- openSUSE Updates

openSUSE-SU-2010:0182-1 (important): java-1_6_0-openjdk security update
by opensuse-security＠opensuse.org 29 Apr '10

29 Apr '10

openSUSE Security Update: java-1_6_0-openjdk security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0182-1 Rating: important References: #594415 Cross-References: CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0088 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0840 CVE-2010-0845 CVE-2010-0847 CVE-2010-0848 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: java-1_6_0-openjdk version 1.7.3 fixes serveral security issues: - CVE-2010-0837: JAR 'unpack200' must verify input parameters - CVE-2010-0845: No ClassCastException for HashAttributeSet constructors if run with -Xcomp - CVE-2010-0838: CMM readMabCurveData Buffer Overflow Vulnerability - CVE-2010-0082: Loader-constraint table allows arrays instead of only the base-classes - CVE-2010-0095: Subclasses of InetAddress may incorrectly interpret network addresses - CVE-2010-0085: File TOCTOU deserialization vulnerability - CVE-2010-0091: Unsigned applet can retrieve the dragged information before drop action occurs - CVE-2010-0088: Inflater/Deflater clone issues - CVE-2010-0084: Policy/PolicyFile leak dynamic ProtectionDomains. - CVE-2010-0092: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error - CVE-2010-0094: Deserialization of RMIConnectionImpl objects should enforce stricter checks - CVE-2010-0093: System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes - CVE-2010-0840: Applet Trusted Methods Chaining Privilege Escalation Vulnerability - CVE-2010-0848: AWT Library Invalid Index Vulnerability - CVE-2010-0847: ImagingLib arbitrary code execution vulnerability - CVE-2009-3555: TLS: MITM attacks via session renegotiation Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch java-1_6_0-openjdk-2362 - openSUSE 11.1: zypper in -t patch java-1_6_0-openjdk-2362 - openSUSE 11.0: zypper in -t patch java-1_6_0-openjdk-2362 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): java-1_6_0-openjdk-1.6.0.0_b17-2.1.1 - openSUSE 11.2 (i586 x86_64): java-1_6_0-openjdk-devel-1.6.0.0_b17-2.1.1 java-1_6_0-openjdk-plugin-1.6.0.0_b17-2.1.1 - openSUSE 11.2 (noarch): java-1_6_0-openjdk-demo-1.6.0.0_b17-2.1.1 java-1_6_0-openjdk-javadoc-1.6.0.0_b17-2.1.1 java-1_6_0-openjdk-src-1.6.0.0_b17-2.1.1 - openSUSE 11.1 (i586 ppc src x86_64): java-1_6_0-openjdk-1.6.0.0_b17-2.3.1 - openSUSE 11.1 (i586 ppc x86_64): java-1_6_0-openjdk-demo-1.6.0.0_b17-2.3.1 java-1_6_0-openjdk-devel-1.6.0.0_b17-2.3.1 java-1_6_0-openjdk-javadoc-1.6.0.0_b17-2.3.1 java-1_6_0-openjdk-plugin-1.6.0.0_b17-2.3.1 java-1_6_0-openjdk-src-1.6.0.0_b17-2.3.1 - openSUSE 11.0 (i586 ppc src x86_64): java-1_6_0-openjdk-1.6.0.0_b17-2.3 - openSUSE 11.0 (i586 ppc x86_64): java-1_6_0-openjdk-demo-1.6.0.0_b17-2.3 java-1_6_0-openjdk-devel-1.6.0.0_b17-2.3 java-1_6_0-openjdk-javadoc-1.6.0.0_b17-2.3 java-1_6_0-openjdk-plugin-1.6.0.0_b17-2.3 java-1_6_0-openjdk-src-1.6.0.0_b17-2.3 References: http://support.novell.com/security/cve/CVE-2009-3555.html http://support.novell.com/security/cve/CVE-2010-0082.html http://support.novell.com/security/cve/CVE-2010-0084.html http://support.novell.com/security/cve/CVE-2010-0085.html http://support.novell.com/security/cve/CVE-2010-0088.html http://support.novell.com/security/cve/CVE-2010-0091.html http://support.novell.com/security/cve/CVE-2010-0092.html http://support.novell.com/security/cve/CVE-2010-0093.html http://support.novell.com/security/cve/CVE-2010-0094.html http://support.novell.com/security/cve/CVE-2010-0095.html http://support.novell.com/security/cve/CVE-2010-0837.html http://support.novell.com/security/cve/CVE-2010-0838.html http://support.novell.com/security/cve/CVE-2010-0840.html http://support.novell.com/security/cve/CVE-2010-0845.html http://support.novell.com/security/cve/CVE-2010-0847.html http://support.novell.com/security/cve/CVE-2010-0848.html https://bugzilla.novell.com/594415

1 0

openSUSE-SU-2010:0181-1 (low): cacti security update
by opensuse-security＠opensuse.org 29 Apr '10

29 Apr '10

openSUSE Security Update: cacti security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0181-1 Rating: low References: #599239 Cross-References: CVE-2010-1431 Affected Products: openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Missing input sanitation in the template export feature allowed for SQL injection attacks (CVE-2010-1431). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.0: zypper in -t patch cacti-2365 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.0 (noarch src) [New Version: 0.8.7e]: cacti-0.8.7e-0.3 References: http://support.novell.com/security/cve/CVE-2010-1431.html https://bugzilla.novell.com/599239

1 0

openSUSE-RU-2010:0177-1 (low): timezone: Data update
by maintenance＠opensuse.org 28 Apr '10

28 Apr '10

openSUSE Recommended Update: timezone: Data update ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0177-1 Rating: low References: #583745 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: Updated tzdata version to 2010h: * DST changes: Asia/Dhaka, Asia/Karachi, Asia/Gaza, Asia/Damascus, Pacific/Apia, Pacific/Fiji, Africa/Tunis America/Santiago, Pacific/Easter, America/Asuncion * New zones: America/Matamoros, America/Ojinaga, America/Santa_Isabel * GMT offset changes: Europe/Samara, Asia/Kamchatka, Asia/Anadyr * Various Antarctica timezone changes * Number of Time Zones used in Russia were reduced to 9 and several regions changed timezones. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch timezone-2276 - openSUSE 11.1: zypper in -t patch timezone-2276 - openSUSE 11.0: zypper in -t patch timezone-2276 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 2010h]: timezone-2010h-1.1.1 - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 2010h]: timezone-2010h-1.1.1 - openSUSE 11.0 (i586 ppc src x86_64) [New Version: 2010h]: timezone-2010h-1.1 References: https://bugzilla.novell.com/583745

1 0

openSUSE-SU-2010:0175-1 (low): dovecot security update
by opensuse-security＠opensuse.org 28 Apr '10

28 Apr '10

openSUSE Security Update: dovecot security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0175-1 Rating: low References: #587356 Cross-References: CVE-2010-0745 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Huge mail headers could cause dovecot to consume excessive amounts of CPU (CVE-2010-0745) dovecot was updated to version 1.2.11 which fixes the problem. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch dovecot12-2363 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 1.2.9]: dovecot12-1.2.9-0.2.1 - openSUSE 11.2 (i586 x86_64) [New Version: 1.2.9]: dovecot12-backend-mysql-1.2.9-0.2.1 dovecot12-backend-pgsql-1.2.9-0.2.1 dovecot12-backend-sqlite-1.2.9-0.2.1 dovecot12-devel-1.2.9-0.2.1 dovecot12-fts-lucene-1.2.9-0.2.1 References: http://support.novell.com/security/cve/CVE-2010-0745.html https://bugzilla.novell.com/587356

1 0

openSUSE-RU-2010:0173-1 (low): evolution-data-server: This update improves the stability of the package.
by maintenance＠opensuse.org 27 Apr '10

27 Apr '10

openSUSE Recommended Update: evolution-data-server: This update improves the stability of the package. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0173-1 Rating: low References: #595936 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: evolution-data-server can abort with a trace. It is fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch evolution-data-server-2334 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (src x86_64) [New Version: 2.28.2]: evolution-data-server-2.28.2-0.2.13 - openSUSE 11.2 (i586 src) [New Version: 2.28.2]: evolution-data-server-2.28.2-0.3.1 - openSUSE 11.2 (x86_64) [New Version: 2.28.2]: evolution-data-server-32bit-2.28.2-0.3.1 evolution-data-server-devel-2.28.2-0.2.13 evolution-data-server-doc-2.28.2-0.2.13 - openSUSE 11.2 (noarch) [New Version: 2.28.2]: evolution-data-server-lang-2.28.2-0.3.1 - openSUSE 11.2 (i586) [New Version: 2.28.2]: evolution-data-server-devel-2.28.2-0.3.1 evolution-data-server-doc-2.28.2-0.3.1 References: https://bugzilla.novell.com/595936

1 0

openSUSE-SU-2010:0166-1 (important): systemtap: fix for remote code execution and denial of service
by opensuse-security＠opensuse.org 26 Apr '10

26 Apr '10

openSUSE Security Update: systemtap: fix for remote code execution and denial of service ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0166-1 Rating: important References: #574243 Cross-References: CVE-2009-4273 CVE-2010-0411 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: This updates systemtap to version 1.0. The version update was required to fix two issues; a shell meta.character injection vulnerability that allowed remote users to execute arbitrary commands () with the privileges of the stap-server. (CVE-2009-4273: CVSS v2 Base Score: 7.9 (important) (AV:A/AC:M/Au:N/C:C/I:C/A:C)) and a remote denial of service bug in the __get_argv() function (CVE-2010-0411: CVSS v2 Base Score: 4.9 (MEDIUM) (AV:L/AC:L/Au:N/C:N/I:N/A:C)). Version 1.0 is also subject to advisory CVE-2009-2911 fixing three denial of service issues when using unprivileged mode. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch systemtap-2088 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 1.0]: systemtap-1.0-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 1.0]: systemtap-client-1.0-1.1.1 systemtap-runtime-1.0-1.1.1 systemtap-sdt-devel-1.0-1.1.1 systemtap-server-1.0-1.1.1 References: http://support.novell.com/security/cve/CVE-2009-4273.html http://support.novell.com/security/cve/CVE-2010-0411.html https://bugzilla.novell.com/574243

1 0

openSUSE-SU-2010:0165-1 (low): apache2 security update
by opensuse-security＠opensuse.org 26 Apr '10

