Mailinglist Archive: opensuse-security (24 mails)

< Previous Next >
Re: [opensuse-security] Re: [security-announce] SUSE-SU-2014:1247-1: important: Security update for bash
  • From: Chris Ellis <chris@xxxxxxxxxxx>
  • Date: Wed, 8 Oct 2014 11:23:22 +0100
  • Message-id: <>
Hi Joe

On Wed, Oct 8, 2014 at 10:49 AM, Joe Schönberg <joeml@xxxxxxxxxxxx> wrote:
Hello all,

Am Montag, 29. September 2014 13:48:03 schrieb Marcus Meissner:

Let me refer you to:

How to find the packages for SLES11SP2 then?

My system is under patch support and registered, but:

zypper in -t patch sleman17sp2-bash-9779
Loading repository data...
Reading installed packages...
'sleman17sp2-bash-9779' not found in package names. Trying capabilities.
No provider of 'patch:sleman17sp2-bash-9779' found.

I hoped the patch was installed automatically via my update script
while I was in holiday - for the non enterprise Suse systems it was ...

The bash version of my SLES11SP2 is

GNU bash, version 3.2.51(1)-release (x86_64-suse-linux-gnu)

and still vulnerable regarding the usual test script.

I have still pending

kernel-default-3.0.101- kernel-default-base-3.0.101-

which I don't want to install just now because most kernel patches had
broken multipathing in the past.
Is there a dependency with that kernel patch?


Rather than asking the openSUSE community, would it not be better to ask SUSE,
if you've got a support agreement with them, then raise a ticket.

Reading: points me to the patch finder,
which lists:

Also, have you tried:

zypper update bash


zypper patch --cve CVE-2014-6271

To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >