2013-56 moderate openSUSE Evergreen 11.4 The ISC dhcp server was updated to fix a denial of service attack via regular expressions: - Removed regex.h check from configure in bind sources (bnc#811934,CVE-2013-2266). Make the bind export library build output visible. Also fixed: - Added dhcp6-server service template for SuSEfirewall2 (bnc#783002) - Applied a patch to ignore SIGPIPE instead to die in socket code before the errno==EPIPE checks are reached (bnc#794578, upstream report [ISC-Bugs #32222]) - Applied several obvious memleak and segfault fixes from 4.2.5rc1 and a correction of code to calculate timing values in dhcpv6 client to compare rebind value to infinity instead of renew(bnc#794578). - Fixed discovery of interfaces, which have only addresses with a label assigned (linux 2.0 "alias interfaces" compatibility) by switching to use the getifaddrs() as on BSD (bnc#791289, reported upstream as [ISC-Bugs #31992]). - Fixed parse buffer handling code to not avoid truncation of config > ~8k from bigger ldap objects. Fixed to free the ldap config buffer passed to the config parser and append new config, while the parser is in saved state (bnc#788787). - Fixed subclass name-ref and data quoting/escaping (bnc#788787). - Fixed memory leaks on ldap_read_config errors (bnc#788787). - Fixed dhclient-script to discard MTU lower-equal 576 rather than lower-than (bnc#791280). - dhcp-ldap: fixed a memleak while subnet range processing, fixed to reset bufix variable in ldap_read_function to 0 and to set buflen to the complete length (do not discard last character, usually \n). This caused a parsing error at further run of the function, e.g. while processing the second dhcpService container that the dhcpServer objectmay refer to (bnc#784640). dhcp-4.2.4.P2-0.34.1.i586.rpm dhcp-4.2.4.P2-0.34.1.src.rpm dhcp-client-4.2.4.P2-0.34.1.i586.rpm dhcp-client-debuginfo-4.2.4.P2-0.34.1.i586.rpm dhcp-debuginfo-4.2.4.P2-0.34.1.i586.rpm dhcp-debugsource-4.2.4.P2-0.34.1.i586.rpm dhcp-devel-4.2.4.P2-0.34.1.i586.rpm dhcp-doc-4.2.4.P2-0.34.1.i586.rpm dhcp-relay-4.2.4.P2-0.34.1.i586.rpm dhcp-relay-debuginfo-4.2.4.P2-0.34.1.i586.rpm dhcp-server-4.2.4.P2-0.34.1.i586.rpm dhcp-server-debuginfo-4.2.4.P2-0.34.1.i586.rpm dhcp-4.2.4.P2-0.34.1.x86_64.rpm dhcp-client-4.2.4.P2-0.34.1.x86_64.rpm dhcp-client-debuginfo-4.2.4.P2-0.34.1.x86_64.rpm dhcp-debuginfo-4.2.4.P2-0.34.1.x86_64.rpm dhcp-debugsource-4.2.4.P2-0.34.1.x86_64.rpm dhcp-devel-4.2.4.P2-0.34.1.x86_64.rpm dhcp-doc-4.2.4.P2-0.34.1.x86_64.rpm dhcp-relay-4.2.4.P2-0.34.1.x86_64.rpm dhcp-relay-debuginfo-4.2.4.P2-0.34.1.x86_64.rpm dhcp-server-4.2.4.P2-0.34.1.x86_64.rpm dhcp-server-debuginfo-4.2.4.P2-0.34.1.x86_64.rpm 2013-58 important openSUSE Evergreen 11.4 The Mozilla suite received security and bugfix updates: Firefox was updated to version 20.0. Thunderbird was updated to version 17.0.5. Seamonkey was updated to version 2.17 mozilla-nss was updated to version 3.14.3. mozilla-nspr was updated to version 4.9.6. mozilla-nspr was updated to version 4.9.6: * aarch64 support * added PL_SizeOfArenaPoolExcludingPool function (bmo#807883) * Auto detect android api version for x86 (bmo#782214) * Initialize Windows CRITICAL_SECTIONs without debug info and with nonzero spin count (bmo#812085) Previous update to version 4.9.5 * bmo#634793: define NSPR's exact-width integer types PRInt{N} and PRUint{N} types to match the <stdint.h> exact-width integer types int{N}_t and uint{N}_t. * bmo#782815: passing 'int *' to parameter of type 'unsigned int *' in setsockopt(). * bmo#822932: Port bmo#802527 (NDK r8b support for x86) to NSPR. * bmo#824742: NSPR shouldn't require librt on Android. * bmo#831793: data race on lib->refCount in PR_UnloadLibrary. mozilla-nss was updated to version 3.14.3: * disable tests with expired certificates * add SEC_PKCS7VerifyDetachedSignatureAtTime using patch from mozilla tree to fulfill Firefox 21 requirements * No new major functionality is introduced in this release. This release is a patch release to address CVE-2013-1620 (bmo#822365) * "certutil -a" was not correctly producing ASCII output as requested. (bmo#840714) * NSS 3.14.2 broke compilation with older versions of sqlite that lacked the SQLITE_FCNTL_TEMPFILENAME file control. NSS 3.14.3 now properly compiles when used with older versions of sqlite (bmo#837799) - remove system-sqlite.patch * add aarch64 support * added system-sqlite.patch (bmo#837799) * do not depend on latest sqlite just for a #define * enable system sqlite usage again * update to 3.14.2 * required for Firefox >= 20 * removed obsolete nssckbi update patch * MFSA 2013-40/CVE-2013-0791 (bmo#629816) Out-of-bounds array read in CERT_DecodeCertPackage * disable system sqlite usage since we depend on 3.7.15 which is not provided in any openSUSE distribution * add nss-sqlitename.patch to avoid any name clash Changes in MozillaFirefox: - update to Firefox 20.0 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) - build fixes for armv7hl: * disable debug build as armv7hl does not have enough memory * disable webrtc on armv7hl as it is non-compiling Changes in MozillaThunderbird: - update to Thunderbird 17.0.5 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations Changes in seamonkey: - update to SeaMonkey 2.17 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) MozillaFirefox-20.0-69.1.i586.rpm MozillaFirefox-20.0-69.1.src.rpm MozillaFirefox-branding-upstream-20.0-69.1.i586.rpm MozillaFirefox-buildsymbols-20.0-69.1.i586.rpm MozillaFirefox-debuginfo-20.0-69.1.i586.rpm MozillaFirefox-debugsource-20.0-69.1.i586.rpm MozillaFirefox-devel-20.0-69.1.i586.rpm MozillaFirefox-translations-common-20.0-69.1.i586.rpm MozillaFirefox-translations-other-20.0-69.1.i586.rpm MozillaThunderbird-17.0.5-57.1.i586.rpm MozillaThunderbird-17.0.5-57.1.src.rpm MozillaThunderbird-buildsymbols-17.0.5-57.1.i586.rpm MozillaThunderbird-debuginfo-17.0.5-57.1.i586.rpm MozillaThunderbird-debugsource-17.0.5-57.1.i586.rpm MozillaThunderbird-devel-17.0.5-57.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.5-57.1.i586.rpm MozillaThunderbird-translations-common-17.0.5-57.1.i586.rpm MozillaThunderbird-translations-other-17.0.5-57.1.i586.rpm enigmail-1.5.1+17.0.5-57.1.i586.rpm enigmail-debuginfo-1.5.1+17.0.5-57.1.i586.rpm mozilla-nspr-32bit-4.9.6-24.1.x86_64.rpm mozilla-nspr-4.9.6-24.1.i586.rpm mozilla-nspr-4.9.6-24.1.src.rpm mozilla-nspr-debuginfo-32bit-4.9.6-24.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.6-24.1.i586.rpm mozilla-nspr-debuginfo-x86-4.9.6-24.1.ia64.rpm mozilla-nspr-debugsource-4.9.6-24.1.i586.rpm mozilla-nspr-devel-4.9.6-24.1.i586.rpm mozilla-nspr-x86-4.9.6-24.1.ia64.rpm libfreebl3-3.14.3-58.1.i586.rpm libfreebl3-32bit-3.14.3-58.1.x86_64.rpm libfreebl3-debuginfo-3.14.3-58.1.i586.rpm libfreebl3-debuginfo-32bit-3.14.3-58.1.x86_64.rpm libfreebl3-debuginfo-x86-3.14.3-58.1.ia64.rpm libfreebl3-x86-3.14.3-58.1.ia64.rpm libsoftokn3-3.14.3-58.1.i586.rpm libsoftokn3-32bit-3.14.3-58.1.x86_64.rpm libsoftokn3-debuginfo-3.14.3-58.1.i586.rpm libsoftokn3-debuginfo-32bit-3.14.3-58.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.14.3-58.1.ia64.rpm libsoftokn3-x86-3.14.3-58.1.ia64.rpm mozilla-nss-3.14.3-58.1.i586.rpm mozilla-nss-3.14.3-58.1.src.rpm mozilla-nss-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-certs-3.14.3-58.1.i586.rpm mozilla-nss-certs-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.14.3-58.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.14.3-58.1.ia64.rpm mozilla-nss-certs-x86-3.14.3-58.1.ia64.rpm mozilla-nss-debuginfo-3.14.3-58.1.i586.rpm mozilla-nss-debuginfo-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.14.3-58.1.ia64.rpm mozilla-nss-debugsource-3.14.3-58.1.i586.rpm mozilla-nss-devel-3.14.3-58.1.i586.rpm mozilla-nss-sysinit-3.14.3-58.1.i586.rpm mozilla-nss-sysinit-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.14.3-58.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.14.3-58.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.14.3-58.1.ia64.rpm mozilla-nss-sysinit-x86-3.14.3-58.1.ia64.rpm mozilla-nss-tools-3.14.3-58.1.i586.rpm mozilla-nss-tools-debuginfo-3.14.3-58.1.i586.rpm mozilla-nss-x86-3.14.3-58.1.ia64.rpm seamonkey-2.17-61.1.i586.rpm seamonkey-2.17-61.1.src.rpm seamonkey-debuginfo-2.17-61.1.i586.rpm seamonkey-debugsource-2.17-61.1.i586.rpm seamonkey-dom-inspector-2.17-61.1.i586.rpm seamonkey-irc-2.17-61.1.i586.rpm seamonkey-translations-common-2.17-61.1.i586.rpm seamonkey-translations-other-2.17-61.1.i586.rpm seamonkey-venkman-2.17-61.1.i586.rpm MozillaFirefox-20.0-69.1.x86_64.rpm MozillaFirefox-branding-upstream-20.0-69.1.x86_64.rpm MozillaFirefox-buildsymbols-20.0-69.1.x86_64.rpm MozillaFirefox-debuginfo-20.0-69.1.x86_64.rpm MozillaFirefox-debugsource-20.0-69.1.x86_64.rpm MozillaFirefox-devel-20.0-69.1.x86_64.rpm MozillaFirefox-translations-common-20.0-69.1.x86_64.rpm MozillaFirefox-translations-other-20.0-69.1.x86_64.rpm MozillaThunderbird-17.0.5-57.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.5-57.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0.5-57.1.x86_64.rpm MozillaThunderbird-debugsource-17.0.5-57.1.x86_64.rpm MozillaThunderbird-devel-17.0.5-57.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.5-57.1.x86_64.rpm MozillaThunderbird-translations-common-17.0.5-57.1.x86_64.rpm MozillaThunderbird-translations-other-17.0.5-57.1.x86_64.rpm enigmail-1.5.1+17.0.5-57.1.x86_64.rpm enigmail-debuginfo-1.5.1+17.0.5-57.1.x86_64.rpm mozilla-nspr-4.9.6-24.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.6-24.1.x86_64.rpm mozilla-nspr-debugsource-4.9.6-24.1.x86_64.rpm mozilla-nspr-devel-4.9.6-24.1.x86_64.rpm libfreebl3-3.14.3-58.1.x86_64.rpm libfreebl3-debuginfo-3.14.3-58.1.x86_64.rpm libsoftokn3-3.14.3-58.1.x86_64.rpm libsoftokn3-debuginfo-3.14.3-58.1.x86_64.rpm mozilla-nss-3.14.3-58.1.x86_64.rpm mozilla-nss-certs-3.14.3-58.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.14.3-58.1.x86_64.rpm mozilla-nss-debuginfo-3.14.3-58.1.x86_64.rpm mozilla-nss-debugsource-3.14.3-58.1.x86_64.rpm mozilla-nss-devel-3.14.3-58.1.x86_64.rpm mozilla-nss-sysinit-3.14.3-58.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.14.3-58.1.x86_64.rpm mozilla-nss-tools-3.14.3-58.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.14.3-58.1.x86_64.rpm seamonkey-2.17-61.1.x86_64.rpm seamonkey-debuginfo-2.17-61.1.x86_64.rpm seamonkey-debugsource-2.17-61.1.x86_64.rpm seamonkey-dom-inspector-2.17-61.1.x86_64.rpm seamonkey-irc-2.17-61.1.x86_64.rpm seamonkey-translations-common-2.17-61.1.x86_64.rpm seamonkey-translations-other-2.17-61.1.x86_64.rpm seamonkey-venkman-2.17-61.1.x86_64.rpm 2013-63 moderate openSUSE Evergreen 11.4 Opera 12.15 is a recommended upgrade offering security and stability enhancements. It provides: -fixed an issue where the search bar's default engine could be overridden by third-party apps; -fixed a moderately severe issue; -added safeguards against attacks on the RC4 encryption protocol; -fixed an issue where cookies could be set for a top-level domain. opera-12.15-52.1.i586.rpm opera-12.15-52.1.nosrc.rpm opera-gtk-12.15-52.1.i586.rpm opera-kde4-12.15-52.1.i586.rpm opera-12.15-52.1.x86_64.rpm opera-gtk-12.15-52.1.x86_64.rpm opera-kde4-12.15-52.1.x86_64.rpm 2013-59 important openSUSE Evergreen 11.4 Postgresql was updated to version 9.0.13 (bnc#812525): * CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is eventually rejected. * CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. This avoids a scenario wherein random numbers generated by "contrib/pgcrypto" functions might be relatively easy for another database user to guess. The risk is only significant when the postmaster is configured with ssl = on but most connections don't use SSL encryption. * CVE-2013-1901: Make REPLICATION privilege checks test current user not authenticated user. An unprivileged database user could exploit this mistake to call pg_start_backup() or pg_stop_backup(), thus possibly interfering with creation of routine backups. * See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.0/static/release-9-0-13.html /usr/share/doc/packages/postgresql91/HISTORY libecpg6-9.0.13-31.1.i586.rpm libecpg6-debuginfo-9.0.13-31.1.i586.rpm libpq5-32bit-9.0.13-31.1.x86_64.rpm libpq5-9.0.13-31.1.i586.rpm libpq5-debuginfo-32bit-9.0.13-31.1.x86_64.rpm libpq5-debuginfo-9.0.13-31.1.i586.rpm libpq5-debuginfo-x86-9.0.13-31.1.ia64.rpm libpq5-x86-9.0.13-31.1.ia64.rpm postgresql-devel-9.0.13-31.1.i586.rpm postgresql-devel-debuginfo-9.0.13-31.1.i586.rpm postgresql-libs-9.0.13-31.1.src.rpm postgresql-libs-debugsource-9.0.13-31.1.i586.rpm postgresql-9.0.13-31.1.i586.rpm postgresql-9.0.13-31.1.src.rpm postgresql-contrib-9.0.13-31.1.i586.rpm postgresql-contrib-debuginfo-9.0.13-31.1.i586.rpm postgresql-debuginfo-9.0.13-31.1.i586.rpm postgresql-debugsource-9.0.13-31.1.i586.rpm postgresql-docs-9.0.13-31.1.noarch.rpm postgresql-plperl-9.0.13-31.1.i586.rpm postgresql-plperl-debuginfo-9.0.13-31.1.i586.rpm postgresql-plpython-9.0.13-31.1.i586.rpm postgresql-plpython-debuginfo-9.0.13-31.1.i586.rpm postgresql-pltcl-9.0.13-31.1.i586.rpm postgresql-pltcl-debuginfo-9.0.13-31.1.i586.rpm postgresql-server-9.0.13-31.1.i586.rpm postgresql-server-debuginfo-9.0.13-31.1.i586.rpm libecpg6-9.0.13-31.1.x86_64.rpm libecpg6-debuginfo-9.0.13-31.1.x86_64.rpm libpq5-9.0.13-31.1.x86_64.rpm libpq5-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-devel-9.0.13-31.1.x86_64.rpm postgresql-devel-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-libs-debugsource-9.0.13-31.1.x86_64.rpm postgresql-9.0.13-31.1.x86_64.rpm postgresql-contrib-9.0.13-31.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-debugsource-9.0.13-31.1.x86_64.rpm postgresql-plperl-9.0.13-31.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-plpython-9.0.13-31.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-pltcl-9.0.13-31.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.13-31.1.x86_64.rpm postgresql-server-9.0.13-31.1.x86_64.rpm postgresql-server-debuginfo-9.0.13-31.1.x86_64.rpm 2013-60 moderate openSUSE Evergreen 11.4 jakarta-commons-httpclient3 was updated to enhance the fix of bnc#803332 / CVE-2012-5783: - also add a check for subjectAltNames in certificates jakarta-commons-httpclient3-3.0.1-313.1.noarch.rpm jakarta-commons-httpclient3-3.0.1-313.1.src.rpm jakarta-commons-httpclient3-demo-3.0.1-313.1.noarch.rpm jakarta-commons-httpclient3-javadoc-3.0.1-313.1.noarch.rpm jakarta-commons-httpclient3-manual-3.0.1-313.1.noarch.rpm 2013-65 moderate openSUSE Evergreen 11.4 Changes in rubygem-activesupport-2_3: - add patch to fix security issue: - bug-809932_2-3-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord*: Symbol DoS vulnerability in Active Record (bnc#809932) rubygem-activesupport-2_3-2.3.17-32.1.i586.rpm rubygem-activesupport-2_3-2.3.17-32.1.src.rpm rubygem-activesupport-2_3-doc-2.3.17-32.1.i586.rpm rubygem-activesupport-2_3-2.3.17-32.1.x86_64.rpm rubygem-activesupport-2_3-doc-2.3.17-32.1.x86_64.rpm 2013-66 moderate openSUSE Evergreen 11.4 Changes in rubygem-activerecord-2_3: - add patch to fix security issue: - bug-809932_2-3-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord*: Symbol DoS vulnerability in Active Record (bnc#809932) rubygem-activerecord-2_3-2.3.17-35.1.i586.rpm rubygem-activerecord-2_3-2.3.17-35.1.src.rpm rubygem-activerecord-2_3-doc-2.3.17-35.1.i586.rpm rubygem-activerecord-2_3-testsuite-2.3.17-35.1.i586.rpm rubygem-activerecord-2_3-2.3.17-35.1.x86_64.rpm rubygem-activerecord-2_3-doc-2.3.17-35.1.x86_64.rpm rubygem-activerecord-2_3-testsuite-2.3.17-35.1.x86_64.rpm 2013-64 moderate openSUSE Evergreen 11.4 The Seamonkey 2.17 update broke support for playing media through GStreamer. This update fixes playback for certain media types if GStreamer support is available. seamonkey-2.17-65.1.i586.rpm seamonkey-2.17-65.1.src.rpm seamonkey-debuginfo-2.17-65.1.i586.rpm seamonkey-debugsource-2.17-65.1.i586.rpm seamonkey-dom-inspector-2.17-65.1.i586.rpm seamonkey-irc-2.17-65.1.i586.rpm seamonkey-translations-common-2.17-65.1.i586.rpm seamonkey-translations-other-2.17-65.1.i586.rpm seamonkey-venkman-2.17-65.1.i586.rpm seamonkey-2.17-65.1.x86_64.rpm seamonkey-debuginfo-2.17-65.1.x86_64.rpm seamonkey-debugsource-2.17-65.1.x86_64.rpm seamonkey-dom-inspector-2.17-65.1.x86_64.rpm seamonkey-irc-2.17-65.1.x86_64.rpm seamonkey-translations-common-2.17-65.1.x86_64.rpm seamonkey-translations-other-2.17-65.1.x86_64.rpm seamonkey-venkman-2.17-65.1.x86_64.rpm 2013-68 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.280: http://www.adobe.com/support/security/bulletins/apsb13-11.html * APSB13-11, CVE-2013-1378, CVE-2013-1379, CVE-2013-1380, CVE-2013-2555 flash-player-11.2.202.280-59.1.i586.rpm flash-player-11.2.202.280-59.1.nosrc.rpm flash-player-gnome-11.2.202.280-59.1.i586.rpm flash-player-kde4-11.2.202.280-59.1.i586.rpm flash-player-11.2.202.280-59.1.x86_64.rpm flash-player-gnome-11.2.202.280-59.1.x86_64.rpm flash-player-kde4-11.2.202.280-59.1.x86_64.rpm 2013-71 moderate openSUSE Evergreen 11.4 The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. curl-7.21.2-29.1.i586.rpm curl-7.21.2-29.1.src.rpm curl-debuginfo-7.21.2-29.1.i586.rpm libcurl-devel-7.21.2-29.1.i586.rpm libcurl4-32bit-7.21.2-29.1.x86_64.rpm libcurl4-7.21.2-29.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-29.1.x86_64.rpm libcurl4-debuginfo-7.21.2-29.1.i586.rpm libcurl4-debuginfo-x86-7.21.2-29.1.ia64.rpm libcurl4-x86-7.21.2-29.1.ia64.rpm curl-7.21.2-29.1.x86_64.rpm curl-debuginfo-7.21.2-29.1.x86_64.rpm libcurl-devel-7.21.2-29.1.x86_64.rpm libcurl4-7.21.2-29.1.x86_64.rpm 2013-69 important openSUSE Evergreen 11.4 This update fixes the following issues with timezone: - Regular timezone update to 2013c timezone-java-2013c-18.1.noarch.rpm timezone-java-2013c-18.1.src.rpm timezone-2013c-18.1.i586.rpm timezone-2013c-18.1.src.rpm timezone-debuginfo-2013c-18.1.i586.rpm timezone-debugsource-2013c-18.1.i586.rpm timezone-2013c-18.1.x86_64.rpm timezone-debuginfo-2013c-18.1.x86_64.rpm timezone-debugsource-2013c-18.1.x86_64.rpm 2013-72 low openSUSE Evergreen 11.4 - update to 1.3.2 (bnc#815596) - Security Updates * CVE-2013-1927, RH884705: fixed gifar vulnerability * CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common * Added new option in itw-settings which allows users to set JVM arguments when plugin is initialized. - NetX * PR580: http://www.horaoficial.cl/ loads improperly - Plugin * PR1260: IcedTea-Web should not rely on GTK obsoletes icedtea-web-remove-gtk-dep.patch * PR1157: Applets can hang browser after fatal exception icedtea-web-1.3.2-30.1.i586.rpm icedtea-web-1.3.2-30.1.src.rpm icedtea-web-debuginfo-1.3.2-30.1.i586.rpm icedtea-web-debugsource-1.3.2-30.1.i586.rpm icedtea-web-javadoc-1.3.2-30.1.noarch.rpm icedtea-web-1.3.2-30.1.x86_64.rpm icedtea-web-debuginfo-1.3.2-30.1.x86_64.rpm icedtea-web-debugsource-1.3.2-30.1.x86_64.rpm 2013-70 moderate openSUSE Evergreen 11.4 XEN was updated to fix security issues: - CVE-2012-5634: xen: VT-d interrupt remapping source validation flaw (XSA-33) [bnc#794316] - CVE-2013-0153: interrupt remap entries shared and old ones not cleared on AMD IOMMUs (XSA-36) - CVE-2013-1917: PV DoS vulnerability with SYSENTER (XSA-44) - CVE-2013-1919: several access permission issues with IRQs for unprivileged guests (XSA-46) - CVE-2013-1920: Potential use of freed memory in event channel operations (XSA-47) xen-4.0.3_05-53.1.i586.rpm True xen-4.0.3_05-53.1.src.rpm True xen-debugsource-4.0.3_05-53.1.i586.rpm True xen-devel-4.0.3_05-53.1.i586.rpm True xen-doc-html-4.0.3_05-53.1.i586.rpm True xen-doc-pdf-4.0.3_05-53.1.i586.rpm True xen-kmp-default-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-kmp-pae-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-kmp-pae-debuginfo-4.0.3_05_k2.6.37.6_24-53.1.i586.rpm True xen-libs-4.0.3_05-53.1.i586.rpm True xen-libs-debuginfo-4.0.3_05-53.1.i586.rpm True xen-tools-4.0.3_05-53.1.i586.rpm True xen-tools-debuginfo-4.0.3_05-53.1.i586.rpm True xen-tools-domU-4.0.3_05-53.1.i586.rpm True xen-tools-domU-debuginfo-4.0.3_05-53.1.i586.rpm True xen-4.0.3_05-53.1.x86_64.rpm True xen-debugsource-4.0.3_05-53.1.x86_64.rpm True xen-devel-4.0.3_05-53.1.x86_64.rpm True xen-doc-html-4.0.3_05-53.1.x86_64.rpm True xen-doc-pdf-4.0.3_05-53.1.x86_64.rpm True xen-kmp-default-4.0.3_05_k2.6.37.6_24-53.1.x86_64.rpm True xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-53.1.x86_64.rpm True xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-53.1.x86_64.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-53.1.x86_64.rpm True xen-libs-4.0.3_05-53.1.x86_64.rpm True xen-libs-debuginfo-4.0.3_05-53.1.x86_64.rpm True xen-tools-4.0.3_05-53.1.x86_64.rpm True xen-tools-debuginfo-4.0.3_05-53.1.x86_64.rpm True xen-tools-domU-4.0.3_05-53.1.x86_64.rpm True xen-tools-domU-debuginfo-4.0.3_05-53.1.x86_64.rpm True 2013-73 moderate openSUSE Evergreen 11.4 - fix prep_reprocess_req NULL pointer deref CVE-2013-1416 (bnc#816413) bug-816413-CVE-2013-1416-prep_reprocess_req-NULL-ptr-deref.dif krb5-1.8.3-59.1.i586.rpm krb5-1.8.3-59.1.src.rpm krb5-32bit-1.8.3-59.1.x86_64.rpm krb5-client-1.8.3-59.1.i586.rpm krb5-client-debuginfo-1.8.3-59.1.i586.rpm krb5-debuginfo-1.8.3-59.1.i586.rpm krb5-debuginfo-32bit-1.8.3-59.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-59.1.ia64.rpm krb5-debugsource-1.8.3-59.1.i586.rpm krb5-devel-1.8.3-59.1.i586.rpm krb5-devel-32bit-1.8.3-59.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-59.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-59.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-59.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-59.1.i586.rpm krb5-server-1.8.3-59.1.i586.rpm krb5-server-debuginfo-1.8.3-59.1.i586.rpm krb5-x86-1.8.3-59.1.ia64.rpm krb5-1.8.3-59.1.x86_64.rpm krb5-client-1.8.3-59.1.x86_64.rpm krb5-client-debuginfo-1.8.3-59.1.x86_64.rpm krb5-debuginfo-1.8.3-59.1.x86_64.rpm krb5-debugsource-1.8.3-59.1.x86_64.rpm krb5-devel-1.8.3-59.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-59.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-59.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-59.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-59.1.x86_64.rpm krb5-server-1.8.3-59.1.x86_64.rpm krb5-server-debuginfo-1.8.3-59.1.x86_64.rpm 2013-74 moderate openSUSE Evergreen 11.4 java-1_6_0-openjdk was updated to 1.12.5 (bnc#817157) * Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework RMI model - S8001322: Refactor deserialization - S8001329, CVE-2013-1557: Augment RMI logging - S8003335: Better handling of Finalizer thread - S8003445: Adjust JAX-WS to focus on API - S8003543, CVE-2013-2415: Improve processing of MTOM attachments - S8004261: Improve input validation - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames - S8004986, CVE-2013-2383: Better handling of glyph table - S8004987, CVE-2013-2384: Improve font layout - S8004994, CVE-2013-1569: Improve checking of glyph table - S8005432: Update access to JAX-WS - S8005943: (process) Improved Runtime.exec - S8006309: More reliable control panel operation - S8006435, CVE-2013-2424: Improvements in JMX - S8006790: Improve checking for windows - S8006795: Improve font warning messages - S8007406: Improve accessibility of AccessBridge - S8007617, CVE-2013-2420: Better validation of images - S8007667, CVE-2013-2430: Better image reading - S8007918, CVE-2013-2429: Better image writing - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap - S8009305, CVE-2013-0401: Improve AWT data transfer - S8009699, CVE-2013-2421: Methodhandle lookup - S8009814, CVE-2013-1488: Better driver management - S8009857, CVE-2013-2422: Problem with plugin - RH952389: Temporary files created with insecure permissions * Backports - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts - S7036559: ConcurrentHashMap footprint and contention improvements - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom BeanInfo: Class param (with WeakCache from S6397609) - S6501644: sync LayoutEngine *code* structure to match ICU - S6886358: layout code update - S6963811: Deadlock-prone locking changes in Introspector - S7017324: Kerning crash in JDK 7 since ICU layout update - S7064279: Introspector.getBeanInfo() should release some resources in timely manner - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01 - S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial for S6657673) - S8009530: ICU Kern table support broken * Bug fixes - OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906) - PR1362: Fedora 19 / rawhide FTBFS SIGILL - PR1338: Remove dependence on libXp - PR1339: Simplify the rhino class rewriter to avoid use of concurrency - PR1336: Bootstrap failure on Fedora 17/18 - PR1319: Correct #ifdef to #if - PR1402: Support glibc < 2.17 with AArch64 patch - Give xalan/xerces access to their own internal packages. * New features - JAXP, JAXWS & JAF supplied as patches rather than drops to aid subsequent patching. - PR1380: Add AArch64 support to Zero - openjdk-7-src-b147-awt-crasher.patch (bnc#792951) - fix build for non-jit packages java-1_6_0-openjdk-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.5-37.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.5-37.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.5-37.1.x86_64.rpm 2013-76 moderate openSUSE Evergreen 11.4 Subversion received a minor version update to fix remote triggerable vulnerabilities in mod_dav_svn which may result in denial of service. - update to 1.6.21 [bnc#813913], addressing remotely triggerable + CVE-2013-1845: mod_dav_svn excessive memory usage from property changes + CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs + CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs + CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs - further changes: + mod_dav_svn will omit some property values for activity urls + improve memory usage when committing properties in mod_dav_svn + fix mod_dav_svn runs pre-revprop-change twice + fixed: post-revprop-change errors cancel commit + improved logic in mod_dav_svn's implementation of lock. + fix a compatibility issue with g++ 4.7 libsvn_auth_gnome_keyring-1-0-1.6.21-47.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.21-47.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.21-47.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.21-47.1.i586.rpm subversion-1.6.21-47.1.i586.rpm subversion-1.6.21-47.1.src.rpm subversion-debuginfo-1.6.21-47.1.i586.rpm subversion-debugsource-1.6.21-47.1.i586.rpm subversion-devel-1.6.21-47.1.i586.rpm subversion-perl-1.6.21-47.1.i586.rpm subversion-perl-debuginfo-1.6.21-47.1.i586.rpm subversion-python-1.6.21-47.1.i586.rpm subversion-python-debuginfo-1.6.21-47.1.i586.rpm subversion-ruby-1.6.21-47.1.i586.rpm subversion-ruby-debuginfo-1.6.21-47.1.i586.rpm subversion-server-1.6.21-47.1.i586.rpm subversion-server-debuginfo-1.6.21-47.1.i586.rpm subversion-tools-1.6.21-47.1.i586.rpm subversion-tools-debuginfo-1.6.21-47.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.21-47.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.21-47.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.21-47.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.21-47.1.x86_64.rpm subversion-1.6.21-47.1.x86_64.rpm subversion-debuginfo-1.6.21-47.1.x86_64.rpm subversion-debugsource-1.6.21-47.1.x86_64.rpm subversion-devel-1.6.21-47.1.x86_64.rpm subversion-perl-1.6.21-47.1.x86_64.rpm subversion-perl-debuginfo-1.6.21-47.1.x86_64.rpm subversion-python-1.6.21-47.1.x86_64.rpm subversion-python-debuginfo-1.6.21-47.1.x86_64.rpm subversion-ruby-1.6.21-47.1.x86_64.rpm subversion-ruby-debuginfo-1.6.21-47.1.x86_64.rpm subversion-server-1.6.21-47.1.x86_64.rpm subversion-server-debuginfo-1.6.21-47.1.x86_64.rpm subversion-tools-1.6.21-47.1.x86_64.rpm subversion-tools-debuginfo-1.6.21-47.1.x86_64.rpm 2013-75 moderate openSUSE Evergreen 11.4 xorg-x11-server was updated fixing following security issue: In some cases, input events are sent to X servers not currently the VT owner,allowing a user to capture passwords. This is a fix for CVE-2013-1940. (bnc#814653) xorg-x11-Xvnc-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.36.1.src.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.36.1.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.36.1.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.36.1.x86_64.rpm 2013-77 moderate openSUSE Evergreen 11.4 Applied upstream patch for security vulnerability discovered by Kevin Wojtysiak in ECDSA signature verification of the strongswan openssl plugin. strongswan-4.5.0-6.52.1.i586.rpm strongswan-4.5.0-6.52.1.src.rpm strongswan-debugsource-4.5.0-6.52.1.i586.rpm strongswan-doc-4.5.0-6.52.1.i586.rpm strongswan-ikev1-4.5.0-6.52.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-ikev2-4.5.0-6.52.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-ipsec-4.5.0-6.52.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-libs0-4.5.0-6.52.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-mysql-4.5.0-6.52.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-nm-4.5.0-6.52.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-sqlite-4.5.0-6.52.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.52.1.i586.rpm strongswan-4.5.0-6.52.1.x86_64.rpm strongswan-debugsource-4.5.0-6.52.1.x86_64.rpm strongswan-doc-4.5.0-6.52.1.x86_64.rpm strongswan-ikev1-4.5.0-6.52.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-ikev2-4.5.0-6.52.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-ipsec-4.5.0-6.52.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-libs0-4.5.0-6.52.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-mysql-4.5.0-6.52.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-nm-4.5.0-6.52.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.52.1.x86_64.rpm strongswan-sqlite-4.5.0-6.52.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.52.1.x86_64.rpm 2012-5 important openSUSE Evergreen 11.4 This update of plib fixed two stack-based buffer overflows. plib-1.8.5-70.1.i586.rpm plib-1.8.5-70.1.src.rpm plib-debuginfo-1.8.5-70.1.i586.rpm plib-debugsource-1.8.5-70.1.i586.rpm plib-devel-1.8.5-70.1.i586.rpm plib-1.8.5-70.1.x86_64.rpm plib-debuginfo-1.8.5-70.1.x86_64.rpm plib-debugsource-1.8.5-70.1.x86_64.rpm plib-devel-1.8.5-70.1.x86_64.rpm 2013-81 moderate openSUSE Evergreen 11.4 libtiff security update: * CVE-2013-1961.patch [bnc#818117] * CVE-2013-1960.patch [bnc#817573] libtiff-devel-3.9.4-38.1.i586.rpm libtiff-devel-32bit-3.9.4-38.1.x86_64.rpm libtiff3-3.9.4-38.1.i586.rpm libtiff3-32bit-3.9.4-38.1.x86_64.rpm libtiff3-debuginfo-3.9.4-38.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-38.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-38.1.ia64.rpm libtiff3-x86-3.9.4-38.1.ia64.rpm tiff-3.9.4-38.1.i586.rpm tiff-3.9.4-38.1.src.rpm tiff-debuginfo-3.9.4-38.1.i586.rpm tiff-debugsource-3.9.4-38.1.i586.rpm libtiff-devel-3.9.4-38.1.x86_64.rpm libtiff3-3.9.4-38.1.x86_64.rpm libtiff3-debuginfo-3.9.4-38.1.x86_64.rpm tiff-3.9.4-38.1.x86_64.rpm tiff-debuginfo-3.9.4-38.1.x86_64.rpm tiff-debugsource-3.9.4-38.1.x86_64.rpm 2013-79 low openSUSE Evergreen 11.4 add Provides: xsltproc to specfile. This will satisfy BuildRequire dependencies in the buildservice when building newer package versions for 11.4. libxslt-1.1.26-3.21.1.i586.rpm libxslt-1.1.26-3.21.1.src.rpm libxslt-32bit-1.1.26-3.21.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.21.1.i586.rpm libxslt-debuginfo-32bit-1.1.26-3.21.1.x86_64.rpm libxslt-debuginfo-x86-1.1.26-3.21.1.ia64.rpm libxslt-debugsource-1.1.26-3.21.1.i586.rpm libxslt-devel-1.1.26-3.21.1.i586.rpm libxslt-devel-32bit-1.1.26-3.21.1.x86_64.rpm libxslt-x86-1.1.26-3.21.1.ia64.rpm libxslt-1.1.26-3.21.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.21.1.x86_64.rpm libxslt-debugsource-1.1.26-3.21.1.x86_64.rpm libxslt-devel-1.1.26-3.21.1.x86_64.rpm 2013-85 moderate openSUSE Evergreen 11.4 This update contains - Firefox 21.0 - Thunderbird 17.0.6 fixing the following security related issues * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-43/CVE-2013-1671 (bmo#842255) File input control has access to full path * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer MozillaFirefox-branding-openSUSE-21-16.1.i586.rpm MozillaFirefox-branding-openSUSE-21-16.1.src.rpm MozillaFirefox-21.0-75.2.i586.rpm MozillaFirefox-21.0-75.2.src.rpm MozillaFirefox-branding-upstream-21.0-75.2.i586.rpm MozillaFirefox-buildsymbols-21.0-75.2.i586.rpm MozillaFirefox-debuginfo-21.0-75.2.i586.rpm MozillaFirefox-debugsource-21.0-75.2.i586.rpm MozillaFirefox-devel-21.0-75.2.i586.rpm MozillaFirefox-translations-common-21.0-75.2.i586.rpm MozillaFirefox-translations-other-21.0-75.2.i586.rpm MozillaThunderbird-17.0.6-61.2.i586.rpm MozillaThunderbird-17.0.6-61.2.src.rpm MozillaThunderbird-buildsymbols-17.0.6-61.2.i586.rpm MozillaThunderbird-debuginfo-17.0.6-61.2.i586.rpm MozillaThunderbird-debugsource-17.0.6-61.2.i586.rpm MozillaThunderbird-devel-17.0.6-61.2.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.6-61.2.i586.rpm MozillaThunderbird-translations-common-17.0.6-61.2.i586.rpm MozillaThunderbird-translations-other-17.0.6-61.2.i586.rpm enigmail-1.5.1+17.0.6-61.2.i586.rpm enigmail-debuginfo-1.5.1+17.0.6-61.2.i586.rpm MozillaFirefox-branding-openSUSE-21-16.1.x86_64.rpm MozillaFirefox-21.0-75.2.x86_64.rpm MozillaFirefox-branding-upstream-21.0-75.2.x86_64.rpm MozillaFirefox-buildsymbols-21.0-75.2.x86_64.rpm MozillaFirefox-debuginfo-21.0-75.2.x86_64.rpm MozillaFirefox-debugsource-21.0-75.2.x86_64.rpm MozillaFirefox-devel-21.0-75.2.x86_64.rpm MozillaFirefox-translations-common-21.0-75.2.x86_64.rpm MozillaFirefox-translations-other-21.0-75.2.x86_64.rpm MozillaThunderbird-17.0.6-61.2.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.6-61.2.x86_64.rpm MozillaThunderbird-debuginfo-17.0.6-61.2.x86_64.rpm MozillaThunderbird-debugsource-17.0.6-61.2.x86_64.rpm MozillaThunderbird-devel-17.0.6-61.2.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.6-61.2.x86_64.rpm MozillaThunderbird-translations-common-17.0.6-61.2.x86_64.rpm MozillaThunderbird-translations-other-17.0.6-61.2.x86_64.rpm enigmail-1.5.1+17.0.6-61.2.x86_64.rpm enigmail-debuginfo-1.5.1+17.0.6-61.2.x86_64.rpm 2013-84 moderate openSUSE Evergreen 11.4 New clamav version 0.97.8 (bnc#816865): * CVE-2013-2020: Fix heap corruption * CVE-2013-2021: Fix overflow due to PDF key length computation. clamav-0.97.8-21.1.i586.rpm clamav-0.97.8-21.1.src.rpm clamav-db-0.97.8-21.1.noarch.rpm clamav-debuginfo-0.97.8-21.1.i586.rpm clamav-debugsource-0.97.8-21.1.i586.rpm clamav-0.97.8-21.1.x86_64.rpm clamav-debuginfo-0.97.8-21.1.x86_64.rpm clamav-debugsource-0.97.8-21.1.x86_64.rpm 2013-80 important openSUSE Evergreen 11.4 flash-player was updated to security update to 11.2.202.285: * APSB13-14, CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335 flash-player-11.2.202.285-63.1.i586.rpm flash-player-11.2.202.285-63.1.nosrc.rpm flash-player-gnome-11.2.202.285-63.1.i586.rpm flash-player-kde4-11.2.202.285-63.1.i586.rpm flash-player-11.2.202.285-63.1.x86_64.rpm flash-player-gnome-11.2.202.285-63.1.x86_64.rpm flash-player-kde4-11.2.202.285-63.1.x86_64.rpm 2013-83 low openSUSE Evergreen 11.4 This update fixes the following issue for make: - bnc#810657: Fixed an issue whereby intermediaries are not considered for remake make-3.82-143.1.i586.rpm make-3.82-143.1.src.rpm make-debuginfo-3.82-143.1.i586.rpm make-debugsource-3.82-143.1.i586.rpm make-3.82-143.1.x86_64.rpm make-debuginfo-3.82-143.1.x86_64.rpm make-debugsource-3.82-143.1.x86_64.rpm 2013-82 moderate openSUSE Evergreen 11.4 Acroread was updated to 9.5.5 for bnc#819918(swampid#52449). More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-15.html (CVE-2013-2549, CVE-2013-2550, CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721,CVE-2013-2722, CVE-2013-2723, CVE-2013-2724, CVE-2013-2725, CVE-2013-2726, CVE-2013-2727, CVE-2013-2729, CVE-2013-2730, CVE-2013-2731, CVE-2013-2732, CVE-2013-2733, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-2737, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, CVE-2013-3341, CVE-2013-3342) acroread-9.5.5-18.1.i586.rpm acroread-9.5.5-18.1.nosrc.rpm acroread-browser-plugin-9.5.5-18.1.i586.rpm 2013-86 moderate openSUSE Evergreen 11.4 Changes in icedtea-web with update to 1.4 (bnc#818768): * Added cs, de, pl localization * Splash screen for javaws and plugin * Better error reporting for plugin via Error-splash-screen * All IcedTea-Web dialogues are centered to middle of active screen * Download indicator made compact for more then one jar * User can select its own JVM via itw-settings and deploy.properties. * Added extended applets security settings and dialogue * Security updates - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - CVE-2013-1927, RH884705: fixed gifar vulnerabilit - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings * NetX - PR1027: DownloadService is not supported by IcedTea-Web - PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run - PR1292: Javaws does not resolve versioned jar names with periods correctly * Plugin - PR1106: Buffer overflow in plugin table- - PR1166: Embedded JNLP File is not supported in applet tag - PR1217: Add command line arguments for plugins - PR1189: Icedtea-plugin requires code attribute when using jnlp_href - PR1198: JSObject is not passed to javascript correctly - PR1260: IcedTea-Web should not rely on GTK - PR1157: Applets can hang browser after fatal exception - PR580: http://www.horaoficial.cl/ loads improperly * Common - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered - PR955: regression: SweetHome3D fails to run - PR1145: IcedTea-Web can cause ClassCircularityError - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 - PR822: Applets fail to load if jars have different signers - PR1186: System.getProperty("deployment.user.security.trusted.cacerts") is null - PR909: The Java applet at http://de.gosupermodel.com/games/wardrobegame.jsp fails - PR1299: WebStart doesn't read socket proxy settings from firefox correctly icedtea-web-1.4-34.1.i586.rpm icedtea-web-1.4-34.1.src.rpm icedtea-web-debuginfo-1.4-34.1.i586.rpm icedtea-web-debugsource-1.4-34.1.i586.rpm icedtea-web-javadoc-1.4-34.1.noarch.rpm icedtea-web-1.4-34.1.x86_64.rpm icedtea-web-debuginfo-1.4-34.1.x86_64.rpm icedtea-web-debugsource-1.4-34.1.x86_64.rpm 2013-90 important openSUSE Evergreen 11.4 The Linux kernel was updated to 3.0.74 to fix various bugs and security issues. iscsitarget-1.4.19-18.2.i586.rpm True iscsitarget-1.4.19-18.2.src.rpm True iscsitarget-debuginfo-1.4.19-18.2.i586.rpm True iscsitarget-debugsource-1.4.19-18.2.i586.rpm True iscsitarget-kmp-default-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-default-debuginfo-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-desktop-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-desktop-debuginfo-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-pae-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-pae-debuginfo-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-xen-1.4.19_3.0.74_34-18.2.i586.rpm True iscsitarget-kmp-xen-debuginfo-1.4.19_3.0.74_34-18.2.i586.rpm True kernel-debug-3.0.74-34.1.i586.rpm True kernel-debug-3.0.74-34.1.nosrc.rpm True kernel-debug-base-3.0.74-34.1.i586.rpm True kernel-debug-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-debug-debuginfo-3.0.74-34.1.i586.rpm True kernel-debug-debugsource-3.0.74-34.1.i586.rpm True kernel-debug-devel-3.0.74-34.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-debug-hmac-3.0.74-34.1.i586.rpm True kernel-default-3.0.74-34.1.i586.rpm True kernel-default-3.0.74-34.1.nosrc.rpm True kernel-default-base-3.0.74-34.1.i586.rpm True kernel-default-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-default-debuginfo-3.0.74-34.1.i586.rpm True kernel-default-debugsource-3.0.74-34.1.i586.rpm True kernel-default-devel-3.0.74-34.1.i586.rpm True kernel-default-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-default-hmac-3.0.74-34.1.i586.rpm True kernel-desktop-3.0.74-34.1.i586.rpm True kernel-desktop-3.0.74-34.1.nosrc.rpm True kernel-desktop-base-3.0.74-34.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-desktop-debuginfo-3.0.74-34.1.i586.rpm True kernel-desktop-debugsource-3.0.74-34.1.i586.rpm True kernel-desktop-devel-3.0.74-34.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-desktop-hmac-3.0.74-34.1.i586.rpm True kernel-docs-3.0.74-34.2.noarch.rpm True kernel-docs-3.0.74-34.2.src.rpm True kernel-ec2-3.0.74-34.1.i586.rpm True kernel-ec2-3.0.74-34.1.nosrc.rpm True kernel-ec2-base-3.0.74-34.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-ec2-debuginfo-3.0.74-34.1.i586.rpm True kernel-ec2-debugsource-3.0.74-34.1.i586.rpm True kernel-ec2-devel-3.0.74-34.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-ec2-extra-3.0.74-34.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.74-34.1.i586.rpm True kernel-ec2-hmac-3.0.74-34.1.i586.rpm True kernel-pae-3.0.74-34.1.i586.rpm True kernel-pae-3.0.74-34.1.nosrc.rpm True kernel-pae-base-3.0.74-34.1.i586.rpm True kernel-pae-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-pae-debuginfo-3.0.74-34.1.i586.rpm True kernel-pae-debugsource-3.0.74-34.1.i586.rpm True kernel-pae-devel-3.0.74-34.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-pae-hmac-3.0.74-34.1.i586.rpm True kernel-source-3.0.74-34.1.i586.rpm True kernel-source-3.0.74-34.1.src.rpm True kernel-source-vanilla-3.0.74-34.1.i586.rpm True kernel-syms-3.0.74-34.1.i586.rpm True kernel-syms-3.0.74-34.1.src.rpm True kernel-trace-3.0.74-34.1.i586.rpm True kernel-trace-3.0.74-34.1.nosrc.rpm True kernel-trace-base-3.0.74-34.1.i586.rpm True kernel-trace-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-trace-debuginfo-3.0.74-34.1.i586.rpm True kernel-trace-debugsource-3.0.74-34.1.i586.rpm True kernel-trace-devel-3.0.74-34.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-trace-hmac-3.0.74-34.1.i586.rpm True kernel-vanilla-3.0.74-34.1.i586.rpm True kernel-vanilla-3.0.74-34.1.nosrc.rpm True kernel-vanilla-base-3.0.74-34.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-vanilla-debuginfo-3.0.74-34.1.i586.rpm True kernel-vanilla-debugsource-3.0.74-34.1.i586.rpm True kernel-vanilla-devel-3.0.74-34.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-vanilla-hmac-3.0.74-34.1.i586.rpm True kernel-vmi-3.0.74-34.1.i586.rpm True kernel-vmi-3.0.74-34.1.nosrc.rpm True kernel-vmi-base-3.0.74-34.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-vmi-debuginfo-3.0.74-34.1.i586.rpm True kernel-vmi-debugsource-3.0.74-34.1.i586.rpm True kernel-vmi-devel-3.0.74-34.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-vmi-hmac-3.0.74-34.1.i586.rpm True kernel-xen-3.0.74-34.1.i586.rpm True kernel-xen-3.0.74-34.1.nosrc.rpm True kernel-xen-base-3.0.74-34.1.i586.rpm True kernel-xen-base-debuginfo-3.0.74-34.1.i586.rpm True kernel-xen-debuginfo-3.0.74-34.1.i586.rpm True kernel-xen-debugsource-3.0.74-34.1.i586.rpm True kernel-xen-devel-3.0.74-34.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.74-34.1.i586.rpm True kernel-xen-hmac-3.0.74-34.1.i586.rpm True ndiswrapper-1.57rc1-20.1.i586.rpm True ndiswrapper-1.57rc1-20.1.src.rpm True ndiswrapper-debuginfo-1.57rc1-20.1.i586.rpm True ndiswrapper-debugsource-1.57rc1-20.1.i586.rpm True ndiswrapper-kmp-default-1.57rc1_3.0.74_34-20.1.i586.rpm True ndiswrapper-kmp-default-debuginfo-1.57rc1_3.0.74_34-20.1.i586.rpm True ndiswrapper-kmp-desktop-1.57rc1_3.0.74_34-20.1.i586.rpm True ndiswrapper-kmp-desktop-debuginfo-1.57rc1_3.0.74_34-20.1.i586.rpm True ndiswrapper-kmp-pae-1.57rc1_3.0.74_34-20.1.i586.rpm True ndiswrapper-kmp-pae-debuginfo-1.57rc1_3.0.74_34-20.1.i586.rpm True omnibook-20100406-13.1.src.rpm True omnibook-debugsource-20100406-13.1.i586.rpm True omnibook-kmp-default-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-default-debuginfo-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-desktop-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-desktop-debuginfo-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-pae-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-pae-debuginfo-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-xen-20100406_3.0.74_34-13.1.i586.rpm True omnibook-kmp-xen-debuginfo-20100406_3.0.74_34-13.1.i586.rpm True libvmtools-devel-2012.8.8.1-41.1.i586.rpm True libvmtools0-2012.8.8.1-41.1.i586.rpm True libvmtools0-debuginfo-2012.8.8.1-41.1.i586.rpm True open-vm-tools-2012.8.8.1-41.1.i586.rpm True open-vm-tools-2012.8.8.1-41.1.src.rpm True open-vm-tools-debuginfo-2012.8.8.1-41.1.i586.rpm True open-vm-tools-debugsource-2012.8.8.1-41.1.i586.rpm True open-vm-tools-gui-2012.8.8.1-41.1.i586.rpm True open-vm-tools-gui-debuginfo-2012.8.8.1-41.1.i586.rpm True vmware-guest-kmp-default-2012.8.8.1_3.0.74_34-41.1.i586.rpm True vmware-guest-kmp-default-debuginfo-2012.8.8.1_3.0.74_34-41.1.i586.rpm True vmware-guest-kmp-desktop-2012.8.8.1_3.0.74_34-41.1.i586.rpm True vmware-guest-kmp-desktop-debuginfo-2012.8.8.1_3.0.74_34-41.1.i586.rpm True vmware-guest-kmp-pae-2012.8.8.1_3.0.74_34-41.1.i586.rpm True vmware-guest-kmp-pae-debuginfo-2012.8.8.1_3.0.74_34-41.1.i586.rpm True pcfclock-0.44-250.1.i586.rpm True pcfclock-0.44-250.1.src.rpm True pcfclock-debuginfo-0.44-250.1.i586.rpm True pcfclock-debugsource-0.44-250.1.i586.rpm True pcfclock-kmp-default-0.44_3.0.74_34-250.1.i586.rpm True pcfclock-kmp-default-debuginfo-0.44_3.0.74_34-250.1.i586.rpm True pcfclock-kmp-desktop-0.44_3.0.74_34-250.1.i586.rpm True pcfclock-kmp-desktop-debuginfo-0.44_3.0.74_34-250.1.i586.rpm True pcfclock-kmp-pae-0.44_3.0.74_34-250.1.i586.rpm True pcfclock-kmp-pae-debuginfo-0.44_3.0.74_34-250.1.i586.rpm True preload-1.2-6.29.1.i586.rpm True preload-1.2-6.29.1.src.rpm True preload-debuginfo-1.2-6.29.1.i586.rpm True preload-debugsource-1.2-6.29.1.i586.rpm True preload-kmp-default-1.2_3.0.74_34-6.29.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.74_34-6.29.1.i586.rpm True preload-kmp-desktop-1.2_3.0.74_34-6.29.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.74_34-6.29.1.i586.rpm True systemtap-1.4-1.11.1.i586.rpm True systemtap-1.4-1.11.1.src.rpm True systemtap-client-1.4-1.11.1.i586.rpm True systemtap-client-debuginfo-1.4-1.11.1.i586.rpm True systemtap-debuginfo-1.4-1.11.1.i586.rpm True systemtap-debugsource-1.4-1.11.1.i586.rpm True systemtap-runtime-1.4-1.11.1.i586.rpm True systemtap-runtime-debuginfo-1.4-1.11.1.i586.rpm True systemtap-sdt-devel-1.4-1.11.1.i586.rpm True systemtap-server-1.4-1.11.1.i586.rpm True systemtap-server-debuginfo-1.4-1.11.1.i586.rpm True python-virtualbox-4.0.12-0.58.1.i586.rpm True python-virtualbox-debuginfo-4.0.12-0.58.1.i586.rpm True virtualbox-4.0.12-0.58.1.i586.rpm True virtualbox-4.0.12-0.58.1.src.rpm True virtualbox-debuginfo-4.0.12-0.58.1.i586.rpm True virtualbox-debugsource-4.0.12-0.58.1.i586.rpm True virtualbox-devel-4.0.12-0.58.1.i586.rpm True virtualbox-guest-kmp-default-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-kmp-default-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-kmp-desktop-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-kmp-desktop-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-kmp-pae-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-kmp-pae-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-guest-tools-4.0.12-0.58.1.i586.rpm True virtualbox-guest-tools-debuginfo-4.0.12-0.58.1.i586.rpm True virtualbox-guest-x11-4.0.12-0.58.1.i586.rpm True virtualbox-guest-x11-debuginfo-4.0.12-0.58.1.i586.rpm True virtualbox-host-kmp-default-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-host-kmp-default-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-host-kmp-desktop-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-host-kmp-desktop-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-host-kmp-pae-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-host-kmp-pae-debuginfo-4.0.12_3.0.74_34-0.58.1.i586.rpm True virtualbox-qt-4.0.12-0.58.1.i586.rpm True virtualbox-qt-debuginfo-4.0.12-0.58.1.i586.rpm True xen-4.0.3_05-57.1.i586.rpm True xen-4.0.3_05-57.1.src.rpm True xen-debugsource-4.0.3_05-57.1.i586.rpm True xen-devel-4.0.3_05-57.1.i586.rpm True xen-doc-html-4.0.3_05-57.1.i586.rpm True xen-doc-pdf-4.0.3_05-57.1.i586.rpm True xen-kmp-default-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-kmp-default-debuginfo-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-kmp-desktop-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-kmp-pae-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-kmp-pae-debuginfo-4.0.3_05_3.0.74_34-57.1.i586.rpm True xen-libs-4.0.3_05-57.1.i586.rpm True xen-libs-debuginfo-4.0.3_05-57.1.i586.rpm True xen-tools-4.0.3_05-57.1.i586.rpm True xen-tools-debuginfo-4.0.3_05-57.1.i586.rpm True xen-tools-domU-4.0.3_05-57.1.i586.rpm True xen-tools-domU-debuginfo-4.0.3_05-57.1.i586.rpm True xtables-addons-1.37-0.22.1.i586.rpm True xtables-addons-1.37-0.22.1.src.rpm True xtables-addons-debuginfo-1.37-0.22.1.i586.rpm True xtables-addons-debugsource-1.37-0.22.1.i586.rpm True xtables-addons-kmp-default-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-default-debuginfo-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-desktop-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-desktop-debuginfo-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-pae-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-pae-debuginfo-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-xen-1.37_3.0.74_34-0.22.1.i586.rpm True xtables-addons-kmp-xen-debuginfo-1.37_3.0.74_34-0.22.1.i586.rpm True iscsitarget-1.4.19-18.2.x86_64.rpm True iscsitarget-debuginfo-1.4.19-18.2.x86_64.rpm True iscsitarget-debugsource-1.4.19-18.2.x86_64.rpm True iscsitarget-kmp-default-1.4.19_3.0.74_34-18.2.x86_64.rpm True iscsitarget-kmp-default-debuginfo-1.4.19_3.0.74_34-18.2.x86_64.rpm True iscsitarget-kmp-desktop-1.4.19_3.0.74_34-18.2.x86_64.rpm True iscsitarget-kmp-desktop-debuginfo-1.4.19_3.0.74_34-18.2.x86_64.rpm True iscsitarget-kmp-xen-1.4.19_3.0.74_34-18.2.x86_64.rpm True iscsitarget-kmp-xen-debuginfo-1.4.19_3.0.74_34-18.2.x86_64.rpm True kernel-debug-3.0.74-34.1.x86_64.rpm True kernel-debug-base-3.0.74-34.