openSUSE Security Announce October 2017

security-announce@lists.opensuse.org

1 participants
87 discussions

[security-announce] SUSE-SU-2017:2723-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 13 Oct '17

13 Oct '17

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2723-1 Rating: important References: #1059525 Cross-References: CVE-2017-1000253 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following issues: - Stack corruption could have lead to local privilege escalation (bsc#1059525, CVE-2017-1000253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-13312=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-13312=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-13312=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-13312=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-108.13.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-108.13.1 kernel-default-base-3.0.101-108.13.1 kernel-default-devel-3.0.101-108.13.1 kernel-source-3.0.101-108.13.1 kernel-syms-3.0.101-108.13.1 kernel-trace-3.0.101-108.13.1 kernel-trace-base-3.0.101-108.13.1 kernel-trace-devel-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-108.13.1 kernel-ec2-base-3.0.101-108.13.1 kernel-ec2-devel-3.0.101-108.13.1 kernel-xen-3.0.101-108.13.1 kernel-xen-base-3.0.101-108.13.1 kernel-xen-devel-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-108.13.1 kernel-bigmem-base-3.0.101-108.13.1 kernel-bigmem-devel-3.0.101-108.13.1 kernel-ppc64-3.0.101-108.13.1 kernel-ppc64-base-3.0.101-108.13.1 kernel-ppc64-devel-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-108.13.1 kernel-pae-base-3.0.101-108.13.1 kernel-pae-devel-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-108.13.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-108.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-108.13.1 kernel-default-debugsource-3.0.101-108.13.1 kernel-trace-debuginfo-3.0.101-108.13.1 kernel-trace-debugsource-3.0.101-108.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-108.13.1 kernel-trace-devel-debuginfo-3.0.101-108.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-108.13.1 kernel-ec2-debugsource-3.0.101-108.13.1 kernel-xen-debuginfo-3.0.101-108.13.1 kernel-xen-debugsource-3.0.101-108.13.1 kernel-xen-devel-debuginfo-3.0.101-108.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-108.13.1 kernel-bigmem-debugsource-3.0.101-108.13.1 kernel-ppc64-debuginfo-3.0.101-108.13.1 kernel-ppc64-debugsource-3.0.101-108.13.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-108.13.1 kernel-pae-debugsource-3.0.101-108.13.1 kernel-pae-devel-debuginfo-3.0.101-108.13.1 References: https://www.suse.com/security/cve/CVE-2017-1000253.html https://bugzilla.suse.com/1059525 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2717-1: important: Security update for git
by opensuse-security＠opensuse.org 12 Oct '17

12 Oct '17

SUSE Security Update: Security update for git ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2717-1 Rating: important References: #1061041 Cross-References: CVE-2017-14867 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for git fixes the following issues: - CVE-2017-14867: A cvsserver perl script command injection was fixed (CVE-2017-14867, bsc#1061041): Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-git-13310=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-git-13310=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-git-13310=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): git-1.7.12.4-0.18.6.1 git-core-1.7.12.4-0.18.6.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): git-1.7.12.4-0.18.6.1 git-arch-1.7.12.4-0.18.6.1 git-core-1.7.12.4-0.18.6.1 git-cvs-1.7.12.4-0.18.6.1 git-daemon-1.7.12.4-0.18.6.1 git-email-1.7.12.4-0.18.6.1 git-gui-1.7.12.4-0.18.6.1 git-svn-1.7.12.4-0.18.6.1 git-web-1.7.12.4-0.18.6.1 gitk-1.7.12.4-0.18.6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): git-debuginfo-1.7.12.4-0.18.6.1 git-debugsource-1.7.12.4-0.18.6.1 References: https://www.suse.com/security/cve/CVE-2017-14867.html https://bugzilla.suse.com/1061041 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2710-1: important: Security update for MozillaThunderbird
by opensuse-security＠opensuse.org 11 Oct '17

11 Oct '17

openSUSE Security Update: Security update for MozillaThunderbird ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2710-1 Rating: important References: #1060445 Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: Mozilla Thunderbird was updated to 52.4.0 (boo#1060445) * new behavior was introduced for replies to mailing list posts: "When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header". A new preference mail.override_list_reply_to allows to restore the previous behavior. * Under certain circumstances (image attachment and non-image attachment), attached images were shown truncated in messages stored in IMAP folders not synchronised for offline use. * IMAP UIDs > 0x7FFFFFFF now handled properly Security fixes from Gecko 52.4esr * CVE-2017-7793 (bmo#1371889) Use-after-free with Fetch API * CVE-2017-7818 (bmo#1363723) Use-after-free during ARIA array manipulation * CVE-2017-7819 (bmo#1380292) Use-after-free while resizing images in design mode * CVE-2017-7824 (bmo#1398381) Buffer overflow when drawing and validating elements with ANGLE * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement) Use-after-free in TLS 1.2 generating handshake hashes * CVE-2017-7814 (bmo#1376036) Blob and data URLs bypass phishing and malware protection warnings * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only) OS X fonts render some Tibetan and Arabic unicode characters as spaces * CVE-2017-7823 (bmo#1396320) CSP sandbox directive did not create a unique origin * CVE-2017-7810 Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 - Add alsa-devel BuildRequires: we care for ALSA support to be built and thus need to ensure we get the dependencies in place. In the past, alsa-devel was pulled in by accident: we buildrequire libgnome-devel. This required esound-devel and that in turn pulled in alsa-devel for us. libgnome is being fixed to no longer require esound-devel. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-1144=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1144=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): MozillaThunderbird-52.4.0-47.1 MozillaThunderbird-buildsymbols-52.4.0-47.1 MozillaThunderbird-debuginfo-52.4.0-47.1 MozillaThunderbird-debugsource-52.4.0-47.1 MozillaThunderbird-devel-52.4.0-47.1 MozillaThunderbird-translations-common-52.4.0-47.1 MozillaThunderbird-translations-other-52.4.0-47.1 - openSUSE Leap 42.2 (i586 x86_64): MozillaThunderbird-52.4.0-41.18.1 MozillaThunderbird-buildsymbols-52.4.0-41.18.1 MozillaThunderbird-debuginfo-52.4.0-41.18.1 MozillaThunderbird-debugsource-52.4.0-41.18.1 MozillaThunderbird-devel-52.4.0-41.18.1 MozillaThunderbird-translations-common-52.4.0-41.18.1 MozillaThunderbird-translations-other-52.4.0-41.18.1 References: https://www.suse.com/security/cve/CVE-2017-7793.html https://www.suse.com/security/cve/CVE-2017-7805.html https://www.suse.com/security/cve/CVE-2017-7810.html https://www.suse.com/security/cve/CVE-2017-7814.html https://www.suse.com/security/cve/CVE-2017-7818.html https://www.suse.com/security/cve/CVE-2017-7819.html https://www.suse.com/security/cve/CVE-2017-7823.html https://www.suse.com/security/cve/CVE-2017-7824.html https://www.suse.com/security/cve/CVE-2017-7825.html https://bugzilla.suse.com/1060445 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2017:2707-1: important: Security update for MozillaThunderbird
by opensuse-security＠opensuse.org 11 Oct '17

