openSUSE Security Update: update for coreutils ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0233-1 Rating: moderate References: #796243 #798538 #798541 Cross-References: CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 Affected Products: openSUSE 12.2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: - Avoid segmentation fault in "join -i" with long line input (bnc#798541, VUL-1, CVE-2013-0223) - Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1, CVE-2013-0222) - Avoid segmentation fault in "sort -d" and "sort -M" with long line input (bnc#798538, VUL-1, CVE-2013-0221) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.2: zypper in -t patch openSUSE-2013-74 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.2 (i586 x86_64): coreutils-8.16-5.12.1 coreutils-debuginfo-8.16-5.12.1 coreutils-debugsource-8.16-5.12.1 - openSUSE 12.2 (noarch): coreutils-lang-8.16-5.12.1 References: http://support.novell.com/security/cve/CVE-2013-0221.html http://support.novell.com/security/cve/CVE-2013-0222.html http://support.novell.com/security/cve/CVE-2013-0223.html https://bugzilla.novell.com/796243 https://bugzilla.novell.com/798538 https://bugzilla.novell.com/798541