26 Apr '10

openSUSE Security Update: apache2 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0165-1 Rating: low References: #570127 #586572 Cross-References: CVE-2010-0408 CVE-2010-0434 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: When using a multithreaded MPM apache could leak memory of requests handled by a different thread when processing subrequests (CVE-2010-0434). Specially crafted requests could crash mod_proxy_ajp (CVE-2010-0408). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch apache2-2292 - openSUSE 11.1: zypper in -t patch apache2-2292 - openSUSE 11.0: zypper in -t patch apache2-2292 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): apache2-2.2.13-2.4.1 - openSUSE 11.2 (i586 x86_64): apache2-devel-2.2.13-2.4.1 apache2-doc-2.2.13-2.4.1 apache2-example-certificates-2.2.13-2.4.1 apache2-example-pages-2.2.13-2.4.1 apache2-itk-2.2.13-2.4.1 apache2-prefork-2.2.13-2.4.1 apache2-utils-2.2.13-2.4.1 apache2-worker-2.2.13-2.4.1 - openSUSE 11.1 (i586 ppc src x86_64): apache2-2.2.10-2.9.1 - openSUSE 11.1 (i586 ppc x86_64): apache2-devel-2.2.10-2.9.1 apache2-doc-2.2.10-2.9.1 apache2-example-pages-2.2.10-2.9.1 apache2-prefork-2.2.10-2.9.1 apache2-utils-2.2.10-2.9.1 apache2-worker-2.2.10-2.9.1 - openSUSE 11.0 (i586 ppc src x86_64): apache2-2.2.8-28.10 - openSUSE 11.0 (i586 ppc x86_64): apache2-devel-2.2.8-28.10 apache2-doc-2.2.8-28.10 apache2-example-pages-2.2.8-28.10 apache2-prefork-2.2.8-28.10 apache2-utils-2.2.8-28.10 apache2-worker-2.2.8-28.10 References: http://support.novell.com/security/cve/CVE-2010-0408.html http://support.novell.com/security/cve/CVE-2010-0434.html https://bugzilla.novell.com/570127 https://bugzilla.novell.com/586572

1 0

openSUSE-SU-2010:0156-1 (low): glib2 security update
by opensuse-security＠opensuse.org 26 Apr '10

26 Apr '10

openSUSE Security Update: glib2 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0156-1 Rating: low References: #500520 #538005 Cross-References: CVE-2009-3289 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: The when copying symbolic links the g_file_copy function set the target of the link to mode 0777 therefore exposing potentially sensitive information or allowing other user to modify files they should not have access to (CVE-2009-3289). This update also fixes a problem where glib2 couldn't access remote URLs when run outside of a gnome session. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch glib2-1828 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): glib2-2.18.2-5.4.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 0]: glib2-branding-upstream-2.18.2-5.4.1 glib2-devel-2.18.2-5.4.1 glib2-doc-2.18.2-5.4.1 glib2-lang-2.18.2-5.4.1 libgio-2_0-0-2.18.2-5.4.1 libgio-fam-2.18.2-5.4.1 libglib-2_0-0-2.18.2-5.4.1 libgmodule-2_0-0-2.18.2-5.4.1 libgobject-2_0-0-2.18.2-5.4.1 libgthread-2_0-0-2.18.2-5.4.1 - openSUSE 11.1 (x86_64) [New Version: 0]: libgio-2_0-0-32bit-2.18.2-5.4.1 libglib-2_0-0-32bit-2.18.2-5.4.1 libgmodule-2_0-0-32bit-2.18.2-5.4.1 libgobject-2_0-0-32bit-2.18.2-5.4.1 libgthread-2_0-0-32bit-2.18.2-5.4.1 - openSUSE 11.1 (ppc) [New Version: 0]: libgio-2_0-0-64bit-2.18.2-5.4.1 libglib-2_0-0-64bit-2.18.2-5.4.1 libgmodule-2_0-0-64bit-2.18.2-5.4.1 libgobject-2_0-0-64bit-2.18.2-5.4.1 libgthread-2_0-0-64bit-2.18.2-5.4.1 References: http://support.novell.com/security/cve/CVE-2009-3289.html https://bugzilla.novell.com/500520 https://bugzilla.novell.com/538005

1 0

openSUSE-SU-2010:0155-1 (low): glib2 security update
by opensuse-security＠opensuse.org 26 Apr '10

26 Apr '10

openSUSE Security Update: glib2 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0155-1 Rating: low References: #538005 Cross-References: CVE-2009-3289 Affected Products: openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The when copying symbolic links the g_file_copy function set the target of the link to mode 0777 therefore exposing potentially sensitive information or allowing other user to modify files they should not have access to (CVE-2009-3289). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.0: zypper in -t patch glib2-1822 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.0 (i586 ppc src x86_64): glib2-2.16.3-20.8 - openSUSE 11.0 (i586 ppc x86_64) [New Version: 0]: glib2-branding-upstream-2.16.3-20.8 glib2-devel-2.16.3-20.8 glib2-doc-2.16.3-20.8 libgio-2_0-0-2.16.3-20.8 libgio-fam-2.16.3-20.8 libglib-2_0-0-2.16.3-20.8 libgmodule-2_0-0-2.16.3-20.8 libgobject-2_0-0-2.16.3-20.8 libgthread-2_0-0-2.16.3-20.8 - openSUSE 11.0 (x86_64) [New Version: 0]: libgio-2_0-0-32bit-2.16.3-20.8 libglib-2_0-0-32bit-2.16.3-20.8 libgmodule-2_0-0-32bit-2.16.3-20.8 libgobject-2_0-0-32bit-2.16.3-20.8 libgthread-2_0-0-32bit-2.16.3-20.8 - openSUSE 11.0 (ppc) [New Version: 0]: glib2-devel-64bit-2.16.3-20.8 libgio-2_0-0-64bit-2.16.3-20.8 libglib-2_0-0-64bit-2.16.3-20.8 libgmodule-2_0-0-64bit-2.16.3-20.8 libgobject-2_0-0-64bit-2.16.3-20.8 libgthread-2_0-0-64bit-2.16.3-20.8 References: http://support.novell.com/security/cve/CVE-2009-3289.html https://bugzilla.novell.com/538005

1 0

openSUSE-SU-2010:0154-1 (low): mediawiki security update
by opensuse-security＠opensuse.org 26 Apr '10

26 Apr '10

openSUSE Security Update: mediawiki security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0154-1 Rating: low References: #592574 Cross-References: CVE-2010-1189 CVE-2010-1190 Affected Products: openSUSE 11.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: MediaWiki was prone to a CSS validation flaw and data leakage vulnerability (CVE-2010-1189, CVE-2010-1190). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.0: zypper in -t patch mediawiki-2356 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.0 (i586 ppc src x86_64): mediawiki-1.11.2-36.4 References: http://support.novell.com/security/cve/CVE-2010-1189.html http://support.novell.com/security/cve/CVE-2010-1190.html https://bugzilla.novell.com/592574

1 0

openSUSE-RU-2010:0152-1 (critical): lighttpd: It doesn't start after the last openssl update when "ssl.use-sslv2" is disabled. Fixed by this update.
by maintenance＠opensuse.org 23 Apr '10

23 Apr '10

openSUSE Recommended Update: lighttpd: It doesn't start after the last openssl update when "ssl.use-sslv2" is disabled. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0152-1 Rating: critical References: #597765 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: bnc #597765: lighttpd doesn't start after the last openssl update when "ssl.use-sslv2" is disabled. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch lighttpd-2350 - openSUSE 11.1: zypper in -t patch lighttpd-2350 - openSUSE 11.0: zypper in -t patch lighttpd-2350 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): lighttpd-1.4.20-3.8.2 - openSUSE 11.2 (i586 x86_64): lighttpd-mod_cml-1.4.20-3.8.2 lighttpd-mod_magnet-1.4.20-3.8.2 lighttpd-mod_mysql_vhost-1.4.20-3.8.2 lighttpd-mod_rrdtool-1.4.20-3.8.2 lighttpd-mod_trigger_b4_dl-1.4.20-3.8.2 lighttpd-mod_webdav-1.4.20-3.8.2 - openSUSE 11.1 (i586 ppc src x86_64): lighttpd-1.4.20-2.6.1 - openSUSE 11.1 (i586 ppc x86_64): lighttpd-mod_cml-1.4.20-2.6.1 lighttpd-mod_magnet-1.4.20-2.6.1 lighttpd-mod_mysql_vhost-1.4.20-2.6.1 lighttpd-mod_rrdtool-1.4.20-2.6.1 lighttpd-mod_trigger_b4_dl-1.4.20-2.6.1 lighttpd-mod_webdav-1.4.20-2.6.1 - openSUSE 11.0 (i586 ppc src x86_64): lighttpd-1.4.19-6.8 - openSUSE 11.0 (i586 ppc x86_64): lighttpd-mod_cml-1.4.19-6.8 lighttpd-mod_magnet-1.4.19-6.8 lighttpd-mod_mysql_vhost-1.4.19-6.8 lighttpd-mod_rrdtool-1.4.19-6.8 lighttpd-mod_trigger_b4_dl-1.4.19-6.8 lighttpd-mod_webdav-1.4.19-6.8 References: https://bugzilla.novell.com/597765

1 0

openSUSE-SU-2010:0149-1 (low): clamav update
by opensuse-security＠opensuse.org 23 Apr '10

23 Apr '10

openSUSE Security Update: clamav update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0149-1 Rating: low References: #587363 Cross-References: CVE-2010-0098 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: clamav has been updated to version 0.96. Citing freshmeat.net: This Release introduces new malware detection mechanisms and other significant improvements to the scan engine. Key features include the bytecode interpreter, heuristic improvements, signature improvements, support for new archives, support for new executable file formats, support for UPX 3.0, performance improvements and memory optimizations. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch clamav-2263 - openSUSE 11.1: zypper in -t patch clamav-2263 - openSUSE 11.0: zypper in -t patch clamav-2263 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 0.96]: clamav-0.96-0.3.1 - openSUSE 11.2 (i586 x86_64) [New Version: 0.96]: clamav-db-0.96-0.3.1 - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 0.96]: clamav-0.96-0.3.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 0.96]: clamav-db-0.96-0.3.1 - openSUSE 11.0 (i586 ppc src x86_64) [New Version: 0.96]: clamav-0.96-0.3 - openSUSE 11.0 (i586 ppc x86_64) [New Version: 0.96]: clamav-db-0.96-0.3 References: http://support.novell.com/security/cve/CVE-2010-0098.html https://bugzilla.novell.com/587363

1 0

openSUSE-SU-2010:0147-1 (moderate): krb5 security update
by opensuse-security＠opensuse.org 22 Apr '10

22 Apr '10

openSUSE Security Update: krb5 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0147-1 Rating: moderate References: #596002 Cross-References: CVE-2010-1320 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Specially crafted requests be authenticated remote attackers could crash the KDC (CVE-2010-1320). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch krb5-2348 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): krb5-1.7-6.5.1 krb5-mini-1.7-6.5.1 - openSUSE 11.2 (i586 x86_64): krb5-apps-clients-1.7-6.5.1 krb5-apps-servers-1.7-6.5.1 krb5-client-1.7-6.5.1 krb5-devel-1.7-6.5.1 krb5-mini-devel-1.7-6.5.1 krb5-plugin-kdb-ldap-1.7-6.5.1 krb5-plugin-preauth-pkinit-1.7-6.5.1 krb5-server-1.7-6.5.1 - openSUSE 11.2 (x86_64): krb5-32bit-1.7-6.5.1 krb5-devel-32bit-1.7-6.5.1 References: http://support.novell.com/security/cve/CVE-2010-1320.html https://bugzilla.novell.com/596002

1 0

openSUSE-RU-2010:0142-1 (moderate): cifs-mount: Fix workgroup enumeration, for client printer and file share selection.
by maintenance＠opensuse.org 22 Apr '10