11 Oct '17

openSUSE Security Update: Security update for MozillaThunderbird ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:2707-1 Rating: important References: #1060445 Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: Mozilla Thunderbird was updated to 52.4.0 (boo#1060445) * new behavior was introduced for replies to mailing list posts: "When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header". A new preference mail.override_list_reply_to allows to restore the previous behavior. * Under certain circumstances (image attachment and non-image attachment), attached images were shown truncated in messages stored in IMAP folders not synchronised for offline use. * IMAP UIDs > 0x7FFFFFFF now handled properly Security fixes from Gecko 52.4esr * CVE-2017-7793 (bmo#1371889) Use-after-free with Fetch API * CVE-2017-7818 (bmo#1363723) Use-after-free during ARIA array manipulation * CVE-2017-7819 (bmo#1380292) Use-after-free while resizing images in design mode * CVE-2017-7824 (bmo#1398381) Buffer overflow when drawing and validating elements with ANGLE * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement) Use-after-free in TLS 1.2 generating handshake hashes * CVE-2017-7814 (bmo#1376036) Blob and data URLs bypass phishing and malware protection warnings * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only) OS X fonts render some Tibetan and Arabic unicode characters as spaces * CVE-2017-7823 (bmo#1396320) CSP sandbox directive did not create a unique origin * CVE-2017-7810 Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 - Add alsa-devel BuildRequires: we care for ALSA support to be built and thus need to ensure we get the dependencies in place. In the past, alsa-devel was pulled in by accident: we buildrequire libgnome-devel. This required esound-devel and that in turn pulled in alsa-devel for us. libgnome is being fixed to no longer require esound-devel. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2017-1144=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): MozillaThunderbird-52.4.0-45.1 MozillaThunderbird-buildsymbols-52.4.0-45.1 MozillaThunderbird-debuginfo-52.4.0-45.1 MozillaThunderbird-debugsource-52.4.0-45.1 MozillaThunderbird-devel-52.4.0-45.1 MozillaThunderbird-translations-common-52.4.0-45.1 MozillaThunderbird-translations-other-52.4.0-45.1 References: https://www.suse.com/security/cve/CVE-2017-7793.html https://www.suse.com/security/cve/CVE-2017-7805.html https://www.suse.com/security/cve/CVE-2017-7810.html https://www.suse.com/security/cve/CVE-2017-7814.html https://www.suse.com/security/cve/CVE-2017-7818.html https://www.suse.com/security/cve/CVE-2017-7819.html https://www.suse.com/security/cve/CVE-2017-7823.html https://www.suse.com/security/cve/CVE-2017-7824.html https://www.suse.com/security/cve/CVE-2017-7825.html https://bugzilla.suse.com/1060445 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2701-1: important: Security update for SLES 12-SP2 Docker image
by opensuse-security＠opensuse.org 11 Oct '17

11 Oct '17

SUSE Security Update: Security update for SLES 12-SP2 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2701-1 Rating: important References: #1056193 Cross-References: CVE-2012-6702 CVE-2015-3238 CVE-2016-10156 CVE-2016-1839 CVE-2016-2037 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-7055 CVE-2016-9063 CVE-2016-9318 CVE-2016-9401 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-3731 CVE-2017-3732 CVE-2017-5969 CVE-2017-6507 CVE-2017-7375 CVE-2017-7376 CVE-2017-7407 CVE-2017-7435 CVE-2017-7436 CVE-2017-7526 CVE-2017-8872 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9217 CVE-2017-9233 CVE-2017-9269 CVE-2017-9287 CVE-2017-9445 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 47 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 SP2 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 are now included in the base image. A package/CVE cross-reference is available below. bash: - CVE-2016-9401 expat: - CVE-2012-6702 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 curl: - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 glibc: - CVE-2017-1000366 openssl: - CVE-2017-3731 - CVE-2017-3732 - CVE-2016-7055 pam: - CVE-2015-3238 apparmor: - CVE-2017-6507 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libgcrypt: - CVE-2017-7526 libxml2: - CVE-2016-1839 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-0663 - CVE-2017-5969 - CVE-2017-7375 - CVE-2017-7376 - CVE-2017-8872 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 libzypp: - CVE-2017-9269 - CVE-2017-7435 - CVE-2017-7436 openldap2: - CVE-2017-9287 systemd: - CVE-2016-10156 - CVE-2017-9217 - CVE-2017-9445 util-linux: - CVE-2016-5011 - CVE-2017-2616 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 zypper: - CVE-2017-7436 Finally, the following packages received non-security fixes: - binutils - cpio - cryptsetup - cyrus-sasl - dbus-1 - dirmngr - e2fsprogs - gpg2 - insserv-compat - kmod - libsolv - libsemanage - lvm2 - lua51 - netcfg - procps - sed - sg3_utils - shadow Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12sp2-docker-image-1.0.2-20171006 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2016-10156.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-7055.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9401.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-0663.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-3732.html https://www.suse.com/security/cve/CVE-2017-5969.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7375.html https://www.suse.com/security/cve/CVE-2017-7376.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7435.html https://www.suse.com/security/cve/CVE-2017-7436.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-8872.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9217.html https://www.suse.com/security/cve/CVE-2017-9233.html https://www.suse.com/security/cve/CVE-2017-9269.html https://www.suse.com/security/cve/CVE-2017-9287.html https://www.suse.com/security/cve/CVE-2017-9445.html https://bugzilla.suse.com/1056193 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image
by opensuse-security＠opensuse.org 11 Oct '17

