Please note that a local root vulnerability has been found in the imwheel package, however: SuSE Linux is not affected We dont ship the vulnerable suidperl script.

Fromthe /usr/doc/packages/imwheel/README.SuSE file:

For security reasons suid root installation as mentioned in the README file is disabled in the distribution. If you terminate/restart the X-Server all running instances of imwheel are killed anyway. Thank you for your attention. Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C