February 2013 - openSUSE Security Announce

[security-announce] openSUSE-SU-2013:0359-1: critical: flash-player to 11.2.202.273
by opensuse-security＠opensuse.org 28 Feb '13

28 Feb '13

openSUSE Security Update: flash-player to 11.2.202.273 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0359-1 Rating: critical References: #806415 Cross-References: CVE-2013-0504 CVE-2013-0643 CVE-2013-0648 Affected Products: openSUSE 12.1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: Flash Player was updated to 11.2.202.273 to fix critical security issues: (bnc#806415) * APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.1: zypper in -t patch openSUSE-2013-162 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.1 (i586 x86_64): flash-player-11.2.202.273-54.1 flash-player-gnome-11.2.202.273-54.1 flash-player-kde4-11.2.202.273-54.1 References: http://support.novell.com/security/cve/CVE-2013-0504.html http://support.novell.com/security/cve/CVE-2013-0643.html http://support.novell.com/security/cve/CVE-2013-0648.html https://bugzilla.novell.com/806415 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0349-1: important: Security update for acroread
by opensuse-security＠opensuse.org 26 Feb '13

26 Feb '13

SUSE Security Update: Security update for acroread ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0349-1 Rating: important References: #803939 Cross-References: CVE-2013-0640 CVE-2013-0641 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes two new package versions. Description: Acrobat Reader has been updated to 9.5.4 which fixes two critical security issues where attackers supplying PDFs could have caused code execution with acrobat. (CVE-2013-0640, CVE-2013-0641) More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-07.h tml <https://www.adobe.com/support/security/bulletins/apsb13-07. html> Security Issue references: * CVE-2013-0640 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0640 > * CVE-2013-0641 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0641 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-acroread-7397 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (noarch): acroread-cmaps-9.4.6-0.4.3.1 acroread-fonts-ja-9.4.6-0.4.3.1 acroread-fonts-ko-9.4.6-0.4.3.1 acroread-fonts-zh_CN-9.4.6-0.4.3.1 acroread-fonts-zh_TW-9.4.6-0.4.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 9.5.4]: acroread-9.5.4-0.3.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 9.4.6]: acroread-cmaps-9.4.6-0.6.60 acroread-fonts-ja-9.4.6-0.6.60 acroread-fonts-ko-9.4.6-0.6.60 acroread-fonts-zh_CN-9.4.6-0.6.60 acroread-fonts-zh_TW-9.4.6-0.6.60 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 9.5.4]: acroread-9.5.4-0.6.1 References: http://support.novell.com/security/cve/CVE-2013-0640.html http://support.novell.com/security/cve/CVE-2013-0641.html https://bugzilla.novell.com/803939 http://download.novell.com/patch/finder/?keywords=17a0fef06860e9576e12a10f4… http://download.novell.com/patch/finder/?keywords=8900cb8f67a730308586567ea… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2013:0342-1: critical: acroread to 9.5.4
by opensuse-security＠opensuse.org 25 Feb '13

25 Feb '13

openSUSE Security Update: acroread to 9.5.4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0342-1 Rating: critical References: #803939 Cross-References: CVE-2013-0640 CVE-2013-0641 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: acroread was updated to 9.5.4 to fix remote code execution problems. (CVE-2013-0640, CVE-2013-0641) More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.ht ml Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch 2013-31 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586): acroread-9.5.4-14.1 acroread-browser-plugin-9.5.4-14.1 References: http://support.novell.com/security/cve/CVE-2013-0640.html http://support.novell.com/security/cve/CVE-2013-0641.html https://bugzilla.novell.com/803939 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0341-1: important: Security update for Linux kernel
by opensuse-security＠opensuse.org 25 Feb '13

