August 2010 - openSUSE Updates - openSUSE Mailing Lists

openSUSE-SU-2010:0553-1 (moderate): java-1_6_0-openjdk security update
by opensuse-security＠opensuse.org 26 Aug '10

26 Aug '10

openSUSE Security Update: java-1_6_0-openjdk security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0553-1 Rating: moderate References: #623905 Cross-References: CVE-2010-2548 CVE-2010-2783 Affected Products: openSUSE 11.3 openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: icedtea included in java-1_6_0-openjdk was updated to version 1.8.1 which fixes two security issues: CVE-2010-2783: IcedTea 'Extended JNLP Services' arbitrary file access CVE-2010-2548: IcedTea Incomplete property access check for unsigned applications The new version also fixes many non-security bugs. For details please see http://blog.fuseyism.com/index.php/2010/07/28/icedtea6-181-r eleased/ Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch java-1_6_0-openjdk-3003 - openSUSE 11.2: zypper in -t patch java-1_6_0-openjdk-3003 - openSUSE 11.1: zypper in -t patch java-1_6_0-openjdk-3003 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b18-1.1.5 java-1_6_0-openjdk-devel-1.6.0.0_b18-1.1.5 java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.1.5 - openSUSE 11.3 (noarch): java-1_6_0-openjdk-demo-1.6.0.0_b18-1.1.5 java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.1.5 java-1_6_0-openjdk-src-1.6.0.0_b18-1.1.5 - openSUSE 11.2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b18-1.1.3 java-1_6_0-openjdk-devel-1.6.0.0_b18-1.1.3 java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.1.3 - openSUSE 11.2 (noarch): java-1_6_0-openjdk-demo-1.6.0.0_b18-1.1.3 java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.1.3 java-1_6_0-openjdk-src-1.6.0.0_b18-1.1.3 - openSUSE 11.1 (i586 ppc x86_64): java-1_6_0-openjdk-1.6.0.0_b18-1.2.3 java-1_6_0-openjdk-demo-1.6.0.0_b18-1.2.3 java-1_6_0-openjdk-devel-1.6.0.0_b18-1.2.3 java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.2.3 java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.2.3 java-1_6_0-openjdk-src-1.6.0.0_b18-1.2.3 References: http://support.novell.com/security/cve/CVE-2010-2548.html http://support.novell.com/security/cve/CVE-2010-2783.html https://bugzilla.novell.com/623905

1 0

openSUSE-SU-2010:0549-1 (critical): freetype2: security update for various bugs
by opensuse-security＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Security Update: freetype2: security update for various bugs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0549-1 Rating: critical References: #619562 #628213 #629447 Cross-References: CVE-2010-1797 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 Affected Products: openSUSE 11.3 openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges: - CVE-2010-1797: stack-based buffer overflow while processing CFF opcodes - CVE-2010-2497: integer underflow - CVE-2010-2498: invalid free - CVE-2010-2499: buffer overflow - CVE-2010-2500: integer overflow - CVE-2010-2519: heap buffer overflow - CVE-2010-2520: heap buffer overflow - CVE-2010-2527: buffer overflows in the freetype demo - CVE-2010-2541: buffer overflow in ftmulti demo program - CVE-2010-2805: improper bounds checking - CVE-2010-2806: improper bounds checking - CVE-2010-2807: improper type comparisons - CVE-2010-2808: memory corruption flaw by processing certain LWFN fonts Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch libfreetype6-2918 - openSUSE 11.2: zypper in -t patch freetype2-2913 - openSUSE 11.1: zypper in -t patch freetype2-2913 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): libfreetype6-2.3.12-7.1.1 - openSUSE 11.3 (x86_64): libfreetype6-32bit-2.3.12-7.1.1 - openSUSE 11.2 (i586 x86_64): freetype2-2.3.9-2.3.1 freetype2-devel-2.3.9-2.3.1 - openSUSE 11.2 (x86_64): freetype2-32bit-2.3.9-2.3.1 freetype2-devel-32bit-2.3.9-2.3.1 - openSUSE 11.1 (i586 ppc x86_64): freetype2-2.3.7-24.4.1 freetype2-devel-2.3.7-24.4.1 - openSUSE 11.1 (x86_64): freetype2-32bit-2.3.7-24.4.1 freetype2-devel-32bit-2.3.7-24.4.1 - openSUSE 11.1 (ppc): freetype2-64bit-2.3.7-24.4.1 freetype2-devel-64bit-2.3.7-24.4.1 References: http://support.novell.com/security/cve/CVE-2010-1797.html http://support.novell.com/security/cve/CVE-2010-2497.html http://support.novell.com/security/cve/CVE-2010-2498.html http://support.novell.com/security/cve/CVE-2010-2499.html http://support.novell.com/security/cve/CVE-2010-2500.html http://support.novell.com/security/cve/CVE-2010-2519.html http://support.novell.com/security/cve/CVE-2010-2520.html http://support.novell.com/security/cve/CVE-2010-2527.html http://support.novell.com/security/cve/CVE-2010-2541.html http://support.novell.com/security/cve/CVE-2010-2805.html http://support.novell.com/security/cve/CVE-2010-2806.html http://support.novell.com/security/cve/CVE-2010-2807.html http://support.novell.com/security/cve/CVE-2010-2808.html https://bugzilla.novell.com/619562 https://bugzilla.novell.com/628213 https://bugzilla.novell.com/629447

