execution. - Details: https://helpx.adobe.com/security/products/flash-player/apsb17-07.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-385=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-385=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-25.0.0.127-162.1 flash-player-gnome-25.0.0.127-162.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-25.0.0.127-162.1 flash-player-gnome-25.0.0.127-162.1 References: https://www.suse.com/security/cve/CVE-2017-2997.html https://www.suse.com/security/cve/CVE-2017-2998.html https://www.suse.com/security/cve/CVE-2017-2999.html https://www.suse.com/security/cve/CVE-2017-3000.html https://www.suse.com/security/cve/CVE-2017-3001.html https://www.suse.com/security/cve/CVE-2017-3002.html https://www.suse.com/security/cve/CVE-2017-3003.html https://bugzilla.suse.com/1029374 From sle-updates at lists.suse.com Wed Mar 15 14:12:20 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 21:12:20 +0100 (CET) Subject: SUSE-RU-2017:0704-1: Recommended update for nautilus Message-ID: <20170315201220.5CCCAFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for nautilus ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0704-1 Rating: low References: #1020133 #917772 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for nautilus provides the following fixes: - Fix segmentation fault and memory leak when running as root. (bsc#1020133) - When dragging links from Firefox to the desktop, create a link instead of attempting to copy the page. (bsc#917772) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-nautilus-13025=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-nautilus-13025=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-nautilus-13025=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): nautilus-devel-2.28.4-1.16.20.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): nautilus-2.28.4-1.16.20.2 nautilus-lang-2.28.4-1.16.20.2 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): nautilus-32bit-2.28.4-1.16.20.2 - SUSE Linux Enterprise Server 11-SP4 (ia64): nautilus-x86-2.28.4-1.16.20.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): nautilus-debuginfo-2.28.4-1.16.20.2 nautilus-debugsource-2.28.4-1.16.20.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): nautilus-debuginfo-32bit-2.28.4-1.16.20.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): nautilus-debuginfo-x86-2.28.4-1.16.20.2 References: https://bugzilla.suse.com/1020133 https://bugzilla.suse.com/917772 From sle-updates at lists.suse.com Wed Mar 15 14:13:01 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 15 Mar 2017 21:13:01 +0100 (CET) Subject: SUSE-SU-2017:0705-1: moderate: Security update for open-vm-tools Message-ID: <20170315201301.1E749FFC5@maintenance.suse.de> SUSE Security Update: Security update for open-vm-tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0705-1 Rating: moderate References: #1006796 #1007600 #1011057 #1013496 #1024202 #913727 #938593 #941384 #944615 #952645 #971031 #978424 #985110 #994598 Cross-References: CVE-2015-5191 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has 13 fixes is now available. Description: This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues: - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework (CAF) - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand - Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796) - Fix for CVE-2015-5191 (bsc#1007600) - Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496) - Add udev rule to increase VMware virtual disk timeout values (bsc#994598) - Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031) - Fix copy-n-paste and drag-n-drop regressions (bsc#978424) - Add new vmblock-fuse.service - Fix a suspend with systemd issue (bsc#913727) - ESXi Serviceability - GuestInfo Enhancements - Compatibility with all supported versions of VMware vSphere, VMware Workstation 12.0 and VMware Fusion 8.0. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-open-vm-tools-13024=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-open-vm-tools-13024=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): libvmtools0-10.1.0-7.1 open-vm-tools-10.1.0-7.1 open-vm-tools-desktop-10.1.0-7.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): open-vm-tools-debuginfo-10.1.0-7.1 open-vm-tools-debugsource-10.1.0-7.1 References: https://www.suse.com/security/cve/CVE-2015-5191.html https://bugzilla.suse.com/1006796 https://bugzilla.suse.com/1007600 https://bugzilla.suse.com/1011057 https://bugzilla.suse.com/1013496 https://bugzilla.suse.com/1024202 https://bugzilla.suse.com/913727 https://bugzilla.suse.com/938593 https://bugzilla.suse.com/941384 https://bugzilla.suse.com/944615 https://bugzilla.suse.com/952645 https://bugzilla.suse.com/971031 https://bugzilla.suse.com/978424 https://bugzilla.suse.com/985110 https://bugzilla.suse.com/994598 From sle-updates at lists.suse.com Thu Mar 16 08:08:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Mar 2017 15:08:32 +0100 (CET) Subject: SUSE-OU-2017:0706-1: Optional update for libepoxy Message-ID: <20170316140832.D883310025@maintenance.suse.de> SUSE Optional Update: Optional update for libepoxy ______________________________________________________________________________ Announcement ID: SUSE-OU-2017:0706-1 Rating: low References: #1029310 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides a rebuild of libepoxy to synchronize SLE and PackageHub release numbers. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-387=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-387=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-387=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-387=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libepoxy-debugsource-1.3.1-4.1 libepoxy-devel-1.3.1-4.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libepoxy-debugsource-1.3.1-4.1 libepoxy0-1.3.1-4.1 libepoxy0-debuginfo-1.3.1-4.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libepoxy-debugsource-1.3.1-4.1 libepoxy0-1.3.1-4.1 libepoxy0-debuginfo-1.3.1-4.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libepoxy0-32bit-1.3.1-4.1 libepoxy0-debuginfo-32bit-1.3.1-4.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libepoxy-debugsource-1.3.1-4.1 libepoxy0-1.3.1-4.1 libepoxy0-32bit-1.3.1-4.1 libepoxy0-debuginfo-1.3.1-4.1 libepoxy0-debuginfo-32bit-1.3.1-4.1 References: https://bugzilla.suse.com/1029310 From sle-updates at lists.suse.com Thu Mar 16 11:13:03 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Mar 2017 18:13:03 +0100 (CET) Subject: SUSE-RU-2017:0709-1: moderate: Recommended update for systemd Message-ID: <20170316171303.B741110025@maintenance.suse.de> SUSE Recommended Update: Recommended update for systemd ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0709-1 Rating: moderate References: #1004094 #1006687 #1019470 #1022014 #1022047 #1025598 #995936 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This update for systemd provides the following fixes: - core: Fix memory leak in transient units. (bsc#1025598) - core: Destroy all name watching bus slots when we are kicked off the bus. (bsc#1006687) - sd-event: Fix incorrect assertion. (bsc#995936, bsc#1022014) - journald: Don't flush to /var/log/journal before we get asked to. (bsc#1004094) - core: Downgrade warning about duplicate device names. (bsc#1022047) - units: Remove no longer needed ldconfig service. (bsc#1019470) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-389=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-389=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-389=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-389=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-389=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libudev-devel-228-135.1 systemd-debuginfo-228-135.1 systemd-debugsource-228-135.1 systemd-devel-228-135.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libsystemd0-228-135.1 libsystemd0-debuginfo-228-135.1 libudev1-228-135.1 libudev1-debuginfo-228-135.1 systemd-228-135.1 systemd-debuginfo-228-135.1 systemd-debugsource-228-135.1 systemd-sysvinit-228-135.1 udev-228-135.1 udev-debuginfo-228-135.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): systemd-bash-completion-228-135.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libsystemd0-228-135.1 libsystemd0-debuginfo-228-135.1 libudev1-228-135.1 libudev1-debuginfo-228-135.1 systemd-228-135.1 systemd-debuginfo-228-135.1 systemd-debugsource-228-135.1 systemd-sysvinit-228-135.1 udev-228-135.1 udev-debuginfo-228-135.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libsystemd0-32bit-228-135.1 libsystemd0-debuginfo-32bit-228-135.1 libudev1-32bit-228-135.1 libudev1-debuginfo-32bit-228-135.1 systemd-32bit-228-135.1 systemd-debuginfo-32bit-228-135.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): systemd-bash-completion-228-135.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): systemd-bash-completion-228-135.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libsystemd0-228-135.1 libsystemd0-32bit-228-135.1 libsystemd0-debuginfo-228-135.1 libsystemd0-debuginfo-32bit-228-135.1 libudev1-228-135.1 libudev1-32bit-228-135.1 libudev1-debuginfo-228-135.1 libudev1-debuginfo-32bit-228-135.1 systemd-228-135.1 systemd-32bit-228-135.1 systemd-debuginfo-228-135.1 systemd-debuginfo-32bit-228-135.1 systemd-debugsource-228-135.1 systemd-sysvinit-228-135.1 udev-228-135.1 udev-debuginfo-228-135.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libudev1-228-135.1 libudev1-debuginfo-228-135.1 systemd-228-135.1 systemd-debuginfo-228-135.1 systemd-debugsource-228-135.1 systemd-sysvinit-228-135.1 udev-228-135.1 udev-debuginfo-228-135.1 References: https://bugzilla.suse.com/1004094 https://bugzilla.suse.com/1006687 https://bugzilla.suse.com/1019470 https://bugzilla.suse.com/1022014 https://bugzilla.suse.com/1022047 https://bugzilla.suse.com/1025598 https://bugzilla.suse.com/995936 From sle-updates at lists.suse.com Thu Mar 16 11:14:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Mar 2017 18:14:32 +0100 (CET) Subject: SUSE-RU-2017:0710-1: Recommended update for NetworkManager-gnome Message-ID: <20170316171432.D8EAC10025@maintenance.suse.de> SUSE Recommended Update: Recommended update for NetworkManager-gnome ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0710-1 Rating: low References: #1003069 #1009019 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for NetworkManager-gnome fixes the following issues: - NetworkManager stored passwords prevent wifi functionality (bsc#1003069) - Add support for plain MSCHAPV2 as inner authentication method when using TTLS as outer authentication method (bsc#1009019) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-388=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-388=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-388=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-388=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-388=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): NetworkManager-connection-editor-1.0.10-18.6 NetworkManager-connection-editor-debuginfo-1.0.10-18.6 NetworkManager-gnome-1.0.10-18.6 NetworkManager-gnome-debuginfo-1.0.10-18.6 NetworkManager-gnome-debugsource-1.0.10-18.6 - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): NetworkManager-gnome-lang-1.0.10-18.6 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): NetworkManager-gnome-debuginfo-1.0.10-18.6 NetworkManager-gnome-debugsource-1.0.10-18.6 libnm-gtk-devel-1.0.10-18.6 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): NetworkManager-gnome-debuginfo-1.0.10-18.6 NetworkManager-gnome-debugsource-1.0.10-18.6 libnm-gtk0-1.0.10-18.6 libnm-gtk0-debuginfo-1.0.10-18.6 typelib-1_0-NMGtk-1_0-1.0.10-18.6 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): NetworkManager-gnome-debuginfo-1.0.10-18.6 NetworkManager-gnome-debugsource-1.0.10-18.6 libnm-gtk0-1.0.10-18.6 libnm-gtk0-debuginfo-1.0.10-18.6 typelib-1_0-NMGtk-1_0-1.0.10-18.6 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): NetworkManager-connection-editor-1.0.10-18.6 NetworkManager-connection-editor-debuginfo-1.0.10-18.6 NetworkManager-gnome-1.0.10-18.6 NetworkManager-gnome-debuginfo-1.0.10-18.6 NetworkManager-gnome-debugsource-1.0.10-18.6 libnm-gtk0-1.0.10-18.6 libnm-gtk0-debuginfo-1.0.10-18.6 typelib-1_0-NMGtk-1_0-1.0.10-18.6 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): NetworkManager-gnome-lang-1.0.10-18.6 References: https://bugzilla.suse.com/1003069 https://bugzilla.suse.com/1009019 From sle-updates at lists.suse.com Thu Mar 16 14:07:27 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Mar 2017 21:07:27 +0100 (CET) Subject: SUSE-RU-2017:0712-1: Recommended update for release-notes-susemanager Message-ID: <20170316200727.7F89310025@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-susemanager ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0712-1 Rating: low References: #1002776 #1006556 #1015414 Affected Products: SUSE Manager 2.1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: SUSE Manager 2.1 Release Notes have been updated to document: - New channels available: + SLES for SAP on ppc64le + SLES 12 on Raspberry Pi + SUSE Enterprise Storage 4 + SUSE OpenStack Cloud 7 + SLE-RT 12 SP2 + Client Tools for SLES12 aarch64 - Bugs fixed by latest updates: bsc#868132, bsc#966888, bsc#968935, bsc#971342, bsc#973226, bsc#988889, bsc#989905, bsc#995764, bsc#1002776, bsc#1003895, bsc#1004717, bsc#1006170, bsc#1006556, bsc#1006786, bsc#1007490, bsc#1009102, bsc#1009435, bsc#1009677, bsc#1010020, bsc#1010664, bsc#1011344, bsc#1011817, bsc#1015414, bsc#1017351 Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 2.1: zypper in -t patch sleman21-release-notes-susemanager-13026=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 2.1 (s390x x86_64): release-notes-susemanager-2.1.0-0.56.1 References: https://bugzilla.suse.com/1002776 https://bugzilla.suse.com/1006556 https://bugzilla.suse.com/1015414 From sle-updates at lists.suse.com Fri Mar 17 05:07:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:07:56 +0100 (CET) Subject: SUSE-SU-2017:0713-1: moderate: Security update for sane-backends Message-ID: <20170317110756.9FE2210025@maintenance.suse.de> SUSE Security Update: Security update for sane-backends ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0713-1 Rating: moderate References: #1027197 Cross-References: CVE-2017-6318 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for sane-backends fixes the following issues: - saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory (CVE-2017-6318, bsc#1027197). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-397=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-397=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-397=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-397=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-397=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-397=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-397=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-397=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-397=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): sane-backends-32bit-1.0.24-3.1 sane-backends-autoconfig-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debuginfo-32bit-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): sane-backends-32bit-1.0.24-3.1 sane-backends-autoconfig-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debuginfo-32bit-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): sane-backends-debuginfo-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 sane-backends-devel-1.0.24-3.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): sane-backends-debuginfo-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 sane-backends-devel-1.0.24-3.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): sane-backends-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): sane-backends-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): sane-backends-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): sane-backends-1.0.24-3.1 sane-backends-32bit-1.0.24-3.1 sane-backends-autoconfig-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debuginfo-32bit-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): sane-backends-1.0.24-3.1 sane-backends-32bit-1.0.24-3.1 sane-backends-autoconfig-1.0.24-3.1 sane-backends-debuginfo-1.0.24-3.1 sane-backends-debuginfo-32bit-1.0.24-3.1 sane-backends-debugsource-1.0.24-3.1 References: https://www.suse.com/security/cve/CVE-2017-6318.html https://bugzilla.suse.com/1027197 From sle-updates at lists.suse.com Fri Mar 17 05:08:28 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:08:28 +0100 (CET) Subject: SUSE-SU-2017:0714-1: important: Security update for MozillaFirefox Message-ID: <20170317110828.4392110025@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0714-1 Rating: important References: #1028391 Cross-References: CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5409 CVE-2017-5410 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-392=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-392=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-392=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-392=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-392=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-392=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-392=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-392=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-392=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-devel-45.8.0esr-102.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-devel-45.8.0esr-102.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): MozillaFirefox-45.8.0esr-102.1 MozillaFirefox-debuginfo-45.8.0esr-102.1 MozillaFirefox-debugsource-45.8.0esr-102.1 MozillaFirefox-translations-45.8.0esr-102.1 References: https://www.suse.com/security/cve/CVE-2017-5398.html https://www.suse.com/security/cve/CVE-2017-5400.html https://www.suse.com/security/cve/CVE-2017-5401.html https://www.suse.com/security/cve/CVE-2017-5402.html https://www.suse.com/security/cve/CVE-2017-5404.html https://www.suse.com/security/cve/CVE-2017-5405.html https://www.suse.com/security/cve/CVE-2017-5407.html https://www.suse.com/security/cve/CVE-2017-5408.html https://www.suse.com/security/cve/CVE-2017-5409.html https://www.suse.com/security/cve/CVE-2017-5410.html https://bugzilla.suse.com/1028391 From sle-updates at lists.suse.com Fri Mar 17 05:08:54 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:08:54 +0100 (CET) Subject: SUSE-SU-2017:0715-1: moderate: Security update for jsch Message-ID: <20170317110854.7A77010025@maintenance.suse.de> SUSE Security Update: Security update for jsch ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0715-1 Rating: moderate References: #997542 Cross-References: CVE-2016-5725 Affected Products: SUSE Manager Server 3.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for jsch to version 0.1.54 fixes the following issues: Security issues fixed: - CVE-2016-5725: recursive sftp get client-side windows path traversal (bsc#997542). Bugfixes: - sftp-put may send the garbage data in some rare case. - fixed a deadlock bug in KnownHosts#getHostKey(). - SftpProgressMonitor#init() was not invoked in sftp-put by using the output-stream. - KnownHosts#setKnownHosts() should accept the non-existing file. - excluding the user interaction time from the timeout value. - addressing SFTP slow file transfer speed with Titan FTP. - updating copyright messages; 2015 -> 2016 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-391=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server 3.0 (noarch): jsch-0.1.54-3.1 References: https://www.suse.com/security/cve/CVE-2016-5725.html https://bugzilla.suse.com/997542 From sle-updates at lists.suse.com Fri Mar 17 05:09:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:09:19 +0100 (CET) Subject: SUSE-SU-2017:0716-1: moderate: Security update for java-1_7_0-ibm Message-ID: <20170317110919.1B0E910025@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0716-1 Rating: moderate References: #1027038 Cross-References: CVE-2016-2183 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. (bsc#1027038) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-java-1_7_0-ibm-13027=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-java-1_7_0-ibm-13027=1 - SUSE Manager 2.1: zypper in -t patch sleman21-java-1_7_0-ibm-13027=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-java-1_7_0-ibm-13027=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-java-1_7_0-ibm-13027=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): java-1_7_0-ibm-1.7.0_sr10.1-61.1 java-1_7_0-ibm-alsa-1.7.0_sr10.1-61.1 java-1_7_0-ibm-devel-1.7.0_sr10.1-61.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.1-61.1 java-1_7_0-ibm-plugin-1.7.0_sr10.1-61.1 - SUSE Manager Proxy 2.1 (x86_64): java-1_7_0-ibm-1.7.0_sr10.1-61.1 java-1_7_0-ibm-alsa-1.7.0_sr10.1-61.1 java-1_7_0-ibm-devel-1.7.0_sr10.1-61.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.1-61.1 java-1_7_0-ibm-plugin-1.7.0_sr10.1-61.1 - SUSE Manager 2.1 (s390x x86_64): java-1_7_0-ibm-1.7.0_sr10.1-61.1 java-1_7_0-ibm-devel-1.7.0_sr10.1-61.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.1-61.1 - SUSE Manager 2.1 (x86_64): java-1_7_0-ibm-alsa-1.7.0_sr10.1-61.1 java-1_7_0-ibm-plugin-1.7.0_sr10.1-61.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): java-1_7_0-ibm-1.7.0_sr10.1-61.1 java-1_7_0-ibm-devel-1.7.0_sr10.1-61.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.1-61.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr10.1-61.1 java-1_7_0-ibm-plugin-1.7.0_sr10.1-61.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): java-1_7_0-ibm-1.7.0_sr10.1-61.1 java-1_7_0-ibm-alsa-1.7.0_sr10.1-61.1 java-1_7_0-ibm-devel-1.7.0_sr10.1-61.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.1-61.1 java-1_7_0-ibm-plugin-1.7.0_sr10.1-61.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://bugzilla.suse.com/1027038 From sle-updates at lists.suse.com Fri Mar 17 05:09:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:09:44 +0100 (CET) Subject: SUSE-SU-2017:0717-1: moderate: Security update for sane-backends Message-ID: <20170317110944.3DDB510025@maintenance.suse.de> SUSE Security Update: Security update for sane-backends ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0717-1 Rating: moderate References: #1027197 Cross-References: CVE-2017-6318 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for sane-backends fixes the following issues: - saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory (CVE-2017-6318, bsc#1027197). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-sane-backends-13029=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-sane-backends-13029=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-sane-backends-13029=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): sane-backends-autoconfig-1.0.20-7.8.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): sane-backends-32bit-1.0.20-7.8.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64): sane-backends-x86-1.0.20-7.8.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): sane-backends-1.0.20-7.8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): sane-backends-debuginfo-1.0.20-7.8.1 sane-backends-debugsource-1.0.20-7.8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): sane-backends-debuginfo-32bit-1.0.20-7.8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): sane-backends-debuginfo-x86-1.0.20-7.8.1 References: https://www.suse.com/security/cve/CVE-2017-6318.html https://bugzilla.suse.com/1027197 From sle-updates at lists.suse.com Fri Mar 17 05:10:10 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:10:10 +0100 (CET) Subject: SUSE-SU-2017:0718-1: important: Security update for xen Message-ID: <20170317111010.2B70710025@maintenance.suse.de> SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0718-1 Rating: important References: #1002496 #1012651 #1013657 #1013668 #1014298 #1014507 #1015169 #1016340 #1022871 #1023004 #1024183 #1024834 #907805 Cross-References: CVE-2014-8106 CVE-2016-10013 CVE-2016-10024 CVE-2016-10155 CVE-2016-9101 CVE-2016-9776 CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 CVE-2016-9932 CVE-2017-2615 CVE-2017-2620 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has one errata is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183) - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805) - CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-10013: Xen allowed local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation (bsc#1016340). - CVE-2016-9932: CMPXCHG8B emulation on x86 systems allowed local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix (bsc#1012651). - CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668) - CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657) - A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871) - CVE-2016-10024: Xen allowed local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations (bsc#1014298) This non-security issue was fixed: - bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-xen-13030=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-xen-13030=1 - SUSE Manager 2.1: zypper in -t patch sleman21-xen-13030=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-xen-13030=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-xen-13030=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-xen-13030=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): xen-4.2.5_21-35.1 xen-doc-html-4.2.5_21-35.1 xen-doc-pdf-4.2.5_21-35.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.96-35.1 xen-libs-32bit-4.2.5_21-35.1 xen-libs-4.2.5_21-35.1 xen-tools-4.2.5_21-35.1 xen-tools-domU-4.2.5_21-35.1 - SUSE Manager Proxy 2.1 (x86_64): xen-4.2.5_21-35.1 xen-doc-html-4.2.5_21-35.1 xen-doc-pdf-4.2.5_21-35.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.96-35.1 xen-libs-32bit-4.2.5_21-35.1 xen-libs-4.2.5_21-35.1 xen-tools-4.2.5_21-35.1 xen-tools-domU-4.2.5_21-35.1 - SUSE Manager 2.1 (x86_64): xen-4.2.5_21-35.1 xen-doc-html-4.2.5_21-35.1 xen-doc-pdf-4.2.5_21-35.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.96-35.1 xen-libs-32bit-4.2.5_21-35.1 xen-libs-4.2.5_21-35.1 xen-tools-4.2.5_21-35.1 xen-tools-domU-4.2.5_21-35.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): xen-kmp-default-4.2.5_21_3.0.101_0.47.96-35.1 xen-libs-4.2.5_21-35.1 xen-tools-domU-4.2.5_21-35.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64): xen-4.2.5_21-35.1 xen-doc-html-4.2.5_21-35.1 xen-doc-pdf-4.2.5_21-35.1 xen-libs-32bit-4.2.5_21-35.1 xen-tools-4.2.5_21-35.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): xen-kmp-pae-4.2.5_21_3.0.101_0.47.96-35.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): xen-kmp-default-4.2.5_21_3.0.101_0.47.96-35.1 xen-kmp-pae-4.2.5_21_3.0.101_0.47.96-35.1 xen-libs-4.2.5_21-35.1 xen-tools-domU-4.2.5_21-35.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): xen-debuginfo-4.2.5_21-35.1 xen-debugsource-4.2.5_21-35.1 References: https://www.suse.com/security/cve/CVE-2014-8106.html https://www.suse.com/security/cve/CVE-2016-10013.html https://www.suse.com/security/cve/CVE-2016-10024.html https://www.suse.com/security/cve/CVE-2016-10155.html https://www.suse.com/security/cve/CVE-2016-9101.html https://www.suse.com/security/cve/CVE-2016-9776.html https://www.suse.com/security/cve/CVE-2016-9911.html https://www.suse.com/security/cve/CVE-2016-9921.html https://www.suse.com/security/cve/CVE-2016-9922.html https://www.suse.com/security/cve/CVE-2016-9932.html https://www.suse.com/security/cve/CVE-2017-2615.html https://www.suse.com/security/cve/CVE-2017-2620.html https://bugzilla.suse.com/1002496 https://bugzilla.suse.com/1012651 https://bugzilla.suse.com/1013657 https://bugzilla.suse.com/1013668 https://bugzilla.suse.com/1014298 https://bugzilla.suse.com/1014507 https://bugzilla.suse.com/1015169 https://bugzilla.suse.com/1016340 https://bugzilla.suse.com/1022871 https://bugzilla.suse.com/1023004 https://bugzilla.suse.com/1024183 https://bugzilla.suse.com/1024834 https://bugzilla.suse.com/907805 From sle-updates at lists.suse.com Fri Mar 17 05:12:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:12:56 +0100 (CET) Subject: SUSE-SU-2017:0719-1: moderate: Security update for java-1_7_1-ibm Message-ID: <20170317111256.9DC7C10025@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0719-1 Rating: moderate References: #1027038 Cross-References: CVE-2016-2183 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. (bsc#1027038) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-java-1_7_1-ibm-13028=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-java-1_7_1-ibm-13028=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.1-22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.1-22.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.1-22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.1-22.1 java-1_7_1-ibm-plugin-1.7.1_sr4.1-22.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://bugzilla.suse.com/1027038 From sle-updates at lists.suse.com Fri Mar 17 05:13:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 12:13:25 +0100 (CET) Subject: SUSE-SU-2017:0720-1: moderate: Security update for java-1_7_1-ibm Message-ID: <20170317111325.44ADA10025@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0720-1 Rating: moderate References: #1027038 Cross-References: CVE-2016-2183 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. (bsc#1027038) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-395=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-395=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-395=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-395=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-395=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-395=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): java-1_7_1-ibm-1.7.1_sr4.1-34.1 java-1_7_1-ibm-alsa-1.7.1_sr4.1-34.1 java-1_7_1-ibm-devel-1.7.1_sr4.1-34.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.1-34.1 java-1_7_1-ibm-plugin-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): java-1_7_1-ibm-1.7.1_sr4.1-34.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.1-34.1 java-1_7_1-ibm-plugin-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.1-34.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.1-34.1 java-1_7_1-ibm-plugin-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.1-34.1 java-1_7_1-ibm-devel-1.7.1_sr4.1-34.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.1-34.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.1-34.1 java-1_7_1-ibm-plugin-1.7.1_sr4.1-34.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://bugzilla.suse.com/1027038 From sle-updates at lists.suse.com Fri Mar 17 08:07:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 15:07:58 +0100 (CET) Subject: SUSE-RU-2017:0721-1: Recommended update for release-notes-rte Message-ID: <20170317140758.9421710025@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-rte ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0721-1 Rating: low References: #1023372 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the product name in the Release Notes of SUSE Linux Enterprise Real Time 12 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 12-SP2: zypper in -t patch SUSE-SLE-RT-12-SP2-2017-399=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 12-SP2 (noarch): release-notes-rte-12.2.20170202-11.1 References: https://bugzilla.suse.com/1023372 From sle-updates at lists.suse.com Fri Mar 17 11:09:01 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:09:01 +0100 (CET) Subject: SUSE-RU-2017:0722-1: Recommended update for SUSEConnect Message-ID: <20170317170901.AC29210025@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSEConnect ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0722-1 Rating: low References: #1018190 #982630 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for SUSEConnect provides the following fixes: - Better error message for network request failure (bsc#982630) - Fix error message for --product with malformed identifier (bsc#1018190) - Fix some errors and formatting in manpages and help output. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-404=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-404=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-404=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-404=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): SUSEConnect-0.2.42-19.3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): SUSEConnect-0.2.42-19.3.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): SUSEConnect-0.2.42-19.3.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): SUSEConnect-0.2.42-19.3.1 References: https://bugzilla.suse.com/1018190 https://bugzilla.suse.com/982630 From sle-updates at lists.suse.com Fri Mar 17 11:09:40 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:09:40 +0100 (CET) Subject: SUSE-OU-2017:0723-1: Optional update for FastCGI Message-ID: <20170317170940.278B910025@maintenance.suse.de> SUSE Optional Update: Optional update for FastCGI ______________________________________________________________________________ Announcement ID: SUSE-OU-2017:0723-1 Rating: low References: #1029673 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Enterprise Storage 4 SUSE Enterprise Storage 3 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds FastCGI-devel to SUSE Linux Enterprise Software Development Kit 12. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-400=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-400=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-400=1 - SUSE Enterprise Storage 3: zypper in -t patch SUSE-Storage-3-2017-400=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): FastCGI-2.4.0-168.1 FastCGI-debuginfo-2.4.0-168.1 FastCGI-debugsource-2.4.0-168.1 FastCGI-devel-2.4.0-168.1 perl-FastCGI-2.4.0-168.1 perl-FastCGI-debuginfo-2.4.0-168.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): FastCGI-2.4.0-168.1 FastCGI-debuginfo-2.4.0-168.1 FastCGI-debugsource-2.4.0-168.1 FastCGI-devel-2.4.0-168.1 perl-FastCGI-2.4.0-168.1 perl-FastCGI-debuginfo-2.4.0-168.1 - SUSE Enterprise Storage 4 (aarch64 x86_64): FastCGI-2.4.0-168.1 FastCGI-debuginfo-2.4.0-168.1 FastCGI-debugsource-2.4.0-168.1 - SUSE Enterprise Storage 3 (aarch64 x86_64): FastCGI-2.4.0-168.1 FastCGI-debuginfo-2.4.0-168.1 FastCGI-debugsource-2.4.0-168.1 References: https://bugzilla.suse.com/1029673 From sle-updates at lists.suse.com Fri Mar 17 11:10:03 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:10:03 +0100 (CET) Subject: SUSE-OU-2017:0724-1: Initial release of amazon-ssm-agent Message-ID: <20170317171003.CFB4E10025@maintenance.suse.de> SUSE Optional Update: Initial release of amazon-ssm-agent ______________________________________________________________________________ Announcement ID: SUSE-OU-2017:0724-1 Rating: low References: #1017899 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds amazon-ssm-agent to the Public Cloud Module 12. This package provides the Amazon SSM Agent for managing EC2 Instances using Amazon EC2 Systems Manager (SSM). The SSM Agent runs on EC2 or on-premise instances and enables you to quickly and easily execute remote commands or scripts against one or more instances. When you execute a command, the agent on the instance processes the document and configures the instance as specified. This collection of capabilities helps you automate management tasks such as collecting system inventory, applying operating system (OS) patches, automating the creation of Amazon Machine Images (AMIs), and configuring operating systems (OSs) and applications at scale. Systems Manager works with managed instances: Amazon EC2 instances, or servers and virtual machines (VMs) in your on-premises environment that are configured for Systems Manager. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-401=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (aarch64 ppc64le x86_64): amazon-ssm-agent-2.0.633.0-3.1 References: https://bugzilla.suse.com/1017899 From sle-updates at lists.suse.com Fri Mar 17 11:10:26 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:10:26 +0100 (CET) Subject: SUSE-RU-2017:0725-1: Recommended update for release-notes-sles Message-ID: <20170317171026.B211310025@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sles ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0725-1 Rating: low References: #1016450 #1017579 #1028458 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: The Release Notes of SUSE Linux Enterprise Server 11 SP4 have been updated to document: - Maximum RAM certified of '1.5TB' for POWER. (bsc#1028458) - Samba support to operate as an Active Directory style domain controller. (bsc#1017579, fate#322422) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-release-notes-sles-13031=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): release-notes-sles-11.4.26-0.35.1 References: https://bugzilla.suse.com/1016450 https://bugzilla.suse.com/1017579 https://bugzilla.suse.com/1028458 From sle-updates at lists.suse.com Fri Mar 17 11:11:10 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:11:10 +0100 (CET) Subject: SUSE-SU-2017:0726-1: moderate: Security update for java-1_6_0-ibm Message-ID: <20170317171110.EFF2510025@maintenance.suse.de> SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0726-1 Rating: moderate References: #1027038 Cross-References: CVE-2016-2183 Affected Products: SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for java-1_6_0-ibm to 8.0-4.1 fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. (bsc#1027038) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2017-407=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Legacy Software 12 (s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.41-46.1 java-1_6_0-ibm-fonts-1.6.0_sr16.41-46.1 java-1_6_0-ibm-jdbc-1.6.0_sr16.41-46.1 - SUSE Linux Enterprise Module for Legacy Software 12 (x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.41-46.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://bugzilla.suse.com/1027038 From sle-updates at lists.suse.com Fri Mar 17 11:11:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:11:34 +0100 (CET) Subject: SUSE-RU-2017:0727-1: Recommended update for mlocate Message-ID: <20170317171134.B7EF010025@maintenance.suse.de> SUSE Recommended Update: Recommended update for mlocate ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0727-1 Rating: low References: #1019440 #902588 #941296 #994663 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for mlocate provides the following fixes: - Update the umask also in su section where it could be nulled. (bsc#1019440) - Adjust updatedb.conf to no longer skip indexing of bind mounts. (bsc#994663) - Exit with error code 1 when updatedb is not executable. - Add more file systems to exclude in updatedb.conf. - Specify umask to allow user to redefine the value in login.defs. (bsc#941296) - Remove references to the "locate" group that was obsoleted. (bsc#902588) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-403=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-403=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-403=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-403=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-403=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): mlocate-0.26-12.1 mlocate-debuginfo-0.26-12.1 mlocate-debugsource-0.26-12.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): mlocate-0.26-12.1 mlocate-debuginfo-0.26-12.1 mlocate-debugsource-0.26-12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): mlocate-0.26-12.1 mlocate-debuginfo-0.26-12.1 mlocate-debugsource-0.26-12.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): mlocate-0.26-12.1 mlocate-debuginfo-0.26-12.1 mlocate-debugsource-0.26-12.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): mlocate-0.26-12.1 mlocate-debuginfo-0.26-12.1 mlocate-debugsource-0.26-12.1 References: https://bugzilla.suse.com/1019440 https://bugzilla.suse.com/902588 https://bugzilla.suse.com/941296 https://bugzilla.suse.com/994663 From sle-updates at lists.suse.com Fri Mar 17 11:12:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:12:34 +0100 (CET) Subject: SUSE-SU-2017:0728-1: moderate: Security update for lighttpd Message-ID: <20170317171234.31CB210025@maintenance.suse.de> SUSE Security Update: Security update for lighttpd ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0728-1 Rating: moderate References: #932286 #981347 #990847 Cross-References: CVE-2015-3200 CVE-2016-1000212 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise High Availability 12-SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for lighttpd fixes the following issues: Security issues fixed: - CVE-2016-1000212: don't allow requests to set the HTTP_PROXY variable. As *CGI apps might pick it up and use it for outgoing requests (bsc#990847). - CVE-2015-3200: log injection via malformed base64 string in Authentication header (bsc#932286). Bugfixes: - added su directive to logrotate file as the directory is owned by lighttpd. (bsc#981347) - fix out of bounds read in mod_scgi (debian#857255) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-409=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-409=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2017-409=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): lighttpd-mod_cml-1.4.35-3.1 lighttpd-mod_cml-debuginfo-1.4.35-3.1 lighttpd-mod_magnet-1.4.35-3.1 lighttpd-mod_magnet-debuginfo-1.4.35-3.1 lighttpd-mod_mysql_vhost-1.4.35-3.1 lighttpd-mod_mysql_vhost-debuginfo-1.4.35-3.1 lighttpd-mod_rrdtool-1.4.35-3.1 lighttpd-mod_rrdtool-debuginfo-1.4.35-3.1 lighttpd-mod_trigger_b4_dl-1.4.35-3.1 lighttpd-mod_trigger_b4_dl-debuginfo-1.4.35-3.1 lighttpd-mod_webdav-1.4.35-3.1 lighttpd-mod_webdav-debuginfo-1.4.35-3.1 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): lighttpd-1.4.35-3.1 lighttpd-debuginfo-1.4.35-3.1 lighttpd-debugsource-1.4.35-3.1 - SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64): lighttpd-1.4.35-3.1 lighttpd-debuginfo-1.4.35-3.1 lighttpd-debugsource-1.4.35-3.1 References: https://www.suse.com/security/cve/CVE-2015-3200.html https://www.suse.com/security/cve/CVE-2016-1000212.html https://bugzilla.suse.com/932286 https://bugzilla.suse.com/981347 https://bugzilla.suse.com/990847 From sle-updates at lists.suse.com Fri Mar 17 11:13:23 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:13:23 +0100 (CET) Subject: SUSE-SU-2017:0729-1: moderate: Security update for apache2 Message-ID: <20170317171323.52BF210025@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0729-1 Rating: moderate References: #1016714 #1016715 Cross-References: CVE-2016-2161 CVE-2016-8743 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash, resulting in DoS (bsc#1016714). - CVE-2016-8743: Added new directive "HttpProtocolOptions Strict" to avoid proxy chain misinterpretation (bsc#1016715). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-apache2-13032=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-apache2-13032=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-apache2-13032=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-apache2-13032=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): apache2-devel-2.2.12-69.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): apache2-devel-2.2.12-69.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): apache2-2.2.12-69.1 apache2-doc-2.2.12-69.1 apache2-example-pages-2.2.12-69.1 apache2-prefork-2.2.12-69.1 apache2-utils-2.2.12-69.1 apache2-worker-2.2.12-69.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): apache2-2.2.12-69.1 apache2-doc-2.2.12-69.1 apache2-example-pages-2.2.12-69.1 apache2-prefork-2.2.12-69.1 apache2-utils-2.2.12-69.1 apache2-worker-2.2.12-69.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): apache2-debuginfo-2.2.12-69.1 apache2-debugsource-2.2.12-69.1 References: https://www.suse.com/security/cve/CVE-2016-2161.html https://www.suse.com/security/cve/CVE-2016-8743.html https://bugzilla.suse.com/1016714 https://bugzilla.suse.com/1016715 From sle-updates at lists.suse.com Fri Mar 17 11:14:01 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:14:01 +0100 (CET) Subject: SUSE-OU-2017:0730-1: Initial release of aws-vpc-move-ip Message-ID: <20170317171401.0A4AF10025@maintenance.suse.de> SUSE Optional Update: Initial release of aws-vpc-move-ip ______________________________________________________________________________ Announcement ID: SUSE-OU-2017:0730-1 Rating: low References: #965358 Affected Products: SUSE Linux Enterprise High Availability 12-SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update introduces aws-vpc-move-ip, a new resource agent that connects an IP address to a certain instance. The agent configures an IP address locally on an instance using the iproute2 tools and sets up a host-route entry in the routing table of a VPC using EC2 API commands. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-402=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12-SP2 (noarch): aws-vpc-move-ip-0.1.20151002-4.1 References: https://bugzilla.suse.com/965358 From sle-updates at lists.suse.com Fri Mar 17 11:14:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 18:14:25 +0100 (CET) Subject: SUSE-SU-2017:0731-1: moderate: Security update for lighttpd Message-ID: <20170317171425.7C29410025@maintenance.suse.de> SUSE Security Update: Security update for lighttpd ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0731-1 Rating: moderate References: #932286 #981347 #990847 Cross-References: CVE-2015-3200 CVE-2016-1000212 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server for SAP 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for lighttpd fixes the following issues: Security issues fixed: - CVE-2016-1000212: Don't allow requests to set the HTTP_PROXY variable. As *CGI apps might pick it up and use it for outgoing requests. (bsc#990847) - CVE-2015-3200: Log injection via malformed base64 string in Authentication header. (bsc#932286) Bug fixes: - Add su directive to logrotate file as the directory is owned by lighttpd. (bsc#981347) - Fix out of bounds read in mod_scgi. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-lighttpd-13033=1 - SUSE Linux Enterprise Server for SAP 11-SP4: zypper in -t patch slesappsp4-lighttpd-13033=1 - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-lighttpd-13033=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-lighttpd-13033=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): lighttpd-1.4.20-2.58.1 lighttpd-mod_cml-1.4.20-2.58.1 lighttpd-mod_magnet-1.4.20-2.58.1 lighttpd-mod_mysql_vhost-1.4.20-2.58.1 lighttpd-mod_rrdtool-1.4.20-2.58.1 lighttpd-mod_trigger_b4_dl-1.4.20-2.58.1 lighttpd-mod_webdav-1.4.20-2.58.1 - SUSE Linux Enterprise Server for SAP 11-SP4 (ppc64 x86_64): lighttpd-mod_cml-1.4.20-2.58.1 lighttpd-mod_magnet-1.4.20-2.58.1 lighttpd-mod_mysql_vhost-1.4.20-2.58.1 lighttpd-mod_rrdtool-1.4.20-2.58.1 lighttpd-mod_trigger_b4_dl-1.4.20-2.58.1 lighttpd-mod_webdav-1.4.20-2.58.1 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): lighttpd-1.4.20-2.58.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): lighttpd-debuginfo-1.4.20-2.58.1 lighttpd-debugsource-1.4.20-2.58.1 References: https://www.suse.com/security/cve/CVE-2015-3200.html https://www.suse.com/security/cve/CVE-2016-1000212.html https://bugzilla.suse.com/932286 https://bugzilla.suse.com/981347 https://bugzilla.suse.com/990847 From sle-updates at lists.suse.com Fri Mar 17 14:07:57 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 21:07:57 +0100 (CET) Subject: SUSE-SU-2017:0732-1: important: Security update for MozillaFirefox Message-ID: <20170317200757.F204D1001C@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0732-1 Rating: important References: #1027527 #1028391 Cross-References: CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5409 CVE-2017-5410 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 Bugfixes: - fix crashes on Itanium (bsc#1027527) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-MozillaFirefox-13034=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-MozillaFirefox-13034=1 - SUSE Manager 2.1: zypper in -t patch sleman21-MozillaFirefox-13034=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-MozillaFirefox-13034=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-MozillaFirefox-13034=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-MozillaFirefox-13034=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-MozillaFirefox-13034=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-MozillaFirefox-13034=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-MozillaFirefox-13034=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Manager Proxy 2.1 (x86_64): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Manager 2.1 (s390x x86_64): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-45.8.0esr-68.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): MozillaFirefox-45.8.0esr-68.1 MozillaFirefox-translations-45.8.0esr-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-debuginfo-45.8.0esr-68.1 MozillaFirefox-debugsource-45.8.0esr-68.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): MozillaFirefox-debuginfo-45.8.0esr-68.1 MozillaFirefox-debugsource-45.8.0esr-68.1 References: https://www.suse.com/security/cve/CVE-2017-5398.html https://www.suse.com/security/cve/CVE-2017-5400.html https://www.suse.com/security/cve/CVE-2017-5401.html https://www.suse.com/security/cve/CVE-2017-5402.html https://www.suse.com/security/cve/CVE-2017-5404.html https://www.suse.com/security/cve/CVE-2017-5405.html https://www.suse.com/security/cve/CVE-2017-5407.html https://www.suse.com/security/cve/CVE-2017-5408.html https://www.suse.com/security/cve/CVE-2017-5409.html https://www.suse.com/security/cve/CVE-2017-5410.html https://bugzilla.suse.com/1027527 https://bugzilla.suse.com/1028391 From sle-updates at lists.suse.com Fri Mar 17 14:08:54 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Mar 2017 21:08:54 +0100 (CET) Subject: SUSE-RU-2017:0734-1: moderate: Recommended update for sblim-sfcb Message-ID: <20170317200854.9C9DB1001C@maintenance.suse.de> SUSE Recommended Update: Recommended update for sblim-sfcb ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0734-1 Rating: moderate References: #1018324 #1023820 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for sblim-sfcb provides the following fixes: - Revert mistaken change that disabled basic authentication on default install. (bsc#1023820) - Reference correct service name for service restarts on upgrades. (bsc#1018324) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-411=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-411=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-411=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-411=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-411=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): sblim-sfcb-1.4.8-13.1 sblim-sfcb-debuginfo-1.4.8-13.1 sblim-sfcb-debugsource-1.4.8-13.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): sblim-sfcb-1.4.8-13.1 sblim-sfcb-debuginfo-1.4.8-13.1 sblim-sfcb-debugsource-1.4.8-13.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): sblim-sfcb-1.4.8-13.1 sblim-sfcb-debuginfo-1.4.8-13.1 sblim-sfcb-debugsource-1.4.8-13.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): sblim-sfcb-1.4.8-13.1 sblim-sfcb-debuginfo-1.4.8-13.1 sblim-sfcb-debugsource-1.4.8-13.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): sblim-sfcb-1.4.8-13.1 sblim-sfcb-debuginfo-1.4.8-13.1 sblim-sfcb-debugsource-1.4.8-13.1 References: https://bugzilla.suse.com/1018324 https://bugzilla.suse.com/1023820 From sle-updates at lists.suse.com Fri Mar 17 17:07:27 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 18 Mar 2017 00:07:27 +0100 (CET) Subject: SUSE-RU-2017:0736-1: moderate: Recommended update for ceph Message-ID: <20170317230727.859B41001C@maintenance.suse.de> SUSE Recommended Update: Recommended update for ceph ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0736-1 Rating: moderate References: #1008435 #1012100 #1015748 #1019616 #970642 Affected Products: SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update provides Ceph 10.2.5, which brings fixes and enhancements: - mon,ceph-disk: Add lockbox permissions to bootstrap-osd. (bsc#1008435) - systemd/ceph-disk: Reduce ceph-disk flock contention. (bsc#1019616, bsc#1012100) - ceph-disk: Systemd unit must run after local-fs.target. (bsc#1019616, bsc#1012100) - ceph-disk: Trigger must ensure device ownership. (bsc#1019616, bsc#1012100) - ceph-disk: Enable --runtime ceph-osd systemd units. (bsc#1019616, bsc#1012100) - build/ops: Restart ceph-osd at .service after 20s instead of 100ms. (bsc#1019616, bsc#1012100) - doc: Add verbiage to rbdmap man page. (bsc#1015748) - doc: Mention rbdmap in RBD quick start. (bsc#1015748) - doc: Remove references to mds destroy from ceph-deploy man page. (bsc#970642) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-412=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 4 (aarch64 x86_64): ceph-10.2.5+git.1485186403.3a6a822-6.2 ceph-base-10.2.5+git.1485186403.3a6a822-6.2 ceph-base-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-common-10.2.5+git.1485186403.3a6a822-6.2 ceph-common-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-debugsource-10.2.5+git.1485186403.3a6a822-6.2 ceph-fuse-10.2.5+git.1485186403.3a6a822-6.2 ceph-fuse-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-mds-10.2.5+git.1485186403.3a6a822-6.2 ceph-mds-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-mon-10.2.5+git.1485186403.3a6a822-6.2 ceph-mon-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-osd-10.2.5+git.1485186403.3a6a822-6.2 ceph-osd-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-radosgw-10.2.5+git.1485186403.3a6a822-6.2 ceph-radosgw-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-test-10.2.5+git.1485186403.3a6a822-6.2 ceph-test-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 ceph-test-debugsource-10.2.5+git.1485186403.3a6a822-6.2 libcephfs1-10.2.5+git.1485186403.3a6a822-6.2 libcephfs1-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 librados2-10.2.5+git.1485186403.3a6a822-6.2 librados2-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 libradosstriper1-10.2.5+git.1485186403.3a6a822-6.2 libradosstriper1-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 librbd1-10.2.5+git.1485186403.3a6a822-6.2 librbd1-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 librgw2-10.2.5+git.1485186403.3a6a822-6.2 librgw2-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 python-ceph-compat-10.2.5+git.1485186403.3a6a822-6.2 python-cephfs-10.2.5+git.1485186403.3a6a822-6.2 python-cephfs-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 python-rados-10.2.5+git.1485186403.3a6a822-6.2 python-rados-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 python-rbd-10.2.5+git.1485186403.3a6a822-6.2 python-rbd-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 rbd-fuse-10.2.5+git.1485186403.3a6a822-6.2 rbd-fuse-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 rbd-mirror-10.2.5+git.1485186403.3a6a822-6.2 rbd-mirror-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 rbd-nbd-10.2.5+git.1485186403.3a6a822-6.2 rbd-nbd-debuginfo-10.2.5+git.1485186403.3a6a822-6.2 References: https://bugzilla.suse.com/1008435 https://bugzilla.suse.com/1012100 https://bugzilla.suse.com/1015748 https://bugzilla.suse.com/1019616 https://bugzilla.suse.com/970642 From sle-updates at lists.suse.com Mon Mar 20 11:08:48 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 20 Mar 2017 18:08:48 +0100 (CET) Subject: SUSE-RU-2017:0755-1: Recommended update for SUSEConnect Message-ID: <20170320170848.28D83FF7A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSEConnect ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0755-1 Rating: low References: #1018190 #975484 #982630 #990475 #998583 Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for SUSEConnect provides the following fixes: - Better error message for network request failure (bsc#982630) - Fix error message for --product with malformed identifier (bsc#1018190) - Fix some errors and formatting in manpages and help output - Better error message for --list-extensions on unregistered systems - Update man page to include the --list-extensions option (bsc#998583) - Support for aarch64 hardware info (bsc#990475) - Better error message if SMT is too old (bsc#975484) - Add method to YaST class to get Installer-Updates repositories (fate#319716) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-414=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-414=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): SUSEConnect-0.2.42-17.3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): SUSEConnect-0.2.42-17.3.1 References: https://bugzilla.suse.com/1018190 https://bugzilla.suse.com/975484 https://bugzilla.suse.com/982630 https://bugzilla.suse.com/990475 https://bugzilla.suse.com/998583 From sle-updates at lists.suse.com Mon Mar 20 11:09:55 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 20 Mar 2017 18:09:55 +0100 (CET) Subject: SUSE-RU-2017:0756-1: Recommended update for dpdk Message-ID: <20170320170955.DC71010023@maintenance.suse.de> SUSE Recommended Update: Recommended update for dpdk ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0756-1 Rating: low References: #1026804 #1028778 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for dpdk provides the following fixes: - Fix broken dpdk-pmd/* soft links. (bsc#1026804) - Ship dpdk-devel in the Software Development Kit. (bsc#1028778) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-415=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-415=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (x86_64): dpdk-debuginfo-2.2.0-14.1 dpdk-debugsource-2.2.0-14.1 dpdk-devel-2.2.0-14.