22 Apr '10

openSUSE Recommended Update: cifs-mount: Fix workgroup enumeration, for client printer and file share selection. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0142-1 Rating: moderate References: #591636 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: Fix workgroup enumeration, for client printer and file share selection; (bso#6880); (bnc#586215) Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch cifs-mount-2288 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 3.4.3]: samba-3.4.3-3.3.1 - openSUSE 11.2 (i586 x86_64) [New Version: 3.4.3]: cifs-mount-3.4.3-3.3.1 ldapsmb-1.34b-3.3.1 libnetapi-devel-3.4.3-3.3.1 libnetapi0-3.4.3-3.3.1 libsmbclient-devel-3.4.3-3.3.1 libsmbclient0-3.4.3-3.3.1 libsmbsharemodes-devel-3.4.3-3.3.1 libsmbsharemodes0-3.4.3-3.3.1 libtalloc-devel-3.4.3-3.3.1 libtalloc1-3.4.3-3.3.1 libtdb-devel-3.4.3-3.3.1 libtdb1-3.4.3-3.3.1 libwbclient-devel-3.4.3-3.3.1 libwbclient0-3.4.3-3.3.1 samba-client-3.4.3-3.3.1 samba-devel-3.4.3-3.3.1 samba-krb-printing-3.4.3-3.3.1 samba-winbind-3.4.3-3.3.1 - openSUSE 11.2 (noarch src) [New Version: 3.4.3]: samba-doc-3.4.3-3.3.1 - openSUSE 11.2 (x86_64) [New Version: 3.4.3]: libsmbclient0-32bit-3.4.3-3.3.1 libtalloc1-32bit-3.4.3-3.3.1 libtdb1-32bit-3.4.3-3.3.1 libwbclient0-32bit-3.4.3-3.3.1 samba-32bit-3.4.3-3.3.1 samba-client-32bit-3.4.3-3.3.1 samba-winbind-32bit-3.4.3-3.3.1 References: https://bugzilla.novell.com/591636

1 0

openSUSE-SU-2010:0140-1 (critical): SUN Java security update
by opensuse-security＠opensuse.org 22 Apr '10

22 Apr '10

openSUSE Security Update: SUN Java security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0140-1 Rating: critical References: #596010 Cross-References: CVE-2010-0887 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Oracle has released JRE 6 Update 20 in order to fix potential remote code execution vulnerabilities (CVE-2010-0887). Please refer to Oracle's site for more information: http://www.oracle.com/technology/deploy/security/alerts/aler t-cve-2010-0886.html Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch java-1_6_0-sun-2345 - openSUSE 11.1: zypper in -t patch java-1_6_0-sun-2345 - openSUSE 11.0: zypper in -t patch java-1_6_0-sun-2345 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 x86_64) [New Version: 1.6.0.u20]: java-1_6_0-sun-1.6.0.u20-0.1.1 java-1_6_0-sun-alsa-1.6.0.u20-0.1.1 java-1_6_0-sun-demo-1.6.0.u20-0.1.1 java-1_6_0-sun-devel-1.6.0.u20-0.1.1 java-1_6_0-sun-jdbc-1.6.0.u20-0.1.1 java-1_6_0-sun-plugin-1.6.0.u20-0.1.1 java-1_6_0-sun-src-1.6.0.u20-0.1.1 - openSUSE 11.1 (i586 x86_64) [New Version: 1.6.0.u20]: java-1_6_0-sun-1.6.0.u20-0.1.1 java-1_6_0-sun-alsa-1.6.0.u20-0.1.1 java-1_6_0-sun-devel-1.6.0.u20-0.1.1 java-1_6_0-sun-jdbc-1.6.0.u20-0.1.1 java-1_6_0-sun-plugin-1.6.0.u20-0.1.1 java-1_6_0-sun-src-1.6.0.u20-0.1.1 - openSUSE 11.0 (i586 x86_64) [New Version: 1.6.0.u20]: java-1_6_0-sun-1.6.0.u20-0.1 java-1_6_0-sun-alsa-1.6.0.u20-0.1 java-1_6_0-sun-demo-1.6.0.u20-0.1 java-1_6_0-sun-devel-1.6.0.u20-0.1 java-1_6_0-sun-jdbc-1.6.0.u20-0.1 java-1_6_0-sun-plugin-1.6.0.u20-0.1 java-1_6_0-sun-src-1.6.0.u20-0.1 References: http://support.novell.com/security/cve/CVE-2010-0887.html https://bugzilla.novell.com/596010

1 0

openSUSE-SU-2010:0137-1 (critical): acroread security update
by opensuse-security＠opensuse.org 21 Apr '10

21 Apr '10

openSUSE Security Update: acroread security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0137-1 Rating: critical References: #595108 Cross-References: CVE-2010-0190 CVE-2010-0191 CVE-2010-0192 CVE-2010-0193 CVE-2010-0194 CVE-2010-0195 CVE-2010-0196 CVE-2010-0197 CVE-2010-0198 CVE-2010-0199 CVE-2010-0201 CVE-2010-0202 CVE-2010-0203 CVE-2010-0204 CVE-2010-1241 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. It includes three new package versions. Description: Specially crafted PDF documents could crash acroread or even lead to execution of arbitrary code (CVE-2010-0190, CVE-2010-0191, CVE-2010-0192, CVE-2010-0193 CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197 CVE-2010-0198, CVE-2010-0199, CVE-2010-0201, CVE-2010-0202 CVE-2010-0203, CVE-2010-0204, CVE-2010-1241). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch acroread-2321 - openSUSE 11.1: zypper in -t patch acroread-2321 - openSUSE 11.0: zypper in -t patch acroread-2321 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (noarch) [New Version: 9.3.2]: acroread-cmaps-9.3.2-0.2.1 acroread-fonts-ja-9.3.2-0.2.1 acroread-fonts-ko-9.3.2-0.2.1 acroread-fonts-zh_CN-9.3.2-0.2.1 acroread-fonts-zh_TW-9.3.2-0.2.1 - openSUSE 11.2 (i586) [New Version: 9.3.2]: acroread-9.3.2-0.2.1 - openSUSE 11.1 (noarch) [New Version: 9.3.2]: acroread-cmaps-9.3.2-0.1.1 acroread-fonts-ja-9.3.2-0.1.1 acroread-fonts-ko-9.3.2-0.1.1 acroread-fonts-zh_CN-9.3.2-0.1.1 acroread-fonts-zh_TW-9.3.2-0.1.1 - openSUSE 11.1 (i586) [New Version: 9.3.2]: acroread-9.3.2-0.1.1 - openSUSE 11.0 (noarch) [New Version: 9.3.2]: acroread-cmaps-9.3.2-0.1 acroread-fonts-ja-9.3.2-0.1 acroread-fonts-ko-9.3.2-0.1 acroread-fonts-zh_CN-9.3.2-0.1 acroread-fonts-zh_TW-9.3.2-0.1 - openSUSE 11.0 (i586) [New Version: 9.3.2]: acroread-9.3.2-0.1 References: http://support.novell.com/security/cve/CVE-2010-0190.html http://support.novell.com/security/cve/CVE-2010-0191.html http://support.novell.com/security/cve/CVE-2010-0192.html http://support.novell.com/security/cve/CVE-2010-0193.html http://support.novell.com/security/cve/CVE-2010-0194.html http://support.novell.com/security/cve/CVE-2010-0195.html http://support.novell.com/security/cve/CVE-2010-0196.html http://support.novell.com/security/cve/CVE-2010-0197.html http://support.novell.com/security/cve/CVE-2010-0198.html http://support.novell.com/security/cve/CVE-2010-0199.html http://support.novell.com/security/cve/CVE-2010-0201.html http://support.novell.com/security/cve/CVE-2010-0202.html http://support.novell.com/security/cve/CVE-2010-0203.html http://support.novell.com/security/cve/CVE-2010-0204.html http://support.novell.com/security/cve/CVE-2010-1241.html https://bugzilla.novell.com/595108

1 0

openSUSE-RU-2010:0134-1 (important): pcsc-cyberjack: cyberjack cardreader is not accessible. Fixed by this update.
by maintenance＠opensuse.org 19 Apr '10

19 Apr '10

openSUSE Recommended Update: pcsc-cyberjack: cyberjack cardreader is not accessible. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0134-1 Rating: important References: #555660 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: cyberjack cardreader is not accessible under openSUSE 11.2. Support for this cardreader is added by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch ctapi-cyberjack-2274 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 3.3.5]: pcsc-cyberjack-3.3.5-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 3.3.5]: ctapi-cyberjack-3.3.5-1.1.1 - openSUSE 11.2 (x86_64) [New Version: 3.3.5]: ctapi-cyberjack-32bit-3.3.5-1.1.1 References: https://bugzilla.novell.com/555660

1 0

openSUSE-RU-2010:0132-1 (low): kstarts: A startup crash is fixed by this update.
by maintenance＠opensuse.org 19 Apr '10

19 Apr '10

openSUSE Recommended Update: kstarts: A startup crash is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0132-1 Rating: low References: #591716 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes a crash due to fortify checks being triggered of kstars on startup upon second and subsequent starts. (bnc#591716) Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch blinken-2277 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 4.3.5]: kdeedu4-4.3.5-0.2.1 - openSUSE 11.2 (i586 x86_64) [New Version: 4.3.5]: blinken-4.3.5-0.2.1 kalgebra-4.3.5-0.2.1 kalzium-4.3.5-0.2.1 kanagram-4.3.5-0.2.1 kbruch-4.3.5-0.2.1 kgeography-4.3.5-0.2.1 khangman-4.3.5-0.2.1 kig-4.3.5-0.2.1 kiten-4.3.5-0.2.1 klettres-4.3.5-0.2.1 kmplot-4.3.5-0.2.1 kstars-4.3.5-0.2.1 ktouch-4.3.5-0.2.1 kturtle-4.3.5-0.2.1 kwordquiz-4.3.5-0.2.1 libkdeedu4-4.3.5-0.2.1 libkdeedu4-devel-4.3.5-0.2.1 marble-4.3.5-0.2.1 marble-devel-4.3.5-0.2.1 parley-4.3.5-0.2.1 step-4.3.5-0.2.1 - openSUSE 11.2 (noarch src) [New Version: 4.3.5]: kdeedu4-noarch-4.3.5-0.2.1 - openSUSE 11.2 (noarch) [New Version: 4.3.5]: kstars-data-4.3.5-0.2.1 marble-data-4.3.5-0.2.1 References: https://bugzilla.novell.com/591716

1 0

openSUSE-RU-2010:0131-1 (low): f-spot: Can crash when closing the find bar. Fixed by this update
by maintenance＠opensuse.org 19 Apr '10

19 Apr '10

openSUSE Recommended Update: f-spot: Can crash when closing the find bar. Fixed by this update ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0131-1 Rating: low References: #594142 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: f-spot can crash when the user is closing the find bar. This bug is fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch f-spot-2275 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 0.6.1.5]: f-spot-0.6.1.5-1.2.1 - openSUSE 11.2 (noarch) [New Version: 0.6.1.5]: f-spot-lang-0.6.1.5-1.2.1 References: https://bugzilla.novell.com/594142