1 0

openSUSE-RU-2010:0548-1 (low): pstoedit: This update fixes an crash of pstoedit when it is called from inkscape.
by maintenance＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Recommended Update: pstoedit: This update fixes an crash of pstoedit when it is called from inkscape. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0548-1 Rating: low References: #622977 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following bug: * pstoedit crashes in dl_close() when closing plugins. This update fixes this problem. (#622977) Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch pstoedit-2952 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 src x86_64): pstoedit-3.50-7.1.1 - openSUSE 11.3 (i586 x86_64): pstoedit-devel-3.50-7.1.1 References: https://bugzilla.novell.com/622977

1 0

openSUSE-SU-2010:0547-1 (moderate): openldap2: fixed MODRDN DoS, replicating inconsistencies and \0 character-DoS
by opensuse-security＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Security Update: openldap2: fixed MODRDN DoS, replicating inconsistencies and \0 character-DoS ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0547-1 Rating: moderate References: #555725 #606294 #612430 Cross-References: CVE-2010-0211 CVE-2010-0212 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The following issues have been fixed in OpenLDAP: specially crafted MODRDN operations can crash the OpenLDAP server (CVE-2010-0211 and CVE-2010-0212). also fixed were following bugs: - adding a "postalAdress" Attribute with an embedded NUL value caused the LDAP server to terminate with an assertion failure (bnc#555725, ITS#6379) - Delete Operations happening during the "Refresh" phase of "refreshAndPersist" replication failed to replicate under certain circumstances (bnc#606294, ITS#6555) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch libldap-2_4-2-2658 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): openldap2-2.4.12-5.6.1 openldap2-client-2.4.12-5.6.1 - openSUSE 11.1 (i586 ppc x86_64): libldap-2_4-2-2.4.12-5.6.1 openldap2-back-meta-2.4.12-5.6.1 openldap2-back-perl-2.4.12-5.6.1 openldap2-devel-2.4.12-5.6.1 - openSUSE 11.1 (x86_64): libldap-2_4-2-32bit-2.4.12-5.6.1 openldap2-devel-32bit-2.4.12-5.6.1 - openSUSE 11.1 (ppc): libldap-2_4-2-64bit-2.4.12-5.6.1 openldap2-devel-64bit-2.4.12-5.6.1 References: http://support.novell.com/security/cve/CVE-2010-0211.html http://support.novell.com/security/cve/CVE-2010-0212.html https://bugzilla.novell.com/555725 https://bugzilla.novell.com/606294 https://bugzilla.novell.com/612430

1 0

openSUSE-SU-2010:0546-1 (moderate): openldap2: fixed MODRDN DoS, replicating inconsistencies and \0 character-DoS
by opensuse-security＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Security Update: openldap2: fixed MODRDN DoS, replicating inconsistencies and \0 character-DoS ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0546-1 Rating: moderate References: #606294 #612430 Cross-References: CVE-2010-0211 CVE-2010-0212 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The following issues have been fixed in OpenLDAP: specially crafted MODRDN operations can crash the OpenLDAP server (CVE-2010-0211 and CVE-2010-0212). also fixed was following bug: - Delete Operations happening during the "Refresh" phase of "refreshAndPersist" replication failed to replicate under certain circumstances (bnc#606294, ITS#6555) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch libldap-2_4-2-2657 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): openldap2-2.4.17-5.4.1 openldap2-client-2.4.17-5.4.1 - openSUSE 11.2 (i586 x86_64): libldap-2_4-2-2.4.17-5.4.1 openldap2-back-meta-2.4.17-5.4.1 openldap2-back-perl-2.4.17-5.4.1 openldap2-devel-2.4.17-5.4.1 - openSUSE 11.2 (x86_64): libldap-2_4-2-32bit-2.4.17-5.4.1 openldap2-devel-32bit-2.4.17-5.4.1 References: http://support.novell.com/security/cve/CVE-2010-0211.html http://support.novell.com/security/cve/CVE-2010-0212.html https://bugzilla.novell.com/606294 https://bugzilla.novell.com/612430

