The OVAL Repository5.32015-09-03T06:18:12.674-04:00SUSE-SU-2014:1574-1 -- Security update for clamav (important)SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11clamavclamav was updated to version 0.98.5 to fix three security issues and
several non-security issues.
These security issues have been fixed:
* Crash when scanning maliciously crafted yoda's crypter files
(CVE-2013-6497).
* Heap-based buffer overflow when scanning crypted PE files
(CVE-2014-9050).
* Crash when using 'clamscan -a'.
These non-security issues have been fixed:
* Support for the XDP file format and extracting, decoding, and
scanning PDF files within XDP files.
* Addition of shared library support for LLVM versions 3.1 - 3.5 for
the purpose of just-in-time(JIT) compilation of ClamAV bytecode
signatures.
* Enhancements to the clambc command line utility to assist ClamAV
bytecode signature authors by providing introspection into compiled
bytecode programs.
* Resolution of many of the warning messages from ClamAV compilation.
* Improved detection of malicious PE files.
* ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode
(bnc#904207).
* Fix server socket setup code in clamd (bnc#903489).
* Change updateclamconf to prefer the state of the old config file
even for commented-out options (bnc#903719).
* Fix infinite loop in clamdscan when clamd is not running.
* Fix buffer underruns when handling multi-part MIME email attachments.
* Fix configuration of OpenSSL on various platforms.
* Fix linking issues with libclamunrar.
Security Issues:
* CVE-2013-6497
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497>
* CVE-2014-9050
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1408-1 -- Security update for wget (important)SUSE Linux Enterprise Server 10wgetwget was updated to fix one security issue:
* FTP symbolic link arbitrary filesystem access (CVE-2014-4877).
Security Issues:
* CVE-2014-4877
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1387-1 -- Security update for OpenSSL (important)SUSE Linux Enterprise Server 10OpenSSLThis OpenSSL update fixes the following issues:
* Session Ticket Memory Leak (CVE-2014-3567)
* Build option no-ssl3 is incomplete ((CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
Security Issues:
* CVE-2014-3567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-3568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1624-1 -- Security update for Mozilla Firefox (important)SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11Mozilla Firefox
* CVE-2014-1588
* CVE-2014-1589
* CVE-2014-1590
* CVE-2014-1591
* CVE-2014-1592
* CVE-2014-1593
* CVE-2014-1594
* CVE-2014-1595
]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1458-3 -- Security update for MozillaFirefox (important)SUSE Linux Enterprise Server 10MozillaFirefox
* CVE-2014-1575
* CVE-2014-1576
* CVE-2014-1577
* CVE-2014-1578
* CVE-2014-1581
* CVE-2014-1583
* CVE-2014-1585
* CVE-2014-1586
]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:1311-1 -- Recommended update for apache2SUSE Linux Enterprise Server 10apache2This update for Apache moves function ap_timeout_parameter_parse() to the
public API that can be used by modules. This fixes a regression in
mod_cgid introduced by the previous update.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:1299-1 -- Recommended update for atSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11atThis update for the at(1) job manager fixes a regression caused by the
latest security updates for bash. at(1) now sanitizes the environment it
passes to the shell, allowing only variables whose keys are of the form
/^[A-Z_][A-Z0-9_]/i.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1119-1 -- Security update for glibcSUSE Linux Enterprise Server 10glibcThis glibc update fixes a critical privilege escalation problem and the
following security and non security issues:
* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that
targets the problem is publicly available. (CVE-2014-5119)
* bnc#772242: Replace scope handing with master state
* bnc#779320: Fix buffer overflow in strcoll (CVE-2012-4412)
* bnc#818630: Fall back to localhost if no nameserver defined
* bnc#828235: Fix missing character in IBM-943 charset
* bnc#828637: Fix use of alloca in gaih_inet
* bnc#834594: Fix readdir_r with long file names (CVE-2013-4237)
Security Issues:
* CVE-2014-5119
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119>
* CVE-2013-4237
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237>
* CVE-2012-4412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1082-1 -- Security update for apache2SUSE Linux Enterprise Server 10apache2
* CVE-2013-6438
* CVE-2014-0226
* CVE-2014-0231
* CVE-2013-1862
* CVE-2013-1896
]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1214-1 -- Security update for bashSUSE Linux Enterprise Server 10bashash has been updated to fix a critical security issue.
In some circumstances, the shell would evaluate shellcode in environment
variables passed at startup time. This allowed code execution by local or
remote attackers who could pass environment variables to bash scripts.
(CVE-2014-6271)
Additionally, the following bugs have been fixed:
* Avoid possible buffer overflow when expanding the /dev/fd prefix
with e.g. the test built-in. (CVE-2012-3410)
* Enable workaround for changed behavior of sshd. (bnc#688469)
Security Issues:
* CVE-2014-6271
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271>
* CVE-2012-3410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1128-1 -- Security update for glibcSUSE Linux Enterprise Server 10glibc
* CVE-2014-4043
* CVE-2013-4332
* CVE-2013-4237
* CVE-2013-0242
* CVE-2012-4412
]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1213-1 -- Security update for bashSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11bashash has been updated to fix a critical security issue.
In some circumstances, the shell would evaluate shellcode in environment
variables passed at startup time. This allowed code execution by local or
remote attackers who could pass environment variables to bash scripts.
(CVE-2014-6271)
Security Issues:
* CVE-2014-6271
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1120-2 -- Security update for MozillaFirefoxSUSE Linux Enterprise Server 10MozillaFirefoxMozilla Firefox was updated to the 24.8.0ESR release, fixing security
issues and bugs.
Only some of the published security advisories affect the Mozilla Firefox
24ESR codestream:
* MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht
reported, via TippingPoint's Zero Day Initiative, a use-after-free
during text layout when interacting with the setting of text
direction. This results in a use-after-free which can lead to
arbitrary code execution.
* MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run arbitrary
code.
* Jan de Mooij reported a memory safety problem that affects Firefox
ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)
More information is referenced on:
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues:
* CVE-2014-1567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
* CVE-2014-1562
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1220-4 -- Security update for mozilla-nssSUSE Linux Enterprise Server 10mozilla-nssMozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery
issue.
MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher
at Inria Paris in team Prosecco, reported an issue in Network Security
Services (NSS) libraries affecting all versions. He discovered that NSS is
vulnerable to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values
involved in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
Security Issues:
* CVE-2014-1568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1247-1 -- Security update for bashSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11bashThe command-line shell 'bash' evaluates environment variables, which
allows the injection of characters and might be used to access files on
the system in some circumstances (CVE-2014-7169).
Please note that this issue is different from a previously fixed
vulnerability tracked under CVE-2014-6271 and is less serious due to the
special, non-default system configuration that is needed to create an
exploitable situation.
To remove further exploitation potential we now limit the
function-in-environment variable to variables prefixed with BASH_FUNC_.
This hardening feature is work in progress and might be improved in later
updates.
Additionally, two other security issues have been fixed:
* CVE-2014-7186: Nested HERE documents could lead to a crash of bash.
* CVE-2014-7187: Nesting of for loops could lead to a crash of bash.
Security Issues:
* CVE-2014-7169
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169>
* CVE-2014-7186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186>
* CVE-2014-7187
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:1152-2 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11timezoneThis update provides the latest timezone information (2014g) for your
system, including the following changes:
* Russia will subtract an hour from most of its time zones on
2014-10-26 at 02:00 local time.
* Turks & Caicos are switching from US eastern time to UTC-4
year-round, modeled as a switch from EST/EDT to AST on 2014-11-02 at
02:00.
* Many past time stamps were updated for correctness.
* Many time zone abbreviations were adjusted or fixed.
* Many performance enhancements and fixes in the time zone
manipulation utilities.
* A new file 'zone1970.tab' was added. The new file's extended format
allows multiple country codes per zone. New applications should use
the new file.
* Some code fixes in 'localtime', 'zic', 'mktime' and 'yearistype'.
For a comprehensive list of changes, refer to the release announces from
ICANN:
* http://mm.icann.org/pipermail/tz-announce/2014-August/000023.html
<http://mm.icann.org/pipermail/tz-announce/2014-August/000023.html>
* http://mm.icann.org/pipermail/tz-announce/2014-August/000024.html
<http://mm.icann.org/pipermail/tz-announce/2014-August/000024.html>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1220-3 -- Security update for mozilla-nssSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10mozilla-nssMozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery
issue.
MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher
at Inria Paris in team Prosecco, reported an issue in Network Security
Services (NSS) libraries affecting all versions. He discovered that NSS is
vulnerable to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values
involved in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
Security Issues:
* CVE-2014-1568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1104-1 -- Security update for OpenSSLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10OpenSSLThis OpenSSL update fixes the following security issues:
* bnc#890764: Information leak in pretty printing functions.
(CVE-2014-3508)
* bnc#890767: Double Free when processing DTLS packets. (CVE-2014-3505)
* bnc#890768: DTLS memory exhaustion. (CVE-2014-3506)
* bnc#890769: DTLS memory leak from zero-length fragments.
(CVE-2014-3507)
* bnc#890770: DTLS anonymous EC(DH) denial of service. (CVE-2014-3510)
Security Issues:
* CVE-2014-3508
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508>
* CVE-2014-3505
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505>
* CVE-2014-3506
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506>
* CVE-2014-3507
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507>
* CVE-2014-3510
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0905-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10Mozilla FirefoxMozilla Firefox has been updated to 24.6.0 to fix the security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0456-1 -- Security update for JavaSUSE Linux Enterprise Server 10JavaIBM Java 6 has been updated to SR13 which fixes various
critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0387-1 -- Security update for apache2SUSE Linux Enterprise Server 10apache2This update fixes the following security issues with
apache2 httpd:
* Improper LD_LIBRARY_PATH handling (CVE-2012-0883
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
> )
* Filename escaping problem (CVE-2012-2687
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
> )
Additionally, some non-security bugs have been fixed as
enumerated in the changelog of the RPM.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0440-3 -- Security update for JavaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10JavaIBM Java 1.4.2 has been updated to SR13-FP15 which fixes
various critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0835-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11timezoneThis update provides the latest timezone information for your system.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0871-1 -- Security update for xinetdSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10xinetdXinetd receives a LTSS roll-up update to fix two security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0873-1 -- Security update for PHP5SUSE Linux Enterprise Server 10PHP5PHP5 has been updated to fix four security vulnerabilities.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0322-1 -- Security update for wiresharkSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10wiresharkwireshark was updated to 1.8.5 (bnc#801131), fixing bugs
and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0471-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10Mozilla FirefoxMozillaFirefox has been updated to the 17.0.4ESR release.
Besides the major version update from the 10ESR stable
release line to the 17ESR stable release line, this update
brings critical security and bugfixes.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0788-2 -- Security update for GnuTLSSUSE Linux Enterprise Server 10GnuTLSGnuTLS has been patched to ensure proper parsing of session ids during the TLS/SSL handshake. Additionally three issues inherited from libtasn1 have been fixed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0327-1 -- Security update for squidSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10squidA denial of service problem in Squid via invalid
Content-Length headers and memory leaks has been fixed.
(CVE-2012-5643,CVE-2013-0189, SQUID-2012:1)
Also a logrotate permission issue has been fixed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0437-1 -- Recommended update for partedSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10partedThis collective update for parted provides the following
fixes:
* Fix automatic correcting of GPT label which can cause
problems on systems which use dmraid
* Fix issues while resizing ReiserFS file systems with
YaST2, when parted could either hang or fail to resize the
file system.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0246-1 -- Recommended update for ipmitoolSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10ipmitoolThis collective update for ipmitool provides the following
fixes:
* Fix reading of FRU data from servers where FRU/SDR
device #0, LUN 0 is absent (bnc#789624)
* Fix a string handling problem in ipmi_sel.c that
could cause a segmentation fault (bnc#788393)
* Fix reading of sensors from some specific servers
over lanplus (bnc#794160)
* Handle "BCDplus" fields in FRU descriptors correctly
* Retrieve and print sensor data records (sdr)
correctly (bnc#761203)
* Do not crash in fru command if the lanplus password
is wrong (bnc#767413)
* Do not crash (assert(0)/abort) when BMC replies with
the wrong session id (bnc#729514)
* Fix detection if it is no longer connected to BMC
(bnc#739377)
* Fix ipmitool on UV10 systems (bnc#614916)
* Add sanity checks for erroneous SDR data (bnc#604896).Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0832-1 -- Security update for Linux KernelSUSE Linux Enterprise Server 10Linux KernelThe SUSE Linux Enterprise Server 10 SP3 LTSS received a roll up update to fix several security and non-security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:1120-1 -- Security update for MozillaFirefoxSUSE Linux Enterprise Server 10MozillaFirefoxMozilla Firefox was updated to the 24.8.0ESR release, fixing security
issues and bugs.
Only some of the published security advisories affect the Mozilla Firefox
24ESR codestream:
* MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht
reported, via TippingPoint's Zero Day Initiative, a use-after-free
during text layout when interacting with the setting of text
direction. This results in a use-after-free which can lead to
arbitrary code execution.
* MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run arbitrary
code.
* Jan de Mooij reported a memory safety problem that affects Firefox
ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)
More information is referenced on:
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues:
* CVE-2014-1567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
* CVE-2014-1562
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0824-1 -- Security update for MozillaFirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11MozillaFirefoxMozillaFirefox was updated to version 24.6.0 to fix six security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0824-2 -- Security update for MozillaFirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10MozillaFirefoxMozillaFirefox was updated to version 24.6.0 to fix six security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0409-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Chile is changing its DST rules
* Estimate Morocco 2013-2038 transitions for Ramadan
* New alias Europe/Busingen for Europe/Zurich
* New zones Asia/Khandyga, Asia/Ust-Nera
* Libya moving to CET, but with DST.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0440-4 -- Security update for JavaSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10JavaIBM Java 5 has been updated to SR16 which fixes various
critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0846-1 -- Recommended update for apparmor-profilesSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10apparmor-profilesThis update for apparmor-profiles provides fixes in ntpd's
profile which is allowing the daemon to access all needed
files in /proc.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0822-1 -- Security update for nfs-utilsSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10nfs-utilsThis update fixes a DNS spoofing problem with NFS
rpc-gssd. (CVE-2013-1923)(bnc#813464)
Security Issue reference:
* CVE-2013-1923
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1923
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0442-1 -- Security update for PerlSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10PerlThis update of Perl 5 fixes the following security issues:
* fix rehash DoS [bnc#804415] [CVE-2013-1667]
* improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
* fix glob denial of service [bnc#796014]
[CVE-2011-2728]
* sanitize input in Maketext.pm [bnc#797060]
[CVE-2012-6329]
* make getgrent work with long group entries
[bnc#788388]
Security Issue reference:
* CVE-2013-1667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0469-1 -- Security update for apache2SUSE Linux Enterprise Server 10apache2This Apache2 LTSS roll-up update for SUSE Linux Enterprise
10 SP3 LTSS fixes some security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0960-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11Mozilla FirefoxMozilla Firefox has been updated to the 24.7ESR security release.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1001-1 -- Recommended update for supportutilsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10supportutilsThis update fixes the following issues:
- supportconfig: 2.25-370
- supportconfig: 2.25-359
- supportconfig: 2.25-358
- supportconfig: 2.25-350Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0645-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10Mozilla FirefoxMozillaFirefox has been updated to the 17.0.5ESR release
fixing bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0996-1 -- Recommended update for lvm2SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10lvm2The following issue has been fixed:
* SLE-10-SP4 LVM2 pvmove event deregistration failed:
No such device (bnc#748617)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0456-2 -- Security update for JavaSUSE Linux Enterprise Server 10JavaIBM Java 6 has been updated to SR13 which fixes various
critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0857-1 -- Security update for xorg-x11-serverSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10xorg-x11-serverIn some cases, input events are sent to X servers not
currently the VT owner, allowing a user to capture
passwords. This update fixes this issue. CVE-2013-1940 has
been assigned to this issue.
Security Issue reference:
* CVE-2013-1940
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1061-1 -- Security update for gpgSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10gpgThis update for gpg provides the following fixes:
* Set proper file permissions when en/de-crypting files
(bnc#780943)
* Fix an issue that could cause corruption of the
public keys database. (CVE-2012-6085, bnc#798465)
Security Issue reference:
* CVE-2012-6085
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0795-1 -- Security update for libtiffSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10libtiffThis update fixes two buffer overflow security issues with
libtiff:
* CVE-2013-1960
* CVE-2013-1961Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0358-1 -- Security update for nagiosSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10nagiosThis update fixes a stack overflow in the nagios web
interface. CVE-2012-6096 has been assigned.
Security Issue reference:
* CVE-2012-6096
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6096
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0869-1 -- Recommended update for autofs5SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10autofs5This collective update for AutoFS provides fixes for some issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0595-1 -- Security update for popplerSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10popplerThis update of poppler fixes the following vulnerabilities:
* CVE-2013-1788: Various invalid memory issues could be
used by attackers supplying PDFs to crash the PDF viewer or
potentially execute code.
* CVE-2013-1789: A crash in poppler could be used by
attackers providing PDFs to crash the PDF viewer.
* CVE-2013-1790: An uninitialized memory read could be
used by attackers providing PDFs to crash the PDF viewer.
This also fixes that transparent background in images are
rendered black with evince. (bnc#745620).Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1193-1 -- Security update for ibutilsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10ibutilsVarious tmp races in ibdiagnet of ibutils have been fixed
that could have been used by local attackers on machines
where infiband was debugged to gain privileges.
Security Issue reference:
* CVE-2013-1894
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1894
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0460-2 -- Recommended update for ModulesSUSE Linux Enterprise Server 10ModulesThis update for the Modules package provides one fix for
Python support.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0934-1 -- Security update for Java 1.4.2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10Java 1.4.2IBM Java 1.4.2 has been updated to SR13-FP17 fixing bugs
and security issues.
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0955-1 -- Security update for lzoSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10lzolzo has been updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1166-1 -- Security update for compat-curl2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10compat-curl2This update of compat-curl2 fixes a security vulnerability:
* libcurl URL decode buffer boundary flaw (bnc#824517 /
CVE-2013-2174)
Security Issue reference:
* CVE-2013-2174
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0856-1 -- Security update for Linux kernelSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10Linux kernelThe SUSE Linux Enterprise 10 SP4 kernel has been updated to
fix various bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1059-1 -- Security update for clamavSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10clamavThis update contains clamav 0.97.8 which fixes security
issues (bnc#816865):
* CVE-2013-2020: Fix heap corruption
* CVE-2013-2021: Fix overflow due to PDF key length
computation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0879-1 -- Security update for quaggaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10quaggaQuagga received an update fixing two security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0674-1 -- Security update for Linux kernelSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10Linux kernelThis Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0929-1 -- Recommended update for release-notes-slesSUSE Linux Enterprise Server 10release-notes-slesThis update provides the latest version of the release notes for SUSE Linux Enterprise Server 10 SP4 LTSS which documents the update of Mozilla Firefox to version 24 ESR.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0440-2 -- Security update for JavaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10JavaIBM Java 1.4.2 has been updated to SR13-FP15 which fixes
various critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0858-1 -- Security update for glibcSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10glibcThis collective update for the GNU C library (glibc)
provides the following fixes:
* Fix stack overflow in getaddrinfo with many results
(bnc#813121, CVE-2013-1914)
* Fix locking in _IO_cleanup (bnc#796982)
* Fix buffer overflow in glob (bnc#691365)
* Fix memory leak in execve (bnc#805899)
Security Issue reference:
* CVE-2013-1914
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0744-1 -- Security update for libxml2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10libxml2libxml2 has been updated to fix entity expansion problems:
* CVE-2013-0338: Internal entity expansion within XML
was not bounded, leading to simple small XML files being
able to cause "out of memory" denial of service conditions.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0343-1 -- Recommended update for CUPSSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10CUPSThis update for CUPS adjusts the translations of site
templates to send the session ID on POST operations.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1183-1 -- Security update for xorg-x11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10xorg-x11This update of xorg-x11 fixes several security
vulnerabilities.
* Bug 815451- X.Org Security Advisory: May 23, 2013
* Bug 821664 - libX11
* Bug 821671 - libXv
* Bug 821670 - libXt
* Bug 821669 - libXrender
* Bug 821668 - libXp
* Bug 821667 - libXfixes
* Bug 821665 - libXext
* Bug 821663 - libFS, libXcursor, libXi, libXinerama,
libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmxSergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1184-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Morocco's midsummer transitions this year are July 7
and August 10
* Israel now falls back from DST on the last Sunday of
October
* Palestine observed DST starting March 29, 2013
* From 2013 on, Gaza and Hebron both observe DST.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1166-2 -- Security update for curlSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10curlThis update of curl fixes several security issues.
* libcurl URL decode buffer boundary flaw (bnc#824517 /
CVE-2013-2174)
Security Issue reference:
* CVE-2013-2174
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1255-1 -- Security update for java-1_6_0-ibmSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10java-1_6_0-ibmIBM Java 1.6.0 has been updated to SR14 to fix bugs and
security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0554-1 -- Security update for OpenSSLSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10OpenSSLOpenSSL has been updated to fix several security issues:
*
CVE-2012-4929: Avoid the openssl CRIME attack by
disabling SSL compression by default. Setting the
environment variable "OPENSSL_NO_DEFAULT_ZLIB" to "no"
enables compression again.
Please note that openssl on SUSE Linux Enterprise 10
is not built with compression support.
*
CVE-2013-0169: Timing attacks against TLS could be
used by physically local attackers to gain access to
transmitted plain text or private keymaterial. This issue
is also known as the "Lucky-13" issue.
*
CVE-2013-0166: A OCSP invalid key denial of service
issue was fixed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0703-2 -- Recommended update for kshSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10kshThis update to Korn Shell 93u+ provides fixes for many
issues, including:
* Fix segmentation fault on typeset on ENV variable.
(bnc#803613)
* Do not free data which is used later on in the hash
tree of reloaded shell functions. (bnc#795324)
* Make sure that tty is closed even if an interrupt
arrived during close. (bnc#790315)
* Fix truncation of variables when TMOUT is used.
(bnc#808956)
* Fix syntax error on command substitution in
here-document. (bnc#804998)
* Make Shift_JIS patch more reliable as requested by
upstream.
For a comprehensive list of fixes please refer to the
package's change log.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0617-1 -- Security update for ClamAVSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10ClamAVClamAV has been updated to the 0.97.7 release that contains
various security related hardening fixes.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0731-1 -- Security update for GnuTLSSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10GnuTLSThis GnuTLS update fixes incorrect padding which weakens
the encryption. CVE-2013-1619 has been assigned to this
issue.
Security Issue reference:
* CVE-2013-1619
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0325-1 -- Security update for SambaSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10SambaThe Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 4.0.1 was affected by a cross-site request
forgery (CVE-2013-0214) and a click-jacking attack
(CVE-2013-0213). This has been fixed.
Additionally a bug in mount.cifs has been fixed which could
have lead to file disclosure (CVE-2012-1586).
Also a uninitialized memory read bug in talloc_free() has
been fixed. (bnc#764577).Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0710-1 -- Security update for IBM JavaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10IBM JavaIBM Java 1.4.2 has been updated to SR13 FP16 which fixes
bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0713-1 -- Security update for OFEDSUSE Linux Enterprise Server 10OFEDds-ping in the OFED stack could have triggered a kernel
BUG, which could have caused a local denial of service
attack. (CVE-2012-2372)
Security Issue reference:
* CVE-2012-2372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2372
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0793-1 -- Security update for sudoSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10sudoThis update fixes the following security issues which
allowed to bypass the sudo authentication: CVE-2013-1775,
CVE-2013-1776, CVE-2013-2776 and CVE-2013-2777.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0549-2 -- Security update for OpenSSLSUSE Linux Enterprise Server 10OpenSSLOpenSSL has been updated to fix several security issues:
* CVE-2012-4929: Avoid the openssl CRIME attack by
disabling SSL compression by default. Setting the
environment variable "OPENSSL_NO_DEFAULT_ZLIB" to "no"
enables compression again.
* CVE-2013-0169: Timing attacks against TLS could be
used by physically local attackers to gain access to
transmitted plain text or private keymaterial. This issue
is also known as the "Lucky-13" issue.
* CVE-2013-0166: A OCSP invalid key denial of service
issue was fixed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1264-1 -- Security update for java-1_4_2-ibmSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10java-1_4_2-ibmIBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs
and security issues.
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also the following bug has been fixed:
* mark files in jre/bin and bin/ as executable
(bnc#823034)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0727-1 -- Security update for libxsltSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10libxsltlibxslt has been updated to fix two denial of service
issues via crashes by NULL pointer dereference on attacker
supplied XSLT scripts (CVE-2012-6139).Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1190-1 -- Security update for krb5SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10krb5This krb5 update fixes a security issue.
* kpasswd UDP ping-pong (bug#825985 / CVE-2002-2443)
Security Issue reference:
* CVE-2002-2443
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0648-1 -- Security update for ApacheSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10ApacheApache2 has been updated to fix multiple XSS flaws.
*
CVE-2012-4558: Multiple cross-site scripting (XSS)
vulnerabilities in the balancer_handler function in the
manager interface in mod_proxy_balancer.c in the
mod_proxy_balancer module in the Apache HTTP Server
potentially allowed remote attackers to inject arbitrary
web script or HTML via a crafted string.
*
CVE-2012-3499: Multiple cross-site scripting (XSS)
vulnerabilities in the Apache HTTP Server allowed remote
attackers to inject arbitrary web script or HTML via
vectors involving hostnames and URIs in the (1)
mod_imagemap, (2) mod_info, (3) mod_ldap, (4)
mod_proxy_ftp, and (5) mod_status modules.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1105-1 -- Recommended update for SambaSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10SambaThis collective update for Samba provides the following
fixes:
* Fix 'map untrusted to domain' with NTLMv2.
(bnc#817919)
* Fix logon of AD users with many group memberships.
(bnc#657026)
* CIFS: do not restart during dhcp lease renewal when
IP address remains the same. (bnc#573246)
* Relicense source/client/{mount.cifs,mount.h,mtab.c}.c
under GPLv2+Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0306-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10Mozilla FirefoxMozilla Firefox is updated to the 10.0.12ESR version.
This is a roll-up update for LTSS.
It fixes a lot of security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0772-1 -- Security update for compat-curl2SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10compat-curl2This update of compat-curl2 fixes several security issues.
* fixes for the cookie domain tailmatch vulnerability
(bnc#814655)
* updated curl CA-Cert Bundle (bnc#810010)
* fixes for a potential BEAST attack (bnc#742306)
Security Issue reference:
* CVE-2013-1944
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1290-1 -- Recommended update for release-notes-slesSUSE Linux Enterprise Server 10release-notes-slesThis announcement marks the end of the security and
maintenance patch period for SUSE Linux Enterprise Server
10 Service Pack 4 and the end of General Support for SUSE
Linux Enterprise 10.
In order to keep your systems up to date and secure, please
migrate your systems to SUSE Linux Enterprise Server 11
Service Pack 3. All customers with active SUSE Linux
Enterprise Server subscriptions can migrate to SUSE Linux
Enterprise Server 11 Service Pack 3 at no additional cost.
For more information on how to upgrade to SUSE Linux
Enterprise Server 11 Service Pack 3, please read:
https://www.suse.com/support/kb/doc.php?id=7012368
<https://www.suse.com/support/kb/doc.php?id=7012368>
Please make sure that you applied all maintenance updates
provided for SUSE Linux Enterprise Server 10 Service Pack
4 before starting the migration.
If you want to receive continued support for SUSE Linux
Enterprise Server 10 Service Pack 4, SUSE offers an
optional Long Term Service Pack Support program. For more
information about this, please see:
https://www.suse.com/support/programs/long-term-service-pack
-support.html
<https://www.suse.com/support/programs/long-term-service-pac
k-support.html>
Contact your SUSE sales representative if you would like to
purchase Long Term Service Pack Support.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1293-2 -- Security update for IBM Java 1.4.2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10IBM Java 1.4.2IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs
and security issues:
CVE-2013-3009, CVE-2013-3011, CVE-2013-3012, CVE-2013-2469,
CVE-2013-2465, CVE-2013-2464, CVE-2013-2463, CVE-2013-2473,
CVE-2013-2472, CVE-2013-2471, CVE-2013-2470, CVE-2013-2459,
CVE-2013-2456, CVE-2013-2447, CVE-2013-2452, CVE-2013-2446,
CVE-2013-2450, CVE-2013-1500
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also following bug has been fixed:
* mark files in jre/bin and bin/ as executable
(bnc#823034)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0547-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Haiti uses US daylight-saving rules this year
* Paraguay will end DST on March 24 this year
* Morocco does not observe DST during Ramadan.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1263-2 -- Security update for java-1_5_0-ibmSUSE Linux Enterprise Server 10java-1_5_0-ibmIBM Java 1.5.0 was updated to SR16-FP3 to fix bugs and
security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0699-1 -- Recommended update for util-linuxSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10util-linuxThis collective update for util-linux provides the
following fixes and enhancements:
Fix creation of partitions spanning across the entire disk
(", , ") in sfdisk(8). (bnc#808155)
Fix typos in taskset(1) man page. (bnc#771925)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1577-1 -- Security update for gpgSUSE Linux Enterprise Server 10gpgThis GnuPG LTSS roll-up update fixes two security issues:
* CVE-2013-4351: GnuPG treated no-usage-permitted keys
as all-usages-permitted.
* CVE-2013-4402: An infinite recursion in the
compressed packet parser was fixed.
* CVE-2013-4242: GnuPG allowed local users to obtain
private RSA keys via a cache side-channel attack involving
the L3 cache, aka Flush+Reload.
