SUSE 5181 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2019:0138-1: important: Security update for mysql-community-server
openSUSE-SU-2019:0139-1: important: Security update for krb5



openSUSE-SU-2019:0138-1: important: Security update for mysql-community-server

openSUSE Security Update: Security update for mysql-community-server
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0138-1
Rating: important
References: #1113652 #1122198
Cross-References: CVE-2018-0734 CVE-2019-2455 CVE-2019-2481
CVE-2019-2482 CVE-2019-2503 CVE-2019-2507
CVE-2019-2529 CVE-2019-2531 CVE-2019-2534
CVE-2019-2537
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 10 vulnerabilities is now available.

Description:

This update for mysql-community-server to version 5.6.43 fixes the
following issues:

Security issues fixed:

- CVE-2019-2534, CVE-2019-2529, CVE-2019-2482, CVE-2019-2455,
CVE-2019-2503, CVE-2019-2537, CVE-2019-2481, CVE-2019-2507,
CVE-2019-2531, CVE-2018-0734 (boo#1113652, boo#1122198)


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-138=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

libmysql56client18-5.6.43-45.1
libmysql56client18-debuginfo-5.6.43-45.1
libmysql56client_r18-5.6.43-45.1
mysql-community-server-5.6.43-45.1
mysql-community-server-bench-5.6.43-45.1
mysql-community-server-bench-debuginfo-5.6.43-45.1
mysql-community-server-client-5.6.43-45.1
mysql-community-server-client-debuginfo-5.6.43-45.1
mysql-community-server-debuginfo-5.6.43-45.1
mysql-community-server-debugsource-5.6.43-45.1
mysql-community-server-test-5.6.43-45.1
mysql-community-server-test-debuginfo-5.6.43-45.1
mysql-community-server-tools-5.6.43-45.1
mysql-community-server-tools-debuginfo-5.6.43-45.1

- openSUSE Leap 42.3 (x86_64):

libmysql56client18-32bit-5.6.43-45.1
libmysql56client18-debuginfo-32bit-5.6.43-45.1
libmysql56client_r18-32bit-5.6.43-45.1

- openSUSE Leap 42.3 (noarch):

mysql-community-server-errormessages-5.6.43-45.1


References:

https://www.suse.com/security/cve/CVE-2018-0734.html
https://www.suse.com/security/cve/CVE-2019-2455.html
https://www.suse.com/security/cve/CVE-2019-2481.html
https://www.suse.com/security/cve/CVE-2019-2482.html
https://www.suse.com/security/cve/CVE-2019-2503.html
https://www.suse.com/security/cve/CVE-2019-2507.html
https://www.suse.com/security/cve/CVE-2019-2529.html
https://www.suse.com/security/cve/CVE-2019-2531.html
https://www.suse.com/security/cve/CVE-2019-2534.html
https://www.suse.com/security/cve/CVE-2019-2537.html
https://bugzilla.suse.com/1113652
https://bugzilla.suse.com/1122198

--


openSUSE-SU-2019:0139-1: important: Security update for krb5

openSUSE Security Update: Security update for krb5
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0139-1
Rating: important
References: #1083926 #1083927
Cross-References: CVE-2018-5729 CVE-2018-5730
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for krb5 fixes the following issues:

Security issues fixed:

- CVE-2018-5729, CVE-2018-5730: Fixed multiple flaws in LDAP DN checking
(bsc#1083926, bsc#1083927)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-139=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

krb5-1.15.2-lp150.5.6.1
krb5-client-1.15.2-lp150.5.6.1
krb5-client-debuginfo-1.15.2-lp150.5.6.1
krb5-debuginfo-1.15.2-lp150.5.6.1
krb5-debugsource-1.15.2-lp150.5.6.1
krb5-devel-1.15.2-lp150.5.6.1
krb5-mini-1.15.2-lp150.5.6.1
krb5-mini-debuginfo-1.15.2-lp150.5.6.1
krb5-mini-debugsource-1.15.2-lp150.5.6.1
krb5-mini-devel-1.15.2-lp150.5.6.1
krb5-plugin-kdb-ldap-1.15.2-lp150.5.6.1
krb5-plugin-kdb-ldap-debuginfo-1.15.2-lp150.5.6.1
krb5-plugin-preauth-otp-1.15.2-lp150.5.6.1
krb5-plugin-preauth-otp-debuginfo-1.15.2-lp150.5.6.1
krb5-plugin-preauth-pkinit-1.15.2-lp150.5.6.1
krb5-plugin-preauth-pkinit-debuginfo-1.15.2-lp150.5.6.1
krb5-server-1.15.2-lp150.5.6.1
krb5-server-debuginfo-1.15.2-lp150.5.6.1

- openSUSE Leap 15.0 (x86_64):

krb5-32bit-1.15.2-lp150.5.6.1
krb5-32bit-debuginfo-1.15.2-lp150.5.6.1
krb5-devel-32bit-1.15.2-lp150.5.6.1


References:

https://www.suse.com/security/cve/CVE-2018-5729.html
https://www.suse.com/security/cve/CVE-2018-5730.html
https://bugzilla.suse.com/1083926
https://bugzilla.suse.com/1083927

--