1 0

openSUSE-RU-2010:0128-1 (moderate): parted: Fix "/proc/partitions" left outdated after modification of partition table
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: parted: Fix "/proc/partitions" left outdated after modification of partition table ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0128-1 Rating: moderate References: #539521 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Race condition in parted might cause /proc/partitions being outdated after modification of partition table. Mismatches between partition layouts "on disk" and "in kernel data" can lead to data loss. This is fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch parted-2295 - openSUSE 11.0: zypper in -t patch parted-2300 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): parted-1.8.8-91.12.1 - openSUSE 11.1 (i586 ppc x86_64): parted-devel-1.8.8-91.12.1 - openSUSE 11.1 (x86_64): parted-32bit-1.8.8-91.12.1 - openSUSE 11.1 (ppc): parted-64bit-1.8.8-91.12.1 - openSUSE 11.0 (i586 ppc src x86_64): parted-1.8.8-46.5 - openSUSE 11.0 (i586 ppc x86_64): parted-devel-1.8.8-46.5 - openSUSE 11.0 (x86_64): parted-32bit-1.8.8-46.5 - openSUSE 11.0 (ppc): parted-64bit-1.8.8-46.5 References: https://bugzilla.novell.com/539521

1 0

openSUSE-RU-2010:0127-1 (moderate): parted: Fix "/proc/partitions" left outdated after modification of partition table
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: parted: Fix "/proc/partitions" left outdated after modification of partition table ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0127-1 Rating: moderate References: #539521 #567652 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: Race condition in parted might cause /proc/partitions being outdated after modification of partition table. Mismatches between partition layouts "on disk" and "in kernel data" can lead to data loss. This bug is fixed by this update. This update also contains a fix for reiserfs superblock handling during resize (bnc#567652) Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch parted-2296 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): parted-1.9.0-3.7.1 - openSUSE 11.2 (i586 x86_64): parted-devel-1.9.0-3.7.1 - openSUSE 11.2 (x86_64): parted-32bit-1.9.0-3.7.1 - openSUSE 11.2 (noarch): parted-lang-1.9.0-3.7.1 References: https://bugzilla.novell.com/539521 https://bugzilla.novell.com/567652

1 0

openSUSE-RU-2010:0244-1 (moderate): parted: fix corruption of extended partition content
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: parted: fix corruption of extended partition content ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0244-1 Rating: moderate References: #467576 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/467576

1 0

openSUSE-SU-2010:0236-1 (low): openssl: Fixed three remote denial of service problems,
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: openssl: Fixed three remote denial of service problems, ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0236-1 Rating: low References: #504687 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/504687

1 0

openSUSE-RU-2010:0234-1 (low): osc: update to support new Build Service XML Format
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: osc: update to support new Build Service XML Format ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0234-1 Rating: low References: #421390 #458083 #458535 #459288 #459292 #462869 #469167 #470948 #477690 #478052 #478054 #479156 Affected Products: ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/421390 https://bugzilla.novell.com/458083 https://bugzilla.novell.com/458535 https://bugzilla.novell.com/459288 https://bugzilla.novell.com/459292 https://bugzilla.novell.com/462869 https://bugzilla.novell.com/469167 https://bugzilla.novell.com/470948 https://bugzilla.novell.com/477690 https://bugzilla.novell.com/478052 https://bugzilla.novell.com/478054 https://bugzilla.novell.com/479156

1 0

openSUSE-RU-2010:0233-1 (important): kiwi: Upgrade to latest KIWI release.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

1 0

openSUSE-SU-2010:0230-1 (important): clamav: clamav 0.95.1 fixes two security issues
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: clamav: clamav 0.95.1 fixes two security issues ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0230-1 Rating: important References: #493562 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/493562

1 0

openSUSE-RU-2010:0229-1 (low): powerdevil: Prevent high CPU usage of X servermanagement
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: powerdevil: Prevent high CPU usage of X servermanagement ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0229-1 Rating: low References: #461335 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/461335

1 0

openSUSE-SU-2010:0227-1 (important): mono security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: mono security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0227-1 Rating: important References: #521184 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/521184

1 0

openSUSE-RU-2010:0226-1 (low): gnome-do: Version-upgrade to fix a bug causing a high CPU use.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: gnome-do: Version-upgrade to fix a bug causing a high CPU use. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0226-1 Rating: low References: #540518 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/540518

1 0

openSUSE-RU-2010:0225-1 (low): yast2-add-on-creator: fix package checksum creation
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: yast2-add-on-creator: fix package checksum creation ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0225-1 Rating: low References: #484695 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/484695

1 0

openSUSE-SU-2010:0221-1 (important): Linux Kernel update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: Linux Kernel update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0221-1 Rating: important References: #362850 #371657 #399966 #405546 #419250 #429919 #439461 #442364 #442594 #443640 #443661 #445569 #446973 #447241 #447406 #450417 #457896 #457897 #457898 Cross-References: Affected Products: ______________________________________________________________________________ An update that has 19 security fixes can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/362850 https://bugzilla.novell.com/371657 https://bugzilla.novell.com/399966 https://bugzilla.novell.com/405546 https://bugzilla.novell.com/419250 https://bugzilla.novell.com/429919 https://bugzilla.novell.com/439461 https://bugzilla.novell.com/442364 https://bugzilla.novell.com/442594 https://bugzilla.novell.com/443640 https://bugzilla.novell.com/443661 https://bugzilla.novell.com/445569 https://bugzilla.novell.com/446973 https://bugzilla.novell.com/447241 https://bugzilla.novell.com/447406 https://bugzilla.novell.com/450417 https://bugzilla.novell.com/457896 https://bugzilla.novell.com/457897 https://bugzilla.novell.com/457898

1 0

openSUSE-SU-2010:0220-1 (critical): OpenSSL incorrect checks for malformed signatures
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: OpenSSL incorrect checks for malformed signatures ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0220-1 Rating: critical References: #459468 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/459468

1 0

openSUSE-SU-2010:0216-1 (important): flash-player security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: flash-player security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0216-1 Rating: important References: #476907 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/476907

1 0

openSUSE-SU-2010:0214-1 (important): netatalk: papd daemon allowed arbitrary shell command execution
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: netatalk: papd daemon allowed arbitrary shell command execution ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0214-1 Rating: important References: #463575 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/463575

1 0

openSUSE-RU-2010:0212-1 (low): Combined Translation Update and Release Notes Update
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: Combined Translation Update and Release Notes Update ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0212-1 Rating: low References: #546604 #547055 #548086 #551294 #551729 #552158 #557412 #557762 #560456 #561539 #561771 #567018 Affected Products: ______________________________________________________________________________ An update that has 12 recommended fixes can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/546604 https://bugzilla.novell.com/547055 https://bugzilla.novell.com/548086 https://bugzilla.novell.com/551294 https://bugzilla.novell.com/551729 https://bugzilla.novell.com/552158 https://bugzilla.novell.com/557412 https://bugzilla.novell.com/557762 https://bugzilla.novell.com/560456 https://bugzilla.novell.com/561539 https://bugzilla.novell.com/561771 https://bugzilla.novell.com/567018

1 0

openSUSE-SU-2010:0210-1 (low): perl-IO-Socket-SSL: certificate hostname compare bug
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: perl-IO-Socket-SSL: certificate hostname compare bug ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0210-1 Rating: low References: #535554 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/535554

1 0

openSUSE-SU-2010:0209-1 (moderate): hal new dbus configuration
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: hal new dbus configuration ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0209-1 Rating: moderate References: #443307 #469775 #491320 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/443307 https://bugzilla.novell.com/469775 https://bugzilla.novell.com/491320

1 0

openSUSE-SU-2010:0205-1 (important): Linux Kernel: security and bugfix update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: Linux Kernel: security and bugfix update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0205-1 Rating: important References: #474773 #492961 #510449 #544760 #555747 #558269 #561078 #565962 #566634 #568319 #570314 #574654 #576927 #577747 #577753 #578064 #578222 #578550 #578708 #579076 #579219 #579439 #579989 #580799 #581271 #581718 #582552 #582907 #584320 Cross-References: CVE-2009-4031 CVE-2010-0410 CVE-2010-0415 CVE-2010-0622 CVE-2010-0623 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 24 fixes is now available. It includes one version update. Description: This update of the openSUSE 11.2 kernel contains a lot of bug and security fixes. Following security issues were fixed: CVE-2010-0622: The wake_futex_pi function in kernel/futex.c in the Linux kernel does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. CVE-2010-0623: The futex_lock_pi function in kernel/futex.c in the Linux kernel does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem. CVE-2010-0415: The do_pages_move function in mm/migrate.c in the Linux kernel does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. CVE-2010-0410: drivers/connector/connector.c in the Linux kernel allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. CVE-2009-4031: The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. This update also contains a large rollup of fixes for the rt2860 and rt3090 wireless drivers from the mainline kernel. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch -kernel-2146 dbg112-kernel-2146 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 2.6.31.12]: kernel-syms-2.6.31.12-0.2.1 - openSUSE 11.2 (i586 x86_64) [New Version: 2.6.31.12]: kernel-debug-2.6.31.12-0.2.1 kernel-debug-base-2.6.31.12-0.2.1 kernel-debug-base-debuginfo-2.6.31.12-0.2.1 kernel-debug-debuginfo-2.6.31.12-0.2.1 kernel-debug-debugsource-2.6.31.12-0.2.1 kernel-debug-devel-2.6.31.12-0.2.1 kernel-debug-devel-debuginfo-2.6.31.12-0.2.1 kernel-default-2.6.31.12-0.2.1 kernel-default-base-2.6.31.12-0.2.1 kernel-default-base-debuginfo-2.6.31.12-0.2.1 kernel-default-debuginfo-2.6.31.12-0.2.1 kernel-default-debugsource-2.6.31.12-0.2.1 kernel-default-devel-2.6.31.12-0.2.1 kernel-default-devel-debuginfo-2.6.31.12-0.2.1 kernel-desktop-2.6.31.12-0.2.1 kernel-desktop-base-2.6.31.12-0.2.1 kernel-desktop-base-debuginfo-2.6.31.12-0.2.1 kernel-desktop-debuginfo-2.6.31.12-0.2.1 kernel-desktop-debugsource-2.6.31.12-0.2.1 kernel-desktop-devel-2.6.31.12-0.2.1 kernel-desktop-devel-debuginfo-2.6.31.12-0.2.1 kernel-trace-2.6.31.12-0.2.1 kernel-trace-base-2.6.31.12-0.2.1 kernel-trace-base-debuginfo-2.6.31.12-0.2.1 kernel-trace-debuginfo-2.6.31.12-0.2.1 kernel-trace-debugsource-2.6.31.12-0.2.1 kernel-trace-devel-2.6.31.12-0.2.1 kernel-trace-devel-debuginfo-2.6.31.12-0.2.1 kernel-vanilla-2.6.31.12-0.2.1 kernel-vanilla-base-2.6.31.12-0.2.1 kernel-vanilla-base-debuginfo-2.6.31.12-0.2.1 kernel-vanilla-debuginfo-2.6.31.12-0.2.1 kernel-vanilla-debugsource-2.6.31.12-0.2.1 kernel-vanilla-devel-2.6.31.12-0.2.1 kernel-vanilla-devel-debuginfo-2.6.31.12-0.2.1 kernel-xen-2.6.31.12-0.2.1 kernel-xen-base-2.6.31.12-0.2.1 kernel-xen-base-debuginfo-2.6.31.12-0.2.1 kernel-xen-debuginfo-2.6.31.12-0.2.1 kernel-xen-debugsource-2.6.31.12-0.2.1 kernel-xen-devel-2.6.31.12-0.2.1 kernel-xen-devel-debuginfo-2.6.31.12-0.2.1 preload-kmp-default-1.1_2.6.31.12_0.2-6.9.15 preload-kmp-default-debuginfo-1.1_2.6.31.12_0.2-6.9.15 preload-kmp-desktop-1.1_2.6.31.12_0.2-6.9.15 preload-kmp-desktop-debuginfo-1.1_2.6.31.12_0.2-6.9.15 - openSUSE 11.2 (noarch src) [New Version: 2.6.31.12]: kernel-source-2.6.31.12-0.2.1 - openSUSE 11.2 (noarch) [New Version: 2.6.31.12]: kernel-source-vanilla-2.6.31.12-0.2.1 - openSUSE 11.2 (i586) [New Version: 2.6.31.12]: kernel-pae-2.6.31.12-0.2.1 kernel-pae-base-2.6.31.12-0.2.1 kernel-pae-base-debuginfo-2.6.31.12-0.2.1 kernel-pae-debuginfo-2.6.31.12-0.2.1 kernel-pae-debugsource-2.6.31.12-0.2.1 kernel-pae-devel-2.6.31.12-0.2.1 kernel-pae-devel-debuginfo-2.6.31.12-0.2.1 - openSUSE 11.2 (src): preload-1.1-6.9.15 References: http://support.novell.com/security/cve/CVE-2009-4031.html http://support.novell.com/security/cve/CVE-2010-0410.html http://support.novell.com/security/cve/CVE-2010-0415.html http://support.novell.com/security/cve/CVE-2010-0622.html http://support.novell.com/security/cve/CVE-2010-0623.html https://bugzilla.novell.com/474773 https://bugzilla.novell.com/492961 https://bugzilla.novell.com/510449 https://bugzilla.novell.com/544760 https://bugzilla.novell.com/555747 https://bugzilla.novell.com/558269 https://bugzilla.novell.com/561078 https://bugzilla.novell.com/565962 https://bugzilla.novell.com/566634 https://bugzilla.novell.com/568319 https://bugzilla.novell.com/570314 https://bugzilla.novell.com/574654 https://bugzilla.novell.com/576927 https://bugzilla.novell.com/577747 https://bugzilla.novell.com/577753 https://bugzilla.novell.com/578064 https://bugzilla.novell.com/578222 https://bugzilla.novell.com/578550 https://bugzilla.novell.com/578708 https://bugzilla.novell.com/579076 https://bugzilla.novell.com/579219 https://bugzilla.novell.com/579439 https://bugzilla.novell.com/579989 https://bugzilla.novell.com/580799 https://bugzilla.novell.com/581271 https://bugzilla.novell.com/581718 https://bugzilla.novell.com/582552 https://bugzilla.novell.com/582907 https://bugzilla.novell.com/584320