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-debug-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-debug-debugsource-3.0.74-34.1.x86_64.rpm True kernel-debug-devel-3.0.74-34.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-debug-hmac-3.0.74-34.1.x86_64.rpm True kernel-default-3.0.74-34.1.x86_64.rpm True kernel-default-base-3.0.74-34.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-default-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-default-debugsource-3.0.74-34.1.x86_64.rpm True kernel-default-devel-3.0.74-34.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-default-hmac-3.0.74-34.1.x86_64.rpm True kernel-desktop-3.0.74-34.1.x86_64.rpm True kernel-desktop-base-3.0.74-34.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-desktop-debugsource-3.0.74-34.1.x86_64.rpm True kernel-desktop-devel-3.0.74-34.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-desktop-hmac-3.0.74-34.1.x86_64.rpm True kernel-ec2-3.0.74-34.1.x86_64.rpm True kernel-ec2-base-3.0.74-34.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-ec2-debugsource-3.0.74-34.1.x86_64.rpm True kernel-ec2-devel-3.0.74-34.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-ec2-extra-3.0.74-34.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-ec2-hmac-3.0.74-34.1.x86_64.rpm True kernel-source-3.0.74-34.1.x86_64.rpm True kernel-source-vanilla-3.0.74-34.1.x86_64.rpm True kernel-syms-3.0.74-34.1.x86_64.rpm True kernel-trace-3.0.74-34.1.x86_64.rpm True kernel-trace-base-3.0.74-34.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-trace-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-trace-debugsource-3.0.74-34.1.x86_64.rpm True kernel-trace-devel-3.0.74-34.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-trace-hmac-3.0.74-34.1.x86_64.rpm True kernel-vanilla-3.0.74-34.1.x86_64.rpm True kernel-vanilla-base-3.0.74-34.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.74-34.1.x86_64.rpm True kernel-vanilla-devel-3.0.74-34.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-vanilla-hmac-3.0.74-34.1.x86_64.rpm True kernel-xen-3.0.74-34.1.x86_64.rpm True kernel-xen-base-3.0.74-34.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-xen-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-xen-debugsource-3.0.74-34.1.x86_64.rpm True kernel-xen-devel-3.0.74-34.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.74-34.1.x86_64.rpm True kernel-xen-hmac-3.0.74-34.1.x86_64.rpm True ndiswrapper-1.57rc1-20.1.x86_64.rpm True ndiswrapper-debuginfo-1.57rc1-20.1.x86_64.rpm True ndiswrapper-debugsource-1.57rc1-20.1.x86_64.rpm True ndiswrapper-kmp-default-1.57rc1_3.0.74_34-20.1.x86_64.rpm True ndiswrapper-kmp-default-debuginfo-1.57rc1_3.0.74_34-20.1.x86_64.rpm True ndiswrapper-kmp-desktop-1.57rc1_3.0.74_34-20.1.x86_64.rpm True ndiswrapper-kmp-desktop-debuginfo-1.57rc1_3.0.74_34-20.1.x86_64.rpm True omnibook-debugsource-20100406-13.1.x86_64.rpm True omnibook-kmp-default-20100406_3.0.74_34-13.1.x86_64.rpm True omnibook-kmp-default-debuginfo-20100406_3.0.74_34-13.1.x86_64.rpm True omnibook-kmp-desktop-20100406_3.0.74_34-13.1.x86_64.rpm True omnibook-kmp-desktop-debuginfo-20100406_3.0.74_34-13.1.x86_64.rpm True omnibook-kmp-xen-20100406_3.0.74_34-13.1.x86_64.rpm True omnibook-kmp-xen-debuginfo-20100406_3.0.74_34-13.1.x86_64.rpm True libvmtools-devel-2012.8.8.1-41.1.x86_64.rpm True libvmtools0-2012.8.8.1-41.1.x86_64.rpm True libvmtools0-debuginfo-2012.8.8.1-41.1.x86_64.rpm True open-vm-tools-2012.8.8.1-41.1.x86_64.rpm True open-vm-tools-debuginfo-2012.8.8.1-41.1.x86_64.rpm True open-vm-tools-debugsource-2012.8.8.1-41.1.x86_64.rpm True open-vm-tools-gui-2012.8.8.1-41.1.x86_64.rpm True open-vm-tools-gui-debuginfo-2012.8.8.1-41.1.x86_64.rpm True vmware-guest-kmp-default-2012.8.8.1_3.0.74_34-41.1.x86_64.rpm True vmware-guest-kmp-default-debuginfo-2012.8.8.1_3.0.74_34-41.1.x86_64.rpm True vmware-guest-kmp-desktop-2012.8.8.1_3.0.74_34-41.1.x86_64.rpm True vmware-guest-kmp-desktop-debuginfo-2012.8.8.1_3.0.74_34-41.1.x86_64.rpm True pcfclock-0.44-250.1.x86_64.rpm True pcfclock-debuginfo-0.44-250.1.x86_64.rpm True pcfclock-debugsource-0.44-250.1.x86_64.rpm True pcfclock-kmp-default-0.44_3.0.74_34-250.1.x86_64.rpm True pcfclock-kmp-default-debuginfo-0.44_3.0.74_34-250.1.x86_64.rpm True pcfclock-kmp-desktop-0.44_3.0.74_34-250.1.x86_64.rpm True pcfclock-kmp-desktop-debuginfo-0.44_3.0.74_34-250.1.x86_64.rpm True preload-1.2-6.29.1.x86_64.rpm True preload-debuginfo-1.2-6.29.1.x86_64.rpm True preload-debugsource-1.2-6.29.1.x86_64.rpm True preload-kmp-default-1.2_3.0.74_34-6.29.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.74_34-6.29.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.74_34-6.29.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.74_34-6.29.1.x86_64.rpm True systemtap-1.4-1.11.1.x86_64.rpm True systemtap-client-1.4-1.11.1.x86_64.rpm True systemtap-client-debuginfo-1.4-1.11.1.x86_64.rpm True systemtap-debuginfo-1.4-1.11.1.x86_64.rpm True systemtap-debugsource-1.4-1.11.1.x86_64.rpm True systemtap-runtime-1.4-1.11.1.x86_64.rpm True systemtap-runtime-debuginfo-1.4-1.11.1.x86_64.rpm True systemtap-sdt-devel-1.4-1.11.1.x86_64.rpm True systemtap-server-1.4-1.11.1.x86_64.rpm True systemtap-server-debuginfo-1.4-1.11.1.x86_64.rpm True python-virtualbox-4.0.12-0.58.1.x86_64.rpm True python-virtualbox-debuginfo-4.0.12-0.58.1.x86_64.rpm True virtualbox-4.0.12-0.58.1.x86_64.rpm True virtualbox-debuginfo-4.0.12-0.58.1.x86_64.rpm True virtualbox-debugsource-4.0.12-0.58.1.x86_64.rpm True virtualbox-devel-4.0.12-0.58.1.x86_64.rpm True virtualbox-guest-kmp-default-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-guest-kmp-default-debuginfo-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-guest-kmp-desktop-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-guest-kmp-desktop-debuginfo-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-guest-tools-4.0.12-0.58.1.x86_64.rpm True virtualbox-guest-tools-debuginfo-4.0.12-0.58.1.x86_64.rpm True virtualbox-guest-x11-4.0.12-0.58.1.x86_64.rpm True virtualbox-guest-x11-debuginfo-4.0.12-0.58.1.x86_64.rpm True virtualbox-host-kmp-default-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-host-kmp-default-debuginfo-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-host-kmp-desktop-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-host-kmp-desktop-debuginfo-4.0.12_3.0.74_34-0.58.1.x86_64.rpm True virtualbox-qt-4.0.12-0.58.1.x86_64.rpm True virtualbox-qt-debuginfo-4.0.12-0.58.1.x86_64.rpm True xen-4.0.3_05-57.1.x86_64.rpm True xen-debugsource-4.0.3_05-57.1.x86_64.rpm True xen-devel-4.0.3_05-57.1.x86_64.rpm True xen-doc-html-4.0.3_05-57.1.x86_64.rpm True xen-doc-pdf-4.0.3_05-57.1.x86_64.rpm True xen-kmp-default-4.0.3_05_3.0.74_34-57.1.x86_64.rpm True xen-kmp-default-debuginfo-4.0.3_05_3.0.74_34-57.1.x86_64.rpm True xen-kmp-desktop-4.0.3_05_3.0.74_34-57.1.x86_64.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_3.0.74_34-57.1.x86_64.rpm True xen-libs-4.0.3_05-57.1.x86_64.rpm True xen-libs-debuginfo-4.0.3_05-57.1.x86_64.rpm True xen-tools-4.0.3_05-57.1.x86_64.rpm True xen-tools-debuginfo-4.0.3_05-57.1.x86_64.rpm True xen-tools-domU-4.0.3_05-57.1.x86_64.rpm True xen-tools-domU-debuginfo-4.0.3_05-57.1.x86_64.rpm True xtables-addons-1.37-0.22.1.x86_64.rpm True xtables-addons-debuginfo-1.37-0.22.1.x86_64.rpm True xtables-addons-debugsource-1.37-0.22.1.x86_64.rpm True xtables-addons-kmp-default-1.37_3.0.74_34-0.22.1.x86_64.rpm True xtables-addons-kmp-default-debuginfo-1.37_3.0.74_34-0.22.1.x86_64.rpm True xtables-addons-kmp-desktop-1.37_3.0.74_34-0.22.1.x86_64.rpm True xtables-addons-kmp-desktop-debuginfo-1.37_3.0.74_34-0.22.1.x86_64.rpm True xtables-addons-kmp-xen-1.37_3.0.74_34-0.22.1.x86_64.rpm True xtables-addons-kmp-xen-debuginfo-1.37_3.0.74_34-0.22.1.x86_64.rpm True 2012-8 important openSUSE Evergreen 11.4 This update of libotr fixed multiple buffer overflows. libotr-3.2.1-11.1.src.rpm libotr-debugsource-3.2.1-11.1.i586.rpm libotr-devel-3.2.1-11.1.i586.rpm libotr-tools-3.2.1-11.1.i586.rpm libotr-tools-debuginfo-3.2.1-11.1.i586.rpm libotr2-3.2.1-11.1.i586.rpm libotr2-debuginfo-3.2.1-11.1.i586.rpm libotr-debugsource-3.2.1-11.1.x86_64.rpm libotr-devel-3.2.1-11.1.x86_64.rpm libotr-tools-3.2.1-11.1.x86_64.rpm libotr-tools-debuginfo-3.2.1-11.1.x86_64.rpm libotr2-3.2.1-11.1.x86_64.rpm libotr2-debuginfo-3.2.1-11.1.x86_64.rpm 2013-88 moderate openSUSE Evergreen 11.4 This update of wireshark includes several security and bug fixes. [bnc#820566] + vulnerabilities fixed: * The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 * The GTPv2 dissector could crash. wnpa-sec-2013-24 * The ASN.1 BER dissector could crash. wnpa-sec-2013-25 * The PPP CCP dissector could crash. wnpa-sec-2013-26 * The DCP ETSI dissector could crash. wnpa-sec-2013-27 * The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28 * The Websocket dissector could crash. wnpa-sec-2013-29 * The MySQL dissector could go into an infinite loop. wnpa-sec-2013-30 * The ETCH dissector could go into a large loop. wnpa-sec-2013-31 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html wireshark-1.8.7-45.1.i586.rpm wireshark-1.8.7-45.1.src.rpm wireshark-debuginfo-1.8.7-45.1.i586.rpm wireshark-debugsource-1.8.7-45.1.i586.rpm wireshark-devel-1.8.7-45.1.i586.rpm wireshark-1.8.7-45.1.x86_64.rpm wireshark-debuginfo-1.8.7-45.1.x86_64.rpm wireshark-debugsource-1.8.7-45.1.x86_64.rpm wireshark-devel-1.8.7-45.1.x86_64.rpm 2013-87 low openSUSE Evergreen 11.4 - Add support for PFC_FLAG_OBJECT_UUID when parsing packets; (bso#9382). - Fix "guest ok", "force user" and "force group" for guest users; (bso#9746). - Fix 'map untrusted to domain' with NTLMv2;(bso#9817). - Fix crash bug in Winbind; (bso#9854). - Fix panic in nt_printer_publish_ads; (bso#9830). samba-doc-3.6.3-122.1.src.rpm ldapsmb-1.34b-122.1.i586.rpm libldb-devel-1.0.2-122.1.i586.rpm libldb1-1.0.2-122.1.i586.rpm libldb1-32bit-1.0.2-122.1.x86_64.rpm libldb1-debuginfo-1.0.2-122.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-122.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-122.1.ia64.rpm libldb1-x86-1.0.2-122.1.ia64.rpm libnetapi-devel-3.6.3-122.1.i586.rpm libnetapi0-3.6.3-122.1.i586.rpm libnetapi0-debuginfo-3.6.3-122.1.i586.rpm libsmbclient-devel-3.6.3-122.1.i586.rpm libsmbclient0-3.6.3-122.1.i586.rpm libsmbclient0-32bit-3.6.3-122.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-122.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-122.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-122.1.ia64.rpm libsmbclient0-x86-3.6.3-122.1.ia64.rpm libsmbsharemodes-devel-3.6.3-122.1.i586.rpm libsmbsharemodes0-3.6.3-122.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-122.1.i586.rpm libtalloc-devel-2.0.5-122.1.i586.rpm libtalloc2-2.0.5-122.1.i586.rpm libtalloc2-32bit-2.0.5-122.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-122.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-122.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-122.1.ia64.rpm libtalloc2-x86-2.0.5-122.1.ia64.rpm libtdb-devel-1.2.9-122.1.i586.rpm libtdb1-1.2.9-122.1.i586.rpm libtdb1-32bit-1.2.9-122.1.x86_64.rpm libtdb1-debuginfo-1.2.9-122.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-122.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-122.1.ia64.rpm libtdb1-x86-1.2.9-122.1.ia64.rpm libtevent-devel-0.9.11-122.1.i586.rpm libtevent0-0.9.11-122.1.i586.rpm libtevent0-32bit-0.9.11-122.1.x86_64.rpm libtevent0-debuginfo-0.9.11-122.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-122.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-122.1.ia64.rpm libtevent0-x86-0.9.11-122.1.ia64.rpm libwbclient-devel-3.6.3-122.1.i586.rpm libwbclient0-3.6.3-122.1.i586.rpm libwbclient0-32bit-3.6.3-122.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-122.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-122.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-122.1.ia64.rpm libwbclient0-x86-3.6.3-122.1.ia64.rpm samba-3.6.3-122.1.i586.rpm samba-3.6.3-122.1.src.rpm samba-32bit-3.6.3-122.1.x86_64.rpm samba-client-3.6.3-122.1.i586.rpm samba-client-32bit-3.6.3-122.1.x86_64.rpm samba-client-debuginfo-3.6.3-122.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-122.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-122.1.ia64.rpm samba-client-x86-3.6.3-122.1.ia64.rpm samba-debuginfo-3.6.3-122.1.i586.rpm samba-debuginfo-32bit-3.6.3-122.1.x86_64.rpm samba-debuginfo-x86-3.6.3-122.1.ia64.rpm samba-debugsource-3.6.3-122.1.i586.rpm samba-devel-3.6.3-122.1.i586.rpm samba-doc-3.6.3-122.1.noarch.rpm samba-krb-printing-3.6.3-122.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-122.1.i586.rpm samba-winbind-3.6.3-122.1.i586.rpm samba-winbind-32bit-3.6.3-122.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-122.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-122.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-122.1.ia64.rpm samba-winbind-x86-3.6.3-122.1.ia64.rpm samba-x86-3.6.3-122.1.ia64.rpm ldapsmb-1.34b-122.1.x86_64.rpm libldb-devel-1.0.2-122.1.x86_64.rpm libldb1-1.0.2-122.1.x86_64.rpm libldb1-debuginfo-1.0.2-122.1.x86_64.rpm libnetapi-devel-3.6.3-122.1.x86_64.rpm libnetapi0-3.6.3-122.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-122.1.x86_64.rpm libsmbclient-devel-3.6.3-122.1.x86_64.rpm libsmbclient0-3.6.3-122.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-122.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-122.1.x86_64.rpm libsmbsharemodes0-3.6.3-122.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-122.1.x86_64.rpm libtalloc-devel-2.0.5-122.1.x86_64.rpm libtalloc2-2.0.5-122.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-122.1.x86_64.rpm libtdb-devel-1.2.9-122.1.x86_64.rpm libtdb1-1.2.9-122.1.x86_64.rpm libtdb1-debuginfo-1.2.9-122.1.x86_64.rpm libtevent-devel-0.9.11-122.1.x86_64.rpm libtevent0-0.9.11-122.1.x86_64.rpm libtevent0-debuginfo-0.9.11-122.1.x86_64.rpm libwbclient-devel-3.6.3-122.1.x86_64.rpm libwbclient0-3.6.3-122.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-122.1.x86_64.rpm samba-3.6.3-122.1.x86_64.rpm samba-client-3.6.3-122.1.x86_64.rpm samba-client-debuginfo-3.6.3-122.1.x86_64.rpm samba-debuginfo-3.6.3-122.1.x86_64.rpm samba-debugsource-3.6.3-122.1.x86_64.rpm samba-devel-3.6.3-122.1.x86_64.rpm samba-krb-printing-3.6.3-122.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-122.1.x86_64.rpm samba-winbind-3.6.3-122.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-122.1.x86_64.rpm 2013-89 moderate openSUSE Evergreen 11.4 This update of gpg2 fixes two security issues: * fix for CVE-2012-6085 (bnc#798465) * fix for bnc#780943 gpg2-2.0.16-10.1.i586.rpm gpg2-2.0.16-10.1.src.rpm gpg2-debuginfo-2.0.16-10.1.i586.rpm gpg2-debugsource-2.0.16-10.1.i586.rpm gpg2-lang-2.0.16-10.1.noarch.rpm gpg2-2.0.16-10.1.x86_64.rpm gpg2-debuginfo-2.0.16-10.1.x86_64.rpm gpg2-debugsource-2.0.16-10.1.x86_64.rpm 2013-91 low openSUSE Evergreen 11.4 Poppler was updated to fix displaying of some unicode characters. libpoppler-cpp0-0.14.4-9.1.i586.rpm libpoppler-cpp0-debuginfo-0.14.4-9.1.i586.rpm libpoppler-devel-0.14.4-9.1.i586.rpm libpoppler-doc-0.14.4-9.1.noarch.rpm libpoppler-glib-devel-0.14.4-9.1.i586.rpm libpoppler-glib5-0.14.4-9.1.i586.rpm libpoppler-glib5-debuginfo-0.14.4-9.1.i586.rpm libpoppler7-0.14.4-9.1.i586.rpm libpoppler7-debuginfo-0.14.4-9.1.i586.rpm poppler-0.14.4-9.1.src.rpm poppler-debugsource-0.14.4-9.1.i586.rpm poppler-tools-0.14.4-9.1.i586.rpm poppler-tools-debuginfo-0.14.4-9.1.i586.rpm libpoppler-cpp0-0.14.4-9.1.x86_64.rpm libpoppler-cpp0-debuginfo-0.14.4-9.1.x86_64.rpm libpoppler-devel-0.14.4-9.1.x86_64.rpm libpoppler-glib-devel-0.14.4-9.1.x86_64.rpm libpoppler-glib5-0.14.4-9.1.x86_64.rpm libpoppler-glib5-debuginfo-0.14.4-9.1.x86_64.rpm libpoppler7-0.14.4-9.1.x86_64.rpm libpoppler7-debuginfo-0.14.4-9.1.x86_64.rpm poppler-debugsource-0.14.4-9.1.x86_64.rpm poppler-tools-0.14.4-9.1.x86_64.rpm poppler-tools-debuginfo-0.14.4-9.1.x86_64.rpm 2013-94 low openSUSE Evergreen 11.4 This update fixes remote buffer overflow in the iSCSI target kernel-debug-3.0.74-40.1.i586.rpm True kernel-debug-3.0.74-40.1.nosrc.rpm True kernel-debug-base-3.0.74-40.1.i586.rpm True kernel-debug-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-debug-debuginfo-3.0.74-40.1.i586.rpm True kernel-debug-debugsource-3.0.74-40.1.i586.rpm True kernel-debug-devel-3.0.74-40.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-debug-hmac-3.0.74-40.1.i586.rpm True kernel-default-3.0.74-40.1.i586.rpm True kernel-default-3.0.74-40.1.nosrc.rpm True kernel-default-base-3.0.74-40.1.i586.rpm True kernel-default-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-default-debuginfo-3.0.74-40.1.i586.rpm True kernel-default-debugsource-3.0.74-40.1.i586.rpm True kernel-default-devel-3.0.74-40.1.i586.rpm True kernel-default-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-default-hmac-3.0.74-40.1.i586.rpm True kernel-desktop-3.0.74-40.1.i586.rpm True kernel-desktop-3.0.74-40.1.nosrc.rpm True kernel-desktop-base-3.0.74-40.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-desktop-debuginfo-3.0.74-40.1.i586.rpm True kernel-desktop-debugsource-3.0.74-40.1.i586.rpm True kernel-desktop-devel-3.0.74-40.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-desktop-hmac-3.0.74-40.1.i586.rpm True kernel-docs-3.0.74-40.3.noarch.rpm True kernel-docs-3.0.74-40.3.src.rpm True kernel-ec2-3.0.74-40.1.i586.rpm True kernel-ec2-3.0.74-40.1.nosrc.rpm True kernel-ec2-base-3.0.74-40.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-ec2-debuginfo-3.0.74-40.1.i586.rpm True kernel-ec2-debugsource-3.0.74-40.1.i586.rpm True kernel-ec2-devel-3.0.74-40.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-ec2-extra-3.0.74-40.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.74-40.1.i586.rpm True kernel-ec2-hmac-3.0.74-40.1.i586.rpm True kernel-pae-3.0.74-40.1.i586.rpm True kernel-pae-3.0.74-40.1.nosrc.rpm True kernel-pae-base-3.0.74-40.1.i586.rpm True kernel-pae-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-pae-debuginfo-3.0.74-40.1.i586.rpm True kernel-pae-debugsource-3.0.74-40.1.i586.rpm True kernel-pae-devel-3.0.74-40.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-pae-hmac-3.0.74-40.1.i586.rpm True kernel-source-3.0.74-40.1.i586.rpm True kernel-source-3.0.74-40.1.src.rpm True kernel-source-vanilla-3.0.74-40.1.i586.rpm True kernel-syms-3.0.74-40.1.i586.rpm True kernel-syms-3.0.74-40.1.src.rpm True kernel-trace-3.0.74-40.1.i586.rpm True kernel-trace-3.0.74-40.1.nosrc.rpm True kernel-trace-base-3.0.74-40.1.i586.rpm True kernel-trace-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-trace-debuginfo-3.0.74-40.1.i586.rpm True kernel-trace-debugsource-3.0.74-40.1.i586.rpm True kernel-trace-devel-3.0.74-40.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-trace-hmac-3.0.74-40.1.i586.rpm True kernel-vanilla-3.0.74-40.1.i586.rpm True kernel-vanilla-3.0.74-40.1.nosrc.rpm True kernel-vanilla-base-3.0.74-40.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-vanilla-debuginfo-3.0.74-40.1.i586.rpm True kernel-vanilla-debugsource-3.0.74-40.1.i586.rpm True kernel-vanilla-devel-3.0.74-40.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-vanilla-hmac-3.0.74-40.1.i586.rpm True kernel-vmi-3.0.74-40.1.i586.rpm True kernel-vmi-3.0.74-40.1.nosrc.rpm True kernel-vmi-base-3.0.74-40.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-vmi-debuginfo-3.0.74-40.1.i586.rpm True kernel-vmi-debugsource-3.0.74-40.1.i586.rpm True kernel-vmi-devel-3.0.74-40.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-vmi-hmac-3.0.74-40.1.i586.rpm True kernel-xen-3.0.74-40.1.i586.rpm True kernel-xen-3.0.74-40.1.nosrc.rpm True kernel-xen-base-3.0.74-40.1.i586.rpm True kernel-xen-base-debuginfo-3.0.74-40.1.i586.rpm True kernel-xen-debuginfo-3.0.74-40.1.i586.rpm True kernel-xen-debugsource-3.0.74-40.1.i586.rpm True kernel-xen-devel-3.0.74-40.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.74-40.1.i586.rpm True kernel-xen-hmac-3.0.74-40.1.i586.rpm True kernel-debug-3.0.74-40.1.x86_64.rpm True kernel-debug-base-3.0.74-40.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-debug-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-debug-debugsource-3.0.74-40.1.x86_64.rpm True kernel-debug-devel-3.0.74-40.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-debug-hmac-3.0.74-40.1.x86_64.rpm True kernel-default-3.0.74-40.1.x86_64.rpm True kernel-default-base-3.0.74-40.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-default-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-default-debugsource-3.0.74-40.1.x86_64.rpm True kernel-default-devel-3.0.74-40.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-default-hmac-3.0.74-40.1.x86_64.rpm True kernel-desktop-3.0.74-40.1.x86_64.rpm True kernel-desktop-base-3.0.74-40.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-desktop-debugsource-3.0.74-40.1.x86_64.rpm True kernel-desktop-devel-3.0.74-40.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-desktop-hmac-3.0.74-40.1.x86_64.rpm True kernel-ec2-3.0.74-40.1.x86_64.rpm True kernel-ec2-base-3.0.74-40.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-ec2-debugsource-3.0.74-40.1.x86_64.rpm True kernel-ec2-devel-3.0.74-40.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-ec2-extra-3.0.74-40.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-ec2-hmac-3.0.74-40.1.x86_64.rpm True kernel-source-3.0.74-40.1.x86_64.rpm True kernel-source-vanilla-3.0.74-40.1.x86_64.rpm True kernel-syms-3.0.74-40.1.x86_64.rpm True kernel-trace-3.0.74-40.1.x86_64.rpm True kernel-trace-base-3.0.74-40.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-trace-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-trace-debugsource-3.0.74-40.1.x86_64.rpm True kernel-trace-devel-3.0.74-40.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-trace-hmac-3.0.74-40.1.x86_64.rpm True kernel-vanilla-3.0.74-40.1.x86_64.rpm True kernel-vanilla-base-3.0.74-40.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.74-40.1.x86_64.rpm True kernel-vanilla-devel-3.0.74-40.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-vanilla-hmac-3.0.74-40.1.x86_64.rpm True kernel-xen-3.0.74-40.1.x86_64.rpm True kernel-xen-base-3.0.74-40.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-xen-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-xen-debugsource-3.0.74-40.1.x86_64.rpm True kernel-xen-devel-3.0.74-40.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.74-40.1.x86_64.rpm True kernel-xen-hmac-3.0.74-40.1.x86_64.rpm True 2013-95 moderate openSUSE Evergreen 11.4 bnc#813464: VUL-0: CVE-2013-1923: nfs-utils: rpc-gssd is vulnerable to DNS spoofing cve#CVE-2013-1923: nfs-client-1.2.3-11.30.1.i586.rpm nfs-client-debuginfo-1.2.3-11.30.1.i586.rpm nfs-doc-1.2.3-11.30.1.i586.rpm nfs-kernel-server-1.2.3-11.30.1.i586.rpm nfs-utils-1.2.3-11.30.1.src.rpm nfs-client-1.2.3-11.30.1.x86_64.rpm nfs-client-debuginfo-1.2.3-11.30.1.x86_64.rpm nfs-doc-1.2.3-11.30.1.x86_64.rpm nfs-kernel-server-1.2.3-11.30.1.x86_64.rpm 2013-96 moderate openSUSE Evergreen 11.4 This update of autotrace fixes a buffer overflow issue. - Fix stack-based buffer overflow in bmp parser (CVE-2013-1953.patch, bnc#815382, CVE-2013-1953). autotrace-0.31.1-629.1.i586.rpm autotrace-0.31.1-629.1.src.rpm autotrace-debuginfo-0.31.1-629.1.i586.rpm autotrace-debugsource-0.31.1-629.1.i586.rpm autotrace-devel-0.31.1-629.1.i586.rpm autotrace-0.31.1-629.1.x86_64.rpm autotrace-debuginfo-0.31.1-629.1.x86_64.rpm autotrace-debugsource-0.31.1-629.1.x86_64.rpm autotrace-devel-0.31.1-629.1.x86_64.rpm 2013-102 moderate openSUSE Evergreen 11.4 This update of subversion includes several security fixes. - Server-side bugfixes: * fix FSFS repository corruption due to newline in filename * fix svnserve exiting when a client connection is aborted - Other tool improvements and bugfixes: * fix argument processing in contrib hook scripts libsvn_auth_gnome_keyring-1-0-1.6.23-51.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.23-51.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.23-51.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.23-51.1.i586.rpm subversion-1.6.23-51.1.i586.rpm subversion-1.6.23-51.1.src.rpm subversion-debuginfo-1.6.23-51.1.i586.rpm subversion-debugsource-1.6.23-51.1.i586.rpm subversion-devel-1.6.23-51.1.i586.rpm subversion-perl-1.6.23-51.1.i586.rpm subversion-perl-debuginfo-1.6.23-51.1.i586.rpm subversion-python-1.6.23-51.1.i586.rpm subversion-python-debuginfo-1.6.23-51.1.i586.rpm subversion-ruby-1.6.23-51.1.i586.rpm subversion-ruby-debuginfo-1.6.23-51.1.i586.rpm subversion-server-1.6.23-51.1.i586.rpm subversion-server-debuginfo-1.6.23-51.1.i586.rpm subversion-tools-1.6.23-51.1.i586.rpm subversion-tools-debuginfo-1.6.23-51.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.23-51.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.23-51.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.23-51.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.23-51.1.x86_64.rpm subversion-1.6.23-51.1.x86_64.rpm subversion-debuginfo-1.6.23-51.1.x86_64.rpm subversion-debugsource-1.6.23-51.1.x86_64.rpm subversion-devel-1.6.23-51.1.x86_64.rpm subversion-perl-1.6.23-51.1.x86_64.rpm subversion-perl-debuginfo-1.6.23-51.1.x86_64.rpm subversion-python-1.6.23-51.1.x86_64.rpm subversion-python-debuginfo-1.6.23-51.1.x86_64.rpm subversion-ruby-1.6.23-51.1.x86_64.rpm subversion-ruby-debuginfo-1.6.23-51.1.x86_64.rpm subversion-server-1.6.23-51.1.x86_64.rpm subversion-server-debuginfo-1.6.23-51.1.x86_64.rpm subversion-tools-1.6.23-51.1.x86_64.rpm subversion-tools-debuginfo-1.6.23-51.1.x86_64.rpm 2013-97 moderate openSUSE Evergreen 11.4 This update of wireshark includes several security and bug fixes. - update to 1.8.8 [bnc#823932] + vulnerabilities fixed: * The CAPWAP dissector could crash. wnpa-sec-2013-32 * The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 * The PPP dissector could crash. wnpa-sec-2013-34 * The NBAP dissector could crash. wnpa-sec-2013-35 * The RDP dissector could crash. wnpa-sec-2013-36 * The GSM CBCH dissector could crash. wnpa-sec-2013-37 * The Assa Abloy R3 dissector could consume excessive memory and CPU. wnpa-sec-2013-38 * The HTTP dissector could overrun the stack. wnpa-sec-2013-39 * The Ixia IxVeriWave file parser could overflow the heap. wnpa-sec-2013-40 * The DCP ETSI dissector could crash. wnpa-sec-2013-41 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html wireshark-1.8.8-49.1.i586.rpm wireshark-1.8.8-49.1.src.rpm wireshark-debuginfo-1.8.8-49.1.i586.rpm wireshark-debugsource-1.8.8-49.1.i586.rpm wireshark-devel-1.8.8-49.1.i586.rpm wireshark-1.8.8-49.1.x86_64.rpm wireshark-debuginfo-1.8.8-49.1.x86_64.rpm wireshark-debugsource-1.8.8-49.1.x86_64.rpm wireshark-devel-1.8.8-49.1.x86_64.rpm 2013-93 moderate openSUSE Evergreen 11.4 This updates of Adobe Flash Player addresses current security problems. - Update to 11.2.202.291: (bnc#824512) * APSB13-16, CVE-2013-3343 flash-player-11.2.202.291-67.1.i586.rpm flash-player-11.2.202.291-67.1.nosrc.rpm flash-player-gnome-11.2.202.291-67.1.i586.rpm flash-player-kde4-11.2.202.291-67.1.i586.rpm flash-player-11.2.202.291-67.1.x86_64.rpm flash-player-gnome-11.2.202.291-67.1.x86_64.rpm flash-player-kde4-11.2.202.291-67.1.x86_64.rpm 2013-92 low openSUSE Evergreen 11.4 This update fixes the following issue with pam_ssh: - bnc#823484: restore credentials before exiting from pam sm open session pam_ssh-1.97-22.1.i586.rpm pam_ssh-1.97-22.1.src.rpm pam_ssh-32bit-1.97-22.1.x86_64.rpm pam_ssh-debuginfo-1.97-22.1.i586.rpm pam_ssh-debuginfo-32bit-1.97-22.1.x86_64.rpm pam_ssh-debuginfo-x86-1.97-22.1.ia64.rpm pam_ssh-debugsource-1.97-22.1.i586.rpm pam_ssh-x86-1.97-22.1.ia64.rpm pam_ssh-1.97-22.1.x86_64.rpm pam_ssh-debuginfo-1.97-22.1.x86_64.rpm pam_ssh-debugsource-1.97-22.1.x86_64.rpm 2013-98 moderate openSUSE Evergreen 11.4 This update of fail2ban fixes a security vulnerability. Changes in fail2ban: - Fixes: Yaroslav Halchenko * [6ccd5781] filter.d/apache-{auth,nohome,noscript,overflows} - anchor failregex at the beginning (and where applicable at the end). Addresses a possible DoS. Closes gh#fail2ban/fail2ban#248, CVE-2013-2178, bnc#824710 fail2ban-0.8.4-22.1.noarch.rpm fail2ban-0.8.4-22.1.src.rpm 2013-101 important openSUSE Evergreen 11.4 update to Firefox 22.0 and Thunderbird 17.0.7 including the following security fixes * MFSA 2013-49 Miscellaneous memory safety hazards * MFSA 2013-50 Memory corruption found using Address Sanitizer * MFSA 2013-51 Privileged content access and execution via XBL * MFSA 2013-52 Arbitrary code execution within Profiler * MFSA 2013-53 Execution of unmapped memory through onreadystatechange event * MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55 SVG filters can lead to information disclosure * MFSA 2013-56 PreserveWrapper has inconsistent behavior * MFSA 2013-57 Sandbox restrictions not applied to nested frame elements * MFSA 2013-58 X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context MozillaFirefox-22.0-79.1.i586.rpm MozillaFirefox-22.0-79.1.src.rpm MozillaFirefox-branding-upstream-22.0-79.1.i586.rpm MozillaFirefox-buildsymbols-22.0-79.1.i586.rpm MozillaFirefox-debuginfo-22.0-79.1.i586.rpm MozillaFirefox-debugsource-22.0-79.1.i586.rpm MozillaFirefox-devel-22.0-79.1.i586.rpm MozillaFirefox-translations-common-22.0-79.1.i586.rpm MozillaFirefox-translations-other-22.0-79.1.i586.rpm MozillaThunderbird-17.0.7-65.1.i586.rpm MozillaThunderbird-17.0.7-65.1.src.rpm MozillaThunderbird-buildsymbols-17.0.7-65.1.i586.rpm MozillaThunderbird-debuginfo-17.0.7-65.1.i586.rpm MozillaThunderbird-debugsource-17.0.7-65.1.i586.rpm MozillaThunderbird-devel-17.0.7-65.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.7-65.1.i586.rpm MozillaThunderbird-translations-common-17.0.7-65.1.i586.rpm MozillaThunderbird-translations-other-17.0.7-65.1.i586.rpm enigmail-1.5.1+17.0.7-65.1.i586.rpm enigmail-debuginfo-1.5.1+17.0.7-65.1.i586.rpm MozillaFirefox-22.0-79.1.x86_64.rpm MozillaFirefox-branding-upstream-22.0-79.1.x86_64.rpm MozillaFirefox-buildsymbols-22.0-79.1.x86_64.rpm MozillaFirefox-debuginfo-22.0-79.1.x86_64.rpm MozillaFirefox-debugsource-22.0-79.1.x86_64.rpm MozillaFirefox-devel-22.0-79.1.x86_64.rpm MozillaFirefox-translations-common-22.0-79.1.x86_64.rpm MozillaFirefox-translations-other-22.0-79.1.x86_64.rpm MozillaThunderbird-17.0.7-65.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.7-65.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0.7-65.1.x86_64.rpm MozillaThunderbird-debugsource-17.0.7-65.1.x86_64.rpm MozillaThunderbird-devel-17.0.7-65.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.7-65.1.x86_64.rpm MozillaThunderbird-translations-common-17.0.7-65.1.x86_64.rpm MozillaThunderbird-translations-other-17.0.7-65.1.x86_64.rpm enigmail-1.5.1+17.0.7-65.1.x86_64.rpm enigmail-debuginfo-1.5.1+17.0.7-65.1.x86_64.rpm 2013-109 important openSUSE Evergreen 11.4 The kernel was updated to Linux kernel 3.0.80, fixing various bugs and security issues. Following security issues were fixed: CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict keypresses like e.g. passwords. This has been fixed again by updating accessed/modified time on the pty devices in resolution of 8 seconds, so that idle time detection can still work. CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3223: The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3224: The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel did not properly initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3225: The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3227: The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3228: The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3229: The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3231: The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel did not initialize a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3232: The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3234: The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3235: net/tipc/socket.c in the Linux kernel did not initialize a certain data structure and a certain length variable, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. CVE-2013-3076: The crypto API in the Linux kernel did not initialize certain length variables, which allowed local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. CVE-2013-1979: The scm_set_cred function in include/net/scm.h in the Linux kernel used incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application. A kernel information leak via tkill/tgkill was fixed. Following bugs were fixed: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - libfc: do not exch_done() on invalid sequence ptr (bnc#810722). - netfilter: ip6t_LOG: fix logging of packet mark (bnc#821930). - hyperv: use 3.4 as LIC version string (bnc#822431). - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID (bnc#819655). - xen/netback: do not disconnect frontend when seeing oversize packet. - xen/netfront: reduce gso_max_size to account for max TCP header. - xen/netfront: fix kABI after "reduce gso_max_size to account for max TCP header". - xfs: Fix kABI due to change in xfs_buf (bnc#815356). - xfs: fix race while discarding buffers [V4] (bnc#815356 (comment 36)). - xfs: Serialize file-extending direct IO (bnc#818371). - xhci: Do not switch webcams in some HP ProBooks to XHCI (bnc#805804). - bluetooth: Do not switch BT on HP ProBook 4340 (bnc#812281). - s390/ftrace: fix mcount adjustment (bnc#809895). - mm: memory_dev_init make sure nmi watchdog does not trigger while registering memory sections (bnc#804609, bnc#820434). - patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid pathological backwards allocation (bnc#805945). - mm: compaction: Restart compaction from near where it left off - mm: compaction: cache if a pageblock was scanned and no pages were isolated - mm: compaction: clear PG_migrate_skip based on compaction and reclaim activity - mm: compaction: Scan PFN caching KABI workaround - mm: page_allocator: Remove first_pass guard - mm: vmscan: do not stall on writeback during memory compaction Cache compaction restart points for faster compaction cycles (bnc#816451) - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - SUNRPC: Get rid of the redundant xprt->shutdown bit field (bnc#800907). - SUNRPC: Ensure that we grab the XPRT_LOCK before calling xprt_alloc_slot (bnc#800907). - SUNRPC: Fix a UDP transport regression (bnc#800907). - SUNRPC: Allow caller of rpc_sleep_on() to select priority levels (bnc#800907). - SUNRPC: Replace xprt->resend and xprt->sending with a priority queue (bnc#800907). - SUNRPC: Fix potential races in xprt_lock_write_next() (bnc#800907). - md: cannot re-add disks after recovery (bnc#808647). - fs/xattr.c:getxattr(): improve handling of allocation failures (bnc#818053). - fs/xattr.c:listxattr(): fall back to vmalloc() if kmalloc() failed (bnc#818053). - fs/xattr.c:setxattr(): improve handling of allocation failures (bnc#818053). - fs/xattr.c: suppress page allocation failure warnings from sys_listxattr() (bnc#818053). - virtio-blk: Call revalidate_disk() upon online disk resize (bnc#817339). - usb-storage: CY7C68300A chips do not support Cypress ATACB (bnc#819295). - patches.kernel.org/patch-3.0.60-61: Update references (add bnc#810580). - usb: Using correct way to clear usb3.0 devices remote wakeup feature (bnc#818516). - xhci: Fix TD size for isochronous URBs (bnc#818514). - ALSA: hda - fixup D3 pin and right channel mute on Haswell HDMI audio (bnc#818798). - ALSA: hda - Apply pin-enablement workaround to all Haswell HDMI codecs (bnc#818798). - xfs: fallback to vmalloc for large buffers in xfs_attrmulti_attr_get (bnc#818053). - xfs: fallback to vmalloc for large buffers in xfs_attrlist_by_handle (bnc#818053). - xfs: xfs: fallback to vmalloc for large buffers in xfs_compat_attrlist_by_handle (bnc#818053). - xHCI: store rings type. - xhci: Fix hang on back-to-back Set TR Deq Ptr commands. - xHCI: check enqueue pointer advance into dequeue seg. - xHCI: store rings last segment and segment numbers. - xHCI: Allocate 2 segments for transfer ring. - xHCI: count free TRBs on transfer ring. - xHCI: factor out segments allocation and free function. - xHCI: update sg tablesize. - xHCI: set cycle state when allocate rings. - xhci: Reserve one command for USB3 LPM disable. - xHCI: dynamic ring expansion. - xhci: Do not warn on empty ring for suspended devices. - md/raid1: Do not release reference to device while handling read error (bnc#809122, bnc#814719). - rpm/mkspec: Stop generating the get_release_number.sh file. - rpm/kernel-spec-macros: Properly handle KOTD release numbers with .g<commit> suffix. - rpm/kernel-spec-macros: Drop the %release_num macro We no longer put the -rcX tag into the release string. - rpm/kernel-*.spec.in, rpm/mkspec: Do not force the "<RELEASE>" string in specfiles. - mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327). - mm: Fix add_page_wait_queue() to work for PG_Locked bit waiters (bnc#792584). - mm: Fix add_page_wait_queue() to work for PG_Locked bit waiters (bnc#792584). - bonding: only use primary address for ARP (bnc#815444). - bonding: remove entries for master_ip and vlan_ip and query devices instead (bnc#815444). - mm: speedup in __early_pfn_to_nid (bnc#810624). - TTY: fix atime/mtime regression (bnc#815745). - sd_dif: problem with verify of type 1 protection information (PI) (bnc#817010). - sched: harden rq rt usage accounting (bnc#769685, bnc#788590). - rcu: Avoid spurious RCU CPU stall warnings (bnc#816586). - rcu: Dump local stack if cannot dump all CPUs stacks (bnc#816586). - rcu: Fix detection of abruptly-ending stall (bnc#816586). - rcu: Suppress NMI backtraces when stall ends before dump (bnc#816586). - Update Xen patches to 3.0.74. - btrfs: do not re-enter when allocating a chunk. - btrfs: save us a read_lock. - btrfs: Check CAP_DAC_READ_SEARCH for BTRFS_IOC_INO_PATHS. - btrfs: remove unused fs_info from btrfs_decode_error(). - btrfs: handle null fs_info in btrfs_panic(). - btrfs: fix varargs in __btrfs_std_error. - btrfs: fix the race between bio and btrfs_stop_workers. - btrfs: fix NULL pointer after aborting a transaction. - btrfs: fix infinite loop when we abort on mount. - xfs: Do not allocate new buffers on every call to _xfs_buf_find (bnc#763968). - xfs: fix buffer lookup race on allocation failure (bnc#763968). kernel-debug-3.0.80-52.1.i586.rpm True kernel-debug-3.0.80-52.1.nosrc.rpm True kernel-debug-base-3.0.80-52.1.i586.rpm True kernel-debug-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-debug-debuginfo-3.0.80-52.1.i586.rpm True kernel-debug-debugsource-3.0.80-52.1.i586.rpm True kernel-debug-devel-3.0.80-52.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-debug-hmac-3.0.80-52.1.i586.rpm True kernel-default-3.0.80-52.1.i586.rpm True kernel-default-3.0.80-52.1.nosrc.rpm True kernel-default-base-3.0.80-52.1.i586.rpm True kernel-default-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-default-debuginfo-3.0.80-52.1.i586.rpm True kernel-default-debugsource-3.0.80-52.1.i586.rpm True kernel-default-devel-3.0.80-52.1.i586.rpm True kernel-default-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-default-hmac-3.0.80-52.1.i586.rpm True kernel-desktop-3.0.80-52.1.i586.rpm True kernel-desktop-3.0.80-52.1.nosrc.rpm True kernel-desktop-base-3.0.80-52.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-desktop-debuginfo-3.0.80-52.1.i586.rpm True kernel-desktop-debugsource-3.0.80-52.1.i586.rpm True kernel-desktop-devel-3.0.80-52.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-desktop-hmac-3.0.80-52.1.i586.rpm True kernel-docs-3.0.80-52.2.noarch.rpm True kernel-docs-3.0.80-52.2.src.rpm True kernel-ec2-3.0.80-52.1.i586.rpm True kernel-ec2-3.0.80-52.1.nosrc.rpm True kernel-ec2-base-3.0.80-52.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-ec2-debuginfo-3.0.80-52.1.i586.rpm True kernel-ec2-debugsource-3.0.80-52.1.i586.rpm True kernel-ec2-devel-3.0.80-52.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-ec2-extra-3.0.80-52.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.80-52.1.i586.rpm True kernel-ec2-hmac-3.0.80-52.1.i586.rpm True kernel-pae-3.0.80-52.1.i586.rpm True kernel-pae-3.0.80-52.1.nosrc.rpm True kernel-pae-base-3.0.80-52.1.i586.rpm True kernel-pae-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-pae-debuginfo-3.0.80-52.1.i586.rpm True kernel-pae-debugsource-3.0.80-52.1.i586.rpm True kernel-pae-devel-3.0.80-52.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-pae-hmac-3.0.80-52.1.i586.rpm True kernel-source-3.0.80-52.1.i586.rpm True kernel-source-3.0.80-52.1.src.rpm True kernel-source-vanilla-3.0.80-52.1.i586.rpm True kernel-syms-3.0.80-52.1.i586.rpm True kernel-syms-3.0.80-52.1.src.rpm True kernel-trace-3.0.80-52.1.i586.rpm True kernel-trace-3.0.80-52.1.nosrc.rpm True kernel-trace-base-3.0.80-52.1.i586.rpm True kernel-trace-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-trace-debuginfo-3.0.80-52.1.i586.rpm True kernel-trace-debugsource-3.0.80-52.1.i586.rpm True kernel-trace-devel-3.0.80-52.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-trace-hmac-3.0.80-52.1.i586.rpm True kernel-vanilla-3.0.80-52.1.i586.rpm True kernel-vanilla-3.0.80-52.1.nosrc.rpm True kernel-vanilla-base-3.0.80-52.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-vanilla-debuginfo-3.0.80-52.1.i586.rpm True kernel-vanilla-debugsource-3.0.80-52.1.i586.rpm True kernel-vanilla-devel-3.0.80-52.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-vanilla-hmac-3.0.80-52.1.i586.rpm True kernel-vmi-3.0.80-52.1.i586.rpm True kernel-vmi-3.0.80-52.1.nosrc.rpm True kernel-vmi-base-3.0.80-52.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-vmi-debuginfo-3.0.80-52.1.i586.rpm True kernel-vmi-debugsource-3.0.80-52.1.i586.rpm True kernel-vmi-devel-3.0.80-52.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-vmi-hmac-3.0.80-52.1.i586.rpm True kernel-xen-3.0.80-52.1.i586.rpm True kernel-xen-3.0.80-52.1.nosrc.rpm True kernel-xen-base-3.0.80-52.1.i586.rpm True kernel-xen-base-debuginfo-3.0.80-52.1.i586.rpm True kernel-xen-debuginfo-3.0.80-52.1.i586.rpm True kernel-xen-debugsource-3.0.80-52.1.i586.rpm True kernel-xen-devel-3.0.80-52.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.80-52.1.i586.rpm True kernel-xen-hmac-3.0.80-52.1.i586.rpm True preload-1.2-6.35.1.i586.rpm True preload-1.2-6.35.1.src.rpm True preload-debuginfo-1.2-6.35.1.i586.rpm True preload-debugsource-1.2-6.35.1.i586.rpm True preload-kmp-default-1.2_3.0.80_52-6.35.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.80_52-6.35.1.i586.rpm True preload-kmp-desktop-1.2_3.0.80_52-6.35.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.80_52-6.35.1.i586.rpm True kernel-debug-3.0.80-52.1.x86_64.rpm True kernel-debug-base-3.0.80-52.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-debug-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-debug-debugsource-3.0.80-52.1.x86_64.rpm True kernel-debug-devel-3.0.80-52.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-debug-hmac-3.0.80-52.1.x86_64.rpm True kernel-default-3.0.80-52.1.x86_64.rpm True kernel-default-base-3.0.80-52.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-default-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-default-debugsource-3.0.80-52.1.x86_64.rpm True kernel-default-devel-3.0.80-52.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-default-hmac-3.0.80-52.1.x86_64.rpm True kernel-desktop-3.0.80-52.1.x86_64.rpm True kernel-desktop-base-3.0.80-52.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-desktop-debugsource-3.0.80-52.1.x86_64.rpm True kernel-desktop-devel-3.0.80-52.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-desktop-hmac-3.0.80-52.1.x86_64.rpm True kernel-ec2-3.0.80-52.1.x86_64.rpm True kernel-ec2-base-3.0.80-52.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-ec2-debugsource-3.0.80-52.1.x86_64.rpm True kernel-ec2-devel-3.0.80-52.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-ec2-extra-3.0.80-52.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-ec2-hmac-3.0.80-52.1.x86_64.rpm True kernel-source-3.0.80-52.1.x86_64.rpm True kernel-source-vanilla-3.0.80-52.1.x86_64.rpm True kernel-syms-3.0.80-52.1.x86_64.rpm True kernel-trace-3.0.80-52.1.x86_64.rpm True kernel-trace-base-3.0.80-52.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-trace-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-trace-debugsource-3.0.80-52.1.x86_64.rpm True kernel-trace-devel-3.0.80-52.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-trace-hmac-3.0.80-52.1.x86_64.rpm True kernel-vanilla-3.0.80-52.1.x86_64.rpm True kernel-vanilla-base-3.0.80-52.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.80-52.1.x86_64.rpm True kernel-vanilla-devel-3.0.80-52.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-vanilla-hmac-3.0.80-52.1.x86_64.rpm True kernel-xen-3.0.80-52.1.x86_64.rpm True kernel-xen-base-3.0.80-52.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-xen-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-xen-debugsource-3.0.80-52.1.x86_64.rpm True kernel-xen-devel-3.0.80-52.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.80-52.1.x86_64.rpm True kernel-xen-hmac-3.0.80-52.1.x86_64.rpm True preload-1.2-6.35.1.x86_64.rpm True preload-debuginfo-1.2-6.35.1.x86_64.rpm True preload-debugsource-1.2-6.35.1.x86_64.rpm True preload-kmp-default-1.2_3.0.80_52-6.35.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.80_52-6.35.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.80_52-6.35.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.80_52-6.35.1.x86_64.rpm True 2013-99 moderate openSUSE Evergreen 11.4 This update fixes a kpasswd UDP ping-pong security bug (CVE-2002-2443) krb5-1.8.3-63.1.i586.rpm krb5-1.8.3-63.1.src.rpm krb5-32bit-1.8.3-63.1.x86_64.rpm krb5-client-1.8.3-63.1.i586.rpm krb5-client-debuginfo-1.8.3-63.1.i586.rpm krb5-debuginfo-1.8.3-63.1.i586.rpm krb5-debuginfo-32bit-1.8.3-63.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-63.1.ia64.rpm krb5-debugsource-1.8.3-63.1.i586.rpm krb5-devel-1.8.3-63.1.i586.rpm krb5-devel-32bit-1.8.3-63.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-63.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-63.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-63.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-63.1.i586.rpm krb5-server-1.8.3-63.1.i586.rpm krb5-server-debuginfo-1.8.3-63.1.i586.rpm krb5-x86-1.8.3-63.1.ia64.rpm krb5-1.8.3-63.1.x86_64.rpm krb5-client-1.8.3-63.1.x86_64.rpm krb5-client-debuginfo-1.8.3-63.1.x86_64.rpm krb5-debuginfo-1.8.3-63.1.x86_64.rpm krb5-debugsource-1.8.3-63.1.x86_64.rpm krb5-devel-1.8.3-63.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-63.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-63.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-63.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-63.1.x86_64.rpm krb5-server-1.8.3-63.1.x86_64.rpm krb5-server-debuginfo-1.8.3-63.1.x86_64.rpm 2013-100 moderate openSUSE Evergreen 11.4 This update fixes a curl security vulnerability which may lead to heap corruption. curl-7.21.2-33.1.i586.rpm curl-7.21.2-33.1.src.rpm curl-debuginfo-7.21.2-33.1.i586.rpm libcurl-devel-7.21.2-33.1.i586.rpm libcurl4-32bit-7.21.2-33.1.x86_64.rpm libcurl4-7.21.2-33.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-33.1.x86_64.rpm libcurl4-debuginfo-7.21.2-33.1.i586.rpm libcurl4-debuginfo-x86-7.21.2-33.1.ia64.rpm libcurl4-x86-7.21.2-33.1.ia64.rpm curl-7.21.2-33.1.x86_64.rpm curl-debuginfo-7.21.2-33.1.x86_64.rpm libcurl-devel-7.21.2-33.1.x86_64.rpm libcurl4-7.21.2-33.1.x86_64.rpm 2013-104 moderate openSUSE Evergreen 11.4 This nagios update fixes a authorization problem inside host/service views. - added nagios-CVE-2013-2214.patch fixing unauthorized host/service views displayed in servicegroup view (bnc#827020) nagios-3.2.3-3.26.1.i586.rpm nagios-3.2.3-3.26.1.src.rpm nagios-debuginfo-3.2.3-3.26.1.i586.rpm nagios-debugsource-3.2.3-3.26.1.i586.rpm nagios-devel-3.2.3-3.26.1.i586.rpm nagios-www-3.2.3-3.26.1.i586.rpm nagios-3.2.3-3.26.1.x86_64.rpm nagios-debuginfo-3.2.3-3.26.1.x86_64.rpm nagios-debugsource-3.2.3-3.26.1.x86_64.rpm nagios-devel-3.2.3-3.26.1.x86_64.rpm nagios-www-3.2.3-3.26.1.x86_64.rpm 2013-103 moderate openSUSE Evergreen 11.4 This python-bugzilla update fixes a SSL verification issue. - CVE-2013-2191 (bnc#825876) - validate SSL certificates and hostnames python-bugzilla-0.6.2-13.1.noarch.rpm python-bugzilla-0.6.2-13.1.src.rpm 2013-105 important openSUSE Evergreen 11.4 Seamonkey was updated to version 2.19 * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code execution within Profiler * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox restrictions not applied to nested frame elements * MFSA 2013-58/CVE-2013-1696 (bmo#761667) X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context * MFSA 2013-60/CVE-2013-1698 (bmo#876044) seamonkey-2.19-69.1.i586.rpm seamonkey-2.19-69.1.src.rpm seamonkey-debuginfo-2.19-69.1.i586.rpm seamonkey-debugsource-2.19-69.1.i586.rpm seamonkey-dom-inspector-2.19-69.1.i586.rpm seamonkey-irc-2.19-69.1.i586.rpm seamonkey-translations-common-2.19-69.1.i586.rpm seamonkey-translations-other-2.19-69.1.i586.rpm seamonkey-venkman-2.19-69.1.i586.rpm seamonkey-2.19-69.1.x86_64.rpm seamonkey-debuginfo-2.19-69.1.x86_64.rpm seamonkey-debugsource-2.19-69.1.x86_64.rpm seamonkey-dom-inspector-2.19-69.1.x86_64.rpm seamonkey-irc-2.19-69.1.x86_64.rpm seamonkey-translations-common-2.19-69.1.x86_64.rpm seamonkey-translations-other-2.19-69.1.x86_64.rpm seamonkey-venkman-2.19-69.1.x86_64.rpm 2013-106 moderate openSUSE Evergreen 11.4 This xorg-x11-server update fixes a DoS vulnerability and adds randr support. - U_os-Reset-input-buffer-s-ignoreBytes-field.patch * If a client sends a request larger than maxBigRequestSize, the server is supposed to ignore it. Before commit cf88363d, the server would simply disconnect the client. After that commit, it attempts to gracefully ignore the request by remembering how long the client specified the request to be, and ignoring that many bytes. However, if a client sends a BigReq header with a large size and disconnects before actually sending the rest of the specified request, the server will reuse the ConnectionInput buffer without resetting the ignoreBytes field. This makes the server ignore new X clients' requests. This fixes that behavior by resetting the ignoreBytes field when putting the ConnectionInput buffer back on the FreeInputs list. (bnc#815583) - u_xserver_xvfb-randr.patch * Add randr support to Xvfb (bnc#823410) xorg-x11-Xvnc-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.40.1.src.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.40.1.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.40.1.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.40.1.x86_64.rpm 2013-107 moderate openSUSE Evergreen 11.4 was updated to fix SSL hostname certification (CVE-2013-4073) (bnc#827265). https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89 ruby-1.8.7.p357-0.36.1.i586.rpm ruby-1.8.7.p357-0.36.1.src.rpm ruby-debuginfo-1.8.7.p357-0.36.1.i586.rpm ruby-debugsource-1.8.7.p357-0.36.1.i586.rpm ruby-devel-1.8.7.p357-0.36.1.i586.rpm ruby-doc-html-1.8.7.p357-0.36.1.noarch.rpm ruby-doc-ri-1.8.7.p357-0.36.1.noarch.rpm ruby-examples-1.8.7.p357-0.36.1.i586.rpm ruby-test-suite-1.8.7.p357-0.36.1.i586.rpm ruby-tk-1.8.7.p357-0.36.1.i586.rpm ruby-tk-debuginfo-1.8.7.p357-0.36.1.i586.rpm ruby-1.8.7.p357-0.36.1.x86_64.rpm ruby-debuginfo-1.8.7.p357-0.36.1.x86_64.rpm ruby-debugsource-1.8.7.p357-0.36.1.x86_64.rpm ruby-devel-1.8.7.p357-0.36.1.x86_64.rpm ruby-examples-1.8.7.p357-0.36.1.x86_64.rpm ruby-test-suite-1.8.7.p357-0.36.1.x86_64.rpm ruby-tk-1.8.7.p357-0.36.1.x86_64.rpm ruby-tk-debuginfo-1.8.7.p357-0.36.1.x86_64.rpm 2013-110 important openSUSE Evergreen 11.4 This update fixes APSB13-17, several security problems in the Adobe Flash Player: CVE-2013-3344, CVE-2013-3345, CVE-2013-3347 flash-player-11.2.202.297-71.1.i586.rpm flash-player-11.2.202.297-71.1.nosrc.rpm flash-player-gnome-11.2.202.297-71.1.i586.rpm flash-player-kde4-11.2.202.297-71.1.i586.rpm flash-player-11.2.202.297-71.1.x86_64.rpm flash-player-gnome-11.2.202.297-71.1.x86_64.rpm flash-player-kde4-11.2.202.297-71.1.x86_64.rpm 2013-112 low openSUSE Evergreen 11.4 - re-add coreutils-cp-al-symlink-timestamp.patch, see bnc#696389, the patch was accidentally reverted in openSUSE:11.4:Update/coreutils rev. 13 coreutils-8.9-27.1.i586.rpm coreutils-8.9-27.1.src.rpm coreutils-debuginfo-8.9-27.1.i586.rpm coreutils-debuginfo-x86-8.9-27.1.ia64.rpm coreutils-debugsource-8.9-27.1.i586.rpm coreutils-lang-8.9-27.1.noarch.rpm coreutils-x86-8.9-27.1.ia64.rpm coreutils-8.9-27.1.x86_64.rpm coreutils-debuginfo-8.9-27.1.x86_64.rpm coreutils-debugsource-8.9-27.1.x86_64.rpm 2013-108 moderate openSUSE Evergreen 11.4 perl-Module-Signature was updated to 0.73, fixing bugs and security issues: Security fix for code execution in signature checking: * fix for bnc#828010 (CVE-2013-2145) * Properly redo the previous fix using File::Spec->file_name_is_absolute. - [Changes for 0.72 - Wed Jun 5 23:19:02 CST 2013] * Only allow loading Digest::* from absolute paths in @INC, by ensuring they begin with \ or / characters. Contributed by: Florian Weimer (CVE-2013-2145) - [Changes for 0.71 - Tue Jun 4 18:24:10 CST 2013] * Constrain the user-specified digest name to /^\w+\d+$/. * Avoid loading Digest::* from relative paths in @INC. Contributed by: Florian Weimer (CVE-2013-2145) - [Changes for 0.70 - Thu Nov 29 01:45:54 CST 2012] * Don't check gpg version if gpg does not exist. This avoids unnecessary warnings during installation when gpg executable is not installed. Contributed by: Kenichi Ishigaki - [Changes for 0.69 - Fri Nov 2 23:04:19 CST 2012] * Support for gpg under these alternate names: gpg gpg2 gnupg gnupg2 Contributed by: Michael Schwern - [Changes for 0.68 - Wed Dec 14 12:14:47 UTC 2011] * Fix breakage introduced by 0.67 (Andreas König). * Better handling of \r (Andreas König, Zefram) perl-Module-Signature-0.73-9.1.noarch.rpm perl-Module-Signature-0.73-9.1.src.rpm 2013-111 moderate openSUSE Evergreen 11.4 The timezone data was updated to 2013d, containing updates for Morocco, Israel, Australia. timezone-java-2013d-22.1.noarch.rpm timezone-java-2013d-22.1.src.rpm timezone-2013d-22.1.i586.rpm timezone-2013d-22.1.src.rpm timezone-debuginfo-2013d-22.1.i586.rpm timezone-debugsource-2013d-22.1.i586.rpm timezone-2013d-22.1.x86_64.rpm timezone-debuginfo-2013d-22.1.x86_64.rpm timezone-debugsource-2013d-22.1.x86_64.rpm 2013-113 moderate openSUSE Evergreen 11.4 These releases update our OpenJDK 6 support to include the latest security updates. The security fixes are as follows: * S6741606, CVE-2013-2407: Integrate Apache Santuario * S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls * S7170730, CVE-2013-2451: Improve Windows network stack support. * S8000638, CVE-2013-2450: Improve deserialization * S8000642, CVE-2013-2446: Better handling of objects for transportation * S8001032: Restrict object access * S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers * S8001034, CVE-2013-1500: Memory management improvements * S8001038, CVE-2013-2444: Resourcefully handle resources * S8001043: Clarify definition restrictions * S8001309: Better handling of annotation interfaces * S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost * S8001330, CVE-2013-2443: Improve on checking order * S8003703, CVE-2013-2412: Update RMI connection dialog box * S8004584: Augment applet contextualization * S8005007: Better glyph processing * S8006328, CVE-2013-2448: Improve robustness of sound classes * S8006611: Improve scripting * S8007467: Improve robustness of JMX internal APIs * S8007471: Improve MBean notifications * S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes * S8008120, CVE-2013-2457: Improve JMX class checking * S8008124, CVE-2013-2453: Better compliance testing * S8008128: Better API coherence for JMX * S8008132, CVE-2013-2456: Better serialization support * S8008585: Better JMX data handling * S8008593: Better URLClassLoader resource management * S8008603: Improve provision of JMX providers * S8008611: Better handling of annotations in JMX * S8008615: Improve robustness of JMX internal APIs * S8008623: Better handling of MBeanServers * S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606 * S8008982: Adjust JMX for underlying interface changes * S8009004: Better implementation of RMI connections * S8009013: Better handling of T2K glyphs * S8009034: Improve resulting notifications in JMX * S8009038: Improve JMX notification support * S8009067: Improve storing keys in KeyStore * S8009071, CVE-2013-2459: Improve shape handling * S8009235: Improve handling of TSA data * S8011243, CVE-2013-2470: Improve ImagingLib * S8011248, CVE-2013-2471: Better Component Rasters * S8011253, CVE-2013-2472: Better Short Component Rasters * S8011257, CVE-2013-2473: Better Byte Component Rasters * S8012375, CVE-2013-1571: Improve Javadoc framing * S8012421: Better positioning of PairPositioning * S8012438, CVE-2013-2463: Better image validation * S8012597, CVE-2013-2465: Better image channel verification * S8012601, CVE-2013-2469: Better validation of image layouts * S8014281, CVE-2013-2461: Better checking of XML signature * S8015997: Additional improvement in Javadoc framing java-1_6_0-openjdk-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.6-41.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.6-41.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.6-41.1.x86_64.rpm 2013-115 moderate openSUSE Evergreen 11.4 python-django was updated to 1.4.5 to fix various security issues and bugs. Update to 1.4.5: - Security release. - Fix bnc#807175 / bnc#787521 / CVE-2012-4520 / CVE-2013-0305 / CVE-2013-0306 and CVE-2013-1665. python-django-1.4.5-9.1.noarch.rpm python-django-1.4.5-9.1.src.rpm 2013-116 moderate openSUSE Evergreen 11.4 - fixing the following security issues: * CVE-2013-4635.patch (bnc#828020): - Integer overflow in the SdnToJewish * CVE-2013-1635.patch and CVE-2013-1643.patch (bnc#807707): - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir * CVE-2013-4113.patch (bnc#829207): - heap corruption due to badly formed xml apache2-mod_php5-5.3.5-355.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-355.1.i586.rpm php5-5.3.5-355.1.i586.rpm php5-5.3.5-355.1.src.rpm php5-bcmath-5.3.5-355.1.i586.rpm php5-bcmath-debuginfo-5.3.5-355.1.i586.rpm php5-bz2-5.3.5-355.1.i586.rpm php5-bz2-debuginfo-5.3.5-355.1.i586.rpm php5-calendar-5.3.5-355.1.i586.rpm php5-calendar-debuginfo-5.3.5-355.1.i586.rpm php5-ctype-5.3.5-355.1.i586.rpm php5-ctype-debuginfo-5.3.5-355.1.i586.rpm php5-curl-5.3.5-355.1.i586.rpm php5-curl-debuginfo-5.3.5-355.1.i586.rpm php5-dba-5.3.5-355.1.i586.rpm php5-dba-debuginfo-5.3.5-355.1.i586.rpm php5-debuginfo-5.3.5-355.1.i586.rpm php5-debugsource-5.3.5-355.1.i586.rpm php5-devel-5.3.5-355.1.i586.rpm php5-dom-5.3.5-355.1.i586.rpm php5-dom-debuginfo-5.3.5-355.1.i586.rpm php5-enchant-5.3.5-355.1.i586.rpm php5-enchant-debuginfo-5.3.5-355.1.i586.rpm php5-exif-5.3.5-355.1.i586.rpm php5-exif-debuginfo-5.3.5-355.1.i586.rpm php5-fastcgi-5.3.5-355.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-355.1.i586.rpm php5-fileinfo-5.3.5-355.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-355.1.i586.rpm php5-fpm-5.3.5-355.1.i586.rpm php5-fpm-debuginfo-5.3.5-355.1.i586.rpm php5-ftp-5.3.5-355.1.i586.rpm php5-ftp-debuginfo-5.3.5-355.1.i586.rpm php5-gd-5.3.5-355.1.i586.rpm php5-gd-debuginfo-5.3.5-355.1.i586.rpm php5-gettext-5.3.5-355.1.i586.rpm php5-gettext-debuginfo-5.3.5-355.1.i586.rpm php5-gmp-5.3.5-355.1.i586.rpm php5-gmp-debuginfo-5.3.5-355.1.i586.rpm php5-hash-5.3.5-355.1.i586.rpm php5-hash-debuginfo-5.3.5-355.1.i586.rpm php5-iconv-5.3.5-355.1.i586.rpm php5-iconv-debuginfo-5.3.5-355.1.i586.rpm php5-imap-5.3.5-355.1.i586.rpm php5-imap-debuginfo-5.3.5-355.1.i586.rpm php5-intl-5.3.5-355.1.i586.rpm php5-intl-debuginfo-5.3.5-355.1.i586.rpm php5-json-5.3.5-355.1.i586.rpm php5-json-debuginfo-5.3.5-355.1.i586.rpm php5-ldap-5.3.5-355.1.i586.rpm php5-ldap-debuginfo-5.3.5-355.1.i586.rpm php5-mbstring-5.3.5-355.1.i586.rpm php5-mbstring-debuginfo-5.3.5-355.1.i586.rpm php5-mcrypt-5.3.5-355.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-355.1.i586.rpm php5-mysql-5.3.5-355.1.i586.rpm php5-mysql-debuginfo-5.3.5-355.1.i586.rpm php5-odbc-5.3.5-355.1.i586.rpm php5-odbc-debuginfo-5.3.5-355.1.i586.rpm php5-openssl-5.3.5-355.1.i586.rpm php5-openssl-debuginfo-5.3.5-355.1.i586.rpm php5-pcntl-5.3.5-355.1.i586.rpm php5-pcntl-debuginfo-5.3.5-355.1.i586.rpm php5-pdo-5.3.5-355.1.i586.rpm php5-pdo-debuginfo-5.3.5-355.1.i586.rpm php5-pear-5.3.5-355.1.noarch.rpm php5-pgsql-5.3.5-355.1.i586.rpm php5-pgsql-debuginfo-5.3.5-355.1.i586.rpm php5-phar-5.3.5-355.1.i586.rpm php5-phar-debuginfo-5.3.5-355.1.i586.rpm php5-posix-5.3.5-355.1.i586.rpm php5-posix-debuginfo-5.3.5-355.1.i586.rpm php5-pspell-5.3.5-355.1.i586.rpm php5-pspell-debuginfo-5.3.5-355.1.i586.rpm php5-readline-5.3.5-355.1.i586.rpm php5-readline-debuginfo-5.3.5-355.1.i586.rpm php5-shmop-5.3.5-355.1.i586.rpm php5-shmop-debuginfo-5.3.5-355.1.i586.rpm php5-snmp-5.3.5-355.1.i586.rpm php5-snmp-debuginfo-5.3.5-355.1.i586.rpm php5-soap-5.3.5-355.1.i586.rpm php5-soap-debuginfo-5.3.5-355.1.i586.rpm php5-sockets-5.3.5-355.1.i586.rpm php5-sockets-debuginfo-5.3.5-355.1.i586.rpm php5-sqlite-5.3.5-355.1.i586.rpm php5-sqlite-debuginfo-5.3.5-355.1.i586.rpm php5-suhosin-5.3.5-355.1.i586.rpm php5-suhosin-debuginfo-5.3.5-355.1.i586.rpm php5-sysvmsg-5.3.5-355.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-355.1.i586.rpm php5-sysvsem-5.3.5-355.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-355.1.i586.rpm php5-sysvshm-5.3.5-355.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-355.1.i586.rpm php5-tidy-5.3.5-355.1.i586.rpm php5-tidy-debuginfo-5.3.5-355.1.i586.rpm php5-tokenizer-5.3.5-355.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-355.1.i586.rpm php5-wddx-5.3.5-355.1.i586.rpm php5-wddx-debuginfo-5.3.5-355.1.i586.rpm php5-xmlreader-5.3.5-355.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-355.1.i586.rpm php5-xmlrpc-5.3.5-355.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-355.1.i586.rpm php5-xmlwriter-5.3.5-355.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-355.1.i586.rpm php5-xsl-5.3.5-355.1.i586.rpm php5-xsl-debuginfo-5.3.5-355.1.i586.rpm php5-zip-5.3.5-355.1.i586.rpm php5-zip-debuginfo-5.3.5-355.1.i586.rpm php5-zlib-5.3.5-355.1.i586.rpm php5-zlib-debuginfo-5.3.5-355.1.i586.rpm apache2-mod_php5-5.3.5-355.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-355.1.x86_64.rpm php5-5.3.5-355.1.x86_64.rpm php5-bcmath-5.3.5-355.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-355.1.x86_64.rpm php5-bz2-5.3.5-355.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-355.1.x86_64.rpm php5-calendar-5.3.5-355.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-355.1.x86_64.rpm php5-ctype-5.3.5-355.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-355.1.x86_64.rpm php5-curl-5.3.5-355.1.x86_64.rpm php5-curl-debuginfo-5.3.5-355.1.x86_64.rpm php5-dba-5.3.5-355.1.x86_64.rpm php5-dba-debuginfo-5.3.5-355.1.x86_64.rpm php5-debuginfo-5.3.5-355.1.x86_64.rpm php5-debugsource-5.3.5-355.1.x86_64.rpm php5-devel-5.3.5-355.1.x86_64.rpm php5-dom-5.3.5-355.1.x86_64.rpm php5-dom-debuginfo-5.3.5-355.1.x86_64.rpm php5-enchant-5.3.5-355.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-355.1.x86_64.rpm php5-exif-5.3.5-355.1.x86_64.rpm php5-exif-debuginfo-5.3.5-355.1.x86_64.rpm php5-fastcgi-5.3.5-355.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-355.1.x86_64.rpm php5-fileinfo-5.3.5-355.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-355.1.x86_64.rpm php5-fpm-5.3.5-355.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-355.1.x86_64.rpm php5-ftp-5.3.5-355.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-355.1.x86_64.rpm php5-gd-5.3.5-355.1.x86_64.rpm php5-gd-debuginfo-5.3.5-355.1.x86_64.rpm php5-gettext-5.3.5-355.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-355.1.x86_64.rpm php5-gmp-5.3.5-355.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-355.1.x86_64.rpm php5-hash-5.3.5-355.1.x86_64.rpm php5-hash-debuginfo-5.3.5-355.1.x86_64.rpm php5-iconv-5.3.5-355.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-355.1.x86_64.rpm php5-imap-5.3.5-355.1.x86_64.rpm php5-imap-debuginfo-5.3.5-355.1.x86_64.rpm php5-intl-5.3.5-355.1.x86_64.rpm php5-intl-debuginfo-5.3.5-355.1.x86_64.rpm php5-json-5.3.5-355.1.x86_64.rpm php5-json-debuginfo-5.3.5-355.1.x86_64.rpm php5-ldap-5.3.5-355.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-355.1.x86_64.rpm php5-mbstring-5.3.5-355.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-355.1.x86_64.rpm php5-mcrypt-5.3.5-355.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-355.1.x86_64.rpm php5-mysql-5.3.5-355.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-355.1.x86_64.rpm php5-odbc-5.3.5-355.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-355.1.x86_64.rpm php5-openssl-5.3.5-355.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-355.1.x86_64.rpm php5-pcntl-5.3.5-355.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-355.1.x86_64.rpm php5-pdo-5.3.5-355.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-355.1.x86_64.rpm php5-pgsql-5.3.5-355.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-355.1.x86_64.rpm php5-phar-5.3.5-355.1.x86_64.rpm php5-phar-debuginfo-5.3.5-355.1.x86_64.rpm php5-posix-5.3.5-355.1.x86_64.rpm php5-posix-debuginfo-5.3.5-355.1.x86_64.rpm php5-pspell-5.3.5-355.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-355.1.x86_64.rpm php5-readline-5.3.5-355.1.x86_64.rpm php5-readline-debuginfo-5.3.5-355.1.x86_64.rpm php5-shmop-5.3.5-355.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-355.1.x86_64.rpm php5-snmp-5.3.5-355.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-355.1.x86_64.rpm php5-soap-5.3.5-355.1.x86_64.rpm php5-soap-debuginfo-5.3.5-355.1.x86_64.rpm php5-sockets-5.3.5-355.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-355.1.x86_64.rpm php5-sqlite-5.3.5-355.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-355.1.x86_64.rpm php5-suhosin-5.3.5-355.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-355.1.x86_64.rpm php5-sysvmsg-5.3.5-355.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-355.1.x86_64.rpm php5-sysvsem-5.3.5-355.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-355.1.x86_64.rpm php5-sysvshm-5.3.5-355.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-355.1.x86_64.rpm php5-tidy-5.3.5-355.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-355.1.x86_64.rpm php5-tokenizer-5.3.5-355.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-355.1.x86_64.rpm php5-wddx-5.3.5-355.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-355.1.x86_64.rpm php5-xmlreader-5.3.5-355.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-355.1.x86_64.rpm php5-xmlrpc-5.3.5-355.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-355.1.x86_64.rpm php5-xmlwriter-5.3.5-355.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-355.1.x86_64.rpm php5-xsl-5.3.5-355.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-355.1.x86_64.rpm php5-zip-5.3.5-355.1.x86_64.rpm php5-zip-debuginfo-5.3.5-355.1.x86_64.rpm php5-zlib-5.3.5-355.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-355.1.x86_64.rpm 2012-9 important openSUSE Evergreen 11.4 - added weechat-fix-hook_process-shell-injection.patch which fixes a shell injection vulnerability in the hook_process function (bnc#790217, CVE-2012-5534) - added weechat-fix-buffer-overflow-in-irc-color-decoding.patch which fixes a heap-based overflow when decoding IRC colors in strings (bnc#789146, CVE-2012-5854) weechat-0.3.3-7.1.i586.rpm weechat-0.3.3-7.1.src.rpm weechat-aspell-0.3.3-7.1.i586.rpm weechat-aspell-debuginfo-0.3.3-7.1.i586.rpm weechat-debuginfo-0.3.3-7.1.i586.rpm weechat-debugsource-0.3.3-7.1.i586.rpm weechat-devel-0.3.3-7.1.i586.rpm weechat-lang-0.3.3-7.1.noarch.rpm weechat-lua-0.3.3-7.1.i586.rpm weechat-lua-debuginfo-0.3.3-7.1.i586.rpm weechat-perl-0.3.3-7.1.i586.rpm weechat-perl-debuginfo-0.3.3-7.1.i586.rpm weechat-python-0.3.3-7.1.i586.rpm weechat-python-debuginfo-0.3.3-7.1.i586.rpm weechat-ruby-0.3.3-7.1.i586.rpm weechat-ruby-debuginfo-0.3.3-7.1.i586.rpm weechat-tcl-0.3.3-7.1.i586.rpm weechat-tcl-debuginfo-0.3.3-7.1.i586.rpm weechat-0.3.3-7.1.x86_64.rpm weechat-aspell-0.3.3-7.1.x86_64.rpm weechat-aspell-debuginfo-0.3.3-7.1.x86_64.rpm weechat-debuginfo-0.3.3-7.1.x86_64.rpm weechat-debugsource-0.3.3-7.1.x86_64.rpm weechat-devel-0.3.3-7.1.x86_64.rpm weechat-lua-0.3.3-7.1.x86_64.rpm weechat-lua-debuginfo-0.3.3-7.1.x86_64.rpm weechat-perl-0.3.3-7.1.x86_64.rpm weechat-perl-debuginfo-0.3.3-7.1.x86_64.rpm weechat-python-0.3.3-7.1.x86_64.rpm weechat-python-debuginfo-0.3.3-7.1.x86_64.rpm weechat-ruby-0.3.3-7.1.x86_64.rpm weechat-ruby-debuginfo-0.3.3-7.1.x86_64.rpm weechat-tcl-0.3.3-7.1.x86_64.rpm weechat-tcl-debuginfo-0.3.3-7.1.x86_64.rpm 2013-114 moderate openSUSE Evergreen 11.4 Libxml2 was updated to fix buffer overread problems which could lead to crashes (out of bounds read). (CVE-2013-2877) libxml2-2.7.8-45.1.i586.rpm libxml2-2.7.8-45.1.src.rpm libxml2-32bit-2.7.8-45.1.x86_64.rpm libxml2-debuginfo-2.7.8-45.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-45.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-45.1.ia64.rpm libxml2-debugsource-2.7.8-45.1.i586.rpm libxml2-devel-2.7.8-45.1.i586.rpm libxml2-devel-32bit-2.7.8-45.1.x86_64.rpm libxml2-doc-2.7.8-45.1.noarch.rpm libxml2-x86-2.7.8-45.1.ia64.rpm libxml2-2.7.8-45.1.x86_64.rpm libxml2-debuginfo-2.7.8-45.1.x86_64.rpm libxml2-debugsource-2.7.8-45.1.x86_64.rpm libxml2-devel-2.7.8-45.1.x86_64.rpm 2013-118 moderate openSUSE Evergreen 11.4 A directory traversal in cgit could be used by remote attackers to read files on the local filesystem. (CVE-2013-2117) cgit-0.8.3.3-5.8.1.i586.rpm cgit-0.8.3.3-5.8.1.src.rpm cgit-debuginfo-0.8.3.3-5.8.1.i586.rpm cgit-debugsource-0.8.3.3-5.8.1.i586.rpm cgit-0.8.3.3-5.8.1.x86_64.rpm cgit-debuginfo-0.8.3.3-5.8.1.x86_64.rpm cgit-debugsource-0.8.3.3-5.8.1.x86_64.rpm 2013-117 moderate openSUSE Evergreen 11.4 Wireshark was updated to 1.8.9 [bnc#831718] + vulnerabilities fixed: * The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45 * The DIS dissector could go into a large loop CVE-2013-4929 wnpa-sec-2013-47 * The DVB-CI dissector could crash CVE-2013-4930 wnpa-sec-2013-48 * The GSM RR dissector (and possibly others) could go into a large loop CVE-2013-4931 wnpa-sec-2013-49 * The GSM A Common dissector could crash CVE-2013-4932 wnpa-sec-2013-50 * The Netmon file parser could crash CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-51 * The ASN.1 PER dissector could crash CVE-2013-4935 wnpa-sec-2013-52 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html wireshark-1.8.9-53.1.i586.rpm wireshark-1.8.9-53.1.src.rpm wireshark-debuginfo-1.8.9-53.1.i586.rpm wireshark-debugsource-1.8.9-53.1.i586.rpm wireshark-devel-1.8.9-53.1.i586.rpm wireshark-1.8.9-53.1.x86_64.rpm wireshark-debuginfo-1.8.9-53.1.x86_64.rpm wireshark-debugsource-1.8.9-53.1.x86_64.rpm wireshark-devel-1.8.9-53.1.x86_64.rpm 2013-124 moderate openSUSE Evergreen 11.4 - httpd-2.2.x-bnc829056-CVE-2013-1896-pr1482522-mod_dav.diff CVE-2013-1896: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault. [bnc#829056] - httpd-2.2.x-bnc829057-CVE-2013-1862-mod_rewrite_terminal_escape_sequences.diff CVE-2013-1862: client data written to the RewriteLog must have terminal escape sequences escaped. [bnc#829057] apache2-2.2.17-4.72.1.i586.rpm apache2-2.2.17-4.72.1.src.rpm apache2-debuginfo-2.2.17-4.72.1.i586.rpm apache2-debugsource-2.2.17-4.72.1.i586.rpm apache2-devel-2.2.17-4.72.1.i586.rpm apache2-doc-2.2.17-4.72.1.noarch.rpm apache2-event-2.2.17-4.72.1.i586.rpm apache2-event-debuginfo-2.2.17-4.72.1.i586.rpm apache2-example-certificates-2.2.17-4.72.1.i586.rpm apache2-example-pages-2.2.17-4.72.1.i586.rpm apache2-itk-2.2.17-4.72.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.72.1.i586.rpm apache2-prefork-2.2.17-4.72.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.72.1.i586.rpm apache2-utils-2.2.17-4.72.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.72.1.i586.rpm apache2-worker-2.2.17-4.72.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.72.1.i586.rpm apache2-2.2.17-4.72.1.x86_64.rpm apache2-debuginfo-2.2.17-4.72.1.x86_64.rpm apache2-debugsource-2.2.17-4.72.1.x86_64.rpm apache2-devel-2.2.17-4.72.1.x86_64.rpm apache2-event-2.2.17-4.72.1.x86_64.rpm apache2-event-debuginfo-2.2.17-4.72.1.x86_64.rpm apache2-example-certificates-2.2.17-4.72.1.x86_64.rpm apache2-example-pages-2.2.17-4.72.1.x86_64.rpm apache2-itk-2.2.17-4.72.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.72.1.x86_64.rpm apache2-prefork-2.2.17-4.72.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.72.1.x86_64.rpm apache2-utils-2.2.17-4.72.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.72.1.x86_64.rpm apache2-worker-2.2.17-4.72.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.72.1.x86_64.rpm 2013-121 moderate openSUSE Evergreen 11.4 Opera Software recently experienced an attack on the internal infrastructure. Following best practices, Opera Software is replacing signing certificates in Opera with newly issued certificates. Certificates in Opera include the code signing certificate for desktop binaries and the signing certificate for automatic updates to browser.js. Opera's rootstore was not affected by the attack and certificates used for accessing HTTPS websites are unchanged by this update. opera-12.16-56.1.i586.rpm opera-12.16-56.1.nosrc.rpm opera-gtk-12.16-56.1.i586.rpm opera-kde4-12.16-56.1.i586.rpm opera-12.16-56.1.x86_64.rpm opera-gtk-12.16-56.1.x86_64.rpm opera-kde4-12.16-56.1.x86_64.rpm 2013-125 moderate openSUSE Evergreen 11.4 - complete overhaul of this package, with update to 2.7.5. - ruleset update to 2.2.8-0-g0f07cbb. - new configuration framework private to mod_security2: /etc/apache2/conf.d/mod_security2.conf loads /usr/share/apache2-mod_security2/rules/modsecurity_crs_10_setup.conf, then /etc/apache2/mod_security2.d/*.conf , as set up based on advice in /etc/apache2/conf.d/mod_security2.conf Your configuration starting point is /etc/apache2/conf.d/mod_security2.conf - !!! Please note that mod_unique_id is needed for mod_security2 to run! - modsecurity-apache_2.7.5-build_fix_pcre.diff changes erroneaous linker parameter, preventing rpath in shared object. - fixes contained for the following bugs: * CVE-2009-5031, CVE-2012-2751 [bnc#768293] request parameter handling * [bnc#768293] multi-part bypass, minor threat * CVE-2013-1915 [bnc#813190] XML external entity vulnerability * CVE-2012-4528 [bnc#789393] rule bypass * CVE-2013-2765 [bnc#822664] null pointer dereference crash - new from 2.5.9 to 2.7.5, only major changes: * GPLv2 replaced by Apache License v2 * rules are not part of the source tarball any longer, but maintaned upstream externally, and included in this package. * documentation was externalized to a wiki. Package contains the FAQ and the reference manual in html form. * renamed the term "Encryption" in directives that actually refer to hashes. See CHANGES file for more details. * new directive SecXmlExternalEntity, default off * byte conversion issues on s390x when logging fixed. * many small issues fixed that were discovered by a Coverity scanner * updated reference manual apache2-mod_security2-2.7.5-12.1.i586.rpm apache2-mod_security2-2.7.5-12.1.src.rpm apache2-mod_security2-debuginfo-2.7.5-12.1.i586.rpm apache2-mod_security2-debugsource-2.7.5-12.1.i586.rpm apache2-mod_security2-2.7.5-12.1.x86_64.rpm apache2-mod_security2-debuginfo-2.7.5-12.1.x86_64.rpm apache2-mod_security2-debugsource-2.7.5-12.1.x86_64.rpm 2013-119 low openSUSE Evergreen 11.4 * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys.(bnc#831359) * add GPL3.0+ to License tag because of dumpsexp (bnc#810759) libgcrypt-1.5.3-6.1.src.rpm libgcrypt-debugsource-1.5.3-6.1.i586.rpm libgcrypt-devel-1.5.3-6.1.i586.rpm libgcrypt-devel-32bit-1.5.3-6.1.x86_64.rpm libgcrypt-devel-debuginfo-1.5.3-6.1.i586.rpm libgcrypt-devel-debuginfo-32bit-1.5.3-6.1.x86_64.rpm libgcrypt-devel-debuginfo-x86-1.5.3-6.1.ia64.rpm libgcrypt11-1.5.3-6.1.i586.rpm libgcrypt11-32bit-1.5.3-6.1.x86_64.rpm libgcrypt11-debuginfo-1.5.3-6.1.i586.rpm libgcrypt11-debuginfo-32bit-1.5.3-6.1.x86_64.rpm libgcrypt11-debuginfo-x86-1.5.3-6.1.ia64.rpm libgcrypt11-x86-1.5.3-6.1.ia64.rpm libgcrypt-debugsource-1.5.3-6.1.x86_64.rpm libgcrypt-devel-1.5.3-6.1.x86_64.rpm libgcrypt-devel-debuginfo-1.5.3-6.1.x86_64.rpm libgcrypt11-1.5.3-6.1.x86_64.rpm libgcrypt11-debuginfo-1.5.3-6.1.x86_64.rpm 2013-120 low openSUSE Evergreen 11.4 This version update of lcms2 to release 2.5 fixes several security issues plus several other color management bugs. lcms2-2.5-7.1.i586.rpm lcms2-2.5-7.1.src.rpm lcms2-debuginfo-2.5-7.1.i586.rpm lcms2-debugsource-2.5-7.1.i586.rpm liblcms2-2-2.5-7.1.i586.rpm liblcms2-2-32bit-2.5-7.1.x86_64.rpm liblcms2-2-debuginfo-2.5-7.1.i586.rpm liblcms2-2-debuginfo-32bit-2.5-7.1.x86_64.rpm liblcms2-2-debuginfo-x86-2.5-7.1.ia64.rpm liblcms2-2-x86-2.5-7.1.ia64.rpm liblcms2-devel-2.5-7.1.i586.rpm liblcms2-doc-2.5-7.1.noarch.rpm lcms2-2.5-7.1.x86_64.rpm lcms2-debuginfo-2.5-7.1.x86_64.rpm lcms2-debugsource-2.5-7.1.x86_64.rpm liblcms2-2-2.5-7.1.x86_64.rpm liblcms2-2-debuginfo-2.5-7.1.x86_64.rpm liblcms2-devel-2.5-7.1.x86_64.rpm 2012-4 moderate openSUSE Evergreen 11.4 The IcedTea Web Java plugin was updated to 1.3.1 (bnc#787846) - Security Updates * CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet - Common Bugfixes - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775) icedtea-web-1.3.1-26.1.i586.rpm icedtea-web-1.3.1-26.1.src.rpm icedtea-web-debuginfo-1.3.1-26.1.i586.rpm icedtea-web-debugsource-1.3.1-26.1.i586.rpm icedtea-web-javadoc-1.3.1-26.1.noarch.rpm icedtea-web-1.3.1-26.1.x86_64.rpm icedtea-web-debuginfo-1.3.1-26.1.x86_64.rpm icedtea-web-debugsource-1.3.1-26.1.x86_64.rpm 2013-122 important openSUSE Evergreen 11.4 This patch contains updates for - Firefox to 23.0 - xulrunner to 17.0.8esr - Thunderbird to 17.0.8 - mozilla-nspr to 4.10 - mozilla-nss to 3.15,1 * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system MozillaFirefox-23.0-83.1.i586.rpm MozillaFirefox-23.0-83.1.src.rpm MozillaFirefox-branding-upstream-23.0-83.1.i586.rpm MozillaFirefox-buildsymbols-23.0-83.1.i586.rpm MozillaFirefox-debuginfo-23.0-83.1.i586.rpm MozillaFirefox-debugsource-23.0-83.1.i586.rpm MozillaFirefox-devel-23.0-83.1.i586.rpm MozillaFirefox-translations-common-23.0-83.1.i586.rpm MozillaFirefox-translations-other-23.0-83.1.i586.rpm MozillaThunderbird-17.0.8-69.2.i586.rpm MozillaThunderbird-17.0.8-69.2.src.rpm MozillaThunderbird-buildsymbols-17.0.8-69.2.i586.rpm MozillaThunderbird-debuginfo-17.0.8-69.2.i586.rpm MozillaThunderbird-debugsource-17.0.8-69.2.i586.rpm MozillaThunderbird-devel-17.0.8-69.2.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.8-69.2.i586.rpm MozillaThunderbird-translations-common-17.0.8-69.2.i586.rpm MozillaThunderbird-translations-other-17.0.8-69.2.i586.rpm enigmail-1.5.2+17.0.8-69.2.i586.rpm enigmail-debuginfo-1.5.2+17.0.8-69.2.i586.rpm mozilla-nspr-32bit-4.10-28.1.x86_64.rpm mozilla-nspr-4.10-28.1.i586.rpm mozilla-nspr-4.10-28.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10-28.1.x86_64.rpm mozilla-nspr-debuginfo-4.10-28.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10-28.1.ia64.rpm mozilla-nspr-debugsource-4.10-28.1.i586.rpm mozilla-nspr-devel-4.10-28.1.i586.rpm mozilla-nspr-x86-4.10-28.1.ia64.rpm libfreebl3-3.15.1-62.1.i586.rpm libfreebl3-32bit-3.15.1-62.1.x86_64.rpm libfreebl3-debuginfo-3.15.1-62.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.1-62.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.1-62.1.ia64.rpm libfreebl3-x86-3.15.1-62.1.ia64.rpm libsoftokn3-3.15.1-62.1.i586.rpm libsoftokn3-32bit-3.15.1-62.1.x86_64.rpm libsoftokn3-debuginfo-3.15.1-62.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.1-62.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.1-62.1.ia64.rpm libsoftokn3-x86-3.15.1-62.1.ia64.rpm mozilla-nss-3.15.1-62.1.i586.rpm mozilla-nss-3.15.1-62.1.src.rpm mozilla-nss-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-certs-3.15.1-62.1.i586.rpm mozilla-nss-certs-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.1-62.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.1-62.1.ia64.rpm mozilla-nss-certs-x86-3.15.1-62.1.ia64.rpm mozilla-nss-debuginfo-3.15.1-62.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.1-62.1.ia64.rpm mozilla-nss-debugsource-3.15.1-62.1.i586.rpm mozilla-nss-devel-3.15.1-62.1.i586.rpm mozilla-nss-sysinit-3.15.1-62.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.1-62.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.1-62.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.1-62.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.1-62.1.ia64.rpm mozilla-nss-tools-3.15.1-62.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.1-62.1.i586.rpm mozilla-nss-x86-3.15.1-62.1.ia64.rpm seamonkey-2.20-73.1.i586.rpm seamonkey-2.20-73.1.src.rpm seamonkey-debuginfo-2.20-73.1.i586.rpm seamonkey-debugsource-2.20-73.1.i586.rpm seamonkey-dom-inspector-2.20-73.1.i586.rpm seamonkey-irc-2.20-73.1.i586.rpm seamonkey-translations-common-2.20-73.1.i586.rpm seamonkey-translations-other-2.20-73.1.i586.rpm seamonkey-venkman-2.20-73.1.i586.rpm MozillaFirefox-23.0-83.1.x86_64.rpm MozillaFirefox-branding-upstream-23.0-83.1.x86_64.rpm MozillaFirefox-buildsymbols-23.0-83.1.x86_64.rpm MozillaFirefox-debuginfo-23.0-83.1.x86_64.rpm MozillaFirefox-debugsource-23.0-83.1.x86_64.rpm MozillaFirefox-devel-23.0-83.1.x86_64.rpm MozillaFirefox-translations-common-23.0-83.1.x86_64.rpm MozillaFirefox-translations-other-23.0-83.1.x86_64.rpm MozillaThunderbird-17.0.8-69.2.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.8-69.2.x86_64.rpm MozillaThunderbird-debuginfo-17.0.8-69.2.x86_64.rpm MozillaThunderbird-debugsource-17.0.8-69.2.x86_64.rpm MozillaThunderbird-devel-17.0.8-69.2.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.8-69.2.x86_64.rpm MozillaThunderbird-translations-common-17.0.8-69.2.x86_64.rpm MozillaThunderbird-translations-other-17.0.8-69.2.x86_64.rpm enigmail-1.5.2+17.0.8-69.2.x86_64.rpm enigmail-debuginfo-1.5.2+17.0.8-69.2.x86_64.rpm mozilla-nspr-4.10-28.1.x86_64.rpm mozilla-nspr-debuginfo-4.10-28.1.x86_64.rpm mozilla-nspr-debugsource-4.10-28.1.x86_64.rpm mozilla-nspr-devel-4.10-28.1.x86_64.rpm libfreebl3-3.15.1-62.1.x86_64.rpm libfreebl3-debuginfo-3.15.1-62.1.x86_64.rpm libsoftokn3-3.15.1-62.1.x86_64.rpm libsoftokn3-debuginfo-3.15.1-62.1.x86_64.rpm mozilla-nss-3.15.1-62.1.x86_64.rpm mozilla-nss-certs-3.15.1-62.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.1-62.1.x86_64.rpm mozilla-nss-debuginfo-3.15.1-62.1.x86_64.rpm mozilla-nss-debugsource-3.15.1-62.1.x86_64.rpm mozilla-nss-devel-3.15.1-62.1.x86_64.rpm mozilla-nss-sysinit-3.15.1-62.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.1-62.1.x86_64.rpm mozilla-nss-tools-3.15.1-62.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.1-62.1.x86_64.rpm seamonkey-2.20-73.1.x86_64.rpm seamonkey-debuginfo-2.20-73.1.x86_64.rpm seamonkey-debugsource-2.20-73.1.x86_64.rpm seamonkey-dom-inspector-2.20-73.1.x86_64.rpm seamonkey-irc-2.20-73.1.x86_64.rpm seamonkey-translations-common-2.20-73.1.x86_64.rpm seamonkey-translations-other-2.20-73.1.x86_64.rpm seamonkey-venkman-2.20-73.1.x86_64.rpm 2013-126 important openSUSE Evergreen 11.4 A specially crafted query with malicious rdata could have caused a crash (DoS) in named. bind-9.9.2P2-49.1.i586.rpm bind-9.9.2P2-49.1.src.rpm bind-chrootenv-9.9.2P2-49.1.i586.rpm bind-debuginfo-9.9.2P2-49.1.i586.rpm bind-debugsource-9.9.2P2-49.1.i586.rpm bind-devel-9.9.2P2-49.1.i586.rpm bind-doc-9.9.2P2-49.1.noarch.rpm bind-libs-32bit-9.9.2P2-49.1.x86_64.rpm bind-libs-9.9.2P2-49.1.i586.rpm bind-libs-debuginfo-32bit-9.9.2P2-49.1.x86_64.rpm bind-libs-debuginfo-9.9.2P2-49.1.i586.rpm bind-libs-debuginfo-x86-9.9.2P2-49.1.ia64.rpm bind-libs-x86-9.9.2P2-49.1.ia64.rpm bind-lwresd-9.9.2P2-49.1.i586.rpm bind-lwresd-debuginfo-9.9.2P2-49.1.i586.rpm bind-utils-9.9.2P2-49.1.i586.rpm bind-utils-debuginfo-9.9.2P2-49.1.i586.rpm bind-9.9.2P2-49.1.x86_64.rpm bind-chrootenv-9.9.2P2-49.1.x86_64.rpm bind-debuginfo-9.9.2P2-49.1.x86_64.rpm bind-debugsource-9.9.2P2-49.1.x86_64.rpm bind-devel-9.9.2P2-49.1.x86_64.rpm bind-libs-9.9.2P2-49.1.x86_64.rpm bind-libs-debuginfo-9.9.2P2-49.1.x86_64.rpm bind-lwresd-9.9.2P2-49.1.x86_64.rpm bind-lwresd-debuginfo-9.9.2P2-49.1.x86_64.rpm bind-utils-9.9.2P2-49.1.x86_64.rpm bind-utils-debuginfo-9.9.2P2-49.1.x86_64.rpm 2013-127 low openSUSE Evergreen 11.4 The previous bind update contained version 9.9.3P2 but the package still was called 9.9.2P2. This update just corrects the package version. bind-9.9.3P2-59.1.i586.rpm bind-9.9.3P2-59.1.src.rpm bind-chrootenv-9.9.3P2-59.1.i586.rpm bind-debuginfo-9.9.3P2-59.1.i586.rpm bind-debugsource-9.9.3P2-59.1.i586.rpm bind-devel-9.9.3P2-59.1.i586.rpm bind-doc-9.9.3P2-59.1.noarch.rpm bind-libs-32bit-9.9.3P2-59.1.x86_64.rpm bind-libs-9.9.3P2-59.1.i586.rpm bind-libs-debuginfo-32bit-9.9.3P2-59.1.x86_64.rpm bind-libs-debuginfo-9.9.3P2-59.1.i586.rpm bind-libs-debuginfo-x86-9.9.3P2-59.1.ia64.rpm bind-libs-x86-9.9.3P2-59.1.ia64.rpm bind-lwresd-9.9.3P2-59.1.i586.rpm bind-lwresd-debuginfo-9.9.3P2-59.1.i586.rpm bind-utils-9.9.3P2-59.1.i586.rpm bind-utils-debuginfo-9.9.3P2-59.1.i586.rpm bind-9.9.3P2-59.1.x86_64.rpm bind-chrootenv-9.9.3P2-59.1.x86_64.rpm bind-debuginfo-9.9.3P2-59.1.x86_64.rpm bind-debugsource-9.9.3P2-59.1.x86_64.rpm bind-devel-9.9.3P2-59.1.x86_64.rpm bind-libs-9.9.3P2-59.1.x86_64.rpm bind-libs-debuginfo-9.9.3P2-59.1.x86_64.rpm bind-lwresd-9.9.3P2-59.1.x86_64.rpm bind-lwresd-debuginfo-9.9.3P2-59.1.x86_64.rpm bind-utils-9.9.3P2-59.1.x86_64.rpm bind-utils-debuginfo-9.9.3P2-59.1.x86_64.rpm 2013-128 moderate openSUSE Evergreen 11.4 This update of strongswan fixed a denial-of-service vulnerability, that could be triggered by special XAuth usernames and EAP identities. strongswan-4.5.0-6.56.1.i586.rpm strongswan-4.5.0-6.56.1.src.rpm strongswan-debugsource-4.5.0-6.56.1.i586.rpm strongswan-doc-4.5.0-6.56.1.i586.rpm strongswan-ikev1-4.5.0-6.56.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-ikev2-4.5.0-6.56.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-ipsec-4.5.0-6.56.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-libs0-4.5.0-6.56.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-mysql-4.5.0-6.56.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-nm-4.5.0-6.56.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-sqlite-4.5.0-6.56.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.56.1.i586.rpm strongswan-4.5.0-6.56.1.x86_64.rpm strongswan-debugsource-4.5.0-6.56.1.x86_64.rpm strongswan-doc-4.5.0-6.56.1.x86_64.rpm strongswan-ikev1-4.5.0-6.56.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-ikev2-4.5.0-6.56.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-ipsec-4.5.0-6.56.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-libs0-4.5.0-6.56.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-mysql-4.5.0-6.56.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-nm-4.5.0-6.56.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.56.1.x86_64.rpm strongswan-sqlite-4.5.0-6.56.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.56.1.x86_64.rpm 2013-130 moderate openSUSE Evergreen 11.4 This version fixes following issue: - making mysqldump work with MySQL 5.0 (bnc#768832) - include security fixesJuly 2013 Oracle Patch day for mysql-5.1.71 (bnc#830086) libmysqlclient-devel-5.1.71-62.1.i586.rpm libmysqlclient16-32bit-5.1.71-62.1.x86_64.rpm libmysqlclient16-5.1.71-62.1.i586.rpm libmysqlclient16-debuginfo-32bit-5.1.71-62.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.71-62.1.i586.rpm libmysqlclient16-debuginfo-x86-5.1.71-62.1.ia64.rpm libmysqlclient16-x86-5.1.71-62.1.ia64.rpm libmysqlclient_r16-32bit-5.1.71-62.1.x86_64.rpm libmysqlclient_r16-5.1.71-62.1.i586.rpm libmysqlclient_r16-debuginfo-32bit-5.1.71-62.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.71-62.1.i586.rpm libmysqlclient_r16-debuginfo-x86-5.1.71-62.1.ia64.rpm libmysqlclient_r16-x86-5.1.71-62.1.ia64.rpm libmysqld-devel-5.1.71-62.1.i586.rpm libmysqld0-5.1.71-62.1.i586.rpm libmysqld0-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-5.1.71-62.1.i586.rpm mysql-community-server-5.1.71-62.1.src.rpm mysql-community-server-bench-5.1.71-62.1.i586.rpm mysql-community-server-bench-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-client-5.1.71-62.1.i586.rpm mysql-community-server-client-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-debug-5.1.71-62.1.i586.rpm mysql-community-server-debug-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-debugsource-5.1.71-62.1.i586.rpm mysql-community-server-test-5.1.71-62.1.i586.rpm mysql-community-server-test-debuginfo-5.1.71-62.1.i586.rpm mysql-community-server-tools-5.1.71-62.1.i586.rpm mysql-community-server-tools-debuginfo-5.1.71-62.1.i586.rpm libmysqlclient-devel-5.1.71-62.1.x86_64.rpm libmysqlclient16-5.1.71-62.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.71-62.1.x86_64.rpm libmysqlclient_r16-5.1.71-62.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.71-62.1.x86_64.rpm libmysqld-devel-5.1.71-62.1.x86_64.rpm libmysqld0-5.1.71-62.1.x86_64.rpm libmysqld0-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-5.1.71-62.1.x86_64.rpm mysql-community-server-bench-5.1.71-62.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-client-5.1.71-62.1.x86_64.rpm mysql-community-server-client-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-debug-5.1.71-62.1.x86_64.rpm mysql-community-server-debug-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-debugsource-5.1.71-62.1.x86_64.rpm mysql-community-server-test-5.1.71-62.1.x86_64.rpm mysql-community-server-test-debuginfo-5.1.71-62.1.x86_64.rpm mysql-community-server-tools-5.1.71-62.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.1.71-62.1.x86_64.rpm 2013-131 moderate openSUSE Evergreen 11.4 This version upgrade of mariadb fixed the following issues: - making mysqldump work with MySQL 5.0 (bnc#768832) - fix possible buffer overflow that can cause a server crash or arbitrary code execution (a variant of CVE-2012-5611) libmariadbclient16-5.1.67-46.1.i586.rpm libmariadbclient16-debuginfo-5.1.67-46.1.i586.rpm libmariadbclient_r16-5.1.67-46.1.i586.rpm libmariadbclient_r16-debuginfo-5.1.67-46.1.i586.rpm mariadb-5.1.67-46.1.i586.rpm mariadb-5.1.67-46.1.src.rpm mariadb-bench-5.1.67-46.1.i586.rpm mariadb-bench-debuginfo-5.1.67-46.1.i586.rpm mariadb-client-5.1.67-46.1.i586.rpm mariadb-client-debuginfo-5.1.67-46.1.i586.rpm mariadb-debug-5.1.67-46.1.i586.rpm mariadb-debug-debuginfo-5.1.67-46.1.i586.rpm mariadb-debuginfo-5.1.67-46.1.i586.rpm mariadb-debugsource-5.1.67-46.1.i586.rpm mariadb-test-5.1.67-46.1.i586.rpm mariadb-test-debuginfo-5.1.67-46.1.i586.rpm mariadb-tools-5.1.67-46.1.i586.rpm mariadb-tools-debuginfo-5.1.67-46.1.i586.rpm libmariadbclient16-5.1.67-46.1.x86_64.rpm libmariadbclient16-debuginfo-5.1.67-46.1.x86_64.rpm libmariadbclient_r16-5.1.67-46.1.x86_64.rpm libmariadbclient_r16-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-5.1.67-46.1.x86_64.rpm mariadb-bench-5.1.67-46.1.x86_64.rpm mariadb-bench-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-client-5.1.67-46.1.x86_64.rpm mariadb-client-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-debug-5.1.67-46.1.x86_64.rpm mariadb-debug-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-debugsource-5.1.67-46.1.x86_64.rpm mariadb-test-5.1.67-46.1.x86_64.rpm mariadb-test-debuginfo-5.1.67-46.1.x86_64.rpm mariadb-tools-5.1.67-46.1.x86_64.rpm mariadb-tools-debuginfo-5.1.67-46.1.x86_64.rpm 2013-129 moderate openSUSE Evergreen 11.4 Tomcat was updated to fix security issues and bug: CVE-2013-1976: Avoid a potential symlink race during startup of the tomcat server, where a local attacker that gaine access to the tomcat chroot could escalate privileges to root. CVE-2013-2067: java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat did not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack. CVE-2012-3544: Tomcat were affected by a chunked transfer encoding extension size denial of service vulnerability. tomcat6-6.0.32-42.1.noarch.rpm tomcat6-6.0.32-42.1.src.rpm tomcat6-admin-webapps-6.0.32-42.1.noarch.rpm tomcat6-docs-webapp-6.0.32-42.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-42.1.noarch.rpm tomcat6-javadoc-6.0.32-42.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-42.1.noarch.rpm tomcat6-lib-6.0.32-42.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-42.1.noarch.rpm tomcat6-webapps-6.0.32-42.1.noarch.rpm 2013-132 moderate openSUSE Evergreen 11.4 This squid update includes several security fixes and minor changes. - squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname. - squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0188-cachemgr_cgi_dos.diff memory leak in cachemgr.cgi known as CVE-2013-0189, which is the underfixed CVE-2012-5643 problem. [bnc#796999] [bnc#794954] - run logrotate as squid:nogroup [bnc#677335] squid-2.7.STABLE6-10.17.1.i586.rpm squid-2.7.STABLE6-10.17.1.src.rpm squid-debuginfo-2.7.STABLE6-10.17.1.i586.rpm squid-debugsource-2.7.STABLE6-10.17.1.i586.rpm squid-2.7.STABLE6-10.17.1.x86_64.rpm squid-debuginfo-2.7.STABLE6-10.17.1.x86_64.rpm squid-debugsource-2.7.STABLE6-10.17.1.x86_64.rpm 2012-10 moderate openSUSE Evergreen 11.4 This update of kdelibs fixed various memory corruption vulnerabilities kdelibs4-4.6.0-6.65.1.i586.rpm kdelibs4-4.6.0-6.65.1.src.rpm kdelibs4-branding-upstream-4.6.0-6.65.1.i586.rpm kdelibs4-core-4.6.0-6.65.1.i586.rpm kdelibs4-core-debuginfo-4.6.0-6.65.1.i586.rpm kdelibs4-debuginfo-4.6.0-6.65.1.i586.rpm kdelibs4-debugsource-4.6.0-6.65.1.i586.rpm kdelibs4-doc-4.6.0-6.65.1.i586.rpm kdelibs4-doc-debuginfo-4.6.0-6.65.1.i586.rpm libkde4-32bit-4.6.0-6.65.1.x86_64.rpm libkde4-4.6.0-6.65.1.i586.rpm libkde4-debuginfo-32bit-4.6.0-6.65.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.65.1.i586.rpm libkde4-debuginfo-x86-4.6.0-6.65.1.ia64.rpm libkde4-devel-4.6.0-6.65.1.i586.rpm libkde4-x86-4.6.0-6.65.1.ia64.rpm libkdecore4-32bit-4.6.0-6.65.1.x86_64.rpm libkdecore4-4.6.0-6.65.1.i586.rpm libkdecore4-debuginfo-32bit-4.6.0-6.65.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.65.1.i586.rpm libkdecore4-debuginfo-x86-4.6.0-6.65.1.ia64.rpm libkdecore4-devel-4.6.0-6.65.1.i586.rpm libkdecore4-devel-debuginfo-4.6.0-6.65.1.i586.rpm libkdecore4-x86-4.6.0-6.65.1.ia64.rpm libksuseinstall-devel-4.6.0-6.65.1.i586.rpm libksuseinstall1-32bit-4.6.0-6.65.1.x86_64.rpm libksuseinstall1-4.6.0-6.65.1.i586.rpm libksuseinstall1-debuginfo-32bit-4.6.0-6.65.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.65.1.i586.rpm libksuseinstall1-debuginfo-x86-4.6.0-6.65.1.ia64.rpm libksuseinstall1-x86-4.6.0-6.65.1.ia64.rpm kdelibs4-4.6.0-6.65.1.x86_64.rpm kdelibs4-branding-upstream-4.6.0-6.65.1.x86_64.rpm kdelibs4-core-4.6.0-6.65.1.x86_64.rpm kdelibs4-core-debuginfo-4.6.0-6.65.1.x86_64.rpm kdelibs4-debuginfo-4.6.0-6.65.1.x86_64.rpm kdelibs4-debugsource-4.6.0-6.65.1.x86_64.rpm kdelibs4-doc-4.6.0-6.65.1.x86_64.rpm kdelibs4-doc-debuginfo-4.6.0-6.65.1.x86_64.rpm libkde4-4.6.0-6.65.