SUSE 5180 Published by

15 updates has been released for SUSE



[security-announce] SUSE-SU-2012:0033-1: important: Security update for glibc
SUSE Security Update: Security update for glibc
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0033-1
Rating: important
References: #678195 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


The following bug has been fixed:

* Specially crafted time zone files could cause a heap
overflow in glibc.

Security Issue reference:

* CVE-2009-5029



Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Software Development Kit 11 SP1:

zypper in -t patch sdksp1-glibc-5555

- SUSE Linux Enterprise Server 11 SP1 for VMware:

zypper in -t patch slessp1-glibc-5555

- SUSE Linux Enterprise Server 11 SP1:

zypper in -t patch slessp1-glibc-5555

- SUSE Linux Enterprise Desktop 11 SP1:

zypper in -t patch sledsp1-glibc-5555

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

glibc-html-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 i686 x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
nscd-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 (i586 i686 ia64 ppc64 s390x x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
nscd-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 (ia64):

glibc-locale-x86-2.11.1-0.34.1
glibc-profile-x86-2.11.1-0.34.1
glibc-x86-2.11.1-0.34.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 i686 x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):

glibc-i18ndata-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
nscd-2.11.1-0.34.1

- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1


References:

http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/678195
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=465d0206a0a64cb1c71ef81d34e113c1
[security-announce] SUSE-SU-2012:0024-1: important: Security update for heimdal
SUSE Security Update: Security update for heimdal
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0024-1
Rating: important
References: #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE CORE 9
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:


This update of heimdal fixes one security issues:

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the heimdal RPM, not the regular telnetd
supplied by SUSE.)

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.


Package List:

- SUSE CORE 9 (i586 s390 s390x x86_64):

heimdal-0.6.1rc3-55.29
heimdal-devel-0.6.1rc3-55.29
heimdal-lib-0.6.1rc3-55.29
heimdal-tools-0.6.1rc3-55.29

- SUSE CORE 9 (x86_64):

heimdal-devel-32bit-9-201112301024
heimdal-lib-32bit-9-201112301024

- SUSE CORE 9 (s390x):

heimdal-devel-32bit-9-201112301034
heimdal-lib-32bit-9-201112301034


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=826c068adcfd8a672a0756aaec46a3bc
[security-announce] SUSE-SU-2012:0023-1: important: Security update for glibc
SUSE Security Update: Security update for glibc
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0023-1
Rating: important
References: #661460 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


The following bug has been fixed:

* Specially crafted time zone files could cause a heap
overflow in glibc.

Security Issue reference:

* CVE-2009-5029




Package List:

- SUSE Linux Enterprise Server 10 SP4 (i586 i686 ia64 ppc s390x x86_64):

glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
glibc-profile-2.4-31.97.1
nscd-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (ia64):

glibc-locale-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
glibc-x86-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (ppc):

glibc-64bit-2.4-31.97.1
glibc-devel-64bit-2.4-31.97.1
glibc-locale-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 i686 x86_64):

glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
nscd-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1

- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

glibc-dceext-2.4-31.97.1
glibc-html-2.4-31.97.1
glibc-profile-2.4-31.97.1

- SLE SDK 10 SP4 (s390x x86_64):

glibc-dceext-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1

- SLE SDK 10 SP4 (ia64):

glibc-dceext-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1

- SLE SDK 10 SP4 (ppc):

glibc-dceext-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1


References:

http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/661460
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=aba5a35b05cac6339a45d9264306d85b
[security-announce] SUSE-SU-2012:0018-1: important: Security update for Kerberos 5
SUSE Security Update: Security update for Kerberos 5
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0018-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


This update of krb5 fixes two security issues.

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Software Development Kit 11 SP1:

zypper in -t patch sdksp1-krb5-5594

- SUSE Linux Enterprise Server 11 SP1 for VMware:

zypper in -t patch slessp1-krb5-5594

- SUSE Linux Enterprise Server 11 SP1:

zypper in -t patch slessp1-krb5-5594

- SUSE Linux Enterprise Desktop 11 SP1:

zypper in -t patch sledsp1-krb5-5594

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):

krb5-devel-1.6.3-133.48.48.1

- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):

krb5-devel-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (ia64):

krb5-x86-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (ia64):

krb5-x86-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (ppc):

