Linux Compatible
  • News
    • Channels
    • Archive
    • Search
    • Submit
  • Articles
    • Categories
  • Knowledgebase
  • Compatibility
    • Search
  • Links
  • Forums
  • Twitter
Advertisement

Latest News
[ Windows | Linux | Apple ]

· Nvidia GeForce GTX 1660 Ti Reviews and more
· NVIDIA 418.43 Linux Display Drivers released
· Windows 10 Insider Preview Build 18343 and Build 18841 released
· NVIDIA Geforce Game Ready Driver 419.17 WHQL
· Iscsi-initiator-utils Bug Fix Update for Oracle Linux 6
· Rssh Security Update for Debian 9
· Bind Security Update for Ubuntu Linux
· Build, Mosquitto, Nodejs6, GraphicsMagick Updates for openSUSE
· Adrenalin Software Edition 19.2.2 Driver Performance Analysis using the Red Devil RX 590 and more
· GNOME 3.32 Beta 2 released

Linux Compatibility
· Brother DCP-L2540DN
· Sound Blaster E5
· WD Elements 500GB external hard drive
· Canon D660U Flatbad scanner
· Umax Astra 4500 USB Scanner
· Logitech QuickCam Pro 4000
· Dell Latitude E6420
· Creative Sound Blaster Z
· Photosmart 5520
· TB-5300 Slimline Design Tablet

New Forum Topics
· Dale
by: Dale Blinco
on: 2018-02-05 00:26
1 replies, 4048 views

· modem driver needed
by: jongiffen777
on: 2017-12-13 11:11
1 replies, 5786 views

· Need a decent browser for XP Pro!
by: percy
on: 2017-12-05 11:02
2 replies, 7187 views

· Comodo Time Machine + Faronics Deep Freeze
by: Jabberwocky
on: 2017-11-15 23:17
1 replies, 5704 views

· Linux compatablity
by: ibme
on: 2017-10-04 18:05
1 replies, 7641 views

News Channels
· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android
· Oracle Linux
· Arch Linux

What's New
Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Linux Compatible » News » February 2019 » Avahi, Python-Paramiko, Pdns-Recursor, Firefox Updates for openSUSE

Avahi, Python-Paramiko, Pdns-Recursor, Firefox Updates for openSUSE

Posted by Philipp Esselbach on: 02/05/2019 08:38 AM [ Print | 0 comment(s) ]

The following updates has been released for openSUSE:

openSUSE-SU-2019:0128-1: moderate: Security update for avahi
openSUSE-SU-2019:0129-1: important: Security update for python-paramiko
openSUSE-SU-2019:0131-1: moderate: Security update for pdns-recursor
openSUSE-SU-2019:0132-1: important: Security update for MozillaFirefox
openSUSE-SU-2019:0133-1: important: Security update for MozillaFirefox




openSUSE-SU-2019:0128-1: moderate: Security update for avahi
openSUSE Security Update: Security update for avahi
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0128-1
Rating: moderate
References: #1120281
Cross-References: CVE-2018-1000845
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for avahi fixes the following issues:

Security issue fixed:

- CVE-2018-1000845: Fixed DNS amplification and reflection to spoofed
addresses (DOS) (bsc#1120281)

This update was imported from the SUSE:SLE-12-SP2:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-128=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

