openSUSE Updates November 2010

updates@lists.opensuse.org

2 participants
41 discussions

openSUSE-RU-2010:0949-1 (low): coreutils: The "-V" option of sort doesn't work. Fixed by this update.

by maintenance＠opensuse.org

openSUSE Recommended Update: coreutils: The "-V" option of sort doesn't work. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0949-1 Rating: low References: #616745 #626517 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: The "-V" (treat as version numbers) option doesn't show any effect. This was caused by the i18n patch for coreutils not being updated for this new option. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch coreutils-3496 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): coreutils-7.1-11.1.1 - openSUSE 11.3 (noarch): coreutils-lang-7.1-11.1.1 References: https://bugzilla.novell.com/616745 https://bugzilla.novell.com/626517

10 years, 10 months

openSUSE-RU-2010:0948-1 (moderate): pcmanfm: Upgrade to version 0.9.8

by maintenance＠opensuse.org

openSUSE Recommended Update: pcmanfm: Upgrade to version 0.9.8 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0948-1 Rating: moderate References: #647213 #648882 #651089 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: pcmanfm has been updated to version 0.9.8 together with its main library libfm (updated to version 0.1.14). Also a pcmanfm critical bug on x86_64 systems has been fixed. lxde-common-branding packages has been fixed to work with new pcmafm conf files. Special Instructions and Notes: Please log out and log in again after installing this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch libfm-3495 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): libfm-0.1.14_rc2-2.3.1 libfm-devel-0.1.14_rc2-2.3.1 libfm-gtk0-0.1.14_rc2-2.3.1 libfm0-0.1.14_rc2-2.3.1 pcmanfm-0.9.8_rc2-1.3.1 - openSUSE 11.3 (noarch): lxde-common-0.5.0-10.3.1 lxde-common-branding-openSUSE-11.3-10.3.1 lxde-common-branding-upstream-0.5.0-10.3.1 pcmanfm-lang-0.9.8_rc2-1.3.1 References: https://bugzilla.novell.com/647213 https://bugzilla.novell.com/648882 https://bugzilla.novell.com/651089

10 years, 10 months

openSUSE-RU-2010:0947-1 (low): Empathy: Fixed connection issues to MSN

by maintenance＠opensuse.org

openSUSE Recommended Update: Empathy: Fixed connection issues to MSN ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0947-1 Rating: low References: #648876 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: A bug in papyon was fixed: - #648876: Empathy no longer connects to MSN Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch papyon-3486 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (noarch): papyon-0.4.6-2.3.1 References: https://bugzilla.novell.com/648876

10 years, 10 months

openSUSE-RU-2010:0946-1 (low): pinentry-qt4: It appears under other windows and is grabbing alt+tab. Fixed by this update.

by maintenance＠opensuse.org

openSUSE Recommended Update: pinentry-qt4: It appears under other windows and is grabbing alt+tab. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0946-1 Rating: low References: #648253 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Pinentry-qt4 password dialog is displayed under other windows and is grabbing alt+tab. It forces the user to use the mouse to switch windows. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch pinentry-qt4-3499 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): pinentry-qt4-0.8.0-8.3.1 References: https://bugzilla.novell.com/648253

10 years, 10 months

openSUSE-RU-2010:0942-1 (moderate): syslog-ng: Collective fixes

by maintenance＠opensuse.org

openSUSE Recommended Update: syslog-ng: Collective fixes ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0942-1 Rating: moderate References: #568150 #617111 #637646 Affected Products: openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: - 568150: Fix to block SIGHUP while the reload is in progress to "queue" HUP signals, so they're delivered and handled later. - 617111: Applied a patch to fix a 100% CPU usage when mark_freq() is changed to 0 during a SIGHUP (reload), that may also cause to fill up /var partition very quickly. - 637646: Applied a patch withe stricter parsing of the LinkSys timestamps to avoid misinterpretation of program names with 4 digits at the begin as timestamp year. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch syslog-ng-3200 - openSUSE 11.1: zypper in -t patch syslog-ng-3200 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 x86_64): syslog-ng-2.0.9-29.3.1 - openSUSE 11.1 (i586 ppc x86_64): syslog-ng-2.0.9-27.5.1 References: https://bugzilla.novell.com/568150 https://bugzilla.novell.com/617111 https://bugzilla.novell.com/637646