11 Oct '17

SUSE Security Update: Security update for SLES 12-SP1 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2700-1 Rating: important References: #1056193 #975726 Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7187 CVE-2014-7824 CVE-2014-8964 CVE-2014-9770 CVE-2015-0245 CVE-2015-0860 CVE-2015-1283 CVE-2015-2059 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-3238 CVE-2015-3622 CVE-2015-5073 CVE-2015-5276 CVE-2015-7511 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8806 CVE-2015-8842 CVE-2015-8853 CVE-2015-8948 CVE-2016-0634 CVE-2016-0718 CVE-2016-0787 CVE-2016-1234 CVE-2016-1238 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2037 CVE-2016-2073 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2381 CVE-2016-3075 CVE-2016-3191 CVE-2016-3627 CVE-2016-3705 CVE-2016-3706 CVE-2016-4008 CVE-2016-4429 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6185 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6313 CVE-2016-6318 CVE-2016-7056 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543 CVE-2016-7796 CVE-2016-8610 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9063 CVE-2016-9318 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-3731 CVE-2017-6507 CVE-2017-7407 CVE-2017-7526 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 143 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 SP1 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) - Do not install recommended packages when building container images. (bsc#975726) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 SP1 are now included in the base image. A package/CVE cross-reference is available below. pam: - CVE-2015-3238 libtasn1: - CVE-2015-3622 - CVE-2016-4008 expat: expat: - CVE-2012-6702 - CVE-2015-1283 - CVE-2016-0718 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 libidn: - CVE-2015-2059 - CVE-2015-8948 - CVE-2016-6261 - CVE-2016-6262 - CVE-2016-6263 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 curl: - CVE-2016-5419 - CVE-2016-5420 - CVE-2016-5421 - CVE-2016-7141 - CVE-2016-7167 - CVE-2016-8615 - CVE-2016-8616 - CVE-2016-8617 - CVE-2016-8618 - CVE-2016-8619 - CVE-2016-8620 - CVE-2016-8621 - CVE-2016-8622 - CVE-2016-8623 - CVE-2016-8624 - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 openssl: - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2177 - CVE-2016-2178 - CVE-2016-2179 - CVE-2016-2180 - CVE-2016-2181 - CVE-2016-2182 - CVE-2016-2183 - CVE-2016-6302 - CVE-2016-6303 - CVE-2016-6304 - CVE-2016-6306 - CVE-2016-7056 - CVE-2016-8610 - CVE-2017-3731 cracklib: - CVE-2016-6318 pcre: - CVE-2014-8964 - CVE-2015-2325 - CVE-2015-2327 - CVE-2015-2328 - CVE-2015-3210 - CVE-2015-3217 - CVE-2015-5073 - CVE-2015-8380 - CVE-2015-8381 - CVE-2015-8382 - CVE-2015-8383 - CVE-2015-8384 - CVE-2015-8385 - CVE-2015-8386 - CVE-2015-8387 - CVE-2015-8388 - CVE-2015-8389 - CVE-2015-8390 - CVE-2015-8391 - CVE-2015-8392 - CVE-2015-8393 - CVE-2015-8394 - CVE-2015-8395 - CVE-2016-1283 - CVE-2016-3191 appamor: - CVE-2017-6507 bash: - CVE-2014-6277 - CVE-2014-6278 - CVE-2016-0634 - CVE-2016-7543 cpio: - CVE-2016-2037 glibc: - CVE-2016-1234 - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-4429 - CVE-2017-1000366 perl: - CVE-2015-8853 - CVE-2016-1238 - CVE-2016-2381 - CVE-2016-6185 libssh2_org: - CVE-2016-0787 util-linux: - CVE-2016-5011 - CVE-2017-2616 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libksba: - CVE-2016-4574 - CVE-2016-4579 libxml2: - CVE-2014-0191 - CVE-2015-8806 - CVE-2016-1762 - CVE-2016-1833 - CVE-2016-1834 - CVE-2016-1835 - CVE-2016-1837 - CVE-2016-1838 - CVE-2016-1839 - CVE-2016-1840 - CVE-2016-2073 - CVE-2016-3627 - CVE-2016-3705 - CVE-2016-4447 - CVE-2016-4448 - CVE-2016-4449 - CVE-2016-4483 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 libgcrypt: - CVE-2015-7511 - CVE-2016-6313 - CVE-2017-7526 update-alternatives: - CVE-2015-0860 systemd: - CVE-2014-9770 - CVE-2015-8842 - CVE-2016-7796 dbus-1: - CVE-2014-7824 - CVE-2015-0245 Finally, the following packages received non-security fixes: - augeas - bzip2 - ca-certificates-mozilla - coreutils - cryptsetup - cyrus-sasl - dirmngr - e2fsprogs - findutils - gpg2 - insserv-compat - kmod - libcap - libsolv - libzypp - lua51 - lvm2 - netcfg - p11-kit - permissions - procps - rpm - sed - sg3_utils - shadow - zypper Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12sp1-docker-image-1.0.7-20171002 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2014-6271.html https://www.suse.com/security/cve/CVE-2014-6277.html https://www.suse.com/security/cve/CVE-2014-6278.html https://www.suse.com/security/cve/CVE-2014-7169.html https://www.suse.com/security/cve/CVE-2014-7187.html https://www.suse.com/security/cve/CVE-2014-7824.html https://www.suse.com/security/cve/CVE-2014-8964.html https://www.suse.com/security/cve/CVE-2014-9770.html https://www.suse.com/security/cve/CVE-2015-0245.html https://www.suse.com/security/cve/CVE-2015-0860.html https://www.suse.com/security/cve/CVE-2015-1283.html https://www.suse.com/security/cve/CVE-2015-2059.html https://www.suse.com/security/cve/CVE-2015-2325.html https://www.suse.com/security/cve/CVE-2015-2327.html https://www.suse.com/security/cve/CVE-2015-2328.html https://www.suse.com/security/cve/CVE-2015-3210.html https://www.suse.com/security/cve/CVE-2015-3217.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2015-3622.html https://www.suse.com/security/cve/CVE-2015-5073.html https://www.suse.com/security/cve/CVE-2015-5276.html https://www.suse.com/security/cve/CVE-2015-7511.html https://www.suse.com/security/cve/CVE-2015-8380.html https://www.suse.com/security/cve/CVE-2015-8381.html https://www.suse.com/security/cve/CVE-2015-8382.html https://www.suse.com/security/cve/CVE-2015-8383.html https://www.suse.com/security/cve/CVE-2015-8384.html https://www.suse.com/security/cve/CVE-2015-8385.html https://www.suse.com/security/cve/CVE-2015-8386.html https://www.suse.com/security/cve/CVE-2015-8387.html https://www.suse.com/security/cve/CVE-2015-8388.html https://www.suse.com/security/cve/CVE-2015-8389.html https://www.suse.com/security/cve/CVE-2015-8390.html https://www.suse.com/security/cve/CVE-2015-8391.html https://www.suse.com/security/cve/CVE-2015-8392.html https://www.suse.com/security/cve/CVE-2015-8393.html https://www.suse.com/security/cve/CVE-2015-8394.html https://www.suse.com/security/cve/CVE-2015-8395.html https://www.suse.com/security/cve/CVE-2015-8806.html https://www.suse.com/security/cve/CVE-2015-8842.html https://www.suse.com/security/cve/CVE-2015-8853.html https://www.suse.com/security/cve/CVE-2015-8948.html https://www.suse.com/security/cve/CVE-2016-0634.html https://www.suse.com/security/cve/CVE-2016-0718.html https://www.suse.com/security/cve/CVE-2016-0787.html https://www.suse.com/security/cve/CVE-2016-1234.html https://www.suse.com/security/cve/CVE-2016-1238.html https://www.suse.com/security/cve/CVE-2016-1283.html https://www.suse.com/security/cve/CVE-2016-1762.html https://www.suse.com/security/cve/CVE-2016-1833.html https://www.suse.com/security/cve/CVE-2016-1834.html https://www.suse.com/security/cve/CVE-2016-1835.html https://www.suse.com/security/cve/CVE-2016-1837.html https://www.suse.com/security/cve/CVE-2016-1838.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-1840.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-2073.html https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-2106.html https://www.suse.com/security/cve/CVE-2016-2107.html https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-2109.html https://www.suse.com/security/cve/CVE-2016-2177.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2179.html https://www.suse.com/security/cve/CVE-2016-2180.html https://www.suse.com/security/cve/CVE-2016-2181.html https://www.suse.com/security/cve/CVE-2016-2182.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-2381.html https://www.suse.com/security/cve/CVE-2016-3075.html https://www.suse.com/security/cve/CVE-2016-3191.html https://www.suse.com/security/cve/CVE-2016-3627.html https://www.suse.com/security/cve/CVE-2016-3705.html https://www.suse.com/security/cve/CVE-2016-3706.html https://www.suse.com/security/cve/CVE-2016-4008.html https://www.suse.com/security/cve/CVE-2016-4429.html https://www.suse.com/security/cve/CVE-2016-4447.html https://www.suse.com/security/cve/CVE-2016-4448.html https://www.suse.com/security/cve/CVE-2016-4449.html https://www.suse.com/security/cve/CVE-2016-4483.html https://www.suse.com/security/cve/CVE-2016-4574.html https://www.suse.com/security/cve/CVE-2016-4579.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-5419.html https://www.suse.com/security/cve/CVE-2016-5420.html https://www.suse.com/security/cve/CVE-2016-5421.html https://www.suse.com/security/cve/CVE-2016-6185.html https://www.suse.com/security/cve/CVE-2016-6261.html https://www.suse.com/security/cve/CVE-2016-6262.html https://www.suse.com/security/cve/CVE-2016-6263.html https://www.suse.com/security/cve/CVE-2016-6302.html https://www.suse.com/security/cve/CVE-2016-6303.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-6313.html https://www.suse.com/security/cve/CVE-2016-6318.html https://www.suse.com/security/cve/CVE-2016-7056.html https://www.suse.com/security/cve/CVE-2016-7141.html https://www.suse.com/security/cve/CVE-2016-7167.html https://www.suse.com/security/cve/CVE-2016-7543.html https://www.suse.com/security/cve/CVE-2016-7796.html https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2016-8615.html https://www.suse.com/security/cve/CVE-2016-8616.html https://www.suse.com/security/cve/CVE-2016-8617.html https://www.suse.com/security/cve/CVE-2016-8618.html https://www.suse.com/security/cve/CVE-2016-8619.html https://www.suse.com/security/cve/CVE-2016-8620.html https://www.suse.com/security/cve/CVE-2016-8621.html https://www.suse.com/security/cve/CVE-2016-8622.html https://www.suse.com/security/cve/CVE-2016-8623.html https://www.suse.com/security/cve/CVE-2016-8624.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9233.html https://bugzilla.suse.com/1056193 https://bugzilla.suse.com/975726 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2699-1: important: Security update for SLES 12 Docker image
by opensuse-security＠opensuse.org 11 Oct '17

11 Oct '17

SUSE Security Update: Security update for SLES 12 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2699-1 Rating: important References: #1056193 #975726 Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7187 CVE-2014-7824 CVE-2014-8964 CVE-2014-9770 CVE-2015-0245 CVE-2015-1283 CVE-2015-2059 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-3238 CVE-2015-3622 CVE-2015-5073 CVE-2015-5218 CVE-2015-5276 CVE-2015-7511 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8806 CVE-2015-8842 CVE-2015-8853 CVE-2015-8948 CVE-2016-0634 CVE-2016-0718 CVE-2016-0787 CVE-2016-1234 CVE-2016-1238 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2037 CVE-2016-2073 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2381 CVE-2016-3075 CVE-2016-3191 CVE-2016-3627 CVE-2016-3705 CVE-2016-3706 CVE-2016-4008 CVE-2016-4429 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6185 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6313 CVE-2016-6318 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543 CVE-2016-7796 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9063 CVE-2016-9318 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-6507 CVE-2017-7407 CVE-2017-7526 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 140 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) - Do not install recommended packages when building container images. (bsc#975726) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 are now included in the base image. A package/CVE cross-reference is available below. pam: - CVE-2015-3238 libtasn1: - CVE-2015-3622 - CVE-2016-4008 libidn: - CVE-2015-2059 - CVE-2015-8948 - CVE-2016-6261 - CVE-2016-6262 - CVE-2016-6263 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 curl: - CVE-2016-5419 - CVE-2016-5420 - CVE-2016-5421 - CVE-2016-7141 - CVE-2016-7167 - CVE-2016-8615 - CVE-2016-8616 - CVE-2016-8617 - CVE-2016-8618 - CVE-2016-8619 - CVE-2016-8620 - CVE-2016-8621 - CVE-2016-8622 - CVE-2016-8623 - CVE-2016-8624 - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 openssl: - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2177 - CVE-2016-2178 - CVE-2016-2179 - CVE-2016-2180 - CVE-2016-2181 - CVE-2016-2182 - CVE-2016-2183 - CVE-2016-6302 - CVE-2016-6303 - CVE-2016-6304 - CVE-2016-6306 libxml2: - CVE-2014-0191 - CVE-2015-8806 - CVE-2016-1762 - CVE-2016-1833 - CVE-2016-1834 - CVE-2016-1835 - CVE-2016-1837 - CVE-2016-1838 - CVE-2016-1839 - CVE-2016-1840 - CVE-2016-2073 - CVE-2016-3627 - CVE-2016-3705 - CVE-2016-4447 - CVE-2016-4448 - CVE-2016-4449 - CVE-2016-4483 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 util-linux: - CVE-2015-5218 - CVE-2016-5011 - CVE-2017-2616 cracklib: - CVE-2016-6318 systemd: - CVE-2014-9770 - CVE-2015-8842 - CVE-2016-7796 pcre: - CVE-2014-8964 - CVE-2015-2325 - CVE-2015-2327 - CVE-2015-2328 - CVE-2015-3210 - CVE-2015-3217 - CVE-2015-5073 - CVE-2015-8380 - CVE-2015-8381 - CVE-2015-8382 - CVE-2015-8383 - CVE-2015-8384 - CVE-2015-8385 - CVE-2015-8386 - CVE-2015-8387 - CVE-2015-8388 - CVE-2015-8389 - CVE-2015-8390 - CVE-2015-8391 - CVE-2015-8392 - CVE-2015-8393 - CVE-2015-8394 - CVE-2015-8395 - CVE-2016-1283 - CVE-2016-3191 appamor: - CVE-2017-6507 bash: - CVE-2014-6277 - CVE-2014-6278 - CVE-2016-0634 - CVE-2016-7543 cpio: - CVE-2016-2037 glibc: - CVE-2016-1234 - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-4429 - CVE-2017-1000366 perl: - CVE-2015-8853 - CVE-2016-1238 - CVE-2016-2381 - CVE-2016-6185 libssh2_org: - CVE-2016-0787 expat: - CVE-2012-6702 - CVE-2015-1283 - CVE-2016-0718 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libksba: - CVE-2016-4574 - CVE-2016-4579 libgcrypt: - CVE-2015-7511 - CVE-2016-6313 - CVE-2017-7526 dbus-1: - CVE-2014-7824 - CVE-2015-0245 Finally, the following packages received non-security fixes: - augeas - bzip2 - ca-certificates-mozilla - coreutils - cryptsetup - cyrus-sasl - dirmngr - e2fsprogs - findutils - gpg2 - insserv-compat - kmod - libcap - libsolv - libzypp - openldap2 - p11-kit - permissions - procps - rpm - sed - shadow - zypper Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12-docker-image-1.1.4-20171002 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2014-6271.html https://www.suse.com/security/cve/CVE-2014-6277.html https://www.suse.com/security/cve/CVE-2014-6278.html https://www.suse.com/security/cve/CVE-2014-7169.html https://www.suse.com/security/cve/CVE-2014-7187.html https://www.suse.com/security/cve/CVE-2014-7824.html https://www.suse.com/security/cve/CVE-2014-8964.html https://www.suse.com/security/cve/CVE-2014-9770.html https://www.suse.com/security/cve/CVE-2015-0245.html https://www.suse.com/security/cve/CVE-2015-1283.html https://www.suse.com/security/cve/CVE-2015-2059.html https://www.suse.com/security/cve/CVE-2015-2325.html https://www.suse.com/security/cve/CVE-2015-2327.html https://www.suse.com/security/cve/CVE-2015-2328.html https://www.suse.com/security/cve/CVE-2015-3210.html https://www.suse.com/security/cve/CVE-2015-3217.