avahi-0.6.32-4.3.1
avahi-autoipd-0.6.32-4.3.1
avahi-autoipd-debuginfo-0.6.32-4.3.1
avahi-compat-howl-devel-0.6.32-4.3.1
avahi-compat-mDNSResponder-devel-0.6.32-4.3.1
avahi-debuginfo-0.6.32-4.3.1
avahi-debugsource-0.6.32-4.3.1
avahi-glib2-debugsource-0.6.32-4.3.1
avahi-qt4-debugsource-0.6.32-4.3.1
avahi-utils-0.6.32-4.3.1
avahi-utils-debuginfo-0.6.32-4.3.1
avahi-utils-gtk-0.6.32-4.3.1
avahi-utils-gtk-debuginfo-0.6.32-4.3.1
libavahi-client3-0.6.32-4.3.1
libavahi-client3-debuginfo-0.6.32-4.3.1
libavahi-common3-0.6.32-4.3.1
libavahi-common3-debuginfo-0.6.32-4.3.1
libavahi-core7-0.6.32-4.3.1
libavahi-core7-debuginfo-0.6.32-4.3.1
libavahi-devel-0.6.32-4.3.1
libavahi-glib-devel-0.6.32-4.3.1
libavahi-glib1-0.6.32-4.3.1
libavahi-glib1-debuginfo-0.6.32-4.3.1
libavahi-gobject-devel-0.6.32-4.3.1
libavahi-gobject0-0.6.32-4.3.1
libavahi-gobject0-debuginfo-0.6.32-4.3.1
libavahi-qt4-1-0.6.32-4.3.1
libavahi-qt4-1-debuginfo-0.6.32-4.3.1
libavahi-qt4-devel-0.6.32-4.3.1
libavahi-ui-gtk3-0-0.6.32-4.3.1
libavahi-ui-gtk3-0-debuginfo-0.6.32-4.3.1
libavahi-ui0-0.6.32-4.3.1
libavahi-ui0-debuginfo-0.6.32-4.3.1
libdns_sd-0.6.32-4.3.1
libdns_sd-debuginfo-0.6.32-4.3.1
libhowl0-0.6.32-4.3.1
libhowl0-debuginfo-0.6.32-4.3.1
python-avahi-0.6.32-4.3.1
python-avahi-gtk-0.6.32-4.3.1
typelib-1_0-Avahi-0_6-0.6.32-4.3.1

- openSUSE Leap 42.3 (noarch):

avahi-lang-0.6.32-4.3.1

- openSUSE Leap 42.3 (x86_64):

avahi-debuginfo-32bit-0.6.32-4.3.1
avahi-mono-0.6.32-4.3.1
libavahi-client3-32bit-0.6.32-4.3.1
libavahi-client3-debuginfo-32bit-0.6.32-4.3.1
libavahi-common3-32bit-0.6.32-4.3.1
libavahi-common3-debuginfo-32bit-0.6.32-4.3.1
libavahi-glib1-32bit-0.6.32-4.3.1
libavahi-glib1-debuginfo-32bit-0.6.32-4.3.1
libdns_sd-32bit-0.6.32-4.3.1
libdns_sd-debuginfo-32bit-0.6.32-4.3.1


References:

https://www.suse.com/security/cve/CVE-2018-1000845.html
https://bugzilla.suse.com/1120281

--



openSUSE-SU-2019:0129-1: important: Security update for python-paramiko
openSUSE Security Update: Security update for python-paramiko
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0129-1
Rating: important
References: #1111151 #1115769 #1121846
Cross-References: CVE-2018-1000805
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for python-paramiko to version 2.4.2 fixes the following
issues:

Security issue fixed:

- CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py
(bsc#1111151)

Non-security issue fixed:

- Disable experimental gssapi support (bsc#1115769)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-129=1



Package List:

- openSUSE Leap 15.0 (noarch):

python-paramiko-doc-2.4.2-lp150.2.3.1
python2-paramiko-2.4.2-lp150.2.3.1
python3-paramiko-2.4.2-lp150.2.3.1


References:

https://www.suse.com/security/cve/CVE-2018-1000805.html
https://bugzilla.suse.com/1111151
https://bugzilla.suse.com/1115769
https://bugzilla.suse.com/1121846

--



openSUSE-SU-2019:0131-1: moderate: Security update for pdns-recursor
openSUSE Security Update: Security update for pdns-recursor
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0131-1
Rating: moderate
References: #1121887 #1121889
Cross-References: CVE-2019-3806 CVE-2019-3807
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for pdns-recursor to version 4.1.10 fixes the following issues:

Security issues fixed:

- CVE-2019-3806: Fixed a case when Lua hooks are not called over TCP
(boo#1121887)
- CVE-2019-3807: Fixed an issue where DNSSEC validation was not performed
for AA=0 responses (boo#1121889)


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2019-131=1



Package List:

- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):

pdns-recursor-4.1.10-16.1


References:

https://www.suse.com/security/cve/CVE-2019-3806.html
https://www.suse.com/security/cve/CVE-2019-3807.html
https://bugzilla.suse.com/1121887
https://bugzilla.suse.com/1121889

--



openSUSE-SU-2019:0132-1: important: Security update for MozillaFirefox
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0132-1
Rating: important
References: #1122983
Cross-References: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505

Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for MozillaFirefox to version 60.5.0esr fixes the following
issues:

Security issues fixed:

- CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream
(boo#1122983).
- CVE-2018-18505: Fixed a privilege escalation through IPC channel
messages (boo#1122983).
- CVE-2018-18501: Fixed multiple memory safety bugs (boo#1122983).