* CVE-2012-6085: The read_block function in
g10/import.c in GnuPG 1.4.x, when importing a key, allowed
remote attackers to corrupt the public keyring database or
cause a denial of service (application crash) via a crafted
length field of an OpenPGP packet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0714-1 -- Security update for wiresharkSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10wiresharkwireshark has been updated to 1.8.6 which fixes bugs and
security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1789-2 -- Recommended update for timezoneSUSE Linux Enterprise Server 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Update to version 2013h (bnc#850462): o Lybia has
switched back to UTC+2 o Western Sahara uses Morocco's DST
rules o Acre switches from UTC-4 to UTC-5 on Nov. 10th
* Define TM_GMTOFF and TM_ZONE like glibc did
(bnc#807624)
* Correct path expansion for local time link
(bnc#845530).Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1832-1 -- Security update for Linux kernelSUSE Linux Enterprise Server 10Linux kernelThe SUSE Linux Enterprise Server 10 SP3 LTSS kernel
received a roll up update to fix lots of moderate security
issues and several bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1639-1 -- Security update for libtiffSUSE Linux Enterprise Server 10libtiffThis tiff LTSS roll up update fixes several security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1625-1 -- Security update for libxml2SUSE Linux Enterprise Server 10libxml2This is a LTSS rollup update for the libxml2 library that
fixes various security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1668-1 -- Security update for nfs-utilsSUSE Linux Enterprise Server 10nfs-utilsnfs-utils receives hereby a LTSS roll-up security and
bugfix update.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1498-1 -- Recommended update for curlSUSE Linux Enterprise Server 10curlThis update for curl adds Digicert and TC TrustCenter Class
2 CA II certificates to the CA bundle.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0648-2 -- Security update for ApacheSUSE Linux Enterprise Server 10ApacheApache2 has been updated to fix multiple security issues:
This update fixes the following issues:
*
CVE-2012-4558: Multiple cross-site scripting (XSS)
vulnerabilities in the balancer_handler function in the
manager interface in mod_proxy_balancer.c in the
mod_proxy_balancer module in the Apache HTTP Server
potentially allowed remote attackers to inject arbitrary
web script or HTML via a crafted string.
*
CVE-2012-3499: Multiple cross-site scripting (XSS)
vulnerabilities in the Apache HTTP Server allowed remote
attackers to inject arbitrary web script or HTML via
vectors involving hostnames and URIs in the (1)
mod_imagemap, (2) mod_info, (3) mod_ldap, (4)
mod_proxy_ftp, and (5) mod_status modules.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1970-2 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Jordan switches back to standard time at 00:00 on
December 20 2013
* The compile-time flag NOSOLAR has been removed
* The files solar87, solar88, solar89 are no longer
distributed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1305-1 -- Security update for IBM Java 1.6.0SUSE Linux Enterprise Server 10IBM Java 1.6.0IBM Java 1.6.0 has been updated to SR14 to fix bugs and
security issues.
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also the following bugs have been fixed:
* add Europe/Busingen to tzmappings (bnc#817062)
* mark files in jre/bin and bin/ as executable
(bnc#823034)
* check if installed qa_filelist is not empty
(bnc#831936)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1060-1 -- Security update for GnuTLSSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10GnuTLSThis update of GnuTLS fixes a regression introduced by the
previous update that could have resulted in a Denial of
Service (application crash).
Security Issue reference:
* CVE-2013-2116
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1807-1 -- Security update for mozilla-nspr, mozilla-nssSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11mozilla-nsprmozilla-nssMozilla NSPR and NSS were updated to fix various security
bugs that could be used to crash the browser or
potentially execute code.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0440-6 -- Security update for JavaSUSE Linux Enterprise Server 10JavaIBM Java 5 has been updated to SR16 which fixes various
critical security issues and bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0286-1 -- Recommended update for nfs-utilsSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10nfs-utilsThis update for the NFS support utilities (nfs-utils)
provides the following fixes:
* Allow gssd to work with more than 1024 connections,
depending on the 'nofile' resource limit. Increase this
limit to 4096 before starting rpc.gssd
* Fix a signal handling issue that could cause silent
termination of the rpc.idmapd daemonSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1098-2 -- Security update for MesaSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10MesaThis update of Mesa fixes multiple integer overflows.
Security Issue reference:
* CVE-2013-1993
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0843-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10Mozilla FirefoxMozilla Firefox has been updated to the 17.0.6ESR security
release.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1325-2 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10Mozilla FirefoxThis update to Firefox 17.0.8esr (bnc#833389) addresses the
following issues:
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 (bmo#855331,
bmo#844088, bmo#858060, bmo#870200, bmo#874974, bmo#861530,
bmo#854157, bmo#893684, bmo#878703, bmo#862185, bmo#879139,
bmo#888107, bmo#880734) Miscellaneous memory safety hazards
(rv:23.0 / rv:17.0.8)
* MFSA 2013-66/CVE-2013-1706/CVE-2013-1707 (bmo#888314,
bmo#888361) Buffer overflow in Mozilla Maintenance Service
and Mozilla Updater
* MFSA 2013-68/CVE-2013-1709 (bmo#848253) Document URI
misrepresentation and masquerading
* MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests
allow for code execution and XSS attacks
* MFSA 2013-71/CVE-2013-1712 (bmo#859072) Further
Privilege escalation through Mozilla Updater
* MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong
principal used for validating URI for some Javascript
components
* MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin
bypass with web workers and XMLHttpRequest
* MFSA 2013-75/CVE-2013-1717 (bmo#406541) Local Java
applets may read contents of local file systemSergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0266-1 -- Security update for IBM Java 6SUSE Linux Enterprise Server 10IBM Java 6IBM Java 6 was updated to version SR15-FP1 which received
security and bugfixes.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0835-2 -- Security update for Java 1.5.0SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10Java 1.5.0IBM Java 1.5.0 has been updated to SR13-FP2 which fixes
several bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1866-3 -- Security update for strongswanSUSE Linux Enterprise Server 10strongswanThis strongswan update fixes security issues and bugs:
* CVE-2013-5018: Specially crafted XAuth usernames and
EAP identities can cause a crash in strongswan.
* CVE-2013-6075: A crafted ID packet can be used by
remote attackers to crash the server or potentially gain
authentication privileges under certain circumstances.
Also a bug with route recursion limits was fixed:
* Charon SEGFAULT when left=%any / recursion limit
(bnc#840826).
Security Issues:
* CVE-2013-5018
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5018
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1551-3 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Morocco now observes DST from the last Sunday in
March to the last Sunday in October, not April to September
respectively.
* Tocantins will very likely not observe DST starting
this spring
* Jordan will likely stay at UTC+3 indefinitely
* Palestine will fall back at 00:00, not 01:00
* This year Fiji will start DST on October 27, not
October 20
* Use WIB/WITA/WIT rather than WIT/CIT/EIT for
alphabetic Indonesian time zone abbreviations since 1932
* Use ART (UTC-3, standard time), rather than WARST
(also UTC-3, but daylight saving time) for San Luis,
Argentina since 2009.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1115-1 -- Recommended update for kshSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10kshThis update for Korn Shell provides fixes for the following
issues:
* #808449: set -k does not work properly with
ksh-93t-13.17 and higher
* #814135: crash in bestreclaim() after traversing a
memory block with a very large size
* #824187: set -k breaks aliases with ksh-93u.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0432-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11timezoneThis update provides the latest timezone information for
your system. The changes in detail are:
* Turkey begins DST on 2014-03-31, not 2014-03-30
* Misc changes affecting past time stamps
* An uninitialized-storage bug in 'localtime' has been
fixed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0773-1 -- Security update for curl, curlSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10curlThis update fixes the cookie domain tailmatch vulnerability
in curl. CVE-2013-1944 has been assigned to this issue.
Also the CA-Cert Bundle has been updated to the current
state.
Security Issue reference:
* CVE-2013-1944
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1595-1 -- Security update for sudoSUSE Linux Enterprise Server 10sudoThis LTSS rollup update fixes the following security issues
which allowed to bypass the sudo authentication.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0411-1 -- Security update for XenSUSE Linux Enterprise Server 10XenThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS Xen
hypervisor and toolset have been updated to fix various
security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0470-1 -- Security update for XenSUSE Linux Enterprise Server 10XenThe SUSE Linux Enterprise 10 Service Pack 3 LTSS Xen
hypervisor and toolset have been updated.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0335-1 -- Security update for openssl-certsSUSE Linux Enterprise Server 10openssl-certsThe openssl-certs package was updated to match the
certificates contained in the Mozilla NSS 3.15.4 release.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1076-1 -- Recommended update for krb5SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10krb5This update for Kerberos 5 provides the following fixes and
enhancements:
* Improved compatibility with processes that handle
large numbers of open files (bnc#787272)
* Fixed memory leak in gss_accept_sec_context() and
other functions (bnc#808191)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1150-1 -- Security update for openswanSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10openswanThis openswan update fixes a remote buffer overflow issue
(bnc#824316 / CVE-2013-2053).
Security Issue reference:
* CVE-2013-2053
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2053
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1627-1 -- Security update for libxml2SUSE Linux Enterprise Server 10libxml2libxml2 has been updated to fix the following security
issue:
* CVE-2013-0338: libxml2 allowed context-dependent
attackers to cause a denial of service (CPU and memory
consumption) via an XML file containing an entity
declaration with long replacement text and many references
to this entity, aka "internal entity expansion" with linear
complexity.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0539-1 -- Security update for OpenSSLSUSE Linux Enterprise Server 10OpenSSLOpenSSL has been updated to fix an attack on ECDSA Nonces.
Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces
could be recovered. (CVE-2014-0076)
The update also enables use of SHA-2 family certificate
verification of X.509 certificates used in todays SSL
certificate infrastructure.
Security Issue reference:
* CVE-2014-0076
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0773-1 -- Security update for Linux KernelSUSE Linux Enterprise Server 10Linux KernelThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been
updated to fix various security issues and several bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0772-1 -- Security update for Linux KernelSUSE Linux Enterprise Server 10Linux KernelThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been
updated to fix various security issues and several bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0732-1 -- Security update for IBM Java 5SUSE Linux Enterprise Server 10IBM Java 5IBM Java 5 was updated to SR 16 FP 6 to fix several bugs and security
issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0321-1 -- Security update for gnutlsSUSE Linux Enterprise Server 10gnutlsThe GnuTLS library received a critical security fix and
other updates:
* CVE-2014-0092: The X.509 certificate verification had
incorrect error handling, which could lead to broken
certificates marked as being valid.
* CVE-2009-5138: A verification problem in handling V1
certificates could also lead to V1 certificates incorrectly
being handled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0661-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11timezoneThis update provides the latest timezone information for your system. The
changes in detail are:
* Egypt observes DST starting 2014-05-15 at 24:00
* Crimea switched to Moscow time on 2014-03-30 at 02:00 local time
* New entry for Troll Station, Antarctica.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0728-2 -- Security update for IBM Java 6SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10IBM Java 6IBM Java 6 was updated to version 6 SR16 to fix several security issues
and various other bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1066-1 -- Recommended update for curlSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10curlThis update for curl adds Digicert certificates to the CA
bundle.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0666-1 -- Recommended update for ZMDSUSE Linux Enterprise Server 10ZMDZMD was updated to roll in fixes already done in SUSE Linux Enterprise 10
SP4 branch, and to enable the usage of the current nu.novell.com
certificates.
ZMD was switched to use /etc/ssl/certs as trust storage. (bnc#723034)
Various SSL certificate handling issues were fixed as follows:
* Skip password protected or invalid PKCS12 certificates. (bnc#751782)
* Skip invalid SPC certificates. (bnc#754502)
* Skip broken certificates. (bnc#751782)
Bugs in the logrotate scripts were fixed. (bnc#719869)
ZMD now also retrieves and handles susedata.xml.gz. (bnc#722339)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0731-1 -- Recommended update for timezoneSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11timezoneThe latest update to timezone 2014c introduced changes in the binary format
of timezone files generated by zic(1) to improve handling of low-valued
timestamps. This change caused problems for some applications that rely
on the stability of the binary format, so this update reverts it.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1656-1 -- Security update for libxsltSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11libxsltlibxslt received a security update to fix a security issue:
* CVE-2013-4520: The XSL implementation in libxslt
allowed remote attackers to cause a denial of service
(crash) via an invalid DTD. (addendum due to incomplete fix
for CVE-2012-2825)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0727-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10Mozilla FirefoxThis Mozilla Firefox update provides several security and non-security
fixes.
MozillaFirefox has been updated to 24.5.0esr, which fixes the following
issues:
* MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards
* MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG
images
* MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object
as XBL
* MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web
Notification API
* MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history
navigations
* MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while
resizing images
* MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver
Mozilla NSS has been updated to 3.16
* required for Firefox 29
* CVE-2014-1492_ In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.
* Update of root certificates.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0665-2 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10Mozilla FirefoxThis Mozilla Firefox update provides several security and non-security
fixes.
Mozilla Firefox has been updated to the 24.5.0esr version, which fixes the
following issues:
* MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards
* MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG
images
* MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object
as XBL
* MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web
Notification API
* MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history
navigations
* MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while
resizing images
* MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver
Mozilla NSS has been updated to version 3.16
* required for Firefox 29
* CVE-2014-1492_ In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.
* Update of root certificates.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0320-1 -- Security update for gnutlsSUSE Linux Enterprise Server 10gnutlsThe GnuTLS library received a critical security fix and
other updates.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0759-2 -- Security update for OpenSSLSUSE Linux Enterprise Server 10OpenSSLOpenSSL was updated to fix the following security vulnerabilities:
* SSL/TLS MITM vulnerability. (CVE-2014-0224)
* DTLS recursion flaw. (CVE-2014-0221)
* Anonymous ECDH denial of service. (CVE-2014-3470)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1285-1 -- Security update for PHP5SUSE Linux Enterprise Server 10PHP5The following security issues have been fixed:
* CVE-2013-4635 (bnc#828020): o Integer overflow in
SdnToJewish()
* CVE-2013-1635 and CVE-2013-1643 (bnc#807707): o
reading system files via untrusted SOAP input o
soap.wsdl_cache_dir function did not honour PHP open_basedir
* CVE-2013-4113 (bnc#829207): o heap corruption due to
badly formed xmlSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0622-2 -- Recommended update for suse-build-keySUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10suse-build-keyThe SUSE GPG signing keys that are used for repository
integrity checking have been extended to March 17th, 2018.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1669-1 -- Security update for IBM Java 5SUSE Linux Enterprise Server 10IBM Java 5IBM Java 5 SR16-FP4 has been released which fixes lots of
bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0529-1 -- Security update for strongswanSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11strongswanThe following security issue is fixed by this update:
* bnc#870572: strongswan has been updated to fix an
authentication problem where attackers could have bypassed
the IKEv2 authentication. (CVE-2014-2338)
Security Issue reference:
* CVE-2014-2338
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2338
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1263-1 -- Security update for java-1_5_0-ibmSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10java-1_5_0-ibmIBM Java 1.5.0 has been updated to SR16-FP3 to fix bugs and
security issues.
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also the following bug has been fixed:
* add Europe/Busingen to tzmappings (bnc#817062)
* mark files in jre/bin and bin/ as executable
(bnc#823034)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0266-3 -- Security update for IBM Java 6SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10IBM Java 6IBM Java 6 was updated to version SR15-FP1 which received
security and bug fixes.
More information at:
http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja
nuary_14_2014_CPU
<http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J
anuary_14_2014_CPU>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1638-1 -- Security update for libtiffSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11libtiffThis tiff update fixes several security issues.
* bnc#834477: CVE-2013-4232 CVE-2013-4231: tiff: buffer
overflows/use after free problem
* bnc#834779: CVE-2013-4243: libtiff (gif2tiff):
heap-based buffer overflow in readgifimage()
* bnc#834788: CVE-2013-4244: libtiff (gif2tiff): OOB
Write in LZW decompressorSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0701-2 -- Security update for java-1_6_0-ibmSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10java-1_6_0-ibmIBM Java 6 was updated to SR13 FP1, fixing bugs and
security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0634-1 -- Recommended update for XorgSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10XorgThis update for xorg-x11 provides fixes for the following
issues:
* 743810: Xnest to remote machine displays black screen
* 805590: Xvnc server crashes while launching Java
Swing application.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1287-1 -- Security update for glibcSUSE Linux Enterprise Server 10glibcThis collective update for the GNU C library (glibc)
provides the following fixes and enhancements:
Security issues fixed: - Fix stack overflow in getaddrinfo
with many results. (bnc#813121, CVE-2013-1914) - Fixed
another stack overflow in getaddrinfo with many results
(bnc#828637) - Fix buffer overflow in glob. (bnc#691365)
(CVE-2010-4756) - Fix array overflow in floating point
parser [bnc#775690] (CVE-2012-3480) - Fix strtod
integer/buffer overflows [bnc#775690] (CVE-2012-3480) -
Make addmntent return errors also for cached streams. [bnc
#676178, CVE-2011-1089] - Fix overflows in vfprintf. [bnc
#770891, CVE 2012-3406] - Add vfprintf-nargs.diff for
possible format string overflow. [bnc #747768,
CVE-2012-0864] - Check values from file header in
__tzfile_read. [bnc #735850, CVE-2009-5029]
Also several bugs were fixed: - Fix locking in _IO_cleanup.
(bnc#796982) - Fix memory leak in execve. (bnc#805899) -
Fix nscd timestamps in logging (bnc#783196) - Fix perl
script error message (bnc#774467) - Fall back to localhost
if no nameserver defined (bnc#818630) - Fix incomplete
results from nscd. [bnc #753756] - Fix a deadlock in dlsym
in case the symbol isn't found, for multithreaded
programs. [bnc #760216] - Fix problem with TLS and dlopen.
[#732110] - Backported regex fix for skipping of valid
EUC-JP matches [bnc#743689] - Fixed false regex match on
incomplete chars in EUC-JP [bnc#743689] - Add
glibc-pmap-timeout.diff in order to fix useless connection
attempts to NFS servers. [bnc #661460]Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1276-1 -- Security update for wiresharkSUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 10wiresharkThis wireshark version update to 1.6.16 includes several
security and general bug fixes.
http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html
<http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.htm
l>
* The CAPWAP dissector could crash. Discovered by
Laurent Butti. (CVE-2013-4074)
* The HTTP dissector could overrun the stack.
Discovered by David Keeler. (CVE-2013-4081)
* The DCP ETSI dissector could crash. (CVE-2013-4083)
http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html
<http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.htm
l>
* The ASN.1 BER dissector could crash. ( CVE-2013-3556
CVE-2013-3557 )
The releases also fix various non-security issues.
Additionally, a crash in processing SCTP filters has been
fixed. (bug#816887)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1514-1 -- Recommended update for openssl-certsSUSE Linux Enterprise Server 10openssl-certsThe openssl-certs certificate store was updated with
Mozilla certdata.txt 1.85.
The following changes were done: - new "Actalis
Authentication Root CA" - new "Trustis FPS Root CA" - new
"StartCom Certification Authority" - new "StartCom
Certification Authority G2" - new "Buypass Class 2 Root CA"
- new "Buypass Class 3 Root CA" - updated: "Sonera Class2
CA": remove code-signing - updated: "thawte Primary Root
CA": added code-signing - updated:
"Trustis_FPS_Root_CA.pem": added code-signing - updated:
VeriSign Class 3 Public Primary Certification Authority -
G5": added code-signing, email-protection
Mozilla tracker bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=757197Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0412-1 -- Recommended update for OpenSSLSUSE Linux Enterprise Server 10OpenSSLThe TLS/SSL library OpenSSL was updated to provide support
for SSL X.509 certificate hashes sha256, sha384 and
sha512, which become more common.
The Novell Update servers that host updates for SUSE Linux
Enterprise will switch to these certificates in the near
future.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:0557-1 -- Recommended update for nfs-clientSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10nfs-clientThis update for the NFS support utilities (nfs-client,
nfs-kernel-server) enhances gssd to work with more than
1024 connections, respecting the 'nofile' resource limit.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:0835-1 -- Security update for IBM JavaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10IBM JavaIBM Java 1.6.0 has been updated to SR13-FP2 fixing bugs and
security issues.