25 Feb '13

SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0341-1 Rating: important References: #779577 #803056 #804154 Cross-References: CVE-2013-0871 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP2 kernel has been updated to fix two issues: One severe security issue: * CVE-2013-0871: A race condition in ptrace(2) could be used by local attackers to crash the kernel and/or execute code in kernel context. One severe regression issue: * A regression in UNIX domain socket credential passing. The default disabling of passing credentials caused regression in some software packages that did not expect this. One major software package affected by this was the Open Enterprise Server stack. Security Issue reference: * CVE-2013-0871 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871 > Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-7370 slessp2-kernel-7374 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-7370 slessp2-kernel-7371 slessp2-kernel-7372 slessp2-kernel-7373 slessp2-kernel-7374 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-7370 sleshasp2-kernel-7371 sleshasp2-kernel-7372 sleshasp2-kernel-7373 sleshasp2-kernel-7374 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-7370 sledsp2-kernel-7374 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.58]: kernel-default-3.0.58-0.6.6.1 kernel-default-base-3.0.58-0.6.6.1 kernel-default-devel-3.0.58-0.6.6.1 kernel-source-3.0.58-0.6.6.1 kernel-syms-3.0.58-0.6.6.1 kernel-trace-3.0.58-0.6.6.1 kernel-trace-base-3.0.58-0.6.6.1 kernel-trace-devel-3.0.58-0.6.6.1 kernel-xen-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): xen-kmp-trace-4.1.3_06_3.0.58_0.6.6-0.7.22 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.58]: kernel-pae-3.0.58-0.6.6.1 kernel-pae-base-3.0.58-0.6.6.1 kernel-pae-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.58]: kernel-default-3.0.58-0.6.6.1 kernel-default-base-3.0.58-0.6.6.1 kernel-default-devel-3.0.58-0.6.6.1 kernel-source-3.0.58-0.6.6.1 kernel-syms-3.0.58-0.6.6.1 kernel-trace-3.0.58-0.6.6.1 kernel-trace-base-3.0.58-0.6.6.1 kernel-trace-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.58]: kernel-ec2-3.0.58-0.6.6.1 kernel-ec2-base-3.0.58-0.6.6.1 kernel-ec2-devel-3.0.58-0.6.6.1 kernel-xen-3.0.58-0.6.6.1 kernel-xen-base-3.0.58-0.6.6.1 kernel-xen-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): xen-kmp-default-4.1.3_06_3.0.58_0.6.6-0.7.22 xen-kmp-trace-4.1.3_06_3.0.58_0.6.6-0.7.22 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.58]: kernel-default-man-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.58]: kernel-ppc64-3.0.58-0.6.6.1 kernel-ppc64-base-3.0.58-0.6.6.1 kernel-ppc64-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.58]: kernel-pae-3.0.58-0.6.6.1 kernel-pae-base-3.0.58-0.6.6.1 kernel-pae-devel-3.0.58-0.6.6.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.58_0.6.6-2.18.22 cluster-network-kmp-trace-1.4_3.0.58_0.6.6-2.18.22 gfs2-kmp-default-2_3.0.58_0.6.6-0.7.56 gfs2-kmp-trace-2_3.0.58_0.6.6-0.7.56 ocfs2-kmp-default-1.6_3.0.58_0.6.6-0.11.21 ocfs2-kmp-trace-1.6_3.0.58_0.6.6-0.11.21 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.58_0.6.6-2.18.22 gfs2-kmp-xen-2_3.0.58_0.6.6-0.7.56 ocfs2-kmp-xen-1.6_3.0.58_0.6.6-0.11.21 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.58_0.6.6-2.18.22 gfs2-kmp-ppc64-2_3.0.58_0.6.6-0.7.56 ocfs2-kmp-ppc64-1.6_3.0.58_0.6.6-0.11.21 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.58_0.6.6-2.18.22 gfs2-kmp-pae-2_3.0.58_0.6.6-0.7.56 ocfs2-kmp-pae-1.6_3.0.58_0.6.6-0.11.21 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.58]: kernel-default-3.0.58-0.6.6.1 kernel-default-base-3.0.58-0.6.6.1 kernel-default-devel-3.0.58-0.6.6.1 kernel-default-extra-3.0.58-0.6.6.1 kernel-source-3.0.58-0.6.6.1 kernel-syms-3.0.58-0.6.6.1 kernel-trace-3.0.58-0.6.6.1 kernel-trace-base-3.0.58-0.6.6.1 kernel-trace-devel-3.0.58-0.6.6.1 kernel-trace-extra-3.0.58-0.6.6.1 kernel-xen-3.0.58-0.6.6.1 kernel-xen-base-3.0.58-0.6.6.1 kernel-xen-devel-3.0.58-0.6.6.1 kernel-xen-extra-3.0.58-0.6.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): xen-kmp-default-4.1.3_06_3.0.58_0.6.6-0.7.22 xen-kmp-trace-4.1.3_06_3.0.58_0.6.6-0.7.22 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.58]: kernel-pae-3.0.58-0.6.6.1 kernel-pae-base-3.0.58-0.6.6.1 kernel-pae-devel-3.0.58-0.6.6.1 kernel-pae-extra-3.0.58-0.6.6.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.58_0.6.6-0.14.37 ext4-writeable-kmp-trace-0_3.0.58_0.6.6-0.14.37 kernel-default-extra-3.0.58-0.6.6.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.58_0.6.6-0.14.37 kernel-xen-extra-3.0.58-0.6.6.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.58_0.6.6-0.14.37 kernel-ppc64-extra-3.0.58-0.6.6.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.58_0.6.6-0.14.37 kernel-pae-extra-3.0.58-0.6.6.1 References: http://support.novell.com/security/cve/CVE-2013-0871.html https://bugzilla.novell.com/779577 https://bugzilla.novell.com/803056 https://bugzilla.novell.com/804154 http://download.novell.com/patch/finder/?keywords=10037186d0231f1a32ce51a56… http://download.novell.com/patch/finder/?keywords=49bc84a534c4dc27924ba16b7… http://download.novell.com/patch/finder/?keywords=79a6a6374f12b65c28a80b9c0… http://download.novell.com/patch/finder/?keywords=8ef06ed5ef2eb5e3a97dc48a7… http://download.novell.com/patch/finder/?keywords=97d109043a69111836aa0f3a9… http://download.novell.com/patch/finder/?keywords=b76bb20a0aae353c64f4c71f7… http://download.novell.com/patch/finder/?keywords=c0204c021417aeea941406c9d… http://download.novell.com/patch/finder/?keywords=cc29ce8b00fa8115f7ca7a138… http://download.novell.com/patch/finder/?keywords=d4af3accfd03bb3e5b258483f… http://download.novell.com/patch/finder/?keywords=e4b8bfc420a27b3e521d1a76a… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2013:0335-1: critical: acroread to 9.5.4
by opensuse-security＠opensuse.org 25 Feb '13