krb5-64bit-1.4.3-19.49.49.1
krb5-devel-64bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):

krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):

krb5-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1

- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

krb5-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=14b571ec5c63a7c3f2a6c6f9f38f606a
http://download.novell.com/patch/finder/?keywords=1827558e7c86f395bb141c5095dca72d
http://download.novell.com/patch/finder/?keywords=af1f89f792c1b454611bd0a8d2dd9462
[security-announce] openSUSE-SU-2012:0015-1: important: freetype2
openSUSE Security Update: freetype2
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0015-1
Rating: important
References: #730124
Cross-References: CVE-2011-3256 CVE-2011-3439
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update of freetype2 fixes multiple security flaws that
could allow attackers to cause a denial of service or to
execute arbitrary code via specially crafted fonts
(CVE-2011-3256, CVE-2011-3439).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch freetype2-5548

- openSUSE 11.3:

zypper in -t patch freetype2-5548

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

freetype2-devel-2.4.4-7.10.1
libfreetype6-2.4.4-7.10.1

- openSUSE 11.4 (x86_64):

freetype2-devel-32bit-2.4.4-7.10.1
libfreetype6-32bit-2.4.4-7.10.1

- openSUSE 11.3 (i586 x86_64):

freetype2-devel-2.3.12-7.8.1
libfreetype6-2.3.12-7.8.1

- openSUSE 11.3 (x86_64):

freetype2-devel-32bit-2.3.12-7.8.1
libfreetype6-32bit-2.3.12-7.8.1


References:

http://support.novell.com/security/cve/CVE-2011-3256.html
http://support.novell.com/security/cve/CVE-2011-3439.html
https://bugzilla.novell.com/730124
[security-announce] openSUSE-SU-2012:0019-1: important: krb5-appl: Fixed remote buffer overflow in ktelnetd
openSUSE Security Update: krb5-appl: Fixed remote buffer overflow in ktelnetd
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0019-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update of krb5 applications fixes two security issues.

CVE-2011-4862: A remote code execution in the kerberized
telnet daemon was fixed. (This only affects the ktelnetd
from the krb5-appl RPM, not the regular telnetd supplied by
SUSE.)

CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch krb5-appl-5593

- openSUSE 11.3:

zypper in -t patch krb5-appl-5593

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

krb5-appl-clients-1.0-7.12.1
krb5-appl-servers-1.0-7.12.1

- openSUSE 11.3 (i586 x86_64):

krb5-appl-clients-1.0-4.5.1
krb5-appl-servers-1.0-4.5.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
[security-announce] SUSE-SU-2012:0010-1: important: Security update for krb5
SUSE Security Update: Security update for krb5
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0010-1
Rating: important
References: #596826 #650650 #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:


This update of krb5 fixes several security issues.

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
* CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple
checksum handling vulnerabilities, where: o krb5 clients
might have accepted unkeyed SAM-2 challenge checksums o
krb5 might have accepted KRB-SAFE checksums with
low-entropy derived keys
* CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API
library null pointer dereference

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.


Package List:

- SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64):

krb5-1.4.3-19.43.37.1
krb5-apps-clients-1.4.3-19.43.37.1
krb5-apps-servers-1.4.3-19.43.37.1
krb5-client-1.4.3-19.43.37.1
krb5-devel-1.4.3-19.43.37.1
krb5-server-1.4.3-19.43.37.1

- SUSE Linux Enterprise Server 10 SP2 (s390x x86_64):

krb5-32bit-1.4.3-19.43.37.1
krb5-devel-32bit-1.4.3-19.43.37.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/596826
https://bugzilla.novell.com/650650
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=c6533e0368b2b223506fedc65580c4ce
[security-announce] openSUSE-SU-2012:0007-1: important: seamonkey
openSUSE Security Update: seamonkey
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0007-1
Rating: important
References: #737533
Cross-References: CVE-2011-3658 CVE-2011-3660 CVE-2011-3661
CVE-2011-3663 CVE-2011-3665
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available. It
includes one version update.