[http://www.ibm.com/developerworks/java/jdk/alerts/)(http://
www.ibm.com/developerworks/java/jdk/alerts/)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1654-1 -- Security update for libxsltSUSE Linux Enterprise Server 10libxsltlibxslt receives hereby a LTSS roll-up security update to
fix several security issues:
*
CVE-2013-4520: The XSL implementation in libxslt
allowed remote attackers to cause a denial of service
(crash) via an invalid DTD. (addendum due to incomplete fix
for CVE-2012-2825)
*
CVE-2012-6139: libxslt allowed remote attackers to
cause a denial of service (NULL pointer dereference and
crash) via an (1) empty match attribute in a XSL key to the
xsltAddKey function in keys.c or (2) uninitialized variable
to the xsltDocumentFunction function in functions.c.
*
CVE-2012-2825: The XSL implementation in libxslt
allowed remote attackers to cause a denial of service
(incorrect read operation) via unspecified vectors.
*
CVE-2011-3970: libxslt allowed remote attackers to
cause a denial of service (out-of-bounds read) via
unspecified vectors.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0342-1 -- Security update for openssl-certsSUSE Linux Enterprise Server 10openssl-certsThe openssl-certs package was updated to match the
certificates contained in the Mozilla NSS 3.15.4 release.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1153-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10SUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 10Mozilla FirefoxMozilla Firefox has been updated to the 17.0.7 ESR version,
which fixes bugs and security issues.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDSUSE Linux Enterprise Desktop 11.x is installedSUSE Linux Enterprise Desktop 11SUSE Linux Enterprise Desktop 11.x is installed.Maria MikhnoDRAFTINTERIMACCEPTEDACCEPTEDSUSE Linux Enterprise Desktop 10 is installedSUSE Linux Enterprise Desktop 10SUSE Linux Enterprise Desktop 10 is installed.Thomas R. JonesDRAFTJonathan BakerINTERIMACCEPTEDNicholas HansenINTERIMACCEPTEDChandan SINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1237-2 -- Security update for strongswanSUSE Linux Enterprise Server 10strongswanThis update fixes the ECDSA signature vulnerability in
strongswan. CVE-2013-2944 was assigned to this issue.
Security Issue reference:
* CVE-2013-2944
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2944
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1382-1 -- Security update for Mozilla FirefoxSUSE Linux Enterprise Server 10Mozilla FirefoxUpdate to Firefox 17.0.8esr (bnc#833389) to address:
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 (bmo#855331,
bmo#844088, bmo#858060, bmo#870200, bmo#874974, bmo#861530,
bmo#854157, bmo#893684, bmo#878703, bmo#862185, bmo#879139,
bmo#888107, bmo#880734) Miscellaneous memory safety hazards
(rv:23.0 / rv:17.0.8)
* MFSA 2013-66/CVE-2013-1706/CVE-2013-1707 (bmo#888314,
bmo#888361) Buffer overflow in Mozilla Maintenance Service
and Mozilla Updater
* MFSA 2013-68/CVE-2013-1709 (bmo#848253) Document URI
misrepresentation and masquerading
* MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests
allow for code execution and XSS attacks
* MFSA 2013-71/CVE-2013-1712 (bmo#859072) Further
Privilege escalation through Mozilla Updater
* MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong
principal used for validating URI for some Javascript
components
* MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin
bypass with web workers and XMLHttpRequest
* MFSA 2013-75/CVE-2013-1717 (bmo#406541) Local Java
applets may read contents of local file systemSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0536-1 -- Security update for Linux kernelSUSE Linux Enterprise Server 10Linux kernelThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS
kernel has been updated to fix various security issues and
several bugs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2013:1405-1 -- Recommended update for ibutilsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 10ibutilsThis update for InfiniBand Diagnostic Tools (ibutils) fixes
a syntax error that affected the ibdiagnet, ibdiagpath and
ibdiagui utilities.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE Linux Enterprise Server 11.x is installedSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server 11.x is installed.Maria KedovskayaDRAFTINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0563-1 -- Recommended update for mono-coreSUSE Linux Enterprise Server 10mono-coreThis update adds handling of SHA256 hashes to parts of the
X509 Certificate classes in the C# implementation of Mono.
Recently released new root certificates using SHA256
hashing triggered a uncaught exception within mono that
lead to termination of the zmd.exe process, or other users
of the X509Store C# class.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2013:1578-1 -- Security update for gpgSUSE Linux Enterprise Server 10gpgThis GnuPG LTSS roll-up update fixes two security issues:
* CVE-2013-4351: GnuPG treated no-usage-permitted keys
as all-usages-permitted.
* CVE-2013-4402: An infinite recursion in the
compressed packet parser was fixed.
* CVE-2013-4242: GnuPG allowed local users to obtain
private RSA keys via a cache side-channel attack involving
the L3 cache, aka Flush+Reload.
* CVE-2012-6085: The read_block function in
g10/import.c in GnuPG 1.4.x, when importing a key, allowed
remote attackers to corrupt the public keyring database or
cause a denial of service (application crash) via a crafted
length field of an OpenPGP packet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-SU-2014:0538-1 -- Security update for OpenSSLSUSE Linux Enterprise Server 10OpenSSLOpenSSL has been updated to fix an attack on ECDSA Nonces.
Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces
could have been recovered. (CVE-2014-0076)
Security Issue reference:
* CVE-2014-0076
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE-RU-2014:0563-2 -- Recommended update for mono-coreSUSE Linux Enterprise Server 10mono-coreThis update adds handling of SHA256 hashes to parts of the
X509 Certificate classes in the C# implementation of Mono.
Recently released new root certificates using SHA256
hashing triggered a uncaught exception within mono that
lead to termination of the zmd.exe process, or other users
