openSUSE Security Update: Security update for gnugk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1856-1 Rating: moderate References: #777486 Cross-References: CVE-2012-3534 Affected Products: openSUSE Leap 42.1 openSUSE 13.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: gnugk was updated fix security issues and bugs. The following issues were fixed: - CVE-2012-3534: denial of service via lots of connections (boo#777486) The new version 4.2 of gnuk also fixes a number of bugs and contains other improvements and fixes. The new library h323plus was added to the distribution as a dependency. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-897=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-897=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): gnugk-4.2-3.1 gnugk-debuginfo-4.2-3.1 gnugk-debugsource-4.2-3.1 h323plus-debugsource-1.26.5-2.1 h323plus-devel-1.26.5-2.1 libh323-1_26_5-1.26.5-2.1 libh323-1_26_5-debuginfo-1.26.5-2.1 - openSUSE 13.2 (i586 x86_64): gnugk-4.2-139.3.1 gnugk-debuginfo-4.2-139.3.1 gnugk-debugsource-4.2-139.3.1 h323plus-debugsource-1.26.5-2.1 h323plus-devel-1.26.5-2.1 libh323-1_26_5-1.26.5-2.1 libh323-1_26_5-debuginfo-1.26.5-2.1 References: https://www.suse.com/security/cve/CVE-2012-3534.html https://bugzilla.suse.com/777486