25 Feb '13

openSUSE Security Update: acroread to 9.5.4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0335-1 Rating: critical References: #803939 Cross-References: CVE-2013-0640 CVE-2013-0641 Affected Products: openSUSE 12.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: acroread was updated to 9.5.4 to fix remote code execution problems. (CVE-2013-0640, CVE-2013-0641) More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.ht ml Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.1: zypper in -t patch openSUSE-2013-151 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.1 (noarch): acroread-cmaps-9.4.1-3.17.1 acroread-fonts-ja-9.4.1-3.17.1 acroread-fonts-ko-9.4.1-3.17.1 acroread-fonts-zh_CN-9.4.1-3.17.1 acroread-fonts-zh_TW-9.4.1-3.17.1 - openSUSE 12.1 (i586): acroread-9.5.4-3.17.1 acroread-browser-plugin-9.5.4-3.17.1 References: http://support.novell.com/security/cve/CVE-2013-0640.html http://support.novell.com/security/cve/CVE-2013-0641.html https://bugzilla.novell.com/803939 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0328-1: important: Security update for Java
by opensuse-security＠opensuse.org 22 Feb '13

22 Feb '13

SUSE Security Update: Security update for Java ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0328-1 Rating: important References: #804654 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654) which contains security and bugfixes: * Security fixes o S8006446: Restrict MBeanServer access (CVE-2013-1486) o S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) o S8007688: Blacklist known bad certificate (issued by DigiCert) * Backports o S8007393: Possible race condition after JDK-6664509 o S8007611: logging behavior in applet changed * Bug fixes o PR1319: Support GIF lib v5. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-java-1_6_0-openjdk-7385 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-0.2.1 java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-0.2.1 java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-0.2.1 References: https://bugzilla.novell.com/804654 http://download.novell.com/patch/finder/?keywords=f8727e2d72c81a958750085c7… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0326-1: important: Security update for Samba
by opensuse-security＠opensuse.org 22 Feb '13