10 years, 10 months

openSUSE-RU-2010:0940-1 (moderate): syslog-ng: Fix hang on rcsyslog-ng reload

by maintenance＠opensuse.org

openSUSE Recommended Update: syslog-ng: Fix hang on rcsyslog-ng reload ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0940-1 Rating: moderate References: #617111 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: - #617111: Applied a patch to fix a 100% CPU usage when mark_freq() is changed to 0 during a SIGHUP (reload), that may also cause to fill up /var partition very quickly. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch syslog-ng-3195 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64): syslog-ng-3.1.1-4.1.1 References: https://bugzilla.novell.com/617111

10 years, 10 months

openSUSE-SU-2010:0937-1 (moderate): moodle: security update

by opensuse-security＠opensuse.org

openSUSE Security Update: moodle: security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0937-1 Rating: moderate References: #650155 Cross-References: CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: This update of moodle fixes: - CVE-2010-4207: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via charts/assets/charts.swf. - CVE-2010-4208: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via uploader/assets/uploader.swf. - CVE-2010-4209: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via swfstore/swfstore.swf. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch moodle-3506 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (noarch) [New Version: 1.9.10]: moodle-1.9.10-0.1.1 moodle-af-1.9.10-0.1.1 moodle-ar-1.9.10-0.1.1 moodle-be-1.9.10-0.1.1 moodle-bg-1.9.10-0.1.1 moodle-bs-1.9.10-0.1.1 moodle-ca-1.9.10-0.1.1 moodle-cs-1.9.10-0.1.1 moodle-da-1.9.10-0.1.1 moodle-de-1.9.10-0.1.1 moodle-de_du-1.9.10-0.1.1 moodle-el-1.9.10-0.1.1 moodle-es-1.9.10-0.1.1 moodle-et-1.9.10-0.1.1 moodle-eu-1.9.10-0.1.1 moodle-fa-1.9.10-0.1.1 moodle-fi-1.9.10-0.1.1 moodle-fr-1.9.10-0.1.1 moodle-ga-1.9.10-0.1.1 moodle-gl-1.9.10-0.1.1 moodle-he-1.9.10-0.1.1 moodle-hi-1.9.10-0.1.1 moodle-hr-1.9.10-0.1.1 moodle-hu-1.9.10-0.1.1 moodle-id-1.9.10-0.1.1 moodle-is-1.9.10-0.1.1 moodle-it-1.9.10-0.1.1 moodle-ja-1.9.10-0.1.1 moodle-ka-1.9.10-0.1.1 moodle-km-1.9.10-0.1.1 moodle-kn-1.9.10-0.1.1 moodle-ko-1.9.10-0.1.1 moodle-lt-1.9.10-0.1.1 moodle-lv-1.9.10-0.1.1 moodle-mi_tn-1.9.10-0.1.1 moodle-ms-1.9.10-0.1.1 moodle-nl-1.9.10-0.1.1 moodle-nn-1.9.10-0.1.1 moodle-no-1.9.10-0.1.1 moodle-pl-1.9.10-0.1.1 moodle-pt-1.9.10-0.1.1 moodle-ro-1.9.10-0.1.1 moodle-ru-1.9.10-0.1.1 moodle-sk-1.9.10-0.1.1 moodle-sl-1.9.10-0.1.1 moodle-so-1.9.10-0.1.1 moodle-sq-1.9.10-0.1.1 moodle-sr-1.9.10-0.1.1 moodle-sv-1.9.10-0.1.1 moodle-th-1.9.10-0.1.1 moodle-tl-1.9.10-0.1.1 moodle-tr-1.9.10-0.1.1 moodle-uk-1.9.10-0.1.1 moodle-vi-1.9.10-0.1.1 moodle-zh_cn-1.9.10-0.1.1 References: http://support.novell.com/security/cve/CVE-2010-4207.html http://support.novell.com/security/cve/CVE-2010-4208.html http://support.novell.com/security/cve/CVE-2010-4209.html https://bugzilla.novell.com/650155

