A Security Summary Report from SUSE:
An announcement from SUSE:
A security announcement from SUSE:
A new squid security update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: squid Announcement-ID: SUSE-SA:2005:008 Date: Tue, Feb 22nd 2005 14:30:00 MEST Affected products: 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 Vulnerability Type: remote denial of service Severity (1-10): 4 SUSE default package: no Cross References: CAN-2005-0446 Content of this advisory: 1) security vulnerability resolved: remote denial of service attack 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: none 6) standard appendix (further information)
A squid security update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: squid Announcement-ID: SUSE-SA:2005:006 Date: Thursday, Feb 10th 2005 13:30 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 Vulnerability Type: remote command execution Severity (1-10): 8 SUSE default package: no Cross References: CAN-2005-0094 CAN-2005-0095 CAN-2005-0096 CAN-2005-0097 CAN-2005-0173 CAN-2005-0174 CAN-2005-0175 CAN-2005-0211 CAN-2005-0241 Content of this advisory: 1) security vulnerability resolved: + buffer overflow in gopher parser + integer overflow in WCCP handling code + memory leak in the NTLM fakeauth_auth helper + denial-of-service in NTLM component + lax LDAP account name handling + cache poisoning by malformed HTTP packets + cache poisoning by splitted HTTP responses + buffer overflow in WCCP handling code + httpProcessReplyHeader function does not properly set the debug context problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: 6) standard appendix (further information) ______________________________________________________________________________
A Realplayer 8 security update has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: realplayer 8 Announcement-ID: SUSE-SA:2005:004 Date: Monday, Jan 24th 2005 16:00 MET Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Desktop 1.0 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE default package: yes Cross References: none Content of this advisory: 1) security vulnerability discussed: - integer overflow problem description 2) solution/workaround 3) standard appendix (further information)
A new kernel is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement-ID: SUSE-SA:2005:003 Date: Friday, Jan 21st 2005 16:00 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SUSE Linux Desktop 1.0 Novell Linux Desktop 9 Vulnerability Type: local privilege escalation Severity (1-10): 7 SUSE default package: yes Cross References: CAN-2004-1235 CAN-2005-0001 Content of this advisory: 1) security vulnerability resolved: - local privilege escalation - local denial of service attacks problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - see summary report 6) standard appendix (further information)
New php packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: php4, mod_php4 Announcement-ID: SUSE-SA:2005:002 Date: Monday, Jan 17th 2005 18:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE default package: no Cross References: CAN-2004-1019 CAN-2004-1065 http://bugs.php.net/bug.php?id=25753 Content of this advisory: 1) security vulnerability resolved: - buffer overflows in PHP - PHP source code disclosure problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: 6) standard appendix (further information)
A libtiff/tiff security update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: libtiff/tiff Announcement-ID: SUSE-SA:2005:001 Date: Monday, Jan 10th 2005 11:30 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 9 Vulnerability Type: remote system compromise Severity (1-10): 8 SUSE default package: yes Cross References: CAN-2004-1183 CAN-2004-1308 Content of this advisory: 1) security vulnerability resolved: - integer overflow - buffer overflow problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: 6) standard appendix (further information)
Mandrake Linux tips for free has posted a review on SUSE Linux 9.2 Professional edition
SUSE Linux 9.2 is now available for download as full DVD image or mini installation image for FTP installs
NewsForge has posted an article on SUSE Professional
Company starts test program for its Novell Open Enterprise Server, bringing NetWare services to SuSE Linux.
Read more
Read more
IBM and Novell have teamed together to provide Independent Software Vendors and Linux developers with the opportunity to try out SUSE LINUX Enterprise Server 9 (SLES 9) for IBM POWER, including 90 days of online updates. Request an evaluation kit with CDs be mailed to no at no-charge.
A cyrus-imapd update is available for SUSE Linux _____________________________________________________________________________ SUSE Security Announcement Package: cyrus-imapd Announcement-ID: SUSE-SA:2004:043 Date: Friday, Dec 3rd 2004 13:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SuSE-Linux-Standard-Server 8 SuSE Linux Openexchange Server 4 Vulnerability Type: remote command execution Severity (1-10): 5 SUSE default package: No Cross References: CAN-2004-1011 CAN-2004-1012 CAN-2004-1013 Content of this advisory: 1) security vulnerability resolved: - buffer overflow and out of bounds access in cyrus imapd problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - suidperl - putty 6) standard appendix (further information)
An updated kernel package has been released for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement-ID: SUSE-SA:2004:042 Date: Wednesday, Dec 1st 2004 15:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SUSE LINUX Desktop 1.0 Novell Linux Desktop 9 Vulnerability Type: local and remote denial of service Severity (1-10): 7 SUSE default package: yes Cross References: CAN-2004-0883 CAN-2004-0949 CAN-2004-1070 CAN-2004-1071 CAN-2004-1072 CAN-2004-1073 CAN-2004-1074 Content of this advisory: 1) security vulnerability resolved: - kernel remote and local denial of service problems problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - see SUSE Security Summary Report 6) standard appendix (further information)
A XFree86/xorg-x11 security update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: xshared, XFree86-libs, xorg-x11-libs Announcement-ID: SUSE-SA:2004:041 Date: Wednesday, Nov 17th 2004 15:00 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 1.0 Vulnerability Type: remote system compromise Severity (1-10): 8 SUSE default package: yes Cross References: none Content of this advisory: 1) security vulnerability resolved: - several integer overflows - out-of-bounds memory access - shell command execution - path traversal - endless loops - memory leaks problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - ImageMagick - clamav - perl-MIME-Tools, perl-Archive-ZIP - apache / mod_include - apache2 / mod_SSL 6) standard appendix (further information)
A SAMBA update is available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: samba Announcement-ID: SUSE-SA:2004:040 Date: Monday, Nov 15th 2004 18:00 MEST Affected products: 9.1, 9.2 SUSE Linux Enterprise Server 9 Novell Linux Desktop 9 Vulnerability Type: potential remote buffer overflow remote denial of service Severity (1-10): 7 SUSE default package: yes Cross References: CAN-2004-0930 CAN-2004-0882 Content of this advisory: 1) security vulnerabilities resolved: - remote buffer overflow and remote denial of service conditions in Samba 3 packages. problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - bogofilter - libxml2 - clamav - various PDF viewers - mozilla /tmp issues - sharutils - phpMyAdmin - gaim - sysconfig - perl-MIME-Tools, perl-Archive-ZIP - apache / mod_include - apache2 / mod_SSL 6) standard appendix (further information)
Updated xpdf, gpdf, kdegraphics3-pdf, pdftohtml, and cups packages are available for SUSE Linux ______________________________________________________________________________ SUSE Security Announcement Package: xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups Announcement-ID: SUSE-SA:2004:039 Date: Tuesday, Oct 26th 2004 10:30 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SUSE Linux Desktop 1.0 Vulnerability Type: remote system compromise Severity (1-10): 5 SUSE default package: yes Cross References: CAN-2004-0888 CAN-2004-0889 Content of this advisory: 1) security vulnerability resolved: - integer overflows - arithmetic errors problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - freeradius denial of service problems - mpg123 - squid 6) standard appendix (further information)
OSDir has posted a screenshot slideshow of SUSE LINUX 9.2 Live