22 Feb '13

SUSE Security Update: Security update for Samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0326-1 Rating: important References: #783384 #786677 #791183 #792340 #799641 #800982 Cross-References: CVE-2013-0213 CVE-2013-0214 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 was affected by a cross-site request forgery (CVE-2013-0214) and a click-jacking attack (CVE-2013-0213). This has been fixed. Security Issue references: * CVE-2013-0213 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213 > * CVE-2013-0214 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214 > Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-cifs-mount-7292 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-cifs-mount-7292 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-cifs-mount-7292 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-cifs-mount-7292 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-0.30.1 libnetapi-devel-3.6.3-0.30.1 libnetapi0-3.6.3-0.30.1 libsmbclient-devel-3.6.3-0.30.1 libsmbsharemodes-devel-3.6.3-0.30.1 libsmbsharemodes0-3.6.3-0.30.1 libtalloc-devel-3.6.3-0.30.1 libtdb-devel-3.6.3-0.30.1 libtevent-devel-3.6.3-0.30.1 libwbclient-devel-3.6.3-0.30.1 samba-devel-3.6.3-0.30.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ldapsmb-1.34b-12.30.1 libldb1-3.6.3-0.30.1 libsmbclient0-3.6.3-0.30.1 libtalloc1-3.4.3-1.42.11 libtalloc2-3.6.3-0.30.1 libtdb1-3.6.3-0.30.1 libtevent0-3.6.3-0.30.1 libwbclient0-3.6.3-0.30.1 samba-3.6.3-0.30.1 samba-client-3.6.3-0.30.1 samba-krb-printing-3.6.3-0.30.1 samba-winbind-3.6.3-0.30.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libsmbclient0-32bit-3.6.3-0.30.1 libtalloc1-32bit-3.4.3-1.42.11 libtalloc2-32bit-3.6.3-0.30.1 libtdb1-32bit-3.6.3-0.30.1 libwbclient0-32bit-3.6.3-0.30.1 samba-32bit-3.6.3-0.30.1 samba-client-32bit-3.6.3-0.30.1 samba-winbind-32bit-3.6.3-0.30.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-12.30.1 libldb1-3.6.3-0.30.1 libsmbclient0-3.6.3-0.30.1 libtalloc1-3.4.3-1.42.11 libtalloc2-3.6.3-0.30.1 libtdb1-3.6.3-0.30.1 libtevent0-3.6.3-0.30.1 libwbclient0-3.6.3-0.30.1 samba-3.6.3-0.30.1 samba-client-3.6.3-0.30.1 samba-krb-printing-3.6.3-0.30.1 samba-winbind-3.6.3-0.30.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-0.30.1 libtalloc1-32bit-3.4.3-1.42.11 libtalloc2-32bit-3.6.3-0.30.1 libtdb1-32bit-3.6.3-0.30.1 libwbclient0-32bit-3.6.3-0.30.1 samba-32bit-3.6.3-0.30.1 samba-client-32bit-3.6.3-0.30.1 samba-winbind-32bit-3.6.3-0.30.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libsmbclient0-x86-3.6.3-0.30.1 libtalloc1-x86-3.4.3-1.42.11 libtalloc2-x86-3.6.3-0.30.1 libtdb1-x86-3.6.3-0.30.1 libwbclient0-x86-3.6.3-0.30.1 samba-client-x86-3.6.3-0.30.1 samba-winbind-x86-3.6.3-0.30.1 samba-x86-3.6.3-0.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libldb1-3.6.3-0.30.1 libsmbclient0-3.6.3-0.30.1 libtalloc1-3.4.3-1.42.11 libtalloc2-3.6.3-0.30.1 libtdb1-3.6.3-0.30.1 libtevent0-3.6.3-0.30.1 libwbclient0-3.6.3-0.30.1 samba-3.6.3-0.30.1 samba-client-3.6.3-0.30.1 samba-krb-printing-3.6.3-0.30.1 samba-winbind-3.6.3-0.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libldb1-32bit-3.6.3-0.30.1 libsmbclient0-32bit-3.6.3-0.30.1 libtalloc1-32bit-3.4.3-1.42.11 libtalloc2-32bit-3.6.3-0.30.1 libtdb1-32bit-3.6.3-0.30.1 libtevent0-32bit-3.6.3-0.30.1 libwbclient0-32bit-3.6.3-0.30.1 samba-32bit-3.6.3-0.30.1 samba-client-32bit-3.6.3-0.30.1 samba-winbind-32bit-3.6.3-0.30.1 References: http://support.novell.com/security/cve/CVE-2013-0213.html http://support.novell.com/security/cve/CVE-2013-0214.html https://bugzilla.novell.com/783384 https://bugzilla.novell.com/786677 https://bugzilla.novell.com/791183 https://bugzilla.novell.com/792340 https://bugzilla.novell.com/799641 https://bugzilla.novell.com/800982 http://download.novell.com/patch/finder/?keywords=cdf3a69eb9b0ec60da7dfbb42… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0325-1: important: Security update for Samba
by opensuse-security＠opensuse.org 22 Feb '13

22 Feb '13

SUSE Security Update: Security update for Samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0325-1 Rating: important References: #754443 #764577 #783384 #799641 #800982 Cross-References: CVE-2013-0213 CVE-2013-0214 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 was affected by a cross-site request forgery (CVE-2013-0214) and a click-jacking attack (CVE-2013-0213). This has been fixed. Additionally a bug in mount.cifs has been fixed which could have lead to file disclosure (CVE-2012-1586). Also a uninitialized memory read bug in talloc_free() has been fixed. (bnc#764577). Security Issue references: * CVE-2013-0213 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213 > * CVE-2013-0214 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214 > Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): cifs-mount-3.0.36-0.13.24.1 ldapsmb-1.34b-25.13.24.1 libmsrpc-3.0.36-0.13.24.1 libmsrpc-devel-3.0.36-0.13.24.1 libsmbclient-3.0.36-0.13.24.1 libsmbclient-devel-3.0.36-0.13.24.1 samba-3.0.36-0.13.24.1 samba-client-3.0.36-0.13.24.1 samba-krb-printing-3.0.36-0.13.24.1 samba-python-3.0.36-0.13.24.1 samba-vscan-0.3.6b-43.13.24.1 samba-winbind-3.0.36-0.13.24.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libsmbclient-32bit-3.0.36-0.13.24.1 samba-32bit-3.0.36-0.13.24.1 samba-client-32bit-3.0.36-0.13.24.1 samba-winbind-32bit-3.0.36-0.13.24.1 - SUSE Linux Enterprise Server 10 SP4 (noarch): samba-doc-3.0.36-0.12.24.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): libsmbclient-x86-3.0.36-0.13.24.1 samba-client-x86-3.0.36-0.13.24.1 samba-winbind-x86-3.0.36-0.13.24.1 samba-x86-3.0.36-0.13.24.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): libsmbclient-64bit-3.0.36-0.13.24.1 samba-64bit-3.0.36-0.13.24.1 samba-client-64bit-3.0.36-0.13.24.1 samba-winbind-64bit-3.0.36-0.13.24.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): cifs-mount-3.0.36-0.13.24.1 ldapsmb-1.34b-25.13.24.1 libsmbclient-3.0.36-0.13.24.1 libsmbclient-devel-3.0.36-0.13.24.1 samba-3.0.36-0.13.24.1 samba-client-3.0.36-0.13.24.1 samba-krb-printing-3.0.36-0.13.24.1 samba-vscan-0.3.6b-43.13.24.1 samba-winbind-3.0.36-0.13.24.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libsmbclient-32bit-3.0.36-0.13.24.1 samba-32bit-3.0.36-0.13.24.1 samba-client-32bit-3.0.36-0.13.24.1 samba-winbind-32bit-3.0.36-0.13.24.1 - SUSE Linux Enterprise Desktop 10 SP4 (noarch): samba-doc-3.0.36-0.12.24.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): libmsrpc-3.0.36-0.13.24.1 libmsrpc-devel-3.0.36-0.13.24.1 libsmbclient-devel-3.0.36-0.13.24.1 libsmbsharemodes-3.0.36-0.13.24.1 libsmbsharemodes-devel-3.0.36-0.13.24.1 samba-python-3.0.36-0.13.24.1 References: http://support.novell.com/security/cve/CVE-2013-0213.html http://support.novell.com/security/cve/CVE-2013-0214.html https://bugzilla.novell.com/754443 https://bugzilla.novell.com/764577 https://bugzilla.novell.com/783384 https://bugzilla.novell.com/799641 https://bugzilla.novell.com/800982 http://download.novell.com/patch/finder/?keywords=1d50d01aa74b22f0c8645692c… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2013:0323-1: important: Mozilla: February 2013 update round (Firefox 19)
by opensuse-security＠opensuse.org 22 Feb '13