10 years, 10 months

openSUSE-SU-2010:0936-1 (moderate): monotone security update

by opensuse-security＠opensuse.org

openSUSE Security Update: monotone security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0936-1 Rating: moderate References: #649515 Cross-References: CVE-2010-4098 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: remote attackers could crash a monotone server via an empty argument to the 'mtn' command (CVE-2010-4098). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch monotone-3505 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 0.48.1]: monotone-0.48.1-1.3.1 References: http://support.novell.com/security/cve/CVE-2010-4098.html https://bugzilla.novell.com/649515

10 years, 10 months

openSUSE-RU-2010:0935-1 (moderate): mkinitrd: Collective update

by maintenance＠opensuse.org

openSUSE Recommended Update: mkinitrd: Collective update ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0935-1 Rating: moderate References: #551967 #598063 #623776 #631464 #634053 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: Collective update for mkinitrd with these fixes: - Spaces and double quotes in the kernel command line are supported by initrd. - Minor device numbers greater than 255 are supported. - and some other minor issues Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch mkinitrd-3408 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc x86_64): mkinitrd-2.4-34.6.1 References: https://bugzilla.novell.com/551967 https://bugzilla.novell.com/598063 https://bugzilla.novell.com/623776 https://bugzilla.novell.com/631464 https://bugzilla.novell.com/634053

10 years, 10 months

openSUSE-SU-2010:0933-1 (critical): SLE11 SP1

by opensuse-security＠opensuse.org

openSUSE Security Update: SLE11 SP1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0933-1 Rating: critical References: #564324 #573330 #603738 #609196 #612729 #623307 #624850 #629901 #629908 #638860 #639261 #640278 #643249 #644219 #644350 #644373 #646045 #647392 #647497 #647775 #648308 #649231 #649257 #649820 #650109 #650111 #650113 #650116 #650128 Affected Products: SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs. Following security bugs were fixed: CVE-2010-3865: A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kernel privileges. CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain privileges. Please note that the net/rds socket protocol module only lives in the -extra kernel package, which is not installed by default on the SUSE Linux Enterprise Server 11. CVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain privileges on x86_64 systems. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-2.6.32.24-0.2.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-2.6.32.24-0.2.1 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-2.6.32.24-0.2.1 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-2.6.32.24-0.2.1 References: https://bugzilla.novell.com/564324 https://bugzilla.novell.com/573330 https://bugzilla.novell.com/603738 https://bugzilla.novell.com/609196 https://bugzilla.novell.com/612729 https://bugzilla.novell.com/623307 https://bugzilla.novell.com/624850 https://bugzilla.novell.com/629901 https://bugzilla.novell.com/629908 https://bugzilla.novell.com/638860 https://bugzilla.novell.com/639261 https://bugzilla.novell.com/640278 https://bugzilla.novell.com/643249 https://bugzilla.novell.com/644219 https://bugzilla.novell.com/644350 https://bugzilla.novell.com/644373 https://bugzilla.novell.com/646045 https://bugzilla.novell.com/647392 https://bugzilla.novell.com/647497 https://bugzilla.novell.com/647775 https://bugzilla.novell.com/648308 https://bugzilla.novell.com/649231 https://bugzilla.novell.com/649257 https://bugzilla.novell.com/649820 https://bugzilla.novell.com/650109 https://bugzilla.novell.com/650111 https://bugzilla.novell.com/650113 https://bugzilla.novell.com/650116 https://bugzilla.novell.com/650128

10 years, 10 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

openSUSE Updates November 2010