1 0

openSUSE-SU-2010:0204-1 (important): pidgin: security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: pidgin: security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0204-1 Rating: important References: #567799 #569616 Cross-References: CVE-2010-0013 CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 Affected Products: ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: http://support.novell.com/security/cve/CVE-2010-0013.html http://support.novell.com/security/cve/CVE-2010-0277.html http://support.novell.com/security/cve/CVE-2010-0420.html http://support.novell.com/security/cve/CVE-2010-0423.html https://bugzilla.novell.com/567799 https://bugzilla.novell.com/569616

1 0

openSUSE-SU-2010:0203-1 (important): krb5: security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: krb5: security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0203-1 Rating: important References: #485894 #486722 #486723 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Special Instructions and Notes: Please reboot the system after installing this update. Package List: References: https://bugzilla.novell.com/485894 https://bugzilla.novell.com/486722 https://bugzilla.novell.com/486723

1 0

openSUSE-SU-2010:0202-1 (moderate): Linux Kernel: Security/Bugfix update to 2.6.27.25
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

1 0

openSUSE-RU-2010:0198-1 (important): aaa_base: fix kiwi generated liveCDs and other fixes
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: aaa_base: fix kiwi generated liveCDs and other fixes ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0198-1 Rating: important References: #467637 #469242 #470511 #473043 Affected Products: ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/467637 https://bugzilla.novell.com/469242 https://bugzilla.novell.com/470511 https://bugzilla.novell.com/473043

1 0

openSUSE-RU-2010:0197-1 (low): xorg-x11-driver-input: A problem with A4Tech X7 series mouse button is fixed by this update.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: xorg-x11-driver-input: A problem with A4Tech X7 series mouse button is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0197-1 Rating: low References: #566264 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/566264

1 0

openSUSE-RU-2010:0196-1 (low): bluez: Changes since 11.2 RC1
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: bluez: Changes since 11.2 RC1 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0196-1 Rating: low References: #522287 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/522287

1 0

openSUSE-RU-2010:0192-1 (low): kbuild: This update fixes a crash on the build of virtualbox-ose.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: kbuild: This update fixes a crash on the build of virtualbox-ose. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0192-1 Rating: low References: #573539 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/573539

1 0

openSUSE-RU-2010:0191-1 (moderate): seccheck: fix for weekly cron script
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: seccheck: fix for weekly cron script ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0191-1 Rating: moderate References: #540017 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/540017

1 0

openSUSE-SU-2010:0189-1 (important): curl security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: curl security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0189-1 Rating: important References: #527990 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/527990

1 0

openSUSE-RU-2010:0188-1 (low): iwl4965-ucode: Fix for wlan driver iwl4965
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: iwl4965-ucode: Fix for wlan driver iwl4965 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0188-1 Rating: low References: #451045 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/451045

1 0

openSUSE-SU-2010:0186-1 (low): ruby gems security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: ruby gems security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0186-1 Rating: low References: #558879 #564362 Cross-References: CVE-2008-7248 CVE-2009-4214 Affected Products: ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Package List: References: http://support.novell.com/security/cve/CVE-2008-7248.html http://support.novell.com/security/cve/CVE-2009-4214.html https://bugzilla.novell.com/558879 https://bugzilla.novell.com/564362

1 0

openSUSE-SU-2010:0184-1 (important): fetchmail: fix for security issue regarding SSL cert validatin
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: fetchmail: fix for security issue regarding SSL cert validatin ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0184-1 Rating: important References: #528746 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/528746

1 0

openSUSE-RU-2010:0183-1 (low): yast2-autofs: Does not show the stored information. This bug is fixed by this update.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: yast2-autofs: Does not show the stored information. This bug is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0183-1 Rating: low References: #465080 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/465080

1 0

openSUSE-RU-2010:0181-1 (low): rrdtool: Use monospaced font as a default
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: rrdtool: Use monospaced font as a default ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0181-1 Rating: low References: #467362 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/467362

1 0

openSUSE-RU-2010:0178-1 (low): autofs: This update fixes an automount crash
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: autofs: This update fixes an automount crash ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0178-1 Rating: low References: #556479 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/556479

1 0

openSUSE-SU-2010:0177-1 (moderate): libpng: vulnerability while parsing 1-pixel image
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: libpng: vulnerability while parsing 1-pixel image ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0177-1 Rating: moderate References: #514727 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/514727

1 0

openSUSE-RU-2010:0173-1 (low): hplip: Changes since 11.2 RC1
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: hplip: Changes since 11.2 RC1 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0173-1 Rating: low References: #116393 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/116393

1 0

openSUSE-SU-2010:0172-1 (low): krb5 security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: krb5 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0172-1 Rating: low References: #591049 Cross-References: CVE-2010-0629 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Authenticated users could crash the kadmind process by referencing freed memory (CVE-2010-0629). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch krb5-2267 - openSUSE 11.0: zypper in -t patch krb5-2267 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): krb5-1.6.3-132.7.1 - openSUSE 11.1 (i586 ppc x86_64): krb5-apps-clients-1.6.3-132.7.1 krb5-apps-servers-1.6.3-132.7.1 krb5-client-1.6.3-132.7.1 krb5-devel-1.6.3-132.7.1 krb5-server-1.6.3-132.7.1 - openSUSE 11.1 (x86_64): krb5-32bit-1.6.3-132.7.1 krb5-devel-32bit-1.6.3-132.7.1 - openSUSE 11.1 (ppc): krb5-64bit-1.6.3-132.7.1 krb5-devel-64bit-1.6.3-132.7.1 - openSUSE 11.0 (i586 ppc src x86_64): krb5-1.6.3-50.9 - openSUSE 11.0 (i586 ppc x86_64): krb5-apps-clients-1.6.3-50.9 krb5-apps-servers-1.6.3-50.9 krb5-client-1.6.3-50.9 krb5-devel-1.6.3-50.9 krb5-server-1.6.3-50.9 - openSUSE 11.0 (x86_64): krb5-32bit-1.6.3-50.9 krb5-devel-32bit-1.6.3-50.9 - openSUSE 11.0 (ppc): krb5-64bit-1.6.3-50.9 krb5-devel-64bit-1.6.3-50.9 References: http://support.novell.com/security/cve/CVE-2010-0629.html https://bugzilla.novell.com/591049

1 0

openSUSE-RU-2010:0169-1 (low): net-snmp: Several bugs are fixed by this update.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: net-snmp: Several bugs are fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0169-1 Rating: low References: #514333 #523553 #565586 Affected Products: ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/514333 https://bugzilla.novell.com/523553 https://bugzilla.novell.com/565586

1 0

openSUSE-SU-2010:0167-1 (low): sbl: fixed buffer overflow (CVE-2009-0310)
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: sbl: fixed buffer overflow (CVE-2009-0310) ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0167-1 Rating: low References: #436841 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/436841

1 0

openSUSE-SU-2010:0166-1 (moderate): pidgin accumulated security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: pidgin accumulated security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0166-1 Rating: moderate References: #535570 #535832 #536602 #548072 Cross-References: Affected Products: ______________________________________________________________________________ An update that has four security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/535570 https://bugzilla.novell.com/535832 https://bugzilla.novell.com/536602 https://bugzilla.novell.com/548072

1 0

openSUSE-RU-2010:0165-1 (low): release-notes-openSUSE: New Entry (XEN Configuration)
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: release-notes-openSUSE: New Entry (XEN Configuration) ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0165-1 Rating: low References: #491929 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/491929

1 0

openSUSE-SU-2010:0162-1 (important): java-1_6_0-sun: Security update to JDK 6 update 13.
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: java-1_6_0-sun: Security update to JDK 6 update 13. ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0162-1 Rating: important References: #488926 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/488926

1 0

openSUSE-SU-2010:0161-1 (important): silc-toolkit: official update fixes several security issues
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: silc-toolkit: official update fixes several security issues ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0161-1 Rating: important References: #535841 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/535841

1 0

openSUSE-RU-2010:0157-1 (important): foomatic-filters: Fixed PageSetup section location
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: foomatic-filters: Fixed PageSetup section location ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0157-1 Rating: important References: #502656 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/502656

1 0

openSUSE-SU-2010:0151-1 (low): dovecot security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: dovecot security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0151-1 Rating: low References: #557184 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/557184

1 0

openSUSE-SU-2010:0147-1 (critical): java-1_6_0-openjdk: fix for several security issues
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: java-1_6_0-openjdk: fix for several security issues ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0147-1 Rating: critical References: #554069 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/554069

1 0

openSUSE-RU-2010:0145-1 (low): kdelibs4: Changes since 11.2 RC1
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: kdelibs4: Changes since 11.2 RC1 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0145-1 Rating: low References: #548018 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/548018

