September 2011 - openSUSE Updates - openSUSE Mailing Lists

openSUSE-RU-2011:1012-1: mcelog: Remove debug emailtarget
by maintenance＠opensuse.org 06 Sep '11

06 Sep '11

openSUSE Recommended Update: mcelog: Remove debug emailtarget ______________________________________________________________________________ Announcement ID: openSUSE-RU-2011:1012-1 Rating: low References: #713562 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update removes a left over debugging mail target that might have sent emails to the SUSE packager of mcelog: - #713562: mcelog should NOT email trenn(a)suse.de by default Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch mcelog-5076 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (x86_64): mcelog-1.0pre3.6363f5b719e9-4.5.1 References: https://bugzilla.novell.com/713562

1 0

openSUSE-RU-2011:1011-1: AutoFS maintenance update for openSUSE 11.4
by maintenance＠opensuse.org 06 Sep '11

06 Sep '11

openSUSE Recommended Update: AutoFS maintenance update for openSUSE 11.4 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2011:1011-1 Rating: low References: #667967 #676690 #677143 #682268 #684997 #692104 #696596 #698589 #699767 #700085 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that has 10 recommended fixes can now be installed. Description: This update fixes the following issues for AutoFS: - 696596: fix null cache deadlock - 667967: fix out of order locking in readmap - 677143, 698589: add upstream fixes for the "non-expiring mounts" problem - 682268: replace GPLv3 code - 684997: init script: use misc device (/dev/autofs) by default, unless it is explicitly disabled in sysconfig Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch autofs-5072 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): autofs-5.0.5-14.19.1 References: https://bugzilla.novell.com/667967 https://bugzilla.novell.com/676690 https://bugzilla.novell.com/677143 https://bugzilla.novell.com/682268 https://bugzilla.novell.com/684997 https://bugzilla.novell.com/692104 https://bugzilla.novell.com/696596 https://bugzilla.novell.com/698589 https://bugzilla.novell.com/699767 https://bugzilla.novell.com/700085

1 0

openSUSE-SU-2011:0998-1: moderate: samba: fixing Cross-Site Request Forgery (CSRF) and Cross Site Scripting in SWAT (CVE-2011-2522, CVE-2011-2694)
by opensuse-security＠opensuse.org 05 Sep '11

