April 2010 - openSUSE Updates - openSUSE Mailing Lists

openSUSE-RU-2010:0143-1 (low): xpdf-poppler: xpdf crashes if user is opening a nonexistent file. This bug is fixed by this update.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: xpdf-poppler: xpdf crashes if user is opening a nonexistent file. This bug is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0143-1 Rating: low References: #573792 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/573792

1 0

openSUSE-SU-2010:0141-1 (moderate): xpdf security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: xpdf security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0141-1 Rating: moderate References: #534764 #539875 #543410 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/534764 https://bugzilla.novell.com/539875 https://bugzilla.novell.com/543410

1 0

openSUSE-SU-2010:0138-1 (moderate): mutt: improved SSL certificate handling
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: mutt: improved SSL certificate handling ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0138-1 Rating: moderate References: #537141 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/537141

1 0

openSUSE-SU-2010:0134-1 (moderate): mysql security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: mysql security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0134-1 Rating: moderate References: #480140 #497546 #520608 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/480140 https://bugzilla.novell.com/497546 https://bugzilla.novell.com/520608

1 0

openSUSE-SU-2010:0130-1 (moderate): acroread: security update to version 9.3.1
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: acroread: security update to version 9.3.1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0130-1 Rating: moderate References: #580470 Cross-References: CVE-2010-0186 CVE-2010-0188 Affected Products: ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Package List: References: http://support.novell.com/security/cve/CVE-2010-0186.html http://support.novell.com/security/cve/CVE-2010-0188.html https://bugzilla.novell.com/580470

1 0

openSUSE-SU-2010:0128-1 (moderate): ldns/unbound: heap-based remote buffer overflow
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: ldns/unbound: heap-based remote buffer overflow ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0128-1 Rating: moderate References: #488631 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/488631

1 0

openSUSE-SU-2010:0124-1 (important): ghostscript security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: ghostscript security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0124-1 Rating: important References: #489622 #491897 #492765 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/489622 https://bugzilla.novell.com/491897 https://bugzilla.novell.com/492765

1 0

openSUSE-SU-test-2010:32216-1 (low): krb5 security update
by opensuse-security＠opensuse.org 15 Apr '10

15 Apr '10

openSUSE Security Update: krb5 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-test-2010:32216-1 Rating: low References: #591049 Cross-References: CVE-2010-0629 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Authenticated users could crash the kadmind process by referencing freed memory (CVE-2010-0629). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch krb5-2267 - openSUSE 11.0: zypper in -t patch krb5-2267 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): krb5-1.6.3-132.7.1 - openSUSE 11.1 (i586 ppc x86_64): krb5-apps-clients-1.6.3-132.7.1 krb5-apps-servers-1.6.3-132.7.1 krb5-client-1.6.3-132.7.1 krb5-devel-1.6.3-132.7.1 krb5-server-1.6.3-132.7.1 - openSUSE 11.1 (x86_64): krb5-32bit-1.6.3-132.7.1 krb5-devel-32bit-1.6.3-132.7.1 - openSUSE 11.1 (ppc): krb5-64bit-1.6.3-132.7.1 krb5-devel-64bit-1.6.3-132.7.1 - openSUSE 11.0 (i586 ppc src x86_64): krb5-1.6.3-50.9 - openSUSE 11.0 (i586 ppc x86_64): krb5-apps-clients-1.6.3-50.9 krb5-apps-servers-1.6.3-50.9 krb5-client-1.6.3-50.9 krb5-devel-1.6.3-50.9 krb5-server-1.6.3-50.9 - openSUSE 11.0 (x86_64): krb5-32bit-1.6.3-50.9 krb5-devel-32bit-1.6.3-50.9 - openSUSE 11.0 (ppc): krb5-64bit-1.6.3-50.9 krb5-devel-64bit-1.6.3-50.9 References: http://support.novell.com/security/cve/CVE-2010-0629.html https://bugzilla.novell.com/591049

1 0

openSUSE-RU-2010:0119-1 (low): xemacs: Fails to load customization files after latest online update. Fixed by this update.
by maintenance＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Recommended Update: xemacs: Fails to load customization files after latest online update. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0119-1 Rating: low References: #590429 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: Fails to load customization files after latest online update. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch xemacs-2251 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 21.5.29.b604d235f028]: xemacs-21.5.29.b604d235f028-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 21.5.29.b604d235f028]: xemacs-el-21.5.29.b604d235f028-1.1.1 xemacs-info-21.5.29.b604d235f028-1.1.1 References: https://bugzilla.novell.com/590429

1 0

openSUSE-SU-2010:0115-1 (low): gimp: fix for integer overflow vulnerability
by opensuse-security＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Security Update: gimp: fix for integer overflow vulnerability ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0115-1 Rating: low References: #555144 #555166 Cross-References: CVE-2009-1570 CVE-2009-3909 Affected Products: openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: Integer overflows in the BMP and PSD plug-ins potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files (CVE-2009-1570, CVE-2009-3909). Gimp was updated to to version 2.6.8 which fixes those issues. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch gimp-2160 - openSUSE 11.1: zypper in -t patch gimp-2151 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 2.6.8]: gimp-2.6.8-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 2.6.8]: gimp-branding-upstream-2.6.8-1.1.1 gimp-devel-2.6.8-1.1.1 gimp-help-browser-2.6.8-1.1.1 gimp-plugins-python-2.6.8-1.1.1 - openSUSE 11.2 (noarch) [New Version: 2.6.8]: gimp-lang-2.6.8-1.1.1 - openSUSE 11.1 (i586 ppc src x86_64): gimp-2.6.2-2.19.1 - openSUSE 11.1 (i586 ppc x86_64): gimp-branding-upstream-2.6.2-2.19.1 gimp-devel-2.6.2-2.19.1 gimp-doc-2.6.2-2.19.1 gimp-lang-2.6.2-2.19.1 gimp-plugins-python-2.6.2-2.19.1 References: http://support.novell.com/security/cve/CVE-2009-1570.html http://support.novell.com/security/cve/CVE-2009-3909.html https://bugzilla.novell.com/555144 https://bugzilla.novell.com/555166

1 0