1 0

openSUSE-SU-2010:0144-1 (low): libssh: fix heap overflows
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: libssh: fix heap overflows ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0144-1 Rating: low References: #540628 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/540628

1 0

openSUSE-RU-2010:0143-1 (low): xpdf-poppler: xpdf crashes if user is opening a nonexistent file. This bug is fixed by this update.
by maintenance＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Recommended Update: xpdf-poppler: xpdf crashes if user is opening a nonexistent file. This bug is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0143-1 Rating: low References: #573792 Affected Products: ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/573792

1 0

openSUSE-SU-2010:0141-1 (moderate): xpdf security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: xpdf security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0141-1 Rating: moderate References: #534764 #539875 #543410 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/534764 https://bugzilla.novell.com/539875 https://bugzilla.novell.com/543410

1 0

openSUSE-SU-2010:0138-1 (moderate): mutt: improved SSL certificate handling
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: mutt: improved SSL certificate handling ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0138-1 Rating: moderate References: #537141 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/537141

1 0

openSUSE-SU-2010:0134-1 (moderate): mysql security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: mysql security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0134-1 Rating: moderate References: #480140 #497546 #520608 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/480140 https://bugzilla.novell.com/497546 https://bugzilla.novell.com/520608

1 0

openSUSE-SU-2010:0130-1 (moderate): acroread: security update to version 9.3.1
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: acroread: security update to version 9.3.1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0130-1 Rating: moderate References: #580470 Cross-References: CVE-2010-0186 CVE-2010-0188 Affected Products: ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Package List: References: http://support.novell.com/security/cve/CVE-2010-0186.html http://support.novell.com/security/cve/CVE-2010-0188.html https://bugzilla.novell.com/580470

1 0

openSUSE-SU-2010:0128-1 (moderate): ldns/unbound: heap-based remote buffer overflow
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: ldns/unbound: heap-based remote buffer overflow ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0128-1 Rating: moderate References: #488631 Cross-References: Affected Products: ______________________________________________________________________________ An update that has one security fix can now be installed. Description: Package List: References: https://bugzilla.novell.com/488631

1 0

openSUSE-SU-2010:0124-1 (important): ghostscript security update
by opensuse-security＠opensuse.org 16 Apr '10

16 Apr '10

openSUSE Security Update: ghostscript security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0124-1 Rating: important References: #489622 #491897 #492765 Cross-References: Affected Products: ______________________________________________________________________________ An update that has three security fixes can now be installed. Description: Package List: References: https://bugzilla.novell.com/489622 https://bugzilla.novell.com/491897 https://bugzilla.novell.com/492765

1 0

openSUSE-SU-test-2010:32216-1 (low): krb5 security update
by opensuse-security＠opensuse.org 15 Apr '10

15 Apr '10

openSUSE Security Update: krb5 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-test-2010:32216-1 Rating: low References: #591049 Cross-References: CVE-2010-0629 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Authenticated users could crash the kadmind process by referencing freed memory (CVE-2010-0629). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch krb5-2267 - openSUSE 11.0: zypper in -t patch krb5-2267 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): krb5-1.6.3-132.7.1 - openSUSE 11.1 (i586 ppc x86_64): krb5-apps-clients-1.6.3-132.7.1 krb5-apps-servers-1.6.3-132.7.1 krb5-client-1.6.3-132.7.1 krb5-devel-1.6.3-132.7.1 krb5-server-1.6.3-132.7.1 - openSUSE 11.1 (x86_64): krb5-32bit-1.6.3-132.7.1 krb5-devel-32bit-1.6.3-132.7.1 - openSUSE 11.1 (ppc): krb5-64bit-1.6.3-132.7.1 krb5-devel-64bit-1.6.3-132.7.1 - openSUSE 11.0 (i586 ppc src x86_64): krb5-1.6.3-50.9 - openSUSE 11.0 (i586 ppc x86_64): krb5-apps-clients-1.6.3-50.9 krb5-apps-servers-1.6.3-50.9 krb5-client-1.6.3-50.9 krb5-devel-1.6.3-50.9 krb5-server-1.6.3-50.9 - openSUSE 11.0 (x86_64): krb5-32bit-1.6.3-50.9 krb5-devel-32bit-1.6.3-50.9 - openSUSE 11.0 (ppc): krb5-64bit-1.6.3-50.9 krb5-devel-64bit-1.6.3-50.9 References: http://support.novell.com/security/cve/CVE-2010-0629.html https://bugzilla.novell.com/591049

1 0

openSUSE-RU-2010:0119-1 (low): xemacs: Fails to load customization files after latest online update. Fixed by this update.
by maintenance＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Recommended Update: xemacs: Fails to load customization files after latest online update. Fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0119-1 Rating: low References: #590429 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: Fails to load customization files after latest online update. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch xemacs-2251 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 21.5.29.b604d235f028]: xemacs-21.5.29.b604d235f028-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 21.5.29.b604d235f028]: xemacs-el-21.5.29.b604d235f028-1.1.1 xemacs-info-21.5.29.b604d235f028-1.1.1 References: https://bugzilla.novell.com/590429

1 0

openSUSE-SU-2010:0115-1 (low): gimp: fix for integer overflow vulnerability
by opensuse-security＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Security Update: gimp: fix for integer overflow vulnerability ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0115-1 Rating: low References: #555144 #555166 Cross-References: CVE-2009-1570 CVE-2009-3909 Affected Products: openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: Integer overflows in the BMP and PSD plug-ins potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files (CVE-2009-1570, CVE-2009-3909). Gimp was updated to to version 2.6.8 which fixes those issues. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch gimp-2160 - openSUSE 11.1: zypper in -t patch gimp-2151 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 2.6.8]: gimp-2.6.8-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 2.6.8]: gimp-branding-upstream-2.6.8-1.1.1 gimp-devel-2.6.8-1.1.1 gimp-help-browser-2.6.8-1.1.1 gimp-plugins-python-2.6.8-1.1.1 - openSUSE 11.2 (noarch) [New Version: 2.6.8]: gimp-lang-2.6.8-1.1.1 - openSUSE 11.1 (i586 ppc src x86_64): gimp-2.6.2-2.19.1 - openSUSE 11.1 (i586 ppc x86_64): gimp-branding-upstream-2.6.2-2.19.1 gimp-devel-2.6.2-2.19.1 gimp-doc-2.6.2-2.19.1 gimp-lang-2.6.2-2.19.1 gimp-plugins-python-2.6.2-2.19.1 References: http://support.novell.com/security/cve/CVE-2009-1570.html http://support.novell.com/security/cve/CVE-2009-3909.html https://bugzilla.novell.com/555144 https://bugzilla.novell.com/555166

1 0

openSUSE-SU-2010:0112-1 (important): KDE KDM local root exploit (CVE-2010-0436)
by opensuse-security＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Security Update: KDE KDM local root exploit (CVE-2010-0436) ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0112-1 Rating: important References: #584223 Cross-References: CVE-2010-0436 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The KDE KDM contains a local race condition which allows to make arbitrary files world writable. CVE-2010-0436 has been assigned to this issue. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch kde4-kdm-2134 - openSUSE 11.1: zypper in -t patch fileshareset-2204 kde4-kdm-2134 - openSUSE 11.0: zypper in -t patch fileshareset-2204 kde4-kdm-2134 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 4.3.5]: kdebase4-workspace-4.3.5-0.3.1 - openSUSE 11.2 (i586 x86_64) [New Version: 4.3.5]: kde4-kgreeter-plugins-4.3.5-0.3.1 kdebase4-workspace-branding-upstream-4.3.5-0.3.1 kdebase4-workspace-devel-4.3.5-0.3.1 kdebase4-workspace-google-gadgets-4.3.5-0.3.1 kdebase4-workspace-ksysguardd-4.3.5-0.3.1 kdm-4.3.5-0.3.1 kdm-branding-upstream-4.3.5-0.3.1 kwin-4.3.5-0.3.1 - openSUSE 11.1 (i586 ppc src x86_64): kdebase3-3.5.10-17.5.1 kdebase4-workspace-4.1.3-10.4.1 - openSUSE 11.1 (i586 ppc x86_64): fileshareset-2.0-17.5.1 kde4-kdm-4.1.3-10.4.1 kde4-kdm-branding-upstream-4.1.3-10.4.1 kde4-kgreeter-plugins-4.1.3-10.4.1 kde4-kwin-4.1.3-10.4.1 kdebase3-beagle-3.5.10-17.5.1 kdebase3-devel-3.5.10-17.5.1 kdebase3-extra-3.5.10-17.5.1 kdebase3-kdm-3.5.10-17.5.1 kdebase3-nsplugin-3.5.10-17.5.1 kdebase3-runtime-3.5.10-17.5.1 kdebase3-samba-3.5.10-17.5.1 kdebase3-session-3.5.10-17.5.1 kdebase4-workspace-branding-upstream-4.1.3-10.4.1 kdebase4-workspace-devel-4.1.3-10.4.1 kdebase4-workspace-ksysguardd-4.1.3-10.4.1 misc-console-font-3.5.10-17.5.1 - openSUSE 11.1 (x86_64): kdebase3-32bit-3.5.10-17.5.1 kdebase3-runtime-32bit-3.5.10-17.5.1 - openSUSE 11.0 (i586 ppc src x86_64): kdebase3-3.5.9-65.4 kdebase4-workspace-4.0.4-24.8 - openSUSE 11.0 (i586 ppc x86_64): fileshareset-2.0-501.4 kde4-kdm-4.0.4-24.8 kde4-kdm-branding-upstream-4.0.4-24.8 kde4-kwin-4.0.4-24.8 kdebase3-beagle-3.5.9-65.4 kdebase3-devel-3.5.9-65.4 kdebase3-extra-3.5.9-65.4 kdebase3-kdm-3.5.9-65.4 kdebase3-runtime-3.5.9-65.4 kdebase3-samba-3.5.9-65.4 kdebase3-session-3.5.9-65.4 kdebase4-workspace-branding-upstream-4.0.4-24.8 kdebase4-workspace-devel-4.0.4-24.8 kdebase4-workspace-ksysguardd-4.0.4-24.8 misc-console-font-3.5.9-65.4 - openSUSE 11.0 (i586 ppc): kdebase3-nsplugin-3.5.9-65.4 - openSUSE 11.0 (x86_64): kdebase3-32bit-3.5.9-65.4 kdebase3-runtime-32bit-3.5.9-65.4 - openSUSE 11.0 (ppc): kdebase3-64bit-3.5.9-65.4 kdebase3-runtime-64bit-3.5.9-65.4 References: http://support.novell.com/security/cve/CVE-2010-0436.html https://bugzilla.novell.com/584223

1 0

openSUSE-SU-2010:0110-1 (low): gimp security update
by opensuse-security＠opensuse.org 14 Apr '10

14 Apr '10

openSUSE Security Update: gimp security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0110-1 Rating: low References: #555144 Cross-References: CVE-2009-1570 CVE-2009-3909 Affected Products: openSUSE 11.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Integer overflows in the BMP plug-in potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files (CVE-2009-1570). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.0: zypper in -t patch gimp-2154 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.0 (i586 ppc src x86_64): gimp-2.4.5-41.2 - openSUSE 11.0 (i586 ppc x86_64): gimp-branding-upstream-2.4.5-41.2 gimp-devel-2.4.5-41.2 gimp-doc-2.4.5-41.2 gimp-plugins-python-2.4.5-41.2 References: http://support.novell.com/security/cve/CVE-2009-1570.html http://support.novell.com/security/cve/CVE-2009-3909.html https://bugzilla.novell.com/555144