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.65.1.x86_64.rpm libkde4-devel-4.6.0-6.65.1.x86_64.rpm libkdecore4-4.6.0-6.65.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.65.1.x86_64.rpm libkdecore4-devel-4.6.0-6.65.1.x86_64.rpm libkdecore4-devel-debuginfo-4.6.0-6.65.1.x86_64.rpm libksuseinstall-devel-4.6.0-6.65.1.x86_64.rpm libksuseinstall1-4.6.0-6.65.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.65.1.x86_64.rpm 2013-133 moderate openSUSE Evergreen 11.4 This squid3 update includes several security fixes and minor changes. - squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname. - run logrotate as squid:nogroup [bnc#677335] squid3-3.1.23-19.1.i586.rpm squid3-3.1.23-19.1.src.rpm squid3-debuginfo-3.1.23-19.1.i586.rpm squid3-debugsource-3.1.23-19.1.i586.rpm squid3-3.1.23-19.1.x86_64.rpm squid3-debuginfo-3.1.23-19.1.x86_64.rpm squid3-debugsource-3.1.23-19.1.x86_64.rpm 2013-136 moderate openSUSE Evergreen 11.4 This python update includes a SSL certificates fix - handle NULL bytes in certain fields of SSL certificates (CVE-2013-4238, bnc#834601, CVE-2013-4238_py27.patch) libpython2_7-1_0-2.7-8.48.1.i586.rpm libpython2_7-1_0-32bit-2.7-8.48.1.x86_64.rpm libpython2_7-1_0-debuginfo-2.7-8.48.1.i586.rpm libpython2_7-1_0-debuginfo-32bit-2.7-8.48.1.x86_64.rpm libpython2_7-1_0-debuginfo-x86-2.7-8.48.1.ia64.rpm libpython2_7-1_0-x86-2.7-8.48.1.ia64.rpm python-base-2.7-8.48.1.i586.rpm python-base-2.7-8.48.1.src.rpm python-base-32bit-2.7-8.48.1.x86_64.rpm python-base-debuginfo-2.7-8.48.1.i586.rpm python-base-debuginfo-32bit-2.7-8.48.1.x86_64.rpm python-base-debuginfo-x86-2.7-8.48.1.ia64.rpm python-base-debugsource-2.7-8.48.1.i586.rpm python-base-x86-2.7-8.48.1.ia64.rpm python-devel-2.7-8.48.1.i586.rpm python-xml-2.7-8.48.1.i586.rpm python-xml-debuginfo-2.7-8.48.1.i586.rpm python-doc-2.7-8.48.1.noarch.rpm python-doc-2.7-8.48.1.src.rpm python-doc-pdf-2.7-8.48.1.noarch.rpm python-2.7-9.48.1.i586.rpm python-2.7-9.48.1.src.rpm python-32bit-2.7-9.48.1.x86_64.rpm python-curses-2.7-9.48.1.i586.rpm python-curses-debuginfo-2.7-9.48.1.i586.rpm python-debuginfo-2.7-9.48.1.i586.rpm python-debuginfo-32bit-2.7-9.48.1.x86_64.rpm python-debuginfo-x86-2.7-9.48.1.ia64.rpm python-debugsource-2.7-9.48.1.i586.rpm python-demo-2.7-9.48.1.i586.rpm python-gdbm-2.7-9.48.1.i586.rpm python-gdbm-debuginfo-2.7-9.48.1.i586.rpm python-idle-2.7-9.48.1.i586.rpm python-tk-2.7-9.48.1.i586.rpm python-tk-debuginfo-2.7-9.48.1.i586.rpm python-x86-2.7-9.48.1.ia64.rpm libpython2_7-1_0-2.7-8.48.1.x86_64.rpm libpython2_7-1_0-debuginfo-2.7-8.48.1.x86_64.rpm python-base-2.7-8.48.1.x86_64.rpm python-base-debuginfo-2.7-8.48.1.x86_64.rpm python-base-debugsource-2.7-8.48.1.x86_64.rpm python-devel-2.7-8.48.1.x86_64.rpm python-xml-2.7-8.48.1.x86_64.rpm python-xml-debuginfo-2.7-8.48.1.x86_64.rpm python-2.7-9.48.1.x86_64.rpm python-curses-2.7-9.48.1.x86_64.rpm python-curses-debuginfo-2.7-9.48.1.x86_64.rpm python-debuginfo-2.7-9.48.1.x86_64.rpm python-debugsource-2.7-9.48.1.x86_64.rpm python-demo-2.7-9.48.1.x86_64.rpm python-gdbm-2.7-9.48.1.x86_64.rpm python-gdbm-debuginfo-2.7-9.48.1.x86_64.rpm python-idle-2.7-9.48.1.x86_64.rpm python-tk-2.7-9.48.1.x86_64.rpm python-tk-debuginfo-2.7-9.48.1.x86_64.rpm 2013-138 moderate openSUSE Evergreen 11.4 This wireshark update to 1.8.10 fixes several security and non security bugs. [bnc#839607] + vulnerabilities fixed: * The NBAP dissector could crash. wnpa-sec-2013-55 CVE-2013-5718 * The ASSA R3 dissector could go into an infinite loop. wnpa-sec-2013-56 CVE-2013-5719 * The RTPS dissector could overflow a buffer. wnpa-sec-2013-57 CVE-2013-5720 * The MQ dissector could crash. wnpa-sec-2013-58 CVE-2013-5721 * The LDAP dissector could crash. wnpa-sec-2013-59 CVE-2013-5722 * The Netmon file parser could crash. wnpa-sec-2013-60 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.10.html wireshark-1.8.10-57.1.i586.rpm wireshark-1.8.10-57.1.src.rpm wireshark-debuginfo-1.8.10-57.1.i586.rpm wireshark-debugsource-1.8.10-57.1.i586.rpm wireshark-devel-1.8.10-57.1.i586.rpm wireshark-1.8.10-57.1.x86_64.rpm wireshark-debuginfo-1.8.10-57.1.x86_64.rpm wireshark-debugsource-1.8.10-57.1.x86_64.rpm wireshark-devel-1.8.10-57.1.x86_64.rpm 2013-135 important openSUSE Evergreen 11.4 This update fixes the following issues with sensors and updates to version 3.3.2: - bnc#838619: + sensors-detect: Avoid probing EDID addresses on graphics cards. + sensors-detect: Do not scan I2C adapters on graphics cards by default. libsensors4-3.3.2-15.1.i586.rpm libsensors4-32bit-3.3.2-15.1.x86_64.rpm libsensors4-debuginfo-3.3.2-15.1.i586.rpm libsensors4-debuginfo-32bit-3.3.2-15.1.x86_64.rpm libsensors4-debuginfo-x86-3.3.2-15.1.ia64.rpm libsensors4-devel-3.3.2-15.1.i586.rpm libsensors4-x86-3.3.2-15.1.ia64.rpm sensord-3.3.2-15.1.i586.rpm sensord-debuginfo-3.3.2-15.1.i586.rpm sensors-3.3.2-15.1.i586.rpm sensors-3.3.2-15.1.src.rpm sensors-debuginfo-3.3.2-15.1.i586.rpm sensors-debugsource-3.3.2-15.1.i586.rpm libsensors4-3.3.2-15.1.x86_64.rpm libsensors4-debuginfo-3.3.2-15.1.x86_64.rpm libsensors4-devel-3.3.2-15.1.x86_64.rpm sensord-3.3.2-15.1.x86_64.rpm sensord-debuginfo-3.3.2-15.1.x86_64.rpm sensors-3.3.2-15.1.x86_64.rpm sensors-debuginfo-3.3.2-15.1.x86_64.rpm sensors-debugsource-3.3.2-15.1.x86_64.rpm 2013-134 moderate openSUSE Evergreen 11.4 These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-3361, CVE-2013-3362, CVE-2013-3363, CVE-2013-5324). flash-player-11.2.202.310-75.1.i586.rpm flash-player-11.2.202.310-75.1.nosrc.rpm flash-player-gnome-11.2.202.310-75.1.i586.rpm flash-player-kde4-11.2.202.310-75.1.i586.rpm flash-player-11.2.202.310-75.1.x86_64.rpm flash-player-gnome-11.2.202.310-75.1.x86_64.rpm flash-player-kde4-11.2.202.310-75.1.x86_64.rpm 2013-137 moderate openSUSE Evergreen 11.4 This python update includes a SSL certificates fix. - handle NULL bytes in certain fields of SSL certificates (CVE-2013-4238, bnc#834601, CVE-2013-4238-py32.patch) python3-doc-3.1-9.1.noarch.rpm python3-doc-3.1-9.1.src.rpm python3-doc-pdf-3.1-9.1.noarch.rpm python3-2to3-3.1.3-9.1.i586.rpm python3-3.1.3-9.1.i586.rpm python3-3.1.3-9.1.src.rpm python3-32bit-3.1.3-9.1.x86_64.rpm python3-curses-3.1.3-9.1.i586.rpm python3-curses-debuginfo-3.1.3-9.1.i586.rpm python3-dbm-3.1.3-9.1.i586.rpm python3-dbm-debuginfo-3.1.3-9.1.i586.rpm python3-debuginfo-3.1.3-9.1.i586.rpm python3-debuginfo-32bit-3.1.3-9.1.x86_64.rpm python3-debuginfo-x86-3.1.3-9.1.ia64.rpm python3-debugsource-3.1.3-9.1.i586.rpm python3-demo-3.1.3-9.1.i586.rpm python3-devel-3.1.3-9.1.i586.rpm python3-idle-3.1.3-9.1.i586.rpm python3-tk-3.1.3-9.1.i586.rpm python3-tk-debuginfo-3.1.3-9.1.i586.rpm python3-x86-3.1.3-9.1.ia64.rpm python3-xml-3.1.3-9.1.i586.rpm python3-xml-debuginfo-3.1.3-9.1.i586.rpm python3-2to3-3.1.3-9.1.x86_64.rpm python3-3.1.3-9.1.x86_64.rpm python3-curses-3.1.3-9.1.x86_64.rpm python3-curses-debuginfo-3.1.3-9.1.x86_64.rpm python3-dbm-3.1.3-9.1.x86_64.rpm python3-dbm-debuginfo-3.1.3-9.1.x86_64.rpm python3-debuginfo-3.1.3-9.1.x86_64.rpm python3-debugsource-3.1.3-9.1.x86_64.rpm python3-demo-3.1.3-9.1.x86_64.rpm python3-devel-3.1.3-9.1.x86_64.rpm python3-idle-3.1.3-9.1.x86_64.rpm python3-tk-3.1.3-9.1.x86_64.rpm python3-tk-debuginfo-3.1.3-9.1.x86_64.rpm python3-xml-3.1.3-9.1.x86_64.rpm python3-xml-debuginfo-3.1.3-9.1.x86_64.rpm 2013-139 moderate openSUSE Evergreen 11.4 This tiff security update fixes several buffer overflow issues and a out-of-bounds wirte problem. * tiff: buffer overflows/use after free problem [CVE-2013-4231][CVE-2013-4232][bnc#834477] * libtiff (gif2tiff): OOB Write in LZW decompressor [CVE-2013-4244][bnc#834788] * libtiff (gif2tiff): heap-based buffer overflow in readgifimage() [CVE-2013-4243][bnc#834779] libtiff-devel-3.9.4-42.1.i586.rpm libtiff-devel-32bit-3.9.4-42.1.x86_64.rpm libtiff3-3.9.4-42.1.i586.rpm libtiff3-32bit-3.9.4-42.1.x86_64.rpm libtiff3-debuginfo-3.9.4-42.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-42.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-42.1.ia64.rpm libtiff3-x86-3.9.4-42.1.ia64.rpm tiff-3.9.4-42.1.i586.rpm tiff-3.9.4-42.1.src.rpm tiff-debuginfo-3.9.4-42.1.i586.rpm tiff-debugsource-3.9.4-42.1.i586.rpm libtiff-devel-3.9.4-42.1.x86_64.rpm libtiff3-3.9.4-42.1.x86_64.rpm libtiff3-debuginfo-3.9.4-42.1.x86_64.rpm tiff-3.9.4-42.1.x86_64.rpm tiff-debuginfo-3.9.4-42.1.x86_64.rpm tiff-debugsource-3.9.4-42.1.x86_64.rpm 2013-140 moderate openSUSE Evergreen 11.4 This subversion update includes a security fix: -svnserve: fix creation of pid files CVE-2013-4277 libsvn_auth_gnome_keyring-1-0-1.6.23-55.2.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.23-55.2.i586.rpm libsvn_auth_kwallet-1-0-1.6.23-55.2.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.23-55.2.i586.rpm subversion-1.6.23-55.2.i586.rpm subversion-1.6.23-55.2.src.rpm subversion-debuginfo-1.6.23-55.2.i586.rpm subversion-debugsource-1.6.23-55.2.i586.rpm subversion-devel-1.6.23-55.2.i586.rpm subversion-perl-1.6.23-55.2.i586.rpm subversion-perl-debuginfo-1.6.23-55.2.i586.rpm subversion-python-1.6.23-55.2.i586.rpm subversion-python-debuginfo-1.6.23-55.2.i586.rpm subversion-ruby-1.6.23-55.2.i586.rpm subversion-ruby-debuginfo-1.6.23-55.2.i586.rpm subversion-server-1.6.23-55.2.i586.rpm subversion-server-debuginfo-1.6.23-55.2.i586.rpm subversion-tools-1.6.23-55.2.i586.rpm subversion-tools-debuginfo-1.6.23-55.2.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.23-55.2.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.23-55.2.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.23-55.2.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.23-55.2.x86_64.rpm subversion-1.6.23-55.2.x86_64.rpm subversion-debuginfo-1.6.23-55.2.x86_64.rpm subversion-debugsource-1.6.23-55.2.x86_64.rpm subversion-devel-1.6.23-55.2.x86_64.rpm subversion-perl-1.6.23-55.2.x86_64.rpm subversion-perl-debuginfo-1.6.23-55.2.x86_64.rpm subversion-python-1.6.23-55.2.x86_64.rpm subversion-python-debuginfo-1.6.23-55.2.x86_64.rpm subversion-ruby-1.6.23-55.2.x86_64.rpm subversion-ruby-debuginfo-1.6.23-55.2.x86_64.rpm subversion-server-1.6.23-55.2.x86_64.rpm subversion-server-debuginfo-1.6.23-55.2.x86_64.rpm subversion-tools-1.6.23-55.2.x86_64.rpm subversion-tools-debuginfo-1.6.23-55.2.x86_64.rpm 2013-141 moderate openSUSE Evergreen 11.4 Updates Firefox, Thunderbird and Seamonkey and fixes the following security issues: * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-78/CVE-2013-1721 (bmo#890277) Integer overflow in ANGLE library * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration MozillaFirefox-24.0-87.3.i586.rpm MozillaFirefox-24.0-87.3.src.rpm MozillaFirefox-branding-upstream-24.0-87.3.i586.rpm MozillaFirefox-buildsymbols-24.0-87.3.i586.rpm MozillaFirefox-debuginfo-24.0-87.3.i586.rpm MozillaFirefox-debugsource-24.0-87.3.i586.rpm MozillaFirefox-devel-24.0-87.3.i586.rpm MozillaFirefox-translations-common-24.0-87.3.i586.rpm MozillaFirefox-translations-other-24.0-87.3.i586.rpm MozillaThunderbird-24.0-73.3.i586.rpm MozillaThunderbird-24.0-73.3.src.rpm MozillaThunderbird-buildsymbols-24.0-73.3.i586.rpm MozillaThunderbird-debuginfo-24.0-73.3.i586.rpm MozillaThunderbird-debugsource-24.0-73.3.i586.rpm MozillaThunderbird-devel-24.0-73.3.i586.rpm MozillaThunderbird-translations-common-24.0-73.3.i586.rpm MozillaThunderbird-translations-other-24.0-73.3.i586.rpm enigmail-1.5.2+24.0-73.3.i586.rpm seamonkey-2.21-77.3.i586.rpm seamonkey-2.21-77.3.src.rpm seamonkey-debuginfo-2.21-77.3.i586.rpm seamonkey-debugsource-2.21-77.3.i586.rpm seamonkey-dom-inspector-2.21-77.3.i586.rpm seamonkey-irc-2.21-77.3.i586.rpm seamonkey-translations-common-2.21-77.3.i586.rpm seamonkey-translations-other-2.21-77.3.i586.rpm seamonkey-venkman-2.21-77.3.i586.rpm MozillaFirefox-24.0-87.3.x86_64.rpm MozillaFirefox-branding-upstream-24.0-87.3.x86_64.rpm MozillaFirefox-buildsymbols-24.0-87.3.x86_64.rpm MozillaFirefox-debuginfo-24.0-87.3.x86_64.rpm MozillaFirefox-debugsource-24.0-87.3.x86_64.rpm MozillaFirefox-devel-24.0-87.3.x86_64.rpm MozillaFirefox-translations-common-24.0-87.3.x86_64.rpm MozillaFirefox-translations-other-24.0-87.3.x86_64.rpm MozillaThunderbird-24.0-73.3.x86_64.rpm MozillaThunderbird-buildsymbols-24.0-73.3.x86_64.rpm MozillaThunderbird-debuginfo-24.0-73.3.x86_64.rpm MozillaThunderbird-debugsource-24.0-73.3.x86_64.rpm MozillaThunderbird-devel-24.0-73.3.x86_64.rpm MozillaThunderbird-translations-common-24.0-73.3.x86_64.rpm MozillaThunderbird-translations-other-24.0-73.3.x86_64.rpm enigmail-1.5.2+24.0-73.3.x86_64.rpm seamonkey-2.21-77.3.x86_64.rpm seamonkey-debuginfo-2.21-77.3.x86_64.rpm seamonkey-debugsource-2.21-77.3.x86_64.rpm seamonkey-dom-inspector-2.21-77.3.x86_64.rpm seamonkey-irc-2.21-77.3.x86_64.rpm seamonkey-translations-common-2.21-77.3.x86_64.rpm seamonkey-translations-other-2.21-77.3.x86_64.rpm seamonkey-venkman-2.21-77.3.x86_64.rpm 2013-165 low openSUSE Evergreen 11.4 3.0.93 kernel update for Evergreen 11.4 including fixes for several security related issues and lot of other bugfixes. kernel-debug-3.0.93-66.1.i586.rpm True kernel-debug-3.0.93-66.1.nosrc.rpm True kernel-debug-base-3.0.93-66.1.i586.rpm True kernel-debug-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-debug-debuginfo-3.0.93-66.1.i586.rpm True kernel-debug-debugsource-3.0.93-66.1.i586.rpm True kernel-debug-devel-3.0.93-66.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-debug-hmac-3.0.93-66.1.i586.rpm True kernel-default-3.0.93-66.1.i586.rpm True kernel-default-3.0.93-66.1.nosrc.rpm True kernel-default-base-3.0.93-66.1.i586.rpm True kernel-default-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-default-debuginfo-3.0.93-66.1.i586.rpm True kernel-default-debugsource-3.0.93-66.1.i586.rpm True kernel-default-devel-3.0.93-66.1.i586.rpm True kernel-default-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-default-hmac-3.0.93-66.1.i586.rpm True kernel-desktop-3.0.93-66.1.i586.rpm True kernel-desktop-3.0.93-66.1.nosrc.rpm True kernel-desktop-base-3.0.93-66.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-desktop-debuginfo-3.0.93-66.1.i586.rpm True kernel-desktop-debugsource-3.0.93-66.1.i586.rpm True kernel-desktop-devel-3.0.93-66.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-desktop-hmac-3.0.93-66.1.i586.rpm True kernel-docs-3.0.93-66.2.noarch.rpm True kernel-docs-3.0.93-66.2.src.rpm True kernel-ec2-3.0.93-66.1.i586.rpm True kernel-ec2-3.0.93-66.1.nosrc.rpm True kernel-ec2-base-3.0.93-66.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-ec2-debuginfo-3.0.93-66.1.i586.rpm True kernel-ec2-debugsource-3.0.93-66.1.i586.rpm True kernel-ec2-devel-3.0.93-66.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-ec2-extra-3.0.93-66.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.93-66.1.i586.rpm True kernel-ec2-hmac-3.0.93-66.1.i586.rpm True kernel-pae-3.0.93-66.1.i586.rpm True kernel-pae-3.0.93-66.1.nosrc.rpm True kernel-pae-base-3.0.93-66.1.i586.rpm True kernel-pae-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-pae-debuginfo-3.0.93-66.1.i586.rpm True kernel-pae-debugsource-3.0.93-66.1.i586.rpm True kernel-pae-devel-3.0.93-66.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-pae-hmac-3.0.93-66.1.i586.rpm True kernel-source-3.0.93-66.1.i586.rpm True kernel-source-3.0.93-66.1.src.rpm True kernel-source-vanilla-3.0.93-66.1.i586.rpm True kernel-syms-3.0.93-66.1.i586.rpm True kernel-syms-3.0.93-66.1.src.rpm True kernel-trace-3.0.93-66.1.i586.rpm True kernel-trace-3.0.93-66.1.nosrc.rpm True kernel-trace-base-3.0.93-66.1.i586.rpm True kernel-trace-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-trace-debuginfo-3.0.93-66.1.i586.rpm True kernel-trace-debugsource-3.0.93-66.1.i586.rpm True kernel-trace-devel-3.0.93-66.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-trace-hmac-3.0.93-66.1.i586.rpm True kernel-vanilla-3.0.93-66.1.i586.rpm True kernel-vanilla-3.0.93-66.1.nosrc.rpm True kernel-vanilla-base-3.0.93-66.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-vanilla-debuginfo-3.0.93-66.1.i586.rpm True kernel-vanilla-debugsource-3.0.93-66.1.i586.rpm True kernel-vanilla-devel-3.0.93-66.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-vanilla-hmac-3.0.93-66.1.i586.rpm True kernel-vmi-3.0.93-66.1.i586.rpm True kernel-vmi-3.0.93-66.1.nosrc.rpm True kernel-vmi-base-3.0.93-66.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-vmi-debuginfo-3.0.93-66.1.i586.rpm True kernel-vmi-debugsource-3.0.93-66.1.i586.rpm True kernel-vmi-devel-3.0.93-66.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-vmi-hmac-3.0.93-66.1.i586.rpm True kernel-xen-3.0.93-66.1.i586.rpm True kernel-xen-3.0.93-66.1.nosrc.rpm True kernel-xen-base-3.0.93-66.1.i586.rpm True kernel-xen-base-debuginfo-3.0.93-66.1.i586.rpm True kernel-xen-debuginfo-3.0.93-66.1.i586.rpm True kernel-xen-debugsource-3.0.93-66.1.i586.rpm True kernel-xen-devel-3.0.93-66.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.93-66.1.i586.rpm True kernel-xen-hmac-3.0.93-66.1.i586.rpm True preload-1.2-6.49.1.i586.rpm True preload-1.2-6.49.1.src.rpm True preload-debuginfo-1.2-6.49.1.i586.rpm True preload-debugsource-1.2-6.49.1.i586.rpm True preload-kmp-default-1.2_3.0.93_66-6.49.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.93_66-6.49.1.i586.rpm True preload-kmp-desktop-1.2_3.0.93_66-6.49.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.93_66-6.49.1.i586.rpm True kernel-debug-3.0.93-66.1.x86_64.rpm True kernel-debug-base-3.0.93-66.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-debug-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-debug-debugsource-3.0.93-66.1.x86_64.rpm True kernel-debug-devel-3.0.93-66.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-debug-hmac-3.0.93-66.1.x86_64.rpm True kernel-default-3.0.93-66.1.x86_64.rpm True kernel-default-base-3.0.93-66.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-default-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-default-debugsource-3.0.93-66.1.x86_64.rpm True kernel-default-devel-3.0.93-66.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-default-hmac-3.0.93-66.1.x86_64.rpm True kernel-desktop-3.0.93-66.1.x86_64.rpm True kernel-desktop-base-3.0.93-66.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-desktop-debugsource-3.0.93-66.1.x86_64.rpm True kernel-desktop-devel-3.0.93-66.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-desktop-hmac-3.0.93-66.1.x86_64.rpm True kernel-ec2-3.0.93-66.1.x86_64.rpm True kernel-ec2-base-3.0.93-66.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-ec2-debugsource-3.0.93-66.1.x86_64.rpm True kernel-ec2-devel-3.0.93-66.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-ec2-extra-3.0.93-66.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-ec2-hmac-3.0.93-66.1.x86_64.rpm True kernel-source-3.0.93-66.1.x86_64.rpm True kernel-source-vanilla-3.0.93-66.1.x86_64.rpm True kernel-syms-3.0.93-66.1.x86_64.rpm True kernel-trace-3.0.93-66.1.x86_64.rpm True kernel-trace-base-3.0.93-66.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-trace-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-trace-debugsource-3.0.93-66.1.x86_64.rpm True kernel-trace-devel-3.0.93-66.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-trace-hmac-3.0.93-66.1.x86_64.rpm True kernel-vanilla-3.0.93-66.1.x86_64.rpm True kernel-vanilla-base-3.0.93-66.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.93-66.1.x86_64.rpm True kernel-vanilla-devel-3.0.93-66.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-vanilla-hmac-3.0.93-66.1.x86_64.rpm True kernel-xen-3.0.93-66.1.x86_64.rpm True kernel-xen-base-3.0.93-66.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-xen-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-xen-debugsource-3.0.93-66.1.x86_64.rpm True kernel-xen-devel-3.0.93-66.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.93-66.1.x86_64.rpm True kernel-xen-hmac-3.0.93-66.1.x86_64.rpm True preload-1.2-6.49.1.x86_64.rpm True preload-debuginfo-1.2-6.49.1.x86_64.rpm True preload-debugsource-1.2-6.49.1.x86_64.rpm True preload-kmp-default-1.2_3.0.93_66-6.49.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.93_66-6.49.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.93_66-6.49.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.93_66-6.49.1.x86_64.rpm True 2012-6 important openSUSE Evergreen 11.4 update to Firefox/Thunderbird 17.0 and Seamonkey 2.14 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ MozillaFirefox-17.0-49.1.i586.rpm MozillaFirefox-17.0-49.1.src.rpm MozillaFirefox-branding-upstream-17.0-49.1.i586.rpm MozillaFirefox-buildsymbols-17.0-49.1.i586.rpm MozillaFirefox-debuginfo-17.0-49.1.i586.rpm MozillaFirefox-debugsource-17.0-49.1.i586.rpm MozillaFirefox-devel-17.0-49.1.i586.rpm MozillaFirefox-translations-common-17.0-49.1.i586.rpm MozillaFirefox-translations-other-17.0-49.1.i586.rpm MozillaThunderbird-17.0-41.1.i586.rpm MozillaThunderbird-17.0-41.1.src.rpm MozillaThunderbird-buildsymbols-17.0-41.1.i586.rpm MozillaThunderbird-debuginfo-17.0-41.1.i586.rpm MozillaThunderbird-debugsource-17.0-41.1.i586.rpm MozillaThunderbird-devel-17.0-41.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0-41.1.i586.rpm MozillaThunderbird-translations-common-17.0-41.1.i586.rpm MozillaThunderbird-translations-other-17.0-41.1.i586.rpm enigmail-1.4.6+17.0-41.1.i586.rpm enigmail-debuginfo-1.4.6+17.0-41.1.i586.rpm seamonkey-2.14-45.1.i586.rpm seamonkey-2.14-45.1.src.rpm seamonkey-debuginfo-2.14-45.1.i586.rpm seamonkey-debugsource-2.14-45.1.i586.rpm seamonkey-dom-inspector-2.14-45.1.i586.rpm seamonkey-irc-2.14-45.1.i586.rpm seamonkey-translations-common-2.14-45.1.i586.rpm seamonkey-translations-other-2.14-45.1.i586.rpm seamonkey-venkman-2.14-45.1.i586.rpm MozillaFirefox-17.0-49.1.x86_64.rpm MozillaFirefox-branding-upstream-17.0-49.1.x86_64.rpm MozillaFirefox-buildsymbols-17.0-49.1.x86_64.rpm MozillaFirefox-debuginfo-17.0-49.1.x86_64.rpm MozillaFirefox-debugsource-17.0-49.1.x86_64.rpm MozillaFirefox-devel-17.0-49.1.x86_64.rpm MozillaFirefox-translations-common-17.0-49.1.x86_64.rpm MozillaFirefox-translations-other-17.0-49.1.x86_64.rpm MozillaThunderbird-17.0-41.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0-41.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0-41.1.x86_64.rpm MozillaThunderbird-debugsource-17.0-41.1.x86_64.rpm MozillaThunderbird-devel-17.0-41.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0-41.1.x86_64.rpm MozillaThunderbird-translations-common-17.0-41.1.x86_64.rpm MozillaThunderbird-translations-other-17.0-41.1.x86_64.rpm enigmail-1.4.6+17.0-41.1.x86_64.rpm enigmail-debuginfo-1.4.6+17.0-41.1.x86_64.rpm seamonkey-2.14-45.1.x86_64.rpm seamonkey-debuginfo-2.14-45.1.x86_64.rpm seamonkey-debugsource-2.14-45.1.x86_64.rpm seamonkey-dom-inspector-2.14-45.1.x86_64.rpm seamonkey-irc-2.14-45.1.x86_64.rpm seamonkey-translations-common-2.14-45.1.x86_64.rpm seamonkey-translations-other-2.14-45.1.x86_64.rpm seamonkey-venkman-2.14-45.1.x86_64.rpm 2013-142 moderate openSUSE Evergreen 11.4 This icedtea-web update fixes several security issues. Changes in icedtea-web: - update to 1.4.1 (bnc#840572) * Improved and cleaned Temporary internet files panel * NetX - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of local file * Plugin - PR854: Resizing an applet several times causes 100% CPU load * Security Updates - CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet CVE-2012-4540 nit fixed in icedtea-web 1.4 * Misc - reproducers tests are enabled in dist-tarball - application context support for OpenJDK build 25 and higher - small patches into rhino support and - PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties - need jpackage-utils on older distros icedtea-web-1.4.1-38.2.i586.rpm icedtea-web-1.4.1-38.2.src.rpm icedtea-web-debuginfo-1.4.1-38.2.i586.rpm icedtea-web-debugsource-1.4.1-38.2.i586.rpm icedtea-web-javadoc-1.4.1-38.2.noarch.rpm icedtea-web-1.4.1-38.2.x86_64.rpm icedtea-web-debuginfo-1.4.1-38.2.x86_64.rpm icedtea-web-debugsource-1.4.1-38.2.x86_64.rpm 2013-144 moderate openSUSE Evergreen 11.4 Update mozilla-nss to 3.15.2 which contains a fix to avoid uninitialized data read in the event of a decryption failure. libfreebl3-3.15.2-66.1.i586.rpm libfreebl3-32bit-3.15.2-66.1.x86_64.rpm libfreebl3-debuginfo-3.15.2-66.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.2-66.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.2-66.1.ia64.rpm libfreebl3-x86-3.15.2-66.1.ia64.rpm libsoftokn3-3.15.2-66.1.i586.rpm libsoftokn3-32bit-3.15.2-66.1.x86_64.rpm libsoftokn3-debuginfo-3.15.2-66.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.2-66.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.2-66.1.ia64.rpm libsoftokn3-x86-3.15.2-66.1.ia64.rpm mozilla-nss-3.15.2-66.1.i586.rpm mozilla-nss-3.15.2-66.1.src.rpm mozilla-nss-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-certs-3.15.2-66.1.i586.rpm mozilla-nss-certs-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.2-66.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.2-66.1.ia64.rpm mozilla-nss-certs-x86-3.15.2-66.1.ia64.rpm mozilla-nss-debuginfo-3.15.2-66.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.2-66.1.ia64.rpm mozilla-nss-debugsource-3.15.2-66.1.i586.rpm mozilla-nss-devel-3.15.2-66.1.i586.rpm mozilla-nss-sysinit-3.15.2-66.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.2-66.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.2-66.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.2-66.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.2-66.1.ia64.rpm mozilla-nss-tools-3.15.2-66.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.2-66.1.i586.rpm mozilla-nss-x86-3.15.2-66.1.ia64.rpm libfreebl3-3.15.2-66.1.x86_64.rpm libfreebl3-debuginfo-3.15.2-66.1.x86_64.rpm libsoftokn3-3.15.2-66.1.x86_64.rpm libsoftokn3-debuginfo-3.15.2-66.1.x86_64.rpm mozilla-nss-3.15.2-66.1.x86_64.rpm mozilla-nss-certs-3.15.2-66.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.2-66.1.x86_64.rpm mozilla-nss-debuginfo-3.15.2-66.1.x86_64.rpm mozilla-nss-debugsource-3.15.2-66.1.x86_64.rpm mozilla-nss-devel-3.15.2-66.1.x86_64.rpm mozilla-nss-sysinit-3.15.2-66.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.2-66.1.x86_64.rpm mozilla-nss-tools-3.15.2-66.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.2-66.1.x86_64.rpm 2013-145 moderate openSUSE Evergreen 11.4 This python-django update fixes several security issues. - Update to version 1.4.8 (bnc#840832, CVE-2013-1443): + Fixed denial-of-service via large passwords - Changes from version 1.4.7: + Fixed directory traversal with ssi template tag - Changes from version 1.4.6: + Fixed Cross-site scripting (XSS) in admin interface + Fixed Possible XSS via is_safe_url python-django-1.4.8-13.1.noarch.rpm python-django-1.4.8-13.1.src.rpm 2013-143 moderate openSUSE Evergreen 11.4 This gpg2 update fixes a security issue with "key flags". It contains a version update to 2.0.18 for other bugfixes including a buildfix with updated version of libgcrypt in the update channel. CVE-2013-4351: gpg2: GnuPG treats no-usage-permitted keys as all-usages-permitted gpg2-2.0.19-14.1.i586.rpm gpg2-2.0.19-14.1.src.rpm gpg2-debuginfo-2.0.19-14.1.i586.rpm gpg2-debugsource-2.0.19-14.1.i586.rpm gpg2-lang-2.0.19-14.1.noarch.rpm gpg2-2.0.19-14.1.x86_64.rpm gpg2-debuginfo-2.0.19-14.1.x86_64.rpm gpg2-debugsource-2.0.19-14.1.x86_64.rpm 2013-150 moderate openSUSE Evergreen 11.4 rtkit was fixed to avoid a TOCTOU race condition that might have allowed local attackers to gain realtime rights they should not have. (CVE-2013-4326) rtkit-0.5-12.1.i586.rpm rtkit-0.5-12.1.src.rpm rtkit-debuginfo-0.5-12.1.i586.rpm rtkit-debugsource-0.5-12.1.i586.rpm rtkit-0.5-12.1.x86_64.rpm rtkit-debuginfo-0.5-12.1.x86_64.rpm rtkit-debugsource-0.5-12.1.x86_64.rpm 2013-147 low openSUSE Evergreen 11.4 Some minor stackoverflows in lcms utilities were fixed. (CVE-2013-4276) lcms-1.19-5.1.i586.rpm lcms-1.19-5.1.src.rpm lcms-debuginfo-1.19-5.1.i586.rpm lcms-debugsource-1.19-5.1.i586.rpm liblcms-devel-1.19-5.1.i586.rpm liblcms-devel-32bit-1.19-5.1.x86_64.rpm liblcms1-1.19-5.1.i586.rpm liblcms1-32bit-1.19-5.1.x86_64.rpm liblcms1-debuginfo-1.19-5.1.i586.rpm liblcms1-debuginfo-32bit-1.19-5.1.x86_64.rpm liblcms1-debuginfo-x86-1.19-5.1.ia64.rpm liblcms1-x86-1.19-5.1.ia64.rpm python-lcms-1.19-5.1.i586.rpm python-lcms-debuginfo-1.19-5.1.i586.rpm lcms-1.19-5.1.x86_64.rpm lcms-debuginfo-1.19-5.1.x86_64.rpm lcms-debugsource-1.19-5.1.x86_64.rpm liblcms-devel-1.19-5.1.x86_64.rpm liblcms1-1.19-5.1.x86_64.rpm liblcms1-debuginfo-1.19-5.1.x86_64.rpm python-lcms-1.19-5.1.x86_64.rpm python-lcms-debuginfo-1.19-5.1.x86_64.rpm 2013-146 moderate openSUSE Evergreen 11.4 gpg2 was updated to fix a denial of service attack through infinite recursion in the compressed packet parser [bnc#844175] [CVE-2013-4402]. gpg2-2.0.19-18.1.i586.rpm gpg2-2.0.19-18.1.src.rpm gpg2-debuginfo-2.0.19-18.1.i586.rpm gpg2-debugsource-2.0.19-18.1.i586.rpm gpg2-lang-2.0.19-18.1.noarch.rpm gpg2-2.0.19-18.1.x86_64.rpm gpg2-debuginfo-2.0.19-18.1.x86_64.rpm gpg2-debugsource-2.0.19-18.1.x86_64.rpm 2013-151 moderate openSUSE Evergreen 11.4 Add cve-fixes-bnc828028.diff: backport patch for fixing CVE-2013-2221, CVE-2013-2222, CVE-2013-2223 libzrtpcpp-1.6.0-6.1.i586.rpm libzrtpcpp-1.6.0-6.1.src.rpm libzrtpcpp-debuginfo-1.6.0-6.1.i586.rpm libzrtpcpp-debugsource-1.6.0-6.1.i586.rpm libzrtpcpp-devel-1.6.0-6.1.i586.rpm libzrtpcpp-1.6.0-6.1.x86_64.rpm libzrtpcpp-debuginfo-1.6.0-6.1.x86_64.rpm libzrtpcpp-debugsource-1.6.0-6.1.x86_64.rpm libzrtpcpp-devel-1.6.0-6.1.x86_64.rpm 2013-148 moderate openSUSE Evergreen 11.4 This update fixes the following issues with timezone: - Update to V2013f + many updates for Tocantins, Jordan, Palestine, Paraguay, Fiji, Indonesia, etc. see NEWS for details timezone-java-2013f-26.1.noarch.rpm timezone-java-2013f-26.1.src.rpm timezone-2013f-26.1.i586.rpm timezone-2013f-26.1.src.rpm timezone-debuginfo-2013f-26.1.i586.rpm timezone-debugsource-2013f-26.1.i586.rpm timezone-2013f-26.1.x86_64.rpm timezone-debuginfo-2013f-26.1.x86_64.rpm timezone-debugsource-2013f-26.1.x86_64.rpm 2013-152 moderate openSUSE Evergreen 11.4 the following security issue was fixed in apache2-mod_fcgid: - fixes a heap overflow identified by CVE-2013-4365 [bnc#844935]. apache2-mod_fcgid-2.3.6-6.1.i586.rpm apache2-mod_fcgid-2.3.6-6.1.src.rpm apache2-mod_fcgid-debuginfo-2.3.6-6.1.i586.rpm apache2-mod_fcgid-debugsource-2.3.6-6.1.i586.rpm apache2-mod_fcgid-2.3.6-6.1.x86_64.rpm apache2-mod_fcgid-debuginfo-2.3.6-6.1.x86_64.rpm apache2-mod_fcgid-debugsource-2.3.6-6.1.x86_64.rpm 2012-12 important openSUSE Evergreen 11.4 Opera 12.11 is a recommended upgrade offering security and stability enhancements: -fixed an issue where HTTP response heap buffer overflow could allow execution of arbitrary code; -fixed an issue where error pages could be used to guess local file paths; see our advisory -fixed several issues related to SPDY -gmail: Fixed an issue that could cause Gmail not to load opera-12.11-40.1.i586.rpm opera-12.11-40.1.nosrc.rpm opera-gtk-12.11-40.1.i586.rpm opera-kde4-12.11-40.1.i586.rpm opera-12.11-40.1.x86_64.rpm opera-gtk-12.11-40.1.x86_64.rpm opera-kde4-12.11-40.1.x86_64.rpm 2013-149 moderate openSUSE Evergreen 11.4 A remote attacker could supply a serialized instance of the DiskFileItem class, which would be deserialized on a server and write arbitrary content to any location on the server that is permitted by the user running the application server process. bnc#846174/CVE-2013-2186 jakarta-commons-fileupload-1.1.1-109.2.noarch.rpm jakarta-commons-fileupload-1.1.1-109.2.src.rpm jakarta-commons-fileupload-javadoc-1.1.1-109.2.noarch.rpm 2013-156 low openSUSE Evergreen 11.4 This update fixes various buffers overflows: -CVE-2013-4233 -CVE-2013-4234 libmodplug-0.8.8.4-2.14.1.src.rpm libmodplug-debugsource-0.8.8.4-2.14.1.i586.rpm libmodplug-devel-0.8.8.4-2.14.1.i586.rpm libmodplug0-0.8.8.4-2.14.1.i586.rpm libmodplug0-32bit-0.8.8.4-2.14.1.x86_64.rpm libmodplug0-debuginfo-0.8.8.4-2.14.1.i586.rpm libmodplug0-debuginfo-32bit-0.8.8.4-2.14.1.x86_64.rpm libmodplug0-debuginfo-x86-0.8.8.4-2.14.1.ia64.rpm libmodplug0-x86-0.8.8.4-2.14.1.ia64.rpm libmodplug-debugsource-0.8.8.4-2.14.1.x86_64.rpm libmodplug-devel-0.8.8.4-2.14.1.x86_64.rpm libmodplug0-0.8.8.4-2.14.1.x86_64.rpm libmodplug0-debuginfo-0.8.8.4-2.14.1.x86_64.rpm 2013-159 moderate openSUSE Evergreen 11.4 Postgresql was update to version 9.0.14 fixes following bugs: * Prevent downcasing of non-ASCII non-double-quoted identifiers in multi-byte encodings (Andrew Dunstan) * Fix checkpoint memory leak in background writer when wal_level = hot_standby (Naoya Anzai) * Fix memory leak caused by lo_open() failure (Heikki Linnakangas) * Fix memory overcommit bug when work_mem is using more than 24GB of memory (Stephen Frost) * Fix libpq SSL deadlock bug (Stephen Frost) * Fix possible SSL network stack corruption in threaded libpq applications (Nick Phillips, Stephen Frost) * Properly compute row estimates for boolean columns containing many NULL values (Andrew Gierth) * Previously tests like col IS NOT TRUE and col IS NOT FALSE did not properly factor in NULL values when estimating plan costs. * Prevent pushing down WHERE clauses into unsafe UNION/INTERSECT subqueries (Tom Lane) * Fix rare GROUP BY query error caused by improperly processed date type modifiers (Tom Lane) * Allow view dump code to better handle dropped columns on base tables (Tom Lane) * Properly record index comments created using UNIQUE and PRIMARY KEY syntax (Andres Freund) * Fix REINDEX TABLE and REINDEX DATABASE to properly revalidate constraints and mark invalidated indexes as valid (Noah Misch) * REINDEX INDEX has always worked properly. * Fix possible deadlock during concurrent CREATE INDEX CONCURRENTLY operations (Tom Lane) * Fix regexp_matches() handling of zero-length matches (Jeevan Chalke) * Fix crash for overly-complex regular expressions (Heikki Linnakangas) * Fix regular expression match failures for back references combined with non-greedy quantifiers (Jeevan Chalke) * Prevent CREATE FUNCTION from checking SET variables unless function body checking is enabled (Tom Lane) * Allow ALTER DEFAULT PRIVILEGES to operate on schemas without requiring CREATE permission (Tom Lane) * Loosen restriction on keywords used in queries (Tom Lane) * Fix pgp_pub_decrypt() so it works for secret keys with passwords (Marko Kreen) * Remove rare inaccurate warning during vacuum of index-less tables (Heikki Linnakangas) * Improve analyze statistics generation after a cancelled file truncate request (Kevin Grittner) * Avoid possible failure when performing transaction control commands (e.g ROLLBACK) in prepared queries (Tom Lane) * Allow various spellings of infinity on all platforms (Tom Lane) * Expand ability to compare rows to records and arrays (Rafal Rzepecki, Tom Lane) * Update time zone data files to tzdata release 2013d for DST law changes in DST law changes in Israel, Morocco, Palestine, Paraguay. Also, historical zone data corrections for Macquarie Island (Tom Lane) libecpg6-9.0.14-35.1.i586.rpm libecpg6-debuginfo-9.0.14-35.1.i586.rpm libpq5-32bit-9.0.14-35.1.x86_64.rpm libpq5-9.0.14-35.1.i586.rpm libpq5-debuginfo-32bit-9.0.14-35.1.x86_64.rpm libpq5-debuginfo-9.0.14-35.1.i586.rpm libpq5-debuginfo-x86-9.0.14-35.1.ia64.rpm libpq5-x86-9.0.14-35.1.ia64.rpm postgresql-devel-9.0.14-35.1.i586.rpm postgresql-devel-debuginfo-9.0.14-35.1.i586.rpm postgresql-libs-9.0.14-35.1.src.rpm postgresql-libs-debugsource-9.0.14-35.1.i586.rpm postgresql-9.0.14-35.1.i586.rpm postgresql-9.0.14-35.1.src.rpm postgresql-contrib-9.0.14-35.1.i586.rpm postgresql-contrib-debuginfo-9.0.14-35.1.i586.rpm postgresql-debuginfo-9.0.14-35.1.i586.rpm postgresql-debugsource-9.0.14-35.1.i586.rpm postgresql-docs-9.0.14-35.1.noarch.rpm postgresql-plperl-9.0.14-35.1.i586.rpm postgresql-plperl-debuginfo-9.0.14-35.1.i586.rpm postgresql-plpython-9.0.14-35.1.i586.rpm postgresql-plpython-debuginfo-9.0.14-35.1.i586.rpm postgresql-pltcl-9.0.14-35.1.i586.rpm postgresql-pltcl-debuginfo-9.0.14-35.1.i586.rpm postgresql-server-9.0.14-35.1.i586.rpm postgresql-server-debuginfo-9.0.14-35.1.i586.rpm libecpg6-9.0.14-35.1.x86_64.rpm libecpg6-debuginfo-9.0.14-35.1.x86_64.rpm libpq5-9.0.14-35.1.x86_64.rpm libpq5-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-devel-9.0.14-35.1.x86_64.rpm postgresql-devel-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-libs-debugsource-9.0.14-35.1.x86_64.rpm postgresql-9.0.14-35.1.x86_64.rpm postgresql-contrib-9.0.14-35.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-debugsource-9.0.14-35.1.x86_64.rpm postgresql-plperl-9.0.14-35.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-plpython-9.0.14-35.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-pltcl-9.0.14-35.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.14-35.1.x86_64.rpm postgresql-server-9.0.14-35.1.x86_64.rpm postgresql-server-debuginfo-9.0.14-35.1.x86_64.rpm 2013-154 moderate openSUSE Evergreen 11.4 the following security issue was fixed for HPLIP 3.13.10: usage of an insecure polkit DBUS API (fix for bnc#836937 and CVE-2013-4325 that are related to CVE-2013-4288 and bnc#835827). hplip-3.11.5-1.15.1.i586.rpm hplip-3.11.5-1.15.1.src.rpm hplip-debuginfo-3.11.5-1.15.1.i586.rpm hplip-debugsource-3.11.5-1.15.1.i586.rpm hplip-hpijs-3.11.5-1.15.1.i586.rpm hplip-hpijs-debuginfo-3.11.5-1.15.1.i586.rpm hplip-3.11.5-1.15.1.x86_64.rpm hplip-debuginfo-3.11.5-1.15.1.x86_64.rpm hplip-debugsource-3.11.5-1.15.1.x86_64.rpm hplip-hpijs-3.11.5-1.15.1.x86_64.rpm hplip-hpijs-debuginfo-3.11.5-1.15.1.x86_64.rpm 2013-153 moderate openSUSE Evergreen 11.4 Fixes the following security issue: - an authenticated X client can cause an X server to use memory after it was freed, potentially leading to crash and/or memory corruption. (CVE-2013-4396, bnc#843652) and the following bug was fixed too: - rfbAuthReenable is accessing rfbClient structure that was in most cases already freed. It actually needs only ScreenPtr, so pass it directly. (bnc#816813) xorg-x11-Xvnc-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.44.1.src.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.44.1.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.44.1.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.44.1.x86_64.rpm 2013-155 important openSUSE Evergreen 11.4 Update NSPR to 4.10.1 Update Thunderbird to 24.1.0 (incl. enigmail 1.6) Update Firefox to 24.1.0esr Changes in MozillaFirefox: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates Changes in MozillaThunderbird: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates - update to Thunderbird 24.0.1 * fqdn for smtp server name was not accepted (bmo#913785) * fixed crash in PL_strncasecmp (bmo#917955) - update Enigmail to 1.6 * The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent. * New dialog to change the expiry date of keys * New function to search for the OpenPGP keys of all Address Book entries on a keyserver * removed obsolete enigmail-build.patch Changes in mozilla-nspr: - update to version 4.10.1 * bmo#888273: RWIN Scaling (RFC1323) limited to 2 on Windows 7 and 8 (Windows only) * bmo#907512: Unix platforms shouldn't mask errors specific to Unix domain sockets MozillaFirefox-24.1.0-91.1.i586.rpm MozillaFirefox-24.1.0-91.1.src.rpm MozillaFirefox-branding-upstream-24.1.0-91.1.i586.rpm MozillaFirefox-buildsymbols-24.1.0-91.1.i586.rpm MozillaFirefox-debuginfo-24.1.0-91.1.i586.rpm MozillaFirefox-debugsource-24.1.0-91.1.i586.rpm MozillaFirefox-devel-24.1.0-91.1.i586.rpm MozillaFirefox-translations-common-24.1.0-91.1.i586.rpm MozillaFirefox-translations-other-24.1.0-91.1.i586.rpm MozillaThunderbird-24.1.0-77.2.i586.rpm MozillaThunderbird-24.1.0-77.2.src.rpm MozillaThunderbird-buildsymbols-24.1.0-77.2.i586.rpm MozillaThunderbird-debuginfo-24.1.0-77.2.i586.rpm MozillaThunderbird-debugsource-24.1.0-77.2.i586.rpm MozillaThunderbird-devel-24.1.0-77.2.i586.rpm MozillaThunderbird-translations-common-24.1.0-77.2.i586.rpm MozillaThunderbird-translations-other-24.1.0-77.2.i586.rpm enigmail-1.6.0+24.1.0-77.2.i586.rpm mozilla-nspr-32bit-4.10.1-32.1.x86_64.rpm mozilla-nspr-4.10.1-32.1.i586.rpm mozilla-nspr-4.10.1-32.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.1-32.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.1-32.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.1-32.1.ia64.rpm mozilla-nspr-debugsource-4.10.1-32.1.i586.rpm mozilla-nspr-devel-4.10.1-32.1.i586.rpm mozilla-nspr-x86-4.10.1-32.1.ia64.rpm seamonkey-2.22-81.1.i586.rpm seamonkey-2.22-81.1.src.rpm seamonkey-debuginfo-2.22-81.1.i586.rpm seamonkey-debugsource-2.22-81.1.i586.rpm seamonkey-dom-inspector-2.22-81.1.i586.rpm seamonkey-irc-2.22-81.1.i586.rpm seamonkey-translations-common-2.22-81.1.i586.rpm seamonkey-translations-other-2.22-81.1.i586.rpm seamonkey-venkman-2.22-81.1.i586.rpm MozillaFirefox-24.1.0-91.1.x86_64.rpm MozillaFirefox-branding-upstream-24.1.0-91.1.x86_64.rpm MozillaFirefox-buildsymbols-24.1.0-91.1.x86_64.rpm MozillaFirefox-debuginfo-24.1.0-91.1.x86_64.rpm MozillaFirefox-debugsource-24.1.0-91.1.x86_64.rpm MozillaFirefox-devel-24.1.0-91.1.x86_64.rpm MozillaFirefox-translations-common-24.1.0-91.1.x86_64.rpm MozillaFirefox-translations-other-24.1.0-91.1.x86_64.rpm MozillaThunderbird-24.1.0-77.2.x86_64.rpm MozillaThunderbird-buildsymbols-24.1.0-77.2.x86_64.rpm MozillaThunderbird-debuginfo-24.1.0-77.2.x86_64.rpm MozillaThunderbird-debugsource-24.1.0-77.2.x86_64.rpm MozillaThunderbird-devel-24.1.0-77.2.x86_64.rpm MozillaThunderbird-translations-common-24.1.0-77.2.x86_64.rpm MozillaThunderbird-translations-other-24.1.0-77.2.x86_64.rpm enigmail-1.6.0+24.1.0-77.2.x86_64.rpm mozilla-nspr-4.10.1-32.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.1-32.1.x86_64.rpm mozilla-nspr-debugsource-4.10.1-32.1.x86_64.rpm mozilla-nspr-devel-4.10.1-32.1.x86_64.rpm seamonkey-2.22-81.1.x86_64.rpm seamonkey-debuginfo-2.22-81.1.x86_64.rpm seamonkey-debugsource-2.22-81.1.x86_64.rpm seamonkey-dom-inspector-2.22-81.1.x86_64.rpm seamonkey-irc-2.22-81.1.x86_64.rpm seamonkey-translations-common-2.22-81.1.x86_64.rpm seamonkey-translations-other-2.22-81.1.x86_64.rpm seamonkey-venkman-2.22-81.1.x86_64.rpm 2013-158 low openSUSE Evergreen 11.4 - Applied upstream fix for a denial-of-service and authorization bypass vulnerability via crafted ID payload in strongswan 4.3.3 up to 5.1.0 (CVE-2013-6075, bnc#847506). [0007-strongswan-4.3.3_5.1.0-bnc-847506-CVE-2013-6075.patch] - Added a recursion limit to get_route in netlink plugin to avoid a charon crash while trying to find a source address when local left is set to %any on newer kernels sorting the default route as first one (bnc#840826). [0006-strongswan-4.6.4-bnc-840826-recursion-limit.patch] strongswan-4.5.0-6.60.1.i586.rpm strongswan-4.5.0-6.60.1.src.rpm strongswan-debugsource-4.5.0-6.60.1.i586.rpm strongswan-doc-4.5.0-6.60.1.i586.rpm strongswan-ikev1-4.5.0-6.60.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-ikev2-4.5.0-6.60.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-ipsec-4.5.0-6.60.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-libs0-4.5.0-6.60.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-mysql-4.5.0-6.60.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-nm-4.5.0-6.60.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-sqlite-4.5.0-6.60.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.60.1.i586.rpm strongswan-4.5.0-6.60.1.x86_64.rpm strongswan-debugsource-4.5.0-6.60.1.x86_64.rpm strongswan-doc-4.5.0-6.60.1.x86_64.rpm strongswan-ikev1-4.5.0-6.60.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-ikev2-4.5.0-6.60.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-ipsec-4.5.0-6.60.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-libs0-4.5.0-6.60.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-mysql-4.5.0-6.60.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-nm-4.5.0-6.60.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.60.1.x86_64.rpm strongswan-sqlite-4.5.0-6.60.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.60.1.x86_64.rpm 2013-157 moderate openSUSE Evergreen 11.4 The following security issues were fixed: - Applied upstream patch changing to use a constant time memcmp when comparing HMACs in openvpn_decrypt to address ciphertext injection in UDP mode (CVE-2013-2061, bnc#843509). [0006-openvpn-2.0.9-HMAC-memcmp-CVE-2013-2061_bnc843509.patch] Changes in openvpn: - Applied upstream patch changing to use a constant time memcmp when comparing HMACs in openvpn_decrypt to address ciphertext injection in UDP mode (CVE-2013-2061, bnc#843509). [0006-openvpn-2.0.9-HMAC-memcmp-CVE-2013-2061_bnc843509.patch] openvpn-2.1.4-11.34.1.i586.rpm openvpn-2.1.4-11.34.1.src.rpm openvpn-auth-pam-plugin-2.1.4-11.34.1.i586.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.34.1.i586.rpm openvpn-debuginfo-2.1.4-11.34.1.i586.rpm openvpn-debugsource-2.1.4-11.34.1.i586.rpm openvpn-down-root-plugin-2.1.4-11.34.1.i586.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.34.1.i586.rpm openvpn-2.1.4-11.34.1.x86_64.rpm openvpn-auth-pam-plugin-2.1.4-11.34.1.x86_64.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.34.1.x86_64.rpm openvpn-debuginfo-2.1.4-11.34.1.x86_64.rpm openvpn-debugsource-2.1.4-11.34.1.x86_64.rpm openvpn-down-root-plugin-2.1.4-11.34.1.x86_64.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.34.1.x86_64.rpm 2013-160 moderate openSUSE Evergreen 11.4 the following security issues were fixed in wireshark: * The IEEE 802.15.4 dissector could crash wnpa-sec-2013-61 CVE-2013-6336 * The NBAP dissector could crash wnpa-sec-2013-62 CVE-2013-6337 * The SIP dissector could crash wnpa-sec-2013-63 CVE-2013-6338 * The OpenWire dissector could go into a large loop wnpa-sec-2013-64 CVE-2013-6339 * The TCP dissector could crash wnpa-sec-2013-65 CVE-2013-6340 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html wireshark-1.8.11-61.1.i586.rpm wireshark-1.8.11-61.1.src.rpm wireshark-debuginfo-1.8.11-61.1.i586.rpm wireshark-debugsource-1.8.11-61.1.i586.rpm wireshark-devel-1.8.11-61.1.i586.rpm wireshark-1.8.11-61.1.x86_64.rpm wireshark-debuginfo-1.8.11-61.1.x86_64.rpm wireshark-debugsource-1.8.11-61.1.x86_64.rpm wireshark-devel-1.8.11-61.1.x86_64.rpm 2013-161 moderate openSUSE Evergreen 11.4 - update to 5.0.26 [bnc#848594] * Added the .cf TLD server. * Updated the .bi TLD server. * Added a new ASN allocation. - includes changes from 5.0.25 * Added the .ax, .bn, .iq, .pw and .rw TLD servers. * Updated one or more translations. - includes updates changes 5.0.24: * Merged documentation fixes and the whois.conf(5) man page * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.23 * whois.nic.or.kr switched from EUC-KR to UTF-8. - includes changes from 5.0.22 * Fixed cross-compiling - includes changes from 5.0.21 * Fixed parsing of 6to4 addresses * Added the .xn--j1amh (.укр, Ukraine) TLD server. * Updated the .bi, .se and .vn TLD servers. * Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken. * Updated some disclaimer suppression strings. * Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling. - includes changes form 5.0.20 * Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers. * Added the .bw, .td, .xn--mgb9awbf (عمان., Oman), .xn--mgberp4a5d4ar (.السعودية, Saudi Arabia) and .xn--mgbx4cd0ab (ï»¢ï» ï»´ïº´ï»³ïº., Malaysia) TLD servers. * Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (ایران., Iran) TLD servers. - includes changes from 5.0.19 * Added the .post TLD server. * Updated the .co.za SLD servers. * Added the .alt.za, .net.za and .web.za SLD servers. * whois.ua changed (?) the encoding to utf-8. * Fixed the parsing of 6to4 addresses like whois 2002:xxxx::. - includes changes from 5.0.18 * Updated the .ae and .xn--mgbaam7a8h (.امارات, United Arabs Emirates) TLDs. * Updated the server charset table for .fr and .it. - includes changes from whois 5.0.17 * Updated the .bi, .fo, .gr and .gt TLD servers. * Removed support for recursion of .org queries, it has been a thick registry since 2005. - includes changes from 5.0.16 * Added the .xn--80ao21a (.ҚАЗ, Kazakhstan) TLD server. * Updated the .ec and .ee TLD servers. * Removed the .xn--mgbc0a9azcg (.المغرب, Morocco) and .xn--mgberp4a5d4ar (.