openSUSE Recommended Update: coreutils: The "-V" option of sort doesn't work. Fixed by this update.
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0949-1
Rating: low
References: #616745 #626517
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
The "-V" (treat as version numbers) option doesn't show
any effect. This was caused by the i18n patch for coreutils
not being updated for this new option. Fixed by this update.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch coreutils-3496
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (i586 x86_64):
coreutils-7.1-11.1.1
- openSUSE 11.3 (noarch):
coreutils-lang-7.1-11.1.1
References:
https://bugzilla.novell.com/616745https://bugzilla.novell.com/626517
openSUSE Recommended Update: pcmanfm: Upgrade to version 0.9.8
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0948-1
Rating: moderate
References: #647213 #648882 #651089
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that has three recommended fixes can now be
installed.
Description:
pcmanfm has been updated to version 0.9.8 together with its
main library libfm (updated to version 0.1.14). Also a
pcmanfm critical bug on x86_64 systems has been fixed.
lxde-common-branding packages has been fixed to work with
new pcmafm conf files.
Special Instructions and Notes:
Please log out and log in again after installing this update.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch libfm-3495
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (i586 x86_64):
libfm-0.1.14_rc2-2.3.1
libfm-devel-0.1.14_rc2-2.3.1
libfm-gtk0-0.1.14_rc2-2.3.1
libfm0-0.1.14_rc2-2.3.1
pcmanfm-0.9.8_rc2-1.3.1
- openSUSE 11.3 (noarch):
lxde-common-0.5.0-10.3.1
lxde-common-branding-openSUSE-11.3-10.3.1
lxde-common-branding-upstream-0.5.0-10.3.1
pcmanfm-lang-0.9.8_rc2-1.3.1
References:
https://bugzilla.novell.com/647213https://bugzilla.novell.com/648882https://bugzilla.novell.com/651089
openSUSE Recommended Update: Empathy: Fixed connection issues to MSN
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0947-1
Rating: low
References: #648876
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
A bug in papyon was fixed:
- #648876: Empathy no longer connects to MSN
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch papyon-3486
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (noarch):
papyon-0.4.6-2.3.1
References:
https://bugzilla.novell.com/648876
openSUSE Recommended Update: pinentry-qt4: It appears under other windows and is grabbing alt+tab. Fixed by this update.
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0946-1
Rating: low
References: #648253
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
Pinentry-qt4 password dialog is displayed under other
windows and is grabbing alt+tab. It forces the user to use
the mouse to switch windows.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch pinentry-qt4-3499
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (i586 x86_64):
pinentry-qt4-0.8.0-8.3.1
References:
https://bugzilla.novell.com/648253
openSUSE Recommended Update: syslog-ng: Collective fixes
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0942-1
Rating: moderate
References: #568150 #617111 #637646
Affected Products:
openSUSE 11.2
openSUSE 11.1
______________________________________________________________________________
An update that has three recommended fixes can now be
installed.
Description:
- 568150: Fix to block SIGHUP while the reload is in
progress to "queue" HUP signals, so they're delivered and
handled later.
- 617111: Applied a patch to fix a 100% CPU usage when
mark_freq() is changed to 0 during a SIGHUP (reload),
that may also cause to fill up /var partition very
quickly.
- 637646: Applied a patch withe stricter parsing of the
LinkSys timestamps to avoid misinterpretation of program
names with 4 digits at the begin as timestamp year.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.2:
zypper in -t patch syslog-ng-3200
- openSUSE 11.1:
zypper in -t patch syslog-ng-3200
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.2 (i586 x86_64):
syslog-ng-2.0.9-29.3.1
- openSUSE 11.1 (i586 ppc x86_64):
syslog-ng-2.0.9-27.5.1
References:
https://bugzilla.novell.com/568150https://bugzilla.novell.com/617111https://bugzilla.novell.com/637646
openSUSE Recommended Update: syslog-ng: Fix hang on rcsyslog-ng reload
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0940-1
Rating: moderate
References: #617111
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
- #617111: Applied a patch to fix a 100% CPU usage when
mark_freq() is changed to 0 during a SIGHUP (reload),
that may also cause to fill up /var partition very
quickly.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch syslog-ng-3195
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (i586 x86_64):
syslog-ng-3.1.1-4.1.1
References:
https://bugzilla.novell.com/617111
openSUSE Security Update: moodle: security update
______________________________________________________________________________
Announcement ID: openSUSE-SU-2010:0937-1
Rating: moderate
References: #650155
Cross-References: CVE-2010-4207 CVE-2010-4208 CVE-2010-4209
Affected Products:
openSUSE 11.1
______________________________________________________________________________
An update that fixes three vulnerabilities is now
available. It includes one version update.
Description:
This update of moodle fixes:
- CVE-2010-4207: CVSS v2 Base Score: 4.3 (MEDIUM)
(AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS)
(CWE-79) Cross-site scripting vulnerability in the Flash
component infrastructure in YUI allows remote attackers
to inject arbitrary web script or HTML via
charts/assets/charts.swf.