1 0

openSUSE-SU-2010:0102-3 (critical): MozillaFirefox-branding-openSUSE: Update to 3.5 branding
by opensuse-security＠opensuse.org 13 Apr '10

13 Apr '10

openSUSE Security Update: MozillaFirefox-branding-openSUSE: Update to 3.5 branding ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0102-3 Rating: critical References: #586567 Cross-References: CVE-2009-3555 CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 CVE-2010-0181 CVE-2010-0182 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes 5 new package versions. Description: This patch updates Mozilla Firefox from the 3.0 stable branch to the 3.5.9 release. It includes also following security fixes: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way <option> elements are inserted into a XUL tree <optgroup>. In certain cases, the number of references to an <option> element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security.ssl.require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch MozillaFirefox-2273 - openSUSE 11.1: zypper in -t patch MozillaFirefox-branding-openSUSE-2281 firefox35upgrade-2262 mozilla-xulrunner190-2261 - openSUSE 11.0: zypper in -t patch firefox35upgrade-2262 mozilla-xulrunner190-2261 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 1.9.1.9 and 3.5.9]: MozillaFirefox-3.5.9-0.1.1 mozilla-xulrunner191-1.9.1.9-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 1.9.1.9 and 3.5.9]: MozillaFirefox-branding-upstream-3.5.9-0.1.1 MozillaFirefox-translations-common-3.5.9-0.1.1 MozillaFirefox-translations-other-3.5.9-0.1.1 mozilla-xulrunner191-devel-1.9.1.9-1.1.1 mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1.1 mozilla-xulrunner191-translations-common-1.9.1.9-1.1.1 mozilla-xulrunner191-translations-other-1.9.1.9-1.1.1 python-xpcom191-1.9.1.9-1.1.1 - openSUSE 11.2 (x86_64) [New Version: 1.9.1.9]: mozilla-xulrunner191-32bit-1.9.1.9-1.1.1 mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1.1 - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 1.9.0.19,3.5 and 3.5.9]: MozillaFirefox-3.5.9-0.1.1 MozillaFirefox-branding-openSUSE-3.5-10.1.1 beagle-0.3.8-46.35.1 mhtml-firefox-0.5-1.27.2 mozilla-xulrunner190-1.9.0.19-0.1.1 mozilla-xulrunner191-1.9.1.9-1.1.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 1.9.0.19 and 3.5.9]: MozillaFirefox-branding-upstream-3.5.9-0.1.1 MozillaFirefox-translations-common-3.5.9-0.1.1 MozillaFirefox-translations-other-3.5.9-0.1.1 beagle-devel-0.3.8-46.35.1 beagle-epiphany-0.3.8-46.35.1 beagle-evolution-0.3.8-46.35.1 beagle-firefox-0.3.8-46.35.1 beagle-google-0.3.8-46.35.1 beagle-gui-0.3.8-46.35.1 beagle-lang-0.3.8-46.35.1 beagle-thunderbird-0.3.8-46.35.1 mozilla-xulrunner190-devel-1.9.0.19-0.1.1 mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1 mozilla-xulrunner190-translations-1.9.0.19-0.1.1 mozilla-xulrunner191-devel-1.9.1.9-1.1.1 mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1.1 mozilla-xulrunner191-translations-common-1.9.1.9-1.1.1 mozilla-xulrunner191-translations-other-1.9.1.9-1.1.1 python-xpcom190-1.9.0.19-0.1.1 python-xpcom191-1.9.1.9-1.1.1 - openSUSE 11.1 (noarch src): autoconf213-2.13-3.1.1 - openSUSE 11.1 (x86_64) [New Version: 1.9.0.19]: mozilla-xulrunner190-32bit-1.9.0.19-0.1.1 mozilla-xulrunner190-gnomevfs-32bit-1.9.0.19-0.1.1 mozilla-xulrunner190-translations-32bit-1.9.0.19-0.1.1 mozilla-xulrunner191-32bit-1.9.1.9-1.1.1 mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1.1 - openSUSE 11.0 (i586 ppc src x86_64) [New Version: 0.5,1.9.0.19 and 3.5.9]: MozillaFirefox-3.5.9-0.1 beagle-0.3.7-22.2 mhtml-firefox-0.5-2.1 mozilla-xulrunner190-1.9.0.19-0.1 mozilla-xulrunner191-1.9.1.9-1.1 - openSUSE 11.0 (i586 ppc x86_64) [New Version: 1.9.0.19 and 3.5.9]: MozillaFirefox-branding-upstream-3.5.9-0.1 MozillaFirefox-translations-common-3.5.9-0.1 MozillaFirefox-translations-other-3.5.9-0.1 beagle-devel-0.3.7-22.2 beagle-epiphany-0.3.7-22.2 beagle-evolution-0.3.7-22.2 beagle-firefox-0.3.7-22.2 beagle-google-0.3.7-22.2 beagle-gui-0.3.7-22.2 beagle-lang-0.3.7-22.2 beagle-thunderbird-0.3.7-22.2 mozilla-xulrunner190-devel-1.9.0.19-0.1 mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1 mozilla-xulrunner190-translations-1.9.0.19-0.1 mozilla-xulrunner191-devel-1.9.1.9-1.1 mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1 mozilla-xulrunner191-translations-common-1.9.1.9-1.1 mozilla-xulrunner191-translations-other-1.9.1.9-1.1 python-xpcom191-1.9.1.9-1.1 - openSUSE 11.0 (noarch src): autoconf213-2.13-3.1 - openSUSE 11.0 (x86_64) [New Version: 1.9.0.19]: mozilla-xulrunner190-32bit-1.9.0.19-0.1 mozilla-xulrunner190-gnomevfs-32bit-1.9.0.19-0.1 mozilla-xulrunner190-translations-32bit-1.9.0.19-0.1 mozilla-xulrunner191-32bit-1.9.1.9-1.1 mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1 - openSUSE 11.0 (ppc) [New Version: 1.9.0.19]: mozilla-xulrunner190-64bit-1.9.0.19-0.1 mozilla-xulrunner190-gnomevfs-64bit-1.9.0.19-0.1 mozilla-xulrunner190-translations-64bit-1.9.0.19-0.1 mozilla-xulrunner191-64bit-1.9.1.9-1.1 mozilla-xulrunner191-gnomevfs-64bit-1.9.1.9-1.1 References: http://support.novell.com/security/cve/CVE-2009-3555.html http://support.novell.com/security/cve/CVE-2010-0173.html http://support.novell.com/security/cve/CVE-2010-0174.html http://support.novell.com/security/cve/CVE-2010-0175.html http://support.novell.com/security/cve/CVE-2010-0176.html http://support.novell.com/security/cve/CVE-2010-0177.html http://support.novell.com/security/cve/CVE-2010-0178.html http://support.novell.com/security/cve/CVE-2010-0179.html http://support.novell.com/security/cve/CVE-2010-0181.html http://support.novell.com/security/cve/CVE-2010-0182.html https://bugzilla.novell.com/586567

1 0

openSUSE-SU-2010:0102-2 (critical): MozillaThunderbird: Update to 3.0.4
by opensuse-security＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Security Update: MozillaThunderbird: Update to 3.0.4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0102-2 Rating: critical References: #586567 Cross-References: CVE-2009-3555 CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 CVE-2010-0181 CVE-2010-0182 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes one version update. Description: Mozilla Thunderbird was updated to version 3.0.4 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way <option> elements are inserted into a XUL tree <optgroup>. In certain cases, the number of references to an <option> element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security.ssl.require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch MozillaThunderbird-2245 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 3.0.4]: MozillaThunderbird-3.0.4-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 3.0.4]: MozillaThunderbird-devel-3.0.4-1.1.1 MozillaThunderbird-translations-common-3.0.4-1.1.1 MozillaThunderbird-translations-other-3.0.4-1.1.1 References: http://support.novell.com/security/cve/CVE-2009-3555.html http://support.novell.com/security/cve/CVE-2010-0173.html http://support.novell.com/security/cve/CVE-2010-0174.html http://support.novell.com/security/cve/CVE-2010-0175.html http://support.novell.com/security/cve/CVE-2010-0176.html http://support.novell.com/security/cve/CVE-2010-0177.html http://support.novell.com/security/cve/CVE-2010-0178.html http://support.novell.com/security/cve/CVE-2010-0179.html http://support.novell.com/security/cve/CVE-2010-0181.html http://support.novell.com/security/cve/CVE-2010-0182.html https://bugzilla.novell.com/586567

1 0

openSUSE-RU-2010:0105-1 (important): bundle-lang-gnome: Updated to match current 11.2 versions
by maintenance＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Recommended Update: bundle-lang-gnome: Updated to match current 11.2 versions ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0105-1 Rating: important References: #593309 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: The language bundle packages where updated to match the released GNOME 2.28.2 and KDE 4.3.5 series. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch bundle-lang-gnome-2233 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (noarch): bundle-lang-gnome-ar-11.2-20.23.4 bundle-lang-gnome-ca-11.2-20.23.4 bundle-lang-gnome-cs-11.2-20.23.4 bundle-lang-gnome-da-11.2-20.23.4 bundle-lang-gnome-de-11.2-20.23.4 bundle-lang-gnome-en-11.2-20.23.4 bundle-lang-gnome-es-11.2-20.23.4 bundle-lang-gnome-extras-ar-11.2-20.23.1 bundle-lang-gnome-extras-ca-11.2-20.23.1 bundle-lang-gnome-extras-cs-11.2-20.23.1 bundle-lang-gnome-extras-da-11.2-20.23.1 bundle-lang-gnome-extras-de-11.2-20.23.1 bundle-lang-gnome-extras-en-11.2-20.23.1 bundle-lang-gnome-extras-es-11.2-20.23.1 bundle-lang-gnome-extras-fi-11.2-20.23.1 bundle-lang-gnome-extras-fr-11.2-20.23.1 bundle-lang-gnome-extras-hu-11.2-20.23.1 bundle-lang-gnome-extras-it-11.2-20.23.1 bundle-lang-gnome-extras-ja-11.2-20.23.1 bundle-lang-gnome-extras-ko-11.2-20.23.1 bundle-lang-gnome-extras-nb-11.2-20.23.1 bundle-lang-gnome-extras-nl-11.2-20.23.1 bundle-lang-gnome-extras-pl-11.2-20.23.1 bundle-lang-gnome-extras-pt-11.2-20.23.1 bundle-lang-gnome-extras-ru-11.2-20.23.1 bundle-lang-gnome-extras-sv-11.2-20.23.1 bundle-lang-gnome-extras-zh-11.2-20.23.1 bundle-lang-gnome-fi-11.2-20.23.4 bundle-lang-gnome-fr-11.2-20.23.4 bundle-lang-gnome-hu-11.2-20.23.4 bundle-lang-gnome-it-11.2-20.23.4 bundle-lang-gnome-ja-11.2-20.23.4 bundle-lang-gnome-ko-11.2-20.23.4 bundle-lang-gnome-nb-11.2-20.23.4 bundle-lang-gnome-nl-11.2-20.23.4 bundle-lang-gnome-pl-11.2-20.23.4 bundle-lang-gnome-pt-11.2-20.23.4 bundle-lang-gnome-ru-11.2-20.23.4 bundle-lang-gnome-sv-11.2-20.23.4 bundle-lang-gnome-zh-11.2-20.23.4 - openSUSE 11.2 (src): bundle-lang-gnome-11.2-20.23.4 bundle-lang-gnome-extras-11.2-20.23.1 References: https://bugzilla.novell.com/593309