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): dpdk-2.2.0-14.1 dpdk-debuginfo-2.2.0-14.1 dpdk-debugsource-2.2.0-14.1 dpdk-tools-2.2.0-14.1 References: https://bugzilla.suse.com/1026804 https://bugzilla.suse.com/1028778 From sle-updates at lists.suse.com Mon Mar 20 14:08:09 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 20 Mar 2017 21:08:09 +0100 (CET) Subject: SUSE-SU-2017:0758-1: moderate: Security update for ceph Message-ID: <20170320200809.D7C7CFFC6@maintenance.suse.de> SUSE Security Update: Security update for ceph ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0758-1 Rating: moderate References: #1007217 #1008435 #1008894 #1012100 #1014338 #1015748 #1019616 Cross-References: CVE-2016-8626 Affected Products: SUSE Enterprise Storage 3 ______________________________________________________________________________ An update that solves one vulnerability and has 6 fixes is now available. Description: This update provides Ceph 10.2.5, which brings fixes and enhancements: This security issue was fixed: - CVE-2016-8626: Handle empty POST condition to not allow attackers to crash the ceph-radosgw service. (bsc#1007217) These non-security issues were fixed: - OSD daemon uses 100% CPU load after OSD creation (bsc#1014338) - ceph-deploy fails with dmcrypt flag (bsc#1008435) - OSD's are not mounted after upgrade (bsc#1012100) - ceph-osd service fails to start OSD randomly (bsc#1019616) - Add missing argument comma to ceph-create-keys (bsc#1008894) - Add Install section to systemd rbdmap.service file (bsc#1015748) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 3: zypper in -t patch SUSE-Storage-3-2017-416=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 3 (aarch64 x86_64): ceph-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-base-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-base-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-common-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-common-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-debugsource-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-fuse-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mds-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mds-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mon-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mon-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-osd-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-osd-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-radosgw-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-radosgw-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-test-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-test-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-test-debugsource-10.2.5+git.1485186288.4e3c6c4-12.2 libcephfs1-10.2.5+git.1485186288.4e3c6c4-12.2 libcephfs1-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 librados2-10.2.5+git.1485186288.4e3c6c4-12.2 librados2-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 libradosstriper1-10.2.5+git.1485186288.4e3c6c4-12.2 libradosstriper1-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 librbd1-10.2.5+git.1485186288.4e3c6c4-12.2 librbd1-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 librgw2-10.2.5+git.1485186288.4e3c6c4-12.2 librgw2-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 python-ceph-compat-10.2.5+git.1485186288.4e3c6c4-12.2 python-cephfs-10.2.5+git.1485186288.4e3c6c4-12.2 python-cephfs-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 python-rados-10.2.5+git.1485186288.4e3c6c4-12.2 python-rados-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 python-rbd-10.2.5+git.1485186288.4e3c6c4-12.2 python-rbd-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-fuse-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-mirror-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-mirror-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-nbd-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-nbd-debuginfo-10.2.5+git.1485186288.4e3c6c4-12.2 References: https://www.suse.com/security/cve/CVE-2016-8626.html https://bugzilla.suse.com/1007217 https://bugzilla.suse.com/1008435 https://bugzilla.suse.com/1008894 https://bugzilla.suse.com/1012100 https://bugzilla.suse.com/1014338 https://bugzilla.suse.com/1015748 https://bugzilla.suse.com/1019616 From sle-updates at lists.suse.com Mon Mar 20 17:07:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:07:44 +0100 (CET) Subject: SUSE-SU-2017:0759-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 Message-ID: <20170320230744.4B81E10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0759-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.55-52_45 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-419=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-419=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_45-default-7-2.1 kgraft-patch-3_12_55-52_45-xen-7-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_45-default-7-2.1 kgraft-patch-3_12_55-52_45-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:07:59 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:07:59 +0100 (CET) Subject: SUSE-SU-2017:0760-1: important: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 Message-ID: <20170320230759.16DC710025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0760-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.62-60_62 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-428=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_62-default-7-2.1 kgraft-patch-3_12_62-60_62-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:08:14 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:08:14 +0100 (CET) Subject: SUSE-SU-2017:0761-1: moderate: Security update for php5 Message-ID: <20170320230814.082B110025@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0761-1 Rating: moderate References: #1027210 Cross-References: CVE-2015-8994 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for php5 fixes the following issues: Security issue fixed: - CVE-2015-8994: code permission/sensitive data protection vulnerability (bsc#1027210). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-417=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-417=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-417=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): php5-debuginfo-5.5.14-99.1 php5-debugsource-5.5.14-99.1 php5-devel-5.5.14-99.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): php5-debuginfo-5.5.14-99.1 php5-debugsource-5.5.14-99.1 php5-devel-5.5.14-99.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php5-5.5.14-99.1 apache2-mod_php5-debuginfo-5.5.14-99.1 php5-5.5.14-99.1 php5-bcmath-5.5.14-99.1 php5-bcmath-debuginfo-5.5.14-99.1 php5-bz2-5.5.14-99.1 php5-bz2-debuginfo-5.5.14-99.1 php5-calendar-5.5.14-99.1 php5-calendar-debuginfo-5.5.14-99.1 php5-ctype-5.5.14-99.1 php5-ctype-debuginfo-5.5.14-99.1 php5-curl-5.5.14-99.1 php5-curl-debuginfo-5.5.14-99.1 php5-dba-5.5.14-99.1 php5-dba-debuginfo-5.5.14-99.1 php5-debuginfo-5.5.14-99.1 php5-debugsource-5.5.14-99.1 php5-dom-5.5.14-99.1 php5-dom-debuginfo-5.5.14-99.1 php5-enchant-5.5.14-99.1 php5-enchant-debuginfo-5.5.14-99.1 php5-exif-5.5.14-99.1 php5-exif-debuginfo-5.5.14-99.1 php5-fastcgi-5.5.14-99.1 php5-fastcgi-debuginfo-5.5.14-99.1 php5-fileinfo-5.5.14-99.1 php5-fileinfo-debuginfo-5.5.14-99.1 php5-fpm-5.5.14-99.1 php5-fpm-debuginfo-5.5.14-99.1 php5-ftp-5.5.14-99.1 php5-ftp-debuginfo-5.5.14-99.1 php5-gd-5.5.14-99.1 php5-gd-debuginfo-5.5.14-99.1 php5-gettext-5.5.14-99.1 php5-gettext-debuginfo-5.5.14-99.1 php5-gmp-5.5.14-99.1 php5-gmp-debuginfo-5.5.14-99.1 php5-iconv-5.5.14-99.1 php5-iconv-debuginfo-5.5.14-99.1 php5-imap-5.5.14-99.1 php5-imap-debuginfo-5.5.14-99.1 php5-intl-5.5.14-99.1 php5-intl-debuginfo-5.5.14-99.1 php5-json-5.5.14-99.1 php5-json-debuginfo-5.5.14-99.1 php5-ldap-5.5.14-99.1 php5-ldap-debuginfo-5.5.14-99.1 php5-mbstring-5.5.14-99.1 php5-mbstring-debuginfo-5.5.14-99.1 php5-mcrypt-5.5.14-99.1 php5-mcrypt-debuginfo-5.5.14-99.1 php5-mysql-5.5.14-99.1 php5-mysql-debuginfo-5.5.14-99.1 php5-odbc-5.5.14-99.1 php5-odbc-debuginfo-5.5.14-99.1 php5-opcache-5.5.14-99.1 php5-opcache-debuginfo-5.5.14-99.1 php5-openssl-5.5.14-99.1 php5-openssl-debuginfo-5.5.14-99.1 php5-pcntl-5.5.14-99.1 php5-pcntl-debuginfo-5.5.14-99.1 php5-pdo-5.5.14-99.1 php5-pdo-debuginfo-5.5.14-99.1 php5-pgsql-5.5.14-99.1 php5-pgsql-debuginfo-5.5.14-99.1 php5-phar-5.5.14-99.1 php5-phar-debuginfo-5.5.14-99.1 php5-posix-5.5.14-99.1 php5-posix-debuginfo-5.5.14-99.1 php5-pspell-5.5.14-99.1 php5-pspell-debuginfo-5.5.14-99.1 php5-shmop-5.5.14-99.1 php5-shmop-debuginfo-5.5.14-99.1 php5-snmp-5.5.14-99.1 php5-snmp-debuginfo-5.5.14-99.1 php5-soap-5.5.14-99.1 php5-soap-debuginfo-5.5.14-99.1 php5-sockets-5.5.14-99.1 php5-sockets-debuginfo-5.5.14-99.1 php5-sqlite-5.5.14-99.1 php5-sqlite-debuginfo-5.5.14-99.1 php5-suhosin-5.5.14-99.1 php5-suhosin-debuginfo-5.5.14-99.1 php5-sysvmsg-5.5.14-99.1 php5-sysvmsg-debuginfo-5.5.14-99.1 php5-sysvsem-5.5.14-99.1 php5-sysvsem-debuginfo-5.5.14-99.1 php5-sysvshm-5.5.14-99.1 php5-sysvshm-debuginfo-5.5.14-99.1 php5-tokenizer-5.5.14-99.1 php5-tokenizer-debuginfo-5.5.14-99.1 php5-wddx-5.5.14-99.1 php5-wddx-debuginfo-5.5.14-99.1 php5-xmlreader-5.5.14-99.1 php5-xmlreader-debuginfo-5.5.14-99.1 php5-xmlrpc-5.5.14-99.1 php5-xmlrpc-debuginfo-5.5.14-99.1 php5-xmlwriter-5.5.14-99.1 php5-xmlwriter-debuginfo-5.5.14-99.1 php5-xsl-5.5.14-99.1 php5-xsl-debuginfo-5.5.14-99.1 php5-zip-5.5.14-99.1 php5-zip-debuginfo-5.5.14-99.1 php5-zlib-5.5.14-99.1 php5-zlib-debuginfo-5.5.14-99.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php5-pear-5.5.14-99.1 References: https://www.suse.com/security/cve/CVE-2015-8994.html https://bugzilla.suse.com/1027210 From sle-updates at lists.suse.com Mon Mar 20 17:08:30 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:08:30 +0100 (CET) Subject: SUSE-SU-2017:0762-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 Message-ID: <20170320230830.81BEF10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0762-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.59-60_41 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-426=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_41-default-8-2.1 kgraft-patch-3_12_59-60_41-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:08:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:08:44 +0100 (CET) Subject: SUSE-SU-2017:0763-1: important: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 Message-ID: <20170320230844.6C37210025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0763-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.62-60_64_8 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-429=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_64_8-default-6-2.1 kgraft-patch-3_12_62-60_64_8-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:08:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:08:58 +0100 (CET) Subject: SUSE-SU-2017:0764-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 Message-ID: <20170320230858.9213710025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0764-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-431=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-4-2.1 kgraft-patch-3_12_67-60_64_21-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 17:09:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:09:37 +0100 (CET) Subject: SUSE-SU-2017:0766-1: important: Security update for Linux Kernel Live Patch 18 for SLE 12 Message-ID: <20170320230937.6606F10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0766-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_63 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-424=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-424=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_63-default-3-2.1 kgraft-patch-3_12_60-52_63-xen-3-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_63-default-3-2.1 kgraft-patch-3_12_60-52_63-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:09:52 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:09:52 +0100 (CET) Subject: SUSE-SU-2017:0767-1: important: Security update for Linux Kernel Live Patch 15 for SLE 12 Message-ID: <20170320230952.4157D10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0767-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_54 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-421=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-421=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_54-default-7-2.1 kgraft-patch-3_12_60-52_54-xen-7-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_54-default-7-2.1 kgraft-patch-3_12_60-52_54-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:10:23 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:10:23 +0100 (CET) Subject: SUSE-SU-2017:0768-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 Message-ID: <20170320231023.5D3D410025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0768-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 4.4.21-69 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-432=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-69-default-4-11.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 17:11:04 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:11:04 +0100 (CET) Subject: SUSE-SU-2017:0769-1: important: Security update for Linux Kernel Live Patch 14 for SLE 12 Message-ID: <20170320231104.2A6D910025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0769-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_49 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-420=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-420=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_49-default-7-2.1 kgraft-patch-3_12_60-52_49-xen-7-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_49-default-7-2.1 kgraft-patch-3_12_60-52_49-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:11:28 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:11:28 +0100 (CET) Subject: SUSE-SU-2017:0770-1: important: Security update for Linux Kernel Live Patch 16 for SLE 12 Message-ID: <20170320231128.A8E9E10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0770-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_57 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-422=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-422=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_57-default-4-2.1 kgraft-patch-3_12_60-52_57-xen-4-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_57-default-4-2.1 kgraft-patch-3_12_60-52_57-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:11:52 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:11:52 +0100 (CET) Subject: SUSE-SU-2017:0771-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 Message-ID: <20170320231152.8AF8410025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0771-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.55-52_42 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-418=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-418=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_42-default-7-2.1 kgraft-patch-3_12_55-52_42-xen-7-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_42-default-7-2.1 kgraft-patch-3_12_55-52_42-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:12:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:12:15 +0100 (CET) Subject: SUSE-SU-2017:0772-1: important: Security update for Linux Kernel Live Patch 17 for SLE 12 Message-ID: <20170320231215.68A3E10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 17 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0772-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_60 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-423=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-423=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_60-default-3-2.1 kgraft-patch-3_12_60-52_60-xen-3-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_60-default-3-2.1 kgraft-patch-3_12_60-52_60-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:12:59 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:12:59 +0100 (CET) Subject: SUSE-SU-2017:0773-1: important: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 Message-ID: <20170320231259.5A2C610025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0773-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-430=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_18-default-5-2.1 kgraft-patch-3_12_67-60_64_18-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 17:13:25 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:13:25 +0100 (CET) Subject: SUSE-SU-2017:0774-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 Message-ID: <20170320231325.21EF210025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0774-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.57-60_35 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-425=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_57-60_35-default-8-2.1 kgraft-patch-3_12_57-60_35-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 17:13:39 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 00:13:39 +0100 (CET) Subject: SUSE-SU-2017:0775-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 Message-ID: <20170320231339.E6C8910025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0775-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.59-60_45 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-427=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_45-default-8-2.1 kgraft-patch-3_12_59-60_45-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 20:07:42 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:07:42 +0100 (CET) Subject: SUSE-SU-2017:0776-1: important: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 Message-ID: <20170321020742.1A6C110025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0776-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-436=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_24-default-3-2.1 kgraft-patch-3_12_67-60_64_24-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 20:08:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:08:15 +0100 (CET) Subject: SUSE-SU-2017:0777-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 Message-ID: <20170321020815.B234910025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0777-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-435=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-81-default-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 20:08:49 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:08:49 +0100 (CET) Subject: SUSE-SU-2017:0778-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 Message-ID: <20170321020849.6A5A710025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0778-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 4.4.21-84 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-434=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 20:09:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:09:24 +0100 (CET) Subject: SUSE-SU-2017:0779-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 Message-ID: <20170321020924.3BB8C10025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0779-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 4.4.38-93 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-438=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_38-93-default-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Mon Mar 20 20:09:53 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:09:53 +0100 (CET) Subject: SUSE-SU-2017:0780-1: important: Security update for Linux Kernel Live Patch 19 for SLE 12 Message-ID: <20170321020953.E4FD210025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0780-1 Rating: important References: #1025013 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.61-52_66 fixes one issue. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-437=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-437=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_66-default-2-2.1 kgraft-patch-3_12_61-52_66-xen-2-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_66-default-2-2.1 kgraft-patch-3_12_61-52_66-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 From sle-updates at lists.suse.com Mon Mar 20 20:10:17 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 03:10:17 +0100 (CET) Subject: SUSE-SU-2017:0781-1: important: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 Message-ID: <20170321021017.0FED810025@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0781-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 4.4.21-90 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-433=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-90-default-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Tue Mar 21 08:07:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 15:07:56 +0100 (CET) Subject: SUSE-RU-2017:0782-1: Recommended update for netcfg Message-ID: <20170321140756.B135610021@maintenance.suse.de> SUSE Recommended Update: Recommended update for netcfg ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0782-1 Rating: low References: #1028305 #959693 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for netcfg provides the following fixes: - Update script to generate services to use UTF8 by default. (bsc#1028305) - Repack services.bz2 with latest from upstream and adjust the script to not add all the names and emails at the bottom of the file. (bsc#959693) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-439=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-439=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-439=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-439=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-439=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-439=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): netcfg-11.5-29.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): netcfg-11.5-29.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): netcfg-11.5-29.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): netcfg-11.5-29.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): netcfg-11.5-29.1 - OpenStack Cloud Magnum Orchestration 7 (noarch): netcfg-11.5-29.1 References: https://bugzilla.suse.com/1028305 https://bugzilla.suse.com/959693 From sle-updates at lists.suse.com Tue Mar 21 08:08:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 15:08:32 +0100 (CET) Subject: SUSE-RU-2017:0783-1: Recommended update for selinux-policy Message-ID: <20170321140832.A2F9C10021@maintenance.suse.de> SUSE Recommended Update: Recommended update for selinux-policy ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0783-1 Rating: low References: #1016385 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for selinux-policy fixes the following issue: - Patch installation fails when SELinux is enabled (bsc#1016385) This was due to the selinux-policy package embedding PCRE prebuilt regular expressions, which are incompatible to the PCRE minor version update released some weeks ago. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-440=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-440=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-440=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-440=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-440=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): selinux-policy-devel-20140730-31.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): selinux-policy-devel-20140730-31.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): selinux-policy-20140730-31.1 selinux-policy-devel-20140730-31.1 selinux-policy-minimum-20140730-31.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): selinux-policy-20140730-31.1 selinux-policy-devel-20140730-31.1 selinux-policy-minimum-20140730-31.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): selinux-policy-20140730-31.1 selinux-policy-devel-20140730-31.1 selinux-policy-minimum-20140730-31.1 References: https://bugzilla.suse.com/1016385 From sle-updates at lists.suse.com Tue Mar 21 11:08:37 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 18:08:37 +0100 (CET) Subject: SUSE-RU-2017:0784-1: Recommended update for git Message-ID: <20170321170837.4EAC410021@maintenance.suse.de> SUSE Recommended Update: Recommended update for git ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0784-1 Rating: low References: #1011169 #905707 #939065 #942297 #951153 #961112 #961292 #977477 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: The Git distributed revision control system was updated to version 2.12.0, which brings several fixes and enhancements: - Use of an empty string that is used for 'everything matches' is still warned and Git asks users to use a more explicit '.' for that instead. In the future this warning will be turned into a hard error. - The historical argument order "git merge 'msg' HEAD 'commit'..." has been deprecated for quite some time, and will be removed in a future release. - An ancient script "git relink" has been removed. - The character width table has been updated to match Unicode 9.0. - Commands in the "git diff" and "git log" family by default enable rename detection; use "diff.renames" configuration variable to disable this. - Merging two branches that have no common ancestor with "git merge" is by default forbidden now to prevent creating such an unusual merge by mistake. - Output formats of "git log" that indents the commit log message by 4 spaces now expands HT in the log message by default. The "--no-expand-tabs" option disables this. - "git send-email" now uses a more readable timestamps when formulating a message ID. - The rsync:// transport has been removed. - "git fetch" and friends that make network connections can now be told to only use ipv4 (or ipv6). * Add support for talking http/https over socks proxy. - Fix crash of gitk with --all option in non-English locales. (bsc#951153) - Fix deadlock in signal handler in pager. (bsc#942297) - Introduce new "git-worktree" feature. (bsc#977477, fate#322294) - Introduce SSLCipherList configuration variable to tweak the list of cipher suite to be used with libcURL when talking with https:// sites. - Put git-credential-cache--daemon into git-core, it is needed for git-credential-cache. (bsc#939065) - "git push" has been taught an "--atomic" option that makes a push that updates more than one ref an "all-or-none" affair. - Output from "git log --decorate" now distinguishes between a detached HEAD vs. a HEAD that points at a branch. - A new "push.followTags" configuration turns the "--follow-tags" option on by default for the 'git push' command. - Allow snapshot generation in Apparmor profile. (bsc#905707) - Default pager configuration no longer wraps long lines. - "git push" now uses "simple" semantics by default instead of old "matching", use variable "push.default" to revert. - "git add -u" and "git add -A" operate on entire tree, use "git add -u ." or "git add -A ." for current directory only. - "git add 'path'" is the same as "git add -A 'path'" now, use "git add --ignore-removal 'path'" for previous behavior. - "-q" option of "git diff-files" has been removed. To ignore deletion, use "git diff-files --diff-filter=d". - Default prefix for "git svn" remote-tracking branches changed from refs/remotes to refs/remotes/origin/ unless with "--prefix". For a comprehensive list of changes please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-441=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-441=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-441=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-441=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-441=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-441=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): git-2.12.0-23.1 git-arch-2.12.0-23.1 git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-cvs-2.12.0-23.1 git-daemon-2.12.0-23.1 git-daemon-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 git-email-2.12.0-23.1 git-gui-2.12.0-23.1 git-svn-2.12.0-23.1 git-svn-debuginfo-2.12.0-23.1 git-web-2.12.0-23.1 gitk-2.12.0-23.