of the X509Store C# class.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDSUSE Linux Enterprise Server 10 is installedSUSE Linux Enterprise Server 10SUSE Linux Enterprise Server 10 is installed.Thomas R. JonesDRAFTINTERIMACCEPTEDNicholas HansenINTERIMACCEPTEDEvgeniy PavlovINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDcpe:/o:novell:suse_linux:10:serverwgetatbash-docreadline-develreadline-devel-32bitlibreadline5-32bitreadline-docreadline-32bitlibreadline5bashreadlinebash-doclibopenssl0_9_8libopenssl0_9_8-hmaclibopenssl0_9_8-32bitlibopenssl0_9_8-hmac-32bitxinetdphp5-xslphp5-zlibphp5-snmpphp5-ftpphp5-fastcgiphp5-pdophp5-pcntlphp5-pearphp5-soapphp5-ldapphp5-opensslphp5-odbcphp5-hashphp5-suhosinphp5-sysvsemphp5-mbstringphp5-dbaphp5-pgsqlphp5-sysvmsgphp5-jsonphp5-xmlreaderphp5-curlphp5-gdphp5-bcmathphp5php5-exifphp5-gmpphp5-ctypephp5-bz2php5-pspellphp5-domphp5-wddxphp5-mcryptphp5-dbasephp5-gettextphp5-tokenizerphp5-sysvshmphp5-iconvphp5-calendarphp5-xmlrpcphp5-shmopphp5-mysqlmhtml-firefoxsquidpartedparted-develparted-32bitipmitooltimezone-javatimezoneapparmor-profilesperl-32bitperllibfreebl3libsoftokn3-32bitlibfreebl3-32bitlibsoftokn3supportutilslibfreebl3-32bitmozilla-nspr-32bitMozillaFirefoxMozillaFirefox-translationslibfreebl3mozilla-nss-toolsmozilla-nss-32bitlvm2gpg2libtiff-32bitlibtiff3-32bittifflibtiff-devel-32bitlibtiff3nagiosnagios-wwwautofs5popplerpoppler-glibpoppler-qtpoppler-develibutils-devel-32bitibutils-32bitModulesjava-1_4_2-ibm-develjava-1_4_2-ibm-jdbcjava-1_4_2-ibmjava-1_4_2-ibm-pluginlzoliblzo2-2liblzo2-2-32bitlzo-devel-32bitlzo-devellzo-32bitlibcurl4-32bitlibcurl4compat-curl2kernel-vmikernel-symskernel-defaultkernel-xenpaekernel-vmipaekernel-kdumppaekernel-bigsmpquagga-develquaggakernel-xenpaekernel-vmikernel-bigsmpkernel-symskernel-defaultkernel-vmipaekernel-kdumppaerelease-notes-slesjava-1_4_2-ibm-jdbcjava-1_4_2-ibm-develjava-1_4_2-ibmjava-1_4_2-ibm-pluginlibxml2-32bitlibxml2-devel-32bitlibxml2-doccupscups-develcups-libs-32bitcups-clientcups-libsxorg-x11-libs-32bitxorg-x11-fonts-75dpixorg-x11-manxorg-x11-Xvncxorg-x11-fonts-syriacxorg-x11-server-glxxorg-x11-devel-32bitxorg-x11-fonts-cyrillicxorg-x11-fonts-scalabletimezone-javatimezoneclamavlibgnutls26libgnutls26-32bitlibgnutls-extra26samba-32bitsamba-docldapsmblibmsrpcsamba-vscansamba-client-32bitsamba-pythonsamba-winbind-32bitsambasamba-krb-printinglibmsrpc-devellibsmbclient-32bitjava-1_4_2-ibm-develjava-1_4_2-ibm-pluginjava-1_4_2-ibmjava-1_4_2-ibm-jdbcofed-kmp-defaultofed-kmp-vmiofed-cxgb3-NIC-kmp-smpofed-cxgb3-NIC-kmp-debugofedofed-kmp-vmipaeofed-cxgb3-NIC-kmp-kdumpofed-cxgb3-NIC-kmp-kdumppaeofed-kmp-kdumppaeofed-cxgb3-NIC-kmp-vmiofed-kmp-debugofed-kmp-kdumpofed-cxgb3-NIC-kmp-bigsmpofed-docofed-cxgb3-NIC-kmp-defaultofed-kmp-smpofed-kmp-bigsmpofed-cxgb3-NIC-kmp-vmipaeopenssl-32bitopenssl-devel-32bitopenssl-doclibxslt-devel-32bitlibxslt-32bitkrb5-devel-32bitkrb5-apps-serverskrb5-clientkrb5-32bitkrb5-apps-clientsapache2-utilslibsmbclientsamba-client-32bitsamba-winbind-32bitlibmsrpclibsmbclient-develsamba-krb-printingsamba-32bitcifs-mountsamba-winbindsamba-vscanlibsmbclient-32bitsambalibmsrpc-develsamba-clientsamba-pythonldapsmbMozillaFirefoxfirefox3-pangoMozillaFirefox-translationsmozilla-nss-toolsfirefox3-pango-32bitfirefox3-gtk2mozilla-nss-32bitfirefox3-cairo-32bitfirefox3-cairomozilla-nspr-32bitfirefox3-gtk2-32bitcompat-curl2-32bitcompat-curl2release-notes-slesjava-1_4_2-ibm-jdbcjava-1_4_2-ibmjava-1_4_2-ibm-develjava-1_4_2-ibm-plugintimezonetimezone-javautil-linuxkernel-vmikernel-symskernel-xenpaekernel-bigsmpkernel-vmipaekernel-defaultkernel-kdumppaeapache2-develapache2apache2-example-pagesapache2-preforkapache2-docapache2-workertimezone-javatimezonejava-1_6_0-ibm-plugin-32bitjava-1_6_0-ibm-alsajava-1_6_0-ibm-32bitjava-1_6_0-ibm-pluginjava-1_6_0-ibm-develjava-1_6_0-ibmjava-1_6_0-ibm-devel-32bitjava-1_6_0-ibm-jdbcjava-1_6_0-ibm-fontsjava-1_6_0-ibm-alsa-32bitlibgnutls26-32bitlibgnutls26libgnutls-extra26libfreebl3libsoftokn3-32bitmozilla-nss-toolslibsoftokn3mozilla-nss-32bitmozilla-nspr-32bitlibfreebl3-32bitMesaMesa-develMesa-32bitMesa-devel-32bitMozillaFirefoxMozillaFirefox-translationsmozilla-nss-32bitmozilla-nspr-32bitmozilla-nss-toolsjava-1_5_0-ibm-demojava-1_5_0-ibm-develjava-1_5_0-ibm-srcjava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-pluginjava-1_5_0-ibm-fontsjava-1_5_0-ibm-32bitjava-1_5_0-ibmjava-1_5_0-ibm-jdbcjava-1_5_0-ibm-devel-32bitjava-1_5_0-ibm-alsastrongswanstrongswan-doctimezone-javatimezonekshksh-develtimezone-javatimezonesudoxen-toolsxen-libs-32bitxenxen-tools-ioemuxen-kmp-kdumpxen-doc-htmlxen-develxen-libsxen-kmp-kdumppaexen-doc-pdfxen-kmp-vmixen-tools-domUxen-kmp-bigsmpxen-kmp-defaultxen-kmp-debugxen-doc-psxen-kmp-smpxen-kmp-vmipaekrb5krb5-apps-clientskrb5-apps-serverskrb5-devel-32bitkrb5-develkrb5-32bitkrb5-clientkrb5-serveropenswan-docopenswanlibxml2-32bitlibxml2-devel-32bitlibxml2-pythonlibxml2libxml2-develkernel-bigsmpkernel-defaultkernel-kdumppaekernel-symskernel-vmikernel-vmipaekernel-xenpaejava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-develjava-1_5_0-ibm-fontsjava-1_5_0-ibm-pluginjava-1_5_0-ibm-alsajava-1_5_0-ibm-devel-32bitjava-1_5_0-ibm-jdbcjava-1_5_0-ibmjava-1_5_0-ibm-32bitjava-1_6_0-ibm-jdbcjava-1_6_0-ibm-develjava-1_6_0-ibm-pluginjava-1_6_0-ibmjava-1_6_0-ibm-fontsjava-1_6_0-ibm-alsa-32bitjava-1_6_0-ibm-plugin-32bitjava-1_6_0-ibm-devel-32bitjava-1_6_0-ibm-32bitjava-1_6_0-ibm-alsacurl-develcurl-32bitcurlzmdzmd-develtimezone-javatimezonemozilla-nss-32bitfirefox-pcremozilla-xulrunner191-translations-32bitfirefox-glib2-32bitmozilla-xulrunner192-translations-32bitmozilla-xulrunner192firefox-atkfirefox-freetype2-32bitmozilla-xulrunner192-translationsmozilla-nspr-develmozilla-xulrunner191-gnomevfsmozilla-nspr-32bitmozilla-xulrunner191firefox-pcre-32bitfirefox-cairo-32bitfirefox-pangofirefox-glib2firefox-gtk2-langfirefox-libgcc_s1mozilla-nss-toolsfirefox-cairomozilla-xulrunner191-32bitfirefox-libstdc++6-32bitMozillaFirefoxmozilla-nsprmozilla-xulrunner192-32bitfirefox-libgcc_s1-32bitfirefox-pixman-32bitmozilla-nssmozilla-nss-develmozilla-xulrunner192-gnomefirefox-libstdc++6mozilla-xulrunner191-gnomevfs-32bitmozilla-xulrunner191-translationsfirefox-pixmanMozillaFirefox-translationsfirefox-fontconfig-32bitfirefox-freetype2firefox-atk-32bitfirefox-pango-32bitfirefox-gtk2mozilla-xulrunner192-gnome-32bitfirefox-fontconfigfirefox-gtk2-32bitgnutls-32bitgnutls-devel-32bitgnutls-develgnutlsopenssl-devel-32bitopenssl-docopenssl-32bitphp5-curlphp5-bcmathapache2-mod_php5php5-shmopphp5-opensslphp5-pgsqlphp5-sysvsemphp5-posixphp5-gmpphp5-pdophp5-sysvshmphp5-snmpphp5-mhashphp5-exifphp5-gdphp5-pspellphp5-dbaphp5-bz2php5-iconvphp5-odbcphp5-tokenizerphp5-ftpphp5-pcntlphp5-pearphp5-xmlreaderphp5-zlibphp5-ncursesphp5-suhosinphp5-calendarphp5-xmlrpcphp5-mcryptphp5-jsonphp5-gettextphp5-sqlitephp5-mysqlphp5-dbasephp5-soapphp5-sysvmsgphp5-ctypephp5-develphp5-wddxphp5-domphp5-fastcgiphp5-ldapphp5php5-hashphp5-mbstringphp5-xslphp5-imapphp5-socketssuse-build-keyjava-1_5_0-ibm-develjava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-32bitjava-1_5_0-ibm-jdbcjava-1_5_0-ibm-fontsjava-1_5_0-ibm-alsajava-1_5_0-ibmjava-1_5_0-ibm-pluginjava-1_5_0-ibm-devel-32bitstrongswanstrongswan-docjava-1_5_0-ibm-32bitjava-1_5_0-ibm-devel-32bitjava-1_5_0-ibm-jdbcjava-1_5_0-ibm-pluginjava-1_5_0-ibm-demojava-1_5_0-ibmjava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-srcjava-1_5_0-ibm-develjava-1_5_0-ibm-fontsjava-1_5_0-ibm-alsajava-1_6_0-ibm-plugin-32bitjava-1_5_0-ibm-pluginjava-1_5_0-ibmjava-1_5_0-ibm-alsajava-1_6_0-ibm-32bitjava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-32bitjava-1_6_0-ibm-alsa-32bitjava-1_5_0-ibm-jdbcjava-1_6_0-ibm-devel-32bitjava-1_6_0-ibm-alsajava-1_6_0-ibm-develjava-