05 Sep '11

openSUSE Security Update: samba: fixing Cross-Site Request Forgery (CSRF) and Cross Site Scripting in SWAT (CVE-2011-2522, CVE-2011-2694) ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0998-1 Rating: moderate References: #643119 #643787 #649526 #649636 #668773 #675978 #681913 #693945 #705170 #705241 #708503 Cross-References: CVE-2011-2522 CVE-2011-2694 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that solves two vulnerabilities and has 9 fixes is now available. Description: A Cross-Site Request Forgery (CSRF) and a Cross Site Scripting vulnerability have been fixed in samba's SWAT. CVE-2011-2522 and CVE-2011-2694 have been assigned. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch ldapsmb-4939 - openSUSE 11.3: zypper in -t patch ldapsmb-4936 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): ldapsmb-1.34b-300.5.1 libldb-devel-0.9.7-3.5.1 libldb0-0.9.7-3.5.1 libnetapi-devel-3.5.7-3.5.1 libnetapi0-3.5.7-3.5.1 libsmbclient-devel-3.5.7-3.5.1 libsmbclient0-3.5.7-3.5.1 libsmbsharemodes-devel-3.5.7-3.5.1 libsmbsharemodes0-3.5.7-3.5.1 libtalloc-devel-2.0.1-3.5.1 libtalloc2-2.0.1-3.5.1 libtdb-devel-1.2.1-3.5.1 libtdb1-1.2.1-3.5.1 libtevent-devel-0.9.8-3.5.1 libtevent0-0.9.8-3.5.1 libwbclient-devel-3.5.7-3.5.1 libwbclient0-3.5.7-3.5.1 samba-3.5.7-3.5.1 samba-client-3.5.7-3.5.1 samba-devel-3.5.7-3.5.1 samba-krb-printing-3.5.7-3.5.1 samba-winbind-3.5.7-3.5.1 - openSUSE 11.4 (x86_64): libsmbclient0-32bit-3.5.7-3.5.1 libtalloc2-32bit-2.0.1-3.5.1 libtdb1-32bit-1.2.1-3.5.1 libwbclient0-32bit-3.5.7-3.5.1 samba-32bit-3.5.7-3.5.1 samba-client-32bit-3.5.7-3.5.1 samba-winbind-32bit-3.5.7-3.5.1 - openSUSE 11.4 (noarch): samba-doc-3.5.7-3.5.1 - openSUSE 11.3 (i586 x86_64): ldapsmb-1.34b-5.11.1 libldb-devel-3.5.4-5.11.1 libldb0-3.5.4-5.11.1 libnetapi-devel-3.5.4-5.11.1 libnetapi0-3.5.4-5.11.1 libsmbclient-devel-3.5.4-5.11.1 libsmbclient0-3.5.4-5.11.1 libsmbsharemodes-devel-3.5.4-5.11.1 libsmbsharemodes0-3.5.4-5.11.1 libtalloc-devel-3.5.4-5.11.1 libtalloc2-3.5.4-5.11.1 libtdb-devel-3.5.4-5.11.1 libtdb1-3.5.4-5.11.1 libtevent-devel-3.5.4-5.11.1 libtevent0-3.5.4-5.11.1 libwbclient-devel-3.5.4-5.11.1 libwbclient0-3.5.4-5.11.1 samba-3.5.4-5.11.1 samba-client-3.5.4-5.11.1 samba-devel-3.5.4-5.11.1 samba-krb-printing-3.5.4-5.11.1 samba-winbind-3.5.4-5.11.1 - openSUSE 11.3 (x86_64): libsmbclient0-32bit-3.5.4-5.11.1 libtdb1-32bit-3.5.4-5.11.1 libwbclient0-32bit-3.5.4-5.11.1 samba-32bit-3.5.4-5.11.1 samba-client-32bit-3.5.4-5.11.1 samba-winbind-32bit-3.5.4-5.11.1 - openSUSE 11.3 (noarch): samba-doc-3.5.4-5.11.1 References: http://support.novell.com/security/cve/CVE-2011-2522.html http://support.novell.com/security/cve/CVE-2011-2694.html https://bugzilla.novell.com/643119 https://bugzilla.novell.com/643787 https://bugzilla.novell.com/649526 https://bugzilla.novell.com/649636 https://bugzilla.novell.com/668773 https://bugzilla.novell.com/675978 https://bugzilla.novell.com/681913 https://bugzilla.novell.com/693945 https://bugzilla.novell.com/705170 https://bugzilla.novell.com/705241 https://bugzilla.novell.com/708503

1 0

openSUSE-SU-2011:0994-1: important: Update SSL CA certificates
by opensuse-security＠opensuse.org 03 Sep '11

03 Sep '11

openSUSE Security Update: Update SSL CA certificates ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0994-1 Rating: important References: #714931 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes one version update. Description: This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch ca-certificates-mozilla-5084 - openSUSE 11.3: zypper in -t patch ca-certificates-mozilla-5084 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (noarch) [New Version: 1.76]: ca-certificates-mozilla-1.76-1.3.1 - openSUSE 11.3 (noarch) [New Version: 1.76]: ca-certificates-mozilla-1.76-1.3.1 References: https://bugzilla.novell.com/714931

1 0

openSUSE-SU-2011:0993-1: important: apache2: Fixed a remote denial of service via byte-ranges
by opensuse-security＠opensuse.org 02 Sep '11

02 Sep '11

openSUSE Security Update: apache2: Fixed a remote denial of service via byte-ranges ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0993-1 Rating: important References: #713966 Cross-References: CVE-2011-3192 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . (CVE-2011-3192) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch apache2-5089 - openSUSE 11.3: zypper in -t patch apache2-5089 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): apache2-2.2.17-4.7.1 apache2-devel-2.2.17-4.7.1 apache2-example-certificates-2.2.17-4.7.1 apache2-example-pages-2.2.17-4.7.1 apache2-itk-2.2.17-4.7.1 apache2-prefork-2.2.17-4.7.1 apache2-utils-2.2.17-4.7.1 apache2-worker-2.2.17-4.7.1 - openSUSE 11.4 (noarch): apache2-doc-2.2.17-4.7.1 - openSUSE 11.3 (i586 x86_64): apache2-2.2.15-4.5.1 apache2-devel-2.2.15-4.5.1 apache2-example-certificates-2.2.15-4.5.1 apache2-example-pages-2.2.15-4.5.1 apache2-itk-2.2.15-4.5.1 apache2-prefork-2.2.15-4.5.1 apache2-utils-2.2.15-4.5.1 apache2-worker-2.2.15-4.5.1 - openSUSE 11.3 (noarch): apache2-doc-2.2.15-4.5.1 References: http://support.novell.com/security/cve/CVE-2011-3192.html https://bugzilla.novell.com/713966