السعودية, Saudi Arabia) TLD servers. * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.15 * Added the .xn--mgba3a4f16a (ایران., Iran) TLD server. * Updated the .pe TLD server, this time for real. * Updated one or more translations. - includes changes from 5.0.14 * Added the .sx TLD server. * Updated the .pe TLD server. - includes changes from 5.0.13 * Updated the .hr TLD server. * Improved the package description * Updated the FSF address in licenses. - includes changes from 5.0.12 * Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE). * Add the "+" flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the "a" and "n" flags. No thanks to ARIN for breaking every whois client. * Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.한국, Korea), .xn--45brj9c (.ভারত, India, Bengali), .xn--90a3ac (.СРБ, Serbia), .xn--clchc0ea0b2g2a9gcd (.சிங்கப்பூர், Singapore, Tamil), .xn--fpcrj9c3d (.భారత్, India, Telugu), .xn--fzc2c9e2c (.ලංකා, Sri Lanka, Sinhala), .xn--gecrj9c (.ભારત, India, Gujarati), .xn--h2brj9c (.भारत, India, Hindi), .xn--lgbbat1ad8j (.الجزائر, Algeria), .xn--mgbayh7gpa (.الاردن, Jordan), .xn--mgbbh1a71e (.بھارت, India, Urdu), .xn--mgbc0a9azcg (.المغرب, Morocco), .xn--ogbpf8fl (.سورية, Syria), .xn--s9brj9c (.ਭਾਰਤ, India, Punjabi), .xn--xkc2al3hye2a (.இலங்கை, Sri Lanka, Tamil), .xn--wgbl6a (.قطر, Qatar), .xn--xkc2dl3a5ee0h (.இந்தியா, India, Tamil), .xn--yfro4i67o (.æ–°åŠ å¡, Singapore, Chinese) and .xxx TLD servers. (Closes: #642424), * Added the .priv.at pseudo-SLD server. * Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478) * Added a new ASN allocation. * Fixed a typo and -t syntax in whois(1). (Closes: #614973, #632588) * Made whois return an error in some cases, code contributed by David Souther. * Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE. * mkpasswd: stop rejecting non-ASCII characters. * mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483. * mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default. * mkpasswd: removed support for 2 and {SHA}, which actually are not supported by FreeBSD and libxcrypt. - packaging changes * removed patches accepted upstream: whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-prefix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfish-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.diff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff * removed patches no longer required: whois-5.0.11-mkpasswd-fix-compiler-warnings.diff * updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch * verify source signatures - crypt_gensalt moved to separate library libowcrypt (fate#314945) - update to 5.0.26 [bnc#848594] * Added the .cf TLD server. * Updated the .bi TLD server. * Added a new ASN allocation. - includes changes from 5.0.25 * Added the .ax, .bn, .iq, .pw and .rw TLD servers. * Updated one or more translations. - includes updates changes 5.0.24: * Merged documentation fixes and the whois.conf(5) man page * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.23 * whois.nic.or.kr switched from EUC-KR to UTF-8. - includes changes from 5.0.22 * Fixed cross-compiling - includes changes from 5.0.21 * Fixed parsing of 6to4 addresses * Added the .xn--j1amh (.укр, Ukraine) TLD server. * Updated the .bi, .se and .vn TLD servers. * Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken. * Updated some disclaimer suppression strings. * Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling. - includes changes form 5.0.20 * Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers. * Added the .bw, .td, .xn--mgb9awbf (عمان., Oman), .xn--mgberp4a5d4ar (.السعودية, Saudi Arabia) and .xn--mgbx4cd0ab (ï»¢ï» ï»´ïº´ï»³ïº., Malaysia) TLD servers. * Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (ایران., Iran) TLD servers. - includes changes from 5.0.19 * Added the .post TLD server. * Updated the .co.za SLD servers. * Added the .alt.za, .net.za and .web.za SLD servers. * whois.ua changed (?) the encoding to utf-8. * Fixed the parsing of 6to4 addresses like whois 2002:xxxx::. - includes changes from 5.0.18 * Updated the .ae and .xn--mgbaam7a8h (.امارات, United Arabs Emirates) TLDs. * Updated the server charset table for .fr and .it. - includes changes from whois 5.0.17 * Updated the .bi, .fo, .gr and .gt TLD servers. * Removed support for recursion of .org queries, it has been a thick registry since 2005. - includes changes from 5.0.16 * Added the .xn--80ao21a (.ҚАЗ, Kazakhstan) TLD server. * Updated the .ec and .ee TLD servers. * Removed the .xn--mgbc0a9azcg (.المغرب, Morocco) and .xn--mgberp4a5d4ar (.السعودية, Saudi Arabia) TLD servers. * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.15 * Added the .xn--mgba3a4f16a (ایران., Iran) TLD server. * Updated the .pe TLD server, this time for real. * Updated one or more translations. - includes changes from 5.0.14 * Added the .sx TLD server. * Updated the .pe TLD server. - includes changes from 5.0.13 * Updated the .hr TLD server. * Improved the package description * Updated the FSF address in licenses. - includes changes from 5.0.12 * Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE). * Add the "+" flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the "a" and "n" flags. No thanks to ARIN for breaking every whois client. * Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.한국, Korea), .xn--45brj9c (.ভারত, India, Bengali), .xn--90a3ac (.СРБ, Serbia), .xn--clchc0ea0b2g2a9gcd (.சிங்கப்பூர், Singapore, Tamil), .xn--fpcrj9c3d (.భారత్, India, Telugu), .xn--fzc2c9e2c (.ලංකා, Sri Lanka, Sinhala), .xn--gecrj9c (.ભારત, India, Gujarati), .xn--h2brj9c (.भारत, India, Hindi), .xn--lgbbat1ad8j (.الجزائر, Algeria), .xn--mgbayh7gpa (.الاردن, Jordan), .xn--mgbbh1a71e (.بھارت, India, Urdu), .xn--mgbc0a9azcg (.المغرب, Morocco), .xn--ogbpf8fl (.سورية, Syria), .xn--s9brj9c (.ਭਾਰਤ, India, Punjabi), .xn--xkc2al3hye2a (.இலங்கை, Sri Lanka, Tamil), .xn--wgbl6a (.قطر, Qatar), .xn--xkc2dl3a5ee0h (.இந்தியா, India, Tamil), .xn--yfro4i67o (.æ–°åŠ å¡, Singapore, Chinese) and .xxx TLD servers. (Closes: #642424), * Added the .priv.at pseudo-SLD server. * Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478) * Added a new ASN allocation. * Fixed a typo and -t syntax in whois(1). (Closes: #614973, #632588) * Made whois return an error in some cases, code contributed by David Souther. * Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE. * mkpasswd: stop rejecting non-ASCII characters. * mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483. * mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default. * mkpasswd: removed support for 2 and {SHA}, which actually are not supported by FreeBSD and libxcrypt. - packaging changes * removed patches accepted upstream: whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-prefix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfish-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.diff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff * removed patches no longer required: whois-5.0.11-mkpasswd-fix-compiler-warnings.diff * updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch * verify source signatures - crypt_gensalt moved to separate library libowcrypt (fate#314945) whois-5.0.26-7.1.i586.rpm whois-5.0.26-7.1.src.rpm whois-debuginfo-5.0.26-7.1.i586.rpm whois-debugsource-5.0.26-7.1.i586.rpm whois-5.0.26-7.1.x86_64.rpm whois-debuginfo-5.0.26-7.1.x86_64.rpm whois-debugsource-5.0.26-7.1.x86_64.rpm 2012-13 moderate openSUSE Evergreen 11.4 This update of sblim-cim-client2 fixed a Denial of Service (via hash table collision) issue. sblim-cim-client2-2.1.3-9.1.noarch.rpm sblim-cim-client2-2.1.3-9.1.src.rpm sblim-cim-client2-javadoc-2.1.3-9.1.noarch.rpm sblim-cim-client2-manual-2.1.3-9.1.noarch.rpm 2013-163 moderate openSUSE Evergreen 11.4 update NSPR to version 4.10.2 * bmo#770534: possible pointer overflow in PL_ArenaAllocate() * bmo#888546: ptio.c:PR_ImportUDPSocket doesn't work * bmo#927687: (CVE-2013-5607) Avoid unsigned integer wrapping in PL_ArenaAllocate. update NSS to version 3.15.3 * Bug 925100 - (CVE-2013-1741) Ensure a size is <= half of the maximum PRUint32 value * Bug 934016 - (CVE-2013-5605) Handle invalid handshake packets * Bug 910438 - (CVE-2013-5606) Return the correct result in CERT_VerifyCert on failure, if a verifyLog isn't used mozilla-nspr-32bit-4.10.2-36.1.x86_64.rpm mozilla-nspr-4.10.2-36.1.i586.rpm mozilla-nspr-4.10.2-36.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.2-36.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.2-36.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.2-36.1.ia64.rpm mozilla-nspr-debugsource-4.10.2-36.1.i586.rpm mozilla-nspr-devel-4.10.2-36.1.i586.rpm mozilla-nspr-x86-4.10.2-36.1.ia64.rpm libfreebl3-3.15.3-70.1.i586.rpm libfreebl3-32bit-3.15.3-70.1.x86_64.rpm libfreebl3-debuginfo-3.15.3-70.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.3-70.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.3-70.1.ia64.rpm libfreebl3-x86-3.15.3-70.1.ia64.rpm libsoftokn3-3.15.3-70.1.i586.rpm libsoftokn3-32bit-3.15.3-70.1.x86_64.rpm libsoftokn3-debuginfo-3.15.3-70.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.3-70.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.3-70.1.ia64.rpm libsoftokn3-x86-3.15.3-70.1.ia64.rpm mozilla-nss-3.15.3-70.1.i586.rpm mozilla-nss-3.15.3-70.1.src.rpm mozilla-nss-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-certs-3.15.3-70.1.i586.rpm mozilla-nss-certs-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.3-70.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.3-70.1.ia64.rpm mozilla-nss-certs-x86-3.15.3-70.1.ia64.rpm mozilla-nss-debuginfo-3.15.3-70.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.3-70.1.ia64.rpm mozilla-nss-debugsource-3.15.3-70.1.i586.rpm mozilla-nss-devel-3.15.3-70.1.i586.rpm mozilla-nss-sysinit-3.15.3-70.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.3-70.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.3-70.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.3-70.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.3-70.1.ia64.rpm mozilla-nss-tools-3.15.3-70.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.3-70.1.i586.rpm mozilla-nss-x86-3.15.3-70.1.ia64.rpm mozilla-nspr-4.10.2-36.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.2-36.1.x86_64.rpm mozilla-nspr-debugsource-4.10.2-36.1.x86_64.rpm mozilla-nspr-devel-4.10.2-36.1.x86_64.rpm libfreebl3-3.15.3-70.1.x86_64.rpm libfreebl3-debuginfo-3.15.3-70.1.x86_64.rpm libsoftokn3-3.15.3-70.1.x86_64.rpm libsoftokn3-debuginfo-3.15.3-70.1.x86_64.rpm mozilla-nss-3.15.3-70.1.x86_64.rpm mozilla-nss-certs-3.15.3-70.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.3-70.1.x86_64.rpm mozilla-nss-debuginfo-3.15.3-70.1.x86_64.rpm mozilla-nss-debugsource-3.15.3-70.1.x86_64.rpm mozilla-nss-devel-3.15.3-70.1.x86_64.rpm mozilla-nss-sysinit-3.15.3-70.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.3-70.1.x86_64.rpm mozilla-nss-tools-3.15.3-70.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.3-70.1.x86_64.rpm 2013-162 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.327: (bnc#850220) * APSB13-26, CVE-2013-5329, CVE-2013-5330 flash-player-11.2.202.327-79.1.i586.rpm flash-player-11.2.202.327-79.1.nosrc.rpm flash-player-gnome-11.2.202.327-79.1.i586.rpm flash-player-kde4-11.2.202.327-79.1.i586.rpm flash-player-11.2.202.327-79.1.x86_64.rpm flash-player-gnome-11.2.202.327-79.1.x86_64.rpm flash-player-kde4-11.2.202.327-79.1.x86_64.rpm 2013-164 moderate openSUSE Evergreen 11.4 This update fixes the following security issue with krb5: - bnc#849240, CVE-2013-1418: fix Multi-realm KDC null deref krb5-1.8.3-67.1.i586.rpm krb5-1.8.3-67.1.src.rpm krb5-32bit-1.8.3-67.1.x86_64.rpm krb5-client-1.8.3-67.1.i586.rpm krb5-client-debuginfo-1.8.3-67.1.i586.rpm krb5-debuginfo-1.8.3-67.1.i586.rpm krb5-debuginfo-32bit-1.8.3-67.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-67.1.ia64.rpm krb5-debugsource-1.8.3-67.1.i586.rpm krb5-devel-1.8.3-67.1.i586.rpm krb5-devel-32bit-1.8.3-67.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-67.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-67.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-67.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-67.1.i586.rpm krb5-server-1.8.3-67.1.i586.rpm krb5-server-debuginfo-1.8.3-67.1.i586.rpm krb5-x86-1.8.3-67.1.ia64.rpm krb5-1.8.3-67.1.x86_64.rpm krb5-client-1.8.3-67.1.x86_64.rpm krb5-client-debuginfo-1.8.3-67.1.x86_64.rpm krb5-debuginfo-1.8.3-67.1.x86_64.rpm krb5-debugsource-1.8.3-67.1.x86_64.rpm krb5-devel-1.8.3-67.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-67.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-67.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-67.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-67.1.x86_64.rpm krb5-server-1.8.3-67.1.x86_64.rpm krb5-server-debuginfo-1.8.3-67.1.x86_64.rpm 2013-166 moderate openSUSE Evergreen 11.4 the following security issues were fixed in samba: - ACLs are not checked on opening an alternate data stream on a file or directory; CVE-2013-4475; (bso#10229); (bnc#848101). - Fix memleak in reload_printers_full(); (bso#9993). - Valid utf8 filenames cause "invalid conversion error" messages; (bso#10139). - s3: smb2 breaks "smb encryption = mandatory"; (bso#10167). - Missing talloc_free can leak stackframe in error path; (bso#10187). - Offline logon cache not updating for cross child domain group membership; (bso#10194). - The preceding bugs are tracked by (bnc#849226) too. - Make Samba work on site with Read Only Domain Controller; (bso#5917). - Give machine password changes 10 minutes of time; (bso#8955). - NetrServerPasswordSet2 timeout is too short; (bso#8955). - Fix fallback to ncacn_np in cm_connect_lsat(); (bso#9615); (bso#9899). - s3-winbind: Do not delete an existing valid credential cache; (bso#9994). - 'net ads join': Fix segmentation fault in create_local_private_krb5_conf_for_domain; (bso#10073). - Fix variable list in man vfs_crossrename; (bso#10076). - MacOSX 10.9 will not follow path-based DFS referrals handed out by Samba; (bso#10097). - Honour output buffer length set by the client for SMB2 GetInfo requests; (bso#10106). - Handle Dropbox (write-only-directory) case correctly in pathname lookup; (bso#10114). - Fix 'smbstatus' as non-root user; (bso#10127). - The preceding bugs are tracked by (bnc#849226) too. - Windows 8 Roaming profiles fail; (bso#9678). - Linux kernel oplock breaks can miss signals; (bso#10064). - The preceding bugs are tracked by (bnc#849226) too. - Verify source tar ball gpg signature. - Store and return the correct spoolss jobid in notifications; (bnc#838472). - Reload snums before processing the printer list. (bnc#817880). samba-doc-3.6.3-130.2.src.rpm ldapsmb-1.34b-130.2.i586.rpm libldb-devel-1.0.2-130.2.i586.rpm libldb1-1.0.2-130.2.i586.rpm libldb1-32bit-1.0.2-130.2.x86_64.rpm libldb1-debuginfo-1.0.2-130.2.i586.rpm libldb1-debuginfo-32bit-1.0.2-130.2.x86_64.rpm libldb1-debuginfo-x86-1.0.2-130.2.ia64.rpm libldb1-x86-1.0.2-130.2.ia64.rpm libnetapi-devel-3.6.3-130.2.i586.rpm libnetapi0-3.6.3-130.2.i586.rpm libnetapi0-debuginfo-3.6.3-130.2.i586.rpm libsmbclient-devel-3.6.3-130.2.i586.rpm libsmbclient0-3.6.3-130.2.i586.rpm libsmbclient0-32bit-3.6.3-130.2.x86_64.rpm libsmbclient0-debuginfo-3.6.3-130.2.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-130.2.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-130.2.ia64.rpm libsmbclient0-x86-3.6.3-130.2.ia64.rpm libsmbsharemodes-devel-3.6.3-130.2.i586.rpm libsmbsharemodes0-3.6.3-130.2.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-130.2.i586.rpm libtalloc-devel-2.0.5-130.2.i586.rpm libtalloc2-2.0.5-130.2.i586.rpm libtalloc2-32bit-2.0.5-130.2.x86_64.rpm libtalloc2-debuginfo-2.0.5-130.2.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-130.2.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-130.2.ia64.rpm libtalloc2-x86-2.0.5-130.2.ia64.rpm libtdb-devel-1.2.9-130.2.i586.rpm libtdb1-1.2.9-130.2.i586.rpm libtdb1-32bit-1.2.9-130.2.x86_64.rpm libtdb1-debuginfo-1.2.9-130.2.i586.rpm libtdb1-debuginfo-32bit-1.2.9-130.2.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-130.2.ia64.rpm libtdb1-x86-1.2.9-130.2.ia64.rpm libtevent-devel-0.9.11-130.2.i586.rpm libtevent0-0.9.11-130.2.i586.rpm libtevent0-32bit-0.9.11-130.2.x86_64.rpm libtevent0-debuginfo-0.9.11-130.2.i586.rpm libtevent0-debuginfo-32bit-0.9.11-130.2.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-130.2.ia64.rpm libtevent0-x86-0.9.11-130.2.ia64.rpm libwbclient-devel-3.6.3-130.2.i586.rpm libwbclient0-3.6.3-130.2.i586.rpm libwbclient0-32bit-3.6.3-130.2.x86_64.rpm libwbclient0-debuginfo-3.6.3-130.2.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-130.2.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-130.2.ia64.rpm libwbclient0-x86-3.6.3-130.2.ia64.rpm samba-3.6.3-130.2.i586.rpm samba-3.6.3-130.2.src.rpm samba-32bit-3.6.3-130.2.x86_64.rpm samba-client-3.6.3-130.2.i586.rpm samba-client-32bit-3.6.3-130.2.x86_64.rpm samba-client-debuginfo-3.6.3-130.2.i586.rpm samba-client-debuginfo-32bit-3.6.3-130.2.x86_64.rpm samba-client-debuginfo-x86-3.6.3-130.2.ia64.rpm samba-client-x86-3.6.3-130.2.ia64.rpm samba-debuginfo-3.6.3-130.2.i586.rpm samba-debuginfo-32bit-3.6.3-130.2.x86_64.rpm samba-debuginfo-x86-3.6.3-130.2.ia64.rpm samba-debugsource-3.6.3-130.2.i586.rpm samba-devel-3.6.3-130.2.i586.rpm samba-doc-3.6.3-130.2.noarch.rpm samba-krb-printing-3.6.3-130.2.i586.rpm samba-krb-printing-debuginfo-3.6.3-130.2.i586.rpm samba-winbind-3.6.3-130.2.i586.rpm samba-winbind-32bit-3.6.3-130.2.x86_64.rpm samba-winbind-debuginfo-3.6.3-130.2.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-130.2.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-130.2.ia64.rpm samba-winbind-x86-3.6.3-130.2.ia64.rpm samba-x86-3.6.3-130.2.ia64.rpm ldapsmb-1.34b-130.2.x86_64.rpm libldb-devel-1.0.2-130.2.x86_64.rpm libldb1-1.0.2-130.2.x86_64.rpm libldb1-debuginfo-1.0.2-130.2.x86_64.rpm libnetapi-devel-3.6.3-130.2.x86_64.rpm libnetapi0-3.6.3-130.2.x86_64.rpm libnetapi0-debuginfo-3.6.3-130.2.x86_64.rpm libsmbclient-devel-3.6.3-130.2.x86_64.rpm libsmbclient0-3.6.3-130.2.x86_64.rpm libsmbclient0-debuginfo-3.6.3-130.2.x86_64.rpm libsmbsharemodes-devel-3.6.3-130.2.x86_64.rpm libsmbsharemodes0-3.6.3-130.2.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-130.2.x86_64.rpm libtalloc-devel-2.0.5-130.2.x86_64.rpm libtalloc2-2.0.5-130.2.x86_64.rpm libtalloc2-debuginfo-2.0.5-130.2.x86_64.rpm libtdb-devel-1.2.9-130.2.x86_64.rpm libtdb1-1.2.9-130.2.x86_64.rpm libtdb1-debuginfo-1.2.9-130.2.x86_64.rpm libtevent-devel-0.9.11-130.2.x86_64.rpm libtevent0-0.9.11-130.2.x86_64.rpm libtevent0-debuginfo-0.9.11-130.2.x86_64.rpm libwbclient-devel-3.6.3-130.2.x86_64.rpm libwbclient0-3.6.3-130.2.x86_64.rpm libwbclient0-debuginfo-3.6.3-130.2.x86_64.rpm samba-3.6.3-130.2.x86_64.rpm samba-client-3.6.3-130.2.x86_64.rpm samba-client-debuginfo-3.6.3-130.2.x86_64.rpm samba-debuginfo-3.6.3-130.2.x86_64.rpm samba-debugsource-3.6.3-130.2.x86_64.rpm samba-devel-3.6.3-130.2.x86_64.rpm samba-krb-printing-3.6.3-130.2.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-130.2.x86_64.rpm samba-winbind-3.6.3-130.2.x86_64.rpm samba-winbind-debuginfo-3.6.3-130.2.x86_64.rpm 2013-174 low openSUSE Evergreen 11.4 Kernel for Evergreen 11.4 was updated to version 3.0.101 providing lots of security and bug related fixes. kernel-debug-3.0.101-71.1.i586.rpm True kernel-debug-3.0.101-71.1.nosrc.rpm True kernel-debug-base-3.0.101-71.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-debug-debuginfo-3.0.101-71.1.i586.rpm True kernel-debug-debugsource-3.0.101-71.1.i586.rpm True kernel-debug-devel-3.0.101-71.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-debug-hmac-3.0.101-71.1.i586.rpm True kernel-default-3.0.101-71.1.i586.rpm True kernel-default-3.0.101-71.1.nosrc.rpm True kernel-default-base-3.0.101-71.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-default-debuginfo-3.0.101-71.1.i586.rpm True kernel-default-debugsource-3.0.101-71.1.i586.rpm True kernel-default-devel-3.0.101-71.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-default-hmac-3.0.101-71.1.i586.rpm True kernel-desktop-3.0.101-71.1.i586.rpm True kernel-desktop-3.0.101-71.1.nosrc.rpm True kernel-desktop-base-3.0.101-71.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-71.1.i586.rpm True kernel-desktop-debugsource-3.0.101-71.1.i586.rpm True kernel-desktop-devel-3.0.101-71.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-desktop-hmac-3.0.101-71.1.i586.rpm True kernel-docs-3.0.101-71.2.noarch.rpm True kernel-docs-3.0.101-71.2.src.rpm True kernel-ec2-3.0.101-71.1.i586.rpm True kernel-ec2-3.0.101-71.1.nosrc.rpm True kernel-ec2-base-3.0.101-71.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-71.1.i586.rpm True kernel-ec2-debugsource-3.0.101-71.1.i586.rpm True kernel-ec2-devel-3.0.101-71.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-ec2-extra-3.0.101-71.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-71.1.i586.rpm True kernel-ec2-hmac-3.0.101-71.1.i586.rpm True kernel-pae-3.0.101-71.1.i586.rpm True kernel-pae-3.0.101-71.1.nosrc.rpm True kernel-pae-base-3.0.101-71.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-pae-debuginfo-3.0.101-71.1.i586.rpm True kernel-pae-debugsource-3.0.101-71.1.i586.rpm True kernel-pae-devel-3.0.101-71.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-pae-hmac-3.0.101-71.1.i586.rpm True kernel-source-3.0.101-71.1.i586.rpm True kernel-source-3.0.101-71.1.src.rpm True kernel-source-vanilla-3.0.101-71.1.i586.rpm True kernel-syms-3.0.101-71.1.i586.rpm True kernel-syms-3.0.101-71.1.src.rpm True kernel-trace-3.0.101-71.1.i586.rpm True kernel-trace-3.0.101-71.1.nosrc.rpm True kernel-trace-base-3.0.101-71.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-trace-debuginfo-3.0.101-71.1.i586.rpm True kernel-trace-debugsource-3.0.101-71.1.i586.rpm True kernel-trace-devel-3.0.101-71.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-trace-hmac-3.0.101-71.1.i586.rpm True kernel-vanilla-3.0.101-71.1.i586.rpm True kernel-vanilla-3.0.101-71.1.nosrc.rpm True kernel-vanilla-base-3.0.101-71.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-71.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-71.1.i586.rpm True kernel-vanilla-devel-3.0.101-71.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-vanilla-hmac-3.0.101-71.1.i586.rpm True kernel-vmi-3.0.101-71.1.i586.rpm True kernel-vmi-3.0.101-71.1.nosrc.rpm True kernel-vmi-base-3.0.101-71.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-71.1.i586.rpm True kernel-vmi-debugsource-3.0.101-71.1.i586.rpm True kernel-vmi-devel-3.0.101-71.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-vmi-hmac-3.0.101-71.1.i586.rpm True kernel-xen-3.0.101-71.1.i586.rpm True kernel-xen-3.0.101-71.1.nosrc.rpm True kernel-xen-base-3.0.101-71.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-71.1.i586.rpm True kernel-xen-debuginfo-3.0.101-71.1.i586.rpm True kernel-xen-debugsource-3.0.101-71.1.i586.rpm True kernel-xen-devel-3.0.101-71.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-71.1.i586.rpm True kernel-xen-hmac-3.0.101-71.1.i586.rpm True preload-1.2-6.53.1.i586.rpm True preload-1.2-6.53.1.src.rpm True preload-debuginfo-1.2-6.53.1.i586.rpm True preload-debugsource-1.2-6.53.1.i586.rpm True preload-kmp-default-1.2_3.0.101_71-6.53.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_71-6.53.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_71-6.53.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_71-6.53.1.i586.rpm True kernel-debug-3.0.101-71.1.x86_64.rpm True kernel-debug-base-3.0.101-71.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-71.1.x86_64.rpm True kernel-debug-devel-3.0.101-71.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-debug-hmac-3.0.101-71.1.x86_64.rpm True kernel-default-3.0.101-71.1.x86_64.rpm True kernel-default-base-3.0.101-71.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-default-debugsource-3.0.101-71.1.x86_64.rpm True kernel-default-devel-3.0.101-71.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-default-hmac-3.0.101-71.1.x86_64.rpm True kernel-desktop-3.0.101-71.1.x86_64.rpm True kernel-desktop-base-3.0.101-71.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-71.1.x86_64.rpm True kernel-desktop-devel-3.0.101-71.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-71.1.x86_64.rpm True kernel-ec2-3.0.101-71.1.x86_64.rpm True kernel-ec2-base-3.0.101-71.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-71.1.x86_64.rpm True kernel-ec2-devel-3.0.101-71.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-ec2-extra-3.0.101-71.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-71.1.x86_64.rpm True kernel-source-3.0.101-71.1.x86_64.rpm True kernel-source-vanilla-3.0.101-71.1.x86_64.rpm True kernel-syms-3.0.101-71.1.x86_64.rpm True kernel-trace-3.0.101-71.1.x86_64.rpm True kernel-trace-base-3.0.101-71.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-71.1.x86_64.rpm True kernel-trace-devel-3.0.101-71.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-trace-hmac-3.0.101-71.1.x86_64.rpm True kernel-vanilla-3.0.101-71.1.x86_64.rpm True kernel-vanilla-base-3.0.101-71.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-71.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-71.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-71.1.x86_64.rpm True kernel-xen-3.0.101-71.1.x86_64.rpm True kernel-xen-base-3.0.101-71.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-71.1.x86_64.rpm True kernel-xen-devel-3.0.101-71.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-71.1.x86_64.rpm True kernel-xen-hmac-3.0.101-71.1.x86_64.rpm True preload-1.2-6.53.1.x86_64.rpm True preload-debuginfo-1.2-6.53.1.x86_64.rpm True preload-debugsource-1.2-6.53.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_71-6.53.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_71-6.53.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_71-6.53.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_71-6.53.1.x86_64.rpm True 2013-167 moderate openSUSE Evergreen 11.4 The nginx webserver was fixed to avoid a restriction bypass when a space in not correctly escaped. nginx-0.8-0.8.53-4.17.2.i586.rpm nginx-0.8-0.8.53-4.17.2.src.rpm nginx-0.8-debuginfo-0.8.53-4.17.2.i586.rpm nginx-0.8-debugsource-0.8.53-4.17.2.i586.rpm nginx-0.8-0.8.53-4.17.2.x86_64.rpm nginx-0.8-debuginfo-0.8.53-4.17.2.x86_64.rpm nginx-0.8-debugsource-0.8.53-4.17.2.x86_64.rpm 2013-176 moderate openSUSE Evergreen 11.4 This release updates OpenJDK 6 support of icedtea version 1.12.7 with the October 2013 security errata and a number of bug fixes: Security fixes S8006900, CVE-2013-3829: Add new date/time capability S8008589: Better MBean permission validation S8011071, CVE-2013-5780: Better crypto provider handling S8011081, CVE-2013-5772: Improve jhat S8011157, CVE-2013-5814: Improve CORBA portablility S8012071, CVE-2013-5790: Better Building of Beans S8012147: Improve tool support S8012277: CVE-2013-5849: Improve AWT DataFlavor S8012425, CVE-2013-5802: Transform TransformerFactory S8013503, CVE-2013-5851: Improve stream factories S8013506: Better Pack200 data handling S8013510, CVE-2013-5809: Augment image writing code S8013514: Improve stability of cmap class S8013739, CVE-2013-5817: Better LDAP resource management S8013744, CVE-2013-5783: Better tabling for AWT S8014085: Better serialization support in JMX classes S8014093, CVE-2013-5782: Improve parsing of images S8014102, CVE-2013-5778: Improve image conversion S8014341, CVE-2013-5803: Better service from Kerberos servers S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations S8014530, CVE-2013-5825: Better digital signature processing S8014534: Better profiling support S8014987, CVE-2013-5842: Augment serialization handling S8015614: Update build settings S8015731: Subject java.security.auth.subject to improvements S8015743, CVE-2013-5774: Address internet addresses S8016256: Make finalization final S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names S8016675, CVE-2013-5797: Make Javadoc pages more robust S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately S8017287, CVE-2013-5829: Better resource disposal S8017291, CVE-2013-5830: Cast Proxies Aside S8017298, CVE-2013-4002: Better XML support S8017300, CVE-2013-5784: Improve Interface Implementation S8017505, CVE-2013-5820: Better Client Service S8019292: Better Attribute Value Exceptions S8019617: Better view of objects S8020293: JVM crash S8021290, CVE-2013-5823: Better signature validation S8022940: Enhance CORBA translations S8023683: Enhance class file parsing Backports S4075303: Use javap to enquire about a specific inner class S4111861: static final field contents are not displayed S4348375: Javap is not internationalized S4459541: “javap -l” shows line numbers as signed short; they should be unsigned S4501660: change diagnostic of -help as ‘print this help message and exit’ S4501661: disallow mixing -public, -private, and -protected options at the same time S4776241: unused source file in javap… S4870651: javap should recognize generics, varargs, enum S4876942: javap invoked without args does not print help screen S4880663: javap could output whitespace between class name and opening brace S4884240: additional option required for javap S4893408: JPEGReader throws IllegalArgException when setting the destination to BYTE_GRAY S4975569: javap doesn’t print new flag bits S6271787: javap dumps LocalVariableTypeTable attribute in hex, needs to print a table S6305779: javap: support annotations S6439940: Clean up javap implementation S6469569: wrong check of searchpath in JavapEnvironment S6474890: javap does not open .zip files in -classpath S6563752: Build and test JDK7 with Sun Studio 12 Express compilers (prep makefiles) S6587786: Javap throws error : “ERROR:Could not find <classname>” for JRE classes S6622215: javap ignores certain relevant access flags S6622216: javap names some attributes incorrectly S6622232: javap gets whitespace confused S6622260: javap prints negative bytes incorrectly in hex S6631559: Registration of ImageIO plugins should not cause loading of jpeg.dlli and cmm.dll S6636331: ConcurrentModificationException in AppContext code S6636370: minor corrections and simplification of code in AppContext S6708729: update jdk Makefiles for new javap S6715767: javap on java.lang.ClassLoader crashes S6729772: 64-bit build with SS12 compiler: SIGSEGV (0xb) at pc=0×0000000000000048, pid=14826, tid=2 S6791502: IIOException “Invalid icc profile” on jpeg after update from JDK5 to JDK6 S6793818: JpegImageReader is too greedy creating color profiles S6799141: Build with –hash-style=both so that binaries can work on SuSE 10 S6816311: Changes to allow builds with latest Windows SDK 6.1 on 64bit Windows 2003 S6819246: improve support for decoding instructions in classfile library S6824493: experimental support for additional info for instructions S6840152: JVM crashes when heavyweight monitors are used S6841419: classfile: add constant pool iterator S6841420: classfile: add new methods to ConstantClassInfo S6843013: missing files in fix for 6824493 S6852856: javap changes to facilitate subclassing javap for variants S6867671: javap whitespace formatting issues S6868539: javap should use current names for constant pool tags S6888215: memory leak in jpeg plugin S6902264: fix indentation of tableswitch and lookupswitch S6925851: Localize JRE into pt_BR S6954275: XML signatures with reference data larger 16KB and cacheRef on fails to validate S6974017: Upgrade required Solaris Studio compilers to 5.10 (12 update 1 + patches) S6980281: SWAT: SwingSet2 got core dumped in Solaris-AMD64 using b107 swat build S6989760: cmm native compiler warnings S6989774: imageio compiler warnings in native code S7000225: Sanity check on sane-alsa-headers is broken S7013519: [parfait] Integer overflows in 2D code S7018912: [parfait] potential buffer overruns in imageio jpeg S7022999: Can’t build with FORCE_TIERED=0 S7035073: Add missing timezones to TimeZoneNames_pt_BR.java S7038711: Fix CC_VER checks for compiler options, fix use of -Wno-clobber S7146431: java.security files out-of-sync S7196533: TimeZone.getDefault() slow due to synchronization bottleneck S8000450: Restrict access to com/sun/corba/se/impl package S8002070: Remove the stack search for a resource bundle for Logger to use S8003992: File and other classes in java.io do not handle embedded nulls properly S8004188: Rename src/share/lib/security/java.security to java.security-linux S8005194: [parfait] #353 sun/awt/image/jpeg/imageioJPEG.c Memory leak of pointer ‘scale’ allocated with calloc() S8006882: Proxy generated classes in sun.proxy package breaks JMockit S8010118: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive S8010727: WLS fails to add a logger with “” in its own LogManager subclass instance S8010939: Deadlock in LogManager S8011139: (reflect) Revise checking in getEnclosingClass S8011950: java.io.File.createTempFile enters infinite loop when passed invalid data S8011990: TEST_BUG: java/util/logging/bundlesearch/ResourceBundleSearchTest.java fails on Windows S8012243: about 30% regression on specjvm2008.serial on 7u25 comparing 7u21 S8012453: (process) Runtime.exec(String) fails if command contains spaces [win] S8012617: ArrayIndexOutOfBoundsException with some fonts using LineBreakMeasurer S8013380: Removal of stack walk to find resource bundle breaks Glassfish startup S8013827: File.createTempFile hangs with temp file starting with ‘com1.4′ S8014469: (tz) Support tzdata2013c S8014718: Netbeans IDE begins to throw a lot exceptions since 7u25 b10 S8014745: Provide a switch to allow stack walk search of resource bundle S8015144: Performance regression in ICU OpenType Layout library S8015965: (process) Typo in name of property to allow ambiguous commands S8015978: Incorrect transformation of XPath expression “string(-0)” S8016357: Update hotspot diagnostic class S8017566: Backout 8000450 – Cannot access to com.sun.corba.se.impl.orb.ORBImpl S8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null S8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes S8019979: Replace CheckPackageAccess test with better one from closed repo S8020054: (tz) Support tzdata2013d S8020983, RH976897: OutOfMemoryError caused by non garbage collected JPEGImageWriter Instances S8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris S8021366: java_util/Properties/PropertiesWithOtherEncodings fails during 7u45 nightly testing S8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01 S8021933: Add extra check for fix # JDK-8014530 S8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log. S8022661: InetAddress.writeObject() performs flush() on object output stream S8022682: Supporting XOM S8023964: java/io/IOException/LastErrorString.java should be @ignore-d S8024914: Swapped usage of idx_t and bm_word_t types in bitMap.inline.hpp S8025128: File.createTempFile fails if prefix is absolute path S8025255: (tz) Support tzdata2013g OJ19: Fix test cases from 8010118 to work with OpenJDK 6 OJ20: Resolve merge issues with JAXP security fixes OJ21: Remove @Override annotation added on interface by 2013/10/15 security fixes Bug fixes PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel. RH995488: Java thinks that the default timezone is Busingen instead of Zurich D729448: 32-bit alignment on mips and mipsel java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-45.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.7-45.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm 2013-172 critical openSUSE Evergreen 11.4 Following bugs were fixed for postgresql server, including critical ones , which repairs possible data corruption durning replication: *Fix VACUUM's tests to see whether it can update relfrozenxid: In some cases VACUUM (either manual or autovacuum) could incorrectly advance a table's relfrozenxid value, allowing tuples to escape freezing, causing those rows to become invisible once 2^31 transactions have elapsed. The probability of data loss is fairly low since multiple incorrect advancements would need to happen before actual loss occurs, but it's not zero. Users upgrading from releases 9.0.4 or 8.4.8 or earlier are not affected, but all later versions contain the bug. The issue can be ameliorated by, after upgrading, vacuuming all tables in all databases while having vacuum_freeze_table_age set to zero. This will fix any latent corruption but will not be able to fix all pre-existing data errors. However, an installation can be presumed safe after performing this vacuuming if it has executed fewer than 2^31 update transactions in its lifetime (check this with SELECT txid_current() < 2^31). *Fix initialization of pg_clog and pg_subtrans during hot standby startup This bug can cause data loss on standby servers at the moment they start to accept hot-standby queries, by marking committed transactions as uncommitted. The likelihood of such corruption is small unless, at the time of standby startup, the primary server has executed many updating transactions since its last checkpoint. Symptoms include missing rows, rows that should have been deleted being still visible, and obsolete versions of updated rows being still visible alongside their newer versions. This bug was introduced in versions 9.3.0, 9.2.5, 9.1.10, and 9.0.14. Standby servers that have only been running earlier releases are not at risk. It's recommended that standby servers that have ever run any of the buggy releases be re-cloned from the primary (e.g., with a new base backup) after upgrading. *Truncate pg_multixact contents during WAL replay This avoids ever-increasing disk space consumption in standby servers. *Fix race condition in GIN index posting tree page deletion This could lead to transient wrong answers or query failures. *Avoid flattening a subquery whose SELECT list contains a volatile function wrapped inside a sub-SELECT This avoids unexpected results due to extra evaluations of the volatile function. *Fix planner's processing of non-simple-variable subquery outputs nested within outer joins This error could lead to incorrect plans for queries involving multiple levels of subqueries within JOIN syntax. *Fix premature deletion of temporary files *Fix possible read past end of memory in rule printing *Fix array slicing of int2vector and oidvector values Expressions of this kind are now implicitly promoted to regular int2 or oid arrays. *Fix incorrect behaviors when using a SQL-standard, simple GMT offset timezone In some cases, the system would use the simple GMT offset value when it should have used the regular timezone setting that had prevailed before the simple offset was selected. This change also causes the timeofday function to honor the simple GMT offset zone. *Fix pg_dumpall to work when a source database sets default_transaction_read_only via ALTER DATABASE SET Previously, the generated script would fail during restore. *Fix ecpg's processing of lists of variables declared varchar *Make contrib/lo defend against incorrect trigger definitions *Update time zone data files to tzdata release 2013h for DST law changes in Argentina, Brazil, Jordan, Libya, Liechtenstein, Morocco, and Palestine. Also, new timezone abbreviations WIB, WIT, WITA for Indonesia. libecpg6-9.0.15-39.1.i586.rpm libecpg6-debuginfo-9.0.15-39.1.i586.rpm libpq5-32bit-9.0.15-39.1.x86_64.rpm libpq5-9.0.15-39.1.i586.rpm libpq5-debuginfo-32bit-9.0.15-39.1.x86_64.rpm libpq5-debuginfo-9.0.15-39.1.i586.rpm libpq5-debuginfo-x86-9.0.15-39.1.ia64.rpm libpq5-x86-9.0.15-39.1.ia64.rpm postgresql-devel-9.0.15-39.1.i586.rpm postgresql-devel-debuginfo-9.0.15-39.1.i586.rpm postgresql-libs-9.0.15-39.1.src.rpm postgresql-libs-debugsource-9.0.15-39.1.i586.rpm postgresql-9.0.15-39.1.i586.rpm postgresql-9.0.15-39.1.src.rpm postgresql-contrib-9.0.15-39.1.i586.rpm postgresql-contrib-debuginfo-9.0.15-39.1.i586.rpm postgresql-debuginfo-9.0.15-39.1.i586.rpm postgresql-debugsource-9.0.15-39.1.i586.rpm postgresql-docs-9.0.15-39.1.noarch.rpm postgresql-plperl-9.0.15-39.1.i586.rpm postgresql-plperl-debuginfo-9.0.15-39.1.i586.rpm postgresql-plpython-9.0.15-39.1.i586.rpm postgresql-plpython-debuginfo-9.0.15-39.1.i586.rpm postgresql-pltcl-9.0.15-39.1.i586.rpm postgresql-pltcl-debuginfo-9.0.15-39.1.i586.rpm postgresql-server-9.0.15-39.1.i586.rpm postgresql-server-debuginfo-9.0.15-39.1.i586.rpm libecpg6-9.0.15-39.1.x86_64.rpm libecpg6-debuginfo-9.0.15-39.1.x86_64.rpm libpq5-9.0.15-39.1.x86_64.rpm libpq5-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-devel-9.0.15-39.1.x86_64.rpm postgresql-devel-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-libs-debugsource-9.0.15-39.1.x86_64.rpm postgresql-9.0.15-39.1.x86_64.rpm postgresql-contrib-9.0.15-39.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-debugsource-9.0.15-39.1.x86_64.rpm postgresql-plperl-9.0.15-39.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-plpython-9.0.15-39.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-pltcl-9.0.15-39.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.15-39.1.x86_64.rpm postgresql-server-9.0.15-39.1.x86_64.rpm postgresql-server-debuginfo-9.0.15-39.1.x86_64.rpm 2013-168 moderate openSUSE Evergreen 11.4 This update fixes the following security issues with curl: - fix CVE-2013-4545 (bnc#849596) = acknowledge VERIFYHOST without VERIFYPEER curl-7.21.2-37.1.i586.rpm curl-7.21.2-37.1.src.rpm curl-debuginfo-7.21.2-37.1.i586.rpm libcurl-devel-7.21.2-37.1.i586.rpm libcurl4-32bit-7.21.2-37.1.x86_64.rpm libcurl4-7.21.2-37.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-37.1.x86_64.rpm libcurl4-debuginfo-7.21.2-37.1.i586.rpm libcurl4-debuginfo-x86-7.21.2-37.1.ia64.rpm libcurl4-x86-7.21.2-37.1.ia64.rpm curl-7.21.2-37.1.x86_64.rpm curl-debuginfo-7.21.2-37.1.x86_64.rpm libcurl-devel-7.21.2-37.1.x86_64.rpm libcurl4-7.21.2-37.1.x86_64.rpm 2013-171 important openSUSE Evergreen 11.4 The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. * distrust: AC DG Tresor SSL (bnc#854367) * new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing * new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server auth, code signing, email signing * new: China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt server auth * changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt removed code signing and server auth abilities * changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt removed code signing and server auth abilities * new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth * new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth * removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt * new: PSCProcert:2.1.11.crt server auth, code signing, email signing * new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt server auth, code signing, email signing * new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt server auth, code signing * changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt removed all abilities * new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt server auth, code signing * changed: TWCA_Root_Certification_Authority:2.1.1.crt added code signing ability ca-certificates-mozilla-1.95-17.1.noarch.rpm ca-certificates-mozilla-1.95-17.1.src.rpm 2012-22 moderate openSUSE Evergreen 11.4 This version upgrade to otrs 2.4.15 fixed a Cross-Site Scripting (XSS) flaw. otrs-2.4.15-18.1.noarch.rpm otrs-2.4.15-18.1.src.rpm otrs-doc-2.4.15-18.1.noarch.rpm otrs-itsm-2.1.5-18.1.noarch.rpm 2013-170 important openSUSE Evergreen 11.4 This patch contains * mozilla-nss 3.15.3.1 which includes a certstore update (1.95) to explicitely revoke AC DG Tresor SSL intermediate CA which was misused. * Firefox 24.2esr * Thunderbird 24.2 * Seamonkey 2.23 These updates fix several security issues: * CVE-2013-5611 Mozilla: Application Installation doorhanger persists on navigation (MFSA 2013-105) * CVE-2013-5609 Mozilla: Miscellaneous memory safety hazards (rv:24.2) (MFSA 2013-104) * CVE-2013-5610 Mozilla: Miscellaneous memory safety hazards (rv:26.0) (MFSA 2013-104) * CVE-2013-5612 Mozilla: Character encoding cross-origin XSS attack (MFSA 2013-106) * CVE-2013-5614 Mozilla: Sandbox restrictions not applied to nested object elements (MFSA 2013-107) * CVE-2013-5616 Mozilla: Use-after-free in event listeners (MFSA 2013-108) * CVE-2013-5619 Mozilla: Potential overflow in JavaScript binary search algorithms (MFSA 2013-110) * CVE-2013-6671 Mozilla: Segmentation violation when replacing ordered list elements (MFSA 2013-111) * CVE-2013-6673 Mozilla: Trust settings for built-in roots ignored during EV certificate validation (MFSA 2013-113) * CVE-2013-5613 Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114) * CVE-2013-5615 Mozilla: GetElementIC typed array stubs can be generated outside observed typesets (MFSA 2013-115) * CVE-2013-6672 Mozilla: Linux clipboard information disclosure though selection paste (MFSA 2013-112) * CVE-2013-5618 Mozilla: Use-after-free during Table Editing (MFSA 2013-109) MozillaFirefox-24.2.0-95.2.i586.rpm MozillaFirefox-24.2.0-95.2.src.rpm MozillaFirefox-branding-upstream-24.2.0-95.2.i586.rpm MozillaFirefox-buildsymbols-24.2.0-95.2.i586.rpm MozillaFirefox-debuginfo-24.2.0-95.2.i586.rpm MozillaFirefox-debugsource-24.2.0-95.2.i586.rpm MozillaFirefox-devel-24.2.0-95.2.i586.rpm MozillaFirefox-translations-common-24.2.0-95.2.i586.rpm MozillaFirefox-translations-other-24.2.0-95.2.i586.rpm MozillaThunderbird-24.2.0-81.2.i586.rpm MozillaThunderbird-24.2.0-81.2.src.rpm MozillaThunderbird-buildsymbols-24.2.0-81.2.i586.rpm MozillaThunderbird-debuginfo-24.2.0-81.2.i586.rpm MozillaThunderbird-debugsource-24.2.0-81.2.i586.rpm MozillaThunderbird-devel-24.2.0-81.2.i586.rpm MozillaThunderbird-translations-common-24.2.0-81.2.i586.rpm MozillaThunderbird-translations-other-24.2.0-81.2.i586.rpm enigmail-1.6.0+24.2.0-81.2.i586.rpm libfreebl3-3.15.3.1-74.1.i586.rpm libfreebl3-32bit-3.15.3.1-74.1.x86_64.rpm libfreebl3-debuginfo-3.15.3.1-74.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.3.1-74.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.3.1-74.1.ia64.rpm libfreebl3-x86-3.15.3.1-74.1.ia64.rpm libsoftokn3-3.15.3.1-74.1.i586.rpm libsoftokn3-32bit-3.15.3.1-74.1.x86_64.rpm libsoftokn3-debuginfo-3.15.3.1-74.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.3.1-74.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.3.1-74.1.ia64.rpm libsoftokn3-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-3.15.3.1-74.1.i586.rpm mozilla-nss-3.15.3.1-74.1.src.rpm mozilla-nss-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-certs-3.15.3.1-74.1.i586.rpm mozilla-nss-certs-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.3.1-74.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-certs-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-debuginfo-3.15.3.1-74.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-debugsource-3.15.3.1-74.1.i586.rpm mozilla-nss-devel-3.15.3.1-74.1.i586.rpm mozilla-nss-sysinit-3.15.3.1-74.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.3.1-74.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.3.1-74.1.ia64.rpm mozilla-nss-tools-3.15.3.1-74.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.3.1-74.1.i586.rpm mozilla-nss-x86-3.15.3.1-74.1.ia64.rpm seamonkey-2.23-85.1.i586.rpm seamonkey-2.23-85.1.src.rpm seamonkey-debuginfo-2.23-85.1.i586.rpm seamonkey-debugsource-2.23-85.1.i586.rpm seamonkey-dom-inspector-2.23-85.1.i586.rpm seamonkey-irc-2.23-85.1.i586.rpm seamonkey-translations-common-2.23-85.1.i586.rpm seamonkey-translations-other-2.23-85.1.i586.rpm seamonkey-venkman-2.23-85.1.i586.rpm MozillaFirefox-24.2.0-95.2.x86_64.rpm MozillaFirefox-branding-upstream-24.2.0-95.2.x86_64.rpm MozillaFirefox-buildsymbols-24.2.0-95.2.x86_64.rpm MozillaFirefox-debuginfo-24.2.0-95.2.x86_64.rpm MozillaFirefox-debugsource-24.2.0-95.2.x86_64.rpm MozillaFirefox-devel-24.2.0-95.2.x86_64.rpm MozillaFirefox-translations-common-24.2.0-95.2.x86_64.rpm MozillaFirefox-translations-other-24.2.0-95.2.x86_64.rpm MozillaThunderbird-24.2.0-81.2.x86_64.rpm MozillaThunderbird-buildsymbols-24.2.0-81.2.x86_64.rpm MozillaThunderbird-debuginfo-24.2.0-81.2.x86_64.rpm MozillaThunderbird-debugsource-24.2.0-81.2.x86_64.rpm MozillaThunderbird-devel-24.2.0-81.2.x86_64.rpm MozillaThunderbird-translations-common-24.2.0-81.2.x86_64.rpm MozillaThunderbird-translations-other-24.2.0-81.2.x86_64.rpm enigmail-1.6.0+24.2.0-81.2.x86_64.rpm libfreebl3-3.15.3.1-74.1.x86_64.rpm libfreebl3-debuginfo-3.15.3.1-74.1.x86_64.rpm libsoftokn3-3.15.3.1-74.1.x86_64.rpm libsoftokn3-debuginfo-3.15.3.1-74.1.x86_64.rpm mozilla-nss-3.15.3.1-74.1.x86_64.rpm mozilla-nss-certs-3.15.3.1-74.