An updated Mozilla package is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: mozilla Announcement-ID: SUSE-SA:2004:036 Date: Wednesday, Oct 6th 14:36:39 MEST 2004 Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Desktop 1.0 Vulnerability Type: various vulnerabilities Severity (1-10): 5 SUSE default package: yes Cross References: http://www.mozilla.org/security/ Content of this advisory: 1) security vulnerability resolved: - various vulnerabilities problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - openmotif 6) standard appendix (further information)
Updated Samba packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: samba Announcement-ID: SUSE-SA:2004:035 Date: Tuesday, Oct 5th 2004 16:53:01 MEST Affected products: 8.1, 8.2, 9.0 SUSE Linux Enterprise Server 8 SUSE Linux Desktop 1.0 Vulnerability Type: remote file disclosure Severity (1-10): 6 SUSE default package: Yes Cross References: CAN-2004-0815 Content of this advisory: 1) security vulnerability resolved: - Samba file access problem problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - opera - kernel - mozilla 6) standard appendix (further information)
LinuxBeta.com has posted a screenshot slideshow of Novell SUSE LINUX 9.1
Updated XFree86 packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: XFree86-libs, xshared Announcement-ID: SUSE-SA:2004:034 Date: Friday, Sep 17th 2004 14:23 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 8, 9 remote command execution Severity (1-10): 9 SUSE default package: yes Cross References: CAN-2004-0687 CAN-2004-0688 Content of this advisory: 1) security vulnerability resolved: - stack-based buffer overflow - integer overflow problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - samba - a2ps - mozilla - mc - squid - gaim - nessus - konqueror 6) standard appendix (further information)
Updated gtk2/gdk-pixbuf packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: gtk2, gdk-pixbuf Announcement-ID: SUSE-SA:2004:033 Date: Wednesday, Sep 17th 2004 12:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 8, 9 SuSE Linux Desktop 1.0 Vulnerability Type: remote code execution Severity (1-10): 9 SUSE default package: yes Cross References: CAN-2004-0782 CAN-2004-0783 CAN-2004-0788 Content of this advisory: 1) security vulnerability resolved: - heap based overflow - stack based overflow - integer overflow 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - mozilla - mc - squid - gaim - nessus 6) standard appendix (further information)
An updated Apache2 package is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: apache2 Announcement-ID: SUSE-SA:2004:032 Date: Wednesday, Sep 15th 2004 16:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 9 Vulnerability Type: remote denial-of-service Severity (1-10): 5 SUSE default package: no Cross References: CAN-2004-0747 CAN-2004-0786 Content of this advisory: 1) security vulnerability resolved: - remote denial-of-service - local buffer overflow problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - samba - a2ps - mozilla - mc - squid - gtk2 - gaim - nessus 6) standard appendix (further information)
Updated cups packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: cups Announcement-ID: SUSE-SA:2004:031 Date: Wednesday, Sep 15th, 15:30:00 MEST 2004 Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Desktop 1.0 Vulnerability Type: remote code execution Severity (1-10): 6 SUSE default package: Yes. Cross References: CAN-2004-0801 CAN-2004-0558 Content of this advisory: 1) security vulnerability resolved: - remote command execution and remote DoS in CUPS problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - squid - OpenOffice - mozilla - mpg123 - ImageMagick 6) standard appendix (further information)
An Apache2 update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: apache2 Announcement-ID: SUSE-SA:2004:030 Date: Monday, Sept 6th 15:00:00 MEST 2004 Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 9 Vulnerability Type: remote DoS condition Severity (1-10): 4 SUSE default package: No Cross References: CAN-2004-0748 CAN-2004-0751 Content of this advisory: 1) security vulnerability resolved: - Remote DoS condition in mod_ssl problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - mysql - mozilla 6) standard appendix (further information)
A zlib update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: zlib Announcement-ID: SUSE-SA:2004:029 Date: Thursday, Sep 2nd 2004 17:30:00 MEST Affected products: 9.1 SUSE Linux Enterprise Server 9 Vulnerability Type: denial of service Severity (1-10): 3-5 SUSE default package: yes Cross References: CAN-2004-0797 VU#238678 Content of this advisory: 1) security vulnerability resolved: - denial of service condition in zlib 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - gaim - opera - imlib, imlib2 6) standard appendix (further information)
A kernel update has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement-ID: SUSE-SA:2004:028 Date: Wednesday, Sept 1st 2004 14:26 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote denial-of-service Severity (1-10): 6 SUSE default package: yes Cross References: none Content of this advisory: 1) security vulnerability resolved: - integer overflow in kNFSd - local denial-of-service condition via /dev/ptmx problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - zlib - courier-imap - gaim - acroread - opera - netpbm/libnetpbm - webmin - spamassassin/perl-spamassassin - cfengine - xv 6) standard appendix (further information)
The Novell Linux Technical Resource Kit is available again
KDE 3.3 packages are now available for SUSE Linux
A qt3 update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: qt3/qt3-non-mt/qt3-32bit/qt3-static Announcement-ID: SUSE-SA:2004:027 Date: Thursday, Aug 19th 2004 15:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10): 7 SUSE default package: yes Cross References: CAN-2004-0691 CAN-2004-0692 CAN-2004-0693 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in image handling code problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - opera - acroread 6) standard appendix (further information)
Novell is finally shipping the updated Novell Linux Technical Resource Kit:
An updated kernel has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement-ID: SUSE-SA:2004:024 Date: Monday, Aug 9th 2004 08:50 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10): 6 SUSE default package: yes Cross References: CAN-2004-0415 Content of this advisory: 1) security vulnerability resolved: - race condition in file offset pointer handling problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - gaim - mozilla/firebird 6) standard appendix (further information)
An updated libpng package has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: libpng Announcement-ID: SUSE-SA:2004:023 Date: Wednesday, Aug 4th 2004 16:00 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10): 9 SUSE default package: yes Cross References: VU#388984 VU#236656 VU#160448 VU#477512 VU#817368 VU#286464 CAN-2004-0597 CAN-2004-0598 CAN-2004-0599 Content of this advisory: 1) security vulnerability resolved: - stack based buffer overflows - NULL pointer dereference - integer overflows problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - mod_ssl - lha - gfxboot - liby2util - pure-ftpd - neon - pavuk - sox - gaim - kernel 6) standard appendix (further information) ______________________________________________________________________________
It looks like that Novell will release an updated Linux Technical Resource Kit shortly.
Some users have received the following email from Novell:
Some users have received the following email from Novell:
Updated SAMBA packages has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: samba Announcement-ID: SUSE-SA:2004:022 Date: Friday, Jul 23th 2004 12:30 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote root compromise Severity (1-10): 7 SUSE default package: no Cross References: CAN-2004-0600 CAN-2004-0686 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in base64 code - buffer overflow in "mangling method hash" code problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - cadaver - kopete - wv - gnats - OpenOffice_org - mod_ssl - lha 3) standard appendix (further information)
Updated PHP4 packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: php4/mod_php4 Announcement-ID: SUSE-SA:2004:021 Date: Friday, Jul 16th 2004 13:00:00 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1, SuSE Linux Enterprise Server 8, SuSE Linux Office Server, UnitedLinux 1.0 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE default package: No. Cross References: CAN-2004-0594 CAN-2004-0595 http://security.e-matters.de/advisories/112004.html Content of this advisory: 1) security vulnerability resolved: memory_limit problem, strip_tags() bypassing problem problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - sitecopy - cadaver - freeswan - ipsec-tools - apache2 - dhcp/dhcp-server 3) standard appendix (further information) ______________________________________________________________________________