1 0

openSUSE-SU-2011:0988-1: moderate: tomcat6: Fix user password information leak
by opensuse-security＠opensuse.org 01 Sep '11

01 Sep '11

openSUSE Security Update: tomcat6: Fix user password information leak ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0988-1 Rating: moderate References: #702289 #706382 #706404 Cross-References: CVE-2011-2204 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: The following security issues were fixed in tomcat: - Fixed a tomcat user password information leak (CVE-2011-2204) - Fixed atomcat information leak and DoS (CVE-2011-2526) Also one bug was fixed: - fix bnc#702289 - suse manager pam ldap authentication fails * source CATALINA_HOME/bin/setenv.sh if exists Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch tomcat6-5002 - openSUSE 11.3: zypper in -t patch tomcat6-5002 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (noarch): tomcat6-6.0.32-7.8.1 tomcat6-admin-webapps-6.0.32-7.8.1 tomcat6-docs-webapp-6.0.32-7.8.1 tomcat6-el-1_0-api-6.0.32-7.8.1 tomcat6-javadoc-6.0.32-7.8.1 tomcat6-jsp-2_1-api-6.0.32-7.8.1 tomcat6-lib-6.0.32-7.8.1 tomcat6-servlet-2_5-api-6.0.32-7.8.1 tomcat6-webapps-6.0.32-7.8.1 - openSUSE 11.3 (noarch): tomcat6-6.0.24-5.12.1 tomcat6-admin-webapps-6.0.24-5.12.1 tomcat6-docs-webapp-6.0.24-5.12.1 tomcat6-el-1_0-api-6.0.24-5.12.1 tomcat6-javadoc-6.0.24-5.12.1 tomcat6-jsp-2_1-api-6.0.24-5.12.1 tomcat6-lib-6.0.24-5.12.1 tomcat6-servlet-2_5-api-6.0.24-5.12.1 tomcat6-webapps-6.0.24-5.12.1 References: http://support.novell.com/security/cve/CVE-2011-2204.html https://bugzilla.novell.com/702289 https://bugzilla.novell.com/706382 https://bugzilla.novell.com/706404

1 0

openSUSE-SU-2011:0985-1: moderate: ncpfs: Fixed mtab truncation issues due to RLIMIT_FSIZE
by opensuse-security＠opensuse.org 01 Sep '11

01 Sep '11

openSUSE Security Update: ncpfs: Fixed mtab truncation issues due to RLIMIT_FSIZE ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0985-1 Rating: moderate References: #686554 Cross-References: CVE-2011-1089 CVE-2011-1679 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Following issues are fixed by this update: The ncpfs mount and umount programs were affected by the /etc/mtab truncation problems on RLIMIT_FSIZE. (CVE-2011-1679) Also on errors, the mtab lock was not removed, blocking other applications from modifying /etc/mtab. (CVE-2011-1680) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch ncpfs-5051 - openSUSE 11.3: zypper in -t patch ncpfs-5051 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): ncpfs-2.2.6-169.170.1 ncpfs-devel-2.2.6-169.170.1 - openSUSE 11.4 (x86_64): ncpfs-32bit-2.2.6-169.170.1 - openSUSE 11.3 (i586 x86_64): ncpfs-2.2.6-166.3.1 ncpfs-devel-2.2.6-166.3.1 - openSUSE 11.3 (x86_64): ncpfs-32bit-2.2.6-166.3.1 References: http://support.novell.com/security/cve/CVE-2011-1089.html http://support.novell.com/security/cve/CVE-2011-1679.html https://bugzilla.novell.com/686554

1 0