Description:

seamonkey version 2.6 fixes several security issues:

* MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety
hazards
* MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash
in the YARR regular expression library
* MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds
access
* MFSA 2011-56/CVE-2011-3663: Key detection without
JavaScript via SVG animation
* MFSA 2011-58/CVE-2011-3665: Crash scaling to
extreme sizes


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch seamonkey-5574

- openSUSE 11.3:

zypper in -t patch seamonkey-5574

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1


References:

http://support.novell.com/security/cve/CVE-2011-3658.html
http://support.novell.com/security/cve/CVE-2011-3660.html
http://support.novell.com/security/cve/CVE-2011-3661.html
http://support.novell.com/security/cve/CVE-2011-3663.html
http://support.novell.com/security/cve/CVE-2011-3665.html
https://bugzilla.novell.com/737533
[security-announce] SUSE-SU-403 Forbidden-1: important: Security update for openSSL
SUSE Security Update: Security update for openSSL
______________________________________________________________________________

Announcement ID: SUSE-SU-403 Forbidden-1
Rating: important
References: #670526 #678195 #735850
Cross-References: CVE-2009-5029 CVE-2011-0014
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________

An update that solves two vulnerabilities and has one
errata is now available.

Description:


This update improves the ClientHello handshake message
parsing function. Prior to this update is was possible
that this function reads beyond the end of a message
leading to invalid memory access and a crash. Under some
circumstances it was possible that information from the
OCSP extensions was disclosed. (CVE-2011-0014: CVSS v2
Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P))

Security Issue reference:

* CVE-2011-0014


Indications:

Please update.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Software Development Kit 11 SP1:

zypper in -t patch sdksp1-glibc-5555 sdksp1-libopenssl-devel-3938

- SUSE Linux Enterprise Server 11 SP1 for VMware:

zypper in -t patch slessp1-glibc-5555 slessp1-libopenssl-devel-3938

- SUSE Linux Enterprise Server 11 SP1:

zypper in -t patch slessp1-glibc-5555 slessp1-libopenssl-devel-3938

- SUSE Linux Enterprise Desktop 11 SP1:

zypper in -t patch sledsp1-glibc-5555 sledsp1-libopenssl-devel-3938

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):

libopenssl-devel-0.9.8h-30.32.1

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

glibc-html-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 i686 x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1
openssl-doc-0.9.8h-30.32.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1

- SUSE Linux Enterprise Server 11 SP1 (i586 i686 ia64 ppc64 s390x x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

glibc-html-2.11.1-0.34.1
glibc-i18ndata-2.11.1-0.34.1
glibc-info-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
glibc-profile-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1
openssl-doc-0.9.8h-30.32.1

- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
glibc-profile-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1

- SUSE Linux Enterprise Server 11 SP1 (ia64):

glibc-locale-x86-2.11.1-0.34.1
glibc-profile-x86-2.11.1-0.34.1
glibc-x86-2.11.1-0.34.1
libopenssl0_9_8-x86-0.9.8h-30.32.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 i686 x86_64):

glibc-2.11.1-0.34.1
glibc-devel-2.11.1-0.34.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):

glibc-i18ndata-2.11.1-0.34.1
glibc-locale-2.11.1-0.34.1
libopenssl0_9_8-0.9.8h-30.32.1
nscd-2.11.1-0.34.1
openssl-0.9.8h-30.32.1

- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):

glibc-32bit-2.11.1-0.34.1
glibc-devel-32bit-2.11.1-0.34.1
glibc-locale-32bit-2.11.1-0.34.1
libopenssl0_9_8-32bit-0.9.8h-30.32.1


References:

http://support.novell.com/security/cve/CVE-2009-5029.html
http://support.novell.com/security/cve/CVE-2011-0014.html
https://bugzilla.novell.com/670526
https://bugzilla.novell.com/678195
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=2adddddaf0d4d6c89870ab7b933c2204
http://download.novell.com/patch/finder/?keywords=465d0206a0a64cb1c71ef81d34e113c1

[security-announce] openSUSE-SU-2012:0051-1: important: krb5-appl: Fixed remote buffer overflow in ktelnetd
openSUSE Security Update: krb5-appl: Fixed remote buffer overflow in ktelnetd
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0051-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update of krb5 applications fixes two security issues.

CVE-2011-4862: A remote code execution in the kerberized
telnet daemon was fixed. (This only affects the ktelnetd
from the krb5-appl RPM, not the regular telnetd supplied by
SUSE.)

CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch krb5-appl-5593

- openSUSE 11.3:

zypper in -t patch krb5-appl-5593

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

krb5-appl-clients-1.0-7.12.1
krb5-appl-servers-1.0-7.12.1

- openSUSE 11.3 (i586 x86_64):

krb5-appl-clients-1.0-4.5.1
krb5-appl-servers-1.0-4.5.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632

[security-announce] SUSE-SU-2012:0055-1: important: Security update for glibc
SUSE Security Update: Security update for glibc
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0055-1
Rating: important
References: #661460 #735850
Cross-References: CVE-2009-5029
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


The following bug has been fixed:

* Specially crafted time zone files could cause a heap
overflow in glibc.

Security Issue reference:

* CVE-2009-5029




Package List:

- SUSE Linux Enterprise Server 10 SP4 (i586 i686 ia64 ppc s390x x86_64):

glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
glibc-profile-2.4-31.97.1
nscd-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (ia64):

glibc-locale-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1
glibc-x86-2.4-31.97.1

- SUSE Linux Enterprise Server 10 SP4 (ppc):

glibc-64bit-2.4-31.97.1
glibc-devel-64bit-2.4-31.97.1
glibc-locale-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 i686 x86_64):

glibc-2.4-31.97.1
glibc-devel-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

glibc-html-2.4-31.97.1
glibc-i18ndata-2.4-31.97.1
glibc-info-2.4-31.97.1
glibc-locale-2.4-31.97.1
nscd-2.4-31.97.1

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

glibc-32bit-2.4-31.97.1
glibc-devel-32bit-2.4-31.97.1
glibc-locale-32bit-2.4-31.97.1

- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

glibc-dceext-2.4-31.97.1
glibc-html-2.4-31.97.1
glibc-profile-2.4-31.97.1

- SLE SDK 10 SP4 (s390x x86_64):

glibc-dceext-32bit-2.4-31.97.1
glibc-profile-32bit-2.4-31.97.1

- SLE SDK 10 SP4 (ia64):

glibc-dceext-x86-2.4-31.97.1
glibc-profile-x86-2.4-31.97.1

- SLE SDK 10 SP4 (ppc):

glibc-dceext-64bit-2.4-31.97.1
glibc-profile-64bit-2.4-31.97.1


References:

http://support.novell.com/security/cve/CVE-2009-5029.html
https://bugzilla.novell.com/661460
https://bugzilla.novell.com/735850
http://download.novell.com/patch/finder/?keywords=aba5a35b05cac6339a45d9264306d85b

[security-announce] SUSE-SU-2012:0056-1: important: Security update for heimdal
SUSE Security Update: Security update for heimdal
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0056-1
Rating: important
References: #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE CORE 9
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:


This update of heimdal fixes one security issues:

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the heimdal RPM, not the regular telnetd
supplied by SUSE.)

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.


Package List:

- SUSE CORE 9 (i586 s390 s390x x86_64):

heimdal-0.6.1rc3-55.29
heimdal-devel-0.6.1rc3-55.29
heimdal-lib-0.6.1rc3-55.29
heimdal-tools-0.6.1rc3-55.29

- SUSE CORE 9 (x86_64):

heimdal-devel-32bit-9-201112301024
heimdal-lib-32bit-9-201112301024

- SUSE CORE 9 (s390x):

heimdal-devel-32bit-9-201112301034
heimdal-lib-32bit-9-201112301034


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=826c068adcfd8a672a0756aaec46a3bc

[security-announce] openSUSE-SU-2012:0039-1: important: seamonkey
openSUSE Security Update: seamonkey
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0039-1
Rating: important
References: #737533
Cross-References: CVE-2011-3658 CVE-2011-3660 CVE-2011-3661
CVE-2011-3663 CVE-2011-3665
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available. It
includes one version update.

Description:

seamonkey version 2.6 fixes several security issues:

* MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety
hazards
* MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash
in the YARR regular expression library
* MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds
access
* MFSA 2011-56/CVE-2011-3663: Key detection without
JavaScript via SVG animation
* MFSA 2011-58/CVE-2011-3665: Crash scaling to
extreme sizes


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch seamonkey-5574

- openSUSE 11.3:

zypper in -t patch seamonkey-5574

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1
seamonkey-dom-inspector-2.6-0.2.1
seamonkey-irc-2.6-0.2.1
seamonkey-translations-common-2.6-0.2.1
seamonkey-translations-other-2.6-0.2.1
seamonkey-venkman-2.6-0.2.1


References:

http://support.novell.com/security/cve/CVE-2011-3658.html
http://support.novell.com/security/cve/CVE-2011-3660.html
http://support.novell.com/security/cve/CVE-2011-3661.html
http://support.novell.com/security/cve/CVE-2011-3663.html
http://support.novell.com/security/cve/CVE-2011-3665.html
https://bugzilla.novell.com/737533

[security-announce] SUSE-SU-2012:0050-1: important: Security update for Kerberos 5
SUSE Security Update: Security update for Kerberos 5
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0050-1
Rating: important
References: #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


This update of krb5 fixes two security issues.