1 0

openSUSE-RU-2010:0103-1 (low): emacs: This updates re-add a missing link for emacs
by maintenance＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Recommended Update: emacs: This updates re-add a missing link for emacs ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0103-1 Rating: low References: #589394 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: - #589394: Update for emacs-23.1-3.7.1 fails to install, leaving system without an emacs script. Fixed by this update. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch emacs-2231 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): emacs-23.1-3.8.3 - openSUSE 11.2 (i586 x86_64): emacs-el-23.1-3.8.3 emacs-info-23.1-3.8.3 emacs-nox-23.1-3.8.3 emacs-x11-23.1-3.8.3 References: https://bugzilla.novell.com/589394

1 0

openSUSE-SU-2010:0102-1 (critical): seamonkey: Update to 2.0.4
by opensuse-security＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Security Update: seamonkey: Update to 2.0.4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0102-1 Rating: critical References: #586567 Cross-References: CVE-2009-3555 CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 CVE-2010-0181 CVE-2010-0182 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. It includes one version update. Description: Mozilla Seamonkey was updated to version 2.0.4 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way <option> elements are inserted into a XUL tree <optgroup>. In certain cases, the number of references to an <option> element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security.ssl.require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch seamonkey-2244 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 2.0.4]: seamonkey-2.0.4-1.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 2.0.4]: seamonkey-dom-inspector-2.0.4-1.1.1 seamonkey-irc-2.0.4-1.1.1 seamonkey-venkman-2.0.4-1.1.1 References: http://support.novell.com/security/cve/CVE-2009-3555.html http://support.novell.com/security/cve/CVE-2010-0173.html http://support.novell.com/security/cve/CVE-2010-0174.html http://support.novell.com/security/cve/CVE-2010-0175.html http://support.novell.com/security/cve/CVE-2010-0176.html http://support.novell.com/security/cve/CVE-2010-0177.html http://support.novell.com/security/cve/CVE-2010-0178.html http://support.novell.com/security/cve/CVE-2010-0179.html http://support.novell.com/security/cve/CVE-2010-0181.html http://support.novell.com/security/cve/CVE-2010-0182.html https://bugzilla.novell.com/586567

1 0

openSUSE-SU-2010:0100-1 (important): mozilla-nss: Update to 3.12.6
by opensuse-security＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Security Update: mozilla-nss: Update to 3.12.6 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0100-1 Rating: important References: #554085 Cross-References: CVE-2009-3555 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch libfreebl3-2236 - openSUSE 11.1: zypper in -t patch libfreebl3-2258 - openSUSE 11.0: zypper in -t patch libfreebl3-2258 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64) [New Version: 3.12.6]: mozilla-nss-3.12.6-3.1.1 - openSUSE 11.2 (i586 x86_64) [New Version: 3.12.6]: libfreebl3-3.12.6-3.1.1 mozilla-nss-devel-3.12.6-3.1.1 mozilla-nss-tools-3.12.6-3.1.1 - openSUSE 11.2 (x86_64) [New Version: 3.12.6]: libfreebl3-32bit-3.12.6-3.1.1 mozilla-nss-32bit-3.12.6-3.1.1 - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 3.12.6]: mozilla-nss-3.12.6-3.1.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 3.12.6]: libfreebl3-3.12.6-3.1.1 mozilla-nss-devel-3.12.6-3.1.1 mozilla-nss-tools-3.12.6-3.1.1 - openSUSE 11.1 (x86_64) [New Version: 3.12.6]: libfreebl3-32bit-3.12.6-3.1.1 mozilla-nss-32bit-3.12.6-3.1.1 - openSUSE 11.1 (ppc) [New Version: 3.12.6]: libfreebl3-64bit-3.12.6-3.1.1 mozilla-nss-64bit-3.12.6-3.1.1 - openSUSE 11.0 (i586 ppc src x86_64) [New Version: 3.12.6]: mozilla-nss-3.12.6-3.1 - openSUSE 11.0 (i586 ppc x86_64) [New Version: 3.12.6]: libfreebl3-3.12.6-3.1 mozilla-nss-devel-3.12.6-3.1 mozilla-nss-tools-3.12.6-3.1 - openSUSE 11.0 (x86_64) [New Version: 3.12.6]: libfreebl3-32bit-3.12.6-3.1 mozilla-nss-32bit-3.12.6-3.1 - openSUSE 11.0 (ppc) [New Version: 3.12.6]: libfreebl3-64bit-3.12.6-3.1 mozilla-nss-64bit-3.12.6-3.1 References: http://support.novell.com/security/cve/CVE-2009-3555.html https://bugzilla.novell.com/554085

1 0

openSUSE-SU-2010:0099-1 (low): krb5 security update
by opensuse-security＠opensuse.org 12 Apr '10

12 Apr '10

openSUSE Security Update: krb5 security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0099-1 Rating: low References: #591049 Cross-References: CVE-2010-0629 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Authenticated users could crash the kadmind process by referencing freed memory (CVE-2010-0629). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch krb5-2267 - openSUSE 11.0: zypper in -t patch krb5-2267 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): krb5-1.6.3-132.7.1 - openSUSE 11.1 (i586 ppc x86_64): krb5-apps-clients-1.6.3-132.7.1 krb5-apps-servers-1.6.3-132.7.1 krb5-client-1.6.3-132.7.1 krb5-devel-1.6.3-132.7.1 krb5-server-1.6.3-132.7.1 - openSUSE 11.1 (x86_64): krb5-32bit-1.6.3-132.7.1 krb5-devel-32bit-1.6.3-132.7.1 - openSUSE 11.1 (ppc): krb5-64bit-1.6.3-132.7.1 krb5-devel-64bit-1.6.3-132.7.1 - openSUSE 11.0 (i586 ppc src x86_64): krb5-1.6.3-50.9 - openSUSE 11.0 (i586 ppc x86_64): krb5-apps-clients-1.6.3-50.9 krb5-apps-servers-1.6.3-50.9 krb5-client-1.6.3-50.9 krb5-devel-1.6.3-50.9 krb5-server-1.6.3-50.9 - openSUSE 11.0 (x86_64): krb5-32bit-1.6.3-50.9 krb5-devel-32bit-1.6.3-50.9 - openSUSE 11.0 (ppc): krb5-64bit-1.6.3-50.9 krb5-devel-64bit-1.6.3-50.9 References: http://support.novell.com/security/cve/CVE-2010-0629.html https://bugzilla.novell.com/591049

1 0

openSUSE-SU-2010:0098-1 (low): viewvc security update
by opensuse-security＠opensuse.org 10 Apr '10

10 Apr '10

openSUSE Security Update: viewvc security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0098-1 Rating: low References: #592932 Cross-References: CVE-2010-0132 Affected Products: openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: CVS support got broken by the previous viewvc update for CVE-2010-0132. This release fixes that again. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch viewvc-2268 - openSUSE 11.0: zypper in -t patch viewvc-2268 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 1.0.11]: viewvc-1.0.11-0.2.1 - openSUSE 11.0 (i586 ppc src x86_64) [New Version: 1.0.11]: viewvc-1.0.11-0.3 References: http://support.novell.com/security/cve/CVE-2010-0132.html https://bugzilla.novell.com/592932

1 0

openSUSE-RU-2010:0092-1 (important): vsftpd: ipv6 link local address doesn't work. This bug is fixed by this update.
by maintenance＠opensuse.org 09 Apr '10

09 Apr '10

openSUSE Recommended Update: vsftpd: ipv6 link local address doesn't work. This bug is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0092-1 Rating: important References: #574366 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: vsftpd was updated to fix the following bug: - #574366: vsftpd doesn't work with ipv6 link local address Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch vsftpd-1958 - openSUSE 11.1: zypper in -t patch vsftpd-1958 - openSUSE 11.0: zypper in -t patch vsftpd-1958 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): vsftpd-2.0.7-5.2.1 - openSUSE 11.1 (i586 ppc src x86_64): vsftpd-2.0.7-4.29.1 - openSUSE 11.0 (i586 ppc src x86_64): vsftpd-2.0.6-25.4 References: https://bugzilla.novell.com/574366

1 0

openSUSE-SU-2010:0089-1 (low): transmission: fixing data corruption issue
by opensuse-security＠opensuse.org 09 Apr '10

09 Apr '10

openSUSE Security Update: transmission: fixing data corruption issue ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0089-1 Rating: low References: #589268 Cross-References: CVE-2010-0748 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: A data corruption issue has been fixed in transmission. CVE-2010-0748 has been assigned to this issue. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch transmission-2256 - openSUSE 11.1: zypper in -t patch transmission-2256 - openSUSE 11.0: zypper in -t patch transmission-2256 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): transmission-1.74-4.8.1 - openSUSE 11.2 (i586 x86_64): transmission-gtk-1.74-4.8.1 transmission-qt-1.74-4.8.1 - openSUSE 11.2 (noarch): transmission-common-1.74-4.8.1 transmission-common-lang-1.74-4.8.1 - openSUSE 11.1 (i586 ppc src x86_64): transmission-1.34-1.33.1 - openSUSE 11.1 (i586 ppc x86_64): transmission-gtk-1.34-1.33.1 transmission-lang-1.34-1.33.1 - openSUSE 11.0 (i586 ppc src x86_64): transmission-1.11-18.4 - openSUSE 11.0 (i586 ppc x86_64): transmission-gtk-1.11-18.4 transmission-lang-1.11-18.4 References: http://support.novell.com/security/cve/CVE-2010-0748.html https://bugzilla.novell.com/589268

1 0

openSUSE-RU-2010:0092-1 (important): vsftpd: ipv6 link local address doesn't work. This bug is fixed by this update.
by maintenance＠opensuse.org 09 Apr '10

09 Apr '10

openSUSE Recommended Update: vsftpd: ipv6 link local address doesn't work. This bug is fixed by this update. ______________________________________________________________________________ Announcement ID: openSUSE-RU-2010:0092-1 Rating: important References: #574366 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: vsftpd was updated to fix the following bug: - #574366: vsftpd doesn't work with ipv6 link local address Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch vsftpd-1958 - openSUSE 11.1: zypper in -t patch vsftpd-1958 - openSUSE 11.0: zypper in -t patch vsftpd-1958 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src x86_64): vsftpd-2.0.7-5.2.1 - openSUSE 11.1 (i586 ppc src x86_64): vsftpd-2.0.7-4.29.1 - openSUSE 11.0 (i586 ppc src x86_64): vsftpd-2.0.6-25.4 References: https://bugzilla.novell.com/574366

1 0

Hello world
by Marcus Meissner 08 Apr '10

08 Apr '10

Hi, This mailing list will be used for posting automated update notices. If you can read this mail the mailsetup was correct. :) Ciao, Marcus

1 0