1_6_0-ibmjava-1_6_0-ibm-fontsjava-1_5_0-ibm-fontsjava-1_6_0-ibm-pluginjava-1_6_0-ibm-jdbcjava-1_5_0-ibm-develjava-1_5_0-ibm-devel-32bittifflibtiff-32bitlibtifflibtiff3libtiff3-32bitlibtiff-devel-32bitlibtiff-develjava-1_5_0-ibm-alsa-32bitjava-1_5_0-ibm-fontsjava-1_5_0-ibmjava-1_5_0-ibm-demojava-1_6_0-ibm-alsajava-1_5_0-ibm-jdbcjava-1_5_0-ibm-pluginjava-1_6_0-ibm-devel-32bitjava-1_6_0-ibm-pluginjava-1_5_0-ibm-alsajava-1_5_0-ibm-srcjava-1_6_0-ibm-plugin-32bitjava-1_5_0-ibm-develjava-1_5_0-ibm-32bitjava-1_5_0-ibm-devel-32bitjava-1_6_0-ibm-32bitjava-1_6_0-ibm-jdbcjava-1_6_0-ibmjava-1_6_0-ibm-fontsjava-1_6_0-ibm-alsa-32bitjava-1_6_0-ibm-develxorg-x11-server-glxxorg-x11-Xvncxorg-x11-fonts-100dpixorg-x11-Xnestxorg-x11-fonts-75dpixorg-x11-libsxorg-x11-fonts-syriacxorg-x11-sdkxorg-x11-Xvfbxorg-x11-serverxorg-x11xorg-x11-libs-32bitxorg-x11-docxorg-x11-develxorg-x11-fonts-scalablexorg-x11-fonts-cyrillicxorg-x11-devel-32bitxorg-x11-manglibc-localenscdglibcglibc-profileglibc-profile-32bitglibc-32bitglibc-infoglibc-locale-32bitglibc-develglibc-devel-32bitglibc-htmlglibc-i18ndatawiresharkwireshark-developenssl-certsnfs-kernel-servernfs-docnfs-utilsnfs-clientjava-1_6_0-ibm-jdbcjava-1_6_0-ibm-alsajava-1_6_0-ibmjava-1_6_0-ibm-devel-32bitjava-1_6_0-ibm-plugin-32bitjava-1_6_0-ibm-develjava-1_6_0-ibm-32bitjava-1_6_0-ibm-alsa-32bitjava-1_6_0-ibm-pluginjava-1_6_0-ibm-fontslibxslt-32bitlibxsltlibxslt-devellibxslt-devel-32bitopenssl-certssled-releaseMozillaFirefoxMozillaFirefox-translationsMozillaFirefox-branding-SLEDstrongswan-docstrongswanMozillaFirefox-translationsMozillaFirefoxkernel-xenpaekernel-sourcekernel-kdumpkernel-bigsmpkernel-kdumppaekernel-xenkernel-symskernel-smpkernel-defaultkernel-debugkernel-vmikernel-vmipaeibutils-develibutilsibutils-devel-32bitibutils-32bitgpgopensslopenssl-docopenssl-devel-32bitopenssl-developenssl-32bitsles-releasemono-core-32bitmono-data-firebirdmono-webmono-data-sqlitemono-data-sybasemono-data-postgresqlmono-winformsmono-nunitmono-data-oraclemono-coremono-locale-extrasmono-data0:0.98.5-0.5.10:0.98.5-0.7.10:1.10.2-15.14.50:0.9.8a-18.86.30:31.3.0esr-0.8.10:31.3.0esr-0.3.10:31.3.0esr-0.5.10:31.0-0.7.10:3.17.2-0.5.10:31.2.0esr-0.11.10:4.10.7-0.5.40:2.2.3-16.32.53.10:2.2.3-16.52.10:3.1.8-921.25.3.10:3.1.8-1069.22.22.10:3.1.8-921.31.10:2.4-31.111.10:2.2.3-16.32.51.20:2.2.3-16.50.10:2.4-31.77.112.10:3.1-24.32.10:3.2-147.14.20.10:3.2-147.20.10:5.2-147.20.10:5.2-147.14.20.10:5.1-24.32.10:3.1-24.34.10:5.2-147.22.10:5.2-147.14.22.10:3.2-147.14.22.10:5.1-24.34.10:3.2-147.22.10:2014g-0.5.10:2014g-0.3.10:3.16.5-0.4.2.10:3.16.5-0.5.10:0.9.8j-0.62.30:0.9.8a-18.84.50:0.9.8a-18.45.79.30:24.6.0esr-0.5.40:24-0.12.40:4.10.6-0.5.40:3.16.1-0.5.40:1.6.0_sr13.0-0.13.30:2.2.3-16.46.10:1.4.2_sr13.15-0.6.10:1.4.2_sr13.15-0.3.10:2014e-0.8.10:2014e-0.6.10:2.3.14-14.12.10:2.3.14-130.133.10:5.2.14-0.48.10:1.8.5-0.2.10:1.6.13-0.5.10:0.5-1.13.40:17.0.4esr-0.7.10:7-0.10.40:4.9.4-0.6.30:3.14.1-0.6.30:1.2.10-13.40.10:2.5.STABLE12-18.13.982.4.10:2.7.STABLE5-2.12.12.10:1.6.25.1-15.37.10:1.8.11-5.10.40:2.6.16.60-0.123.10:2.18.9-0.11.10:24.8.0esr-0.5.10:4.10.7-0.5.10:3.16.4-0.5.20:24-0.7.480:3.16.1-0.8.10:24.6.0esr-0.8.10:4.10.6-0.3.10:24-0.4.10.240:4.10.6-0.5.10:24.6.0esr-0.3.10:3.16.1-0.3.10:24.6.0esr-0.5.20:3.16.1-0.5.10:24-0.12.10:2013a-0.4.10:2013a-0.6.10:2.0.1-20.28.10:1.0.7-36.52.10:5.8.8-14.21.30:2.2.3-16.32.45.10:24.7.0esr-0.3.10:24.7.0esr-0.8.20:3.16.2-0.5.10:3.16.2-0.3.10:24.7.0esr-0.5.10:3.16.2-0.8.10:1.20-0.28.73.10:1.20-0.73.10:7-0.10.110:17.0.5esr-0.4.10:7-0.6.9.170:17.0.5esr-0.8.10:4.9.6-0.3.10:4.9.6-0.5.10:3.14.3-0.4.3.10:3.14.3-0.5.10:2.02.17-7.40.10:1.6.0_sr13.0-0.7.7.10:6.9.0-50.82.10:1.4.2-23.21.10:1.9.18-17.23.10:3.8.2-141.152.10:3.8.2-5.34.10:2.6-13.26.10:3.0.6-1.25.28.10:5.0.5-0.22.20:0.4.4-19.29.10:1.5.4-0.7.7.10:1.5.4-0.13.10:1.5.7-0.9.10:3.1.6-50.10.10:1.4.2_sr13.17-0.2.10:1.4.2_sr13.17-0.5.10:2.03-12.3.10:2.02-12.10.10:7.19.7-1.20.27.10:7.19.7-1.28.10:7.11.0-20.11.10:2.6.16.60-0.103.10:0.97.8-0.5.10:0.97.8-0.2.10:0.99.9-14.17.120:0.99.15-0.14.110:2.6.16.60-0.101.10:10.4.13-0.11.10:1.4.2_sr13.15-0.6.10:1.4.2_sr13.15-0.3.10:2.4-31.109.10:2.6.23-15.37.10:2.7.6-0.23.10:1.1.23-40.64.10:6.9.0-50.84.40:6.9.0-50.84.40:2013d-0.3.10:2013d-0.5.10:7.15.1-19.30.10:1.6.0_sr14.0-0.3.10:1.6.0_sr14.0-0.11.10:0.9.8a-18.76.10:93u-0.23.10:0.97.7-0.3.10:0.97.7-0.5.10:1.2.10-13.32.10:2.4.1-24.39.45.10:3.0.36-0.12.24.10:1.34b-25.13.24.10:0.3.6b-43.13.24.10:3.0.36-0.13.24.10:1.4.2_sr13.16-0.5.10:1.4.2_sr13.16-0.2.10:1.5.2_2.6.16.60_0.99.38-0.14.20:1.5.2_2.6.16.60_0.99.38-0.14.30:1.5.2-0.14.10:1.5.2_2.6.16.60_0.99.36-0.14.10:1.7.6p2-0.2.12.10:1.6.9p23-0.18.10:0.9.8a-18.45.69.10:1.1.15-15.20.10:1.1.24-19.21.10:1.4.3-19.49.53.10:1.6.3-133.49.56.10:2.2.3-16.48.10:2.2.12-1.38.20:0.3.6b-43.13.28.10:3.0.36-0.13.28.10:1.34b-25.13.28.10:10.0.12-0.6.30:7-0.8.460:1.14.5-0.12.1780:3.14.1-0.6.10:1.2.4-0.8.50:4.9.4-0.6.10:2.10.6-0.12.210:7.11.0-20.9.10:10.4.12-0.10.10:1.4.2_sr13.18-0.4.10:1.4.2_sr13.18-0.7.10:2013b-0.5.10:2013b-0.4.10:2.12r-35.52.10:1.8.6-0.2.10:1.6.14-0.5.10:2013h-0.5.10:2.6.16.60-0.113.10:1.0.7-36.39.42.10:7.15.1-19.18.31.10:2.2.3-16.32.47.10:2013i-0.6.10:2013i-0.5.10:1.6.0_sr14.0-0.6.6.10:2.4.1-24.39.47.10:1.2.10-13.36.10:3.15.3-0.5.10:4.10.2-0.5.10:3.15.3-0.3.10:4.10.2-0.3.10:3.15.3-0.8.10:1.5.0_sr16.0-0.6.10:1.0.7-36.48.10:6.4.2-19.20.20:17.0.6esr-0.8.10:7-0.10.340:4.9.6-0.5.70:3.14.3-0.5.70:17.0.8esr-0.4.2.10:17.0.8esr-0.5.30:1.6.0_sr15.1-0.5.10:1.5.0_sr16.2-0.5.10:4.4.0-6.15.10:2013g-0.4.10:2013g-0.4.4.10:2013g-0.5.10:93u-0.22.10:93u-0.27.50:2014a-0.5.10:2014a-0.7.10:7.15.1-19.26.10:1.6.8p12-18.21.80:3.2.3_17040_46-0.7.10:3.2.3_17040_46_2.6.16.60_0.103.13-0.7.10:3.2.3_17040_28-0.6.21.30:3.2.3_17040_28_2.6.16.60_0.113.9-0.6.21.30:1.96-0.6.10:1.4.3-19.49.51.10:2.4.4-18.21.10:2.6.16-1.38.10:2.6.23-15.39.10:0.9.8a-18.45.75.10:2.6.16.60-0.107.10:1.5.0_sr16.6-0.5.10:2014c-0.3.10:1.6.0_sr16.0-0.3.10:1.6.0_sr16.0-0.5.10:1.6.0_sr16.0-0.8.10:7.15.1-19.28.10:7.3.0.0-0.20.630:2014c-0.5.10:2014c-0.7.10:1.1.24-19.23.10:24-0.12.10:7.8-0.8.10:2.22.5-0.13.30:1.8.0-0.10.20:4.10.4-0.5.10:3.16-0.5.10:4.7.2_20130108-0.22.10:1.9.1.19-0.13.30:0.16.0-0.7.10:24.5.0esr-0.7.20:2.3.7-0.35.10:1.28.0-0.7.30:1.26.2-0.9.20:1.9.2.28-0.13.40:2.6.0-0.7.10:2.18.9-0.9.20:1.2.10-13.38.10:0.9.8a-18.45.77.10:0.9.8a-18.82.40:5.2.14-0.42.10:1.0-907.36.36.10:1.0-907.39.3.10:1.0-685.20.10:1.5.0_sr16.4-0.5.10:4.1.10-0.20.10:4.4.0-6.17.10:4.4.0-6.23.10:1.5.0_sr16.3-0.5.10:1.6.0_sr15.1-0.6.10:1.6.0_sr15.1-0.15.10:1.5.0_sr16.5-0.6.10:3.8.2-141.154.10:3.8.2-5.36.10:1.5.0_sr16.1-0.5.10:1.6.0_sr13.1-0.9.10:1.6.0_sr13.1-0.14.10:6.9.0-50.80.10:6.9.0-50.80.10:2.4-31.77.102.10:1.6.16-0.5.50:1.85-0.14.140:0.9.8a-18.78.50:1.0.7-36.50.10:1.2.3-18.29.10:1.6.0_sr13.2-0.8.10:1.6.0_sr13.2-0.3.10:1.1.15-15.22.10:1.96-0.18.1^11(\.\d)*$0:7-0.6.9.310:17.0.7esr-0.3.10:17.0.7esr-0.6.10:7-0.10.280:4.4.0-6.13.20:17.0.8esr-0.5.10:2.6.16.60-0.105.1^11(\.\d)*$0:1.5.7-0.11.10:1.5.4-0.15.10:1.5.4-0.7.9.10:1.4.2-23.27.10:0.9.8a-18.80.5^(i586$)|(x86_64$)$(none)100:1.2.2-12.36.1