SUSE 5149 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2019:1491-1: moderate: Recommended update for GraphicsMagick
openSUSE-SU-2019:1492-1: important: Security update for curl
openSUSE-SU-2019:1494-1: moderate: Security update for NetworkManager
openSUSE-SU-2019:1495-1: important: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
openSUSE-SU-2019:1497-1: moderate: Security update for axis
openSUSE-SU-2019:1498-1: moderate: Security update for libtasn1



openSUSE-SU-2019:1491-1: moderate: Recommended update for GraphicsMagick

openSUSE Security Update: Recommended update for GraphicsMagick
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1491-1
Rating: moderate
References: #1136183
Affected Products:
openSUSE Leap 42.3
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for GraphicsMagick fixes the following issues:

Changes in GraphicsMagick:

- disable also PCL decoding by default, as it is also passed through
ghostscript (boo#1136183)


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-1491=1

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-1491=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1491=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

GraphicsMagick-1.3.25-141.1
GraphicsMagick-debuginfo-1.3.25-141.1
GraphicsMagick-debugsource-1.3.25-141.1
GraphicsMagick-devel-1.3.25-141.1
libGraphicsMagick++-Q16-12-1.3.25-141.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.25-141.1
libGraphicsMagick++-devel-1.3.25-141.1
libGraphicsMagick-Q16-3-1.3.25-141.1
libGraphicsMagick-Q16-3-debuginfo-1.3.25-141.1
libGraphicsMagick3-config-1.3.25-141.1
libGraphicsMagickWand-Q16-2-1.3.25-141.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-141.1
perl-GraphicsMagick-1.3.25-141.1
perl-GraphicsMagick-debuginfo-1.3.25-141.1

- openSUSE Leap 15.1 (x86_64):

GraphicsMagick-1.3.29-lp151.4.3.1
GraphicsMagick-debuginfo-1.3.29-lp151.4.3.1
GraphicsMagick-debugsource-1.3.29-lp151.4.3.1
GraphicsMagick-devel-1.3.29-lp151.4.3.1
libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.29-lp151.4.3.1
libGraphicsMagick++-devel-1.3.29-lp151.4.3.1
libGraphicsMagick-Q16-3-1.3.29-lp151.4.3.1
libGraphicsMagick-Q16-3-debuginfo-1.3.29-lp151.4.3.1
libGraphicsMagick3-config-1.3.29-lp151.4.3.1
libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.29-lp151.4.3.1
perl-GraphicsMagick-1.3.29-lp151.4.3.1
perl-GraphicsMagick-debuginfo-1.3.29-lp151.4.3.1

- openSUSE Leap 15.0 (x86_64):

GraphicsMagick-1.3.29-lp150.3.31.1
GraphicsMagick-debuginfo-1.3.29-lp150.3.31.1
GraphicsMagick-debugsource-1.3.29-lp150.3.31.1
GraphicsMagick-devel-1.3.29-lp150.3.31.1
libGraphicsMagick++-Q16-12-1.3.29-lp150.3.31.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.29-lp150.3.31.1
libGraphicsMagick++-devel-1.3.29-lp150.3.31.1
libGraphicsMagick-Q16-3-1.3.29-lp150.3.31.1
libGraphicsMagick-Q16-3-debuginfo-1.3.29-lp150.3.31.1
libGraphicsMagick3-config-1.3.29-lp150.3.31.1
libGraphicsMagickWand-Q16-2-1.3.29-lp150.3.31.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.29-lp150.3.31.1
perl-GraphicsMagick-1.3.29-lp150.3.31.1
perl-GraphicsMagick-debuginfo-1.3.29-lp150.3.31.1


References:

https://bugzilla.suse.com/1136183

--


openSUSE-SU-2019:1492-1: important: Security update for curl

openSUSE Security Update: Security update for curl
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1492-1
Rating: important
References: #1135170
Cross-References: CVE-2019-5436
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for curl fixes the following issues:

Security issue fixed:

- CVE-2019-5436: Fixed a heap buffer overflow exists in
tftp_receive_packet that receives data from a TFTP server (bsc#1135170).

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-1492=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

curl-7.37.0-51.1
curl-debuginfo-7.37.0-51.1
curl-debugsource-7.37.0-51.1
libcurl-devel-7.37.0-51.1
libcurl4-7.37.0-51.1
libcurl4-debuginfo-7.37.0-51.1

- openSUSE Leap 42.3 (x86_64):

libcurl-devel-32bit-7.37.0-51.1
libcurl4-32bit-7.37.0-51.1
libcurl4-debuginfo-32bit-7.37.0-51.1


References:

https://www.suse.com/security/cve/CVE-2019-5436.html
https://bugzilla.suse.com/1135170

--


openSUSE-SU-2019:1494-1: moderate: Security update for NetworkManager

openSUSE Security Update: Security update for NetworkManager
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1494-1
Rating: moderate
References: #1086263
Cross-References: CVE-2018-1000135
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for NetworkManager fixes the following issues:

Following security issue was fixed:

- CVE-2018-1000135: A potential leak of private DNS queries to other DNS
servers could happen while on VPN (bsc#1086263, bgo#746422).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1494=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

