openSUSE Recommended Update: Recommended update for docker
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0654-1
Rating: important
References: #1016992 #1020806
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for docker fixes the following issues:
- fix "Unknown runtime specified oci" errors with containers using an old
runtime option boo#1020806 boo#1016992
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-321=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-321=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (noarch):
docker-bash-completion-1.12.6-28.2
docker-zsh-completion-1.12.6-28.2
- openSUSE Leap 42.2 (x86_64):
docker-1.12.6-28.2
docker-debuginfo-1.12.6-28.2
docker-debugsource-1.12.6-28.2
docker-test-1.12.6-28.2
docker-test-debuginfo-1.12.6-28.2
- openSUSE Leap 42.1 (x86_64):
docker-1.12.6-30.2
docker-debuginfo-1.12.6-30.2
docker-debugsource-1.12.6-30.2
docker-test-1.12.6-30.2
docker-test-debuginfo-1.12.6-30.2
- openSUSE Leap 42.1 (noarch):
docker-bash-completion-1.12.6-30.2
docker-zsh-completion-1.12.6-30.2
References:
https://bugzilla.suse.com/1016992https://bugzilla.suse.com/1020806
openSUSE Recommended Update: Recommended update for spectacle
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0653-1
Rating: moderate
References: #1026635
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for spectacle fixes the following issues:
- use the desktop's native file dialog for the Save As option instead of
the generic Qt dialog (boo#1026635)
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-324=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (x86_64):
spectacle-16.08.2-3.1
spectacle-debuginfo-16.08.2-3.1
spectacle-debugsource-16.08.2-3.1
spectacle-doc-16.08.2-3.1
References:
https://bugzilla.suse.com/1026635
openSUSE Recommended Update: Recommended update for thunar
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0652-1
Rating: important
References: #1011518 #1012237
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for thunar fixes the following issues:
- crash for on cut/pasting of multiple files (boo#1012237)
- crash when renaming files (boo #1011518)
- history deleted after view change
- crashes when reloading target file after move
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-323=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-323=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (noarch):
thunar-lang-1.6.10-6.1
- openSUSE Leap 42.2 (x86_64):
libthunarx-2-0-1.6.10-6.1
libthunarx-2-0-debuginfo-1.6.10-6.1
thunar-1.6.10-6.1
thunar-debuginfo-1.6.10-6.1
thunar-debugsource-1.6.10-6.1
thunar-devel-1.6.10-6.1
- openSUSE Leap 42.1 (i586 x86_64):
libthunarx-2-0-1.6.10-7.1
libthunarx-2-0-debuginfo-1.6.10-7.1
thunar-1.6.10-7.1
thunar-debuginfo-1.6.10-7.1
thunar-debugsource-1.6.10-7.1
thunar-devel-1.6.10-7.1
- openSUSE Leap 42.1 (noarch):
thunar-lang-1.6.10-7.1
References:
https://bugzilla.suse.com/1011518https://bugzilla.suse.com/1012237
openSUSE Recommended Update: Recommended update for timezone
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0650-1
Rating: low
References: #1024676 #1024677
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update provides the latest timezone information (2017a) for your
system, including the following changes:
- Mongolia no longer observes DST. (bsc#1024676)
- Chile's Region of Magallanes moves from -04/-03 to -03 year-round
starting 2017-05-13 23:00. Split from America/Santiago creating a new
zone America/Punta_Arenas. Also affects Antarctica/Palmer. (bsc#1024677)
- Fixes to historical time stamps: Spain, Ecuador, Atyrau, Oral.
- Switch to numeric, or commonly used time zone abbreviations.
- zic(8) no longer mishandles some transitions in January 2038.
- date and strftime now cause %z to generate "-0000" instead of "+0000"
when the UT offset is zero and the time zone abbreviation begins with
"-".
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-320=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-320=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
timezone-2017a-37.1
timezone-debuginfo-2017a-37.1
timezone-debugsource-2017a-37.1
- openSUSE Leap 42.2 (noarch):
timezone-java-2017a-0.37.1
- openSUSE Leap 42.1 (i586 x86_64):
timezone-2017a-37.1
timezone-debuginfo-2017a-37.1
timezone-debugsource-2017a-37.1
- openSUSE Leap 42.1 (noarch):
timezone-java-2017a-0.37.1
References:
https://bugzilla.suse.com/1024676https://bugzilla.suse.com/1024677
openSUSE Security Update: Security update for sane-backends
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:0649-1
Rating: moderate
References: #1027197
Cross-References: CVE-2017-6318
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for sane-backends fixes the following issues:
- saned could have leaked uninitialized memory back to its requesters for
some
opcodes, allowing for information disclosure of saned memory
(CVE-2017-6318, bsc#1027197).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-318=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
sane-backends-1.0.24-5.1
sane-backends-autoconfig-1.0.24-5.1
sane-backends-debuginfo-1.0.24-5.1
sane-backends-debugsource-1.0.24-5.1
sane-backends-devel-1.0.24-5.1
- openSUSE Leap 42.1 (x86_64):
sane-backends-32bit-1.0.24-5.1
sane-backends-debuginfo-32bit-1.0.24-5.1
References:
https://www.suse.com/security/cve/CVE-2017-6318.htmlhttps://bugzilla.suse.com/1027197
openSUSE Security Update: Security update for potrace
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:0648-1
Rating: moderate
References: #1005026
Cross-References: CVE-2016-8685 CVE-2016-8686
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for potrace to version 1.14 fixes the following issues:
Security issues fixed:
- CVE-2016-8685, CVE-2016-8686: Bugs triggered by malformed BMP files have
been fixed (boo#1005026).