22 Feb '13

openSUSE Security Update: Mozilla: February 2013 update round (Firefox 19) ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0323-1 Rating: important References: #796895 #804248 Cross-References: CVE-2013-0765 CVE-2013-0772 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 Affected Products: openSUSE 12.2 openSUSE 12.1 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0. Changes in MozillaFirefox 19.0: * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - added patch to fix session restore window order (bmo#712763) - update to Firefox 18.0.2 * blocklist and CTP updates * fixes in JS engine - update to Firefox 18.0.1 * blocklist updates * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - Fix WebRTC to build on powerpc Changes in MozillaThunderbird: - update to Thunderbird 17.0.3 (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - update Enigmail to 1.5.1 * The release fixes the regressions found in the past few weeks Changes in seamonkey: - update to SeaMonkey 2.16 (bnc#804248) * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - update to SeaMonkey 2.15.2 * Applications could not be removed from the "Application details" dialog under Preferences, Helper Applications (bmo#826771). * View / Message Body As could show menu items out of context (bmo#831348) - update to SeaMonkey 2.15.1 * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468) Changes in xulrunner: - update to 17.0.3esr (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.2: zypper in -t patch openSUSE-2013-141 - openSUSE 12.1: zypper in -t patch openSUSE-2013-141 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.2 (i586 x86_64): MozillaFirefox-19.0-2.33.1 MozillaFirefox-branding-upstream-19.0-2.33.1 MozillaFirefox-buildsymbols-19.0-2.33.1 MozillaFirefox-debuginfo-19.0-2.33.1 MozillaFirefox-debugsource-19.0-2.33.1 MozillaFirefox-devel-19.0-2.33.1 MozillaFirefox-translations-common-19.0-2.33.1 MozillaFirefox-translations-other-19.0-2.33.1 MozillaThunderbird-17.0.3-49.31.1 MozillaThunderbird-buildsymbols-17.0.3-49.31.1 MozillaThunderbird-debuginfo-17.0.3-49.31.1 MozillaThunderbird-debugsource-17.0.3-49.31.1 MozillaThunderbird-devel-17.0.3-49.31.1 MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1 MozillaThunderbird-translations-common-17.0.3-49.31.1 MozillaThunderbird-translations-other-17.0.3-49.31.1 chmsee-2.0-2.14.3 chmsee-debuginfo-2.0-2.14.3 chmsee-debugsource-2.0-2.14.3 enigmail-1.5.1+17.0.3-49.31.1 enigmail-debuginfo-1.5.1+17.0.3-49.31.1 mozilla-js-17.0.3-2.30.1 mozilla-js-debuginfo-17.0.3-2.30.1 seamonkey-2.16-2.34.2 seamonkey-debuginfo-2.16-2.34.2 seamonkey-debugsource-2.16-2.34.2 seamonkey-dom-inspector-2.16-2.34.2 seamonkey-irc-2.16-2.34.2 seamonkey-translations-common-2.16-2.34.2 seamonkey-translations-other-2.16-2.34.2 seamonkey-venkman-2.16-2.34.2 xulrunner-17.0.3-2.30.1 xulrunner-buildsymbols-17.0.3-2.30.1 xulrunner-debuginfo-17.0.3-2.30.1 xulrunner-debugsource-17.0.3-2.30.1 xulrunner-devel-17.0.3-2.30.1 xulrunner-devel-debuginfo-17.0.3-2.30.1 - openSUSE 12.2 (x86_64): mozilla-js-32bit-17.0.3-2.30.1 mozilla-js-debuginfo-32bit-17.0.3-2.30.1 xulrunner-32bit-17.0.3-2.30.1 xulrunner-debuginfo-32bit-17.0.3-2.30.1 - openSUSE 12.1 (i586 x86_64): MozillaFirefox-19.0-2.62.1 MozillaFirefox-branding-upstream-19.0-2.62.1 MozillaFirefox-buildsymbols-19.0-2.62.1 MozillaFirefox-debuginfo-19.0-2.62.1 MozillaFirefox-debugsource-19.0-2.62.1 MozillaFirefox-devel-19.0-2.62.1 MozillaFirefox-translations-common-19.0-2.62.1 MozillaFirefox-translations-other-19.0-2.62.1 MozillaThunderbird-17.0.3-33.51.1 MozillaThunderbird-buildsymbols-17.0.3-33.51.1 MozillaThunderbird-debuginfo-17.0.3-33.51.1 MozillaThunderbird-debugsource-17.0.3-33.51.1 MozillaThunderbird-devel-17.0.3-33.51.1 MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1 MozillaThunderbird-translations-common-17.0.3-33.51.1 MozillaThunderbird-translations-other-17.0.3-33.51.1 chmsee-2.0-2.32.3 chmsee-debuginfo-2.0-2.32.3 chmsee-debugsource-2.0-2.32.3 enigmail-1.5.1+17.0.3-33.51.1 enigmail-debuginfo-1.5.1+17.0.3-33.51.1 mozilla-js-17.0.3-2.57.1 mozilla-js-debuginfo-17.0.3-2.57.1 seamonkey-2.16-2.53.1 seamonkey-debuginfo-2.16-2.53.1 seamonkey-debugsource-2.16-2.53.1 seamonkey-dom-inspector-2.16-2.53.1 seamonkey-irc-2.16-2.53.1 seamonkey-translations-common-2.16-2.53.1 seamonkey-translations-other-2.16-2.53.1 seamonkey-venkman-2.16-2.53.1 xulrunner-17.0.3-2.57.1 xulrunner-buildsymbols-17.0.3-2.57.1 xulrunner-debuginfo-17.0.3-2.57.1 xulrunner-debugsource-17.0.3-2.57.1 xulrunner-devel-17.0.3-2.57.1 xulrunner-devel-debuginfo-17.0.3-2.57.1 - openSUSE 12.1 (x86_64): mozilla-js-32bit-17.0.3-2.57.1 mozilla-js-debuginfo-32bit-17.0.3-2.57.1 xulrunner-32bit-17.0.3-2.57.1 xulrunner-debuginfo-32bit-17.0.3-2.57.1 - openSUSE 12.1 (ia64): mozilla-js-debuginfo-x86-17.0.3-2.57.1 mozilla-js-x86-17.0.3-2.57.1 xulrunner-debuginfo-x86-17.0.3-2.57.1 xulrunner-x86-17.0.3-2.57.1 References: http://support.novell.com/security/cve/CVE-2013-0765.html http://support.novell.com/security/cve/CVE-2013-0772.html http://support.novell.com/security/cve/CVE-2013-0773.html http://support.novell.com/security/cve/CVE-2013-0774.html http://support.novell.com/security/cve/CVE-2013-0775.html http://support.novell.com/security/cve/CVE-2013-0776.html http://support.novell.com/security/cve/CVE-2013-0777.html http://support.novell.com/security/cve/CVE-2013-0778.html http://support.novell.com/security/cve/CVE-2013-0779.html http://support.novell.com/security/cve/CVE-2013-0780.html http://support.novell.com/security/cve/CVE-2013-0781.html http://support.novell.com/security/cve/CVE-2013-0782.html http://support.novell.com/security/cve/CVE-2013-0783.html https://bugzilla.novell.com/796895 https://bugzilla.novell.com/804248 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2013:0320-1: important: Security update for libvirt
by opensuse-security＠opensuse.org 21 Feb '13

21 Feb '13

SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0320-1 Rating: important References: #782311 #800976 Cross-References: CVE-2013-0170 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: libvirt was updated to fix the following security issue: * A flaw was found in the way message freeing on connection cleanup was handled under certain error conditions. A remote user able to issue commands to libvirt daemon could use this flaw to crash libvirtd or, potentially, escalate their privilages to that of libvirtd process. (CVE-2013-0170) Also following bug has been fixed: * Add managedSave functions to legacy xen driver bnc#782311 Security Issue reference: * CVE-2013-0170 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0170 > Indications: Everyone should install this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libvirt-7310 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libvirt-7310 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libvirt-7310 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libvirt-devel-0.9.6-0.25.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-32bit-0.9.6-0.25.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libvirt-0.9.6-0.25.1 libvirt-client-0.9.6-0.25.1 libvirt-doc-0.9.6-0.25.1 libvirt-python-0.9.6-0.25.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libvirt-client-32bit-0.9.6-0.25.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libvirt-0.9.6-0.25.1 libvirt-client-0.9.6-0.25.1 libvirt-doc-0.9.6-0.25.1 libvirt-python-0.9.6-0.25.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libvirt-client-32bit-0.9.6-0.25.1 References: http://support.novell.com/security/cve/CVE-2013-0170.html https://bugzilla.novell.com/782311 https://bugzilla.novell.com/800976 http://download.novell.com/patch/finder/?keywords=f032a56a63abda0090da8ca02… -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0