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-132=1



Package List:

- openSUSE Leap 15.0 (x86_64):

MozillaFirefox-60.5.0-lp150.3.36.1
MozillaFirefox-branding-upstream-60.5.0-lp150.3.36.1
MozillaFirefox-buildsymbols-60.5.0-lp150.3.36.1
MozillaFirefox-debuginfo-60.5.0-lp150.3.36.1
MozillaFirefox-debugsource-60.5.0-lp150.3.36.1
MozillaFirefox-devel-60.5.0-lp150.3.36.1
MozillaFirefox-translations-common-60.5.0-lp150.3.36.1
MozillaFirefox-translations-other-60.5.0-lp150.3.36.1


References:

https://www.suse.com/security/cve/CVE-2018-18500.html
https://www.suse.com/security/cve/CVE-2018-18501.html
https://www.suse.com/security/cve/CVE-2018-18505.html
https://bugzilla.suse.com/1122983

--



openSUSE-SU-2019:0133-1: important: Security update for MozillaFirefox
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0133-1
Rating: important
References: #1121255 #1122983
Cross-References: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for MozillaFirefox, mozilla-nss fixes the following issues:

Security issues fixed:

- CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream
(boo#1122983).
- CVE-2018-18505: Fixed a privilege escalation through IPC channel
messages (boo#1122983).
- CVE-2018-18501: Fixed multiple memory safety bugs (boo#1122983).

Non-security issue fixed:

- Update mozilla-nss to version 3.36.7 as build dependency.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-133=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

libfreebl3-3.36.7-57.1
libfreebl3-debuginfo-3.36.7-57.1
libsoftokn3-3.36.7-57.1
libsoftokn3-debuginfo-3.36.7-57.1
mozilla-nss-3.36.7-57.1
mozilla-nss-certs-3.36.7-57.1
mozilla-nss-certs-debuginfo-3.36.7-57.1
mozilla-nss-debuginfo-3.36.7-57.1
mozilla-nss-debugsource-3.36.7-57.1
mozilla-nss-devel-3.36.7-57.1
mozilla-nss-sysinit-3.36.7-57.1
mozilla-nss-sysinit-debuginfo-3.36.7-57.1
mozilla-nss-tools-3.36.7-57.1
mozilla-nss-tools-debuginfo-3.36.7-57.1

- openSUSE Leap 42.3 (x86_64):

MozillaFirefox-60.5.0-128.1
MozillaFirefox-branding-upstream-60.5.0-128.1
MozillaFirefox-buildsymbols-60.5.0-128.1
MozillaFirefox-debuginfo-60.5.0-128.1
MozillaFirefox-debugsource-60.5.0-128.1
MozillaFirefox-devel-60.5.0-128.1
MozillaFirefox-translations-common-60.5.0-128.1
MozillaFirefox-translations-other-60.5.0-128.1
libfreebl3-32bit-3.36.7-57.1
libfreebl3-debuginfo-32bit-3.36.7-57.1
libsoftokn3-32bit-3.36.7-57.1
libsoftokn3-debuginfo-32bit-3.36.7-57.1
mozilla-nss-32bit-3.36.7-57.1
mozilla-nss-certs-32bit-3.36.7-57.1
mozilla-nss-certs-debuginfo-32bit-3.36.7-57.1
mozilla-nss-debuginfo-32bit-3.36.7-57.1
mozilla-nss-sysinit-32bit-3.36.7-57.1
mozilla-nss-sysinit-debuginfo-32bit-3.36.7-57.1


References:

https://www.suse.com/security/cve/CVE-2018-18500.html
https://www.suse.com/security/cve/CVE-2018-18501.html
https://www.suse.com/security/cve/CVE-2018-18505.html
https://bugzilla.suse.com/1121255
https://bugzilla.suse.com/1122983

--




« Linux Kernel Updates for Ubuntu · Pacemaker and Thunderbird Updates for Oracle Linux »

Linux Compatible » News » February 2019 » Avahi, Python-Paramiko, Pdns-Recursor, Firefox Updates for openSUSE
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2018 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition