openSUSE Security April 2014

security@lists.opensuse.org

7 participants
3 discussions

[opensuse-security] Patched, but still vulnerable
by James Rome 11 Apr '14

11 Apr '14

I have applied all patched to my OpenSUSE 13.1 server and restarted Apache, but https://www.ssllabs.com/ssltest/analyze.html says I am still vulnerable to heartbleed. What else must I do? -- James A. Rome http://jamesrome.net -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org

3 2

[opensuse-security] help
by Hans-Walter Simon 09 Apr '14

09 Apr '14

-- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org

2 1

[opensuse-security] Re: [security-announce] SUSE-SU-2014:0459-1: important: Security update for Linux Kernel
by R.Vickers＠rhul.ac.uk 04 Apr '14

04 Apr '14

On Fri, 28 Mar 2014, opensuse-security(a)opensuse.org wrote: > SUSE Security Update: Security update for Linux Kernel > ______________________________________________________________________________ > > Announcement ID: SUSE-SU-2014:0459-1 > Rating: important > References: #599263 #827670 #833968 #844513 #846790 #847672 > #852488 #852967 #853162 #853166 #853455 #854025 > #854445 #855825 #855885 #856848 #857358 #857643 > #858604 #859225 #859342 #861093 #862796 #862957 > #863178 #863526 #864025 #864058 #864833 #864880 > #865342 #865783 #866253 #866428 > Cross-References: CVE-2013-4470 CVE-2013-6885 CVE-2013-7263 > CVE-2013-7264 CVE-2013-7265 CVE-2014-0069 > > Affected Products: > SUSE Linux Enterprise Server 11 SP3 for VMware > SUSE Linux Enterprise Server 11 SP3 > SUSE Linux Enterprise High Availability Extension 11 SP3 > SUSE Linux Enterprise Desktop 11 SP3 > SLE 11 SERVER Unsupported Extras > ______________________________________________________________________________ > This announcement came out a week ago, but so far I haven't seen any of the patches it mentions...have they got stuck somewhere or am I doing something wrong? I have run 'zypper lp' on three different SLES11SP3 systems and none of them reports a kernel patch. e.g. # zypper lr | grep SP3-Up 17 | nu_novell_com:SLES11-SP3-Updates | SLES11-SP3-Updates | Yes | Yes # zypper lp Refreshing service 'nu_novell_com'. Loading repository data... Reading installed packages... Repository | Name | Version | Category | Status -------------------+--------------------+---------+-------------+------- SLES11-SP3-Updates | slessp3-kpartx | 9058 | recommended | needed SLES11-SP3-Updates | slessp3-sudo | 9044 | security | needed SLES11-SP3-Updates | slessp3-xen-201402 | 8973 | security | needed # rpm -qf /boot/vmlinuz-xen kernel-xen-base-3.0.101-0.15.1 # uname -a Linux www 3.0.101-0.15-xen #1 SMP Wed Jan 22 15:49:03 UTC 2014 (5c01f4e) x86_64 x86_64 x86_64 GNU/Linux I have a maintenance window on Tuesday so want to resolve this by Monday if possible. Bob -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org

2 1

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security April 2014