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Software Development Kit 11 SP1:

zypper in -t patch sdksp1-krb5-5594

- SUSE Linux Enterprise Server 11 SP1 for VMware:

zypper in -t patch slessp1-krb5-5594

- SUSE Linux Enterprise Server 11 SP1:

zypper in -t patch slessp1-krb5-5594

- SUSE Linux Enterprise Desktop 11 SP1:

zypper in -t patch sledsp1-krb5-5594

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):

krb5-devel-1.6.3-133.48.48.1

- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):

krb5-devel-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

krb5-1.6.3-133.48.48.1
krb5-apps-clients-1.6.3-133.48.48.1
krb5-apps-servers-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1
krb5-server-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 11 SP1 (ia64):

krb5-x86-1.6.3-133.48.48.1

- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (ia64):

krb5-x86-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP4 (ppc):

krb5-64bit-1.4.3-19.49.49.1
krb5-devel-64bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):

krb5-1.4.3-19.49.49.1
krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1

- SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):

krb5-1.6.3-133.48.48.1
krb5-client-1.6.3-133.48.48.1

- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):

krb5-32bit-1.6.3-133.48.48.1

- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

krb5-1.4.3-19.49.49.1
krb5-client-1.4.3-19.49.49.1
krb5-devel-1.4.3-19.49.49.1

- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

krb5-32bit-1.4.3-19.49.49.1
krb5-devel-32bit-1.4.3-19.49.49.1

- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

krb5-apps-clients-1.4.3-19.49.49.1
krb5-apps-servers-1.4.3-19.49.49.1
krb5-server-1.4.3-19.49.49.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=14b571ec5c63a7c3f2a6c6f9f38f606a
http://download.novell.com/patch/finder/?keywords=1827558e7c86f395bb141c5095dca72d
http://download.novell.com/patch/finder/?keywords=af1f89f792c1b454611bd0a8d2dd9462

[security-announce] SUSE-SU-2012:0042-1: important: Security update for krb5
SUSE Security Update: Security update for krb5
______________________________________________________________________________

Announcement ID: SUSE-SU-2012:0042-1
Rating: important
References: #596826 #650650 #698471 #738632
Cross-References: CVE-2011-4862
Affected Products:
SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:


This update of krb5 fixes several security issues.

* CVE-2011-4862: A remote code execution in the
kerberized telnet daemon was fixed. (This only affects the
ktelnetd from the krb5-appl RPM, not the regular telnetd
supplied by SUSE.)
* CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
* CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple
checksum handling vulnerabilities, where: o krb5 clients
might have accepted unkeyed SAM-2 challenge checksums o
krb5 might have accepted KRB-SAFE checksums with
low-entropy derived keys
* CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API
library null pointer dereference

Security Issue reference:

* CVE-2011-4862


Indications:

Please install this update.


Package List:

- SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64):

krb5-1.4.3-19.43.37.1
krb5-apps-clients-1.4.3-19.43.37.1
krb5-apps-servers-1.4.3-19.43.37.1
krb5-client-1.4.3-19.43.37.1
krb5-devel-1.4.3-19.43.37.1
krb5-server-1.4.3-19.43.37.1

- SUSE Linux Enterprise Server 10 SP2 (s390x x86_64):

krb5-32bit-1.4.3-19.43.37.1
krb5-devel-32bit-1.4.3-19.43.37.1


References:

http://support.novell.com/security/cve/CVE-2011-4862.html
https://bugzilla.novell.com/596826
https://bugzilla.novell.com/650650
https://bugzilla.novell.com/698471
https://bugzilla.novell.com/738632
http://download.novell.com/patch/finder/?keywords=c6533e0368b2b223506fedc65580c4ce