openSUSE Recommended Update: timezone: Update to 2011m
______________________________________________________________________________
Announcement ID: openSUSE-RU-2011:1191-1
Rating: important
References: #726162
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes one version update.
Description:
This update provides 2011m which provides the following
important changes:
* All Ukrainian timezones are going back to winter time on
Oct 30th, 2011
* Adding Tiraspol to the zone.tab
* America/Bahia switched to DST on Oct 16th, 2011
* West Bank ended DST 2011-09-30 already
* Fiji enters DST on October 23th 2011
* Palestine suspends DST during Ramadan in 2011; Gaza and
Hebron split in 2011, leading to a new Asia/Hebron zone
(thanks to Steffen Thorsen and Alexander Krivenshev).
* Belarus adopts permanent DST in 2011 (thanks to Yauhen
Kharuzhy, Alexander Bokovoy, Alexander Krivenyshev, and
Kirill A. Shutemov).
* "Russia" rules changed to reflect end of use in 2010.
* "FET" used as abbreviation for Belarus, Ukraine, and
western Russia
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch timezone-2011m-5325
- openSUSE 11.3:
zypper in -t patch timezone-2011m-5325
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 2011m]:
timezone-2011m-0.2.1
- openSUSE 11.4 (noarch) [New Version: 2011m]:
timezone-java-2011m-0.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 2011m]:
timezone-2011m-0.2.1
- openSUSE 11.3 (noarch) [New Version: 2011m]:
timezone-java-2011m-0.2.1
References:
https://bugzilla.novell.com/726162
openSUSE Security Update: puppet (CVE-2011-3848)
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1190-1
Rating: moderate
References: #721139
Cross-References: CVE-2011-3848
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
A directory traversal vulnerability in puppet allowed
unauthenticated remote attackers to upload x.509
certificate signing requests to arbitrary locations
(CVE-2011-3848)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch puppet-5243
- openSUSE 11.3:
zypper in -t patch puppet-5243
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
puppet-2.6.4-4.7.1
puppet-server-2.6.4-4.7.1
- openSUSE 11.3 (i586 x86_64):
puppet-0.25.4-4.3.1
puppet-server-0.25.4-4.3.1
References:
http://support.novell.com/security/cve/CVE-2011-3848.htmlhttps://bugzilla.novell.com/721139
openSUSE Recommended Update: kdebase4: fix create new directory in subdirectory
______________________________________________________________________________
Announcement ID: openSUSE-RU-2011:1182-1
Rating: low
References: #677973
Affected Products:
openSUSE 11.4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a bug in Dolphin where it was unable to
create new directory in subdirectory from context menu.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch dolphin-5302
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
dolphin-4.6.0-6.10.1
kdebase4-4.6.0-6.10.1
kdebase4-libkonq-4.6.0-6.10.1
kdebase4-nsplugin-4.6.0-6.10.1
kdepasswd-4.6.0-6.10.1
kdialog-4.6.0-6.10.1
keditbookmarks-4.6.0-6.10.1
kfind-4.6.0-6.10.1
konqueror-4.6.0-6.10.1
konsole-4.6.0-6.10.1
kwrite-4.6.0-6.10.1
libkonq-devel-4.6.0-6.10.1
libkonq5-4.6.0-6.10.1
- openSUSE 11.4 (x86_64):
libkonq5-32bit-4.6.0-6.10.1
References:
https://bugzilla.novell.com/677973
openSUSE Recommended Update: ddclient: Make sure all necessary dependencies are installed with the package
______________________________________________________________________________
Announcement ID: openSUSE-RU-2011:1181-1
Rating: low
References: #267306 #723688
Affected Products:
openSUSE 11.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This patch fixes two problems in ddclient:
- #723688: not all necessary dependencies are installed
with the package
- #267306: /etc/init.d/ddclient can't see ddclient running
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch ddclient-5300
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
ddclient-3.8.0-13.14.1
References:
https://bugzilla.novell.com/267306https://bugzilla.novell.com/723688
openSUSE Security Update: clamav: fixing recursion level crash (CVE-2011-3627)
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1177-1
Rating: moderate
References: #724856
Cross-References: CVE-2011-3627
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
This version update of clamav fixes a recursion level
crash. CVE-2011-3627 was assigned to this issue.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch clamav-5308
- openSUSE 11.3:
zypper in -t patch clamav-5308
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 0.97.3]:
clamav-0.97.3-0.2.1
- openSUSE 11.4 (noarch) [New Version: 0.97.3]:
clamav-db-0.97.3-0.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 0.97.3]:
clamav-0.97.3-0.2.1
- openSUSE 11.3 (noarch) [New Version: 0.97.3]:
clamav-db-0.97.3-0.2.1
References:
http://support.novell.com/security/cve/CVE-2011-3627.htmlhttps://bugzilla.novell.com/724856
openSUSE Security Update: etherape: Update to 0.9.12 to fix a remote crash
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1176-1
Rating: moderate
References: #719086
Cross-References: CVE-2011-3369
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
Etherape was updated to 0.9.12 to fix a security issue
(CVE-2011-3369) and various bugs.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch etherape-5318
- openSUSE 11.3:
zypper in -t patch etherape-5318
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
etherape-0.9.12-2.3.1
- openSUSE 11.3 (i586 x86_64) [New Version: 0.9.12]:
etherape-0.9.12-2.3.1
References:
http://support.novell.com/security/cve/CVE-2011-3369.htmlhttps://bugzilla.novell.com/719086
openSUSE Security Update: fail2ban
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1175-1
Rating: moderate
References: #690853
Cross-References: CVE-2009-5023
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
fail2ban IP used insecure temporary files when unbanning an
IP address (CVE-2009-5023).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch fail2ban-5301
- openSUSE 11.3:
zypper in -t patch fail2ban-5301
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (noarch):
fail2ban-0.8.4-11.12.1
- openSUSE 11.3 (noarch):
fail2ban-0.8.4-5.3.1
References:
http://support.novell.com/security/cve/CVE-2009-5023.htmlhttps://bugzilla.novell.com/690853
openSUSE Security Update: opera: Release 11.52 to fix memory corruption via SVG content
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1172-1
Rating: important
References: #724754
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes one version update.
Description:
This update of Opera fixes a memory flaw in the code that
processes SVG content which could be exploited by attackers
to execute arbitrary code through specially crafted
websites.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch opera-5314
- openSUSE 11.3:
zypper in -t patch opera-5314
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 11.52]:
opera-11.52-0.2.1
opera-gtk-11.52-0.2.1
opera-kde4-11.52-0.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 11.52]:
opera-11.52-0.2.1
opera-gtk-11.52-0.2.1
opera-kde4-11.52-0.2.1
References:
https://bugzilla.novell.com/724754
openSUSE Security Update: Fix a Cyrus IMAPd nntpd authentication bypass and a DoS (CVE-2011-3372, CVE-2011-3481)
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1170-1
Rating: moderate
References: #719998
Cross-References: CVE-2011-3372 CVE-2011-3481
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
An authentication bypass (CVE-2011-3372) and a DoS
vulnerability (CVE-2011-3481) have been fixed in the Cyrus
IMAPd nntpd.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch cyrus-imapd-5240
- openSUSE 11.3:
zypper in -t patch cyrus-imapd-5240
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
cyrus-imapd-2.3.16-16.21.1
cyrus-imapd-devel-2.3.16-16.21.1
perl-Cyrus-IMAP-2.3.16-16.21.1
perl-Cyrus-SIEVE-managesieve-2.3.16-16.21.1
- openSUSE 11.3 (i586 x86_64):
cyrus-imapd-2.3.16-8.9.1
cyrus-imapd-devel-2.3.16-8.9.1
perl-Cyrus-IMAP-2.3.16-8.9.1
perl-Cyrus-SIEVE-managesieve-2.3.16-8.9.1
References:
http://support.novell.com/security/cve/CVE-2011-3372.htmlhttp://support.novell.com/security/cve/CVE-2011-3481.htmlhttps://bugzilla.novell.com/719998