Bugfixes:
- Error reporting has been improved.
- The image size is now truncated when the bitmap data ends prematurely.
- It is now possible to use negative dy in bitmap data.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-319=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-319=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
libpotrace0-1.14-8.1
libpotrace0-debuginfo-1.14-8.1
potrace-1.14-8.1
potrace-debuginfo-1.14-8.1
potrace-debugsource-1.14-8.1
potrace-devel-1.14-8.1
- openSUSE Leap 42.1 (i586 x86_64):
libpotrace0-1.14-8.1
libpotrace0-debuginfo-1.14-8.1
potrace-1.14-8.1
potrace-debuginfo-1.14-8.1
potrace-debugsource-1.14-8.1
potrace-devel-1.14-8.1
References:
https://www.suse.com/security/cve/CVE-2016-8685.htmlhttps://www.suse.com/security/cve/CVE-2016-8686.htmlhttps://bugzilla.suse.com/1005026
openSUSE Recommended Update: Recommended update for opera
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0628-1
Rating: moderate
References: #1028011
Affected Products:
openSUSE Leap 42.2:NonFree
openSUSE Leap 42.1:NonFree
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for Opera fixes the following issues:
- Update Opera to 43.0.2442.1144, full changelog at
https://www.opera.com/blogs/desktop/changelog-for-43/#b2442.1144
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:NonFree:
zypper in -t patch openSUSE-2017-317=1
- openSUSE Leap 42.1:NonFree:
zypper in -t patch openSUSE-2017-317=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2:NonFree (x86_64):
opera-43.0.2442.1144-27.1
- openSUSE Leap 42.1:NonFree (x86_64):
opera-43.0.2442.1144-64.1
References:
https://bugzilla.suse.com/1028011
openSUSE Security Update: Security update for munin
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:0621-1
Rating: important
References: #1026539
Cross-References: CVE-2017-6188
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for munin fixes the following issues:
- An attacker has been able to write arbitrary local files with the
permissions of the web server, by using parameter injection
(boo#1026539, CVE-2017-6188)
- The MySQL plugin has been fixed to work correctly against MySQL 5.5 on
Leap 42.1
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-310=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-310=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (noarch):
munin-2.0.25-9.1
munin-node-2.0.25-9.1
- openSUSE Leap 42.1 (noarch):
munin-2.0.25-7.1
munin-node-2.0.25-7.1
References:
https://www.suse.com/security/cve/CVE-2017-6188.htmlhttps://bugzilla.suse.com/1026539
openSUSE Security Update: Security update for bind
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:0620-1
Rating: moderate
References: #1024130
Cross-References: CVE-2017-3135
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for bind fixes the following issues:
- Fixed a possible denial of service vulnerability (affected only
configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-314=1
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2017-314=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
bind-9.9.9P1-46.1
bind-chrootenv-9.9.9P1-46.1
bind-debuginfo-9.9.9P1-46.1
bind-debugsource-9.9.9P1-46.1
bind-devel-9.9.9P1-46.1
bind-libs-9.9.9P1-46.1
bind-libs-debuginfo-9.9.9P1-46.1
bind-lwresd-9.9.9P1-46.1
bind-lwresd-debuginfo-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
bind-utils-debuginfo-9.9.9P1-46.1
- openSUSE Leap 42.2 (noarch):
bind-doc-9.9.9P1-46.1
- openSUSE Leap 42.2 (x86_64):
bind-libs-32bit-9.9.9P1-46.1
bind-libs-debuginfo-32bit-9.9.9P1-46.1
- openSUSE Leap 42.1 (i586 x86_64):
bind-9.9.9P1-48.1
bind-chrootenv-9.9.9P1-48.1
bind-debuginfo-9.9.9P1-48.1
bind-debugsource-9.9.9P1-48.1
bind-devel-9.9.9P1-48.1
bind-libs-9.9.9P1-48.1
bind-libs-debuginfo-9.9.9P1-48.1
bind-lwresd-9.9.9P1-48.1
bind-lwresd-debuginfo-9.9.9P1-48.1
bind-utils-9.9.9P1-48.1
bind-utils-debuginfo-9.9.9P1-48.1
- openSUSE Leap 42.1 (noarch):
bind-doc-9.9.9P1-48.1
- openSUSE Leap 42.1 (x86_64):
bind-libs-32bit-9.9.9P1-48.1
bind-libs-debuginfo-32bit-9.9.9P1-48.1
References:
https://www.suse.com/security/cve/CVE-2017-3135.htmlhttps://bugzilla.suse.com/1024130
openSUSE Recommended Update: Recommended update for vinagre
______________________________________________________________________________
Announcement ID: openSUSE-RU-2017:0619-1
Rating: moderate
References: #1002350
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for vinagre fixes certificate validation incompatibilities
with FreeRDP 1.2 that could lead to failure to establish RDP connections.
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-316=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (x86_64):
vinagre-3.20.2-5.1
vinagre-debuginfo-3.20.2-5.1
vinagre-debugsource-3.20.2-5.1
- openSUSE Leap 42.2 (noarch):
vinagre-lang-3.20.2-5.1
References:
https://bugzilla.suse.com/1002350