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): git-doc-2.12.0-23.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): git-2.12.0-23.1 git-arch-2.12.0-23.1 git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-cvs-2.12.0-23.1 git-daemon-2.12.0-23.1 git-daemon-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 git-email-2.12.0-23.1 git-gui-2.12.0-23.1 git-svn-2.12.0-23.1 git-svn-debuginfo-2.12.0-23.1 git-web-2.12.0-23.1 gitk-2.12.0-23.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): git-doc-2.12.0-23.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): git-doc-2.12.0-23.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): git-doc-2.12.0-23.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): git-doc-2.12.0-23.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): git-core-2.12.0-23.1 git-core-debuginfo-2.12.0-23.1 git-debugsource-2.12.0-23.1 References: https://bugzilla.suse.com/1011169 https://bugzilla.suse.com/905707 https://bugzilla.suse.com/939065 https://bugzilla.suse.com/942297 https://bugzilla.suse.com/951153 https://bugzilla.suse.com/961112 https://bugzilla.suse.com/961292 https://bugzilla.suse.com/977477 From sle-updates at lists.suse.com Tue Mar 21 11:10:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 18:10:24 +0100 (CET) Subject: SUSE-RU-2017:0785-1: Recommended update for lifecycle-data-sle-live-patching Message-ID: <20170321171024.D20BC10021@maintenance.suse.de> SUSE Recommended Update: Recommended update for lifecycle-data-sle-live-patching ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0785-1 Rating: low References: #1020320 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for lifecycle-data-sle-live-patching adds life cycle data for Kernel Live Patches 3_12_61-52_66, 3_12_69-60_64_29, 3_12_69-60_64_32, 4_4_38-93 and 4_4_49-92_11. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-442=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (noarch): lifecycle-data-sle-live-patching-1-9.1 References: https://bugzilla.suse.com/1020320 From sle-updates at lists.suse.com Tue Mar 21 14:07:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 21:07:24 +0100 (CET) Subject: SUSE-SU-2017:0786-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 Message-ID: <20170321200724.E2B2810021@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0786-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-443=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_29-default-2-2.1 kgraft-patch-3_12_69-60_64_29-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 From sle-updates at lists.suse.com Tue Mar 21 14:08:02 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Mar 2017 21:08:02 +0100 (CET) Subject: SUSE-RU-2017:0787-1: Recommended update for aaa_base Message-ID: <20170321200802.0E4FD10021@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0787-1 Rating: low References: #1022105 #1025673 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for aaa_base fixes the following issues: - Fix issue in lang.csh's /etc/sysconfig/language parser that could result in incorrect locale settings for csh users. (bsc#1025673) - Fix spurious assignment to unknown variable TERM from /etc/inputrc. (bsc#1022105) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-444=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-444=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-444=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-444=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-444=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): aaa_base-debuginfo-13.2+git20140911.61c1681-32.1 aaa_base-debugsource-13.2+git20140911.61c1681-32.1 aaa_base-malloccheck-13.2+git20140911.61c1681-32.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): aaa_base-13.2+git20140911.61c1681-32.1 aaa_base-debuginfo-13.2+git20140911.61c1681-32.1 aaa_base-debugsource-13.2+git20140911.61c1681-32.1 aaa_base-extras-13.2+git20140911.61c1681-32.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): aaa_base-13.2+git20140911.61c1681-32.1 aaa_base-debuginfo-13.2+git20140911.61c1681-32.1 aaa_base-debugsource-13.2+git20140911.61c1681-32.1 aaa_base-extras-13.2+git20140911.61c1681-32.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): aaa_base-13.2+git20140911.61c1681-32.1 aaa_base-debuginfo-13.2+git20140911.61c1681-32.1 aaa_base-debugsource-13.2+git20140911.61c1681-32.1 aaa_base-extras-13.2+git20140911.61c1681-32.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): aaa_base-13.2+git20140911.61c1681-32.1 aaa_base-debuginfo-13.2+git20140911.61c1681-32.1 aaa_base-debugsource-13.2+git20140911.61c1681-32.1 aaa_base-extras-13.2+git20140911.61c1681-32.1 References: https://bugzilla.suse.com/1022105 https://bugzilla.suse.com/1025673 From sle-updates at lists.suse.com Tue Mar 21 17:07:44 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 00:07:44 +0100 (CET) Subject: SUSE-RU-2017:0788-1: Recommended update for man Message-ID: <20170321230744.E9FB510021@maintenance.suse.de> SUSE Recommended Update: Recommended update for man ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0788-1 Rating: low References: #1025597 #786679 #986211 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for man provides the following fixes: - Stop using the wrapper that squashed root privileges down to uid man. (bsc#986211, bsc#1025597) - Add description of MAN_POSIXLY_CORRECT in man.man1. (bsc#786679) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-445=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-445=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-445=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-445=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-445=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): man-2.6.6-3.1 man-debuginfo-2.6.6-3.1 man-debugsource-2.6.6-3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): man-2.6.6-3.1 man-debuginfo-2.6.6-3.1 man-debugsource-2.6.6-3.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): man-2.6.6-3.1 man-debuginfo-2.6.6-3.1 man-debugsource-2.6.6-3.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): man-2.6.6-3.1 man-debuginfo-2.6.6-3.1 man-debugsource-2.6.6-3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): man-2.6.6-3.1 man-debuginfo-2.6.6-3.1 man-debugsource-2.6.6-3.1 References: https://bugzilla.suse.com/1025597 https://bugzilla.suse.com/786679 https://bugzilla.suse.com/986211 From sle-updates at lists.suse.com Wed Mar 22 11:09:18 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 18:09:18 +0100 (CET) Subject: SUSE-RU-2017:0794-1: moderate: Recommended update for python Message-ID: <20170322170918.EBB5FFFCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for python ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0794-1 Rating: moderate References: #1027282 #964182 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides Python 2.7.13, which brings several bug fixes. - Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1. - Update cipher lists for OpenSSL wrapper and support OpenSSL 1.1.0 and newer. - Incorporate more integer overflow checks from upstream. (bsc#964182) - Provide python2-* symbols to support new packages built as python2-. For a comprehensive list of changes, please refer to the upstream Release Notes available at https://hg.python.org/cpython/raw-file/v2.7.13/Misc/NEWS Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-448=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-448=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-448=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-448=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-448=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-448=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-448=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-448=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-448=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-448=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-curses-2.7.13-27.1 python-curses-debuginfo-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-demo-2.7.13-27.1 python-gdbm-2.7.13-27.1 python-gdbm-debuginfo-2.7.13-27.1 python-idle-2.7.13-27.1 python-tk-2.7.13-27.1 python-tk-debuginfo-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): python-doc-2.7.13-27.1 python-doc-pdf-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-curses-2.7.13-27.1 python-curses-debuginfo-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-demo-2.7.13-27.1 python-gdbm-2.7.13-27.1 python-gdbm-debuginfo-2.7.13-27.1 python-idle-2.7.13-27.1 python-tk-2.7.13-27.1 python-tk-debuginfo-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libpython2_7-1_0-32bit-2.7.13-27.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-27.1 python-32bit-2.7.13-27.1 python-base-32bit-2.7.13-27.1 python-base-debuginfo-32bit-2.7.13-27.1 python-debuginfo-32bit-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): python-doc-2.7.13-27.1 python-doc-pdf-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-curses-2.7.13-27.1 python-curses-debuginfo-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-demo-2.7.13-27.1 python-gdbm-2.7.13-27.1 python-gdbm-debuginfo-2.7.13-27.1 python-idle-2.7.13-27.1 python-tk-2.7.13-27.1 python-tk-debuginfo-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libpython2_7-1_0-32bit-2.7.13-27.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-27.1 python-32bit-2.7.13-27.1 python-base-32bit-2.7.13-27.1 python-base-debuginfo-32bit-2.7.13-27.1 python-debuginfo-32bit-2.7.13-27.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): python-doc-2.7.13-27.1 python-doc-pdf-2.7.13-27.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-32bit-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debuginfo-32bit-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-curses-2.7.13-27.1 python-curses-debuginfo-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 python-tk-2.7.13-27.1 python-tk-debuginfo-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-32bit-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debuginfo-32bit-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-curses-2.7.13-27.1 python-curses-debuginfo-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-devel-2.7.13-27.1 python-tk-2.7.13-27.1 python-tk-debuginfo-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libpython2_7-1_0-2.7.13-27.1 libpython2_7-1_0-debuginfo-2.7.13-27.1 python-2.7.13-27.1 python-base-2.7.13-27.1 python-base-debuginfo-2.7.13-27.1 python-base-debugsource-2.7.13-27.1 python-debuginfo-2.7.13-27.1 python-debugsource-2.7.13-27.1 python-xml-2.7.13-27.1 python-xml-debuginfo-2.7.13-27.1 References: https://bugzilla.suse.com/1027282 https://bugzilla.suse.com/964182 From sle-updates at lists.suse.com Wed Mar 22 11:10:01 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 18:10:01 +0100 (CET) Subject: SUSE-RU-2017:0795-1: moderate: Recommended update for libcgroup Message-ID: <20170322171001.2031CFFCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for libcgroup ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0795-1 Rating: moderate References: #1025207 #987985 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for libcgroup provides the following fixes: - Fix hang when system attempts to shut down after control group service restart cycle. (bsc#987985, bsc#1025207) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-447=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-447=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-447=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-447=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-447=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-447=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-447=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup-devel-0.41.rc1-9.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup-devel-0.41.rc1-9.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup-tools-0.41.rc1-9.1 libcgroup-tools-debuginfo-0.41.rc1-9.1 libcgroup1-0.41.rc1-9.1 libcgroup1-debuginfo-0.41.rc1-9.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup-tools-0.41.rc1-9.1 libcgroup-tools-debuginfo-0.41.rc1-9.1 libcgroup1-0.41.rc1-9.1 libcgroup1-debuginfo-0.41.rc1-9.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup-tools-0.41.rc1-9.1 libcgroup-tools-debuginfo-0.41.rc1-9.1 libcgroup1-0.41.rc1-9.1 libcgroup1-debuginfo-0.41.rc1-9.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup1-0.41.rc1-9.1 libcgroup1-debuginfo-0.41.rc1-9.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libcgroup-debugsource-0.41.rc1-9.1 libcgroup1-0.41.rc1-9.1 libcgroup1-debuginfo-0.41.rc1-9.1 References: https://bugzilla.suse.com/1025207 https://bugzilla.suse.com/987985 From sle-updates at lists.suse.com Wed Mar 22 11:10:51 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 18:10:51 +0100 (CET) Subject: SUSE-RU-2017:0796-1: Recommended update for python3 Message-ID: <20170322171051.06BE4FFCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for python3 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0796-1 Rating: low References: #1027282 #1029377 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update provides Python 3.4.6, which brings the following fixes: - Fix potential crash in PyUnicode_AsDecodedObject() in debug build. - Fix possible DoS and arbitrary execution in gettext plurals. - Fix possible use of uninitialized memory in operator.methodcaller. - Fix possible Py_DECREF on unowned object in _sre. - Fix possible integer overflow in _csv module. - Fix selectors incorrectly retaining invalid file descriptors. - Move _elementtree to python3.rpm to match its pyexpat dependency. (bsc#1029377) For a comprehensive list of changes, please refer to the upstream Release Notes available at https://hg.python.org/cpython/raw-file/v3.4.6/Misc/NEWS Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-446=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-446=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-446=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-446=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-446=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-446=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-446=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-446=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-446=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-446=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-devel-3.4.6-24.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.6-24.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-devel-3.4.6-24.1 python3-devel-debuginfo-3.4.6-24.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-curses-3.4.6-24.1 python3-curses-debuginfo-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-curses-3.4.6-24.1 python3-curses-debuginfo-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-curses-3.4.6-24.1 python3-curses-debuginfo-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpython3_4m1_0-3.4.6-24.1 libpython3_4m1_0-debuginfo-3.4.6-24.1 python3-3.4.6-24.1 python3-base-3.4.6-24.1 python3-base-debuginfo-3.4.6-24.1 python3-base-debugsource-3.4.6-24.1 python3-debuginfo-3.4.6-24.1 python3-debugsource-3.4.6-24.1 References: https://bugzilla.suse.com/1027282 https://bugzilla.suse.com/1029377 From sle-updates at lists.suse.com Wed Mar 22 14:07:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 21:07:58 +0100 (CET) Subject: SUSE-SU-2017:0797-1: moderate: Security update for apache2 Message-ID: <20170322200758.26C7DFFCE@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0797-1 Rating: moderate References: #1016712 #1016714 #1016715 #1019380 Cross-References: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for apache2 fixes the following security issues: Security issues fixed: - CVE-2016-0736: Protect mod_session_crypto data with a MAC to prevent padding oracle attacks (bsc#1016712). - CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash, resulting in DoS (bsc#1016714). - CVE-2016-8743: Added new directive "HttpProtocolOptions Strict" to avoid proxy chain misinterpretation (bsc#1016715). Bugfixes: - Add missing copy of hcuri and hcexpr from the worker to the health check worker (bsc#1019380). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-450=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-450=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-450=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): apache2-debuginfo-2.4.23-21.1 apache2-debugsource-2.4.23-21.1 apache2-devel-2.4.23-21.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): apache2-2.4.23-21.1 apache2-debuginfo-2.4.23-21.1 apache2-debugsource-2.4.23-21.1 apache2-example-pages-2.4.23-21.1 apache2-prefork-2.4.23-21.1 apache2-prefork-debuginfo-2.4.23-21.1 apache2-utils-2.4.23-21.1 apache2-utils-debuginfo-2.4.23-21.1 apache2-worker-2.4.23-21.1 apache2-worker-debuginfo-2.4.23-21.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): apache2-doc-2.4.23-21.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): apache2-2.4.23-21.1 apache2-debuginfo-2.4.23-21.1 apache2-debugsource-2.4.23-21.1 apache2-example-pages-2.4.23-21.1 apache2-prefork-2.4.23-21.1 apache2-prefork-debuginfo-2.4.23-21.1 apache2-utils-2.4.23-21.1 apache2-utils-debuginfo-2.4.23-21.1 apache2-worker-2.4.23-21.1 apache2-worker-debuginfo-2.4.23-21.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): apache2-doc-2.4.23-21.1 References: https://www.suse.com/security/cve/CVE-2016-0736.html https://www.suse.com/security/cve/CVE-2016-2161.html https://www.suse.com/security/cve/CVE-2016-8743.html https://bugzilla.suse.com/1016712 https://bugzilla.suse.com/1016714 https://bugzilla.suse.com/1016715 https://bugzilla.suse.com/1019380 From sle-updates at lists.suse.com Wed Mar 22 14:08:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 21:08:58 +0100 (CET) Subject: SUSE-SU-2017:0798-1: moderate: Security update for virglrenderer Message-ID: <20170322200858.E7F8AFFCE@maintenance.suse.de> SUSE Security Update: Security update for virglrenderer ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0798-1 Rating: moderate References: #1021616 #1021627 #1024232 #1024244 #1024992 #1024993 #1025505 #1025507 #1026723 #1026725 #1026922 #1027108 #1027376 Cross-References: CVE-2016-10163 CVE-2016-10214 CVE-2017-5580 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6386 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update for virglrenderer fixes the following issues: Security issues fixed: - CVE-2017-6386: memory leakage while in vrend_create_vertex_elements_state (bsc#1027376) - CVE-2017-6355: integer overflow while creating shader object (bsc#1027108) - CVE-2017-6317: fix memory leak in add shader program (bsc#1026922) - CVE-2017-6210: null pointer dereference in vrend_decode_reset (bsc#1026725) - CVE-2017-6209: stack buffer oveflow in parse_identifier (bsc#1026723) - CVE-2017-5994: out-of-bounds access in vrend_create_vertex_elements_state (bsc#1025507) - CVE-2017-5993: host memory leakage when initialising blitter context (bsc#1025505) - CVE-2017-5957: stack overflow in vrend_decode_set_framebuffer_state (bsc#1024993) - CVE-2017-5956: OOB access while in vrend_draw_vbo (bsc#1024992) - CVE-2017-5937: null pointer dereference in vrend_clear (bsc#1024232) - CVE-2017-5580: OOB access while parsing texture instruction (bsc#1021627) - CVE-2016-10214: host memory leak issue in virgl_resource_attach_backing (bsc#1024244) - CVE-2016-10163: host memory leakage when creating decode context (bsc#1021616) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-452=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-452=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-452=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-452=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): virglrenderer-debugsource-0.5.0-11.1 virglrenderer-devel-0.5.0-11.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libvirglrenderer0-0.5.0-11.1 libvirglrenderer0-debuginfo-0.5.0-11.1 virglrenderer-debugsource-0.5.0-11.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libvirglrenderer0-0.5.0-11.1 libvirglrenderer0-debuginfo-0.5.0-11.1 virglrenderer-debugsource-0.5.0-11.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libvirglrenderer0-0.5.0-11.1 libvirglrenderer0-debuginfo-0.5.0-11.1 virglrenderer-debugsource-0.5.0-11.1 References: https://www.suse.com/security/cve/CVE-2016-10163.html https://www.suse.com/security/cve/CVE-2016-10214.html https://www.suse.com/security/cve/CVE-2017-5580.html https://www.suse.com/security/cve/CVE-2017-5937.html https://www.suse.com/security/cve/CVE-2017-5956.html https://www.suse.com/security/cve/CVE-2017-5957.html https://www.suse.com/security/cve/CVE-2017-5993.html https://www.suse.com/security/cve/CVE-2017-5994.html https://www.suse.com/security/cve/CVE-2017-6209.html https://www.suse.com/security/cve/CVE-2017-6210.html https://www.suse.com/security/cve/CVE-2017-6317.html https://www.suse.com/security/cve/CVE-2017-6355.html https://www.suse.com/security/cve/CVE-2017-6386.html https://bugzilla.suse.com/1021616 https://bugzilla.suse.com/1021627 https://bugzilla.suse.com/1024232 https://bugzilla.suse.com/1024244 https://bugzilla.suse.com/1024992 https://bugzilla.suse.com/1024993 https://bugzilla.suse.com/1025505 https://bugzilla.suse.com/1025507 https://bugzilla.suse.com/1026723 https://bugzilla.suse.com/1026725 https://bugzilla.suse.com/1026922 https://bugzilla.suse.com/1027108 https://bugzilla.suse.com/1027376 From sle-updates at lists.suse.com Wed Mar 22 14:11:20 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 21:11:20 +0100 (CET) Subject: SUSE-SU-2017:0799-1: moderate: Security update for wget Message-ID: <20170322201120.3CF0DFFCE@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0799-1 Rating: moderate References: #1028301 Cross-References: CVE-2017-6508 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for wget fixes the following issues: Security issue fixed: - CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-wget-13035=1 - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-wget-13035=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-wget-13035=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): wget-1.11.4-1.40.1 - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): wget-openssl1-1.11.4-1.40.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): wget-debuginfo-1.11.4-1.40.1 wget-debugsource-1.11.4-1.40.1 References: https://www.suse.com/security/cve/CVE-2017-6508.html https://bugzilla.suse.com/1028301 From sle-updates at lists.suse.com Wed Mar 22 14:11:45 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 21:11:45 +0100 (CET) Subject: SUSE-SU-2017:0800-1: moderate: Security update for wget Message-ID: <20170322201145.238ADFFCE@maintenance.suse.de> SUSE Security Update: Security update for wget ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0800-1 Rating: moderate References: #1028301 Cross-References: CVE-2017-6508 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for wget fixes the following issues: Security issue fixed: - CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-451=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-451=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-451=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-451=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-451=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): wget-1.14-20.1 wget-debuginfo-1.14-20.1 wget-debugsource-1.14-20.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): wget-1.14-20.1 wget-debuginfo-1.14-20.1 wget-debugsource-1.14-20.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): wget-1.14-20.1 wget-debuginfo-1.14-20.1 wget-debugsource-1.14-20.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): wget-1.14-20.1 wget-debuginfo-1.14-20.1 wget-debugsource-1.14-20.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): wget-1.14-20.1 wget-debuginfo-1.14-20.1 wget-debugsource-1.14-20.1 References: https://www.suse.com/security/cve/CVE-2017-6508.html https://bugzilla.suse.com/1028301 From sle-updates at lists.suse.com Wed Mar 22 14:12:07 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Mar 2017 21:12:07 +0100 (CET) Subject: SUSE-SU-2017:0801-1: moderate: Security update for apache2 Message-ID: <20170322201207.EE9F9FFCE@maintenance.suse.de> SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0801-1 Rating: moderate References: #1016712 #1016714 #1016715 #980663 Cross-References: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for apache2 provides the following fixes: Security issues fixed: - CVE-2016-0736: Protect mod_session_crypto data with a MAC to prevent padding oracle attacks (bsc#1016712). - CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash, resulting in DoS (bsc#1016714). - CVE-2016-8743: Added new directive "HttpProtocolOptions Strict" to avoid proxy chain misinterpretation (bsc#1016715). Bugfixes: - Add NotifyAccess=all to systemd service files to prevent warnings in the log when using mod_systemd (bsc#980663). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-449=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-449=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): apache2-debuginfo-2.4.16-19.1 apache2-debugsource-2.4.16-19.1 apache2-devel-2.4.16-19.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): apache2-2.4.16-19.1 apache2-debuginfo-2.4.16-19.1 apache2-debugsource-2.4.16-19.1 apache2-example-pages-2.4.16-19.1 apache2-prefork-2.4.16-19.1 apache2-prefork-debuginfo-2.4.16-19.1 apache2-utils-2.4.16-19.1 apache2-utils-debuginfo-2.4.16-19.1 apache2-worker-2.4.16-19.1 apache2-worker-debuginfo-2.4.16-19.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): apache2-doc-2.4.16-19.1 References: https://www.suse.com/security/cve/CVE-2016-0736.html https://www.suse.com/security/cve/CVE-2016-2161.html https://www.suse.com/security/cve/CVE-2016-8743.html https://bugzilla.suse.com/1016712 https://bugzilla.suse.com/1016714 https://bugzilla.suse.com/1016715 https://bugzilla.suse.com/980663 From sle-updates at lists.suse.com Thu Mar 23 11:09:08 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Mar 2017 18:09:08 +0100 (CET) Subject: SUSE-RU-2017:0802-1: Recommended update for haproxy Message-ID: <20170323170908.455F5FFCF@maintenance.suse.de> SUSE Recommended Update: Recommended update for haproxy ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0802-1 Rating: low References: #982189 Affected Products: SUSE OpenStack Cloud 5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for haproxy fixes the following issues: - Fix init script when haproxy already runs, but not as daemon. (bsc#982189) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-haproxy-13036=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): haproxy-1.5.4-15.1 References: https://bugzilla.suse.com/982189 From sle-updates at lists.suse.com Fri Mar 24 11:08:54 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Mar 2017 18:08:54 +0100 (CET) Subject: SUSE-RU-2017:0803-1: Recommended update for timezone Message-ID: <20170324170854.AC5EDF403@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0803-1 Rating: low References: #1030417 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest timezone information (2017b) for your system, including following changes: - Haiti resumed observance of DST in 2017. - Liberia changed from -004430 to +00 on 1972-01-07, not 1972-05-01. - Use "MMT" to abbreviate Liberia's time zone before 1972. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-457=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-457=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-457=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-457=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-457=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-457=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-457=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-457=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): timezone-java-2017b-0.73.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): timezone-2017b-73.1 timezone-debuginfo-2017b-73.1 timezone-debugsource-2017b-73.1 References: https://bugzilla.suse.com/1030417 From sle-updates at lists.suse.com Fri Mar 24 11:09:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Mar 2017 18:09:19 +0100 (CET) Subject: SUSE-RU-2017:0804-1: Recommended update for python-keyring Message-ID: <20170324170919.DF2A2FFCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-keyring ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0804-1 Rating: low References: #1014478 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides python-keyring 5.7, which brings fixes and enhancements: - Resolve default keyring name on Gnome using the API. - Add workaround for password exposure through process status for most passwords containing simple characters. - Allow keyring to be invoked from CLI with "python -m keyring". - Use recommended mechanism for checking GnomeKeyring version. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-456=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-456=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-456=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): python-keyring-5.7-7.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): python-keyring-5.7-7.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): python-keyring-5.7-7.1 References: https://bugzilla.suse.com/1014478 From sle-updates at lists.suse.com Fri Mar 24 11:09:51 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Mar 2017 18:09:51 +0100 (CET) Subject: SUSE-RU-2017:0805-1: Recommended update for fdupes Message-ID: <20170324170951.27D9FFFCE@maintenance.suse.de> SUSE Recommended Update: Recommended update for fdupes ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0805-1 Rating: low References: #1005386 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for fdupes provides the following fixes and enhancements: - Add new options: --nohidden, --permissions, --order, --reverse, --immediate. - Speed up file comparison. - Fix bug where fdupes fails to consistently ignore hardlinks, depending on file processing order, when F_CONSIDERHARDLINKS flag is not set. - Using tty for interactive input instead of regular stdin. This is to allow feeding filenames via stdin in future versions of fdupes without breaking interactive deletion feature. - Sort the output of fdupes by filename to make it deterministic for parallel builds. (bsc#1005386) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-458=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-458=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-458=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-458=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-458=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-458=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): fdupes-1.61-7.1 fdupes-debuginfo-1.61-7.1 fdupes-debugsource-1.61-7.1 References: https://bugzilla.suse.com/1005386 From sle-updates at lists.suse.com Fri Mar 24 14:08:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Mar 2017 21:08:05 +0100 (CET) Subject: SUSE-RU-2017:0806-1: important: Recommended update for python-kombu Message-ID: <20170324200805.0AF3DFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for python-kombu ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0806-1 Rating: important References: #1030521 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for python-kombu and python-amqp fixes a compatibility problem with Python 2.7.13. Additionally the following issues have been fixed: python-kombu: - Fixes compatibility with uuid in Python 2.7.11 and 3.5.1. (bsc#1030521) - Redis transport: Attempt at fixing problem with hanging consumer after disconnected from server. - Attempt at fixing issue with 100% CPU when using the Redis transport. - Database transport: Fixed oracle compatibility. - Documentation fixes. - Fixed serialization issue for 'bindings.as_dict()'. - Json serializer wrongly treated bytes as 'ascii', not 'utf-8'. - MongoDB: Now supports pymongo 3.x. - No longer compatible with South by default. - Keep old South migrations in 'kombu.transport.django.south_migrations'. - Now compatible with Django 1.9. - Django: Adds migrations for the database transport. - QPid: Can now connect as localhost. - QPid: Adds support for 'login_method'. - QPid: Now reads SASL mechanism from broker string. - QPid: Monitor thread now properly terminated on session close. - QPid: Fixed file descriptor leak. - Docs: Fixed wrong order for entrypoint arguments. - ConsumerMixin: Connection error logs now include traceback. - BaseTransport now raises RecoverableConnectionError when disconnected. - Consumer: Adds 'tag_prefix' option to modify how consumer tags are generated. python-amqp: - abstract_channel.wait now accepts a float timeout parameter expressed in seconds. - channel.basic_publish now raises amqp.exceptions.NotConfirmed on basic.nack. - AMQP timestamps received are now converted from GMT instead of local time. - Wheel package installation now supported by both Python 2 and Python3. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-459=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (noarch): python-amqp-1.4.8-3.1 python-kombu-3.0.30-3.1 References: https://bugzilla.suse.com/1030521 From sle-updates at lists.suse.com Fri Mar 24 20:07:53 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 25 Mar 2017 03:07:53 +0100 (CET) Subject: SUSE-RU-2017:0807-1: moderate: Recommended update for java-1_8_0-openjdk-plugin Message-ID: <20170325020753.0B6D6FF71@maintenance.suse.de> SUSE Recommended Update: Recommended update for java-1_8_0-openjdk-plugin ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0807-1 Rating: moderate References: #1023208 #929464 #982622 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for java-1_8_0-openjdk-plugin fixes the following issues: - Resolve unwanted reinstallations of java-1_7_0-openjdk-plugin even when new version of java plugin is installed. (bsc#929464) - Fix net.sourceforge.jnlp.LaunchException. (bsc#982622, bsc#1023208) For a comprehensive list of changes please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-460=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-460=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-460=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-460=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): java-1_8_0-openjdk-plugin-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debuginfo-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debugsource-1.6.2-2.10.3 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): java-1_8_0-openjdk-plugin-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debuginfo-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debugsource-1.6.2-2.10.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_8_0-openjdk-plugin-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debuginfo-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debugsource-1.6.2-2.10.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_8_0-openjdk-plugin-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debuginfo-1.6.2-2.10.3 java-1_8_0-openjdk-plugin-debugsource-1.6.2-2.10.3 References: https://bugzilla.suse.com/1023208 https://bugzilla.suse.com/929464 https://bugzilla.suse.com/982622 From sle-updates at lists.suse.com Fri Mar 24 20:08:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 25 Mar 2017 03:08:43 +0100 (CET) Subject: SUSE-RU-2017:0808-1: moderate: Recommended update for lvm2 Message-ID: <20170325020843.B56AAFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for lvm2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0808-1 Rating: moderate References: #1012973 #1015943 #1017034 #1023283 #1025560 #1025630 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This update for lvm2 fixes the following issues: - Fix clvmd segmentation fault on ppc64le architecture. (bsc#1025630) - Fix several trivial issues about clvmd/cmirrord resource agents. (bsc#1023283, bsc#1025560) - Use {local,remote}-fs-pre.target instead of {local,remote}-fs.target. (bsc#1017034) - Simplify special-case for md in 69-dm-lvm-metadata.rules. (bsc#1012973) - Add systemd_requires to device-mapper package. (bsc#1015943) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-462=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-462=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-462=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-462=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-462=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-462=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): device-mapper-devel-1.02.97-77.2 lvm2-debuginfo-2.02.120-77.2 lvm2-debugsource-2.02.120-77.2 lvm2-devel-2.02.120-77.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): device-mapper-1.02.97-77.2 device-mapper-debuginfo-1.02.97-77.2 lvm2-2.02.120-77.2 lvm2-debuginfo-2.02.120-77.2 lvm2-debugsource-2.02.120-77.2 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): device-mapper-1.02.97-77.2 device-mapper-debuginfo-1.02.97-77.2 lvm2-2.02.120-77.2 lvm2-debuginfo-2.02.120-77.2 lvm2-debugsource-2.02.120-77.2 - SUSE Linux Enterprise Server 12-SP2 (x86_64): device-mapper-32bit-1.02.97-77.2 device-mapper-debuginfo-32bit-1.02.97-77.2 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): lvm2-clvm-2.02.120-77.2 lvm2-clvm-debuginfo-2.02.120-77.2 lvm2-cmirrord-2.02.120-77.2 lvm2-cmirrord-debuginfo-2.02.120-77.2 lvm2-debuginfo-2.02.120-77.2 lvm2-debugsource-2.02.120-77.2 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): device-mapper-1.02.97-77.2 device-mapper-32bit-1.02.97-77.2 device-mapper-debuginfo-1.02.97-77.2 device-mapper-debuginfo-32bit-1.02.97-77.2 lvm2-2.02.120-77.2 lvm2-debuginfo-2.02.120-77.2 lvm2-debugsource-2.02.120-77.2 - OpenStack Cloud Magnum Orchestration 7 (x86_64): device-mapper-1.02.97-77.2 device-mapper-debuginfo-1.02.97-77.2 References: https://bugzilla.suse.com/1012973 https://bugzilla.suse.com/1015943 https://bugzilla.suse.com/1017034 https://bugzilla.suse.com/1023283 https://bugzilla.suse.com/1025560 https://bugzilla.suse.com/1025630 From sle-updates at lists.suse.com Fri Mar 24 20:10:29 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 25 Mar 2017 03:10:29 +0100 (CET) Subject: SUSE-RU-2017:0809-1: moderate: Recommended update for icedtea-web Message-ID: <20170325021029.911C4FFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0809-1 Rating: moderate References: #1023208 #929464 #982622 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update provides icedtea-web 1.6.2, which brings fixes and enhancements: - Resolve unwanted re-installations of java-1_7_0-openjdk-plugin even when newer version of the Java plugin is installed. (bsc#929464) - Fix net.sourceforge.jnlp.LaunchException. (bsc#982622, bsc#1023208) For a comprehensive list of changes please refer to the package's change log. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-461=1 - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-461=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-461=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-461=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): java-1_7_0-openjdk-plugin-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debuginfo-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debugsource-1.6.2-2.8.3 - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): java-1_7_0-openjdk-plugin-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debuginfo-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debugsource-1.6.2-2.8.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_7_0-openjdk-plugin-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debuginfo-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debugsource-1.6.2-2.8.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_7_0-openjdk-plugin-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debuginfo-1.6.2-2.8.3 java-1_7_0-openjdk-plugin-debugsource-1.6.2-2.8.3 References: https://bugzilla.suse.com/1023208 https://bugzilla.suse.com/929464 https://bugzilla.suse.com/982622 From sle-updates at lists.suse.com Mon Mar 27 13:08:38 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Mar 2017 21:08:38 +0200 (CEST) Subject: SUSE-RU-2017:0817-1: Recommended update for deepsea Message-ID: <20170327190838.1F2C1FFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for deepsea ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0817-1 Rating: low References: #1020840 #1027261 Affected Products: SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for deepsea to version 0.6.13 fixes the following issue: - Enable openattic services. (bsc#1020840) - DeepSea shouldn't overwrite custom salt files (bsc#1020840) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-465=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Enterprise Storage 4 (noarch): deepsea-0.6.13-8.1 References: https://bugzilla.suse.com/1020840 https://bugzilla.suse.com/1027261 From sle-updates at lists.suse.com Mon Mar 27 13:14:39 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Mar 2017 21:14:39 +0200 (CEST) Subject: SUSE-RU-2017:0829-1: moderate: Recommended update for glibc Message-ID: <20170327191439.9B517FFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for glibc ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0829-1 Rating: moderate References: #1007851 #1029725 #1029900 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for glibc fixes a potential segmentation fault in libpthread: - Fork in libpthread cannot use IFUNC resolver. (bsc#1007851, bsc#1029725, bsc#1029900) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-464=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-464=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-464=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-464=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-464=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): glibc-debuginfo-2.22-51.6 glibc-debugsource-2.22-51.6 glibc-devel-static-2.22-51.6 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): glibc-info-2.22-51.6 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): glibc-2.22-51.6 glibc-debuginfo-2.22-51.6 glibc-debugsource-2.22-51.6 glibc-devel-2.22-51.6 glibc-devel-debuginfo-2.22-51.6 glibc-locale-2.22-51.6 glibc-locale-debuginfo-2.22-51.6 glibc-profile-2.22-51.6 nscd-2.22-51.6 nscd-debuginfo-2.22-51.6 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): glibc-html-2.22-51.6 glibc-i18ndata-2.22-51.6 glibc-info-2.22-51.6 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): glibc-2.22-51.6 glibc-debuginfo-2.22-51.6 glibc-debugsource-2.22-51.6 glibc-devel-2.22-51.6 glibc-devel-debuginfo-2.22-51.6 glibc-locale-2.22-51.6 glibc-locale-debuginfo-2.22-51.6 glibc-profile-2.22-51.6 nscd-2.22-51.6 nscd-debuginfo-2.22-51.6 - SUSE Linux Enterprise Server 12-SP2 (x86_64): glibc-32bit-2.22-51.6 glibc-debuginfo-32bit-2.22-51.6 glibc-devel-32bit-2.22-51.6 glibc-devel-debuginfo-32bit-2.22-51.6 glibc-locale-32bit-2.22-51.6 glibc-locale-debuginfo-32bit-2.22-51.6 glibc-profile-32bit-2.22-51.6 - SUSE Linux Enterprise Server 12-SP2 (noarch): glibc-html-2.22-51.6 glibc-i18ndata-2.22-51.6 glibc-info-2.22-51.6 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): glibc-2.22-51.6 glibc-32bit-2.22-51.6 glibc-debuginfo-2.22-51.6 glibc-debuginfo-32bit-2.22-51.6 glibc-debugsource-2.22-51.6 glibc-devel-2.22-51.6 glibc-devel-32bit-2.22-51.6 glibc-devel-debuginfo-2.22-51.6 glibc-devel-debuginfo-32bit-2.22-51.6 glibc-locale-2.22-51.6 glibc-locale-32bit-2.22-51.6 glibc-locale-debuginfo-2.22-51.6 glibc-locale-debuginfo-32bit-2.22-51.6 nscd-2.22-51.6 nscd-debuginfo-2.22-51.6 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): glibc-i18ndata-2.22-51.6 - OpenStack Cloud Magnum Orchestration 7 (x86_64): glibc-2.22-51.6 glibc-debuginfo-2.22-51.6 glibc-debugsource-2.22-51.6 glibc-locale-2.22-51.6 glibc-locale-debuginfo-2.22-51.6 References: https://bugzilla.suse.com/1007851 https://bugzilla.suse.com/1029725 https://bugzilla.suse.com/1029900 From sle-updates at lists.suse.com Tue Mar 28 13:08:16 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Mar 2017 21:08:16 +0200 (CEST) Subject: SUSE-RU-2017:0838-1: moderate: Recommended update for openvswitch Message-ID: <20170328190816.EA7EDFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for openvswitch ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0838-1 Rating: moderate References: #1007804 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for openvswitch provides version 2.5.1 for SUSE OpenStack Cloud 6 and brings various fixes and improvements: - Add support for Cisco ACI integration. - Fix performance issues with Cloud 6. For a detailed description of all changes please refer to the changelog. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-470=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): openvswitch-2.5.1-2.1 openvswitch-debuginfo-2.5.1-2.1 openvswitch-debugsource-2.5.1-2.1 openvswitch-switch-2.5.1-2.1 openvswitch-switch-debuginfo-2.5.1-2.1 References: https://bugzilla.suse.com/1007804 From sle-updates at lists.suse.com Tue Mar 28 13:08:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Mar 2017 21:08:43 +0200 (CEST) Subject: SUSE-SU-2017:0839-1: moderate: Security update for java-1_8_0-ibm Message-ID: <20170328190843.98FF5FFC5@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0839-1 Rating: moderate References: #1025506 #1027038 Cross-References: CVE-2016-2183 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for java-1_8_0-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. (bsc#1027038) Bugfixes: - Require the main pkg in post phase of devel (bsc#1025506) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-468=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-468=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-468=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-468=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): java-1_8_0-ibm-devel-1.8.0_sr4.1-26.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-devel-1.8.0_sr4.1-26.2 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): java-1_8_0-ibm-1.8.0_sr4.1-26.2 - SUSE Linux Enterprise Server 12-SP2 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr4.1-26.2 java-1_8_0-ibm-plugin-1.8.0_sr4.1-26.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-1.8.0_sr4.1-26.2 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr4.1-26.2 java-1_8_0-ibm-plugin-1.8.0_sr4.1-26.2 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://bugzilla.suse.com/1025506 https://bugzilla.suse.com/1027038 From sle-updates at lists.suse.com Tue Mar 28 13:09:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Mar 2017 21:09:15 +0200 (CEST) Subject: SUSE-RU-2017:0840-1: Recommended update for timezone Message-ID: <20170328190915.226F2FFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for timezone ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0840-1 Rating: low References: #1030417 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest timezone information (2017b) for your system, including following changes: - Haiti resumed observance of DST in 2017. - Liberia changed from -004430 to +00 on 1972-01-07, not 1972-05-01. - Use "MMT" to abbreviate Liberia's time zone before 1972. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-timezone-13038=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-timezone-13038=1 - SUSE Manager 2.1: zypper in -t patch sleman21-timezone-13038=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-timezone-13038=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-timezone-13038=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-timezone-13038=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-timezone-13038=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-timezone-13038=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-timezone-13038=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (noarch): timezone-java-2017b-0.51.1 - SUSE OpenStack Cloud 5 (x86_64): timezone-2017b-0.51.1 - SUSE Manager Proxy 2.1 (noarch): timezone-java-2017b-0.51.1 - SUSE Manager Proxy 2.1 (x86_64): timezone-2017b-0.51.1 - SUSE Manager 2.1 (s390x x86_64): timezone-2017b-0.51.1 - SUSE Manager 2.1 (noarch): timezone-java-2017b-0.51.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): timezone-java-2017b-0.51.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): timezone-2017b-0.51.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): timezone-java-2017b-0.51.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): timezone-2017b-0.51.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): timezone-java-2017b-0.51.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): timezone-java-2017b-0.51.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): timezone-2017b-0.51.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): timezone-debuginfo-2017b-0.51.1 timezone-debugsource-2017b-0.51.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): timezone-debuginfo-2017b-0.51.1 timezone-debugsource-2017b-0.51.1 References: https://bugzilla.suse.com/1030417 From sle-updates at lists.suse.com Tue Mar 28 13:09:40 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Mar 2017 21:09:40 +0200 (CEST) Subject: SUSE-SU-2017:0841-1: important: Security update for samba Message-ID: <20170328190940.D2D0BFFC5@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0841-1 Rating: important References: #1027147 Cross-References: CVE-2017-2619 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for samba fixes the following issues: Security issue fixed: - CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-13037=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-13037=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-13037=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-87.1 libnetapi-devel-3.6.3-87.1 libnetapi0-3.6.3-87.1 libsmbclient-devel-3.6.3-87.1 libsmbsharemodes-devel-3.6.3-87.1 libsmbsharemodes0-3.6.3-87.1 libtalloc-devel-3.6.3-87.1 libtdb-devel-3.6.3-87.1 libtevent-devel-3.6.3-87.1 libwbclient-devel-3.6.3-87.1 samba-devel-3.6.3-87.1 samba-test-3.6.3-87.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-87.1 libldb1-3.6.3-87.1 libsmbclient0-3.6.3-87.1 libtalloc2-3.6.3-87.1 libtdb1-3.6.3-87.1 libtevent0-3.6.3-87.1 libwbclient0-3.6.3-87.1 samba-3.6.3-87.1 samba-client-3.6.3-87.1 samba-krb-printing-3.6.3-87.1 samba-winbind-3.6.3-87.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-87.1 libtalloc2-32bit-3.6.3-87.1 libtdb1-32bit-3.6.3-87.1 libtevent0-32bit-3.6.3-87.1 libwbclient0-32bit-3.6.3-87.1 samba-32bit-3.6.3-87.1 samba-client-32bit-3.6.3-87.1 samba-winbind-32bit-3.6.3-87.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-87.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-87.1 libtalloc2-x86-3.6.3-87.1 libtdb1-x86-3.6.3-87.1 libtevent0-x86-3.6.3-87.1 libwbclient0-x86-3.6.3-87.1 samba-client-x86-3.6.3-87.1 samba-winbind-x86-3.6.3-87.1 samba-x86-3.6.3-87.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-87.1 samba-debugsource-3.6.3-87.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-87.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-87.1 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1027147 From sle-updates at lists.suse.com Tue Mar 28 13:10:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Mar 2017 21:10:05 +0200 (CEST) Subject: SUSE-RU-2017:0842-1: Recommended update for sle-ha-install-quick_en Message-ID: <20170328191005.3AE6FFFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for sle-ha-install-quick_en ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0842-1 Rating: low References: #1029857 #1030114 Affected Products: SUSE Linux Enterprise High Availability 12-SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The SUSE Linux Enterprise High Availability Extension 12 SP2 Installation Quick Start guide was updated to clarify the limitations of software based watchdogs. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-466=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability 12-SP2 (noarch): sle-ha-install-quick_en-12.2-10.1 References: https://bugzilla.suse.com/1029857 https://bugzilla.suse.com/1030114 From sle-updates at lists.suse.com Tue Mar 28 22:10:03 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 06:10:03 +0200 (CEST) Subject: SUSE-RU-2017:0843-1: Recommended update for ImageMagick Message-ID: <20170329041003.3CD36FFC5@maintenance.suse.de> SUSE Recommended Update: Recommended update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0843-1 Rating: low References: #1027480 #1028079 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update for ImageMagick provides the following fixes: - Fix segmentation fault when wrong parameter supplied to conjure command (bsc#1027480). - Improve CVE-2016-7518 patch to fix sun coder (bsc#1028079 comment 5). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ImageMagick-13039=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ImageMagick-13039=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ImageMagick-13039=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-7.70.1 ImageMagick-devel-6.4.3.6-7.70.1 libMagick++-devel-6.4.3.6-7.70.1 libMagick++1-6.4.3.6-7.70.1 libMagickWand1-6.4.3.6-7.70.1 perl-PerlMagick-6.4.3.6-7.70.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-7.70.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-7.70.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-7.70.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-debuginfo-6.4.3.6-7.70.1 ImageMagick-debugsource-6.4.3.6-7.70.1 References: https://bugzilla.suse.com/1027480 https://bugzilla.suse.com/1028079 From sle-updates at lists.suse.com Wed Mar 29 10:10:54 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 18:10:54 +0200 (CEST) Subject: SUSE-SU-2017:0848-1: moderate: Security update for python-oslo.middleware Message-ID: <20170329161054.81CB3FFD4@maintenance.suse.de> SUSE Security Update: Security update for python-oslo.middleware ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0848-1 Rating: moderate References: #1022043 Cross-References: CVE-2017-2592 Affected Products: SUSE OpenStack Cloud 6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-oslo.middleware fixes the following issues: Security issue fixed: - CVE-2017-2592: Using the CatchError class may include sensitive values in the error message accompanying a Traceback, resulting in their disclosure (bsc#1022043). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-477=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (noarch): python-oslo.middleware-2.8.0-3.1 References: https://www.suse.com/security/cve/CVE-2017-2592.html https://bugzilla.suse.com/1022043 From sle-updates at lists.suse.com Wed Mar 29 10:12:50 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 18:12:50 +0200 (CEST) Subject: SUSE-SU-2017:0853-1: moderate: Security update for libpng16 Message-ID: <20170329161250.EFF51FFD4@maintenance.suse.de> SUSE Security Update: Security update for libpng16 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0853-1 Rating: moderate References: #1017646 Cross-References: CVE-2016-10087 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-478=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-478=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-478=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-478=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-478=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-478=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-478=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libpng16-compat-devel-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 libpng16-devel-1.6.8-14.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libpng16-compat-devel-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 libpng16-devel-1.6.8-14.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libpng16-16-1.6.8-14.1 libpng16-16-debuginfo-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libpng16-16-1.6.8-14.1 libpng16-16-debuginfo-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libpng16-16-32bit-1.6.8-14.1 libpng16-16-debuginfo-32bit-1.6.8-14.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpng16-16-1.6.8-14.1 libpng16-16-debuginfo-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libpng16-16-32bit-1.6.8-14.1 libpng16-16-debuginfo-32bit-1.6.8-14.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libpng16-16-1.6.8-14.1 libpng16-16-32bit-1.6.8-14.1 libpng16-16-debuginfo-1.6.8-14.1 libpng16-16-debuginfo-32bit-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpng16-16-1.6.8-14.1 libpng16-16-32bit-1.6.8-14.1 libpng16-16-debuginfo-1.6.8-14.1 libpng16-16-debuginfo-32bit-1.6.8-14.1 libpng16-debugsource-1.6.8-14.1 References: https://www.suse.com/security/cve/CVE-2016-10087.html https://bugzilla.suse.com/1017646 From sle-updates at lists.suse.com Wed Mar 29 10:13:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 18:13:34 +0200 (CEST) Subject: SUSE-SU-2017:0855-1: moderate: Security update for nodejs4 Message-ID: <20170329161334.B20E6FFD4@maintenance.suse.de> SUSE Security Update: Security update for nodejs4 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0855-1 Rating: moderate References: #1000036 #1009528 #1022085 #1022086 Cross-References: CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 Affected Products: SUSE Linux Enterprise Module for Web Scripting 12 SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for nodejs4 fixes the following issues: - New upstream LTS release 4.7.3 The embedded openssl sources were updated to 1.0.2k (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055, bsc#1022085, bsc#1022086, bsc#1009528) - No changes in LTS version 4.7.2 - New upstream LTS release 4.7.1 * build: shared library support is now working for AIX builds * repl: passing options to the repl will no longer overwrite defaults * timers: recanceling a cancelled timers will no longer throw - New upstream LTS version 4.7.0 * build: introduce the configure --shared option for embedders * debugger: make listen address configurable in debugger server * dgram: generalized send queue to handle close, fixing a potential throw when dgram socket is closed in the listening event handler * http: introduce the 451 status code "Unavailable For Legal Reasons" * gtest: the test reporter now outputs tap comments as yamlish * tls: introduce secureContext for tls.connect (useful for caching client certificates, key, and CA certificates) * tls: fix memory leak when writing data to TLSWrap instance during handshake * src: node no longer aborts when c-ares initialization fails * ported and updated system CA store for the new node crypto code - New upstream LTS version 4.6.2 * build: + It is now possible to build the documentation from the release tarball. * buffer: + Buffer.alloc() will no longer incorrectly return a zero filled buffer when an encoding is passed. * deps: + Upgrade npm in LTS to 2.15.11. * repl: + Enable tab completion for global properties. * url: + url.format() will now encode all "#" in search. - Add missing conflicts to base package. It's not possible to have concurrent nodejs installations. - enable usage of system certificate store on SLE11SP4 by requiring openssl1 (bsc#1000036) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-476=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2017-476=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le x86_64): nodejs4-4.7.3-14.1 nodejs4-debuginfo-4.7.3-14.1 nodejs4-debugsource-4.7.3-14.1 nodejs4-devel-4.7.3-14.1 npm4-4.7.3-14.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): nodejs4-docs-4.7.3-14.1 - SUSE Enterprise Storage 4 (aarch64 x86_64): nodejs4-4.7.3-14.1 nodejs4-debuginfo-4.7.3-14.1 nodejs4-debugsource-4.7.3-14.1 References: https://www.suse.com/security/cve/CVE-2016-7055.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-3732.html https://bugzilla.suse.com/1000036 https://bugzilla.suse.com/1009528 https://bugzilla.suse.com/1022085 https://bugzilla.suse.com/1022086 From sle-updates at lists.suse.com Wed Mar 29 13:08:40 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:08:40 +0200 (CEST) Subject: SUSE-SU-2017:0858-1: important: Security update for samba Message-ID: <20170329190840.DE8A2FFD4@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0858-1 Rating: important References: #1012092 #1019416 #1023847 #1024416 #1027147 #993692 #993707 Cross-References: CVE-2017-2619 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves one vulnerability and has 6 fixes is now available. Description: This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes: - Force usage of ncurses6-config thru NCURSES_CONFIG env var (bsc#1023847). - Add missing ldb module directory (bsc#1012092). - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416). - Document "winbind: ignore domains" parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-479=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-479=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-479=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-479=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-479=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libsmbclient-devel-4.4.2-36.2 libwbclient-devel-4.4.2-36.2 samba-debuginfo-4.4.2-36.2 samba-debugsource-4.4.2-36.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libdcerpc-binding0-4.4.2-36.2 libdcerpc-binding0-debuginfo-4.4.2-36.2 libdcerpc0-4.4.2-36.2 libdcerpc0-debuginfo-4.4.2-36.2 libndr-krb5pac0-4.4.2-36.2 libndr-krb5pac0-debuginfo-4.4.2-36.2 libndr-nbt0-4.4.2-36.2 libndr-nbt0-debuginfo-4.4.2-36.2 libndr-standard0-4.4.2-36.2 libndr-standard0-debuginfo-4.4.2-36.2 libndr0-4.4.2-36.2 libndr0-debuginfo-4.4.2-36.2 libnetapi0-4.4.2-36.2 libnetapi0-debuginfo-4.4.2-36.2 libsamba-credentials0-4.4.2-36.2 libsamba-credentials0-debuginfo-4.4.2-36.2 libsamba-errors0-4.4.2-36.2 libsamba-errors0-debuginfo-4.4.2-36.2 libsamba-hostconfig0-4.4.2-36.2 libsamba-hostconfig0-debuginfo-4.4.2-36.2 libsamba-passdb0-4.4.2-36.2 libsamba-passdb0-debuginfo-4.4.2-36.2 libsamba-util0-4.4.2-36.2 libsamba-util0-debuginfo-4.4.2-36.2 libsamdb0-4.4.2-36.2 libsamdb0-debuginfo-4.4.2-36.2 libsmbclient0-4.4.2-36.2 libsmbclient0-debuginfo-4.4.2-36.2 libsmbconf0-4.4.2-36.2 libsmbconf0-debuginfo-4.4.2-36.2 libsmbldap0-4.4.2-36.2 libsmbldap0-debuginfo-4.4.2-36.2 libtevent-util0-4.4.2-36.2 libtevent-util0-debuginfo-4.4.2-36.2 libwbclient0-4.4.2-36.2 libwbclient0-debuginfo-4.4.2-36.2 samba-4.4.2-36.2 samba-client-4.4.2-36.2 samba-client-debuginfo-4.4.2-36.2 samba-debuginfo-4.4.2-36.2 samba-debugsource-4.4.2-36.2 samba-libs-4.4.2-36.2 samba-libs-debuginfo-4.4.2-36.2 samba-winbind-4.4.2-36.2 samba-winbind-debuginfo-4.4.2-36.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): samba-doc-4.4.2-36.2 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libdcerpc-binding0-4.4.2-36.2 libdcerpc-binding0-debuginfo-4.4.2-36.2 libdcerpc0-4.4.2-36.2 libdcerpc0-debuginfo-4.4.2-36.2 libndr-krb5pac0-4.4.2-36.2 libndr-krb5pac0-debuginfo-4.4.2-36.2 libndr-nbt0-4.4.2-36.2 libndr-nbt0-debuginfo-4.4.2-36.2 libndr-standard0-4.4.2-36.2 libndr-standard0-debuginfo-4.4.2-36.2 libndr0-4.4.2-36.2 libndr0-debuginfo-4.4.2-36.2 libnetapi0-4.4.2-36.2 libnetapi0-debuginfo-4.4.2-36.2 libsamba-credentials0-4.4.2-36.2 libsamba-credentials0-debuginfo-4.4.2-36.2 libsamba-errors0-4.4.2-36.2 libsamba-errors0-debuginfo-4.4.2-36.2 libsamba-hostconfig0-4.4.2-36.2 libsamba-hostconfig0-debuginfo-4.4.2-36.2 libsamba-passdb0-4.4.2-36.2 libsamba-passdb0-debuginfo-4.4.2-36.2 libsamba-util0-4.4.2-36.2 libsamba-util0-debuginfo-4.4.2-36.2 libsamdb0-4.4.2-36.2 libsamdb0-debuginfo-4.4.2-36.2 libsmbclient0-4.4.2-36.2 libsmbclient0-debuginfo-4.4.2-36.2 libsmbconf0-4.4.2-36.2 libsmbconf0-debuginfo-4.4.2-36.2 libsmbldap0-4.4.2-36.2 libsmbldap0-debuginfo-4.4.2-36.2 libtevent-util0-4.4.2-36.2 libtevent-util0-debuginfo-4.4.2-36.2 libwbclient0-4.4.2-36.2 libwbclient0-debuginfo-4.4.2-36.2 samba-4.4.2-36.2 samba-client-4.4.2-36.2 samba-client-debuginfo-4.4.2-36.2 samba-debuginfo-4.4.2-36.2 samba-debugsource-4.4.2-36.2 samba-libs-4.4.2-36.2 samba-libs-debuginfo-4.4.2-36.2 samba-winbind-4.4.2-36.2 samba-winbind-debuginfo-4.4.2-36.2 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libdcerpc-binding0-32bit-4.4.2-36.2 libdcerpc-binding0-debuginfo-32bit-4.4.2-36.2 libdcerpc0-32bit-4.4.2-36.2 libdcerpc0-debuginfo-32bit-4.4.2-36.2 libndr-krb5pac0-32bit-4.4.2-36.2 libndr-krb5pac0-debuginfo-32bit-4.4.2-36.2 libndr-nbt0-32bit-4.4.2-36.2 libndr-nbt0-debuginfo-32bit-4.4.2-36.2 libndr-standard0-32bit-4.4.2-36.2 libndr-standard0-debuginfo-32bit-4.4.2-36.2 libndr0-32bit-4.4.2-36.2 libndr0-debuginfo-32bit-4.4.2-36.2 libnetapi0-32bit-4.4.2-36.2 libnetapi0-debuginfo-32bit-4.4.2-36.2 libsamba-credentials0-32bit-4.4.2-36.2 libsamba-credentials0-debuginfo-32bit-4.4.2-36.2 libsamba-errors0-32bit-4.4.2-36.2 libsamba-errors0-debuginfo-32bit-4.4.2-36.2 libsamba-hostconfig0-32bit-4.4.2-36.2 libsamba-hostconfig0-debuginfo-32bit-4.4.2-36.2 libsamba-passdb0-32bit-4.4.2-36.2 libsamba-passdb0-debuginfo-32bit-4.4.2-36.2 libsamba-util0-32bit-4.4.2-36.2 libsamba-util0-debuginfo-32bit-4.4.2-36.2 libsamdb0-32bit-4.4.2-36.2 libsamdb0-debuginfo-32bit-4.4.2-36.2 libsmbclient0-32bit-4.4.2-36.2 libsmbclient0-debuginfo-32bit-4.4.2-36.2 libsmbconf0-32bit-4.4.2-36.2 libsmbconf0-debuginfo-32bit-4.4.2-36.2 libsmbldap0-32bit-4.4.2-36.2 libsmbldap0-debuginfo-32bit-4.4.2-36.2 libtevent-util0-32bit-4.4.2-36.2 libtevent-util0-debuginfo-32bit-4.4.2-36.2 libwbclient0-32bit-4.4.2-36.2 libwbclient0-debuginfo-32bit-4.4.2-36.2 samba-client-32bit-4.4.2-36.2 samba-client-debuginfo-32bit-4.4.2-36.2 samba-libs-32bit-4.4.2-36.2 samba-libs-debuginfo-32bit-4.4.2-36.2 samba-winbind-32bit-4.4.2-36.2 samba-winbind-debuginfo-32bit-4.4.2-36.2 - SUSE Linux Enterprise Server 12-SP2 (noarch): samba-doc-4.4.2-36.2 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): ctdb-4.4.2-36.2 ctdb-debuginfo-4.4.2-36.2 samba-debuginfo-4.4.2-36.2 samba-debugsource-4.4.2-36.2 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libdcerpc-binding0-32bit-4.4.2-36.2 libdcerpc-binding0-4.4.2-36.2 libdcerpc-binding0-debuginfo-32bit-4.4.2-36.2 libdcerpc-binding0-debuginfo-4.4.2-36.2 libdcerpc0-32bit-4.4.2-36.2 libdcerpc0-4.4.2-36.2 libdcerpc0-debuginfo-32bit-4.4.2-36.2 libdcerpc0-debuginfo-4.4.2-36.2 libndr-krb5pac0-32bit-4.4.2-36.2 libndr-krb5pac0-4.4.2-36.2 libndr-krb5pac0-debuginfo-32bit-4.4.2-36.2 libndr-krb5pac0-debuginfo-4.4.2-36.2 libndr-nbt0-32bit-4.4.2-36.2 libndr-nbt0-4.4.2-36.2 libndr-nbt0-debuginfo-32bit-4.4.2-36.2 libndr-nbt0-debuginfo-4.4.2-36.2 libndr-standard0-32bit-4.4.2-36.2 libndr-standard0-4.4.2-36.2 libndr-standard0-debuginfo-32bit-4.4.2-36.2 libndr-standard0-debuginfo-4.4.2-36.2 libndr0-32bit-4.4.2-36.2 libndr0-4.4.2-36.2 libndr0-debuginfo-32bit-4.4.2-36.2 libndr0-debuginfo-4.4.2-36.2 libnetapi0-32bit-4.4.2-36.2 libnetapi0-4.4.2-36.2 libnetapi0-debuginfo-32bit-4.4.2-36.2 libnetapi0-debuginfo-4.4.2-36.2 libsamba-credentials0-32bit-4.4.2-36.2 libsamba-credentials0-4.4.2-36.2 libsamba-credentials0-debuginfo-32bit-4.4.2-36.2 libsamba-credentials0-debuginfo-4.4.2-36.2 libsamba-errors0-32bit-4.4.2-36.2 libsamba-errors0-4.4.2-36.2 libsamba-errors0-debuginfo-32bit-4.4.2-36.2 libsamba-errors0-debuginfo-4.4.2-36.2 libsamba-hostconfig0-32bit-4.4.2-36.2 libsamba-hostconfig0-4.4.2-36.2 libsamba-hostconfig0-debuginfo-32bit-4.4.2-36.2 libsamba-hostconfig0-debuginfo-4.4.2-36.2 libsamba-passdb0-32bit-4.4.2-36.2 libsamba-passdb0-4.4.2-36.2 libsamba-passdb0-debuginfo-32bit-4.4.2-36.2 libsamba-passdb0-debuginfo-4.4.2-36.2 libsamba-util0-32bit-4.4.2-36.2 libsamba-util0-4.4.2-36.2 libsamba-util0-debuginfo-32bit-4.4.2-36.2 libsamba-util0-debuginfo-4.4.2-36.2 libsamdb0-32bit-4.4.2-36.2 libsamdb0-4.4.2-36.2 libsamdb0-debuginfo-32bit-4.4.2-36.2 libsamdb0-debuginfo-4.4.2-36.2 libsmbclient0-32bit-4.4.2-36.2 libsmbclient0-4.4.2-36.2 libsmbclient0-debuginfo-32bit-4.4.2-36.2 libsmbclient0-debuginfo-4.4.2-36.2 libsmbconf0-32bit-4.4.2-36.2 libsmbconf0-4.4.2-36.2 libsmbconf0-debuginfo-32bit-4.4.2-36.2 libsmbconf0-debuginfo-4.4.2-36.2 libsmbldap0-32bit-4.4.2-36.2 libsmbldap0-4.4.2-36.2 libsmbldap0-debuginfo-32bit-4.4.2-36.2 libsmbldap0-debuginfo-4.4.2-36.2 libtevent-util0-32bit-4.4.2-36.2 libtevent-util0-4.4.2-36.2 libtevent-util0-debuginfo-32bit-4.4.2-36.2 libtevent-util0-debuginfo-4.4.2-36.2 libwbclient0-32bit-4.4.2-36.2 libwbclient0-4.4.2-36.2 libwbclient0-debuginfo-32bit-4.4.2-36.2 libwbclient0-debuginfo-4.4.2-36.2 samba-4.4.2-36.2 samba-client-32bit-4.4.2-36.2 samba-client-4.4.2-36.2 samba-client-debuginfo-32bit-4.4.2-36.2 samba-client-debuginfo-4.4.2-36.2 samba-debuginfo-4.4.2-36.2 samba-debugsource-4.4.2-36.2 samba-libs-32bit-4.4.2-36.2 samba-libs-4.4.2-36.2 samba-libs-debuginfo-32bit-4.4.2-36.2 samba-libs-debuginfo-4.4.2-36.2 samba-winbind-32bit-4.4.2-36.2 samba-winbind-4.4.2-36.2 samba-winbind-debuginfo-32bit-4.4.2-36.2 samba-winbind-debuginfo-4.4.2-36.2 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): samba-doc-4.4.2-36.2 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1012092 https://bugzilla.suse.com/1019416 https://bugzilla.suse.com/1023847 https://bugzilla.suse.com/1024416 https://bugzilla.suse.com/1027147 https://bugzilla.suse.com/993692 https://bugzilla.suse.com/993707 From sle-updates at lists.suse.com Wed Mar 29 13:10:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:10:19 +0200 (CEST) Subject: SUSE-SU-2017:0859-1: important: Security update for samba Message-ID: <20170329191019.51A37FFD4@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0859-1 Rating: important References: #1019416 #1024416 #1027147 #993692 #993707 Cross-References: CVE-2017-2619 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise High Availability 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes: - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416). - Document "winbind: ignore domains" parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-480=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-480=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-480=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-480=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-480=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2017-480=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-480=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-480=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): samba-test-devel-4.2.4-28.8.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ctdb-debuginfo-4.2.4-28.8.2 ctdb-devel-4.2.4-28.8.2 libdcerpc-atsvc-devel-4.2.4-28.8.2 libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 libdcerpc-devel-4.2.4-28.8.2 libdcerpc-samr-devel-4.2.4-28.8.2 libdcerpc-samr0-4.2.4-28.8.2 libdcerpc-samr0-debuginfo-4.2.4-28.8.2 libgensec-devel-4.2.4-28.8.2 libndr-devel-4.2.4-28.8.2 libndr-krb5pac-devel-4.2.4-28.8.2 libndr-nbt-devel-4.2.4-28.8.2 libndr-standard-devel-4.2.4-28.8.2 libnetapi-devel-4.2.4-28.8.2 libregistry-devel-4.2.4-28.8.2 libsamba-credentials-devel-4.2.4-28.8.2 libsamba-hostconfig-devel-4.2.4-28.8.2 libsamba-passdb-devel-4.2.4-28.8.2 libsamba-policy-devel-4.2.4-28.8.2 libsamba-policy0-4.2.4-28.8.2 libsamba-policy0-debuginfo-4.2.4-28.8.2 libsamba-util-devel-4.2.4-28.8.2 libsamdb-devel-4.2.4-28.8.2 libsmbclient-devel-4.2.4-28.8.2 libsmbclient-raw-devel-4.2.4-28.8.2 libsmbconf-devel-4.2.4-28.8.2 libsmbldap-devel-4.2.4-28.8.2 libtevent-util-devel-4.2.4-28.8.2 libwbclient-devel-4.2.4-28.8.2 samba-core-devel-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-test-devel-4.2.4-28.8.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libdcerpc-binding0-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-4.2.4-28.8.2 libdcerpc0-4.2.4-28.8.2 libdcerpc0-debuginfo-4.2.4-28.8.2 libgensec0-4.2.4-28.8.2 libgensec0-debuginfo-4.2.4-28.8.2 libndr-krb5pac0-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-4.2.4-28.8.2 libndr-nbt0-4.2.4-28.8.2 libndr-nbt0-debuginfo-4.2.4-28.8.2 libndr-standard0-4.2.4-28.8.2 libndr-standard0-debuginfo-4.2.4-28.8.2 libndr0-4.2.4-28.8.2 libndr0-debuginfo-4.2.4-28.8.2 libnetapi0-4.2.4-28.8.2 libnetapi0-debuginfo-4.2.4-28.8.2 libregistry0-4.2.4-28.8.2 libregistry0-debuginfo-4.2.4-28.8.2 libsamba-credentials0-4.2.4-28.8.2 libsamba-credentials0-debuginfo-4.2.4-28.8.2 libsamba-hostconfig0-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-4.2.4-28.8.2 libsamba-passdb0-4.2.4-28.8.2 libsamba-passdb0-debuginfo-4.2.4-28.8.2 libsamba-util0-4.2.4-28.8.2 libsamba-util0-debuginfo-4.2.4-28.8.2 libsamdb0-4.2.4-28.8.2 libsamdb0-debuginfo-4.2.4-28.8.2 libsmbclient-raw0-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-4.2.4-28.8.2 libsmbclient0-4.2.4-28.8.2 libsmbclient0-debuginfo-4.2.4-28.8.2 libsmbconf0-4.2.4-28.8.2 libsmbconf0-debuginfo-4.2.4-28.8.2 libsmbldap0-4.2.4-28.8.2 libsmbldap0-debuginfo-4.2.4-28.8.2 libtevent-util0-4.2.4-28.8.2 libtevent-util0-debuginfo-4.2.4-28.8.2 libwbclient0-4.2.4-28.8.2 libwbclient0-debuginfo-4.2.4-28.8.2 samba-4.2.4-28.8.2 samba-client-4.2.4-28.8.2 samba-client-debuginfo-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-libs-4.2.4-28.8.2 samba-libs-debuginfo-4.2.4-28.8.2 samba-winbind-4.2.4-28.8.2 samba-winbind-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc0-32bit-4.2.4-28.8.2 libdcerpc0-debuginfo-32bit-4.2.4-28.8.2 libgensec0-32bit-4.2.4-28.8.2 libgensec0-debuginfo-32bit-4.2.4-28.8.2 libndr-krb5pac0-32bit-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.8.2 libndr-nbt0-32bit-4.2.4-28.8.2 libndr-nbt0-debuginfo-32bit-4.2.4-28.8.2 libndr-standard0-32bit-4.2.4-28.8.2 libndr-standard0-debuginfo-32bit-4.2.4-28.8.2 libndr0-32bit-4.2.4-28.8.2 libndr0-debuginfo-32bit-4.2.4-28.8.2 libnetapi0-32bit-4.2.4-28.8.2 libnetapi0-debuginfo-32bit-4.2.4-28.8.2 libsamba-credentials0-32bit-4.2.4-28.8.2 libsamba-credentials0-debuginfo-32bit-4.2.4-28.8.2 libsamba-hostconfig0-32bit-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.8.2 libsamba-passdb0-32bit-4.2.4-28.8.2 libsamba-passdb0-debuginfo-32bit-4.2.4-28.8.2 libsamba-util0-32bit-4.2.4-28.8.2 libsamba-util0-debuginfo-32bit-4.2.4-28.8.2 libsamdb0-32bit-4.2.4-28.8.2 libsamdb0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient-raw0-32bit-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient0-32bit-4.2.4-28.8.2 libsmbclient0-debuginfo-32bit-4.2.4-28.8.2 libsmbconf0-32bit-4.2.4-28.8.2 libsmbconf0-debuginfo-32bit-4.2.4-28.8.2 libsmbldap0-32bit-4.2.4-28.8.2 libsmbldap0-debuginfo-32bit-4.2.4-28.8.2 libtevent-util0-32bit-4.2.4-28.8.2 libtevent-util0-debuginfo-32bit-4.2.4-28.8.2 libwbclient0-32bit-4.2.4-28.8.2 libwbclient0-debuginfo-32bit-4.2.4-28.8.2 samba-32bit-4.2.4-28.8.2 samba-client-32bit-4.2.4-28.8.2 samba-client-debuginfo-32bit-4.2.4-28.8.2 samba-debuginfo-32bit-4.2.4-28.8.2 samba-libs-32bit-4.2.4-28.8.2 samba-libs-debuginfo-32bit-4.2.4-28.8.2 samba-winbind-32bit-4.2.4-28.8.2 samba-winbind-debuginfo-32bit-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (noarch): samba-doc-4.2.4-28.8.2 - SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64): ctdb-4.2.4-28.8.2 ctdb-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): samba-doc-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libdcerpc-binding0-32bit-4.2.4-28.8.2 libdcerpc-binding0-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-4.2.4-28.8.2 libdcerpc0-32bit-4.2.4-28.8.2 libdcerpc0-4.2.4-28.8.2 libdcerpc0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc0-debuginfo-4.2.4-28.8.2 libgensec0-32bit-4.2.4-28.8.2 libgensec0-4.2.4-28.8.2 libgensec0-debuginfo-32bit-4.2.4-28.8.2 libgensec0-debuginfo-4.2.4-28.8.2 libndr-krb5pac0-32bit-4.2.4-28.8.2 libndr-krb5pac0-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-4.2.4-28.8.2 libndr-nbt0-32bit-4.2.4-28.8.2 libndr-nbt0-4.2.4-28.8.2 libndr-nbt0-debuginfo-32bit-4.2.4-28.8.2 libndr-nbt0-debuginfo-4.2.4-28.8.2 libndr-standard0-32bit-4.2.4-28.8.2 libndr-standard0-4.2.4-28.8.2 libndr-standard0-debuginfo-32bit-4.2.4-28.8.2 libndr-standard0-debuginfo-4.2.4-28.8.2 libndr0-32bit-4.2.4-28.8.2 libndr0-4.2.4-28.8.2 libndr0-debuginfo-32bit-4.2.4-28.8.2 libndr0-debuginfo-4.2.4-28.8.2 libnetapi0-32bit-4.2.4-28.8.2 libnetapi0-4.2.4-28.8.2 libnetapi0-debuginfo-32bit-4.2.4-28.8.2 libnetapi0-debuginfo-4.2.4-28.8.2 libregistry0-4.2.4-28.8.2 libregistry0-debuginfo-4.2.4-28.8.2 libsamba-credentials0-32bit-4.2.4-28.8.2 libsamba-credentials0-4.2.4-28.8.2 libsamba-credentials0-debuginfo-32bit-4.2.4-28.8.2 libsamba-credentials0-debuginfo-4.2.4-28.8.2 libsamba-hostconfig0-32bit-4.2.4-28.8.2 libsamba-hostconfig0-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-4.2.4-28.8.2 libsamba-passdb0-32bit-4.2.4-28.8.2 libsamba-passdb0-4.2.4-28.8.2 libsamba-passdb0-debuginfo-32bit-4.2.4-28.8.2 libsamba-passdb0-debuginfo-4.2.4-28.8.2 libsamba-util0-32bit-4.2.4-28.8.2 libsamba-util0-4.2.4-28.8.2 libsamba-util0-debuginfo-32bit-4.2.4-28.8.2 libsamba-util0-debuginfo-4.2.4-28.8.2 libsamdb0-32bit-4.2.4-28.8.2 libsamdb0-4.2.4-28.8.2 libsamdb0-debuginfo-32bit-4.2.4-28.8.2 libsamdb0-debuginfo-4.2.4-28.8.2 libsmbclient-raw0-32bit-4.2.4-28.8.2 libsmbclient-raw0-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-4.2.4-28.8.2 libsmbclient0-32bit-4.2.4-28.8.2 libsmbclient0-4.2.4-28.8.2 libsmbclient0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient0-debuginfo-4.2.4-28.8.2 libsmbconf0-32bit-4.2.4-28.8.2 libsmbconf0-4.2.4-28.8.2 libsmbconf0-debuginfo-32bit-4.2.4-28.8.2 libsmbconf0-debuginfo-4.2.4-28.8.2 libsmbldap0-32bit-4.2.4-28.8.2 libsmbldap0-4.2.4-28.8.2 libsmbldap0-debuginfo-32bit-4.2.4-28.8.2 libsmbldap0-debuginfo-4.2.4-28.8.2 libtevent-util0-32bit-4.2.4-28.8.2 libtevent-util0-4.2.4-28.8.2 libtevent-util0-debuginfo-32bit-4.2.4-28.8.2 libtevent-util0-debuginfo-4.2.4-28.8.2 libwbclient0-32bit-4.2.4-28.8.2 libwbclient0-4.2.4-28.8.2 libwbclient0-debuginfo-32bit-4.2.4-28.8.2 libwbclient0-debuginfo-4.2.4-28.8.2 samba-32bit-4.2.4-28.8.2 samba-4.2.4-28.8.2 samba-client-32bit-4.2.4-28.8.2 samba-client-4.2.4-28.8.2 samba-client-debuginfo-32bit-4.2.4-28.8.2 samba-client-debuginfo-4.2.4-28.8.2 samba-debuginfo-32bit-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-libs-32bit-4.2.4-28.8.2 samba-libs-4.2.4-28.8.2 samba-libs-debuginfo-32bit-4.2.4-28.8.2 samba-libs-debuginfo-4.2.4-28.8.2 samba-winbind-32bit-4.2.4-28.8.2 samba-winbind-4.2.4-28.8.2 samba-winbind-debuginfo-32bit-4.2.4-28.8.2 samba-winbind-debuginfo-4.2.4-28.8.2 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1019416 https://bugzilla.suse.com/1024416 https://bugzilla.suse.com/1027147 https://bugzilla.suse.com/993692 https://bugzilla.suse.com/993707 From sle-updates at lists.suse.com Wed Mar 29 13:11:27 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:11:27 +0200 (CEST) Subject: SUSE-SU-2017:0860-1: moderate: Security update for libpng12 Message-ID: <20170329191127.0C108FFD4@maintenance.suse.de> SUSE Security Update: Security update for libpng12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0860-1 Rating: moderate References: #1017646 #958791 Cross-References: CVE-2015-8540 CVE-2016-10087 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for libpng12 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng (bsc#958791) - CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-482=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-482=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-482=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-482=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-482=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-482=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-482=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libpng12-compat-devel-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 libpng12-devel-1.2.50-19.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libpng12-compat-devel-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 libpng12-devel-1.2.50-19.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libpng12-0-1.2.50-19.1 libpng12-0-debuginfo-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libpng12-0-1.2.50-19.1 libpng12-0-debuginfo-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libpng12-0-32bit-1.2.50-19.1 libpng12-0-debuginfo-32bit-1.2.50-19.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libpng12-0-1.2.50-19.1 libpng12-0-debuginfo-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libpng12-0-32bit-1.2.50-19.1 libpng12-0-debuginfo-32bit-1.2.50-19.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libpng12-0-1.2.50-19.1 libpng12-0-32bit-1.2.50-19.1 libpng12-0-debuginfo-1.2.50-19.1 libpng12-0-debuginfo-32bit-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libpng12-0-1.2.50-19.1 libpng12-0-32bit-1.2.50-19.1 libpng12-0-debuginfo-1.2.50-19.1 libpng12-0-debuginfo-32bit-1.2.50-19.1 libpng12-debugsource-1.2.50-19.1 References: https://www.suse.com/security/cve/CVE-2015-8540.html https://www.suse.com/security/cve/CVE-2016-10087.html https://bugzilla.suse.com/1017646 https://bugzilla.suse.com/958791 From sle-updates at lists.suse.com Wed Mar 29 13:12:00 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:12:00 +0200 (CEST) Subject: SUSE-RU-2017:0861-1: moderate: Recommended update for libsolv, libzypp, zypper Message-ID: <20170329191200.B05AEFFD4@maintenance.suse.de> SUSE Recommended Update: Recommended update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0861-1 Rating: moderate References: #1007273 #1010712 #1014265 #1024909 #1025440 #1028492 #1030136 #1030827 #1030919 #731333 #926844 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has 11 recommended fixes can now be installed. Description: The Software Update Stack was updated to include fixes and enhancements. libsolv: - Export solvable_matchesdep function, as we now use it in the bindings. (bsc#1025440) - New SOLVER_FLAG_STRONG_RECOMMENDS and SOLVER_FLAG_INSTALL_ALSO_UPDATES flags. - New matchesdep() method in bindings. - SOLVABLE_NAME selects nevr matching for pool_whatmatchesdep and solvable_matchesdep. - Make solver_problemruleinfo2str return reason why a package is not installable. - Rework susetags multi-line handling. (bsc#1007273) - Improve checks against corrupt rpm packages. - Add SOLVER_FLAG_FOCUS_BEST solver flag. libzypp: - Fix X-libcurl-Empty-Header-Workaround. (bsc#1030919, bsc#1030827) - Treat HTTP response 410 (Gone) like 404 (Not Found). (bsc#1030136) - Create temporary directories inside ZYpp::tmpPath. (bsc#926844) - Properly escape XML node content. (bsc#1024909) - Don't raise FileCheckException if user accepted a package with wrong digest. (bsc#1014265) zypper: - Share TmpDir with libzypp. (bsc#926844) - Don't show installed system packages if list command is restricted to repos. (bsc#1028492) - Fix invalid XML in GPG key info output. (bsc#1024909) - Do not warn about processes using deleted files when using --root. (bsc#731333) - Properly escape patch script output in xml mode. (bsc#1010712) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-484=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-484=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-484=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libsolv-debugsource-0.6.26-2.39.1 libsolv-devel-0.6.26-2.39.1 libsolv-devel-debuginfo-0.6.26-2.39.1 libzypp-debuginfo-15.24.2-42.1 libzypp-debugsource-15.24.2-42.1 libzypp-devel-15.24.2-42.1 libzypp-devel-doc-15.24.2-42.1 perl-solv-0.6.26-2.39.1 perl-solv-debuginfo-0.6.26-2.39.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libsolv-debugsource-0.6.26-2.39.1 libsolv-tools-0.6.26-2.39.1 libsolv-tools-debuginfo-0.6.26-2.39.1 libzypp-15.24.2-42.1 libzypp-debuginfo-15.24.2-42.1 libzypp-debugsource-15.24.2-42.1 perl-solv-0.6.26-2.39.1 perl-solv-debuginfo-0.6.26-2.39.1 python-solv-0.6.26-2.39.1 python-solv-debuginfo-0.6.26-2.39.1 zypper-1.12.50-40.3 zypper-debuginfo-1.12.50-40.3 zypper-debugsource-1.12.50-40.3 - SUSE Linux Enterprise Server 12-SP1 (noarch): zypper-log-1.12.50-40.3 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): zypper-log-1.12.50-40.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libsolv-debugsource-0.6.26-2.39.1 libsolv-tools-0.6.26-2.39.1 libsolv-tools-debuginfo-0.6.26-2.39.1 libzypp-15.24.2-42.1 libzypp-debuginfo-15.24.2-42.1 libzypp-debugsource-15.24.2-42.1 python-solv-0.6.26-2.39.1 python-solv-debuginfo-0.6.26-2.39.1 zypper-1.12.50-40.3 zypper-debuginfo-1.12.50-40.3 zypper-debugsource-1.12.50-40.3 References: https://bugzilla.suse.com/1007273 https://bugzilla.suse.com/1010712 https://bugzilla.suse.com/1014265 https://bugzilla.suse.com/1024909 https://bugzilla.suse.com/1025440 https://bugzilla.suse.com/1028492 https://bugzilla.suse.com/1030136 https://bugzilla.suse.com/1030827 https://bugzilla.suse.com/1030919 https://bugzilla.suse.com/731333 https://bugzilla.suse.com/926844 From sle-updates at lists.suse.com Wed Mar 29 13:14:11 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:14:11 +0200 (CEST) Subject: SUSE-SU-2017:0862-1: important: Security update for samba Message-ID: <20170329191411.5367EFFD4@maintenance.suse.de> SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0862-1 Rating: important References: #1019416 #1024416 #1027147 #993692 #993707 Cross-References: CVE-2017-2619 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise High Availability 12 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes: - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416). - Document "winbind: ignore domains" parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-481=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-481=1 - SUSE Linux Enterprise High Availability 12: zypper in -t patch SUSE-SLE-HA-12-2017-481=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): ctdb-4.2.4-18.35.1 ctdb-debuginfo-4.2.4-18.35.1 libdcerpc-binding0-32bit-4.2.4-18.35.1 libdcerpc-binding0-4.2.4-18.35.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.35.1 libdcerpc-binding0-debuginfo-4.2.4-18.35.1 libdcerpc0-32bit-4.2.4-18.35.1 libdcerpc0-4.2.4-18.35.1 libdcerpc0-debuginfo-32bit-4.2.4-18.35.1 libdcerpc0-debuginfo-4.2.4-18.35.1 libgensec0-32bit-4.2.4-18.35.1 libgensec0-4.2.4-18.35.1 libgensec0-debuginfo-32bit-4.2.4-18.35.1 libgensec0-debuginfo-4.2.4-18.35.1 libndr-krb5pac0-32bit-4.2.4-18.35.1 libndr-krb5pac0-4.2.4-18.35.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.35.1 libndr-krb5pac0-debuginfo-4.2.4-18.35.1 libndr-nbt0-32bit-4.2.4-18.35.1 libndr-nbt0-4.2.4-18.35.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.35.1 libndr-nbt0-debuginfo-4.2.4-18.35.1 libndr-standard0-32bit-4.2.4-18.35.1 libndr-standard0-4.2.4-18.35.1 libndr-standard0-debuginfo-32bit-4.2.4-18.35.1 libndr-standard0-debuginfo-4.2.4-18.35.1 libndr0-32bit-4.2.4-18.35.1 libndr0-4.2.4-18.35.1 libndr0-debuginfo-32bit-4.2.4-18.35.1 libndr0-debuginfo-4.2.4-18.35.1 libnetapi0-32bit-4.2.4-18.35.1 libnetapi0-4.2.4-18.35.1 libnetapi0-debuginfo-32bit-4.2.4-18.35.1 libnetapi0-debuginfo-4.2.4-18.35.1 libregistry0-4.2.4-18.35.1 libregistry0-debuginfo-4.2.4-18.35.1 libsamba-credentials0-32bit-4.2.4-18.35.1 libsamba-credentials0-4.2.4-18.35.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.35.1 libsamba-credentials0-debuginfo-4.2.4-18.35.1 libsamba-hostconfig0-32bit-4.2.4-18.35.1 libsamba-hostconfig0-4.2.4-18.35.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.35.1 libsamba-hostconfig0-debuginfo-4.2.4-18.35.1 libsamba-passdb0-32bit-4.2.4-18.35.1 libsamba-passdb0-4.2.4-18.35.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.35.1 libsamba-passdb0-debuginfo-4.2.4-18.35.1 libsamba-util0-32bit-4.2.4-18.35.1 libsamba-util0-4.2.4-18.35.1 libsamba-util0-debuginfo-32bit-4.2.4-18.35.1 libsamba-util0-debuginfo-4.2.4-18.35.1 libsamdb0-32bit-4.2.4-18.35.1 libsamdb0-4.2.4-18.35.1 libsamdb0-debuginfo-32bit-4.2.4-18.35.1 libsamdb0-debuginfo-4.2.4-18.35.1 libsmbclient-raw0-32bit-4.2.4-18.35.1 libsmbclient-raw0-4.2.4-18.35.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.35.1 libsmbclient-raw0-debuginfo-4.2.4-18.35.1 libsmbclient0-32bit-4.2.4-18.35.1 libsmbclient0-4.2.4-18.35.1 libsmbclient0-debuginfo-32bit-4.2.4-18.35.1 libsmbclient0-debuginfo-4.2.4-18.35.1 libsmbconf0-32bit-4.2.4-18.35.1 libsmbconf0-4.2.4-18.35.1 libsmbconf0-debuginfo-32bit-4.2.4-18.35.1 libsmbconf0-debuginfo-4.2.4-18.35.1 libsmbldap0-32bit-4.2.4-18.35.1 libsmbldap0-4.2.4-18.35.1 libsmbldap0-debuginfo-32bit-4.2.4-18.35.1 libsmbldap0-debuginfo-4.2.4-18.35.1 libtevent-util0-32bit-4.2.4-18.35.1 libtevent-util0-4.2.4-18.35.1 libtevent-util0-debuginfo-32bit-4.2.4-18.35.1 libtevent-util0-debuginfo-4.2.4-18.35.1 libwbclient0-32bit-4.2.4-18.35.1 libwbclient0-4.2.4-18.35.1 libwbclient0-debuginfo-32bit-4.2.4-18.35.1 libwbclient0-debuginfo-4.2.4-18.35.1 samba-32bit-4.2.4-18.35.1 samba-4.2.4-18.35.1 samba-client-32bit-4.2.4-18.35.1 samba-client-4.2.4-18.35.1 samba-client-debuginfo-32bit-4.2.4-18.35.1 samba-client-debuginfo-4.2.4-18.35.1 samba-debuginfo-32bit-4.2.4-18.35.1 samba-debuginfo-4.2.4-18.35.1 samba-debugsource-4.2.4-18.35.1 samba-libs-32bit-4.2.4-18.35.1 samba-libs-4.2.4-18.35.1 samba-libs-debuginfo-32bit-4.2.4-18.35.1 samba-libs-debuginfo-4.2.4-18.35.1 samba-winbind-32bit-4.2.4-18.35.1 samba-winbind-4.2.4-18.35.1 samba-winbind-debuginfo-32bit-4.2.4-18.35.1 samba-winbind-debuginfo-4.2.4-18.35.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): samba-doc-4.2.4-18.35.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): ctdb-4.2.4-18.35.1 ctdb-debuginfo-4.2.4-18.35.1 libdcerpc-binding0-4.2.4-18.35.1 libdcerpc-binding0-debuginfo-4.2.4-18.35.1 libdcerpc0-4.2.4-18.35.1 libdcerpc0-debuginfo-4.2.4-18.35.1 libgensec0-4.2.4-18.35.1 libgensec0-debuginfo-4.2.4-18.35.1 libndr-krb5pac0-4.2.4-18.35.1 libndr-krb5pac0-debuginfo-4.2.4-18.35.1 libndr-nbt0-4.2.4-18.35.1 libndr-nbt0-debuginfo-4.2.4-18.35.1 libndr-standard0-4.2.4-18.35.1 libndr-standard0-debuginfo-4.2.4-18.35.1 libndr0-4.2.4-18.35.1 libndr0-debuginfo-4.2.4-18.35.1 libnetapi0-4.2.4-18.35.1 libnetapi0-debuginfo-4.2.4-18.35.1 libregistry0-4.2.4-18.35.1 libregistry0-debuginfo-4.2.4-18.35.1 libsamba-credentials0-4.2.4-18.35.1 libsamba-credentials0-debuginfo-4.2.4-18.35.1 libsamba-hostconfig0-4.2.4-18.35.1 libsamba-hostconfig0-debuginfo-4.2.4-18.35.1 libsamba-passdb0-4.2.4-18.35.1 libsamba-passdb0-debuginfo-4.2.4-18.35.1 libsamba-util0-4.2.4-18.35.1 libsamba-util0-debuginfo-4.2.4-18.35.1 libsamdb0-4.2.4-18.35.1 libsamdb0-debuginfo-4.2.4-18.35.1 libsmbclient-raw0-4.2.4-18.35.1 libsmbclient-raw0-debuginfo-4.2.4-18.35.1 libsmbclient0-4.2.4-18.35.1 libsmbclient0-debuginfo-4.2.4-18.35.1 libsmbconf0-4.2.4-18.35.1 libsmbconf0-debuginfo-4.2.4-18.35.1 libsmbldap0-4.2.4-18.35.1 libsmbldap0-debuginfo-4.2.4-18.35.1 libtevent-util0-4.2.4-18.35.1 libtevent-util0-debuginfo-4.2.4-18.35.1 libwbclient0-4.2.4-18.35.1 libwbclient0-debuginfo-4.2.4-18.35.1 samba-4.2.4-18.35.1 samba-client-4.2.4-18.35.1 samba-client-debuginfo-4.2.4-18.35.1 samba-debuginfo-4.2.4-18.35.1 samba-debugsource-4.2.4-18.35.1 samba-libs-4.2.4-18.35.1 samba-libs-debuginfo-4.2.4-18.35.1 samba-winbind-4.2.4-18.35.1 samba-winbind-debuginfo-4.2.4-18.35.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-18.35.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-18.35.1 libdcerpc0-32bit-4.2.4-18.35.1 libdcerpc0-debuginfo-32bit-4.2.4-18.35.1 libgensec0-32bit-4.2.4-18.35.1 libgensec0-debuginfo-32bit-4.2.4-18.35.1 libndr-krb5pac0-32bit-4.2.4-18.35.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-18.35.1 libndr-nbt0-32bit-4.2.4-18.35.1 libndr-nbt0-debuginfo-32bit-4.2.4-18.35.1 libndr-standard0-32bit-4.2.4-18.35.1 libndr-standard0-debuginfo-32bit-4.2.4-18.35.1 libndr0-32bit-4.2.4-18.35.1 libndr0-debuginfo-32bit-4.2.4-18.35.1 libnetapi0-32bit-4.2.4-18.35.1 libnetapi0-debuginfo-32bit-4.2.4-18.35.1 libsamba-credentials0-32bit-4.2.4-18.35.1 libsamba-credentials0-debuginfo-32bit-4.2.4-18.35.1 libsamba-hostconfig0-32bit-4.2.4-18.35.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.35.1 libsamba-passdb0-32bit-4.2.4-18.35.1 libsamba-passdb0-debuginfo-32bit-4.2.4-18.35.1 libsamba-util0-32bit-4.2.4-18.35.1 libsamba-util0-debuginfo-32bit-4.2.4-18.35.1 libsamdb0-32bit-4.2.4-18.35.1 libsamdb0-debuginfo-32bit-4.2.4-18.35.1 libsmbclient-raw0-32bit-4.2.4-18.35.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-18.35.1 libsmbclient0-32bit-4.2.4-18.35.1 libsmbclient0-debuginfo-32bit-4.2.4-18.35.1 libsmbconf0-32bit-4.2.4-18.35.1 libsmbconf0-debuginfo-32bit-4.2.4-18.35.1 libsmbldap0-32bit-4.2.4-18.35.1 libsmbldap0-debuginfo-32bit-4.2.4-18.35.1 libtevent-util0-32bit-4.2.4-18.35.1 libtevent-util0-debuginfo-32bit-4.2.4-18.35.1 libwbclient0-32bit-4.2.4-18.35.1 libwbclient0-debuginfo-32bit-4.2.4-18.35.1 samba-32bit-4.2.4-18.35.1 samba-client-32bit-4.2.4-18.35.1 samba-client-debuginfo-32bit-4.2.4-18.35.1 samba-debuginfo-32bit-4.2.4-18.35.1 samba-libs-32bit-4.2.4-18.35.1 samba-libs-debuginfo-32bit-4.2.4-18.35.1 samba-winbind-32bit-4.2.4-18.35.1 samba-winbind-debuginfo-32bit-4.2.4-18.35.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): samba-doc-4.2.4-18.35.1 - SUSE Linux Enterprise High Availability 12 (s390x x86_64): ctdb-4.2.4-18.35.1 ctdb-debuginfo-4.2.4-18.35.1 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1019416 https://bugzilla.suse.com/1024416 https://bugzilla.suse.com/1027147 https://bugzilla.suse.com/993692 https://bugzilla.suse.com/993707 From sle-updates at lists.suse.com Wed Mar 29 13:15:21 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Mar 2017 21:15:21 +0200 (CEST) Subject: SUSE-RU-2017:0863-1: moderate: Recommended update for libsolv, libzypp, zypper Message-ID: <20170329191521.AE1A9FFD4@maintenance.suse.de> SUSE Recommended Update: Recommended update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0863-1 Rating: moderate References: #1017267 #1018873 #1021291 #1022046 #1024741 #1024909 #1025440 #1028003 #1028119 #1028492 #1030136 #1030827 #1030919 #926844 #983021 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that has 15 recommended fixes can now be installed. Description: The Software Update Stack was updated to include fixes and enhancements. libsolv: - Export solvable_matchesdep function, as we now use it in the bindings. (bsc#1025440) - New SOLVER_FLAG_STRONG_RECOMMENDS and SOLVER_FLAG_INSTALL_ALSO_UPDATES flags. - New matchesdep() method in bindings. - SOLVABLE_NAME selects nevr matching for pool_whatmatchesdep and solvable_matchesdep. - Make solver_problemruleinfo2str return reason why a package is not installable. libzypp: - Support multi-volume repomd repositories. (fate#320544) - Parse ZYPP_MEDIA_CURL_IPRESOLVE=4|6 to force name resolution to IPv4/IPv6 only. - Fix X-libcurl-Empty-Header-Workaround. (bsc#1030919, bsc#1030827) - Treat HTTP response 410 (Gone) like 404 (Not Found). (bsc#1030136) - Create temporary directories inside ZYpp::tmpPath. (bsc#926844) - Don't create AnonymousUniqueId in chroot. (bsc#1024741) - Properly escape XML node content. (bsc#1024909) - Trigger aliveCallback when downloading metalink files. (bsc#1021291) - Fix mountpoint creation after failing UDF mount. (bsc#1022046) - Prefer calling "repo2solv" rather than "repo2solv.sh". zypper: - Don't show installed system packages if list command is restricted to repos. (bsc#1028492) - Indicate presence of additional prompt options not mentioned in the prompt string. - Make temporary repos invisible for other zypp instances. (bsc#1017267) - Remove non-working email addresses from author section in man page. (bsc#1028003) - Try to exit gracefully after SIGPIPE. (bsc#926844) - Add -y command option to 'dup' as alias for --non-interactive global option to be consistent with other install commands. (bsc#1018873) - Improve package info. Show binary packages built from a source package and for packages the source package it was built from. If no specific type is requested and no package matches, show non-package matches if available. (fate#321104) - Fix invalid XML in GPG key info output. (bsc#1024909) - Fix --help output breaking tab completion. (bsc#983021) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-483=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-483=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-483=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-483=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-483=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libsolv-debugsource-0.6.26-2.27.3.3 libsolv-devel-0.6.26-2.27.3.3 libsolv-devel-debuginfo-0.6.26-2.27.3.3 libzypp-debuginfo-16.5.2-27.9.1 libzypp-debugsource-16.5.2-27.9.1 libzypp-devel-16.5.2-27.9.1 libzypp-devel-doc-16.5.2-27.9.1 perl-solv-0.6.26-2.27.3.3 perl-solv-debuginfo-0.6.26-2.27.3.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libsolv-debugsource-0.6.26-2.27.3.3 libsolv-tools-0.6.26-2.27.3.3 libsolv-tools-debuginfo-0.6.26-2.27.3.3 libzypp-16.5.2-27.9.1 libzypp-debuginfo-16.5.2-27.9.1 libzypp-debugsource-16.5.2-27.9.1 perl-solv-0.6.26-2.27.3.3 perl-solv-debuginfo-0.6.26-2.27.3.3 python-solv-0.6.26-2.27.3.3 python-solv-debuginfo-0.6.26-2.27.3.3 zypper-1.13.21-18.3.3 zypper-debuginfo-1.13.21-18.3.3 zypper-debugsource-1.13.21-18.3.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): zypper-log-1.13.21-18.3.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libsolv-debugsource-0.6.26-2.27.3.3 libsolv-tools-0.6.26-2.27.3.3 libsolv-tools-debuginfo-0.6.26-2.27.3.3 libzypp-16.5.2-27.9.1 libzypp-debuginfo-16.5.2-27.9.1 libzypp-debugsource-16.5.2-27.9.1 perl-solv-0.6.26-2.27.3.3 perl-solv-debuginfo-0.6.26-2.27.3.3 python-solv-0.6.26-2.27.3.3 python-solv-debuginfo-0.6.26-2.27.3.3 zypper-1.13.21-18.3.3 zypper-debuginfo-1.13.21-18.3.3 zypper-debugsource-1.13.21-18.3.3 - SUSE Linux Enterprise Server 12-SP2 (noarch): zypper-log-1.13.21-18.3.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libsolv-debugsource-0.6.26-2.27.3.3 libsolv-tools-0.6.26-2.27.3.3 libsolv-tools-debuginfo-0.6.26-2.27.3.3 libzypp-16.5.2-27.9.1 libzypp-debuginfo-16.5.2-27.9.1 libzypp-debugsource-16.5.2-27.9.1 python-solv-0.6.26-2.27.3.3 python-solv-debuginfo-0.6.26-2.27.3.3 zypper-1.13.21-18.3.3 zypper-debuginfo-1.13.21-18.3.3 zypper-debugsource-1.13.21-18.3.3 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): zypper-log-1.13.21-18.3.3 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libsolv-debugsource-0.6.26-2.27.3.3 libsolv-tools-0.6.26-2.27.3.3 libsolv-tools-debuginfo-0.6.26-2.27.3.3 libzypp-16.5.2-27.9.1 libzypp-debuginfo-16.5.2-27.9.1 libzypp-debugsource-16.5.2-27.9.1 zypper-1.13.21-18.3.3 zypper-debuginfo-1.13.21-18.3.3 zypper-debugsource-1.13.21-18.3.3 References: https://bugzilla.suse.com/1017267 https://bugzilla.suse.com/1018873 https://bugzilla.suse.com/1021291 https://bugzilla.suse.com/1022046 https://bugzilla.suse.com/1024741 https://bugzilla.suse.com/1024909 https://bugzilla.suse.com/1025440 https://bugzilla.suse.com/1028003 https://bugzilla.suse.com/1028119 https://bugzilla.suse.com/1028492 https://bugzilla.suse.com/1030136 https://bugzilla.suse.com/1030827 https://bugzilla.suse.com/1030919 https://bugzilla.suse.com/926844 https://bugzilla.suse.com/983021 From sle-updates at lists.suse.com Wed Mar 29 22:09:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 06:09:05 +0200 (CEST) Subject: SUSE-SU-2017:0864-1: important: Security update for the Linux Kernel Message-ID: <20170330040905.C4A70F7BA@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0864-1 Rating: important References: #1027565 #1028372 #1030573 Cross-References: CVE-2017-2636 CVE-2017-7184 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-487=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-487=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-487=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-487=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-487=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2017-487=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-487=1 - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-487=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 kernel-default-extra-4.4.49-92.14.1 kernel-default-extra-debuginfo-4.4.49-92.14.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.4.49-92.14.1 kernel-obs-build-debugsource-4.4.49-92.14.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): kernel-docs-4.4.49-92.14.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): kernel-default-4.4.49-92.14.1 kernel-default-base-4.4.49-92.14.1 kernel-default-base-debuginfo-4.4.49-92.14.1 kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 kernel-default-devel-4.4.49-92.14.1 kernel-syms-4.4.49-92.14.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): kernel-devel-4.4.49-92.14.1 kernel-macros-4.4.49-92.14.1 kernel-source-4.4.49-92.14.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): kernel-default-4.4.49-92.14.1 kernel-default-base-4.4.49-92.14.1 kernel-default-base-debuginfo-4.4.49-92.14.1 kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 kernel-default-devel-4.4.49-92.14.1 kernel-syms-4.4.49-92.14.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): kernel-devel-4.4.49-92.14.1 kernel-macros-4.4.49-92.14.1 kernel-source-4.4.49-92.14.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_49-92_14-default-1-2.1 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): cluster-md-kmp-default-4.4.49-92.14.1 cluster-md-kmp-default-debuginfo-4.4.49-92.14.1 cluster-network-kmp-default-4.4.49-92.14.1 cluster-network-kmp-default-debuginfo-4.4.49-92.14.1 dlm-kmp-default-4.4.49-92.14.1 dlm-kmp-default-debuginfo-4.4.49-92.14.1 gfs2-kmp-default-4.4.49-92.14.1 gfs2-kmp-default-debuginfo-4.4.49-92.14.1 kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 ocfs2-kmp-default-4.4.49-92.14.1 ocfs2-kmp-default-debuginfo-4.4.49-92.14.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): kernel-default-4.4.49-92.14.1 kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 kernel-default-devel-4.4.49-92.14.1 kernel-default-extra-4.4.49-92.14.1 kernel-default-extra-debuginfo-4.4.49-92.14.1 kernel-syms-4.4.49-92.14.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): kernel-devel-4.4.49-92.14.1 kernel-macros-4.4.49-92.14.1 kernel-source-4.4.49-92.14.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): kernel-default-4.4.49-92.14.1 kernel-default-debuginfo-4.4.49-92.14.1 kernel-default-debugsource-4.4.49-92.14.1 References: https://www.suse.com/security/cve/CVE-2017-2636.html https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1027565 https://bugzilla.suse.com/1028372 https://bugzilla.suse.com/1030573 From sle-updates at lists.suse.com Wed Mar 29 22:09:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 06:09:58 +0200 (CEST) Subject: SUSE-SU-2017:0865-1: important: Security update for the Linux Kernel Message-ID: <20170330040958.75203F7C9@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0865-1 Rating: important References: #1027565 #1028372 #1030573 Cross-References: CVE-2017-2636 CVE-2017-7184 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-485=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-485=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-485=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-485=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-485=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-485=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-extra-3.12.69-60.64.35.1 kernel-default-extra-debuginfo-3.12.69-60.64.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.69-60.64.35.1 kernel-obs-build-debugsource-3.12.69-60.64.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.69-60.64.35.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.69-60.64.35.1 kernel-default-base-3.12.69-60.64.35.1 kernel-default-base-debuginfo-3.12.69-60.64.35.1 kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-devel-3.12.69-60.64.35.1 kernel-syms-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.69-60.64.35.1 kernel-macros-3.12.69-60.64.35.1 kernel-source-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.69-60.64.35.1 kernel-xen-base-3.12.69-60.64.35.1 kernel-xen-base-debuginfo-3.12.69-60.64.35.1 kernel-xen-debuginfo-3.12.69-60.64.35.1 kernel-xen-debugsource-3.12.69-60.64.35.1 kernel-xen-devel-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.69-60.64.35.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.69-60.64.35.1 kernel-ec2-debuginfo-3.12.69-60.64.35.1 kernel-ec2-debugsource-3.12.69-60.64.35.1 kernel-ec2-devel-3.12.69-60.64.35.1 kernel-ec2-extra-3.12.69-60.64.35.1 kernel-ec2-extra-debuginfo-3.12.69-60.64.35.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_35-default-1-2.1 kgraft-patch-3_12_69-60_64_35-xen-1-2.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.69-60.64.35.1 kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-devel-3.12.69-60.64.35.1 kernel-default-extra-3.12.69-60.64.35.1 kernel-default-extra-debuginfo-3.12.69-60.64.35.1 kernel-syms-3.12.69-60.64.35.1 kernel-xen-3.12.69-60.64.35.1 kernel-xen-debuginfo-3.12.69-60.64.35.1 kernel-xen-debugsource-3.12.69-60.64.35.1 kernel-xen-devel-3.12.69-60.64.35.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.69-60.64.35.1 kernel-macros-3.12.69-60.64.35.1 kernel-source-3.12.69-60.64.35.1 References: https://www.suse.com/security/cve/CVE-2017-2636.html https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1027565 https://bugzilla.suse.com/1028372 https://bugzilla.suse.com/1030573 From sle-updates at lists.suse.com Wed Mar 29 22:10:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 06:10:43 +0200 (CEST) Subject: SUSE-SU-2017:0866-1: important: Security update for the Linux Kernel Message-ID: <20170330041043.CB9C7F7C9@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0866-1 Rating: important References: #1027565 #1028372 #1030573 Cross-References: CVE-2017-2636 CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-486=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-486=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-486=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (noarch): kernel-devel-3.12.61-52.69.2 kernel-macros-3.12.61-52.69.2 kernel-source-3.12.61-52.69.2 - SUSE Linux Enterprise Server for SAP 12 (x86_64): kernel-default-3.12.61-52.69.2 kernel-default-base-3.12.61-52.69.2 kernel-default-base-debuginfo-3.12.61-52.69.2 kernel-default-debuginfo-3.12.61-52.69.2 kernel-default-debugsource-3.12.61-52.69.2 kernel-default-devel-3.12.61-52.69.2 kernel-syms-3.12.61-52.69.1 kernel-xen-3.12.61-52.69.2 kernel-xen-base-3.12.61-52.69.2 kernel-xen-base-debuginfo-3.12.61-52.69.2 kernel-xen-debuginfo-3.12.61-52.69.2 kernel-xen-debugsource-3.12.61-52.69.2 kernel-xen-devel-3.12.61-52.69.2 kgraft-patch-3_12_61-52_69-default-1-2.3 kgraft-patch-3_12_61-52_69-xen-1-2.3 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): kernel-default-3.12.61-52.69.2 kernel-default-base-3.12.61-52.69.2 kernel-default-base-debuginfo-3.12.61-52.69.2 kernel-default-debuginfo-3.12.61-52.69.2 kernel-default-debugsource-3.12.61-52.69.2 kernel-default-devel-3.12.61-52.69.2 kernel-syms-3.12.61-52.69.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kernel-xen-3.12.61-52.69.2 kernel-xen-base-3.12.61-52.69.2 kernel-xen-base-debuginfo-3.12.61-52.69.2 kernel-xen-debuginfo-3.12.61-52.69.2 kernel-xen-debugsource-3.12.61-52.69.2 kernel-xen-devel-3.12.61-52.69.2 kgraft-patch-3_12_61-52_69-default-1-2.3 kgraft-patch-3_12_61-52_69-xen-1-2.3 - SUSE Linux Enterprise Server 12-LTSS (noarch): kernel-devel-3.12.61-52.69.2 kernel-macros-3.12.61-52.69.2 kernel-source-3.12.61-52.69.2 - SUSE Linux Enterprise Server 12-LTSS (s390x): kernel-default-man-3.12.61-52.69.2 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.61-52.69.2 kernel-ec2-debuginfo-3.12.61-52.69.2 kernel-ec2-debugsource-3.12.61-52.69.2 kernel-ec2-devel-3.12.61-52.69.2 kernel-ec2-extra-3.12.61-52.69.2 kernel-ec2-extra-debuginfo-3.12.61-52.69.2 References: https://www.suse.com/security/cve/CVE-2017-2636.html https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1027565 https://bugzilla.suse.com/1028372 https://bugzilla.suse.com/1030573 From sle-updates at lists.suse.com Thu Mar 30 04:09:19 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:09:19 +0200 (CEST) Subject: SUSE-SU-2017:0867-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 Message-ID: <20170330100919.65225F7BA@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0867-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.21-81 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-495=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-81-default-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:09:45 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:09:45 +0200 (CEST) Subject: SUSE-SU-2017:0868-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 Message-ID: <20170330100945.6611DF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0868-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-498=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-5-2.1 kgraft-patch-3_12_67-60_64_21-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:10:08 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:10:08 +0200 (CEST) Subject: SUSE-SU-2017:0869-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 Message-ID: <20170330101008.ACB9CF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0869-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.21-84 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-493=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:10:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:10:32 +0200 (CEST) Subject: SUSE-SU-2017:0870-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 Message-ID: <20170330101032.7388FF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0870-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.21-69 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-488=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-69-default-5-14.2 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:10:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:10:56 +0200 (CEST) Subject: SUSE-SU-2017:0871-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 Message-ID: <20170330101056.B5997F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0871-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.69-60_64_29 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-497=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_29-default-3-2.1 kgraft-patch-3_12_69-60_64_29-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:11:21 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:11:21 +0200 (CEST) Subject: SUSE-SU-2017:0872-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 Message-ID: <20170330101121.4260FF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0872-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.69-60_64_32 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-496=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_32-default-2-2.1 kgraft-patch-3_12_69-60_64_32-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:11:43 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:11:43 +0200 (CEST) Subject: SUSE-SU-2017:0873-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 Message-ID: <20170330101143.E64FEF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0873-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.55-52_45 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-510=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-510=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_45-default-8-2.1 kgraft-patch-3_12_55-52_45-xen-8-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_45-default-8-2.1 kgraft-patch-3_12_55-52_45-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:12:08 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:12:08 +0200 (CEST) Subject: SUSE-SU-2017:0874-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 Message-ID: <20170330101208.E9692F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0874-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.57-60_35 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-504=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_57-60_35-default-9-2.1 kgraft-patch-3_12_57-60_35-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:12:31 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:12:31 +0200 (CEST) Subject: SUSE-SU-2017:0875-1: important: Security update for Linux Kernel Live Patch 19 for SLE 12 Message-ID: <20170330101231.12230F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0875-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.61-52_66 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-494=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-494=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_66-default-3-2.1 kgraft-patch-3_12_61-52_66-xen-3-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_66-default-3-2.1 kgraft-patch-3_12_61-52_66-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:12:55 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:12:55 +0200 (CEST) Subject: SUSE-SU-2017:0876-1: important: Security update for Linux Kernel Live Patch 17 for SLE 12 Message-ID: <20170330101255.C4A66F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 17 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0876-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_60 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-506=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-506=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_60-default-4-2.1 kgraft-patch-3_12_60-52_60-xen-4-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_60-default-4-2.1 kgraft-patch-3_12_60-52_60-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:13:18 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:13:18 +0200 (CEST) Subject: SUSE-SU-2017:0877-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 Message-ID: <20170330101318.CF9D8F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0877-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.59-60_45 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-502=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_45-default-9-2.1 kgraft-patch-3_12_59-60_45-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:13:45 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:13:45 +0200 (CEST) Subject: SUSE-SU-2017:0878-1: important: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 Message-ID: <20170330101345.19505F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0878-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.21-90 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-492=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-90-default-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:14:08 