1 0

openSUSE-RU-2010:0545-1 (important): lxdm: Collective update for lxdm
by maintenance＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Recommended Update: lxdm: Collective update for lxdm ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0545-1 Rating: important References: #619769 #629728 #630862 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update fixes the following bugs: * bnc#629728 : lxdm run greeters as root user, this update fix lxdm and add lxdm user/group * bnc#630862 : lxdm can't login when space in password * bnc#619769 : lxdm doesn't switch to tty1 and no splash screen is showed Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch lxdm-2945 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 src x86_64): lxdm-0.2.97_git20100730-0.1.1 References: https://bugzilla.novell.com/619769 https://bugzilla.novell.com/629728 https://bugzilla.novell.com/630862

1 0

openSUSE-SU-2010:0540-1 (important): opera: version 10.61 fixes various vulnerabilities
by opensuse-security＠opensuse.org 25 Aug '10

25 Aug '10

openSUSE Security Update: opera: version 10.61 fixes various vulnerabilities ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0540-1 Rating: important References: #630771 Cross-References: CVE-2010-2576 CVE-2010-3019 CVE-2010-3020 CVE-2010-3021 Affected Products: openSUSE 11.3 openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This update of opera fixes the following vulnerabilities: - CVE-2010-2576: CVSS v2 Base Score: 6.8 (CWE-94): unexpected changes in tab focus could be used to run programs from the Internet, as reported by Jakob Balle and Sven Krewitt of Secunia - CVE-2010-3019: CVSS v2 Base Score: 9.3 (CWE-119): heap buffer overflow in HTML5 canvas could be used to execute arbitrary code, as reported by Kuzzcc - CVE-2010-3020: CVSS v2 Base Score: 5.0 (CWE-264): news feed preview could subscribe to feeds without interaction, as reported by Alexios Fakos - CVE-2010-3021: CVSS v2 Base Score: 4.3 (CWE-399): remote attackers could trigger a remote denial of service (CPU consumption and application hang) via an animated PNG image Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch opera-2991 - openSUSE 11.2: zypper in -t patch opera-2991 - openSUSE 11.1: zypper in -t patch opera-2991 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 10.61]: opera-10.61-0.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 10.61]: opera-10.61-0.1.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 10.61]: opera-10.61-0.1.1 References: http://support.novell.com/security/cve/CVE-2010-2576.html http://support.novell.com/security/cve/CVE-2010-3019.html http://support.novell.com/security/cve/CVE-2010-3020.html http://support.novell.com/security/cve/CVE-2010-3021.html https://bugzilla.novell.com/630771

1 0

openSUSE-RU-2010:0535-1 (moderate): mount.cifs: Does not appear to support the (documented, preferred) credentials option. Fixed by this update.
by maintenance＠opensuse.org 23 Aug '10

23 Aug '10

openSUSE Recommended Update: mount.cifs: Does not appear to support the (documented, preferred) credentials option. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0535-1 Rating: moderate References: #618877 #620856 #621525 #623763 #627243 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. It includes one version update. Description: The following bug is fixed with this update: - #618877: mount.cifs does not appear to support the (documented, preferred) credentials option Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch cifs-utils-2946 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 src x86_64) [New Version: 4.6]: cifs-utils-4.6-1.1.1 References: https://bugzilla.novell.com/618877 https://bugzilla.novell.com/620856 https://bugzilla.novell.com/621525 https://bugzilla.novell.com/623763 https://bugzilla.novell.com/627243

1 0

openSUSE-RU-2010:0534-1 (important): cpio: It crashes on non existing pattern file. Fixed by this update.
by maintenance＠opensuse.org 23 Aug '10

23 Aug '10

openSUSE Recommended Update: cpio: It crashes on non existing pattern file. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0534-1 Rating: important References: #629860 Affected Products: openSUSE 11.3 openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: cpio crashes on non existing pattern file (cpio -i -E no-file) because of improper error checking. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch cpio-2947 - openSUSE 11.2: zypper in -t patch cpio-2947 - openSUSE 11.1: zypper in -t patch cpio-2947 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 src x86_64): cpio-2.11-4.1.1 - openSUSE 11.3 (noarch): cpio-lang-2.11-4.1.1 - openSUSE 11.2 (i586 src x86_64): cpio-2.10-4.3.1 - openSUSE 11.2 (noarch): cpio-lang-2.10-4.3.1 - openSUSE 11.1 (i586 ppc src x86_64): cpio-2.9-75.46.1 - openSUSE 11.1 (i586 ppc x86_64): cpio-lang-2.9-75.46.1 References: https://bugzilla.novell.com/629860

1 0

openSUSE-RU-2010:0533-1 (low): smpppd: allow to control non-dialup interfaces
by maintenance＠opensuse.org 23 Aug '10

23 Aug '10

openSUSE Recommended Update: smpppd: allow to control non-dialup interfaces ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0533-1 Rating: low References: #628138 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: smpppd ignored non-dialup interfaces even if USERCONTROL was set to "yes". This update enables support for such interfaces again. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch smpppd-2940 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 src x86_64) [New Version: 1.60.46]: smpppd-1.60.46-1.1.1 References: https://bugzilla.novell.com/628138

1 0