NetworkManager-1.10.6-lp150.4.6.1
NetworkManager-debuginfo-1.10.6-lp150.4.6.1
NetworkManager-debugsource-1.10.6-lp150.4.6.1
NetworkManager-devel-1.10.6-lp150.4.6.1
libnm-glib-vpn1-1.10.6-lp150.4.6.1
libnm-glib-vpn1-debuginfo-1.10.6-lp150.4.6.1
libnm-glib4-1.10.6-lp150.4.6.1
libnm-glib4-debuginfo-1.10.6-lp150.4.6.1
libnm-util2-1.10.6-lp150.4.6.1
libnm-util2-debuginfo-1.10.6-lp150.4.6.1
libnm0-1.10.6-lp150.4.6.1
libnm0-debuginfo-1.10.6-lp150.4.6.1
typelib-1_0-NM-1_0-1.10.6-lp150.4.6.1
typelib-1_0-NMClient-1_0-1.10.6-lp150.4.6.1
typelib-1_0-NetworkManager-1_0-1.10.6-lp150.4.6.1

- openSUSE Leap 15.0 (x86_64):

NetworkManager-devel-32bit-1.10.6-lp150.4.6.1
libnm-glib-vpn1-32bit-1.10.6-lp150.4.6.1
libnm-glib-vpn1-32bit-debuginfo-1.10.6-lp150.4.6.1
libnm-glib4-32bit-1.10.6-lp150.4.6.1
libnm-glib4-32bit-debuginfo-1.10.6-lp150.4.6.1
libnm-util2-32bit-1.10.6-lp150.4.6.1
libnm-util2-32bit-debuginfo-1.10.6-lp150.4.6.1

- openSUSE Leap 15.0 (noarch):

NetworkManager-branding-upstream-1.10.6-lp150.4.6.1
NetworkManager-lang-1.10.6-lp150.4.6.1


References:

https://www.suse.com/security/cve/CVE-2018-1000135.html
https://bugzilla.suse.com/1086263

--


openSUSE-SU-2019:1495-1: important: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root

openSUSE Security Update: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1495-1
Rating: important
References: #1134524
Cross-References: CVE-2019-5021
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root
fixes the following issues:

- CVE-2019-5021: Include an invalidated root password by default, not an
empty one (bsc#1134524)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-1495=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1495=1



Package List:

- openSUSE Leap 15.1 (noarch):

system-user-root-20190513-lp151.3.3.1

- openSUSE Leap 15.0 (noarch):

system-user-root-20190513-lp150.2.3.1


References:

https://www.suse.com/security/cve/CVE-2019-5021.html
https://bugzilla.suse.com/1134524

--


openSUSE-SU-2019:1497-1: moderate: Security update for axis

openSUSE Security Update: Security update for axis
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1497-1
Rating: moderate
References: #1134598
Cross-References: CVE-2012-5784 CVE-2014-3596
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for axis fixes the following issues:

Security issue fixed:

- CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check
against X.509 certificate name (bsc#1134598).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1497=1



Package List:

- openSUSE Leap 15.0 (noarch):

axis-1.4-lp150.9.1
axis-manual-1.4-lp150.9.1


References:

https://www.suse.com/security/cve/CVE-2012-5784.html
https://www.suse.com/security/cve/CVE-2014-3596.html
https://bugzilla.suse.com/1134598

--


openSUSE-SU-2019:1498-1: moderate: Security update for libtasn1

openSUSE Security Update: Security update for libtasn1
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1498-1
Rating: moderate
References: #1105435
Cross-References: CVE-2018-1000654
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for libtasn1 fixes the following issues:

Security issue fixed:

- CVE-2018-1000654: Fixed a denial of service in the asn1 parser
(bsc#1105435).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-1498=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1498=1



Package List:

- openSUSE Leap 15.1 (i586 x86_64):

libtasn1-4.13-lp151.4.3.1
libtasn1-6-4.13-lp151.4.3.1
libtasn1-6-debuginfo-4.13-lp151.4.3.1
libtasn1-debuginfo-4.13-lp151.4.3.1
libtasn1-debugsource-4.13-lp151.4.3.1
libtasn1-devel-4.13-lp151.4.3.1

- openSUSE Leap 15.1 (x86_64):

libtasn1-6-32bit-4.13-lp151.4.3.1
libtasn1-6-32bit-debuginfo-4.13-lp151.4.3.1
libtasn1-devel-32bit-4.13-lp151.4.3.1

- openSUSE Leap 15.0 (i586 x86_64):

libtasn1-4.13-lp150.3.3.1
libtasn1-6-4.13-lp150.3.3.1
libtasn1-6-debuginfo-4.13-lp150.3.3.1
libtasn1-debuginfo-4.13-lp150.3.3.1
libtasn1-debugsource-4.13-lp150.3.3.1
libtasn1-devel-4.13-lp150.3.3.1

- openSUSE Leap 15.0 (x86_64):

libtasn1-6-32bit-4.13-lp150.3.3.1
libtasn1-6-32bit-debuginfo-4.13-lp150.3.3.1
libtasn1-devel-32bit-4.13-lp150.3.3.1


References:

https://www.suse.com/security/cve/CVE-2018-1000654.html
https://bugzilla.suse.com/1105435

--