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2015-3622.html https://www.suse.com/security/cve/CVE-2015-5073.html https://www.suse.com/security/cve/CVE-2015-5218.html https://www.suse.com/security/cve/CVE-2015-5276.html https://www.suse.com/security/cve/CVE-2015-7511.html https://www.suse.com/security/cve/CVE-2015-8380.html https://www.suse.com/security/cve/CVE-2015-8381.html https://www.suse.com/security/cve/CVE-2015-8382.html https://www.suse.com/security/cve/CVE-2015-8383.html https://www.suse.com/security/cve/CVE-2015-8384.html https://www.suse.com/security/cve/CVE-2015-8385.html https://www.suse.com/security/cve/CVE-2015-8386.html https://www.suse.com/security/cve/CVE-2015-8387.html https://www.suse.com/security/cve/CVE-2015-8388.html https://www.suse.com/security/cve/CVE-2015-8389.html https://www.suse.com/security/cve/CVE-2015-8390.html https://www.suse.com/security/cve/CVE-2015-8391.html https://www.suse.com/security/cve/CVE-2015-8392.html https://www.suse.com/security/cve/CVE-2015-8393.html https://www.suse.com/security/cve/CVE-2015-8394.html https://www.suse.com/security/cve/CVE-2015-8395.html https://www.suse.com/security/cve/CVE-2015-8806.html https://www.suse.com/security/cve/CVE-2015-8842.html https://www.suse.com/security/cve/CVE-2015-8853.html https://www.suse.com/security/cve/CVE-2015-8948.html https://www.suse.com/security/cve/CVE-2016-0634.html https://www.suse.com/security/cve/CVE-2016-0718.html https://www.suse.com/security/cve/CVE-2016-0787.html https://www.suse.com/security/cve/CVE-2016-1234.html https://www.suse.com/security/cve/CVE-2016-1238.html https://www.suse.com/security/cve/CVE-2016-1283.html https://www.suse.com/security/cve/CVE-2016-1762.html https://www.suse.com/security/cve/CVE-2016-1833.html https://www.suse.com/security/cve/CVE-2016-1834.html https://www.suse.com/security/cve/CVE-2016-1835.html https://www.suse.com/security/cve/CVE-2016-1837.html https://www.suse.com/security/cve/CVE-2016-1838.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-1840.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-2073.html https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-2106.html https://www.suse.com/security/cve/CVE-2016-2107.html https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-2109.html https://www.suse.com/security/cve/CVE-2016-2177.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2179.html https://www.suse.com/security/cve/CVE-2016-2180.html https://www.suse.com/security/cve/CVE-2016-2181.html https://www.suse.com/security/cve/CVE-2016-2182.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-2381.html https://www.suse.com/security/cve/CVE-2016-3075.html https://www.suse.com/security/cve/CVE-2016-3191.html https://www.suse.com/security/cve/CVE-2016-3627.html https://www.suse.com/security/cve/CVE-2016-3705.html https://www.suse.com/security/cve/CVE-2016-3706.html https://www.suse.com/security/cve/CVE-2016-4008.html https://www.suse.com/security/cve/CVE-2016-4429.html https://www.suse.com/security/cve/CVE-2016-4447.html https://www.suse.com/security/cve/CVE-2016-4448.html https://www.suse.com/security/cve/CVE-2016-4449.html https://www.suse.com/security/cve/CVE-2016-4483.html https://www.suse.com/security/cve/CVE-2016-4574.html https://www.suse.com/security/cve/CVE-2016-4579.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-5419.html https://www.suse.com/security/cve/CVE-2016-5420.html https://www.suse.com/security/cve/CVE-2016-5421.html https://www.suse.com/security/cve/CVE-2016-6185.html https://www.suse.com/security/cve/CVE-2016-6261.html https://www.suse.com/security/cve/CVE-2016-6262.html https://www.suse.com/security/cve/CVE-2016-6263.html https://www.suse.com/security/cve/CVE-2016-6302.html https://www.suse.com/security/cve/CVE-2016-6303.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-6313.html https://www.suse.com/security/cve/CVE-2016-6318.html https://www.suse.com/security/cve/CVE-2016-7141.html https://www.suse.com/security/cve/CVE-2016-7167.html https://www.suse.com/security/cve/CVE-2016-7543.html https://www.suse.com/security/cve/CVE-2016-7796.html https://www.suse.com/security/cve/CVE-2016-8615.html https://www.suse.com/security/cve/CVE-2016-8616.html https://www.suse.com/security/cve/CVE-2016-8617.html https://www.suse.com/security/cve/CVE-2016-8618.html https://www.suse.com/security/cve/CVE-2016-8619.html https://www.suse.com/security/cve/CVE-2016-8620.html https://www.suse.com/security/cve/CVE-2016-8621.html https://www.suse.com/security/cve/CVE-2016-8622.html https://www.suse.com/security/cve/CVE-2016-8623.html https://www.suse.com/security/cve/CVE-2016-8624.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9233.html https://bugzilla.suse.com/1056193 https://bugzilla.suse.com/975726 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2694-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 10 Oct '17