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:14:08 +0200 (CEST) Subject: SUSE-SU-2017:0879-1: important: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 Message-ID: <20170330101408.B6B3BF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0879-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.62-60_64_8 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-501=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_64_8-default-7-2.1 kgraft-patch-3_12_62-60_64_8-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:14:34 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:14:34 +0200 (CEST) Subject: SUSE-SU-2017:0880-1: important: Security update for Linux Kernel Live Patch 15 for SLE 12 Message-ID: <20170330101434.D8BDAF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0880-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_54 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-508=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-508=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_54-default-8-2.1 kgraft-patch-3_12_60-52_54-xen-8-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_54-default-8-2.1 kgraft-patch-3_12_60-52_54-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:14:59 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:14:59 +0200 (CEST) Subject: SUSE-SU-2017:0881-1: important: Security update for Linux Kernel Live Patch 14 for SLE 12 Message-ID: <20170330101459.EB0FDF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0881-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_49 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-509=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-509=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_49-default-8-2.1 kgraft-patch-3_12_60-52_49-xen-8-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_49-default-8-2.1 kgraft-patch-3_12_60-52_49-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:15:32 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:15:32 +0200 (CEST) Subject: SUSE-SU-2017:0882-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 Message-ID: <20170330101532.B7A73F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0882-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.59-60_41 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-503=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_41-default-9-2.1 kgraft-patch-3_12_59-60_41-xen-9-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:16:05 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:16:05 +0200 (CEST) Subject: SUSE-SU-2017:0883-1: important: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 Message-ID: <20170330101605.29D59F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0883-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.62-60_62 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-500=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_62-default-8-2.1 kgraft-patch-3_12_62-60_62-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:16:35 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:16:35 +0200 (CEST) Subject: SUSE-SU-2017:0884-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 Message-ID: <20170330101635.3C7BFF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0884-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.38-93 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-491=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_38-93-default-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:17:06 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:17:06 +0200 (CEST) Subject: SUSE-SU-2017:0885-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP2 Message-ID: <20170330101706.324E5F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 5 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0885-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.49-92_11 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-490=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_49-92_11-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:17:30 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:17:30 +0200 (CEST) Subject: SUSE-SU-2017:0886-1: important: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 Message-ID: <20170330101730.56FB0F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0886-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.67-60_64_24 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-489=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_24-default-4-2.1 kgraft-patch-3_12_67-60_64_24-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:17:55 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:17:55 +0200 (CEST) Subject: SUSE-SU-2017:0887-1: important: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 Message-ID: <20170330101755.27F1AF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0887-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.67-60_64_18 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-499=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_18-default-6-2.1 kgraft-patch-3_12_67-60_64_18-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:18:20 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:18:20 +0200 (CEST) Subject: SUSE-SU-2017:0888-1: important: Security update for Linux Kernel Live Patch 18 for SLE 12 Message-ID: <20170330101820.BA5C4F7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0888-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_63 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-505=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-505=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_63-default-4-2.1 kgraft-patch-3_12_60-52_63-xen-4-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_63-default-4-2.1 kgraft-patch-3_12_60-52_63-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 04:18:51 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Mar 2017 12:18:51 +0200 (CEST) Subject: SUSE-SU-2017:0889-1: important: Security update for Linux Kernel Live Patch 16 for SLE 12 Message-ID: <20170330101851.1EFBAF7C9@maintenance.suse.de> SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0889-1 Rating: important References: #1030575 Cross-References: CVE-2017-7184 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.60-52_57 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via an integer overflow, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bsc#1030575). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-507=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-507=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_57-default-5-2.1 kgraft-patch-3_12_60-52_57-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_57-default-5-2.1 kgraft-patch-3_12_60-52_57-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1030575 From sle-updates at lists.suse.com Thu Mar 30 16:09:08 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 00:09:08 +0200 (CEST) Subject: SUSE-RU-2017:0893-1: Recommended update for sapconf Message-ID: <20170330220908.B4FECF7D1@maintenance.suse.de> SUSE Recommended Update: Recommended update for sapconf ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0893-1 Rating: low References: #1016795 #1025824 #1027411 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for sapconf provides the following fixes: - Use arbitrary precision calculator rather than bash's built-in integer calculator to calculate parameter values. This fixes potential integer overflow issues. (bsc#1027411) - Apply tuning technique of Netweaver in HANA profile too. (bsc#1016795) - Remove "force_latency=1" from HANA's configuration, so that CPUs are no longer kept busy when idling. (bsc#1025824) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-511=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-511=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): sapconf-4.1.5-26.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): sapconf-4.1.5-26.1 References: https://bugzilla.suse.com/1016795 https://bugzilla.suse.com/1025824 https://bugzilla.suse.com/1027411 From sle-updates at lists.suse.com Thu Mar 30 19:07:56 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 03:07:56 +0200 (CEST) Subject: SUSE-RU-2017:0895-1: moderate: Recommended update for lvm2 Message-ID: <20170331010756.8A282F7D1@maintenance.suse.de> SUSE Recommended Update: Recommended update for lvm2 ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0895-1 Rating: moderate References: #1015943 #1023283 #1025560 #1025630 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise High Availability 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for lvm2 provides the following fixes: - Fix clvmd segmentation fault on ppc64le architecture. (bsc#1025630) - Fix several trivial issues about clvmd/cmirrord resource agents. (bsc#1023283, bsc#1025560) - Add systemd_requires to device-mapper package. (bsc#1015943) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-512=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-512=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2017-512=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-512=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): device-mapper-devel-1.02.97-84.1 lvm2-debuginfo-2.02.120-84.1 lvm2-debugsource-2.02.120-84.1 lvm2-devel-2.02.120-84.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): device-mapper-1.02.97-84.1 device-mapper-debuginfo-1.02.97-84.1 lvm2-2.02.120-84.1 lvm2-debuginfo-2.02.120-84.1 lvm2-debugsource-2.02.120-84.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): device-mapper-32bit-1.02.97-84.1 device-mapper-debuginfo-32bit-1.02.97-84.1 - SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64): lvm2-clvm-2.02.120-84.1 lvm2-clvm-debuginfo-2.02.120-84.1 lvm2-cmirrord-2.02.120-84.1 lvm2-cmirrord-debuginfo-2.02.120-84.1 lvm2-debuginfo-2.02.120-84.1 lvm2-debugsource-2.02.120-84.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): device-mapper-1.02.97-84.1 device-mapper-32bit-1.02.97-84.1 device-mapper-debuginfo-1.02.97-84.1 device-mapper-debuginfo-32bit-1.02.97-84.1 lvm2-2.02.120-84.1 lvm2-debuginfo-2.02.120-84.1 lvm2-debugsource-2.02.120-84.1 References: https://bugzilla.suse.com/1015943 https://bugzilla.suse.com/1023283 https://bugzilla.suse.com/1025560 https://bugzilla.suse.com/1025630 From sle-updates at lists.suse.com Fri Mar 31 10:09:15 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 18:09:15 +0200 (CEST) Subject: SUSE-RU-2017:0896-1: Recommended update for sapconf Message-ID: <20170331160915.40563FC60@maintenance.suse.de> SUSE Recommended Update: Recommended update for sapconf ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0896-1 Rating: low References: #1016795 #1025824 #1027411 #983454 Affected Products: SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for sapconf fixes the following issues: - Use arbitrary precision calculator rather than bash's built-in integer calculator to calculate parameter values. This fixes potential integer overflow issues. (bsc#1027411) - Apply tuning technique of Netweaver in HANA profile too. (bsc#1016795) - Remove "force_latency=1" from HANA's configuration, so that CPUs are no longer kept busy when idling. (bsc#1025824) - Start uuidd.socket as soon as the package is installed. (bsc#983454) - Control uuidd as a step of the tuning process. (bsc#983454) - Recommend installation of tuned. (fate#320783) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-516=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12-SP1 (noarch): sapconf-4.1.5-18.3.1 References: https://bugzilla.suse.com/1016795 https://bugzilla.suse.com/1025824 https://bugzilla.suse.com/1027411 https://bugzilla.suse.com/983454 From sle-updates at lists.suse.com Fri Mar 31 10:10:58 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 18:10:58 +0200 (CEST) Subject: SUSE-RU-2017:0898-1: moderate: Recommended update for hwinfo, yast2, yast2-network Message-ID: <20170331161058.8B8ABFC60@maintenance.suse.de> SUSE Recommended Update: Recommended update for hwinfo, yast2, yast2-network ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0898-1 Rating: moderate References: #1001454 #1005428 #1005721 #1006818 #1007172 #1010276 #1011869 #1012581 #1016004 #962824 #966413 #970111 #984890 #996879 Affected Products: SUSE Linux Enterprise Server for SAP Installer 12-SP2 SUSE Linux Enterprise Server Installer for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server Installer 12-SP2 SUSE Linux Enterprise Desktop Installer 12-SP2 ______________________________________________________________________________ An update that has 14 recommended fixes can now be installed. Description: The SUSE Linux Enterprise 12 SP2 Installer System received a collective update that addresses many issues. The following fixes are included: hwinfo: - Look for smbios entry point also in EFI settings. (bsc#1010276) - Look for DMI table also in sysfs. (bsc#1010276) - Add permanent MAC address field for network cards. (bsc#1007172) - Ensure network devices have a bus_id. (bsc#1007172) - Update PCI and USB IDs. (bsc#1006818) - Implement nvdimm support. (bsc#970111) - Fix detection of usb controllers on aarch64 systems. (bsc#1005428) - Update script to parse USB ID list correctly. yast2: - Add-on module: Do not escape characters like ":" in the path string. (bsc#966413) - Added method to adapt old configuration of enslaved network interfaces. (bsc#962824) - Use canonical path in save_y2logs. (bsc#1001454) - Fix replacement of workflow modules. (bsc#1011869) - Add a method to read the ID property from the /etc/os-release file. (bsc#1016004) yast2-network: - When an interface is enslaved in a bond the udev rule is modified using the bus_id instead of the mac address but some multi-port cards could use the same bus_id. In such cases also the dev_port is needed. Taking this in account the dev_port will be added always when a udev rule based on bus_id is written. (bsc#1007172, bsc#1005721) - Bridge handling has been improved: (bsc#962824) - "NONE" is shown instead of 0.0.0.0 for old bridge configuration. - The bridge master is shown in the enslaved interface. - The interfaces overview is updated after a bridge is modified. - The interfaces enslaved are not lost when save in a different tab. - Do not crash with internal error stating undefined method when switching to "Hostname / DNS" tab when the system contains incorrect configuration of DHCLIENT_SET_HOSTNAME. (bsc#1012581) - New implementation of setting hostname via DHCP. User is allowed to set hostname via particular interface or set a reasonable default value for all interfaces. (bsc#984890) - Fixed the assignment of udev rules to Lan Items when a previous one does not exist. (bsc#996879) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP Installer 12-SP2: zypper in -t patch SUSE-SLE-SAP-INSTALLER-12-SP2-2017-517=1 - SUSE Linux Enterprise Server Installer for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-INSTALLER-12-SP2-2017-517=1 - SUSE Linux Enterprise Server Installer 12-SP2: zypper in -t patch SUSE-SLE-SERVER-INSTALLER-12-SP2-2017-517=1 - SUSE Linux Enterprise Desktop Installer 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-INSTALLER-12-SP2-2017-517=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP Installer 12-SP2 (ppc64le x86_64): hwinfo-21.38-15.7.2 hwinfo-debuginfo-21.38-15.7.2 hwinfo-debugsource-21.38-15.7.2 yast2-3.1.211-37.11.2 yast2-network-3.1.172-39.2 - SUSE Linux Enterprise Server Installer for Raspberry Pi 12-SP2 (aarch64): hwinfo-21.38-15.7.2 hwinfo-debuginfo-21.38-15.7.2 hwinfo-debugsource-21.38-15.7.2 yast2-3.1.211-37.11.2 yast2-network-3.1.172-39.2 - SUSE Linux Enterprise Server Installer 12-SP2 (aarch64 ppc64le s390x x86_64): hwinfo-21.38-15.7.2 hwinfo-debuginfo-21.38-15.7.2 hwinfo-debugsource-21.38-15.7.2 yast2-3.1.211-37.11.2 yast2-network-3.1.172-39.2 - SUSE Linux Enterprise Desktop Installer 12-SP2 (x86_64): hwinfo-21.38-15.7.2 hwinfo-debuginfo-21.38-15.7.2 hwinfo-debugsource-21.38-15.7.2 yast2-3.1.211-37.11.2 yast2-network-3.1.172-39.2 References: https://bugzilla.suse.com/1001454 https://bugzilla.suse.com/1005428 https://bugzilla.suse.com/1005721 https://bugzilla.suse.com/1006818 https://bugzilla.suse.com/1007172 https://bugzilla.suse.com/1010276 https://bugzilla.suse.com/1011869 https://bugzilla.suse.com/1012581 https://bugzilla.suse.com/1016004 https://bugzilla.suse.com/962824 https://bugzilla.suse.com/966413 https://bugzilla.suse.com/970111 https://bugzilla.suse.com/984890 https://bugzilla.suse.com/996879 From sle-updates at lists.suse.com Fri Mar 31 10:13:46 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 18:13:46 +0200 (CEST) Subject: SUSE-SU-2017:0899-1: moderate: Security update for php7 Message-ID: <20170331161346.9B39EFC60@maintenance.suse.de> SUSE Security Update: Security update for php7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0899-1 Rating: moderate References: #1027210 Cross-References: CVE-2015-8994 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for php7 fixes the following issues: Security issue fixed: - CVE-2015-8994: code permission/sensitive data protection vulnerability (bsc#1027210). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-514=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-514=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-514=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): php7-debuginfo-7.0.7-38.1 php7-debugsource-7.0.7-38.1 php7-devel-7.0.7-38.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): php7-debuginfo-7.0.7-38.1 php7-debugsource-7.0.7-38.1 php7-devel-7.0.7-38.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php7-7.0.7-38.1 apache2-mod_php7-debuginfo-7.0.7-38.1 php7-7.0.7-38.1 php7-bcmath-7.0.7-38.1 php7-bcmath-debuginfo-7.0.7-38.1 php7-bz2-7.0.7-38.1 php7-bz2-debuginfo-7.0.7-38.1 php7-calendar-7.0.7-38.1 php7-calendar-debuginfo-7.0.7-38.1 php7-ctype-7.0.7-38.1 php7-ctype-debuginfo-7.0.7-38.1 php7-curl-7.0.7-38.1 php7-curl-debuginfo-7.0.7-38.1 php7-dba-7.0.7-38.1 php7-dba-debuginfo-7.0.7-38.1 php7-debuginfo-7.0.7-38.1 php7-debugsource-7.0.7-38.1 php7-dom-7.0.7-38.1 php7-dom-debuginfo-7.0.7-38.1 php7-enchant-7.0.7-38.1 php7-enchant-debuginfo-7.0.7-38.1 php7-exif-7.0.7-38.1 php7-exif-debuginfo-7.0.7-38.1 php7-fastcgi-7.0.7-38.1 php7-fastcgi-debuginfo-7.0.7-38.1 php7-fileinfo-7.0.7-38.1 php7-fileinfo-debuginfo-7.0.7-38.1 php7-fpm-7.0.7-38.1 php7-fpm-debuginfo-7.0.7-38.1 php7-ftp-7.0.7-38.1 php7-ftp-debuginfo-7.0.7-38.1 php7-gd-7.0.7-38.1 php7-gd-debuginfo-7.0.7-38.1 php7-gettext-7.0.7-38.1 php7-gettext-debuginfo-7.0.7-38.1 php7-gmp-7.0.7-38.1 php7-gmp-debuginfo-7.0.7-38.1 php7-iconv-7.0.7-38.1 php7-iconv-debuginfo-7.0.7-38.1 php7-imap-7.0.7-38.1 php7-imap-debuginfo-7.0.7-38.1 php7-intl-7.0.7-38.1 php7-intl-debuginfo-7.0.7-38.1 php7-json-7.0.7-38.1 php7-json-debuginfo-7.0.7-38.1 php7-ldap-7.0.7-38.1 php7-ldap-debuginfo-7.0.7-38.1 php7-mbstring-7.0.7-38.1 php7-mbstring-debuginfo-7.0.7-38.1 php7-mcrypt-7.0.7-38.1 php7-mcrypt-debuginfo-7.0.7-38.1 php7-mysql-7.0.7-38.1 php7-mysql-debuginfo-7.0.7-38.1 php7-odbc-7.0.7-38.1 php7-odbc-debuginfo-7.0.7-38.1 php7-opcache-7.0.7-38.1 php7-opcache-debuginfo-7.0.7-38.1 php7-openssl-7.0.7-38.1 php7-openssl-debuginfo-7.0.7-38.1 php7-pcntl-7.0.7-38.1 php7-pcntl-debuginfo-7.0.7-38.1 php7-pdo-7.0.7-38.1 php7-pdo-debuginfo-7.0.7-38.1 php7-pgsql-7.0.7-38.1 php7-pgsql-debuginfo-7.0.7-38.1 php7-phar-7.0.7-38.1 php7-phar-debuginfo-7.0.7-38.1 php7-posix-7.0.7-38.1 php7-posix-debuginfo-7.0.7-38.1 php7-pspell-7.0.7-38.1 php7-pspell-debuginfo-7.0.7-38.1 php7-shmop-7.0.7-38.1 php7-shmop-debuginfo-7.0.7-38.1 php7-snmp-7.0.7-38.1 php7-snmp-debuginfo-7.0.7-38.1 php7-soap-7.0.7-38.1 php7-soap-debuginfo-7.0.7-38.1 php7-sockets-7.0.7-38.1 php7-sockets-debuginfo-7.0.7-38.1 php7-sqlite-7.0.7-38.1 php7-sqlite-debuginfo-7.0.7-38.1 php7-sysvmsg-7.0.7-38.1 php7-sysvmsg-debuginfo-7.0.7-38.1 php7-sysvsem-7.0.7-38.1 php7-sysvsem-debuginfo-7.0.7-38.1 php7-sysvshm-7.0.7-38.1 php7-sysvshm-debuginfo-7.0.7-38.1 php7-tokenizer-7.0.7-38.1 php7-tokenizer-debuginfo-7.0.7-38.1 php7-wddx-7.0.7-38.1 php7-wddx-debuginfo-7.0.7-38.1 php7-xmlreader-7.0.7-38.1 php7-xmlreader-debuginfo-7.0.7-38.1 php7-xmlrpc-7.0.7-38.1 php7-xmlrpc-debuginfo-7.0.7-38.1 php7-xmlwriter-7.0.7-38.1 php7-xmlwriter-debuginfo-7.0.7-38.1 php7-xsl-7.0.7-38.1 php7-xsl-debuginfo-7.0.7-38.1 php7-zip-7.0.7-38.1 php7-zip-debuginfo-7.0.7-38.1 php7-zlib-7.0.7-38.1 php7-zlib-debuginfo-7.0.7-38.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php7-pear-7.0.7-38.1 php7-pear-Archive_Tar-7.0.7-38.1 References: https://www.suse.com/security/cve/CVE-2015-8994.html https://bugzilla.suse.com/1027210 From sle-updates at lists.suse.com Fri Mar 31 10:14:24 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Mar 2017 18:14:24 +0200 (CEST) Subject: SUSE-SU-2017:0901-1: moderate: Security update for libpng12-0 Message-ID: <20170331161424.7541DFC60@maintenance.suse.de> SUSE Security Update: Security update for libpng12-0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0901-1 Rating: moderate References: #1017646 #958791 Cross-References: CVE-2015-8540 CVE-2016-10087 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for libpng12-0 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng (bsc#958791) - CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-libpng12-0-13045=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-libpng12-0-13045=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-libpng12-0-13045=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.43.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.43.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.43.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.43.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libpng12-0-x86-1.2.31-5.43.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): libpng12-0-debuginfo-1.2.31-5.43.1 libpng12-0-debugsource-1.2.31-5.43.1 References: https://www.suse.com/security/cve/CVE-2015-8540.html https://www.suse.com/security/cve/CVE-2016-10087.html https://bugzilla.suse.com/1017646 https://bugzilla.suse.com/958791 From sle-updates at lists.suse.com Fri Mar 31 16:08:07 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Apr 2017 00:08:07 +0200 (CEST) Subject: SUSE-RU-2017:0904-1: moderate: Recommended update for libvirt Message-ID: <20170331220807.623B1FC60@maintenance.suse.de> SUSE Recommended Update: Recommended update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0904-1 Rating: moderate References: #1013113 #1017762 #1025252 #1029738 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update for libvirt provides the following fixes: - Fail to start network instead of losing routes if IPv6 forwarding is required. (bsc#1025252) - Ensure memory settings are properly aligned. (bsc#1029738) - Fix monitor timeout with large memory VMs. (bsc#1013113) - Fix potential double free in libxlDriverGetDom0MaxmemConf. (bsc#1017762) - Resolve possible resource leak in dom0 maximum memory setting. (bsc#1017762) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-519=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-519=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-519=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-519=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-519=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): libvirt-client-32bit-2.0.0-27.12.1 libvirt-client-debuginfo-32bit-2.0.0-27.12.1 libvirt-debugsource-2.0.0-27.12.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libvirt-debugsource-2.0.0-27.12.1 libvirt-devel-2.0.0-27.12.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libvirt-2.0.0-27.12.1 libvirt-client-2.0.0-27.12.1 libvirt-client-debuginfo-2.0.0-27.12.1 libvirt-daemon-2.0.0-27.12.1 libvirt-daemon-config-network-2.0.0-27.12.1 libvirt-daemon-config-nwfilter-2.0.0-27.12.1 libvirt-daemon-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-interface-2.0.0-27.12.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-lxc-2.0.0-27.12.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-network-2.0.0-27.12.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-qemu-2.0.0-27.12.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-secret-2.0.0-27.12.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-storage-2.0.0-27.12.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.12.1 libvirt-daemon-lxc-2.0.0-27.12.1 libvirt-daemon-qemu-2.0.0-27.12.1 libvirt-debugsource-2.0.0-27.12.1 libvirt-doc-2.0.0-27.12.1 libvirt-lock-sanlock-2.0.0-27.12.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.12.1 libvirt-nss-2.0.0-27.12.1 libvirt-nss-debuginfo-2.0.0-27.12.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libvirt-2.0.0-27.12.1 libvirt-client-2.0.0-27.12.1 libvirt-client-debuginfo-2.0.0-27.12.1 libvirt-daemon-2.0.0-27.12.1 libvirt-daemon-config-network-2.0.0-27.12.1 libvirt-daemon-config-nwfilter-2.0.0-27.12.1 libvirt-daemon-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-interface-2.0.0-27.12.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-lxc-2.0.0-27.12.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-network-2.0.0-27.12.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-qemu-2.0.0-27.12.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-secret-2.0.0-27.12.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-storage-2.0.0-27.12.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.12.1 libvirt-daemon-lxc-2.0.0-27.12.1 libvirt-daemon-qemu-2.0.0-27.12.1 libvirt-debugsource-2.0.0-27.12.1 libvirt-doc-2.0.0-27.12.1 libvirt-lock-sanlock-2.0.0-27.12.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.12.1 libvirt-nss-2.0.0-27.12.1 libvirt-nss-debuginfo-2.0.0-27.12.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libvirt-daemon-driver-libxl-2.0.0-27.12.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.12.1 libvirt-daemon-xen-2.0.0-27.12.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libvirt-2.0.0-27.12.1 libvirt-client-2.0.0-27.12.1 libvirt-client-32bit-2.0.0-27.12.1 libvirt-client-debuginfo-2.0.0-27.12.1 libvirt-client-debuginfo-32bit-2.0.0-27.12.1 libvirt-daemon-2.0.0-27.12.1 libvirt-daemon-config-network-2.0.0-27.12.1 libvirt-daemon-config-nwfilter-2.0.0-27.12.1 libvirt-daemon-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-interface-2.0.0-27.12.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-libxl-2.0.0-27.12.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-lxc-2.0.0-27.12.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-network-2.0.0-27.12.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-2.0.0-27.12.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-2.0.0-27.12.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-qemu-2.0.0-27.12.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-secret-2.0.0-27.12.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.12.1 libvirt-daemon-driver-storage-2.0.0-27.12.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.12.1 libvirt-daemon-lxc-2.0.0-27.12.1 libvirt-daemon-qemu-2.0.0-27.12.1 libvirt-daemon-xen-2.0.0-27.12.1 libvirt-debugsource-2.0.0-27.12.1 libvirt-doc-2.0.0-27.12.1 References: https://bugzilla.suse.com/1013113 https://bugzilla.suse.com/1017762 https://bugzilla.suse.com/1025252 https://bugzilla.suse.com/1029738 From sle-updates at lists.suse.com Fri Mar 31 16:09:13 2017 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Apr 2017 00:09:13 +0200 (CEST) Subject: SUSE-RU-2017:0905-1: Recommended update for empathy Message-ID: <20170331220913.56D3AFC60@maintenance.suse.de> SUSE Recommended Update: Recommended update for empathy ______________________________________________________________________________ Announcement ID: SUSE-RU-2017:0905-1 Rating: low References: #999832 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for empathy provides the following fix: - Fix of the frequently used shortcut keys from upstream (bsc#999832) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-518=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-518=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): empathy-3.12.12-7.3 empathy-debuginfo-3.12.12-7.3 empathy-debugsource-3.12.12-7.3 telepathy-mission-control-plugin-goa-3.12.12-7.3 telepathy-mission-control-plugin-goa-debuginfo-3.12.12-7.3 - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch): empathy-lang-3.12.12-7.3 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): empathy-lang-3.12.12-7.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): empathy-3.12.12-7.3 empathy-debuginfo-3.12.12-7.3 empathy-debugsource-3.12.12-7.3 telepathy-mission-control-plugin-goa-3.12.12-7.3 telepathy-mission-control-plugin-goa-debuginfo-3.12.12-7.3 References: https://bugzilla.suse.com/999832