15 updates has been released for SUSE
[security-announce] SUSE-SU-2012:0033-1: important: Security update for glibc
[security-announce] SUSE-SU-2012:0033-1: important: Security update for glibc
SUSE Security Update: Security update for glibc[security-announce] SUSE-SU-2012:0024-1: important: Security update for heimdal
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0033-1
Rating: important
References: #678195 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
The following bug has been fixed:
* Specially crafted time zone files could cause a heap
overflow in glibc.
Security Issue reference:
* CVE-2009-5029
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-glibc-5555
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-glibc-5555
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-glibc-5555
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-glibc-5555
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
glibc-html-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 i686 x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
nscd-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 (i586 i686 ia64 ppc64 s390x x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
nscd-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
glibc-locale-x86-2.11.1-0.34.1
glibc-profile-x86-2.11.1-0.34.1
glibc-x86-2.11.1-0.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 i686 x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
glibc-i18ndata-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
nscd-2.11.1-0.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
References:
http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/678195
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=465d0206a0a64cb1c71ef81d34e113c1
SUSE Security Update: Security update for heimdal[security-announce] SUSE-SU-2012:0023-1: important: Security update for glibc
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0024-1
Rating: important
References: #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE CORE 9
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update of heimdal fixes one security issues:
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the heimdal RPM, not the regular telnetd
supplied by SUSE.)
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Package List:
- SUSE CORE 9 (i586 s390 s390x x86_64):
heimdal-0.6.1rc3-55.29
heimdal-devel-0.6.1rc3-55.29
heimdal-lib-0.6.1rc3-55.29
heimdal-tools-0.6.1rc3-55.29
- SUSE CORE 9 (x86_64):
heimdal-devel-32bit-9-201112301024
heimdal-lib-32bit-9-201112301024
- SUSE CORE 9 (s390x):
heimdal-devel-32bit-9-201112301034
heimdal-lib-32bit-9-201112301034
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=826c068adcfd8a672a0756aaec46a3bc
SUSE Security Update: Security update for glibc[security-announce] SUSE-SU-2012:0018-1: important: Security update for Kerberos 5
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0023-1
Rating: important
References: #661460 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
The following bug has been fixed:
* Specially crafted time zone files could cause a heap
overflow in glibc.
Security Issue reference:
* CVE-2009-5029
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 i686 ia64 ppc s390x x86_64):
glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
glibc-profile-2.4-31.97.1
nscd-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
glibc-locale-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
glibc-x86-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
glibc-64bit-2.4-31.97.1
glibc-devel-64bit-2.4-31.97.1
glibc-locale-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 i686 x86_64):
glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
nscd-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
glibc-dceext-2.4-31.97.1
glibc-html-2.4-31.97.1
glibc-profile-2.4-31.97.1
- SLE SDK 10 SP4 (s390x x86_64):
glibc-dceext-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1
- SLE SDK 10 SP4 (ia64):
glibc-dceext-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
- SLE SDK 10 SP4 (ppc):
glibc-dceext-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1
References:
http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/661460
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=aba5a35b05cac6339a45d9264306d85b
SUSE Security Update: Security update for Kerberos 5[security-announce] openSUSE-SU-2012:0015-1: important: freetype2
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0018-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update of krb5 fixes two security issues.