10 Oct '17

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2694-1 Rating: important References: #1013018 #1024450 #1031358 #1036629 #1037441 #1037667 #1037669 #1037994 #1039803 #1040609 #1042863 #1045154 #1047523 #1050381 #1050431 #1051932 #1052311 #1052370 #1053148 #1053152 #1053802 #1053933 #1054070 #1054076 #1054093 #1054247 #1054706 #1055680 #1056588 #1057179 #1057389 #1058524 #984530 Cross-References: CVE-2017-1000112 CVE-2017-1000251 CVE-2017-10661 CVE-2017-12762 CVE-2017-14051 CVE-2017-14140 CVE-2017-14340 CVE-2017-8831 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 25 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in remote code execution in kernel space (bnc#1057389). - CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h did not verify that a filesystem has a realtime device, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (bnc#1058524). - CVE-2017-14140: The move_pages system call in mm/migrate.c did not check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179). - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588). - CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152). - CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c a user-controlled buffer was copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow (bnc#1053148). - CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability (bnc#1037994). - CVE-2017-1000112: Prevent race condition in net-packet code that could have been exploited by unprivileged users to gain root access.(bnc#1052311). The following non-security bugs were fixed: - ALSA: Fix Lewisburg audio issue - Drop commit 96234ae:kvm_io_bus_unregister_dev() should never fail (bsc#1055680) - Fixup build warnings in drivers/scsi/scsi.c (bsc#1031358) - NFS: Cache aggressively when file is open for writing (bsc#1053933). - NFS: Do drop directory dentry when error clearly requires it (bsc#1051932). - NFS: Do not flush caches for a getattr that races with writeback (bsc#1053933). - NFS: Optimize fallocate by refreshing mapping when needed (bsc#1053933). - NFS: invalidate file size when taking a lock (bsc#1053933). - PCI: fix hotplug related issues (bnc#1054247). - af_key: do not use GFP_KERNEL in atomic contexts (bsc#1054093). - avoid deadlock in xenbus (bnc#1047523). - blacklist 9754d45e9970 tpm: read burstcount from TPM_STS in one 32-bit transaction - blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216). - cx231xx-audio: fix NULL-deref at probe (bsc#1050431). - cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - fuse: do not use iocb after it may have been freed (bsc#1054706). - fuse: fix fuse_write_end() if zero bytes were copied (bsc#1054706). - fuse: fsync() did not return IO errors (bsc#1054076). - fuse: fuse_flush must check mapping->flags for errors (bsc#1054706). - gspca: konica: add missing endpoint sanity check (bsc#1050431). - kabi/severities: Ignore zpci symbol changes (bsc#1054247) - lib/mpi: mpi_read_raw_data(): fix nbits calculation - media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl (bsc#1050431). - net: Fix RCU splat in af_key (bsc#1054093). - powerpc/fadump: add reschedule point while releasing memory (bsc#1040609 bsc#1024450). - powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669 bsc#1037667). - powerpc/fadump: provide a helpful error message (bsc#1037669 bsc#1037667). - powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530, bsc#1052370). - powerpc/slb: Force a full SLB flush when we insert for a bad EA (bsc#1054070). - reiserfs: fix race in readdir (bsc#1039803). - s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1054247). - s390/pci: fix handling of PEC 306 (bnc#1054247). - s390/pci: improve error handling during fmb (de)registration (bnc#1054247). - s390/pci: improve error handling during interrupt deregistration (bnc#1054247). - s390/pci: improve pci hotplug (bnc#1054247). - s390/pci: improve unreg_ioat error handling (bnc#1054247). - s390/pci: introduce clp_get_state (bnc#1054247). - s390/pci: provide more debug information (bnc#1054247). - scsi: avoid system stall due to host_busy race (bsc#1031358). - scsi: close race when updating blocked counters (bsc#1031358). - ser_gigaset: return -ENOMEM on error instead of success (bsc#1037441). - supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802). - tpm: fix a kernel memory leak in tpm-sysfs.c (bsc#1050381). - uwb: fix device quirk on big-endian hosts (bsc#1036629). - xfs: fix inobt inode allocation search optimization (bsc#1013018). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-linux-kernel-rt-13307=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-linux-kernel-rt-13307=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-69.8.1 kernel-rt-base-3.0.101.rt130-69.8.1 kernel-rt-devel-3.0.101.rt130-69.8.1 kernel-rt_trace-3.0.101.rt130-69.8.1 kernel-rt_trace-base-3.0.101.rt130-69.8.1 kernel-rt_trace-devel-3.0.101.rt130-69.8.1 kernel-source-rt-3.0.101.rt130-69.8.1 kernel-syms-rt-3.0.101.rt130-69.8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-69.8.1 kernel-rt-debugsource-3.0.101.rt130-69.8.1 kernel-rt_debug-debuginfo-3.0.101.rt130-69.8.1 kernel-rt_debug-debugsource-3.0.101.rt130-69.8.1 kernel-rt_trace-debuginfo-3.0.101.rt130-69.8.1 kernel-rt_trace-debugsource-3.0.101.rt130-69.8.1 References: https://www.suse.com/security/cve/CVE-2017-1000112.html https://www.suse.com/security/cve/CVE-2017-1000251.html https://www.suse.com/security/cve/CVE-2017-10661.html https://www.suse.com/security/cve/CVE-2017-12762.html https://www.suse.com/security/cve/CVE-2017-14051.html https://www.suse.com/security/cve/CVE-2017-14140.html https://www.suse.com/security/cve/CVE-2017-14340.html https://www.suse.com/security/cve/CVE-2017-8831.html https://bugzilla.suse.com/1013018 https://bugzilla.suse.com/1024450 https://bugzilla.suse.com/1031358 https://bugzilla.suse.com/1036629 https://bugzilla.suse.com/1037441 https://bugzilla.suse.com/1037667 https://bugzilla.suse.com/1037669 https://bugzilla.suse.com/1037994 https://bugzilla.suse.com/1039803 https://bugzilla.suse.com/1040609 https://bugzilla.suse.com/1042863 https://bugzilla.suse.com/1045154 https://bugzilla.suse.com/1047523 https://bugzilla.suse.com/1050381 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1051932 https://bugzilla.suse.com/1052311 https://bugzilla.suse.com/1052370 https://bugzilla.suse.com/1053148 https://bugzilla.suse.com/1053152 https://bugzilla.suse.com/1053802 https://bugzilla.suse.com/1053933 https://bugzilla.suse.com/1054070 https://bugzilla.suse.com/1054076 https://bugzilla.suse.com/1054093 https://bugzilla.suse.com/1054247 https://bugzilla.suse.com/1054706 https://bugzilla.suse.com/1055680 https://bugzilla.suse.com/1056588 https://bugzilla.suse.com/1057179 https://bugzilla.suse.com/1057389 https://bugzilla.suse.com/1058524 https://bugzilla.suse.com/984530 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2688-1: important: Security update for MozillaFirefox, mozilla-nss
by opensuse-security＠opensuse.org 10 Oct '17

10 Oct '17

SUSE Security Update: Security update for MozillaFirefox, mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2688-1 Rating: important References: #1060445 #1061005 Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desktop 12-SP2 SUSE Container as a Service Platform ALL ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes (bsc#1061005) These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters rendering (bsc#1060445). - CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake hashes (bsc#1060445). - CVE-2017-7819: Prevent Use-after-free while resizing images in design mode (bsc#1060445). - CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation (bsc#1060445). - CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445). - CVE-2017-7824: Prevent Buffer overflow when drawing and validating elements with ANGLE (bsc#1060445). - CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445). - CVE-2017-7823: CSP sandbox directive did not create a unique origin (bsc#1060445). - CVE-2017-7814: Blob and data URLs bypassed phishing and malware protection warnings (bsc#1060445). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1662=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1662=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1662=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1662=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1662=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1662=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1662=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1662=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1662=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1662=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1662=1 - SUSE Container as a Service Platform ALL: zypper in -t patch SUSE-CAASP-ALL-2017-1662=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP2 (s390x x86_64): libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x x86_64): libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-devel-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-hmac-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-hmac-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-devel-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libfreebl3-hmac-32bit-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-hmac-32bit-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): MozillaFirefox-52.4.0esr-109.6.2 MozillaFirefox-debuginfo-52.4.0esr-109.6.2 MozillaFirefox-debugsource-52.4.0esr-109.6.2 MozillaFirefox-translations-52.4.0esr-109.6.2 libfreebl3-3.29.5-58.3.1 libfreebl3-32bit-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libfreebl3-debuginfo-32bit-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-32bit-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 libsoftokn3-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-32bit-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-32bit-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 mozilla-nss-sysinit-3.29.5-58.3.1 mozilla-nss-sysinit-32bit-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1 mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1 mozilla-nss-tools-3.29.5-58.3.1 mozilla-nss-tools-debuginfo-3.29.5-58.3.1 - SUSE Container as a Service Platform ALL (x86_64): libfreebl3-3.29.5-58.3.1 libfreebl3-debuginfo-3.29.5-58.3.1 libsoftokn3-3.29.5-58.3.1 libsoftokn3-debuginfo-3.29.5-58.3.1 mozilla-nss-3.29.5-58.3.1 mozilla-nss-certs-3.29.5-58.3.1 mozilla-nss-certs-debuginfo-3.29.5-58.3.1 mozilla-nss-debuginfo-3.29.5-58.3.1 mozilla-nss-debugsource-3.29.5-58.3.1 References: https://www.suse.com/security/cve/CVE-2017-7793.html https://www.suse.com/security/cve/CVE-2017-7805.html https://www.suse.com/security/cve/CVE-2017-7810.html https://www.suse.com/security/cve/CVE-2017-7814.html https://www.suse.com/security/cve/CVE-2017-7818.html https://www.suse.com/security/cve/CVE-2017-7819.html https://www.suse.com/security/cve/CVE-2017-7823.html https://www.suse.com/security/cve/CVE-2017-7824.html https://www.suse.com/security/cve/CVE-2017-7825.html https://bugzilla.suse.com/1060445 https://bugzilla.suse.com/1061005 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE-SU-2017:2655-1: important: Security update for portus
by opensuse-security＠opensuse.org 06 Oct '17

06 Oct '17

SUSE Security Update: Security update for portus ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2655-1 Rating: important References: #1059664 Cross-References: CVE-2017-14621 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for portus fixes the following issues: - CVE-2017-14621: Fixed a XSS attack via the Team field, related to typeahead. (bsc#1059664) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1642=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (x86_64): portus-2.2.0-20.3.1 portus-debuginfo-2.2.0-20.3.1 portus-debugsource-2.2.0-20.3.1 References: https://www.suse.com/security/cve/CVE-2017-14621.html https://bugzilla.suse.com/1059664 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

← Newer
1
2
3
4
5
6
7
8
9
Older →

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

openSUSE Security Announce October 2017