- CVE-2010-4208: CVSS v2 Base Score: 4.3 (MEDIUM)
(AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS)
(CWE-79) Cross-site scripting vulnerability in the Flash
component infrastructure in YUI allows remote attackers
to inject arbitrary web script or HTML via
uploader/assets/uploader.swf.
- CVE-2010-4209: CVSS v2 Base Score: 4.3 (MEDIUM)
(AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS)
(CWE-79) Cross-site scripting vulnerability in the Flash
component infrastructure in YUI allows remote attackers
to inject arbitrary web script or HTML via
swfstore/swfstore.swf.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.1:
zypper in -t patch moodle-3506
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.1 (noarch) [New Version: 1.9.10]:
moodle-1.9.10-0.1.1
moodle-af-1.9.10-0.1.1
moodle-ar-1.9.10-0.1.1
moodle-be-1.9.10-0.1.1
moodle-bg-1.9.10-0.1.1
moodle-bs-1.9.10-0.1.1
moodle-ca-1.9.10-0.1.1
moodle-cs-1.9.10-0.1.1
moodle-da-1.9.10-0.1.1
moodle-de-1.9.10-0.1.1
moodle-de_du-1.9.10-0.1.1
moodle-el-1.9.10-0.1.1
moodle-es-1.9.10-0.1.1
moodle-et-1.9.10-0.1.1
moodle-eu-1.9.10-0.1.1
moodle-fa-1.9.10-0.1.1
moodle-fi-1.9.10-0.1.1
moodle-fr-1.9.10-0.1.1
moodle-ga-1.9.10-0.1.1
moodle-gl-1.9.10-0.1.1
moodle-he-1.9.10-0.1.1
moodle-hi-1.9.10-0.1.1
moodle-hr-1.9.10-0.1.1
moodle-hu-1.9.10-0.1.1
moodle-id-1.9.10-0.1.1
moodle-is-1.9.10-0.1.1
moodle-it-1.9.10-0.1.1
moodle-ja-1.9.10-0.1.1
moodle-ka-1.9.10-0.1.1
moodle-km-1.9.10-0.1.1
moodle-kn-1.9.10-0.1.1
moodle-ko-1.9.10-0.1.1
moodle-lt-1.9.10-0.1.1
moodle-lv-1.9.10-0.1.1
moodle-mi_tn-1.9.10-0.1.1
moodle-ms-1.9.10-0.1.1
moodle-nl-1.9.10-0.1.1
moodle-nn-1.9.10-0.1.1
moodle-no-1.9.10-0.1.1
moodle-pl-1.9.10-0.1.1
moodle-pt-1.9.10-0.1.1
moodle-ro-1.9.10-0.1.1
moodle-ru-1.9.10-0.1.1
moodle-sk-1.9.10-0.1.1
moodle-sl-1.9.10-0.1.1
moodle-so-1.9.10-0.1.1
moodle-sq-1.9.10-0.1.1
moodle-sr-1.9.10-0.1.1
moodle-sv-1.9.10-0.1.1
moodle-th-1.9.10-0.1.1
moodle-tl-1.9.10-0.1.1
moodle-tr-1.9.10-0.1.1
moodle-uk-1.9.10-0.1.1
moodle-vi-1.9.10-0.1.1
moodle-zh_cn-1.9.10-0.1.1
References:
http://support.novell.com/security/cve/CVE-2010-4207.htmlhttp://support.novell.com/security/cve/CVE-2010-4208.htmlhttp://support.novell.com/security/cve/CVE-2010-4209.htmlhttps://bugzilla.novell.com/650155
openSUSE Security Update: monotone security update
______________________________________________________________________________
Announcement ID: openSUSE-SU-2010:0936-1
Rating: moderate
References: #649515
Cross-References: CVE-2010-4098
Affected Products:
openSUSE 11.3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
remote attackers could crash a monotone server via an empty
argument to the 'mtn' command (CVE-2010-4098).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.3:
zypper in -t patch monotone-3505
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.3 (i586 x86_64) [New Version: 0.48.1]:
monotone-0.48.1-1.3.1
References:
http://support.novell.com/security/cve/CVE-2010-4098.htmlhttps://bugzilla.novell.com/649515
openSUSE Recommended Update: mkinitrd: Collective update
______________________________________________________________________________
Announcement ID: openSUSE-RU-2010:0935-1
Rating: moderate
References: #551967 #598063 #623776 #631464 #634053
Affected Products:
openSUSE 11.1
______________________________________________________________________________
An update that has 5 recommended fixes can now be installed.
Description:
Collective update for mkinitrd with these fixes:
- Spaces and double quotes in the kernel command line are
supported by initrd.
- Minor device numbers greater than 255 are supported.
- and some other minor issues
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.1:
zypper in -t patch mkinitrd-3408
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.1 (i586 ppc x86_64):
mkinitrd-2.4-34.6.1
References:
https://bugzilla.novell.com/551967https://bugzilla.novell.com/598063https://bugzilla.novell.com/623776https://bugzilla.novell.com/631464https://bugzilla.novell.com/634053