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-krb5-5594
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-krb5-5594
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-krb5-5594
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-krb5-5594
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
krb5-devel-1.6.3-133.48.48.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):
krb5-devel-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
krb5-x86-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
krb5-x86-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
krb5-64bit-1.4.3-19.49.49.1
krb5-devel-64bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):
krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
krb5-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
krb5-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=14b571ec5c63a7c3f2a6c6f9f38f606a
http://download.novell.com/patch/finder/?keywords=1827558e7c86f395bb141c5095dca72d
http://download.novell.com/patch/finder/?keywords=af1f89f792c1b454611bd0a8d2dd9462
openSUSE Security Update: freetype2[security-announce] openSUSE-SU-2012:0019-1: important: krb5-appl: Fixed remote buffer overflow in ktelnetd
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0015-1
Rating: important
References: #730124
Cross-References: CVE-2011-3256 CVE-2011-3439
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update of freetype2 fixes multiple security flaws that
could allow attackers to cause a denial of service or to
execute arbitrary code via specially crafted fonts
(CVE-2011-3256, CVE-2011-3439).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch freetype2-5548
- openSUSE 11.3:
zypper in -t patch freetype2-5548
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
freetype2-devel-2.4.4-7.10.1
libfreetype6-2.4.4-7.10.1
- openSUSE 11.4 (x86_64):
freetype2-devel-32bit-2.4.4-7.10.1
libfreetype6-32bit-2.4.4-7.10.1
- openSUSE 11.3 (i586 x86_64):
freetype2-devel-2.3.12-7.8.1
libfreetype6-2.3.12-7.8.1
- openSUSE 11.3 (x86_64):
freetype2-devel-32bit-2.3.12-7.8.1
libfreetype6-32bit-2.3.12-7.8.1
References:
http://support.novell.com/security/cve/CVE-2011-3256.html
http://support.novell.com/security/cve/CVE-2011-3439.html
https://bugzilla.novell.com/730124
openSUSE Security Update: krb5-appl: Fixed remote buffer overflow in ktelnetd[security-announce] SUSE-SU-2012:0010-1: important: Security update for krb5
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0019-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update of krb5 applications fixes two security issues.
CVE-2011-4862: A remote code execution in the kerberized
telnet daemon was fixed. (This only affects the ktelnetd
from the krb5-appl RPM, not the regular telnetd supplied by
SUSE.)
CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch krb5-appl-5593
- openSUSE 11.3:
zypper in -t patch krb5-appl-5593
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
krb5-appl-clients-1.0-7.12.1
krb5-appl-servers-1.0-7.12.1
- openSUSE 11.3 (i586 x86_64):
krb5-appl-clients-1.0-4.5.1
krb5-appl-servers-1.0-4.5.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
SUSE Security Update: Security update for krb5[security-announce] openSUSE-SU-2012:0007-1: important: seamonkey
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0010-1
Rating: important
References: #596826 #650650 #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________
An update that solves one vulnerability and has three fixes
is now available.
Description:
This update of krb5 fixes several security issues.
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
* CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple
checksum handling vulnerabilities, where: o krb5 clients
might have accepted unkeyed SAM-2 challenge checksums o
krb5 might have accepted KRB-SAFE checksums with
low-entropy derived keys
* CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API
library null pointer dereference
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Package List:
- SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64):
krb5-1.4.3-19.43.37.1
krb5-apps-clients-1.4.3-19.43.37.1
krb5-apps-servers-1.4.3-19.43.37.1
krb5-client-1.4.3-19.43.37.1
krb5-devel-1.4.3-19.43.37.1
krb5-server-1.4.3-19.43.37.1
- SUSE Linux Enterprise Server 10 SP2 (s390x x86_64):
krb5-32bit-1.4.3-19.43.37.1
krb5-devel-32bit-1.4.3-19.43.37.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/596826
https://bugzilla.novell.com/650650
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=c6533e0368b2b223506fedc65580c4ce
openSUSE Security Update: seamonkey[security-announce] SUSE-SU-403 Forbidden-1: important: Security update for openSSL
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0007-1
Rating: important
References: #737533
Cross-References: CVE-2011-3658 CVE-2011-3660 CVE-2011-3661
CVE-2011-3663 CVE-2011-3665
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available. It
includes one version update.
Description:
seamonkey version 2.6 fixes several security issues:
* MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety
hazards
* MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash
in the YARR regular expression library
* MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds
access
* MFSA 2011-56/CVE-2011-3663: Key detection without
JavaScript via SVG animation
* MFSA 2011-58/CVE-2011-3665: Crash scaling to
extreme sizes
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch seamonkey-5574
- openSUSE 11.3:
zypper in -t patch seamonkey-5574
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 2.6]:
seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 2.6]:
seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1
References:
http://support.novell.com/security/cve/CVE-2011-3658.html
http://support.novell.com/security/cve/CVE-2011-3660.html
http://support.novell.com/security/cve/CVE-2011-3661.html
http://support.novell.com/security/cve/CVE-2011-3663.html
http://support.novell.com/security/cve/CVE-2011-3665.html
https://bugzilla.novell.com/737533
SUSE Security Update: Security update for openSSL[security-announce] openSUSE-SU-2012:0051-1: important: krb5-appl: Fixed remote buffer overflow in ktelnetd
______________________________________________________________________________
Announcement ID: SUSE-SU-403 Forbidden-1
Rating: important
References: #670526 #678195 #735850
Cross-References: CVE-2009-5029 CVE-2011-0014
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update improves the ClientHello handshake message
parsing function. Prior to this update is was possible
that this function reads beyond the end of a message
leading to invalid memory access and a crash. Under some
circumstances it was possible that information from the
OCSP extensions was disclosed. (CVE-2011-0014: CVSS v2
Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P))
Security Issue reference:
* CVE-2011-0014
Indications:
Please update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-glibc-5555 sdksp1-libopenssl-devel-3938
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-glibc-5555 slessp1-libopenssl-devel-3938
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-glibc-5555 slessp1-libopenssl-devel-3938
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-glibc-5555 sledsp1-libopenssl-devel-3938
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libopenssl-devel-0.9.8h-30.32.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
glibc-html-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 i686 x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1
openssl-doc-0.9.8h-30.32.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1
- SUSE Linux Enterprise Server 11 SP1 (i586 i686 ia64 ppc64 s390x x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1
openssl-doc-0.9.8h-30.32.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
glibc-locale-x86-2.11.1-0.34.1
glibc-profile-x86-2.11.1-0.34.1
glibc-x86-2.11.1-0.34.1
libopenssl0_9_8-x86-0.9.8h-30.32.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 i686 x86_64):
glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
glibc-i18ndata-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1
References:
http://support.novell.com/security/cve/CVE-2009-5029.html
http://support.novell.com/security/cve/CVE-2011-0014.html
https://bugzilla.novell.com/670526
https://bugzilla.novell.com/678195
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=2adddddaf0d4d6c89870ab7b933c2204
http://download.novell.com/patch/finder/?keywords=465d0206a0a64cb1c71ef81d34e113c1
openSUSE Security Update: krb5-appl: Fixed remote buffer overflow in ktelnetd[security-announce] SUSE-SU-2012:0055-1: important: Security update for glibc
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0051-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update of krb5 applications fixes two security issues.
CVE-2011-4862: A remote code execution in the kerberized
telnet daemon was fixed. (This only affects the ktelnetd
from the krb5-appl RPM, not the regular telnetd supplied by
SUSE.)
CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch krb5-appl-5593
- openSUSE 11.3:
zypper in -t patch krb5-appl-5593
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64):
krb5-appl-clients-1.0-7.12.1
krb5-appl-servers-1.0-7.12.1
- openSUSE 11.3 (i586 x86_64):
krb5-appl-clients-1.0-4.5.1
krb5-appl-servers-1.0-4.5.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
SUSE Security Update: Security update for glibc[security-announce] SUSE-SU-2012:0056-1: important: Security update for heimdal
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0055-1
Rating: important
References: #661460 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
The following bug has been fixed:
* Specially crafted time zone files could cause a heap
overflow in glibc.
Security Issue reference:
* CVE-2009-5029
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 i686 ia64 ppc s390x x86_64):
glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
glibc-profile-2.4-31.97.1
nscd-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
glibc-locale-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
glibc-x86-2.4-31.97.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
glibc-64bit-2.4-31.97.1
glibc-devel-64bit-2.4-31.97.1
glibc-locale-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 i686 x86_64):
glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
nscd-2.4-31.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
glibc-dceext-2.4-31.97.1
glibc-html-2.4-31.97.1
glibc-profile-2.4-31.97.1
- SLE SDK 10 SP4 (s390x x86_64):
glibc-dceext-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1
- SLE SDK 10 SP4 (ia64):
glibc-dceext-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
- SLE SDK 10 SP4 (ppc):
glibc-dceext-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1
References:
http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/661460
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=aba5a35b05cac6339a45d9264306d85b
SUSE Security Update: Security update for heimdal[security-announce] openSUSE-SU-2012:0039-1: important: seamonkey
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0056-1
Rating: important
References: #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE CORE 9
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update of heimdal fixes one security issues:
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the heimdal RPM, not the regular telnetd
supplied by SUSE.)
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Package List:
- SUSE CORE 9 (i586 s390 s390x x86_64):
heimdal-0.6.1rc3-55.29
heimdal-devel-0.6.1rc3-55.29
heimdal-lib-0.6.1rc3-55.29
heimdal-tools-0.6.1rc3-55.29
- SUSE CORE 9 (x86_64):
heimdal-devel-32bit-9-201112301024
heimdal-lib-32bit-9-201112301024
- SUSE CORE 9 (s390x):
heimdal-devel-32bit-9-201112301034
heimdal-lib-32bit-9-201112301034
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=826c068adcfd8a672a0756aaec46a3bc
openSUSE Security Update: seamonkey[security-announce] SUSE-SU-2012:0050-1: important: Security update for Kerberos 5
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0039-1
Rating: important
References: #737533
Cross-References: CVE-2011-3658 CVE-2011-3660 CVE-2011-3661
CVE-2011-3663 CVE-2011-3665
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available. It
includes one version update.
Description:
seamonkey version 2.6 fixes several security issues:
* MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety
hazards
* MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash
in the YARR regular expression library
* MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds
access
* MFSA 2011-56/CVE-2011-3663: Key detection without
JavaScript via SVG animation
* MFSA 2011-58/CVE-2011-3665: Crash scaling to
extreme sizes
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch seamonkey-5574
- openSUSE 11.3:
zypper in -t patch seamonkey-5574
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 2.6]:
seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 2.6]:
seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1
References:
http://support.novell.com/security/cve/CVE-2011-3658.html
http://support.novell.com/security/cve/CVE-2011-3660.html
http://support.novell.com/security/cve/CVE-2011-3661.html
http://support.novell.com/security/cve/CVE-2011-3663.html
http://support.novell.com/security/cve/CVE-2011-3665.html
https://bugzilla.novell.com/737533
SUSE Security Update: Security update for Kerberos 5[security-announce] SUSE-SU-2012:0042-1: important: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0050-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update of krb5 fixes two security issues.
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-krb5-5594
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-krb5-5594
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-krb5-5594
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-krb5-5594
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
krb5-devel-1.6.3-133.48.48.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):
krb5-devel-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
krb5-x86-1.6.3-133.48.48.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
krb5-x86-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
krb5-64bit-1.4.3-19.49.49.1
krb5-devel-64bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):
krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
- SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
krb5-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
krb5-32bit-1.6.3-133.48.48.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
krb5-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=14b571ec5c63a7c3f2a6c6f9f38f606a
http://download.novell.com/patch/finder/?keywords=1827558e7c86f395bb141c5095dca72d
http://download.novell.com/patch/finder/?keywords=af1f89f792c1b454611bd0a8d2dd9462
SUSE Security Update: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0042-1
Rating: important
References: #596826 #650650 #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________
An update that solves one vulnerability and has three fixes
is now available.
Description:
This update of krb5 fixes several security issues.
* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
* CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple
checksum handling vulnerabilities, where: o krb5 clients
might have accepted unkeyed SAM-2 challenge checksums o
krb5 might have accepted KRB-SAFE checksums with
low-entropy derived keys
* CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API
library null pointer dereference
Security Issue reference:
* CVE-2011-4862
Indications:
Please install this update.
Package List:
- SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64):
krb5-1.4.3-19.43.37.1
krb5-apps-clients-1.4.3-19.43.37.1
krb5-apps-servers-1.4.3-19.43.37.1
krb5-client-1.4.3-19.43.37.1
krb5-devel-1.4.3-19.43.37.1
krb5-server-1.4.3-19.43.37.1
- SUSE Linux Enterprise Server 10 SP2 (s390x x86_64):
krb5-32bit-1.4.3-19.43.37.1
krb5-devel-32bit-1.4.3-19.43.37.1
References:
http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/596826
https://bugzilla.novell.com/650650
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=c6533e0368b2b223506fedc65580c4ce
