Sehr geehrte Damen und Herren, wegen eines Auslandsaufenthaltes kann ich die Nachricht vermutlich bis zum 4.4. nicht lesen. In dringenden Fällen stehe ich Ihnen unter +49 177 7902970 telefonisch zur Verfügung. Mit freundlichen Grüßen W. Lisiewicz ------------- Szanowni Państwo, z powodu pobytu za granicą nie będę prawdopodobnie mógł przeczytać Państwa wiadomości do dnia 4.4. W pilnych przypadkach jestem dostępny pod numerem telefonu +49 177 7902970. Pozdrawiam serdecznie W. Lisiewicz Am 03.04.2013 um 20:13 schrieb opensuse-security@opensuse.org:

  SUSE Security Update: Security update for rubygem-crack ______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0615-1 Rating:             important References:         #804721 Cross-References:   CVE-2013-0269 Affected Products:                    SUSE Studio Onsite 1.2                    SUSE Studio Extension for System z 1.2 ______________________________________________________________________________

  An update that fixes one vulnerability is now available.

Description:

  The Ruby Gem crack has been updated to 0.1.7 and to fix a   security issue:

  * CVE-2013-1800: Multiple xml parsing issues were fixed   that could be used by attackers able to inject XML to cause   denial of service problems.

  Security Issue reference:

  * CVE-2013-0269   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269

Patch Instructions:

  To install this SUSE Security Update use YaST online_update.   Alternatively you can run the command listed for your product:

  - SUSE Studio Onsite 1.2:

     zypper in -t patch slestso12-rubygem-crack-7530

  - SUSE Studio Extension for System z 1.2:

     zypper in -t patch slestso12-rubygem-crack-7530

  To bring your system up-to-date, use "zypper patch".

Package List:

  - SUSE Studio Onsite 1.2 (x86_64):

     rubygem-crack-0.1.7-0.5.4

  - SUSE Studio Extension for System z 1.2 (s390x):

     rubygem-crack-0.1.7-0.5.4

References:

  http://support.novell.com/security/cve/CVE-2013-0269.html   https://bugzilla.novell.com/804721   http://download.novell.com/patch/finder/?keywords=db8654d7f66749acf4c49dd5a2...

-- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org