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.3.1-74.1.x86_64.rpm mozilla-nss-debuginfo-3.15.3.1-74.1.x86_64.rpm mozilla-nss-debugsource-3.15.3.1-74.1.x86_64.rpm mozilla-nss-devel-3.15.3.1-74.1.x86_64.rpm mozilla-nss-sysinit-3.15.3.1-74.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.3.1-74.1.x86_64.rpm mozilla-nss-tools-3.15.3.1-74.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.3.1-74.1.x86_64.rpm seamonkey-2.23-85.1.x86_64.rpm seamonkey-debuginfo-2.23-85.1.x86_64.rpm seamonkey-debugsource-2.23-85.1.x86_64.rpm seamonkey-dom-inspector-2.23-85.1.x86_64.rpm seamonkey-irc-2.23-85.1.x86_64.rpm seamonkey-translations-common-2.23-85.1.x86_64.rpm seamonkey-translations-other-2.23-85.1.x86_64.rpm seamonkey-venkman-2.23-85.1.x86_64.rpm 2013-169 moderate openSUSE Evergreen 11.4 This update fixes the following issues with subversion: - bnc#850747: update to 1.7.14 * CVE-2013-4505: mod_dontdothat does not restrict requests from serf clients. * CVE-2013-4558: mod_dav_svn assertion triggered by autoversioning commits. + Client- and server-side bugfixes: * fix assertion on urls of the form 'file://./' + Client-side bugfixes: * upgrade: fix an assertion when used with pre-1.3 wcs * fix externals that point at redirected locations * diff: fix incorrect calculation of changes in some cases * diff: fix errors with added/deleted targets + Server-side bugfixes: * mod_dav_svn: Prevent crashes with some 3rd party modules * fix OOM on concurrent requests at threaded server start * fsfs: limit commit time of files with deep change histories * mod_dav_svn: canonicalize paths properly + Other tool improvements and bugfixes: * mod_dontdothat: Fix the uri parser + Developer-visible changes: * javahl: canonicalize path for streamFileContent method + require python-sqlite when running regression tests libsvn_auth_gnome_keyring-1-0-1.7.14-59.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.14-59.1.i586.rpm libsvn_auth_kwallet-1-0-1.7.14-59.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.7.14-59.1.i586.rpm subversion-1.7.14-59.1.i586.rpm subversion-1.7.14-59.1.src.rpm subversion-bash-completion-1.7.14-59.1.noarch.rpm subversion-debuginfo-1.7.14-59.1.i586.rpm subversion-debugsource-1.7.14-59.1.i586.rpm subversion-devel-1.7.14-59.1.i586.rpm subversion-perl-1.7.14-59.1.i586.rpm subversion-perl-debuginfo-1.7.14-59.1.i586.rpm subversion-python-1.7.14-59.1.i586.rpm subversion-python-debuginfo-1.7.14-59.1.i586.rpm subversion-ruby-1.7.14-59.1.i586.rpm subversion-ruby-debuginfo-1.7.14-59.1.i586.rpm subversion-server-1.7.14-59.1.i586.rpm subversion-server-debuginfo-1.7.14-59.1.i586.rpm subversion-tools-1.7.14-59.1.i586.rpm subversion-tools-debuginfo-1.7.14-59.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.7.14-59.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.14-59.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.7.14-59.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.7.14-59.1.x86_64.rpm subversion-1.7.14-59.1.x86_64.rpm subversion-debuginfo-1.7.14-59.1.x86_64.rpm subversion-debugsource-1.7.14-59.1.x86_64.rpm subversion-devel-1.7.14-59.1.x86_64.rpm subversion-perl-1.7.14-59.1.x86_64.rpm subversion-perl-debuginfo-1.7.14-59.1.x86_64.rpm subversion-python-1.7.14-59.1.x86_64.rpm subversion-python-debuginfo-1.7.14-59.1.x86_64.rpm subversion-ruby-1.7.14-59.1.x86_64.rpm subversion-ruby-debuginfo-1.7.14-59.1.x86_64.rpm subversion-server-1.7.14-59.1.x86_64.rpm subversion-server-debuginfo-1.7.14-59.1.x86_64.rpm subversion-tools-1.7.14-59.1.x86_64.rpm subversion-tools-debuginfo-1.7.14-59.1.x86_64.rpm 2013-173 moderate openSUSE Evergreen 11.4 This update fixes the following security issues with flash-player: - Security update to 11.2.202.332: (bnc#854881) * APSB13-28, CVE-2013-5331, CVE-2013-5332 * Prevents possible remote code execution! flash-player-11.2.202.332-83.1.i586.rpm flash-player-11.2.202.332-83.1.nosrc.rpm flash-player-gnome-11.2.202.332-83.1.i586.rpm flash-player-kde4-11.2.202.332-83.1.i586.rpm flash-player-11.2.202.332-83.1.x86_64.rpm flash-player-gnome-11.2.202.332-83.1.x86_64.rpm flash-player-kde4-11.2.202.332-83.1.x86_64.rpm 2014-1 moderate openSUSE Evergreen 11.4 - update to 1.8.12 [bnc#855980] + vulnerabilities fixed: * The SIP dissector could go into an infinite loop. wnpa-sec-2013-66 CVE-2013-7112 * The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. wnpa-sec-2013-68 CVE-2013-7114 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html wireshark-1.8.12-65.1.i586.rpm wireshark-1.8.12-65.1.src.rpm wireshark-debuginfo-1.8.12-65.1.i586.rpm wireshark-debugsource-1.8.12-65.1.i586.rpm wireshark-devel-1.8.12-65.1.i586.rpm wireshark-1.8.12-65.1.x86_64.rpm wireshark-debuginfo-1.8.12-65.1.x86_64.rpm wireshark-debugsource-1.8.12-65.1.x86_64.rpm wireshark-devel-1.8.12-65.1.x86_64.rpm 2013-175 moderate openSUSE Evergreen 11.4 - security update * CVE-2013-6420.patch [bnc#854880] * CVE-2013-6712.patch [bnc#853045] * CVE-2013-4248.patch [bnc#837746] apache2-mod_php5-5.3.5-359.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-359.1.i586.rpm php5-5.3.5-359.1.i586.rpm php5-5.3.5-359.1.src.rpm php5-bcmath-5.3.5-359.1.i586.rpm php5-bcmath-debuginfo-5.3.5-359.1.i586.rpm php5-bz2-5.3.5-359.1.i586.rpm php5-bz2-debuginfo-5.3.5-359.1.i586.rpm php5-calendar-5.3.5-359.1.i586.rpm php5-calendar-debuginfo-5.3.5-359.1.i586.rpm php5-ctype-5.3.5-359.1.i586.rpm php5-ctype-debuginfo-5.3.5-359.1.i586.rpm php5-curl-5.3.5-359.1.i586.rpm php5-curl-debuginfo-5.3.5-359.1.i586.rpm php5-dba-5.3.5-359.1.i586.rpm php5-dba-debuginfo-5.3.5-359.1.i586.rpm php5-debuginfo-5.3.5-359.1.i586.rpm php5-debugsource-5.3.5-359.1.i586.rpm php5-devel-5.3.5-359.1.i586.rpm php5-dom-5.3.5-359.1.i586.rpm php5-dom-debuginfo-5.3.5-359.1.i586.rpm php5-enchant-5.3.5-359.1.i586.rpm php5-enchant-debuginfo-5.3.5-359.1.i586.rpm php5-exif-5.3.5-359.1.i586.rpm php5-exif-debuginfo-5.3.5-359.1.i586.rpm php5-fastcgi-5.3.5-359.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-359.1.i586.rpm php5-fileinfo-5.3.5-359.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-359.1.i586.rpm php5-fpm-5.3.5-359.1.i586.rpm php5-fpm-debuginfo-5.3.5-359.1.i586.rpm php5-ftp-5.3.5-359.1.i586.rpm php5-ftp-debuginfo-5.3.5-359.1.i586.rpm php5-gd-5.3.5-359.1.i586.rpm php5-gd-debuginfo-5.3.5-359.1.i586.rpm php5-gettext-5.3.5-359.1.i586.rpm php5-gettext-debuginfo-5.3.5-359.1.i586.rpm php5-gmp-5.3.5-359.1.i586.rpm php5-gmp-debuginfo-5.3.5-359.1.i586.rpm php5-hash-5.3.5-359.1.i586.rpm php5-hash-debuginfo-5.3.5-359.1.i586.rpm php5-iconv-5.3.5-359.1.i586.rpm php5-iconv-debuginfo-5.3.5-359.1.i586.rpm php5-imap-5.3.5-359.1.i586.rpm php5-imap-debuginfo-5.3.5-359.1.i586.rpm php5-intl-5.3.5-359.1.i586.rpm php5-intl-debuginfo-5.3.5-359.1.i586.rpm php5-json-5.3.5-359.1.i586.rpm php5-json-debuginfo-5.3.5-359.1.i586.rpm php5-ldap-5.3.5-359.1.i586.rpm php5-ldap-debuginfo-5.3.5-359.1.i586.rpm php5-mbstring-5.3.5-359.1.i586.rpm php5-mbstring-debuginfo-5.3.5-359.1.i586.rpm php5-mcrypt-5.3.5-359.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-359.1.i586.rpm php5-mysql-5.3.5-359.1.i586.rpm php5-mysql-debuginfo-5.3.5-359.1.i586.rpm php5-odbc-5.3.5-359.1.i586.rpm php5-odbc-debuginfo-5.3.5-359.1.i586.rpm php5-openssl-5.3.5-359.1.i586.rpm php5-openssl-debuginfo-5.3.5-359.1.i586.rpm php5-pcntl-5.3.5-359.1.i586.rpm php5-pcntl-debuginfo-5.3.5-359.1.i586.rpm php5-pdo-5.3.5-359.1.i586.rpm php5-pdo-debuginfo-5.3.5-359.1.i586.rpm php5-pear-5.3.5-359.1.noarch.rpm php5-pgsql-5.3.5-359.1.i586.rpm php5-pgsql-debuginfo-5.3.5-359.1.i586.rpm php5-phar-5.3.5-359.1.i586.rpm php5-phar-debuginfo-5.3.5-359.1.i586.rpm php5-posix-5.3.5-359.1.i586.rpm php5-posix-debuginfo-5.3.5-359.1.i586.rpm php5-pspell-5.3.5-359.1.i586.rpm php5-pspell-debuginfo-5.3.5-359.1.i586.rpm php5-readline-5.3.5-359.1.i586.rpm php5-readline-debuginfo-5.3.5-359.1.i586.rpm php5-shmop-5.3.5-359.1.i586.rpm php5-shmop-debuginfo-5.3.5-359.1.i586.rpm php5-snmp-5.3.5-359.1.i586.rpm php5-snmp-debuginfo-5.3.5-359.1.i586.rpm php5-soap-5.3.5-359.1.i586.rpm php5-soap-debuginfo-5.3.5-359.1.i586.rpm php5-sockets-5.3.5-359.1.i586.rpm php5-sockets-debuginfo-5.3.5-359.1.i586.rpm php5-sqlite-5.3.5-359.1.i586.rpm php5-sqlite-debuginfo-5.3.5-359.1.i586.rpm php5-suhosin-5.3.5-359.1.i586.rpm php5-suhosin-debuginfo-5.3.5-359.1.i586.rpm php5-sysvmsg-5.3.5-359.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-359.1.i586.rpm php5-sysvsem-5.3.5-359.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-359.1.i586.rpm php5-sysvshm-5.3.5-359.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-359.1.i586.rpm php5-tidy-5.3.5-359.1.i586.rpm php5-tidy-debuginfo-5.3.5-359.1.i586.rpm php5-tokenizer-5.3.5-359.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-359.1.i586.rpm php5-wddx-5.3.5-359.1.i586.rpm php5-wddx-debuginfo-5.3.5-359.1.i586.rpm php5-xmlreader-5.3.5-359.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-359.1.i586.rpm php5-xmlrpc-5.3.5-359.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-359.1.i586.rpm php5-xmlwriter-5.3.5-359.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-359.1.i586.rpm php5-xsl-5.3.5-359.1.i586.rpm php5-xsl-debuginfo-5.3.5-359.1.i586.rpm php5-zip-5.3.5-359.1.i586.rpm php5-zip-debuginfo-5.3.5-359.1.i586.rpm php5-zlib-5.3.5-359.1.i586.rpm php5-zlib-debuginfo-5.3.5-359.1.i586.rpm apache2-mod_php5-5.3.5-359.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-359.1.x86_64.rpm php5-5.3.5-359.1.x86_64.rpm php5-bcmath-5.3.5-359.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-359.1.x86_64.rpm php5-bz2-5.3.5-359.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-359.1.x86_64.rpm php5-calendar-5.3.5-359.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-359.1.x86_64.rpm php5-ctype-5.3.5-359.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-359.1.x86_64.rpm php5-curl-5.3.5-359.1.x86_64.rpm php5-curl-debuginfo-5.3.5-359.1.x86_64.rpm php5-dba-5.3.5-359.1.x86_64.rpm php5-dba-debuginfo-5.3.5-359.1.x86_64.rpm php5-debuginfo-5.3.5-359.1.x86_64.rpm php5-debugsource-5.3.5-359.1.x86_64.rpm php5-devel-5.3.5-359.1.x86_64.rpm php5-dom-5.3.5-359.1.x86_64.rpm php5-dom-debuginfo-5.3.5-359.1.x86_64.rpm php5-enchant-5.3.5-359.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-359.1.x86_64.rpm php5-exif-5.3.5-359.1.x86_64.rpm php5-exif-debuginfo-5.3.5-359.1.x86_64.rpm php5-fastcgi-5.3.5-359.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-359.1.x86_64.rpm php5-fileinfo-5.3.5-359.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-359.1.x86_64.rpm php5-fpm-5.3.5-359.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-359.1.x86_64.rpm php5-ftp-5.3.5-359.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-359.1.x86_64.rpm php5-gd-5.3.5-359.1.x86_64.rpm php5-gd-debuginfo-5.3.5-359.1.x86_64.rpm php5-gettext-5.3.5-359.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-359.1.x86_64.rpm php5-gmp-5.3.5-359.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-359.1.x86_64.rpm php5-hash-5.3.5-359.1.x86_64.rpm php5-hash-debuginfo-5.3.5-359.1.x86_64.rpm php5-iconv-5.3.5-359.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-359.1.x86_64.rpm php5-imap-5.3.5-359.1.x86_64.rpm php5-imap-debuginfo-5.3.5-359.1.x86_64.rpm php5-intl-5.3.5-359.1.x86_64.rpm php5-intl-debuginfo-5.3.5-359.1.x86_64.rpm php5-json-5.3.5-359.1.x86_64.rpm php5-json-debuginfo-5.3.5-359.1.x86_64.rpm php5-ldap-5.3.5-359.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-359.1.x86_64.rpm php5-mbstring-5.3.5-359.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-359.1.x86_64.rpm php5-mcrypt-5.3.5-359.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-359.1.x86_64.rpm php5-mysql-5.3.5-359.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-359.1.x86_64.rpm php5-odbc-5.3.5-359.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-359.1.x86_64.rpm php5-openssl-5.3.5-359.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-359.1.x86_64.rpm php5-pcntl-5.3.5-359.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-359.1.x86_64.rpm php5-pdo-5.3.5-359.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-359.1.x86_64.rpm php5-pgsql-5.3.5-359.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-359.1.x86_64.rpm php5-phar-5.3.5-359.1.x86_64.rpm php5-phar-debuginfo-5.3.5-359.1.x86_64.rpm php5-posix-5.3.5-359.1.x86_64.rpm php5-posix-debuginfo-5.3.5-359.1.x86_64.rpm php5-pspell-5.3.5-359.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-359.1.x86_64.rpm php5-readline-5.3.5-359.1.x86_64.rpm php5-readline-debuginfo-5.3.5-359.1.x86_64.rpm php5-shmop-5.3.5-359.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-359.1.x86_64.rpm php5-snmp-5.3.5-359.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-359.1.x86_64.rpm php5-soap-5.3.5-359.1.x86_64.rpm php5-soap-debuginfo-5.3.5-359.1.x86_64.rpm php5-sockets-5.3.5-359.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-359.1.x86_64.rpm php5-sqlite-5.3.5-359.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-359.1.x86_64.rpm php5-suhosin-5.3.5-359.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-359.1.x86_64.rpm php5-sysvmsg-5.3.5-359.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-359.1.x86_64.rpm php5-sysvsem-5.3.5-359.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-359.1.x86_64.rpm php5-sysvshm-5.3.5-359.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-359.1.x86_64.rpm php5-tidy-5.3.5-359.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-359.1.x86_64.rpm php5-tokenizer-5.3.5-359.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-359.1.x86_64.rpm php5-wddx-5.3.5-359.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-359.1.x86_64.rpm php5-xmlreader-5.3.5-359.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-359.1.x86_64.rpm php5-xmlrpc-5.3.5-359.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-359.1.x86_64.rpm php5-xmlwriter-5.3.5-359.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-359.1.x86_64.rpm php5-xsl-5.3.5-359.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-359.1.x86_64.rpm php5-zip-5.3.5-359.1.x86_64.rpm php5-zip-debuginfo-5.3.5-359.1.x86_64.rpm php5-zlib-5.3.5-359.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-359.1.x86_64.rpm 2014-2 moderate openSUSE Evergreen 11.4 This update fixes the following security issue with thttpd: - fix CVE-2013-0348 (bnc#853381) * don't create a world readable logfile thttpd-2.25b-188.1.i586.rpm thttpd-2.25b-188.1.src.rpm thttpd-debuginfo-2.25b-188.1.i586.rpm thttpd-debugsource-2.25b-188.1.i586.rpm thttpd-2.25b-188.1.x86_64.rpm thttpd-debuginfo-2.25b-188.1.x86_64.rpm thttpd-debugsource-2.25b-188.1.x86_64.rpm 2014-7 moderate openSUSE Evergreen 11.4 Update to 1.4.32 fixing numerous security and stability flaws. lighttpd-1.4.32-37.1.i586.rpm lighttpd-1.4.32-37.1.src.rpm lighttpd-debuginfo-1.4.32-37.1.i586.rpm lighttpd-debugsource-1.4.32-37.1.i586.rpm lighttpd-mod_cml-1.4.32-37.1.i586.rpm lighttpd-mod_cml-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_geoip-1.4.32-37.1.i586.rpm lighttpd-mod_geoip-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_magnet-1.4.32-37.1.i586.rpm lighttpd-mod_magnet-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_mysql_vhost-1.4.32-37.1.i586.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_rrdtool-1.4.32-37.1.i586.rpm lighttpd-mod_rrdtool-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_trigger_b4_dl-1.4.32-37.1.i586.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.32-37.1.i586.rpm lighttpd-mod_webdav-1.4.32-37.1.i586.rpm lighttpd-mod_webdav-debuginfo-1.4.32-37.1.i586.rpm lighttpd-1.4.32-37.1.x86_64.rpm lighttpd-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-debugsource-1.4.32-37.1.x86_64.rpm lighttpd-mod_cml-1.4.32-37.1.x86_64.rpm lighttpd-mod_cml-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_geoip-1.4.32-37.1.x86_64.rpm lighttpd-mod_geoip-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_magnet-1.4.32-37.1.x86_64.rpm lighttpd-mod_magnet-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_mysql_vhost-1.4.32-37.1.x86_64.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_rrdtool-1.4.32-37.1.x86_64.rpm lighttpd-mod_rrdtool-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-1.4.32-37.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.32-37.1.x86_64.rpm lighttpd-mod_webdav-1.4.32-37.1.x86_64.rpm lighttpd-mod_webdav-debuginfo-1.4.32-37.1.x86_64.rpm 2014-3 moderate openSUSE Evergreen 11.4 Update consists of 3 fixes: -fix CVE-2013-6415: number_to_currency XSS (bnc#853632). -fix CVE-2013-1855: rubygem-actionpack*: XSS vulnerability insanitize_css in Action Pack (bnc#809935) -fix CVE-2013-1857: rubygem-actionpack*: XSS Vulnerability in the sanitize` helper of Ruby on Rails (bnc#809940) rubygem-actionpack-2_3-2.3.17-39.1.i586.rpm rubygem-actionpack-2_3-2.3.17-39.1.src.rpm rubygem-actionpack-2_3-doc-2.3.17-39.1.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.17-39.1.i586.rpm rubygem-actionpack-2_3-2.3.17-39.1.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.17-39.1.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.17-39.1.x86_64.rpm 2014-5 moderate openSUSE Evergreen 11.4 nagios was updated to fix a possible denial of service in CGI executables. nagios-3.2.3-3.30.1.i586.rpm nagios-3.2.3-3.30.1.src.rpm nagios-debuginfo-3.2.3-3.30.1.i586.rpm nagios-debugsource-3.2.3-3.30.1.i586.rpm nagios-devel-3.2.3-3.30.1.i586.rpm nagios-www-3.2.3-3.30.1.i586.rpm nagios-3.2.3-3.30.1.x86_64.rpm nagios-debuginfo-3.2.3-3.30.1.x86_64.rpm nagios-debugsource-3.2.3-3.30.1.x86_64.rpm nagios-devel-3.2.3-3.30.1.x86_64.rpm nagios-www-3.2.3-3.30.1.x86_64.rpm 2014-4 important openSUSE Evergreen 11.4 Adobe discontinued the Adobe Reader 9 for Linux in June 2013 and has not fixed and will not fix any further security issues in it. As there is no new version, it is officially out of support. After the SUSE Security Team also Evergreen team strongly recommends to not use it anymore. Installing this update will deinstall the plugin package to avoid automatic exploitation via PDF embedded in webpages or emails. acroread-9.5.5-22.1.i586.rpm acroread-9.5.5-22.1.nosrc.rpm 2012-14 moderate openSUSE Evergreen 11.4 This update of libssh fixed various memory management issues that could have security implications (Code execution, Denial of Service). libssh-0.4.8-10.1.src.rpm libssh-debugsource-0.4.8-10.1.i586.rpm libssh-devel-0.4.8-10.1.i586.rpm libssh-devel-doc-0.4.8-10.1.i586.rpm libssh4-0.4.8-10.1.i586.rpm libssh4-debuginfo-0.4.8-10.1.i586.rpm libssh-debugsource-0.4.8-10.1.x86_64.rpm libssh-devel-0.4.8-10.1.x86_64.rpm libssh-devel-doc-0.4.8-10.1.x86_64.rpm libssh4-0.4.8-10.1.x86_64.rpm libssh4-debuginfo-0.4.8-10.1.x86_64.rpm 2014-6 moderate openSUSE Evergreen 11.4 This update of openssl to version 1.0.0l fixes the following security issue: * crash in DTLS renegotiation after packet loss libopenssl-devel-1.0.0l-18.49.1.i586.rpm libopenssl1_0_0-1.0.0l-18.49.1.i586.rpm libopenssl1_0_0-32bit-1.0.0l-18.49.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0l-18.49.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0l-18.49.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0l-18.49.1.ia64.rpm libopenssl1_0_0-x86-1.0.0l-18.49.1.ia64.rpm openssl-1.0.0l-18.49.1.i586.rpm openssl-1.0.0l-18.49.1.src.rpm openssl-debuginfo-1.0.0l-18.49.1.i586.rpm openssl-debugsource-1.0.0l-18.49.1.i586.rpm openssl-doc-1.0.0l-18.49.1.noarch.rpm libopenssl-devel-1.0.0l-18.49.1.x86_64.rpm libopenssl1_0_0-1.0.0l-18.49.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0l-18.49.1.x86_64.rpm openssl-1.0.0l-18.49.1.x86_64.rpm openssl-debuginfo-1.0.0l-18.49.1.x86_64.rpm openssl-debugsource-1.0.0l-18.49.1.x86_64.rpm 2014-11 moderate openSUSE Evergreen 11.4 Code quality fixes in libclamav, clamd, sigtool, clamav-milter, clamconf, and clamdtop. Code quality fixes in libclamav, libclamunrar and freshclam. Valgrind suppression rules for dl_catch_error complaints. bb #8385: a PDF ASCII85Decode zero-length fix. libclamav: SCAN_ALL mode fixes. bb #7436: elf64 header early exit. iso9660: iso_scan_file rewrite. clamav-0.98-25.1.i586.rpm clamav-0.98-25.1.src.rpm clamav-db-0.98-25.1.noarch.rpm clamav-debuginfo-0.98-25.1.i586.rpm clamav-debugsource-0.98-25.1.i586.rpm clamav-0.98-25.1.x86_64.rpm clamav-debuginfo-0.98-25.1.x86_64.rpm clamav-debugsource-0.98-25.1.x86_64.rpm 2014-8 moderate openSUSE Evergreen 11.4 This update fixes a stack buffer overflow in parsing of BDF font files in libXfont. libpciaccess0-32bit-7.6-17.42.1.x86_64.rpm libpciaccess0-7.6-17.42.1.i586.rpm libpciaccess0-debuginfo-32bit-7.6-17.42.1.x86_64.rpm libpciaccess0-debuginfo-7.6-17.42.1.i586.rpm libpciaccess0-debuginfo-x86-7.6-17.42.1.ia64.rpm libpciaccess0-devel-7.6-17.42.1.i586.rpm libpciaccess0-x86-7.6-17.42.1.ia64.rpm xorg-x11-devel-32bit-7.6-17.42.1.x86_64.rpm xorg-x11-devel-7.6-17.42.1.i586.rpm xorg-x11-libs-32bit-7.6-17.42.1.x86_64.rpm xorg-x11-libs-7.6-17.42.1.i586.rpm xorg-x11-libs-7.6-17.42.1.src.rpm xorg-x11-libs-debuginfo-32bit-7.6-17.42.1.x86_64.rpm xorg-x11-libs-debuginfo-7.6-17.42.1.i586.rpm xorg-x11-libs-debuginfo-x86-7.6-17.42.1.ia64.rpm xorg-x11-libs-debugsource-7.6-17.42.1.i586.rpm xorg-x11-libs-x86-7.6-17.42.1.ia64.rpm libpciaccess0-7.6-17.42.1.x86_64.rpm libpciaccess0-debuginfo-7.6-17.42.1.x86_64.rpm libpciaccess0-devel-7.6-17.42.1.x86_64.rpm xorg-x11-devel-7.6-17.42.1.x86_64.rpm xorg-x11-libs-7.6-17.42.1.x86_64.rpm xorg-x11-libs-debuginfo-7.6-17.42.1.x86_64.rpm xorg-x11-libs-debugsource-7.6-17.42.1.x86_64.rpm 2014-17 moderate openSUSE Evergreen 11.4 This update lifts the openssl library to version 1.0.1k which contains new features such as protocol support for TLSv1.1 and TLSv1.2 and more improvements. The patch also contains a rebuild of openssh to reflect the version change dependency (actually a bug in openssh to consider the version). openssh-askpass-gnome-5.8p1-8.1.i586.rpm openssh-askpass-gnome-5.8p1-8.1.src.rpm openssh-askpass-gnome-debuginfo-5.8p1-8.1.i586.rpm openssh-5.8p1-8.6.i586.rpm openssh-5.8p1-8.6.src.rpm openssh-askpass-5.8p1-8.6.i586.rpm openssh-askpass-debuginfo-5.8p1-8.6.i586.rpm openssh-debuginfo-5.8p1-8.6.i586.rpm openssh-debugsource-5.8p1-8.6.i586.rpm libopenssl-devel-1.0.1k-62.1.i586.rpm libopenssl-devel-32bit-1.0.1k-62.1.x86_64.rpm libopenssl1_0_0-1.0.1k-62.1.i586.rpm libopenssl1_0_0-32bit-1.0.1k-62.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1k-62.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.1k-62.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.1k-62.1.ia64.rpm libopenssl1_0_0-x86-1.0.1k-62.1.ia64.rpm openssl-1.0.1k-62.1.i586.rpm openssl-1.0.1k-62.1.src.rpm openssl-debuginfo-1.0.1k-62.1.i586.rpm openssl-debugsource-1.0.1k-62.1.i586.rpm openssl-doc-1.0.1k-62.1.noarch.rpm openssh-askpass-gnome-5.8p1-8.1.x86_64.rpm openssh-askpass-gnome-debuginfo-5.8p1-8.1.x86_64.rpm openssh-5.8p1-8.6.x86_64.rpm openssh-askpass-5.8p1-8.6.x86_64.rpm openssh-askpass-debuginfo-5.8p1-8.6.x86_64.rpm openssh-debuginfo-5.8p1-8.6.x86_64.rpm openssh-debugsource-5.8p1-8.6.x86_64.rpm libopenssl-devel-1.0.1k-62.1.x86_64.rpm libopenssl1_0_0-1.0.1k-62.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1k-62.1.x86_64.rpm openssl-1.0.1k-62.1.x86_64.rpm openssl-debuginfo-1.0.1k-62.1.x86_64.rpm openssl-debugsource-1.0.1k-62.1.x86_64.rpm 2014-9 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to version 11.2.202.335: (bnc#858822) * APSB14-02, CVE-2014-0491, CVE-2014-0492 More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14-02.html flash-player-11.2.202.335-87.1.i586.rpm flash-player-11.2.202.335-87.1.nosrc.rpm flash-player-gnome-11.2.202.335-87.1.i586.rpm flash-player-kde4-11.2.202.335-87.1.i586.rpm flash-player-11.2.202.335-87.1.x86_64.rpm flash-player-gnome-11.2.202.335-87.1.x86_64.rpm flash-player-kde4-11.2.202.335-87.1.x86_64.rpm 2014-12 moderate openSUSE Evergreen 11.4 - Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.patch for bnc#853824. Fixes an integer underflow bug which can cause a crash. libpixman-1-0-0.20.0-6.1.i586.rpm libpixman-1-0-32bit-0.20.0-6.1.x86_64.rpm libpixman-1-0-debuginfo-0.20.0-6.1.i586.rpm libpixman-1-0-debuginfo-32bit-0.20.0-6.1.x86_64.rpm libpixman-1-0-debuginfo-x86-0.20.0-6.1.ia64.rpm libpixman-1-0-devel-0.20.0-6.1.i586.rpm libpixman-1-0-x86-0.20.0-6.1.ia64.rpm pixman-0.20.0-6.1.src.rpm pixman-debugsource-0.20.0-6.1.i586.rpm libpixman-1-0-0.20.0-6.1.x86_64.rpm libpixman-1-0-debuginfo-0.20.0-6.1.x86_64.rpm libpixman-1-0-devel-0.20.0-6.1.x86_64.rpm pixman-debugsource-0.20.0-6.1.x86_64.rpm 2014-10 moderate openSUSE Evergreen 11.4 - fix-CVE-2013-6402.dif fixes hardcoded file name /tmp/hp-pkservice.log in pkit.py (bnc#852368). hplip-3.11.5-1.19.1.i586.rpm hplip-3.11.5-1.19.1.src.rpm hplip-debuginfo-3.11.5-1.19.1.i586.rpm hplip-debugsource-3.11.5-1.19.1.i586.rpm hplip-hpijs-3.11.5-1.19.1.i586.rpm hplip-hpijs-debuginfo-3.11.5-1.19.1.i586.rpm hplip-3.11.5-1.19.1.x86_64.rpm hplip-debuginfo-3.11.5-1.19.1.x86_64.rpm hplip-debugsource-3.11.5-1.19.1.x86_64.rpm hplip-hpijs-3.11.5-1.19.1.x86_64.rpm hplip-hpijs-debuginfo-3.11.5-1.19.1.x86_64.rpm 2014-14 moderate openSUSE Evergreen 11.4 - Update to version 9.9.4P2 * Fixes named crash when handling malformed NSEC3-signed zones (CVE-2014-0591, bnc#858639) * Obsoletes workaround-compile-problem.diff - Replace rpz2+rl-9.9.3-P1.patch by rpz2-9.9.4.patch, rl is now supported upstream (--enable-rrl). bind-9.9.4P2-63.1.i586.rpm bind-9.9.4P2-63.1.src.rpm bind-chrootenv-9.9.4P2-63.1.i586.rpm bind-debuginfo-9.9.4P2-63.1.i586.rpm bind-debugsource-9.9.4P2-63.1.i586.rpm bind-devel-9.9.4P2-63.1.i586.rpm bind-doc-9.9.4P2-63.1.noarch.rpm bind-libs-32bit-9.9.4P2-63.1.x86_64.rpm bind-libs-9.9.4P2-63.1.i586.rpm bind-libs-debuginfo-32bit-9.9.4P2-63.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-63.1.i586.rpm bind-libs-debuginfo-x86-9.9.4P2-63.1.ia64.rpm bind-libs-x86-9.9.4P2-63.1.ia64.rpm bind-lwresd-9.9.4P2-63.1.i586.rpm bind-lwresd-debuginfo-9.9.4P2-63.1.i586.rpm bind-utils-9.9.4P2-63.1.i586.rpm bind-utils-debuginfo-9.9.4P2-63.1.i586.rpm bind-9.9.4P2-63.1.x86_64.rpm bind-chrootenv-9.9.4P2-63.1.x86_64.rpm bind-debuginfo-9.9.4P2-63.1.x86_64.rpm bind-debugsource-9.9.4P2-63.1.x86_64.rpm bind-devel-9.9.4P2-63.1.x86_64.rpm bind-libs-9.9.4P2-63.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-63.1.x86_64.rpm bind-lwresd-9.9.4P2-63.1.x86_64.rpm bind-lwresd-debuginfo-9.9.4P2-63.1.x86_64.rpm bind-utils-9.9.4P2-63.1.x86_64.rpm bind-utils-debuginfo-9.9.4P2-63.1.x86_64.rpm 2014-15 moderate openSUSE Evergreen 11.4 - Add gnumeric-CVE-2013-6836.patch: fix Heap-buffer-overflow in ms_escher_get_data on a fuzzed xls file (bnc#856254, bgo#712772, CVE-2013-6836). gnumeric-1.10.12-7.1.i586.rpm gnumeric-1.10.12-7.1.src.rpm gnumeric-debuginfo-1.10.12-7.1.i586.rpm gnumeric-debugsource-1.10.12-7.1.i586.rpm gnumeric-devel-1.10.12-7.1.i586.rpm gnumeric-lang-1.10.12-7.1.noarch.rpm gnumeric-1.10.12-7.1.x86_64.rpm gnumeric-debuginfo-1.10.12-7.1.x86_64.rpm gnumeric-debugsource-1.10.12-7.1.x86_64.rpm gnumeric-devel-1.10.12-7.1.x86_64.rpm 2012-15 moderate openSUSE Evergreen 11.4 This update addresses an XSS flaw (CVE-2012-5567). horde3-kronolith-2.3.5-8.1.noarch.rpm horde3-kronolith-2.3.5-8.1.src.rpm 2014-16 important openSUSE Evergreen 11.4 Updates for mozilla-nss (3.15.4) MozillaFirefox (24.3.0esr) MozillaThunderbird (24.3.0) including fixes for the following issues: * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) * MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected content with XBL scopes * MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of discarded images by RasterImage * MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free with imgRequestProxy and image proccessing * MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin information leak through web workers * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545, bmo#930874, bmo#930857) NSS ticket handling issues * MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent JavaScript handling of access to Window objects MozillaFirefox-24.3.0-99.1.i586.rpm MozillaFirefox-24.3.0-99.1.src.rpm MozillaFirefox-branding-upstream-24.3.0-99.1.i586.rpm MozillaFirefox-buildsymbols-24.3.0-99.1.i586.rpm MozillaFirefox-debuginfo-24.3.0-99.1.i586.rpm MozillaFirefox-debugsource-24.3.0-99.1.i586.rpm MozillaFirefox-devel-24.3.0-99.1.i586.rpm MozillaFirefox-translations-common-24.3.0-99.1.i586.rpm MozillaFirefox-translations-other-24.3.0-99.1.i586.rpm MozillaThunderbird-24.3.0-85.1.i586.rpm MozillaThunderbird-24.3.0-85.1.src.rpm MozillaThunderbird-buildsymbols-24.3.0-85.1.i586.rpm MozillaThunderbird-debuginfo-24.3.0-85.1.i586.rpm MozillaThunderbird-debugsource-24.3.0-85.1.i586.rpm MozillaThunderbird-devel-24.3.0-85.1.i586.rpm MozillaThunderbird-translations-common-24.3.0-85.1.i586.rpm MozillaThunderbird-translations-other-24.3.0-85.1.i586.rpm enigmail-1.6.0+24.3.0-85.1.i586.rpm libfreebl3-3.15.4-78.1.i586.rpm libfreebl3-32bit-3.15.4-78.1.x86_64.rpm libfreebl3-debuginfo-3.15.4-78.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.4-78.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.4-78.1.ia64.rpm libfreebl3-x86-3.15.4-78.1.ia64.rpm libsoftokn3-3.15.4-78.1.i586.rpm libsoftokn3-32bit-3.15.4-78.1.x86_64.rpm libsoftokn3-debuginfo-3.15.4-78.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.4-78.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.4-78.1.ia64.rpm libsoftokn3-x86-3.15.4-78.1.ia64.rpm mozilla-nss-3.15.4-78.1.i586.rpm mozilla-nss-3.15.4-78.1.src.rpm mozilla-nss-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-certs-3.15.4-78.1.i586.rpm mozilla-nss-certs-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.4-78.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.4-78.1.ia64.rpm mozilla-nss-certs-x86-3.15.4-78.1.ia64.rpm mozilla-nss-debuginfo-3.15.4-78.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.4-78.1.ia64.rpm mozilla-nss-debugsource-3.15.4-78.1.i586.rpm mozilla-nss-devel-3.15.4-78.1.i586.rpm mozilla-nss-sysinit-3.15.4-78.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.4-78.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.4-78.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.4-78.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.4-78.1.ia64.rpm mozilla-nss-tools-3.15.4-78.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.4-78.1.i586.rpm mozilla-nss-x86-3.15.4-78.1.ia64.rpm MozillaFirefox-24.3.0-99.1.x86_64.rpm MozillaFirefox-branding-upstream-24.3.0-99.1.x86_64.rpm MozillaFirefox-buildsymbols-24.3.0-99.1.x86_64.rpm MozillaFirefox-debuginfo-24.3.0-99.1.x86_64.rpm MozillaFirefox-debugsource-24.3.0-99.1.x86_64.rpm MozillaFirefox-devel-24.3.0-99.1.x86_64.rpm MozillaFirefox-translations-common-24.3.0-99.1.x86_64.rpm MozillaFirefox-translations-other-24.3.0-99.1.x86_64.rpm MozillaThunderbird-24.3.0-85.1.x86_64.rpm MozillaThunderbird-buildsymbols-24.3.0-85.1.x86_64.rpm MozillaThunderbird-debuginfo-24.3.0-85.1.x86_64.rpm MozillaThunderbird-debugsource-24.3.0-85.1.x86_64.rpm MozillaThunderbird-devel-24.3.0-85.1.x86_64.rpm MozillaThunderbird-translations-common-24.3.0-85.1.x86_64.rpm MozillaThunderbird-translations-other-24.3.0-85.1.x86_64.rpm enigmail-1.6.0+24.3.0-85.1.x86_64.rpm libfreebl3-3.15.4-78.1.x86_64.rpm libfreebl3-debuginfo-3.15.4-78.1.x86_64.rpm libsoftokn3-3.15.4-78.1.x86_64.rpm libsoftokn3-debuginfo-3.15.4-78.1.x86_64.rpm mozilla-nss-3.15.4-78.1.x86_64.rpm mozilla-nss-certs-3.15.4-78.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.4-78.1.x86_64.rpm mozilla-nss-debuginfo-3.15.4-78.1.x86_64.rpm mozilla-nss-debugsource-3.15.4-78.1.x86_64.rpm mozilla-nss-devel-3.15.4-78.1.x86_64.rpm mozilla-nss-sysinit-3.15.4-78.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.4-78.1.x86_64.rpm mozilla-nss-tools-3.15.4-78.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.4-78.1.x86_64.rpm 2014-18 moderate openSUSE Evergreen 11.4 kernel update for Evergreen 11.4 - hotfix for bnc#858831 (possible crash on boot on certain systems) and including fixes for a lot of other issues kernel-debug-3.0.101-79.1.i586.rpm True kernel-debug-3.0.101-79.1.nosrc.rpm True kernel-debug-base-3.0.101-79.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-debug-debuginfo-3.0.101-79.1.i586.rpm True kernel-debug-debugsource-3.0.101-79.1.i586.rpm True kernel-debug-devel-3.0.101-79.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-debug-hmac-3.0.101-79.1.i586.rpm True kernel-default-3.0.101-79.1.i586.rpm True kernel-default-3.0.101-79.1.nosrc.rpm True kernel-default-base-3.0.101-79.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-default-debuginfo-3.0.101-79.1.i586.rpm True kernel-default-debugsource-3.0.101-79.1.i586.rpm True kernel-default-devel-3.0.101-79.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-default-hmac-3.0.101-79.1.i586.rpm True kernel-desktop-3.0.101-79.1.i586.rpm True kernel-desktop-3.0.101-79.1.nosrc.rpm True kernel-desktop-base-3.0.101-79.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-79.1.i586.rpm True kernel-desktop-debugsource-3.0.101-79.1.i586.rpm True kernel-desktop-devel-3.0.101-79.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-desktop-hmac-3.0.101-79.1.i586.rpm True kernel-docs-3.0.101-79.2.noarch.rpm True kernel-docs-3.0.101-79.2.src.rpm True kernel-ec2-3.0.101-79.1.i586.rpm True kernel-ec2-3.0.101-79.1.nosrc.rpm True kernel-ec2-base-3.0.101-79.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-79.1.i586.rpm True kernel-ec2-debugsource-3.0.101-79.1.i586.rpm True kernel-ec2-devel-3.0.101-79.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-ec2-extra-3.0.101-79.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-79.1.i586.rpm True kernel-ec2-hmac-3.0.101-79.1.i586.rpm True kernel-pae-3.0.101-79.1.i586.rpm True kernel-pae-3.0.101-79.1.nosrc.rpm True kernel-pae-base-3.0.101-79.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-pae-debuginfo-3.0.101-79.1.i586.rpm True kernel-pae-debugsource-3.0.101-79.1.i586.rpm True kernel-pae-devel-3.0.101-79.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-pae-hmac-3.0.101-79.1.i586.rpm True kernel-source-3.0.101-79.1.i586.rpm True kernel-source-3.0.101-79.1.src.rpm True kernel-source-vanilla-3.0.101-79.1.i586.rpm True kernel-syms-3.0.101-79.1.i586.rpm True kernel-syms-3.0.101-79.1.src.rpm True kernel-trace-3.0.101-79.1.i586.rpm True kernel-trace-3.0.101-79.1.nosrc.rpm True kernel-trace-base-3.0.101-79.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-trace-debuginfo-3.0.101-79.1.i586.rpm True kernel-trace-debugsource-3.0.101-79.1.i586.rpm True kernel-trace-devel-3.0.101-79.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-trace-hmac-3.0.101-79.1.i586.rpm True kernel-vanilla-3.0.101-79.1.i586.rpm True kernel-vanilla-3.0.101-79.1.nosrc.rpm True kernel-vanilla-base-3.0.101-79.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-79.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-79.1.i586.rpm True kernel-vanilla-devel-3.0.101-79.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-vanilla-hmac-3.0.101-79.1.i586.rpm True kernel-vmi-3.0.101-79.1.i586.rpm True kernel-vmi-3.0.101-79.1.nosrc.rpm True kernel-vmi-base-3.0.101-79.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-79.1.i586.rpm True kernel-vmi-debugsource-3.0.101-79.1.i586.rpm True kernel-vmi-devel-3.0.101-79.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-vmi-hmac-3.0.101-79.1.i586.rpm True kernel-xen-3.0.101-79.1.i586.rpm True kernel-xen-3.0.101-79.1.nosrc.rpm True kernel-xen-base-3.0.101-79.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-79.1.i586.rpm True kernel-xen-debuginfo-3.0.101-79.1.i586.rpm True kernel-xen-debugsource-3.0.101-79.1.i586.rpm True kernel-xen-devel-3.0.101-79.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-79.1.i586.rpm True kernel-xen-hmac-3.0.101-79.1.i586.rpm True preload-1.2-6.57.2.i586.rpm True preload-1.2-6.57.2.src.rpm True preload-debuginfo-1.2-6.57.2.i586.rpm True preload-debugsource-1.2-6.57.2.i586.rpm True preload-kmp-default-1.2_3.0.101_79-6.57.2.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_79-6.57.2.i586.rpm True preload-kmp-desktop-1.2_3.0.101_79-6.57.2.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_79-6.57.2.i586.rpm True kernel-debug-3.0.101-79.1.x86_64.rpm True kernel-debug-base-3.0.101-79.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-79.1.x86_64.rpm True kernel-debug-devel-3.0.101-79.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-debug-hmac-3.0.101-79.1.x86_64.rpm True kernel-default-3.0.101-79.1.x86_64.rpm True kernel-default-base-3.0.101-79.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-default-debugsource-3.0.101-79.1.x86_64.rpm True kernel-default-devel-3.0.101-79.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-default-hmac-3.0.101-79.1.x86_64.rpm True kernel-desktop-3.0.101-79.1.x86_64.rpm True kernel-desktop-base-3.0.101-79.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-79.1.x86_64.rpm True kernel-desktop-devel-3.0.101-79.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-79.1.x86_64.rpm True kernel-ec2-3.0.101-79.1.x86_64.rpm True kernel-ec2-base-3.0.101-79.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-79.1.x86_64.rpm True kernel-ec2-devel-3.0.101-79.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-ec2-extra-3.0.101-79.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-79.1.x86_64.rpm True kernel-source-3.0.101-79.1.x86_64.rpm True kernel-source-vanilla-3.0.101-79.1.x86_64.rpm True kernel-syms-3.0.101-79.1.x86_64.rpm True kernel-trace-3.0.101-79.1.x86_64.rpm True kernel-trace-base-3.0.101-79.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-79.1.x86_64.rpm True kernel-trace-devel-3.0.101-79.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-trace-hmac-3.0.101-79.1.x86_64.rpm True kernel-vanilla-3.0.101-79.1.x86_64.rpm True kernel-vanilla-base-3.0.101-79.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-79.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-79.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-79.1.x86_64.rpm True kernel-xen-3.0.101-79.1.x86_64.rpm True kernel-xen-base-3.0.101-79.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-79.1.x86_64.rpm True kernel-xen-devel-3.0.101-79.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-79.1.x86_64.rpm True kernel-xen-hmac-3.0.101-79.1.x86_64.rpm True preload-1.2-6.57.2.x86_64.rpm True preload-debuginfo-1.2-6.57.2.x86_64.rpm True preload-debugsource-1.2-6.57.2.x86_64.rpm True preload-kmp-default-1.2_3.0.101_79-6.57.2.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_79-6.57.2.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_79-6.57.2.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_79-6.57.2.x86_64.rpm True 2014-13 critical openSUSE Evergreen 11.4 Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system (CVE-2014-0497). More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14-04.html flash-player-11.2.202.336-91.1.i586.rpm flash-player-11.2.202.336-91.1.nosrc.rpm flash-player-gnome-11.2.202.336-91.1.i586.rpm flash-player-kde4-11.2.202.336-91.1.i586.rpm flash-player-11.2.202.336-91.1.x86_64.rpm flash-player-gnome-11.2.202.336-91.1.x86_64.rpm flash-player-kde4-11.2.202.336-91.1.x86_64.rpm 2014-20 moderate openSUSE Evergreen 11.4 This update fixes the following security issues with curl: - bnc#858673: re-use of wrong HTTP NTLM connection (CVE-2014-0015) - bnc#862144: fix test failure because of an expired cookie curl-7.21.2-41.1.i586.rpm curl-7.21.2-41.1.src.rpm curl-debuginfo-7.21.2-41.1.i586.rpm libcurl-devel-7.21.2-41.1.i586.rpm libcurl4-32bit-7.21.2-41.1.x86_64.rpm libcurl4-7.21.2-41.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-41.1.x86_64.rpm libcurl4-debuginfo-7.21.2-41.1.i586.rpm libcurl4-debuginfo-x86-7.21.2-41.1.ia64.rpm libcurl4-x86-7.21.2-41.1.ia64.rpm curl-7.21.2-41.1.x86_64.rpm curl-debuginfo-7.21.2-41.1.x86_64.rpm libcurl-devel-7.21.2-41.1.x86_64.rpm libcurl4-7.21.2-41.1.x86_64.rpm 2014-21 moderate openSUSE Evergreen 11.4 This update fixes the following security issue with libyaml: - bnc#860617: Fixed heap based buffer overflow due to integer misuse (CVE-2013-6393) libyaml-0-2-0.1.3-6.1.i586.rpm libyaml-0-2-debuginfo-0.1.3-6.1.i586.rpm libyaml-0.1.3-6.1.src.rpm libyaml-debugsource-0.1.3-6.1.i586.rpm libyaml-devel-0.1.3-6.1.i586.rpm libyaml-0-2-0.1.3-6.1.x86_64.rpm libyaml-0-2-debuginfo-0.1.3-6.1.x86_64.rpm libyaml-debugsource-0.1.3-6.1.x86_64.rpm libyaml-devel-0.1.3-6.1.x86_64.rpm 2014-19 low openSUSE Evergreen 11.4 poppler was updated to fix a security issues: - Fix a DoS due to a format string error (bnc#859427 CVE-2013-7296) - fix various memory access vulnerability(CVE-2013-1788, CVE-2013-1789,CVE-2013-1790 - bnc#806793) libpoppler-cpp0-0.14.4-13.1.i586.rpm libpoppler-cpp0-debuginfo-0.14.4-13.1.i586.rpm libpoppler-devel-0.14.4-13.1.i586.rpm libpoppler-doc-0.14.4-13.1.noarch.rpm libpoppler-glib-devel-0.14.4-13.1.i586.rpm libpoppler-glib5-0.14.4-13.1.i586.rpm libpoppler-glib5-debuginfo-0.14.4-13.1.i586.rpm libpoppler7-0.14.4-13.1.i586.rpm libpoppler7-debuginfo-0.14.4-13.1.i586.rpm poppler-0.14.4-13.1.src.rpm poppler-debugsource-0.14.4-13.1.i586.rpm poppler-tools-0.14.4-13.1.i586.rpm poppler-tools-debuginfo-0.14.4-13.1.i586.rpm libpoppler-cpp0-0.14.4-13.1.x86_64.rpm libpoppler-cpp0-debuginfo-0.14.4-13.1.x86_64.rpm libpoppler-devel-0.14.4-13.1.x86_64.rpm libpoppler-glib-devel-0.14.4-13.1.x86_64.rpm libpoppler-glib5-0.14.4-13.1.x86_64.rpm libpoppler-glib5-debuginfo-0.14.4-13.1.x86_64.rpm libpoppler7-0.14.4-13.1.x86_64.rpm libpoppler7-debuginfo-0.14.4-13.1.x86_64.rpm poppler-debugsource-0.14.4-13.1.x86_64.rpm poppler-tools-0.14.4-13.1.x86_64.rpm poppler-tools-debuginfo-0.14.4-13.1.x86_64.rpm 2014-28 low openSUSE Evergreen 11.4 This low-profile update introduces a backport of the SSLCompression directive (added to /etc/apache2/ssl-global.conf) that helps mitigating the CRIME attack if set to off (default). Also added to /etc/apache2/ssl-global.conf: "SSLHonorCipherOrder on". /etc/apache2/vhosts.d/vhost-ssl.template now contains a new SSLCipherSuite string. Even though GCM mode of AES is not supported in openssl-1.0.0l, the string works well and may be useful elsewhere, too. apache2-2.2.17-76.2.i586.rpm apache2-2.2.17-76.2.src.rpm apache2-debuginfo-2.2.17-76.2.i586.rpm apache2-debugsource-2.2.17-76.2.i586.rpm apache2-devel-2.2.17-76.2.i586.rpm apache2-doc-2.2.17-76.2.noarch.rpm apache2-event-2.2.17-76.2.i586.rpm apache2-event-debuginfo-2.2.17-76.2.i586.rpm apache2-example-certificates-2.2.17-76.2.i586.rpm apache2-example-pages-2.2.17-76.2.i586.rpm apache2-itk-2.2.17-76.2.i586.rpm apache2-itk-debuginfo-2.2.17-76.2.i586.rpm apache2-prefork-2.2.17-76.2.i586.rpm apache2-prefork-debuginfo-2.2.17-76.2.i586.rpm apache2-utils-2.2.17-76.2.i586.rpm apache2-utils-debuginfo-2.2.17-76.2.i586.rpm apache2-worker-2.2.17-76.2.i586.rpm apache2-worker-debuginfo-2.2.17-76.2.i586.rpm apache2-2.2.17-76.2.x86_64.rpm apache2-debuginfo-2.2.17-76.2.x86_64.rpm apache2-debugsource-2.2.17-76.2.x86_64.rpm apache2-devel-2.2.17-76.2.x86_64.rpm apache2-event-2.2.17-76.2.x86_64.rpm apache2-event-debuginfo-2.2.17-76.2.x86_64.rpm apache2-example-certificates-2.2.17-76.2.x86_64.rpm apache2-example-pages-2.2.17-76.2.x86_64.rpm apache2-itk-2.2.17-76.2.x86_64.rpm apache2-itk-debuginfo-2.2.17-76.2.x86_64.rpm apache2-prefork-2.2.17-76.2.x86_64.rpm apache2-prefork-debuginfo-2.2.17-76.2.x86_64.rpm apache2-utils-2.2.17-76.2.x86_64.rpm apache2-utils-debuginfo-2.2.17-76.2.x86_64.rpm apache2-worker-2.2.17-76.2.x86_64.rpm apache2-worker-debuginfo-2.2.17-76.2.x86_64.rpm 2014-41 low openSUSE Evergreen 11.4 apache2-mod_nss is a new package on openSUSE 11.4 and can be used to replace apache2-mod_ssl if SSL/TLS support should be provided by Mozilla's Security libraries apache2-mod_nss-1.0.8-0.4.2.2.i586.rpm apache2-mod_nss-1.0.8-0.4.2.2.src.rpm apache2-mod_nss-debuginfo-1.0.8-0.4.2.2.i586.rpm apache2-mod_nss-debugsource-1.0.8-0.4.2.2.i586.rpm apache2-mod_nss-1.0.8-0.4.2.2.x86_64.rpm apache2-mod_nss-debuginfo-1.0.8-0.4.2.2.x86_64.rpm apache2-mod_nss-debugsource-1.0.8-0.4.2.2.x86_64.rpm 2014-22 critical openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.341: (bnc#865021) * APSB14-07, CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 - Contents of flashplayer_11_sa.i386.tar.gz changed back: spec file updated, supplementary script (update.sh) updated. flash-player-11.2.202.341-95.1.i586.rpm flash-player-11.2.202.341-95.1.nosrc.rpm flash-player-gnome-11.2.202.341-95.1.i586.rpm flash-player-kde4-11.2.202.341-95.1.i586.rpm flash-player-11.2.202.341-95.1.x86_64.rpm flash-player-gnome-11.2.202.341-95.1.x86_64.rpm flash-player-kde4-11.2.202.341-95.1.x86_64.rpm 2014-24 moderate openSUSE Evergreen 11.4 - Update to version 2.10.8 (bnc#861019): + General: Python build scripts and example plugins are now compatible with Python 3 (pidgin.im#15624). + libpurple: - Fix potential crash if libpurple gets an error attempting to read a reply from a STUN server (CVE-2013-6484). - Fix potential crash parsing a malformed HTTP response (CVE-2013-6479). - Fix buffer overflow when parsing a malformed HTTP response with chunked Transfer-Encoding (CVE-2013-6485). - Better handling of HTTP proxy responses with negative Content-Lengths. - Fix handling of SSL certificates without subjects when using libnss. - Fix handling of SSL certificates with timestamps in the distant future when using libnss (pidgin.im#15586). - Impose maximum download size for all HTTP fetches. + Pidgin: - Fix crash displaying tooltip of long URLs (CVE-2013-6478). - Better handling of URLs longer than 1000 letters. - Fix handling of multibyte UTF-8 characters in smiley themes (pidgin.im#15756). + AIM: Fix untrusted certificate error. + AIM and ICQ: Fix a possible crash when receiving a malformed message in a Direct IM session. + Gadu-Gadu: - Fix buffer overflow with remote code execution potential. Only triggerable by a Gadu-Gadu server or a man-in-the-middle (CVE-2013-6487). - Disabled buddy list import/export from/to server. - Disabled new account registration and password change options. + IRC: - Fix bug where a malicious server or man-in-the-middle could trigger a crash by not sending enough arguments with various messages (CVE-2014-0020). - Fix bug where initial IRC status would not be set correctly. - Fix bug where IRC wasn't available when libpurple was compiled with Cyrus SASL support (pidgin.im#15517). + MSN: - Fix NULL pointer dereference parsing headers in MSN (CVE-2013-6482). - Fix NULL pointer dereference parsing OIM data in MSN (CVE-2013-6482). - Fix NULL pointer dereference parsing SOAP data in MSN (CVE-2013-6482). - Fix possible crash when sending very long messages. Not remotely-triggerable. + MXit: - Fix buffer overflow with remote code execution potential (CVE-2013-6487). - Fix sporadic crashes that can happen after user is disconnected. - Fix crash when attempting to add a contact via search results. - Show error message if file transfer fails. - Fix compiling with InstantBird. - Fix display of some custom emoticons. + SILC: Correctly set whiteboard dimensions in whiteboard sessions. + SIMPLE: Fix buffer overflow with remote code execution potential (CVE-2013-6487). + XMPP: - Prevent spoofing of iq replies by verifying that the 'from' address matches the 'to' address of the iq request (CVE-2013-6483). - Fix crash on some systems when receiving fake delay timestamps with extreme values (CVE-2013-6477). - Fix possible crash or other erratic behavior when selecting a very small file for your own buddy icon. - Fix crash if the user tries to initiate a voice/video session with a resourceless JID. - Fix login errors when the first two available auth mechanisms fail but a subsequent mechanism would otherwise work when using Cyrus SASL (pidgin.im#15524). - Fix dropping incoming stanzas on BOSH connections when we receive multiple HTTP responses at once (pidgin.im#15684). + Yahoo!: - Fix possible crashes handling incoming strings that are not UTF-8 (CVE-2012-6152). - Fix a bug reading a peer to peer message where a remote user could trigger a crash (CVE-2013-6481). + Plugins: - Fix crash in contact availability plugin. - Fix perl function Purple::Network::ip_atoi. - Add Unity integration plugin. + Windows specific fixes: (CVE-2013-6486, pidgin.im#15520, pidgin.im#15521, bgo#668154). - Drop pidgin-irc-sasl.patch, fixed upstream. - Obsolete pidgin-facebookchat: the package is no longer maintained and pidgin as built-in support for Facebook Chat. - Protect buildrequires for mono-devel with with_mono macro. pidgin-branding-openSUSE-11.1-18.1.noarch.rpm pidgin-branding-openSUSE-11.1-18.1.src.rpm pidgin-embeddedvideo-1.1-5.3.src.rpm pidgin-embeddedvideo-debugsource-1.1-5.3.i586.rpm pidgin-plugin-embeddedvideo-1.1-5.3.i586.rpm pidgin-plugin-embeddedvideo-debuginfo-1.1-5.3.i586.rpm pidgin-otr-3.2.0-154.3.i586.rpm pidgin-otr-3.2.0-154.3.src.rpm pidgin-otr-debuginfo-3.2.0-154.3.i586.rpm pidgin-otr-debugsource-3.2.0-154.3.i586.rpm libpurple-plugin-sipe-1.14.0-6.3.i586.rpm libpurple-plugin-sipe-debuginfo-1.14.0-6.3.i586.rpm pidgin-sipe-1.14.0-6.3.i586.rpm pidgin-sipe-1.14.0-6.3.src.rpm pidgin-sipe-debugsource-1.14.0-6.3.i586.rpm finch-2.10.9-4.57.1.i586.rpm finch-debuginfo-2.10.9-4.57.1.i586.rpm finch-devel-2.10.9-4.57.1.i586.rpm libpurple-2.10.9-4.57.1.i586.rpm libpurple-debuginfo-2.10.9-4.57.1.i586.rpm libpurple-devel-2.10.9-4.57.1.i586.rpm libpurple-lang-2.10.9-4.57.1.noarch.rpm libpurple-meanwhile-2.10.9-4.57.1.i586.rpm libpurple-meanwhile-debuginfo-2.10.9-4.57.1.i586.rpm libpurple-tcl-2.10.9-4.57.1.i586.rpm libpurple-tcl-debuginfo-2.10.9-4.57.1.i586.rpm pidgin-2.10.9-4.57.1.i586.rpm pidgin-2.10.9-4.57.1.src.rpm pidgin-debuginfo-2.10.9-4.57.1.i586.rpm pidgin-debugsource-2.10.9-4.57.1.i586.rpm pidgin-devel-2.10.9-4.57.1.i586.rpm pidgin-evolution-2.10.9-4.57.1.i586.rpm pidgin-evolution-debuginfo-2.10.9-4.57.1.i586.rpm pidgin-embeddedvideo-debugsource-1.1-5.3.x86_64.rpm pidgin-plugin-embeddedvideo-1.1-5.3.x86_64.rpm pidgin-plugin-embeddedvideo-debuginfo-1.1-5.3.x86_64.rpm pidgin-otr-3.2.0-154.3.x86_64.rpm pidgin-otr-debuginfo-3.2.0-154.3.x86_64.rpm pidgin-otr-debugsource-3.2.0-154.3.x86_64.rpm libpurple-plugin-sipe-1.14.0-6.3.x86_64.rpm libpurple-plugin-sipe-debuginfo-1.14.0-6.3.x86_64.rpm pidgin-sipe-1.14.0-6.3.x86_64.rpm pidgin-sipe-debugsource-1.14.0-6.3.x86_64.rpm finch-2.10.9-4.57.1.x86_64.rpm finch-debuginfo-2.10.9-4.57.1.x86_64.rpm finch-devel-2.10.9-4.57.1.x86_64.rpm libpurple-2.10.9-4.57.1.x86_64.rpm libpurple-debuginfo-2.10.9-4.57.1.x86_64.rpm libpurple-devel-2.10.9-4.57.1.x86_64.rpm libpurple-meanwhile-2.10.9-4.57.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.10.9-4.57.1.x86_64.rpm libpurple-tcl-2.10.9-4.57.1.x86_64.rpm libpurple-tcl-debuginfo-2.10.9-4.57.1.x86_64.rpm pidgin-2.10.9-4.57.1.x86_64.rpm pidgin-debuginfo-2.10.9-4.57.1.x86_64.rpm pidgin-debugsource-2.10.9-4.57.1.x86_64.rpm pidgin-devel-2.10.9-4.57.1.x86_64.rpm pidgin-evolution-2.10.9-4.57.1.x86_64.rpm pidgin-evolution-debuginfo-2.10.9-4.57.1.x86_64.rpm 2014-23 low openSUSE Evergreen 11.4 Incorporate Google API key for working geo location functionality. MozillaFirefox-24.3.0-103.1.i586.rpm MozillaFirefox-24.3.0-103.1.src.rpm MozillaFirefox-branding-upstream-24.3.0-103.1.i586.rpm MozillaFirefox-buildsymbols-24.3.0-103.1.i586.rpm MozillaFirefox-debuginfo-24.3.0-103.1.i586.rpm MozillaFirefox-debugsource-24.3.0-103.1.i586.rpm MozillaFirefox-devel-24.3.0-103.1.i586.rpm MozillaFirefox-translations-common-24.3.0-103.1.i586.rpm MozillaFirefox-translations-other-24.3.0-103.1.i586.rpm MozillaFirefox-24.3.0-103.1.x86_64.rpm MozillaFirefox-branding-upstream-24.3.0-103.1.x86_64.rpm MozillaFirefox-buildsymbols-24.3.0-103.1.x86_64.rpm MozillaFirefox-debuginfo-24.3.0-103.1.x86_64.rpm MozillaFirefox-debugsource-24.3.0-103.1.x86_64.rpm MozillaFirefox-devel-24.3.0-103.1.x86_64.rpm MozillaFirefox-translations-common-24.3.0-103.1.x86_64.rpm MozillaFirefox-translations-other-24.3.0-103.1.x86_64.rpm 2014-27 moderate openSUSE Evergreen 11.4 clamav was updated to version 0.98.1 (bnc#841815): * remove copy of wxWidgets (halves the size of the tarball). * Decompression and scanning of files in "Xz" compression format. * Extraction, decompression, and scanning of files within Apple Disk Image (DMG) format. * Extraction, decompression, and scanning of files within Extensible Archive (XAR) format. XAR format is commonly used for software packaging, such as PKG and RPM, as well as general archival. * Improvements and fixes to extraction and scanning of ole formats. * Option to force all scanned data to disk. * Various improvements to ClamAV configuration, support of third party libraries, and unit tests. clamav-0.98.1-29.1.i586.rpm clamav-0.98.1-29.1.src.rpm clamav-db-0.98.1-29.1.noarch.rpm clamav-debuginfo-0.98.1-29.1.i586.rpm clamav-debugsource-0.98.1-29.1.i586.rpm clamav-0.98.1-29.1.x86_64.rpm clamav-debuginfo-0.98.1-29.1.x86_64.rpm clamav-debugsource-0.98.1-29.1.x86_64.rpm 2014-25 moderate openSUSE Evergreen 11.4 The mozilla ca certificates was updated to the state released with Mozilla NSS 3.15.4, internal version 1.96. Following changes were done: * New: ACCVRAIZ1.pem (Spain) (all trusts) * New: SG_TRUST_SERVICES_RACINE.pem (Singapore) (email signing only) * New: TWCA_Global_Root_CA.pem (Taiwanese) (all trusts) * Removed: Wells_Fargo_Root_CA.pem ca-certificates-mozilla-1.96-21.1.noarch.rpm ca-certificates-mozilla-1.96-21.1.src.rpm 2014-32 moderate openSUSE Evergreen 11.4 - Security and bugfix release 9.0.16: *Shore up GRANT ... WITH ADMIN OPTION restrictions (CVE-2014-0060) *Prevent privilege escalation via manual calls to PL validator functions (CVE-2014-0061) *Avoid multiple name lookups during table and index DDL (CVE-2014-0062) *Prevent buffer overrun with long datetime strings (CVE-2014-0063) *Prevent buffer overrun due to integer overflow in size calculations (CVE-2014-0064) *Prevent overruns of fixed-size buffers (CVE-2014-0065) *Avoid crashing if crypt() returns NULL (CVE-2014-0066) *Document risks of make check in the regression testing instructions (CVE-2014-0067) - for details see: http://www.postgresql.org/docs/9.0/static/release-9-0-16.html libecpg6-9.0.16-43.1.i586.rpm libecpg6-debuginfo-9.0.16-43.1.i586.rpm libpq5-32bit-9.0.16-43.1.x86_64.rpm libpq5-9.0.16-43.1.i586.rpm libpq5-debuginfo-32bit-9.0.16-43.1.x86_64.rpm libpq5-debuginfo-9.0.16-43.1.i586.rpm libpq5-debuginfo-x86-9.0.16-43.1.ia64.rpm libpq5-x86-9.0.16-43.1.ia64.rpm postgresql-devel-9.0.16-43.1.i586.rpm postgresql-devel-debuginfo-9.0.16-43.1.i586.rpm postgresql-libs-9.0.16-43.1.src.rpm postgresql-libs-debugsource-9.0.16-43.1.i586.rpm postgresql-9.0.16-43.1.i586.rpm postgresql-9.0.16-43.1.src.rpm postgresql-contrib-9.0.16-43.1.i586.rpm postgresql-contrib-debuginfo-9.0.16-43.1.i586.rpm postgresql-debuginfo-9.0.16-43.1.i586.rpm postgresql-debugsource-9.0.16-43.1.i586.rpm postgresql-docs-9.0.16-43.1.noarch.rpm postgresql-plperl-9.0.16-43.1.i586.rpm postgresql-plperl-debuginfo-9.0.16-43.1.i586.rpm postgresql-plpython-9.0.16-43.1.i586.rpm postgresql-plpython-debuginfo-9.0.16-43.1.i586.rpm postgresql-pltcl-9.0.16-43.1.i586.rpm postgresql-pltcl-debuginfo-9.0.16-43.1.i586.rpm postgresql-server-9.0.16-43.1.i586.rpm postgresql-server-debuginfo-9.0.16-43.1.i586.rpm libecpg6-9.0.16-43.1.x86_64.rpm libecpg6-debuginfo-9.0.16-43.1.x86_64.rpm libpq5-9.0.16-43.1.x86_64.rpm libpq5-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-devel-9.0.16-43.1.x86_64.rpm postgresql-devel-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-libs-debugsource-9.0.16-43.1.x86_64.rpm postgresql-9.0.16-43.1.x86_64.rpm postgresql-contrib-9.0.16-43.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-debugsource-9.0.16-43.1.x86_64.rpm postgresql-plperl-9.0.16-43.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-plpython-9.0.16-43.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-pltcl-9.0.16-43.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.16-43.1.x86_64.rpm postgresql-server-9.0.16-43.1.x86_64.rpm postgresql-server-debuginfo-9.0.16-43.1.x86_64.rpm 2014-26 critical openSUSE Evergreen 11.4 The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not. Also the TLS-CBC timing attack vulnerability was fixed. gnutls-2.8.6-5.25.1.i586.rpm gnutls-2.8.6-5.25.1.src.rpm gnutls-debuginfo-2.8.6-5.25.1.i586.rpm gnutls-debugsource-2.8.6-5.25.1.i586.rpm libgnutls-devel-2.8.6-5.25.1.i586.rpm libgnutls-extra-devel-2.8.6-5.25.1.i586.rpm libgnutls-extra26-2.8.6-5.25.1.i586.rpm libgnutls-extra26-debuginfo-2.8.6-5.25.1.i586.rpm libgnutls26-2.8.6-5.25.1.i586.rpm libgnutls26-32bit-2.8.6-5.25.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.25.1.i586.rpm libgnutls26-debuginfo-32bit-2.8.6-5.25.1.x86_64.rpm libgnutls26-debuginfo-x86-2.8.6-5.25.1.ia64.rpm libgnutls26-x86-2.8.6-5.25.1.ia64.rpm gnutls-2.8.6-5.25.1.x86_64.rpm gnutls-debuginfo-2.8.6-5.25.1.x86_64.rpm gnutls-debugsource-2.8.6-5.25.1.x86_64.rpm libgnutls-devel-2.8.6-5.25.1.x86_64.rpm libgnutls-extra-devel-2.8.6-5.25.1.x86_64.rpm libgnutls-extra26-2.8.6-5.25.1.x86_64.rpm libgnutls-extra26-debuginfo-2.8.6-5.25.1.x86_64.rpm libgnutls26-2.8.6-5.25.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.25.1.x86_64.rpm 2014-29 moderate openSUSE Evergreen 11.4 libssh was updated to fix a random generator reseeding issue when forking multiple servers. Forking multiple servers might under some circumstances get them the same random seed state. libssh-0.4.8-14.1.src.rpm libssh-debugsource-0.4.8-14.1.i586.rpm libssh-devel-0.4.8-14.1.i586.rpm libssh-devel-doc-0.4.8-14.1.i586.rpm libssh4-0.4.8-14.1.i586.rpm libssh4-debuginfo-0.4.8-14.1.i586.rpm libssh-debugsource-0.4.8-14.1.x86_64.rpm libssh-devel-0.4.8-14.1.x86_64.rpm libssh-devel-doc-0.4.8-14.1.x86_64.rpm libssh4-0.4.8-14.1.x86_64.rpm libssh4-debuginfo-0.4.8-14.1.x86_64.rpm 2014-30 moderate openSUSE Evergreen 11.4 A vulnerability has been reported in ImageMagick, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "DecodePSDPixels()" function (coders/psd.c) during RLE decoding of a PSD image and can be exploited to cause a buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. This updates fixes the vulnerability. ImageMagick-6.6.5.8-8.74.1.i586.rpm ImageMagick-6.6.5.8-8.74.1.src.rpm ImageMagick-debuginfo-6.6.5.8-8.74.1.i586.rpm ImageMagick-debugsource-6.6.5.8-8.74.1.i586.rpm ImageMagick-devel-6.6.5.8-8.74.1.i586.rpm ImageMagick-doc-6.6.5.8-8.74.1.noarch.rpm ImageMagick-extra-6.6.5.8-8.74.1.i586.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.74.1.i586.rpm libMagick++-devel-6.6.5.8-8.74.1.i586.rpm libMagick++4-6.6.5.8-8.74.1.i586.rpm libMagick++4-debuginfo-6.6.5.8-8.74.1.i586.rpm libMagickCore4-32bit-6.6.5.8-8.74.1.x86_64.rpm libMagickCore4-6.6.5.8-8.74.1.i586.rpm libMagickCore4-debuginfo-32bit-6.6.5.8-8.74.1.x86_64.rpm libMagickCore4-debuginfo-6.6.5.8-8.74.1.i586.rpm libMagickCore4-debuginfo-x86-6.6.5.8-8.74.1.ia64.rpm libMagickCore4-x86-6.6.5.8-8.74.1.ia64.rpm libMagickWand4-32bit-6.6.5.8-8.74.1.x86_64.rpm libMagickWand4-6.6.5.8-8.74.1.i586.rpm libMagickWand4-debuginfo-32bit-6.6.5.8-8.74.1.x86_64.rpm libMagickWand4-debuginfo-6.6.5.8-8.74.1.i586.rpm libMagickWand4-debuginfo-x86-6.6.5.8-8.74.1.ia64.rpm libMagickWand4-x86-6.6.5.8-8.74.1.ia64.rpm perl-PerlMagick-6.6.5.8-8.74.1.i586.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.74.1.i586.rpm ImageMagick-6.6.5.8-8.74.1.x86_64.rpm ImageMagick-debuginfo-6.6.5.8-8.74.1.x86_64.rpm ImageMagick-debugsource-6.6.5.8-8.74.1.x86_64.rpm ImageMagick-devel-6.6.5.8-8.74.1.x86_64.rpm ImageMagick-extra-6.6.5.8-8.74.1.x86_64.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.74.1.x86_64.rpm libMagick++-devel-6.6.5.8-8.74.1.x86_64.rpm libMagick++4-6.6.5.8-8.74.1.x86_64.rpm libMagick++4-debuginfo-6.6.5.8-8.74.1.x86_64.rpm libMagickCore4-6.6.5.8-8.74.1.x86_64.rpm libMagickCore4-debuginfo-6.6.5.8-8.74.1.x86_64.rpm libMagickWand4-6.6.5.8-8.74.1.x86_64.rpm libMagickWand4-debuginfo-6.6.5.8-8.74.1.x86_64.rpm perl-PerlMagick-6.6.5.8-8.74.1.x86_64.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.74.1.x86_64.rpm 2014-31 moderate openSUSE Evergreen 11.4 file was updated to fix two security issues. - A possible endless recursion. (CVE-2014-1943) - A crash in PE file handling (CVE-2014-2270) file-32bit-5.04-16.1.x86_64.rpm file-5.04-16.1.i586.rpm file-5.04-16.1.src.rpm file-debuginfo-32bit-5.04-16.1.x86_64.rpm file-debuginfo-5.04-16.1.i586.rpm file-debuginfo-x86-5.04-16.1.ia64.rpm file-debugsource-5.04-16.1.i586.rpm file-devel-5.04-16.1.i586.rpm file-x86-5.04-16.1.ia64.rpm python-magic-5.04-16.1.i586.rpm python-magic-5.04-16.1.src.rpm python-magic-debuginfo-5.04-16.1.i586.rpm python-magic-debugsource-5.04-16.1.i586.rpm file-5.04-16.1.x86_64.rpm file-debuginfo-5.04-16.1.x86_64.rpm file-debugsource-5.04-16.1.x86_64.rpm file-devel-5.04-16.1.x86_64.rpm python-magic-5.04-16.1.x86_64.rpm python-magic-debuginfo-5.04-16.1.x86_64.rpm python-magic-debugsource-5.04-16.1.x86_64.rpm 2014-34 moderate openSUSE Evergreen 11.4 Wireshark was updated to version 1.8.13 to fix security issues and bugs[bnc#867485]: + vulnerabilities fixed: * The NFS dissector could crash wnpa-sec-2014-01 CVE-2014-2281 * The RLC dissector could crash wnpa-sec-2014-03 CVE-2014-2283 * The MPEG file parser could overflow a buffer wnpa-sec-2014-04 CVE-2014-2299 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.13.html wireshark-1.8.13-69.1.i586.rpm wireshark-1.8.13-69.1.src.rpm wireshark-debuginfo-1.8.13-69.1.i586.rpm wireshark-debugsource-1.8.13-69.1.i586.rpm wireshark-devel-1.8.13-69.1.i586.rpm wireshark-1.8.13-69.1.x86_64.rpm wireshark-debuginfo-1.8.13-69.1.x86_64.rpm wireshark-debugsource-1.8.13-69.1.x86_64.rpm wireshark-devel-1.8.13-69.1.x86_64.rpm 2014-35 moderate openSUSE Evergreen 11.4 udisks was updated to fix a buffer overflow in mount path parsing. If users have the possibility to create very long mount points, such as with FUSE, they could cause udisksd to crash, or even to run arbitrary code as root with specially crafted mount paths.(bnc#865854, CVE-2014-0004) udisks-1.0.2-3.16.1.i586.rpm udisks-1.0.2-3.16.1.src.rpm udisks-debuginfo-1.0.2-3.16.1.i586.rpm udisks-debugsource-1.0.2-3.16.1.i586.rpm udisks-devel-1.0.2-3.16.1.i586.rpm udisks-1.0.2-3.16.1.x86_64.rpm udisks-debuginfo-1.0.2-3.16.1.x86_64.rpm udisks-debugsource-1.0.2-3.16.1.x86_64.rpm udisks-devel-1.0.2-3.16.1.x86_64.rpm 2012-11 moderate openSUSE Evergreen 11.4 - update to Firefox 17.0.1 * revert some useragent changes introduced in 17.0 * leaving private browsing with social enabled doesn't reset all social components (bmo#815042) - fix KDE integration for file dialogs MozillaFirefox-17.0.1-53.1.i586.rpm MozillaFirefox-17.0.1-53.1.src.rpm MozillaFirefox-branding-upstream-17.0.1-53.1.i586.rpm MozillaFirefox-buildsymbols-17.0.1-53.1.i586.rpm MozillaFirefox-debuginfo-17.0.1-53.1.i586.rpm MozillaFirefox-debugsource-17.0.1-53.1.i586.rpm MozillaFirefox-devel-17.0.1-53.1.i586.rpm MozillaFirefox-translations-common-17.0.1-53.1.i586.rpm MozillaFirefox-translations-other-17.0.1-53.1.i586.rpm MozillaFirefox-17.0.1-53.1.x86_64.rpm MozillaFirefox-branding-upstream-17.0.1-53.1.x86_64.rpm MozillaFirefox-buildsymbols-17.0.1-53.1.x86_64.rpm MozillaFirefox-debuginfo-17.0.1-53.1.x86_64.rpm MozillaFirefox-debugsource-17.0.1-53.1.x86_64.rpm MozillaFirefox-devel-17.0.1-53.1.x86_64.rpm MozillaFirefox-translations-common-17.0.1-53.1.x86_64.rpm MozillaFirefox-translations-other-17.0.1-53.1.x86_64.rpm 2014-36 moderate openSUSE Evergreen 11.4 net-snmp was updated to fix potential remote denial of service problems: - fixed a potential remote denial of service problem within the Linux ICMP-MIB implementation (CVE-2014-2284)(bnc#866942) - fixed a potential remote denial of service problem inside the snmptrapd Perl trap handler (CVE-2014-2285)(bnc#866942) libsnmp25-32bit-5.6.1-4.35.1.x86_64.rpm libsnmp25-5.6.1-4.35.1.i586.rpm libsnmp25-debuginfo-32bit-5.6.1-4.35.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.35.1.i586.rpm libsnmp25-debuginfo-x86-5.6.1-4.35.1.ia64.rpm libsnmp25-x86-5.6.1-4.35.1.ia64.rpm net-snmp-5.6.1-4.35.1.i586.rpm net-snmp-5.6.1-4.35.1.src.rpm net-snmp-debuginfo-5.6.1-4.35.1.i586.rpm net-snmp-debugsource-5.6.1-4.35.1.i586.rpm net-snmp-devel-5.6.1-4.35.1.i586.rpm perl-SNMP-5.6.1-4.35.1.i586.rpm perl-SNMP-debuginfo-5.6.1-4.35.1.i586.rpm snmp-mibs-5.6.1-4.35.1.i586.rpm libsnmp25-5.6.1-4.35.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.35.1.x86_64.rpm net-snmp-5.6.1-4.35.1.x86_64.rpm net-snmp-debuginfo-5.6.1-4.35.1.x86_64.rpm net-snmp-debugsource-5.6.1-4.35.1.x86_64.rpm net-snmp-devel-5.6.1-4.35.1.x86_64.rpm perl-SNMP-5.6.1-4.35.1.x86_64.rpm perl-SNMP-debuginfo-5.6.1-4.35.1.x86_64.rpm snmp-mibs-5.6.1-4.35.1.x86_64.rpm 2014-33 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to version 11.2.202.346 to fix security issues: CVE-2014-0503: A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0504: A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14-08.html flash-player-11.2.202.346-99.1.i586.rpm flash-player-11.2.202.346-99.1.nosrc.rpm flash-player-gnome-11.2.202.346-99.1.i586.rpm flash-player-kde4-11.2.202.346-99.1.i586.rpm flash-player-11.2.202.346-99.1.x86_64.rpm flash-player-gnome-11.2.202.346-99.1.x86_64.rpm flash-player-kde4-11.2.202.346-99.1.x86_64.rpm 2014-37 important openSUSE Evergreen 11.4 This patch contains a collection of security relevant updates for Mozilla applications. Update Firefox to 24.4.0 (bnc#868603) Update Thunderbird to 24.4.0 Update NSPR to 4.10.4 Update NSS to 3.15.5 * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards * MFSA 2014-17/CVE-2014-1497 (bmo#966311) Out of bounds read during WAV file decoding * MFSA 2014-26/CVE-2014-1508 (bmo#963198) Information disclosure through polygon rendering in MathML * MFSA 2014-27/CVE-2014-1509 (bmo#966021) Memory corruption in Cairo during PDF font rendering * MFSA 2014-28/CVE-2014-1505 (bmo#941887) SVG filters information disclosure through feDisplacementMap * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909) Privilege escalation using WebIDL-implemented APIs * MFSA 2014-30/CVE-2014-1512 (bmo#982957) Use-after-free in TypeObject * MFSA 2014-31/CVE-2014-1513 (bmo#982974) Out-of-bounds read/write through neutering ArrayBuffer objects * MFSA 2014-32/CVE-2014-1514 (bmo#983344) Out-of-bounds write through TypedArrayObject after neutering MozillaFirefox-24.4.0-107.3.i586.rpm MozillaFirefox-24.4.0-107.3.src.rpm MozillaFirefox-branding-upstream-24.4.0-107.3.i586.rpm MozillaFirefox-buildsymbols-24.4.0-107.3.i586.rpm MozillaFirefox-debuginfo-24.4.0-107.3.i586.rpm MozillaFirefox-debugsource-24.4.0-107.3.i586.rpm MozillaFirefox-devel-24.4.0-107.3.i586.rpm MozillaFirefox-translations-common-24.4.0-107.3.i586.rpm MozillaFirefox-translations-other-24.4.0-107.3.i586.rpm MozillaThunderbird-24.4.0-89.2.i586.rpm MozillaThunderbird-24.4.0-89.2.src.rpm MozillaThunderbird-buildsymbols-24.4.0-89.2.i586.rpm MozillaThunderbird-debuginfo-24.4.0-89.2.i586.rpm MozillaThunderbird-debugsource-24.4.0-89.2.i586.rpm MozillaThunderbird-devel-24.4.0-89.2.i586.rpm MozillaThunderbird-translations-common-24.4.0-89.2.i586.rpm MozillaThunderbird-translations-other-24.4.0-89.2.i586.rpm enigmail-1.6.0+24.4.0-89.2.i586.rpm mozilla-nspr-32bit-4.10.4-40.1.x86_64.rpm mozilla-nspr-4.10.4-40.1.i586.rpm mozilla-nspr-4.10.4-40.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.4-40.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.4-40.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.4-40.1.ia64.rpm mozilla-nspr-debugsource-4.10.4-40.1.i586.rpm mozilla-nspr-devel-4.10.4-40.1.i586.rpm mozilla-nspr-x86-4.10.4-40.1.ia64.rpm libfreebl3-3.15.5-82.1.i586.rpm libfreebl3-32bit-3.15.5-82.1.x86_64.rpm libfreebl3-debuginfo-3.15.5-82.1.i586.rpm libfreebl3-debuginfo-32bit-3.15.5-82.1.x86_64.rpm libfreebl3-debuginfo-x86-3.15.5-82.1.ia64.rpm libfreebl3-x86-3.15.5-82.1.ia64.rpm libsoftokn3-3.15.5-82.1.i586.rpm libsoftokn3-32bit-3.15.5-82.1.x86_64.rpm libsoftokn3-debuginfo-3.15.5-82.1.i586.rpm libsoftokn3-debuginfo-32bit-3.15.5-82.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.15.5-82.1.ia64.rpm libsoftokn3-x86-3.15.5-82.1.ia64.rpm mozilla-nss-3.15.5-82.1.i586.rpm mozilla-nss-3.15.5-82.1.src.rpm mozilla-nss-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-certs-3.15.5-82.1.i586.rpm mozilla-nss-certs-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.5-82.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.15.5-82.1.ia64.rpm mozilla-nss-certs-x86-3.15.5-82.1.ia64.rpm mozilla-nss-debuginfo-3.15.5-82.1.i586.rpm mozilla-nss-debuginfo-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.15.5-82.1.ia64.rpm mozilla-nss-debugsource-3.15.5-82.1.i586.rpm mozilla-nss-devel-3.15.5-82.1.i586.rpm mozilla-nss-sysinit-3.15.5-82.1.i586.rpm mozilla-nss-sysinit-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.5-82.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.15.5-82.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.15.5-82.1.ia64.rpm mozilla-nss-sysinit-x86-3.15.5-82.1.ia64.rpm mozilla-nss-tools-3.15.5-82.1.i586.rpm mozilla-nss-tools-debuginfo-3.15.5-82.1.i586.rpm mozilla-nss-x86-3.15.5-82.1.ia64.rpm MozillaFirefox-24.4.0-107.3.x86_64.rpm MozillaFirefox-branding-upstream-24.4.0-107.3.x86_64.rpm MozillaFirefox-buildsymbols-24.4.0-107.3.x86_64.rpm MozillaFirefox-debuginfo-24.4.0-107.3.x86_64.rpm MozillaFirefox-debugsource-24.4.0-107.3.x86_64.rpm MozillaFirefox-devel-24.4.0-107.3.x86_64.rpm MozillaFirefox-translations-common-24.4.0-107.3.x86_64.rpm MozillaFirefox-translations-other-24.4.0-107.3.x86_64.rpm MozillaThunderbird-24.4.0-89.2.x86_64.rpm MozillaThunderbird-buildsymbols-24.4.0-89.2.x86_64.rpm MozillaThunderbird-debuginfo-24.4.0-89.2.x86_64.rpm MozillaThunderbird-debugsource-24.4.0-89.2.x86_64.rpm MozillaThunderbird-devel-24.4.0-89.2.x86_64.rpm MozillaThunderbird-translations-common-24.4.0-89.2.x86_64.rpm MozillaThunderbird-translations-other-24.4.0-89.2.x86_64.rpm enigmail-1.6.0+24.4.0-89.2.x86_64.rpm mozilla-nspr-4.10.4-40.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.4-40.1.x86_64.rpm mozilla-nspr-debugsource-4.10.4-40.1.x86_64.rpm mozilla-nspr-devel-4.10.4-40.1.x86_64.rpm libfreebl3-3.15.5-82.1.x86_64.rpm libfreebl3-debuginfo-3.15.5-82.1.x86_64.rpm libsoftokn3-3.15.5-82.1.x86_64.rpm libsoftokn3-debuginfo-3.15.5-82.1.x86_64.rpm mozilla-nss-3.15.5-82.1.x86_64.rpm mozilla-nss-certs-3.15.5-82.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.15.5-82.1.x86_64.rpm mozilla-nss-debuginfo-3.15.5-82.1.x86_64.rpm mozilla-nss-debugsource-3.15.5-82.1.x86_64.rpm mozilla-nss-devel-3.15.5-82.1.x86_64.rpm mozilla-nss-sysinit-3.15.5-82.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.15.5-82.1.x86_64.rpm mozilla-nss-tools-3.15.5-82.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.15.5-82.1.x86_64.rpm 2014-38 moderate openSUSE Evergreen 11.4 The mailreader mutt was updated to fix a crash in header view that could be triggered by malformed e-mails and potentially be used to execute code. mutt-1.5.21-14.21.1.i586.rpm mutt-1.5.21-14.21.1.src.rpm mutt-debuginfo-1.5.21-14.21.1.i586.rpm mutt-debugsource-1.5.21-14.21.1.i586.rpm mutt-1.5.21-14.21.1.x86_64.rpm mutt-debuginfo-1.5.21-14.21.1.x86_64.rpm mutt-debugsource-1.5.21-14.21.1.x86_64.rpm 2014-40 moderate openSUSE Evergreen 11.4 This update fixes the security issue: NULL byte handling in subjectAltName (bnc#839107,CVE-2013-4314) python-openssl-0.11-6.1.i586.rpm python-openssl-0.11-6.1.src.rpm python-openssl-debuginfo-0.11-6.1.i586.rpm python-openssl-debugsource-0.11-6.1.i586.rpm python-openssl-0.11-6.1.x86_64.rpm python-openssl-debuginfo-0.11-6.1.x86_64.rpm python-openssl-debugsource-0.11-6.1.x86_64.rpm 2014-39 moderate openSUSE Evergreen 11.4 - Turkey begins DST on 2014-03-31, not 03-30. - Fiji ends DST on 2014-01-19 at 02:00, not the previously-scheduled 03:00. - Jordan switches back to standard time at 00:00 on December 20,2013. - The 2006-2011 transition schedule is planned to resume in 2014. - The files solar87, solar88, and solar89 are no longer distributed. - tz-link.htm now mentions Noda Time. timezone-java-2014b-30.1.noarch.rpm timezone-java-2014b-30.1.src.rpm timezone-2014b-30.1.i586.rpm timezone-2014b-30.1.src.rpm timezone-debuginfo-2014b-30.1.i586.rpm timezone-debugsource-2014b-30.1.i586.rpm timezone-2014b-30.1.x86_64.rpm timezone-debuginfo-2014b-30.1.x86_64.rpm timezone-debugsource-2014b-30.1.x86_64.rpm 2014-42 moderate openSUSE Evergreen 11.4 The fail2ban tool was updated to version 0.8.12 to fix various security issues and also brings bugfixes and features. Security issues fixed: A remote unauthenticated attacker may cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services protected by Fail2ban. CVE-2013-7177 (cyrus-imap) and CVE-2013-7176 (postfix) - Use new flushlogs syntax after logrotate - Update to version 0.8.12 * Log rotation can now occur with the command "flushlogs" rather than reloading fail2ban or keeping the logtarget settings consistent in jail.conf/local and /etc/logrotate.d/fail2ban. (dep#697333, rh#891798). * Added ignorecommand option for allowing dynamic determination as to ignore and IP or not. * Remove indentation of name and loglevel while logging to SYSLOG to resolve syslog(-ng) parsing problems. (dep#730202). Log lines now also report "[PID]" after the name portion too. * Epoch dates can now be enclosed within [] * New actions: badips, firewallcmd-ipset, ufw, blocklist_de * New filters: solid-pop3d, nsd, openwebmail, horde, freeswitch, squid, ejabberd, openwebmail, groupoffice * Filter improvements: - apache-noscript now includes php cgi scripts - exim-spam filter to match spamassassin log entry for option SAdevnull. - Added to sshd filter expression for "Received disconnect from : 3: Auth fail" - Improved ACL-handling for Asterisk - Added improper command pipelining to postfix filter. * General fixes: - Added lots of jail.conf entries for missing filters that creaped in over the last year. - synchat changed to use push method which verifies whether all data was send. This ensures that all data is sent before closing the connection. - Fixed python 2.4 compatibility (as sub-second in date patterns weren't 2.4 compatible) - Complain/email actions fixed to only include relevant IPs to reporting * Filter fixes: - Added HTTP referrer bit of the apache access log to the apache filters. - Apache 2.4 perfork regexes fixed - Kernel syslog expression can have leading spaces - allow for ",milliseconds" in the custom date format of proftpd.log - recidive jail to block all protocols - smtps not a IANA standard so may be missing from /etc/services. Due to (still) common use 465 has been used as the explicit port number - Filter dovecot reordered session and TLS items in regex with wider scope for session characters * Ugly Fixes (Potentially incompatible changes): - Unfortunately at the end of last release when the action firewall-cmd-direct-new was added it was too long and had a broken action check. The action was renamed to firewallcmd-new to fit within jail name name length. (gh#fail2ban/fail2ban#395). - Last release added mysqld-syslog-iptables as a jail configuration. This jailname was too long and it has been renamed to mysqld-syslog. - Fixed formating of github references in changelog - reformatted spec-file - Update to version 0.8.11 - In light of CVE-2013-2178 that triggered our last release we have put a significant effort into tightening all of the regexs of our filters to avoid another similar vulnerability. We haven't examined all of these for a potential DoS scenario however it is possible that another DoS vulnerability exists that is fixed by this release. A large number of filters have been updated to include more failure regexs supporting previously unbanned failures and support newer application versions too. We have test cases for most of these now however if you have other examples that demonstrate that a filter is insufficient we welcome your feedback. During the tightening of the regexs to avoid DoS vulnerabilities there is the possibility that we have inadvertently, despite our best intentions, incorrectly allowed a failure to continue. Addresses a possible DoS. Closes gh#fail2ban/fail2ban#248, bnc#824710 within [Init]. Closes gh#fail2ban/fail2ban#232 * Updates to asterisk filter. Closes gh#fail2ban/fail2ban#227, gh#fail2ban/fail2ban#230. * Updates to asterisk to include AUTH_UNKNOWN_DOMAIN. Closes gh#fail2ban/fail2ban#244. on Fedora. Closes gh#fail2ban/fail2ban#112. Thanks to Camusensei for the bug report. insight. Closes gh#fail2ban/fail2ban#103. * [f2156604] pyinotify -- monitor IN_MOVED_TO events. Closes gh#fail2ban/fail2ban#184. Thanks to Jon Foster for report and troubleshooting. Orion Poplawski * [39667ff6] Avoid leaking file descriptors. Closes gh#fail2ban/fail2ban#167. Closes gh#fail2ban/fail2ban#147, gh#fail2ban/fail2ban#148. * [b6a68f51] Fix delaction on server side. Closes gh#fail2ban/fail2ban#124. the fail2ban-client. Closes gh#fail2ban/fail2ban#134. gh#fail2ban/fail2ban#70. Thanks to iGeorgeX for the idea. * [96eb8986] ' and " should also be escaped in action tags Closes gh#fail2ban/fail2ban#109 beilber for the idea. Closes gh#fail2ban/fail2ban#114. fail2ban is running. Closes gh#fail2ban/fail2ban#166. * [29d0df5] Add mysqld filter. Closes gh#fail2ban/fail2ban#152. * [bba3fd8] Add Sogo filter. Closes gh#fail2ban/fail2ban#117. * [be06b1b] Add action for iptables-ipsets. Closes gh#fail2ban/fail2ban#102. * [f336d9f] Add filter for webmin. Closes gh#fail2ban/fail2ban#99. consistently. Closes gh#fail2ban/fail2ban#172. * [b36835f] Add get cinfo to fail2ban-client. Closes gh#fail2ban/fail2ban#124. Closes gh#fail2ban/fail2ban#142. Closes gh#fail2ban/fail2ban#126. Bug report by Michael Heuberger. * [3aeb1a9] Add jail.conf manual page. Closes gh#fail2ban/fail2ban#143. banning due to misconfigured DNS. Close gh#fail2ban/fail2ban#64 * [0935566,5becaf8] Various python 2.4 and 2.5 compatibility fixes. Close gh#fail2ban/fail2ban#83 in the console. Close gh#fail2ban/fail2ban#91 the log file to take 'banip' or 'unbanip' in effect. Close gh#fail2ban/fail2ban#81, gh#fail2ban/fail2ban#86 * [f52ba99] downgraded "already banned" from WARN to INFO level. Closes gh#fail2ban/fail2ban#79 for this gh#fail2ban/fail2ban#87) message stays non-unicode. Close gh#fail2ban/fail2ban#32 friend to developers stuck with Windows (Closes gh#fail2ban/fail2ban#66) repeated offenders. Close gh#fail2ban/fail2ban#19 Close gh#fail2ban/fail2ban#47 (Closes: #669063) fail2ban-0.8.12-26.1.noarch.rpm fail2ban-0.8.12-26.1.src.rpm 2014-44 important openSUSE Evergreen 11.4 lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in mod_mysql_vhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. CVE-2014-2323: Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd allowed remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. More information can be found on the lighttpd advisory page: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt Other changes: * [network/ssl] fix build error if TLSEXT is disabled * [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active) * [mod_rrdtool] fix invalid read (string not null terminated) * [mod_dirlisting] fix memory leak if pcre fails * [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends * [mod_magnet] fix memory leak * add comments for switch fall throughs * remove logical dead code * [buffer] fix length check in buffer_is_equal_right_len * fix resource leaks in error cases on config parsing and other initializations * add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546) * [mod_cml_lua] fix null pointer dereference * force assertion: setting FD_CLOEXEC must work (if available) * [network] check return value of lseek() * fix unchecked return values from stream_open/stat_cache_get_entry * [mod_webdav] fix logic error in handling file creation error * check length of unix domain socket filenames * fix SQL injection / host name validation (thx Jann Horn)for all the changes see /usr/share/doc/packages/lighttpd/NEWS lighttpd-1.4.35-41.1.i586.rpm lighttpd-1.4.35-41.1.src.rpm lighttpd-debuginfo-1.4.35-41.1.i586.rpm lighttpd-debugsource-1.4.35-41.1.i586.rpm lighttpd-mod_cml-1.4.35-41.1.i586.rpm lighttpd-mod_cml-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_geoip-1.4.35-41.1.i586.rpm lighttpd-mod_geoip-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_magnet-1.4.35-41.1.i586.rpm lighttpd-mod_magnet-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_mysql_vhost-1.4.35-41.1.i586.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_rrdtool-1.4.35-41.1.i586.rpm lighttpd-mod_rrdtool-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_trigger_b4_dl-1.4.35-41.1.i586.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.35-41.1.i586.rpm lighttpd-mod_webdav-1.4.35-41.1.i586.rpm lighttpd-mod_webdav-debuginfo-1.4.35-41.1.i586.rpm lighttpd-1.4.35-41.1.x86_64.rpm lighttpd-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-debugsource-1.4.35-41.1.x86_64.rpm lighttpd-mod_cml-1.4.35-41.1.x86_64.rpm lighttpd-mod_cml-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_geoip-1.4.35-41.1.x86_64.rpm lighttpd-mod_geoip-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_magnet-1.4.35-41.1.x86_64.rpm lighttpd-mod_magnet-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_mysql_vhost-1.4.35-41.1.x86_64.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_rrdtool-1.4.35-41.1.x86_64.rpm lighttpd-mod_rrdtool-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-1.4.35-41.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.35-41.1.x86_64.rpm lighttpd-mod_webdav-1.4.35-41.1.x86_64.rpm lighttpd-mod_webdav-debuginfo-1.4.35-41.1.x86_64.rpm 2012-16 low openSUSE Evergreen 11.4 Fix integer overflow by parsing PPM image. (bnc#789835, CVE-2012-4433) gegl-0.1.2-10.1.i586.rpm gegl-0.1.2-10.1.src.rpm gegl-0_1-0.1.2-10.1.i586.rpm gegl-0_1-debuginfo-0.1.2-10.1.i586.rpm gegl-debuginfo-0.1.2-10.1.i586.rpm gegl-debugsource-0.1.2-10.1.i586.rpm gegl-devel-0.1.2-10.1.i586.rpm gegl-doc-0.1.2-10.1.i586.rpm libgegl-0_1-0-0.1.2-10.1.i586.rpm libgegl-0_1-0-debuginfo-0.1.2-10.1.i586.rpm gegl-0.1.2-10.1.x86_64.rpm gegl-0_1-0.1.2-10.1.x86_64.rpm gegl-0_1-debuginfo-0.1.2-10.1.x86_64.rpm gegl-debuginfo-0.1.2-10.1.x86_64.rpm gegl-debugsource-0.1.2-10.1.x86_64.rpm gegl-devel-0.1.2-10.1.x86_64.rpm gegl-doc-0.1.2-10.1.x86_64.rpm libgegl-0_1-0-0.1.2-10.1.x86_64.rpm libgegl-0_1-0-debuginfo-0.1.2-10.1.x86_64.rpm 2014-45 moderate openSUSE Evergreen 11.4 The file magic scanning tool/library was updated to fix a off-by-one error in the last security fixes. file-32bit-5.04-20.1.x86_64.rpm file-5.04-20.1.i586.rpm file-5.04-20.1.src.rpm file-debuginfo-32bit-5.04-20.1.x86_64.rpm file-debuginfo-5.04-20.1.i586.rpm file-debuginfo-x86-5.04-20.1.ia64.rpm file-debugsource-5.04-20.1.i586.rpm file-devel-5.04-20.1.i586.rpm file-x86-5.04-20.1.ia64.rpm python-magic-5.04-20.1.i586.rpm python-magic-5.04-20.1.src.rpm python-magic-debuginfo-5.04-20.1.i586.rpm python-magic-debugsource-5.04-20.1.i586.rpm file-5.04-20.1.x86_64.rpm file-debuginfo-5.04-20.1.x86_64.rpm file-debugsource-5.04-20.1.x86_64.rpm file-devel-5.04-20.1.x86_64.rpm python-magic-5.04-20.1.x86_64.rpm python-magic-debuginfo-5.04-20.1.x86_64.rpm python-magic-debugsource-5.04-20.1.x86_64.rpm 2014-43 moderate openSUSE Evergreen 11.4 xinetd was updated to receive security fixes and a bug fix. Security issues fixed: * CVE-2013-4342 (bnc#844230) - xinetd ignored user and group directives for tcpmux services * CVE-2012-0862 (bnc#762294) - xinetd enabled all services when tcp multiplexing is used Also added support for setting maximum number of open files (bnc#855685). xinetd-2.3.14-155.1.i586.rpm xinetd-2.3.14-155.1.src.rpm xinetd-debuginfo-2.3.14-155.1.i586.rpm xinetd-debugsource-2.3.14-155.1.i586.rpm xinetd-2.3.14-155.1.x86_64.rpm xinetd-debuginfo-2.3.14-155.1.x86_64.rpm xinetd-debugsource-2.3.14-155.1.x86_64.rpm 2014-46 moderate openSUSE Evergreen 11.4 This flash-player update fixes several security issues: - bnc#872692: Security update to 11.2.202.350: * APSB14-09, CVE-2014-0506, CVE-2014-0507, CVE-2014-0508,CVE-2014-0509 flash-player-11.2.202.350-103.1.i586.rpm flash-player-11.2.202.350-103.1.nosrc.rpm flash-player-gnome-11.2.202.350-103.1.i586.rpm flash-player-kde4-11.2.202.350-103.1.i586.rpm flash-player-11.2.202.350-103.1.x86_64.rpm flash-player-gnome-11.2.202.350-103.1.x86_64.rpm flash-player-kde4-11.2.202.350-103.1.x86_64.rpm openSUSE-2014-288 low openSUSE Evergreen 11.4 The SSLBump feature acts as TLS/SSL termination for clients. If this feature is enabled, squid can crash with range requests, leading to a potential Denial of Service condition. squid3-3.1.23-23.1.i586.rpm squid3-3.1.23-23.1.src.rpm squid3-debuginfo-3.1.23-23.1.i586.rpm squid3-debugsource-3.1.23-23.1.i586.rpm squid3-3.1.23-23.1.x86_64.rpm squid3-debuginfo-3.1.23-23.1.x86_64.rpm squid3-debugsource-3.1.23-23.1.x86_64.rpm 2014-47 moderate openSUSE Evergreen 11.4 Curl was updated to fix following problems: CVE-2014-0138: libcurl wrong re-use of connections CVE-2014-0139: libcurl IP address wildcard certificate validation curl-7.21.2-45.1.i586.rpm curl-7.21.2-45.1.src.rpm curl-debuginfo-7.21.2-45.1.i586.rpm libcurl-devel-7.21.2-45.1.i586.rpm libcurl4-32bit-7.21.2-45.1.x86_64.rpm libcurl4-7.21.2-45.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-45.1.x86_64.rpm libcurl4-debuginfo-7.21.2-45.1.i586.rpm libcurl4-debuginfo-x86-7.21.2-45.1.ia64.rpm libcurl4-x86-7.21.2-45.1.ia64.rpm curl-7.21.2-45.1.x86_64.rpm curl-debuginfo-7.21.2-45.1.x86_64.rpm libcurl-devel-7.21.2-45.1.x86_64.rpm libcurl4-7.21.2-45.1.x86_64.rpm 2014-50 moderate openSUSE Evergreen 11.4 This libpng12 update fixes the following two security issues. - bnc#873123: Fixed integer overflow leading to a heap-based buffer overflow in png_set_sPLT() and png_set_text_2() (CVE-2013-7354). - bnc#873124: Fixed integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() (CVE-2013-7353). libpng12-0-1.2.49-19.1.i586.rpm libpng12-0-32bit-1.2.49-19.1.x86_64.rpm libpng12-0-debuginfo-1.2.49-19.1.i586.rpm libpng12-0-debuginfo-32bit-1.2.49-19.1.x86_64.rpm libpng12-0-debuginfo-x86-1.2.49-19.1.ia64.rpm libpng12-0-x86-1.2.49-19.1.ia64.rpm libpng12-1.2.49-19.1.src.rpm libpng12-compat-devel-1.2.49-19.1.i586.rpm libpng12-compat-devel-32bit-1.2.49-19.1.x86_64.rpm libpng12-debugsource-1.2.49-19.1.i586.rpm libpng12-devel-1.2.49-19.1.i586.rpm libpng12-devel-32bit-1.2.49-19.1.x86_64.rpm libpng12-0-1.2.49-19.1.x86_64.rpm libpng12-0-debuginfo-1.2.49-19.1.x86_64.rpm libpng12-compat-devel-1.2.49-19.1.x86_64.rpm libpng12-debugsource-1.2.49-19.1.x86_64.rpm libpng12-devel-1.2.49-19.1.x86_64.rpm 2014-51 moderate openSUSE Evergreen 11.4 This nrpe update fixes the following security documentation problem. - bnc#874743: Documented a possible command injection when command arguments are enabled (CVE-2014-2913). More details can be found inside the documentation of this package. nagios-nrpe-2.12-29.1.i586.rpm nagios-nrpe-2.12-29.1.src.rpm nagios-nrpe-debuginfo-2.12-29.1.i586.rpm nagios-nrpe-debugsource-2.12-29.1.i586.rpm nagios-nrpe-doc-2.12-29.1.i586.rpm nagios-plugins-nrpe-2.12-29.1.i586.rpm nagios-plugins-nrpe-debuginfo-2.12-29.1.i586.rpm nagios-nrpe-2.12-29.1.x86_64.rpm nagios-nrpe-debuginfo-2.12-29.1.x86_64.rpm nagios-nrpe-debugsource-2.12-29.1.x86_64.rpm nagios-nrpe-doc-2.12-29.1.x86_64.rpm nagios-plugins-nrpe-2.12-29.1.x86_64.rpm nagios-plugins-nrpe-debuginfo-2.12-29.1.x86_64.rpm 2014-48 critical openSUSE Evergreen 11.4 This flash-player update fixes a critical buffer overflow vulnerability that leads to arbitrary code execution. The flash-player package was updated to version 11.2.202.356. * bnc#875577, APSB14-13, CVE-2014-0515 flash-player-11.2.202.356-107.1.i586.rpm flash-player-11.2.202.356-107.1.nosrc.rpm flash-player-gnome-11.2.202.356-107.1.i586.rpm flash-player-kde4-11.2.202.356-107.1.i586.rpm flash-player-11.2.202.356-107.1.x86_64.rpm flash-player-gnome-11.2.202.356-107.1.x86_64.rpm flash-player-kde4-11.2.202.356-107.1.x86_64.rpm 2014-49 moderate openSUSE Evergreen 11.4 This patch contains updates to Firefox and Thunderbird 24.5.0 including the following security fixes: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 (bmo#969226) Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 (bmo#989183) Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 (bmo#987003) Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 (bmo#895557) Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 (bmo#987140) Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 (bmo#966006) Use-after-free in nsHostResolver MozillaFirefox-24.5.0-111.1.i586.rpm MozillaFirefox-24.5.0-111.1.src.rpm MozillaFirefox-branding-upstream-24.5.0-111.1.i586.rpm MozillaFirefox-buildsymbols-24.5.0-111.1.i586.rpm MozillaFirefox-debuginfo-24.5.0-111.1.i586.rpm MozillaFirefox-debugsource-24.5.0-111.1.i586.rpm MozillaFirefox-devel-24.5.0-111.1.i586.rpm MozillaFirefox-translations-common-24.5.0-111.1.i586.rpm MozillaFirefox-translations-other-24.5.0-111.1.i586.rpm MozillaThunderbird-24.5.0-93.1.i586.rpm MozillaThunderbird-24.5.0-93.1.src.rpm MozillaThunderbird-buildsymbols-24.5.0-93.1.i586.rpm MozillaThunderbird-debuginfo-24.5.0-93.1.i586.rpm MozillaThunderbird-debugsource-24.5.0-93.1.i586.rpm MozillaThunderbird-devel-24.5.0-93.1.i586.rpm MozillaThunderbird-translations-common-24.5.0-93.1.i586.rpm MozillaThunderbird-translations-other-24.5.0-93.1.i586.rpm enigmail-1.6.0+24.5.0-93.1.i586.rpm MozillaFirefox-24.5.0-111.1.x86_64.rpm MozillaFirefox-branding-upstream-24.5.0-111.1.x86_64.rpm MozillaFirefox-buildsymbols-24.5.0-111.1.x86_64.rpm MozillaFirefox-debuginfo-24.5.0-111.1.x86_64.rpm MozillaFirefox-debugsource-24.5.0-111.1.x86_64.rpm MozillaFirefox-devel-24.5.0-111.1.x86_64.rpm MozillaFirefox-translations-common-24.5.0-111.1.x86_64.rpm MozillaFirefox-translations-other-24.5.0-111.1.x86_64.rpm MozillaThunderbird-24.5.0-93.1.x86_64.rpm MozillaThunderbird-buildsymbols-24.5.0-93.1.x86_64.rpm MozillaThunderbird-debuginfo-24.5.0-93.1.x86_64.rpm MozillaThunderbird-debugsource-24.5.0-93.1.x86_64.rpm MozillaThunderbird-devel-24.5.0-93.1.x86_64.rpm MozillaThunderbird-translations-common-24.5.0-93.1.x86_64.rpm MozillaThunderbird-translations-other-24.5.0-93.1.x86_64.rpm enigmail-1.6.0+24.5.0-93.1.x86_64.rpm 2014-52 moderate openSUSE Evergreen 11.4 flash-player was updated to fix several security issues. - Remote attackers could bypass the Same Origin Policy via unspecified vectors (CVE-2014-0516) - Bypass intended access restrictions via unspecified vectors (CVE-2014-0517) - Bypass intended access restrictions via unspecified vectors (CVE-2014-0518) - Bypass intended access restrictions via unspecified vectors (CVE-2014-0519) - Bypass intended access restrictions via unspecified vectors (CVE-2014-0520) flash-player-11.2.202.359-111.1.i586.rpm flash-player-11.2.202.359-111.1.nosrc.rpm flash-player-gnome-11.2.202.359-111.1.i586.rpm flash-player-kde4-11.2.202.359-111.1.i586.rpm ::import::i586::flash-player-11.2.202.359-111.1.i586.rpm ::import::i586::flash-player-gnome-11.2.202.359-111.1.i586.rpm ::import::i586::flash-player-kde4-11.2.202.359-111.1.i586.rpm flash-player-11.2.202.359-111.1.x86_64.rpm flash-player-gnome-11.2.202.359-111.1.x86_64.rpm flash-player-kde4-11.2.202.359-111.1.x86_64.rpm 2012-17 moderate openSUSE Evergreen 11.4 - Add gimp-CVE-2012-5576.patch: fix memory corruption vulnerability when reading XWD files (bnc#791372, bgo#687392, CVE-2012-5576). gimp-2.6.11-13.62.1.i586.rpm gimp-2.6.11-13.62.1.src.rpm gimp-branding-upstream-2.6.11-13.62.1.i586.rpm gimp-debuginfo-2.6.11-13.62.1.i586.rpm gimp-debugsource-2.6.11-13.62.1.i586.rpm gimp-devel-2.6.11-13.62.1.i586.rpm gimp-devel-debuginfo-2.6.11-13.62.1.i586.rpm gimp-help-browser-2.6.11-13.62.1.i586.rpm gimp-help-browser-debuginfo-2.6.11-13.62.1.i586.rpm gimp-lang-2.6.11-13.62.1.noarch.rpm gimp-module-hal-2.6.11-13.62.1.i586.rpm gimp-module-hal-debuginfo-2.6.11-13.62.1.i586.rpm gimp-plugins-python-2.6.11-13.62.1.i586.rpm gimp-plugins-python-debuginfo-2.6.11-13.62.1.i586.rpm libgimp-2_0-0-2.6.11-13.62.1.i586.rpm libgimp-2_0-0-32bit-2.6.11-13.62.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.62.1.i586.rpm libgimp-2_0-0-debuginfo-32bit-2.6.11-13.62.1.x86_64.rpm libgimp-2_0-0-debuginfo-x86-2.6.11-13.62.1.ia64.rpm libgimp-2_0-0-x86-2.6.11-13.62.1.ia64.rpm libgimpui-2_0-0-2.6.11-13.62.1.i586.rpm libgimpui-2_0-0-32bit-2.6.11-13.62.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.62.1.i586.rpm libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.62.1.x86_64.rpm libgimpui-2_0-0-debuginfo-x86-2.6.11-13.62.1.ia64.rpm libgimpui-2_0-0-x86-2.6.11-13.62.1.ia64.rpm gimp-2.6.11-13.62.1.x86_64.rpm gimp-branding-upstream-2.6.11-13.62.1.x86_64.rpm gimp-debuginfo-2.6.11-13.62.1.x86_64.rpm gimp-debugsource-2.6.11-13.62.1.x86_64.rpm gimp-devel-2.6.11-13.62.1.x86_64.rpm gimp-devel-debuginfo-2.6.11-13.62.1.x86_64.rpm gimp-help-browser-2.6.11-13.62.1.x86_64.rpm gimp-help-browser-debuginfo-2.6.11-13.62.1.x86_64.rpm gimp-module-hal-2.6.11-13.62.1.x86_64.rpm gimp-module-hal-debuginfo-2.6.11-13.62.1.x86_64.rpm gimp-plugins-python-2.6.11-13.62.1.x86_64.rpm gimp-plugins-python-debuginfo-2.6.11-13.62.1.x86_64.rpm libgimp-2_0-0-2.6.11-13.62.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.62.1.x86_64.rpm libgimpui-2_0-0-2.6.11-13.62.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.62.1.x86_64.rpm 2014-55 moderate openSUSE Evergreen 11.4 The following security issue was fixed: If the env_reset option is disabled in the sudoers file, a malicious user with sudo permissions may be able to run arbitrary commands with elevated privileges by manipulating the environment of a command the user is legitimately allowed to run. sudo-1.7.6p2-0.23.1.i586.rpm sudo-1.7.6p2-0.23.1.src.rpm sudo-debuginfo-1.7.6p2-0.23.1.i586.rpm sudo-debugsource-1.7.6p2-0.23.1.i586.rpm sudo-1.7.6p2-0.23.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.23.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.23.1.x86_64.rpm 2014-53 moderate openSUSE Evergreen 11.4 It was found that libxml2 incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. libxml2-2.7.8-49.1.i586.rpm libxml2-2.7.8-49.1.src.rpm libxml2-32bit-2.7.8-49.1.x86_64.rpm libxml2-debuginfo-2.7.8-49.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-49.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-49.1.ia64.rpm libxml2-debugsource-2.7.8-49.1.i586.rpm libxml2-devel-2.7.8-49.1.i586.rpm libxml2-devel-32bit-2.7.8-49.1.x86_64.rpm libxml2-doc-2.7.8-49.1.noarch.rpm libxml2-x86-2.7.8-49.1.ia64.rpm ::import::i586::libxml2-32bit-2.7.8-49.1.x86_64.rpm ::import::i586::libxml2-devel-32bit-2.7.8-49.1.x86_64.rpm libxml2-2.7.8-49.1.x86_64.rpm libxml2-debuginfo-2.7.8-49.1.x86_64.rpm libxml2-debugsource-2.7.8-49.1.x86_64.rpm libxml2-devel-2.7.8-49.1.x86_64.rpm 2014-54 moderate openSUSE Evergreen 11.4 strongswan was fixed to correct two issues: - Fix for DoS vulnerability by a NULL-pointer dereference (CVE-2014-2891). - Fix for a authentication bypass vulnerability in the IKEv2 code (CVE-2014-2338). strongswan-4.5.0-6.64.1.i586.rpm strongswan-4.5.0-6.64.1.src.rpm strongswan-debugsource-4.5.0-6.64.1.i586.rpm strongswan-doc-4.5.0-6.64.1.i586.rpm strongswan-ikev1-4.5.0-6.64.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-ikev2-4.5.0-6.64.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-ipsec-4.5.0-6.64.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-libs0-4.5.0-6.64.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-mysql-4.5.0-6.64.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-nm-4.5.0-6.64.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-sqlite-4.5.0-6.64.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.64.1.i586.rpm strongswan-4.5.0-6.64.1.x86_64.rpm strongswan-debugsource-4.5.0-6.64.1.x86_64.rpm strongswan-doc-4.5.0-6.64.1.x86_64.rpm strongswan-ikev1-4.5.0-6.64.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-ikev2-4.5.0-6.64.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-ipsec-4.5.0-6.64.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-libs0-4.5.0-6.64.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-mysql-4.5.0-6.64.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-nm-4.5.0-6.64.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.64.1.x86_64.rpm strongswan-sqlite-4.5.0-6.64.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.64.1.x86_64.rpm 2014-61 moderate openSUSE Evergreen 11.4 kernel update for Evergreen 11.4 (includes CVE-2014-0196, CVE-2014-1737 and CVE-2014-1738) kernel-debug-3.0.101-83.1.i586.rpm True kernel-debug-3.0.101-83.1.nosrc.rpm True kernel-debug-base-3.0.101-83.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-debug-debuginfo-3.0.101-83.1.i586.rpm True kernel-debug-debugsource-3.0.101-83.1.i586.rpm True kernel-debug-devel-3.0.101-83.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-debug-hmac-3.0.101-83.1.i586.rpm True kernel-default-3.0.101-83.1.i586.rpm True kernel-default-3.0.101-83.1.nosrc.rpm True kernel-default-base-3.0.101-83.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-default-debuginfo-3.0.101-83.1.i586.rpm True kernel-default-debugsource-3.0.101-83.1.i586.rpm True kernel-default-devel-3.0.101-83.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-default-hmac-3.0.101-83.1.i586.rpm True kernel-desktop-3.0.101-83.1.i586.rpm True kernel-desktop-3.0.101-83.1.nosrc.rpm True kernel-desktop-base-3.0.101-83.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-83.1.i586.rpm True kernel-desktop-debugsource-3.0.101-83.1.i586.rpm True kernel-desktop-devel-3.0.101-83.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-desktop-hmac-3.0.101-83.1.i586.rpm True kernel-docs-3.0.101-83.3.noarch.rpm True kernel-docs-3.0.101-83.3.src.rpm True kernel-ec2-3.0.101-83.1.i586.rpm True kernel-ec2-3.0.101-83.1.nosrc.rpm True kernel-ec2-base-3.0.101-83.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-83.1.i586.rpm True kernel-ec2-debugsource-3.0.101-83.1.i586.rpm True kernel-ec2-devel-3.0.101-83.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-ec2-extra-3.0.101-83.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-83.1.i586.rpm True kernel-ec2-hmac-3.0.101-83.1.i586.rpm True kernel-pae-3.0.101-83.1.i586.rpm True kernel-pae-3.0.101-83.1.nosrc.rpm True kernel-pae-base-3.0.101-83.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-pae-debuginfo-3.0.101-83.1.i586.rpm True kernel-pae-debugsource-3.0.101-83.1.i586.rpm True kernel-pae-devel-3.0.101-83.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-pae-hmac-3.0.101-83.1.i586.rpm True kernel-source-3.0.101-83.1.i586.rpm True kernel-source-3.0.101-83.1.src.rpm True kernel-source-vanilla-3.0.101-83.1.i586.rpm True kernel-syms-3.0.101-83.1.i586.rpm True kernel-syms-3.0.101-83.1.src.rpm True kernel-trace-3.0.101-83.1.i586.rpm True kernel-trace-3.0.101-83.1.nosrc.rpm True kernel-trace-base-3.0.101-83.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-trace-debuginfo-3.0.101-83.1.i586.rpm True kernel-trace-debugsource-3.0.101-83.1.i586.rpm True kernel-trace-devel-3.0.101-83.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-trace-hmac-3.0.101-83.1.i586.rpm True kernel-vanilla-3.0.101-83.1.i586.rpm True kernel-vanilla-3.0.101-83.1.nosrc.rpm True kernel-vanilla-base-3.0.101-83.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-83.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-83.1.i586.rpm True kernel-vanilla-devel-3.0.101-83.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-vanilla-hmac-3.0.101-83.1.i586.rpm True kernel-vmi-3.0.101-83.1.i586.rpm True kernel-vmi-3.0.101-83.1.nosrc.rpm True kernel-vmi-base-3.0.101-83.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-83.1.i586.rpm True kernel-vmi-debugsource-3.0.101-83.1.i586.rpm True kernel-vmi-devel-3.0.101-83.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-vmi-hmac-3.0.101-83.1.i586.rpm True kernel-xen-3.0.101-83.1.i586.rpm True kernel-xen-3.0.101-83.1.nosrc.rpm True kernel-xen-base-3.0.101-83.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-83.1.i586.rpm True kernel-xen-debuginfo-3.0.101-83.1.i586.rpm True kernel-xen-debugsource-3.0.101-83.1.i586.rpm True kernel-xen-devel-3.0.101-83.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-83.1.i586.rpm True kernel-xen-hmac-3.0.101-83.1.i586.rpm True preload-1.2-6.61.1.i586.rpm True preload-1.2-6.61.1.src.rpm True preload-debuginfo-1.2-6.61.1.i586.rpm True preload-debugsource-1.2-6.61.1.i586.rpm True preload-kmp-default-1.2_3.0.101_83-6.61.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_83-6.61.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_83-6.61.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_83-6.61.1.i586.rpm True kernel-debug-3.0.101-83.1.x86_64.rpm True kernel-debug-base-3.0.101-83.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-83.1.x86_64.rpm True kernel-debug-devel-3.0.101-83.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-debug-hmac-3.0.101-83.1.x86_64.rpm True kernel-default-3.0.101-83.1.x86_64.rpm True kernel-default-base-3.0.101-83.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-default-debugsource-3.0.101-83.1.x86_64.rpm True kernel-default-devel-3.0.101-83.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-default-hmac-3.0.101-83.1.x86_64.rpm True kernel-desktop-3.0.101-83.1.x86_64.rpm True kernel-desktop-base-3.0.101-83.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-83.1.x86_64.rpm True kernel-desktop-devel-3.0.101-83.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-83.1.x86_64.rpm True kernel-ec2-3.0.101-83.1.x86_64.rpm True kernel-ec2-base-3.0.101-83.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-83.1.x86_64.rpm True kernel-ec2-devel-3.0.101-83.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-ec2-extra-3.0.101-83.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-83.1.x86_64.rpm True kernel-source-3.0.101-83.1.x86_64.rpm True kernel-source-vanilla-3.0.101-83.1.x86_64.rpm True kernel-syms-3.0.101-83.1.x86_64.rpm True kernel-trace-3.0.101-83.1.x86_64.rpm True kernel-trace-base-3.0.101-83.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-83.1.x86_64.rpm True kernel-trace-devel-3.0.101-83.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-trace-hmac-3.0.101-83.1.x86_64.rpm True kernel-vanilla-3.0.101-83.1.x86_64.rpm True kernel-vanilla-base-3.0.101-83.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-83.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-83.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-83.1.x86_64.rpm True kernel-xen-3.0.101-83.1.x86_64.rpm True kernel-xen-base-3.0.101-83.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-83.1.x86_64.rpm True kernel-xen-devel-3.0.101-83.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-83.1.x86_64.rpm True kernel-xen-hmac-3.0.101-83.1.x86_64.rpm True preload-1.2-6.61.1.x86_64.rpm True preload-debuginfo-1.2-6.61.1.x86_64.rpm True preload-debugsource-1.2-6.61.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_83-6.61.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_83-6.61.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_83-6.61.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_83-6.61.1.x86_64.rpm True 2014-58 moderate openSUSE Evergreen 11.4 Besides other enhancements, this version update contains: - fix for CVE-2014-3215 (bnc#876832) * use PR_SET_NO_NEW_PRIVS to prevent gain of new privileges * added libcap-ng-CVE-2014-3215.patch libcap-ng-python-0.6.5-6.1.src.rpm libcap-ng-python-debugsource-0.6.5-6.1.i586.rpm python-capng-0.6.5-6.1.i586.rpm python-capng-debuginfo-0.6.5-6.1.i586.rpm libcap-ng-0.6.5-6.1.src.rpm libcap-ng-debugsource-0.6.5-6.1.i586.rpm libcap-ng-devel-0.6.5-6.1.i586.rpm libcap-ng-utils-0.6.5-6.1.i586.rpm libcap-ng-utils-debuginfo-0.6.5-6.1.i586.rpm libcap-ng0-0.6.5-6.1.i586.rpm libcap-ng0-32bit-0.6.5-6.1.x86_64.rpm libcap-ng0-debuginfo-0.6.5-6.1.i586.rpm libcap-ng0-debuginfo-32bit-0.6.5-6.1.x86_64.rpm libcap-ng0-debuginfo-x86-0.6.5-6.1.ia64.rpm libcap-ng0-x86-0.6.5-6.1.ia64.rpm libcap-ng-python-debugsource-0.6.5-6.1.x86_64.rpm python-capng-0.6.5-6.1.x86_64.rpm python-capng-debuginfo-0.6.5-6.1.x86_64.rpm libcap-ng-debugsource-0.6.5-6.1.x86_64.rpm libcap-ng-devel-0.6.5-6.1.x86_64.rpm libcap-ng-utils-0.6.5-6.1.x86_64.rpm libcap-ng-utils-debuginfo-0.6.5-6.1.x86_64.rpm libcap-ng0-0.6.5-6.1.x86_64.rpm libcap-ng0-debuginfo-0.6.5-6.1.x86_64.rpm 2014-57 moderate openSUSE Evergreen 11.4 - Update to version 1.11.4, bugfix release: + Fix buffer overflow with remote code execution potential. Only triggerable by a Gadu-Gadu server or a man-in-the-middle. CVE-2013-6487 (bnc#861019, bnc#878540) + Fix memory overwrite in file transfer with proxy server. CVE-2014-3775 (bnc#878540) + Minor fixes reported by Pidgin project members. libgadu-1.11.4-5.1.src.rpm libgadu-debugsource-1.11.4-5.1.i586.rpm libgadu-devel-1.11.4-5.1.i586.rpm libgadu3-1.11.4-5.1.i586.rpm libgadu3-debuginfo-1.11.4-5.1.i586.rpm libgadu-debugsource-1.11.4-5.1.x86_64.rpm libgadu-devel-1.11.4-5.1.x86_64.rpm libgadu3-1.11.4-5.1.x86_64.rpm libgadu3-debuginfo-1.11.4-5.1.x86_64.rpm 2014-56 moderate openSUSE Evergreen 11.4 Updated fix for openSUSE-SU-2014:0645-1 because of a regression that caused xmllint to break. libxml2-2.7.8-53.1.i586.rpm libxml2-2.7.8-53.1.src.rpm libxml2-32bit-2.7.8-53.1.x86_64.rpm libxml2-debuginfo-2.7.8-53.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-53.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-53.1.ia64.rpm libxml2-debugsource-2.7.8-53.1.i586.rpm libxml2-devel-2.7.8-53.1.i586.rpm libxml2-devel-32bit-2.7.8-53.1.x86_64.rpm libxml2-doc-2.7.8-53.1.noarch.rpm libxml2-x86-2.7.8-53.1.ia64.rpm libxml2-2.7.8-53.1.x86_64.rpm libxml2-debuginfo-2.7.8-53.1.x86_64.rpm libxml2-debugsource-2.7.8-53.1.x86_64.rpm libxml2-devel-2.7.8-53.1.x86_64.rpm 2014-59 important openSUSE Evergreen 11.4 gnutls was patched to fix security vulnerability that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect (CVE-2014-3466) - NULL pointer dereference in gnutls_x509_dn_oid_name (CVE-2014-3465) gnutls-2.8.6-5.29.1.i586.rpm gnutls-2.8.6-5.29.1.src.rpm gnutls-debuginfo-2.8.6-5.29.1.i586.rpm gnutls-debugsource-2.8.6-5.29.1.i586.rpm libgnutls-devel-2.8.6-5.29.1.i586.rpm libgnutls-extra-devel-2.8.6-5.29.1.i586.rpm libgnutls-extra26-2.8.6-5.29.1.i586.rpm libgnutls-extra26-debuginfo-2.8.6-5.29.1.i586.rpm libgnutls26-2.8.6-5.29.1.i586.rpm libgnutls26-32bit-2.8.6-5.29.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.29.1.i586.rpm libgnutls26-debuginfo-32bit-2.8.6-5.29.1.x86_64.rpm libgnutls26-debuginfo-x86-2.8.6-5.29.1.ia64.rpm libgnutls26-x86-2.8.6-5.29.1.ia64.rpm gnutls-2.8.6-5.29.1.x86_64.rpm gnutls-debuginfo-2.8.6-5.29.1.x86_64.rpm gnutls-debugsource-2.8.6-5.29.1.x86_64.rpm libgnutls-devel-2.8.6-5.29.1.x86_64.rpm libgnutls-extra-devel-2.8.6-5.29.1.x86_64.rpm libgnutls-extra26-2.8.6-5.29.1.x86_64.rpm libgnutls-extra26-debuginfo-2.8.6-5.29.1.x86_64.rpm libgnutls26-2.8.6-5.29.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.29.1.x86_64.rpm 2014-66 moderate openSUSE Evergreen 11.4 sendmail was updated to properly close file descriptors before executing programs. rmail-8.14.3-64.1.i586.rpm rmail-debuginfo-8.14.3-64.1.i586.rpm sendmail-8.14.4-64.1.i586.rpm sendmail-8.14.4-64.1.src.rpm sendmail-debuginfo-8.14.4-64.1.i586.rpm sendmail-debugsource-8.14.4-64.1.i586.rpm sendmail-devel-8.14.4-64.1.i586.rpm rmail-8.14.3-64.1.x86_64.rpm rmail-debuginfo-8.14.3-64.1.x86_64.rpm sendmail-8.14.4-64.1.x86_64.rpm sendmail-debuginfo-8.14.4-64.1.x86_64.rpm sendmail-debugsource-8.14.4-64.1.x86_64.rpm sendmail-devel-8.14.4-64.1.x86_64.rpm 2014-60 critical openSUSE Evergreen 11.4 The openssl library was updated to version 1.0.0m fixing various security issues and bugs: Security issues fixed: - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. - CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. - CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. - CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH ciphersuites are subject to a denial of service attack. libopenssl-devel-1.0.0m-18.53.1.i586.rpm libopenssl1_0_0-1.0.0m-18.53.1.i586.rpm libopenssl1_0_0-32bit-1.0.0m-18.53.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0m-18.53.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0m-18.53.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0m-18.53.1.ia64.rpm libopenssl1_0_0-x86-1.0.0m-18.53.1.ia64.rpm openssl-1.0.0m-18.53.1.i586.rpm openssl-1.0.0m-18.53.1.src.rpm openssl-debuginfo-1.0.0m-18.53.1.i586.rpm openssl-debugsource-1.0.0m-18.53.1.i586.rpm openssl-doc-1.0.0m-18.53.1.noarch.rpm libopenssl-devel-1.0.0m-18.53.1.x86_64.rpm libopenssl1_0_0-1.0.0m-18.53.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0m-18.53.1.x86_64.rpm openssl-1.0.0m-18.53.1.x86_64.rpm openssl-debuginfo-1.0.0m-18.53.1.x86_64.rpm openssl-debugsource-1.0.0m-18.53.1.x86_64.rpm 2012-21 important openSUSE Evergreen 11.4 - Update to version 1.2.3. * Update configure.ac to avoid autoconf 2.68 warnings, by (a) quoting the first AC_RUN_IFELSE argument, an AC_LANG_PROGRAM(), with [ ], and (b) providing an explicit "true" assumption for Berkeley DB capabilities to avoid cross-compilation warnings. * Security bugfix; (bnc#792939), Fix a heap corruption in base64 decoder on invalid input. http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01 * Added bogofilter-faq-bg.html, a Bulgarian translation of the FAQ. * Mark "Berkeley DB 5.1.19: (August 27, 2010)" supported. - Update to version 1.2.2. * Use a better PRNG for random sleeps. That is arc4random() where available, and drand48() elsewhere. * Assorted fixes for issues found with clang analyzer: + Fix a potential NULL deference + Fix a potential division by zero + Remove dead assignments and increments * Update Doxyfile and source contrib/bogogrep.c for docs, too. * Security bugfix, CVE-2010-2494: Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz &lt;plenz@cis.fu-berlin.de&gt;. Please see doc/bogofilter-SA-2010-01 for details. * Updated sendmail milter contrib/bogofilter-milter.pl to v1.?????? * Bump supported/minimum SQLite3 versions and warning threshold. See doc/README.sqlite for details. * Mark BerkeleyDB 4.8.26 and 5.0.21 supported. * Make t.maint more robust; ignore .ENCODING token. To fix test failures on, for instance, FreeBSD with unicode enabled. * Fix several compiler warnings "array subscript has type 'char'", by casting the arguments to unsigned char. * Split error messages for ENOENT and EINVAL into new function. * Avoid divison by zero in robx computation by checking if there are at least one ham message and one spam message registered. * contrib/spamitarium.pl updated to version 0.4.0 * Updated and integrated Ted Phelps's "Patch to prevent .ENCODING from being discarded by bogoutil -m" (SourceForge Patch #1743984). - remove call to suse_update_config (very old work around) - Remove redundant tags/sections from specfile - Use %_smp_mflags for parallel build bogofilter-1.2.3-12.1.i586.rpm bogofilter-1.2.3-12.1.src.rpm bogofilter-debuginfo-1.2.3-12.1.i586.rpm bogofilter-debugsource-1.2.3-12.1.i586.rpm bogofilter-1.2.3-12.1.x86_64.rpm bogofilter-debuginfo-1.2.3-12.1.x86_64.rpm bogofilter-debugsource-1.2.3-12.1.x86_64.rpm 2014-62 moderate openSUSE Evergreen 11.4 php5 was updated to fix several security issues. These issues were fixed: * Performance degradation by too many file_printf calls (CVE-2014-0237) * DoS in Fileinfo component (CVE-2014-0238) * NULL pointer dereference in GD XPM decoder (CVE-2014-2497) * Privilege escalation due to insecure default config (CVE-2014-0185) apache2-mod_php5-5.3.5-363.2.i586.rpm apache2-mod_php5-debuginfo-5.3.5-363.2.i586.rpm php5-5.3.5-363.2.i586.rpm php5-5.3.5-363.2.src.rpm php5-bcmath-5.3.5-363.2.i586.rpm php5-bcmath-debuginfo-5.3.5-363.2.i586.rpm php5-bz2-5.3.5-363.2.i586.rpm php5-bz2-debuginfo-5.3.5-363.2.i586.rpm php5-calendar-5.3.5-363.2.i586.rpm php5-calendar-debuginfo-5.3.5-363.2.i586.rpm php5-ctype-5.3.5-363.2.i586.rpm php5-ctype-debuginfo-5.3.5-363.2.i586.rpm php5-curl-5.3.5-363.2.i586.rpm php5-curl-debuginfo-5.3.5-363.2.i586.rpm php5-dba-5.3.5-363.2.i586.rpm php5-dba-debuginfo-5.3.5-363.2.i586.rpm php5-debuginfo-5.3.5-363.2.i586.rpm php5-debugsource-5.3.5-363.2.i586.rpm php5-devel-5.3.5-363.2.i586.rpm php5-dom-5.3.5-363.2.i586.rpm php5-dom-debuginfo-5.3.5-363.2.i586.rpm php5-enchant-5.3.5-363.2.i586.rpm php5-enchant-debuginfo-5.3.5-363.2.i586.rpm php5-exif-5.3.5-363.2.i586.rpm php5-exif-debuginfo-5.3.5-363.2.i586.rpm php5-fastcgi-5.3.5-363.2.i586.rpm php5-fastcgi-debuginfo-5.3.5-363.2.i586.rpm php5-fileinfo-5.3.5-363.2.i586.rpm php5-fileinfo-debuginfo-5.3.5-363.2.i586.rpm php5-fpm-5.3.5-363.2.i586.rpm php5-fpm-debuginfo-5.3.5-363.2.i586.rpm php5-ftp-5.3.5-363.2.i586.rpm php5-ftp-debuginfo-5.3.5-363.2.i586.rpm php5-gd-5.3.5-363.2.i586.rpm php5-gd-debuginfo-5.3.5-363.2.i586.rpm php5-gettext-5.3.5-363.2.i586.rpm php5-gettext-debuginfo-5.3.5-363.2.i586.rpm php5-gmp-5.3.5-363.2.i586.rpm php5-gmp-debuginfo-5.3.5-363.2.i586.rpm php5-hash-5.3.5-363.2.i586.rpm php5-hash-debuginfo-5.3.5-363.2.i586.rpm php5-iconv-5.3.5-363.2.i586.rpm php5-iconv-debuginfo-5.3.5-363.2.i586.rpm php5-imap-5.3.5-363.2.i586.rpm php5-imap-debuginfo-5.3.5-363.2.i586.rpm php5-intl-5.3.5-363.2.i586.rpm php5-intl-debuginfo-5.3.5-363.2.i586.rpm php5-json-5.3.5-363.2.i586.rpm php5-json-debuginfo-5.3.5-363.2.i586.rpm php5-ldap-5.3.5-363.2.i586.rpm php5-ldap-debuginfo-5.3.5-363.2.i586.rpm php5-mbstring-5.3.5-363.2.i586.rpm php5-mbstring-debuginfo-5.3.5-363.2.i586.rpm php5-mcrypt-5.3.5-363.2.i586.rpm php5-mcrypt-debuginfo-5.3.5-363.2.i586.rpm php5-mysql-5.3.5-363.2.i586.rpm php5-mysql-debuginfo-5.3.5-363.2.i586.rpm php5-odbc-5.3.5-363.2.i586.rpm php5-odbc-debuginfo-5.3.5-363.2.i586.rpm php5-openssl-5.3.5-363.2.i586.rpm php5-openssl-debuginfo-5.3.5-363.2.i586.rpm php5-pcntl-5.3.5-363.2.i586.rpm php5-pcntl-debuginfo-5.3.5-363.2.i586.rpm php5-pdo-5.3.5-363.2.i586.rpm php5-pdo-debuginfo-5.3.5-363.2.i586.rpm php5-pear-5.3.5-363.2.noarch.rpm php5-pgsql-5.3.5-363.2.i586.rpm php5-pgsql-debuginfo-5.3.5-363.2.i586.rpm php5-phar-5.3.5-363.2.i586.rpm php5-phar-debuginfo-5.3.5-363.2.i586.rpm php5-posix-5.3.5-363.2.i586.rpm php5-posix-debuginfo-5.3.5-363.2.i586.rpm php5-pspell-5.3.5-363.2.i586.rpm php5-pspell-debuginfo-5.3.5-363.2.i586.rpm php5-readline-5.3.5-363.2.i586.rpm php5-readline-debuginfo-5.3.5-363.2.i586.rpm php5-shmop-5.3.5-363.2.i586.rpm php5-shmop-debuginfo-5.3.5-363.2.i586.rpm php5-snmp-5.3.5-363.2.i586.rpm php5-snmp-debuginfo-5.3.5-363.2.i586.rpm php5-soap-5.3.5-363.2.i586.rpm php5-soap-debuginfo-5.3.5-363.2.i586.rpm php5-sockets-5.3.5-363.2.i586.rpm php5-sockets-debuginfo-5.3.5-363.2.i586.rpm php5-sqlite-5.3.5-363.2.i586.rpm php5-sqlite-debuginfo-5.3.5-363.2.i586.rpm php5-suhosin-5.3.5-363.2.i586.rpm php5-suhosin-debuginfo-5.3.5-363.2.i586.rpm php5-sysvmsg-5.3.5-363.2.i586.rpm php5-sysvmsg-debuginfo-5.3.5-363.2.i586.rpm php5-sysvsem-5.3.5-363.2.i586.rpm php5-sysvsem-debuginfo-5.3.5-363.2.i586.rpm php5-sysvshm-5.3.5-363.2.i586.rpm php5-sysvshm-debuginfo-5.3.5-363.2.i586.rpm php5-tidy-5.3.5-363.2.i586.rpm php5-tidy-debuginfo-5.3.5-363.2.i586.rpm php5-tokenizer-5.3.5-363.2.i586.rpm php5-tokenizer-debuginfo-5.3.5-363.2.i586.rpm php5-wddx-5.3.5-363.2.i586.rpm php5-wddx-debuginfo-5.3.5-363.2.i586.rpm php5-xmlreader-5.3.5-363.2.i586.rpm php5-xmlreader-debuginfo-5.3.5-363.2.i586.rpm php5-xmlrpc-5.3.5-363.2.i586.rpm php5-xmlrpc-debuginfo-5.3.5-363.2.i586.rpm php5-xmlwriter-5.3.5-363.2.i586.rpm php5-xmlwriter-debuginfo-5.3.5-363.2.i586.rpm php5-xsl-5.3.5-363.2.i586.rpm php5-xsl-debuginfo-5.3.5-363.2.i586.rpm php5-zip-5.3.5-363.2.i586.rpm php5-zip-debuginfo-5.3.5-363.2.i586.rpm php5-zlib-5.3.5-363.2.i586.rpm php5-zlib-debuginfo-5.3.5-363.2.i586.rpm apache2-mod_php5-5.3.5-363.2.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-363.2.x86_64.rpm php5-5.3.5-363.2.x86_64.rpm php5-bcmath-5.3.5-363.2.x86_64.rpm php5-bcmath-debuginfo-5.3.5-363.2.x86_64.rpm php5-bz2-5.3.5-363.2.x86_64.rpm php5-bz2-debuginfo-5.3.5-363.2.x86_64.rpm php5-calendar-5.3.5-363.2.x86_64.rpm php5-calendar-debuginfo-5.3.5-363.2.x86_64.rpm php5-ctype-5.3.5-363.2.x86_64.rpm php5-ctype-debuginfo-5.3.5-363.2.x86_64.rpm php5-curl-5.3.5-363.2.x86_64.rpm php5-curl-debuginfo-5.3.5-363.2.x86_64.rpm php5-dba-5.3.5-363.2.x86_64.rpm php5-dba-debuginfo-5.3.5-363.2.x86_64.rpm php5-debuginfo-5.3.5-363.2.x86_64.rpm php5-debugsource-5.3.5-363.2.x86_64.rpm php5-devel-5.3.5-363.2.x86_64.rpm php5-dom-5.3.5-363.2.x86_64.rpm php5-dom-debuginfo-5.3.5-363.2.x86_64.rpm php5-enchant-5.3.5-363.2.x86_64.rpm php5-enchant-debuginfo-5.3.5-363.2.x86_64.rpm php5-exif-5.3.5-363.2.x86_64.rpm php5-exif-debuginfo-5.3.5-363.2.x86_64.rpm php5-fastcgi-5.3.5-363.2.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-363.2.x86_64.rpm php5-fileinfo-5.3.5-363.2.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-363.2.x86_64.rpm php5-fpm-5.3.5-363.2.x86_64.rpm php5-fpm-debuginfo-5.3.5-363.2.x86_64.rpm php5-ftp-5.3.5-363.2.x86_64.rpm php5-ftp-debuginfo-5.3.5-363.2.x86_64.rpm php5-gd-5.3.5-363.2.x86_64.rpm php5-gd-debuginfo-5.3.5-363.2.x86_64.rpm php5-gettext-5.3.5-363.2.x86_64.rpm php5-gettext-debuginfo-5.3.5-363.2.x86_64.rpm php5-gmp-5.3.5-363.2.x86_64.rpm php5-gmp-debuginfo-5.3.5-363.2.x86_64.rpm php5-hash-5.3.5-363.2.x86_64.rpm php5-hash-debuginfo-5.3.5-363.2.x86_64.rpm php5-iconv-5.3.5-363.2.x86_64.rpm php5-iconv-debuginfo-5.3.5-363.2.x86_64.rpm php5-imap-5.3.5-363.2.x86_64.rpm php5-imap-debuginfo-5.3.5-363.2.x86_64.rpm php5-intl-5.3.5-363.2.x86_64.rpm php5-intl-debuginfo-5.3.5-363.2.x86_64.rpm php5-json-5.3.5-363.2.x86_64.rpm php5-json-debuginfo-5.3.5-363.2.x86_64.rpm php5-ldap-5.3.5-363.2.x86_64.rpm php5-ldap-debuginfo-5.3.5-363.2.x86_64.rpm php5-mbstring-5.3.5-363.2.x86_64.rpm php5-mbstring-debuginfo-5.3.5-363.2.x86_64.rpm php5-mcrypt-5.3.5-363.2.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-363.2.x86_64.rpm php5-mysql-5.3.5-363.2.x86_64.rpm php5-mysql-debuginfo-5.3.5-363.2.x86_64.rpm php5-odbc-5.3.5-363.2.x86_64.rpm php5-odbc-debuginfo-5.3.5-363.2.x86_64.rpm php5-openssl-5.3.5-363.2.x86_64.rpm php5-openssl-debuginfo-5.3.5-363.2.x86_64.rpm php5-pcntl-5.3.5-363.2.x86_64.rpm php5-pcntl-debuginfo-5.3.5-363.2.x86_64.rpm php5-pdo-5.3.5-363.2.x86_64.rpm php5-pdo-debuginfo-5.3.5-363.2.x86_64.rpm php5-pgsql-5.3.5-363.2.x86_64.rpm php5-pgsql-debuginfo-5.3.5-363.2.x86_64.rpm php5-phar-5.3.5-363.2.x86_64.rpm php5-phar-debuginfo-5.3.5-363.2.x86_64.rpm php5-posix-5.3.5-363.2.x86_64.rpm php5-posix-debuginfo-5.3.5-363.2.x86_64.rpm php5-pspell-5.3.5-363.2.x86_64.rpm php5-pspell-debuginfo-5.3.5-363.2.x86_64.rpm php5-readline-5.3.5-363.2.x86_64.rpm php5-readline-debuginfo-5.3.5-363.2.x86_64.rpm php5-shmop-5.3.5-363.2.x86_64.rpm php5-shmop-debuginfo-5.3.5-363.2.x86_64.rpm php5-snmp-5.3.5-363.2.x86_64.rpm php5-snmp-debuginfo-5.3.5-363.2.x86_64.rpm php5-soap-5.3.5-363.2.x86_64.rpm php5-soap-debuginfo-5.3.5-363.2.x86_64.rpm php5-sockets-5.3.5-363.2.x86_64.rpm php5-sockets-debuginfo-5.3.5-363.2.x86_64.rpm php5-sqlite-5.3.5-363.2.x86_64.rpm php5-sqlite-debuginfo-5.3.5-363.2.x86_64.rpm php5-suhosin-5.3.5-363.2.x86_64.rpm php5-suhosin-debuginfo-5.3.5-363.2.x86_64.rpm php5-sysvmsg-5.3.5-363.2.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-363.2.x86_64.rpm php5-sysvsem-5.3.5-363.2.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-363.2.x86_64.rpm php5-sysvshm-5.3.5-363.2.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-363.2.x86_64.rpm php5-tidy-5.3.5-363.2.x86_64.rpm php5-tidy-debuginfo-5.3.5-363.2.x86_64.rpm php5-tokenizer-5.3.5-363.2.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-363.2.x86_64.rpm php5-wddx-5.3.5-363.2.x86_64.rpm php5-wddx-debuginfo-5.3.5-363.2.x86_64.rpm php5-xmlreader-5.3.5-363.2.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-363.2.x86_64.rpm php5-xmlrpc-5.3.5-363.2.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-363.2.x86_64.rpm php5-xmlwriter-5.3.5-363.2.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-363.2.x86_64.rpm php5-xsl-5.3.5-363.2.x86_64.rpm php5-xsl-debuginfo-5.3.5-363.2.x86_64.rpm php5-zip-5.3.5-363.2.x86_64.rpm php5-zip-debuginfo-5.3.5-363.2.x86_64.rpm php5-zlib-5.3.5-363.2.x86_64.rpm php5-zlib-debuginfo-5.3.5-363.2.x86_64.rpm 2014-63 moderate openSUSE Evergreen 11.4 ca-certificates-mozilla was updated to match the current Mozilla NSS storage, version 1.97, changes done: new: "Atos TrustedRoot 2011" (codeSigning emailProtection serverAuth) new: "Tugra Certification Authority" (codeSigning serverAuth) removed: "Firmaprofesional Root CA" removed: "TDC OCES Root CA" new: "TeliaSonera Root CA v1" (emailProtection serverAuth) new: "T-TeleSec GlobalRoot Class 2" (emailProtection serverAuth) ca-certificates-mozilla-1.97-25.1.noarch.rpm ca-certificates-mozilla-1.97-25.1.src.rpm 2014-64 critical openSUSE Evergreen 11.4 These updates contain the latest security and maintenance updates for - Mozilla Firefox 24.6esr - Mozilla Thunderbird 24.6 - Mozilla NSPR is also updated to 4.10.6 to fix * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534 Miscellaneous memory safety hazards * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538 Use-after-free and out of bounds issues found using Address Sanitizer * MFSA 2014-52/CVE-2014-1541 Use-after-free with SMIL Animation Controller * MFSA 2014-55/CVE-2014-1545 Out of bounds write in NSPR MozillaFirefox-24.6.0-115.1.i586.rpm MozillaFirefox-24.6.0-115.1.src.rpm MozillaFirefox-branding-upstream-24.6.0-115.1.i586.rpm MozillaFirefox-buildsymbols-24.6.0-115.1.i586.rpm MozillaFirefox-debuginfo-24.6.0-115.1.i586.rpm MozillaFirefox-debugsource-24.6.0-115.1.i586.rpm MozillaFirefox-devel-24.6.0-115.1.i586.rpm MozillaFirefox-translations-common-24.6.0-115.1.i586.rpm MozillaFirefox-translations-other-24.6.0-115.1.i586.rpm MozillaThunderbird-24.6.0-97.1.i586.rpm MozillaThunderbird-24.6.0-97.1.src.rpm MozillaThunderbird-buildsymbols-24.6.0-97.1.i586.rpm MozillaThunderbird-debuginfo-24.6.0-97.1.i586.rpm MozillaThunderbird-debugsource-24.6.0-97.1.i586.rpm MozillaThunderbird-devel-24.6.0-97.1.i586.rpm MozillaThunderbird-translations-common-24.6.0-97.1.i586.rpm MozillaThunderbird-translations-other-24.6.0-97.1.i586.rpm enigmail-1.6.0+24.6.0-97.1.i586.rpm mozilla-nspr-32bit-4.10.6-44.1.x86_64.rpm mozilla-nspr-4.10.6-44.1.i586.rpm mozilla-nspr-4.10.6-44.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.6-44.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.6-44.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.6-44.1.ia64.rpm mozilla-nspr-debugsource-4.10.6-44.1.i586.rpm mozilla-nspr-devel-4.10.6-44.1.i586.rpm mozilla-nspr-x86-4.10.6-44.1.ia64.rpm MozillaFirefox-24.6.0-115.1.x86_64.rpm MozillaFirefox-branding-upstream-24.6.0-115.1.x86_64.rpm MozillaFirefox-buildsymbols-24.6.0-115.1.x86_64.rpm MozillaFirefox-debuginfo-24.6.0-115.1.x86_64.rpm MozillaFirefox-debugsource-24.6.0-115.1.x86_64.rpm MozillaFirefox-devel-24.6.0-115.1.x86_64.rpm MozillaFirefox-translations-common-24.6.0-115.1.x86_64.rpm MozillaFirefox-translations-other-24.6.0-115.1.x86_64.rpm MozillaThunderbird-24.6.0-97.1.x86_64.rpm MozillaThunderbird-buildsymbols-24.6.0-97.1.x86_64.rpm MozillaThunderbird-debuginfo-24.6.0-97.1.x86_64.rpm MozillaThunderbird-debugsource-24.6.0-97.1.x86_64.rpm MozillaThunderbird-devel-24.6.0-97.1.x86_64.rpm MozillaThunderbird-translations-common-24.6.0-97.1.x86_64.rpm MozillaThunderbird-translations-other-24.6.0-97.1.x86_64.rpm enigmail-1.6.0+24.6.0-97.1.x86_64.rpm mozilla-nspr-4.10.6-44.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.6-44.1.x86_64.rpm mozilla-nspr-debugsource-4.10.6-44.1.x86_64.rpm mozilla-nspr-devel-4.10.6-44.1.x86_64.rpm 2014-65 moderate openSUSE Evergreen 11.4 flash-player was updated to version 11.2.202.378 to fix six security issues. These security issues were fixed: - Cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533). - Security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535). - A memory corruption vulner flash-player-11.2.202.378-115.1.i586.rpm flash-player-11.2.202.378-115.1.nosrc.rpm flash-player-gnome-11.2.202.378-115.1.i586.rpm flash-player-kde4-11.2.202.378-115.1.i586.rpm flash-player-11.2.202.378-115.1.x86_64.rpm flash-player-gnome-11.2.202.378-115.1.x86_64.rpm flash-player-kde4-11.2.202.378-115.1.x86_64.rpm 2014-68 moderate openSUSE Evergreen 11.4 dbus-1 was updated to fix a possible DoS (CVE-2014-3477). dbus-1-x11-1.4.1-7.35.1.i586.rpm dbus-1-x11-1.4.1-7.35.1.src.rpm dbus-1-x11-debuginfo-1.4.1-7.35.1.i586.rpm dbus-1-x11-debugsource-1.4.1-7.35.1.i586.rpm dbus-1-1.4.1-7.35.1.i586.rpm dbus-1-1.4.1-7.35.1.src.rpm dbus-1-32bit-1.4.1-7.35.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.35.1.i586.rpm dbus-1-debuginfo-32bit-1.4.1-7.35.1.x86_64.rpm dbus-1-debuginfo-x86-1.4.1-7.35.1.ia64.rpm dbus-1-debugsource-1.4.1-7.35.1.i586.rpm dbus-1-devel-1.4.1-7.35.1.i586.rpm dbus-1-devel-32bit-1.4.1-7.35.1.x86_64.rpm dbus-1-devel-doc-1.4.1-7.35.1.noarch.rpm dbus-1-x86-1.4.1-7.35.1.ia64.rpm dbus-1-x11-1.4.1-7.35.1.x86_64.rpm dbus-1-x11-debuginfo-1.4.1-7.35.1.x86_64.rpm dbus-1-x11-debugsource-1.4.1-7.35.1.x86_64.rpm dbus-1-1.4.1-7.35.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.35.1.x86_64.rpm dbus-1-debugsource-1.4.1-7.35.1.x86_64.rpm dbus-1-devel-1.4.1-7.35.1.x86_64.rpm 2014-67 low openSUSE Evergreen 11.4 Wireshark was updated to version 1.8.15 fixing following bug: *Tshark with "-F libpcap" still generates a pcapng file. *IPv6 Next Header 0x3d recognized as SHIM6. *Pcap-ng PB/EPB with caplen > len shouldn’t be treated as an error. *TCAP: set a fence on info column after calling sub dissector. *Wireshark PEEKREMOTE incorrectly decoding QoS data packets from Cisco Sniffer APs. *IEEE 802.11: fix dissection of HT Capabilities *Lua: trying to get/access a Preference before its registered causes a segfault *Some value_string strings contain newlines. *Tighten the NO_MORE_DATA_CHECK macros (Bug wireshark-1.8.15-73.1.i586.rpm wireshark-1.8.15-73.1.src.rpm wireshark-debuginfo-1.8.15-73.1.i586.rpm wireshark-debugsource-1.8.15-73.1.i586.rpm wireshark-devel-1.8.15-73.1.i586.rpm wireshark-1.8.15-73.1.x86_64.rpm wireshark-debuginfo-1.8.15-73.1.x86_64.rpm wireshark-debugsource-1.8.15-73.1.x86_64.rpm wireshark-devel-1.8.15-73.1.x86_64.rpm 2014-69 important openSUSE Evergreen 11.4 kernel update for Evergreen 11.4 fixes local privilege escalation in futex code (bnc#880892 / CVE-2014-3153) and a regression causing a crash if IPsec peer is unavailable kernel-debug-3.0.101-87.1.i586.rpm True kernel-debug-3.0.101-87.1.nosrc.rpm True kernel-debug-base-3.0.101-87.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-debug-debuginfo-3.0.101-87.1.i586.rpm True kernel-debug-debugsource-3.0.101-87.1.i586.rpm True kernel-debug-devel-3.0.101-87.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-debug-hmac-3.0.101-87.1.i586.rpm True kernel-default-3.0.101-87.1.i586.rpm True kernel-default-3.0.101-87.1.nosrc.rpm True kernel-default-base-3.0.101-87.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-default-debuginfo-3.0.101-87.1.i586.rpm True kernel-default-debugsource-3.0.101-87.1.i586.rpm True kernel-default-devel-3.0.101-87.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-default-hmac-3.0.101-87.1.i586.rpm True kernel-desktop-3.0.101-87.1.i586.rpm True kernel-desktop-3.0.101-87.1.nosrc.rpm True kernel-desktop-base-3.0.101-87.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-87.1.i586.rpm True kernel-desktop-debugsource-3.0.101-87.1.i586.rpm True kernel-desktop-devel-3.0.101-87.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-desktop-hmac-3.0.101-87.1.i586.rpm True kernel-docs-3.0.101-87.2.noarch.rpm True kernel-docs-3.0.101-87.2.src.rpm True kernel-ec2-3.0.101-87.1.i586.rpm True kernel-ec2-3.0.101-87.1.nosrc.rpm True kernel-ec2-base-3.0.101-87.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-87.1.i586.rpm True kernel-ec2-debugsource-3.0.101-87.1.i586.rpm True kernel-ec2-devel-3.0.101-87.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-ec2-extra-3.0.101-87.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-87.1.i586.rpm True kernel-ec2-hmac-3.0.101-87.1.i586.rpm True kernel-pae-3.0.101-87.1.i586.rpm True kernel-pae-3.0.101-87.1.nosrc.rpm True kernel-pae-base-3.0.101-87.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-pae-debuginfo-3.0.101-87.1.i586.rpm True kernel-pae-debugsource-3.0.101-87.1.i586.rpm True kernel-pae-devel-3.0.101-87.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-pae-hmac-3.0.101-87.1.i586.rpm True kernel-source-3.0.101-87.1.i586.rpm True kernel-source-3.0.101-87.1.src.rpm True kernel-source-vanilla-3.0.101-87.1.i586.rpm True kernel-syms-3.0.101-87.1.i586.rpm True kernel-syms-3.0.101-87.1.src.rpm True kernel-trace-3.0.101-87.1.i586.rpm True kernel-trace-3.0.101-87.1.nosrc.rpm True kernel-trace-base-3.0.101-87.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-trace-debuginfo-3.0.101-87.1.i586.rpm True kernel-trace-debugsource-3.0.101-87.1.i586.rpm True kernel-trace-devel-3.0.101-87.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-trace-hmac-3.0.101-87.1.i586.rpm True kernel-vanilla-3.0.101-87.1.i586.rpm True kernel-vanilla-3.0.101-87.1.nosrc.rpm True kernel-vanilla-base-3.0.101-87.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-87.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-87.1.i586.rpm True kernel-vanilla-devel-3.0.101-87.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-vanilla-hmac-3.0.101-87.1.i586.rpm True kernel-vmi-3.0.101-87.1.i586.rpm True kernel-vmi-3.0.101-87.1.nosrc.rpm True kernel-vmi-base-3.0.101-87.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-87.1.i586.rpm True kernel-vmi-debugsource-3.0.101-87.1.i586.rpm True kernel-vmi-devel-3.0.101-87.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-vmi-hmac-3.0.101-87.1.i586.rpm True kernel-xen-3.0.101-87.1.i586.rpm True kernel-xen-3.0.101-87.1.nosrc.rpm True kernel-xen-base-3.0.101-87.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-87.1.i586.rpm True kernel-xen-debuginfo-3.0.101-87.1.i586.rpm True kernel-xen-debugsource-3.0.101-87.1.i586.rpm True kernel-xen-devel-3.0.101-87.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-87.1.i586.rpm True kernel-xen-hmac-3.0.101-87.1.i586.rpm True preload-1.2-6.65.1.i586.rpm True preload-1.2-6.65.1.src.rpm True preload-debuginfo-1.2-6.65.1.i586.rpm True preload-debugsource-1.2-6.65.1.i586.rpm True preload-kmp-default-1.2_3.0.101_87-6.65.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_87-6.65.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_87-6.65.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_87-6.65.1.i586.rpm True kernel-debug-3.0.101-87.1.x86_64.rpm True kernel-debug-base-3.0.101-87.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-87.1.x86_64.rpm True kernel-debug-devel-3.0.101-87.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-debug-hmac-3.0.101-87.1.x86_64.rpm True kernel-default-3.0.101-87.1.x86_64.rpm True kernel-default-base-3.0.101-87.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-default-debugsource-3.0.101-87.1.x86_64.rpm True kernel-default-devel-3.0.101-87.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-default-hmac-3.0.101-87.1.x86_64.rpm True kernel-desktop-3.0.101-87.1.x86_64.rpm True kernel-desktop-base-3.0.101-87.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-87.1.x86_64.rpm True kernel-desktop-devel-3.0.101-87.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-87.1.x86_64.rpm True kernel-ec2-3.0.101-87.1.x86_64.rpm True kernel-ec2-base-3.0.101-87.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-87.1.x86_64.rpm True kernel-ec2-devel-3.0.101-87.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-ec2-extra-3.0.101-87.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-87.1.x86_64.rpm True kernel-source-3.0.101-87.1.x86_64.rpm True kernel-source-vanilla-3.0.101-87.1.x86_64.rpm True kernel-syms-3.0.101-87.1.x86_64.rpm True kernel-trace-3.0.101-87.1.x86_64.rpm True kernel-trace-base-3.0.101-87.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-87.1.x86_64.rpm True kernel-trace-devel-3.0.101-87.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-trace-hmac-3.0.101-87.1.x86_64.rpm True kernel-vanilla-3.0.101-87.1.x86_64.rpm True kernel-vanilla-base-3.0.101-87.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-87.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-87.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-87.1.x86_64.rpm True kernel-xen-3.0.101-87.1.x86_64.rpm True kernel-xen-base-3.0.101-87.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-87.1.x86_64.rpm True kernel-xen-devel-3.0.101-87.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-87.1.x86_64.rpm True kernel-xen-hmac-3.0.101-87.1.x86_64.rpm True preload-1.2-6.65.1.x86_64.rpm True preload-debuginfo-1.2-6.65.1.x86_64.rpm True preload-debugsource-1.2-6.65.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_87-6.65.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_87-6.65.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_87-6.65.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_87-6.65.1.x86_64.rpm True 2014-70 critical openSUSE Evergreen 11.4 - Security update to 11.2.202.394 (bnc#886472): * APSB14-17, CVE-2014-0537, CVE-2014-0539, CVE-2014-4671 - License update (LICENSE -> Flash%20Player_14.0.pdf). flash-player-11.2.202.394-119.1.i586.rpm flash-player-11.2.202.394-119.1.nosrc.rpm flash-player-gnome-11.2.202.394-119.1.i586.rpm flash-player-kde4-11.2.202.394-119.1.i586.rpm flash-player-11.2.202.394-119.1.x86_64.rpm flash-player-gnome-11.2.202.394-119.1.x86_64.rpm flash-player-kde4-11.2.202.394-119.1.x86_64.rpm 2014-76 important openSUSE Evergreen 11.4 update to Firefox 24.7.0 and Thunderbird 24.7.0 including fixes for * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards * MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free with FireOnStateChange event * MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable WebGL crash with Cesium JavaScript library * MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free while when manipulating certificates in the trusted cache (solved with NSS 3.16.2 requirement) * MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia library when scaling high quality images - require NSS 3.16.2 MozillaFirefox-24.7.0-119.1.i586.rpm MozillaFirefox-24.7.0-119.1.src.rpm MozillaFirefox-branding-upstream-24.7.0-119.1.i586.rpm MozillaFirefox-buildsymbols-24.7.0-119.1.i586.rpm MozillaFirefox-debuginfo-24.7.0-119.1.i586.rpm MozillaFirefox-debugsource-24.7.0-119.1.i586.rpm MozillaFirefox-devel-24.7.0-119.1.i586.rpm MozillaFirefox-translations-common-24.7.0-119.1.i586.rpm MozillaFirefox-translations-other-24.7.0-119.1.i586.rpm MozillaThunderbird-24.7.0-101.1.i586.rpm MozillaThunderbird-24.7.0-101.1.src.rpm MozillaThunderbird-buildsymbols-24.7.0-101.1.i586.rpm MozillaThunderbird-debuginfo-24.7.0-101.1.i586.rpm MozillaThunderbird-debugsource-24.7.0-101.1.i586.rpm MozillaThunderbird-devel-24.7.0-101.1.i586.rpm MozillaThunderbird-translations-common-24.7.0-101.1.i586.rpm MozillaThunderbird-translations-other-24.7.0-101.1.i586.rpm enigmail-1.7-2.1.i586.rpm enigmail-1.7-2.1.src.rpm enigmail-debuginfo-1.7-2.1.i586.rpm enigmail-debugsource-1.7-2.1.i586.rpm libfreebl3-3.16.3-86.1.i586.rpm libfreebl3-32bit-3.16.3-86.1.x86_64.rpm libfreebl3-debuginfo-3.16.3-86.1.i586.rpm libfreebl3-debuginfo-32bit-3.16.3-86.1.x86_64.rpm libfreebl3-debuginfo-x86-3.16.3-86.1.ia64.rpm libfreebl3-x86-3.16.3-86.1.ia64.rpm libsoftokn3-3.16.3-86.1.i586.rpm libsoftokn3-32bit-3.16.3-86.1.x86_64.rpm libsoftokn3-debuginfo-3.16.3-86.1.i586.rpm libsoftokn3-debuginfo-32bit-3.16.3-86.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.16.3-86.1.ia64.rpm libsoftokn3-x86-3.16.3-86.1.ia64.rpm mozilla-nss-3.16.3-86.1.i586.rpm mozilla-nss-3.16.3-86.1.src.rpm mozilla-nss-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-certs-3.16.3-86.1.i586.rpm mozilla-nss-certs-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.3-86.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.16.3-86.1.ia64.rpm mozilla-nss-certs-x86-3.16.3-86.1.ia64.rpm mozilla-nss-debuginfo-3.16.3-86.1.i586.rpm mozilla-nss-debuginfo-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.16.3-86.1.ia64.rpm mozilla-nss-debugsource-3.16.3-86.1.i586.rpm mozilla-nss-devel-3.16.3-86.1.i586.rpm mozilla-nss-sysinit-3.16.3-86.1.i586.rpm mozilla-nss-sysinit-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.3-86.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.16.3-86.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.16.3-86.1.ia64.rpm mozilla-nss-sysinit-x86-3.16.3-86.1.ia64.rpm mozilla-nss-tools-3.16.3-86.1.i586.rpm mozilla-nss-tools-debuginfo-3.16.3-86.1.i586.rpm mozilla-nss-x86-3.16.3-86.1.ia64.rpm MozillaFirefox-24.7.0-119.1.x86_64.rpm MozillaFirefox-branding-upstream-24.7.0-119.1.x86_64.rpm MozillaFirefox-buildsymbols-24.7.0-119.1.x86_64.rpm MozillaFirefox-debuginfo-24.7.0-119.1.x86_64.rpm MozillaFirefox-debugsource-24.7.0-119.1.x86_64.rpm MozillaFirefox-devel-24.7.0-119.1.x86_64.rpm MozillaFirefox-translations-common-24.7.0-119.1.x86_64.rpm MozillaFirefox-translations-other-24.7.0-119.1.x86_64.rpm MozillaThunderbird-24.7.0-101.1.x86_64.rpm MozillaThunderbird-buildsymbols-24.7.0-101.1.x86_64.rpm MozillaThunderbird-debuginfo-24.7.0-101.1.x86_64.rpm MozillaThunderbird-debugsource-24.7.0-101.1.x86_64.rpm MozillaThunderbird-devel-24.7.0-101.1.x86_64.rpm MozillaThunderbird-translations-common-24.7.0-101.1.x86_64.rpm MozillaThunderbird-translations-other-24.7.0-101.1.x86_64.rpm enigmail-1.7-2.1.x86_64.rpm enigmail-debuginfo-1.7-2.1.x86_64.rpm enigmail-debugsource-1.7-2.1.x86_64.rpm libfreebl3-3.16.3-86.1.x86_64.rpm libfreebl3-debuginfo-3.16.3-86.1.x86_64.rpm libsoftokn3-3.16.3-86.1.x86_64.rpm libsoftokn3-debuginfo-3.16.3-86.1.x86_64.rpm mozilla-nss-3.16.3-86.1.x86_64.rpm mozilla-nss-certs-3.16.3-86.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.3-86.1.x86_64.rpm mozilla-nss-debuginfo-3.16.3-86.1.x86_64.rpm mozilla-nss-debugsource-3.16.3-86.1.x86_64.rpm mozilla-nss-devel-3.16.3-86.1.x86_64.rpm mozilla-nss-sysinit-3.16.3-86.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.3-86.1.x86_64.rpm mozilla-nss-tools-3.16.3-86.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.16.3-86.1.x86_64.rpm 2014-73 moderate openSUSE Evergreen 11.4 This release of Exim includes one incompatible fix: the behavior of expansion of arguments to math comparison functions (<, <=, =, =>, >) was unexpected, expanding the values twice; CVE-2014-2972; (bnc#888520). This update also addresses CVE-2012-5671, CVE-2014-2957, and the bugs 764120 and 888520. exim-4.83-27.1.i586.rpm exim-4.83-27.1.src.rpm exim-debuginfo-4.83-27.1.i586.rpm exim-debugsource-4.83-27.1.i586.rpm eximon-4.83-27.1.i586.rpm eximon-debuginfo-4.83-27.1.i586.rpm eximstats-html-4.83-27.1.i586.rpm exim-4.83-27.1.x86_64.rpm exim-debuginfo-4.83-27.1.x86_64.rpm exim-debugsource-4.83-27.1.x86_64.rpm eximon-4.83-27.1.x86_64.rpm eximon-debuginfo-4.83-27.1.x86_64.rpm eximstats-html-4.83-27.1.x86_64.rpm 2012-18 moderate openSUSE Evergreen 11.4 This update fixes the following issues for wireshark: - Security update to 1.8.4: https://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html http://seclists.org/oss-sec/2012/q4/378 CVE-2012-5592 Wireshark #1 pcap-ng hostname disclosure (wnpa-sec-2012-30) CVE-2012-5593 Wireshark #2 DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31) CVE-2012-5594 Wireshark #3 DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32) CVE-2012-5595 Wireshark #4 DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33) CVE-2012-5596 Wireshark #5 DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34) CVE-2012-5597 Wireshark #6 DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35) CVE-2012-5598 Wireshark #7 DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36) CVE-2012-5599 Wireshark #8 DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37) CVE-2012-5600 Wireshark #9 DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38) CVE-2012-5601 Wireshark #10 DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39) CVE-2012-5602 Wireshark #11 DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40) And also the bugfix: - bnc#780669: change wireshark.spec BuildRequires lua-devel to lua51-devel to fix lua-support in openSUSE 12.2 wireshark-1.8.4-33.1.i586.rpm wireshark-1.8.4-33.1.src.rpm wireshark-debuginfo-1.8.4-33.1.i586.rpm wireshark-debugsource-1.8.4-33.1.i586.rpm wireshark-devel-1.8.4-33.1.i586.rpm wireshark-1.8.4-33.1.x86_64.rpm wireshark-debuginfo-1.8.4-33.1.x86_64.rpm wireshark-debugsource-1.8.4-33.1.x86_64.rpm wireshark-devel-1.8.4-33.1.x86_64.rpm 2014-74 moderate openSUSE Evergreen 11.4 This update introduces Server Name Indication support to mod_nss, which was not available previously. In addition to SNI, GCM ciphers have been added to the cipher list of mod_nss. A bug was corrected that prevented the entry of the certificate store passphrase if such a passphrase was set. Please note that the configuration presets were slightly changed so that the new ciphers are preferred (NSSCipherSuite directive), and the VirtualHost directive is now contained in /etc/apache2/vhosts.d/vhost-nss.templace (not used by apache because not named *.conf). apache2-mod_nss-1.0.8-6.1.i586.rpm apache2-mod_nss-1.0.8-6.1.src.rpm apache2-mod_nss-debuginfo-1.0.8-6.1.i586.rpm apache2-mod_nss-debugsource-1.0.8-6.1.i586.rpm apache2-mod_nss-1.0.8-6.1.x86_64.rpm apache2-mod_nss-debuginfo-1.0.8-6.1.x86_64.rpm apache2-mod_nss-debugsource-1.0.8-6.1.x86_64.rpm 2014-77 moderate openSUSE Evergreen 11.4 php5 was updated to prevent insecure DNS TXT record parsing. This security issue was fixed: - Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049) apache2-mod_php5-5.3.5-367.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-367.1.i586.rpm php5-5.3.5-367.1.i586.rpm php5-5.3.5-367.1.src.rpm php5-bcmath-5.3.5-367.1.i586.rpm php5-bcmath-debuginfo-5.3.5-367.1.i586.rpm php5-bz2-5.3.5-367.1.i586.rpm php5-bz2-debuginfo-5.3.5-367.1.i586.rpm php5-calendar-5.3.5-367.1.i586.rpm php5-calendar-debuginfo-5.3.5-367.1.i586.rpm php5-ctype-5.3.5-367.1.i586.rpm php5-ctype-debuginfo-5.3.5-367.1.i586.rpm php5-curl-5.3.5-367.1.i586.rpm php5-curl-debuginfo-5.3.5-367.1.i586.rpm php5-dba-5.3.5-367.1.i586.rpm php5-dba-debuginfo-5.3.5-367.1.i586.rpm php5-debuginfo-5.3.5-367.1.i586.rpm php5-debugsource-5.3.5-367.1.i586.rpm php5-devel-5.3.5-367.1.i586.rpm php5-dom-5.3.5-367.1.i586.rpm php5-dom-debuginfo-5.3.5-367.1.i586.rpm php5-enchant-5.3.5-367.1.i586.rpm php5-enchant-debuginfo-5.3.5-367.1.i586.rpm php5-exif-5.3.5-367.1.i586.rpm php5-exif-debuginfo-5.3.5-367.1.i586.rpm php5-fastcgi-5.3.5-367.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-367.1.i586.rpm php5-fileinfo-5.3.5-367.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-367.1.i586.rpm php5-fpm-5.3.5-367.1.i586.rpm php5-fpm-debuginfo-5.3.5-367.1.i586.rpm php5-ftp-5.3.5-367.1.i586.rpm php5-ftp-debuginfo-5.3.5-367.1.i586.rpm php5-gd-5.3.5-367.1.i586.rpm php5-gd-debuginfo-5.3.5-367.1.i586.rpm php5-gettext-5.3.5-367.1.i586.rpm php5-gettext-debuginfo-5.3.5-367.1.i586.rpm php5-gmp-5.3.5-367.1.i586.rpm php5-gmp-debuginfo-5.3.5-367.1.i586.rpm php5-hash-5.3.5-367.1.i586.rpm php5-hash-debuginfo-5.3.5-367.1.i586.rpm php5-iconv-5.3.5-367.1.i586.rpm php5-iconv-debuginfo-5.3.5-367.1.i586.rpm php5-imap-5.3.5-367.1.i586.rpm php5-imap-debuginfo-5.3.5-367.1.i586.rpm php5-intl-5.3.5-367.1.i586.rpm php5-intl-debuginfo-5.3.5-367.1.i586.rpm php5-json-5.3.5-367.1.i586.rpm php5-json-debuginfo-5.3.5-367.1.i586.rpm php5-ldap-5.3.5-367.1.i586.rpm php5-ldap-debuginfo-5.3.5-367.1.i586.rpm php5-mbstring-5.3.5-367.1.i586.rpm php5-mbstring-debuginfo-5.3.5-367.1.i586.rpm php5-mcrypt-5.3.5-367.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-367.1.i586.rpm php5-mysql-5.3.5-367.1.i586.rpm php5-mysql-debuginfo-5.3.5-367.1.i586.rpm php5-odbc-5.3.5-367.1.i586.rpm php5-odbc-debuginfo-5.3.5-367.1.i586.rpm php5-openssl-5.3.5-367.1.i586.rpm php5-openssl-debuginfo-5.3.5-367.1.i586.rpm php5-pcntl-5.3.5-367.1.i586.rpm php5-pcntl-debuginfo-5.3.5-367.1.i586.rpm php5-pdo-5.3.5-367.1.i586.rpm php5-pdo-debuginfo-5.3.5-367.1.i586.rpm php5-pear-5.3.5-367.1.noarch.rpm php5-pgsql-5.3.5-367.1.i586.rpm php5-pgsql-debuginfo-5.3.5-367.1.i586.rpm php5-phar-5.3.5-367.1.i586.rpm php5-phar-debuginfo-5.3.5-367.1.i586.rpm php5-posix-5.3.5-367.1.i586.rpm php5-posix-debuginfo-5.3.5-367.1.i586.rpm php5-pspell-5.3.5-367.1.i586.rpm php5-pspell-debuginfo-5.3.5-367.1.i586.rpm php5-readline-5.3.5-367.1.i586.rpm php5-readline-debuginfo-5.3.5-367.1.i586.rpm php5-shmop-5.3.5-367.1.i586.rpm php5-shmop-debuginfo-5.3.5-367.1.i586.rpm php5-snmp-5.3.5-367.1.i586.rpm php5-snmp-debuginfo-5.3.5-367.1.i586.rpm php5-soap-5.3.5-367.1.i586.rpm php5-soap-debuginfo-5.3.5-367.1.i586.rpm php5-sockets-5.3.5-367.1.i586.rpm php5-sockets-debuginfo-5.3.5-367.1.i586.rpm php5-sqlite-5.3.5-367.1.i586.rpm php5-sqlite-debuginfo-5.3.5-367.1.i586.rpm php5-suhosin-5.3.5-367.1.i586.rpm php5-suhosin-debuginfo-5.3.5-367.1.i586.rpm php5-sysvmsg-5.3.5-367.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-367.1.i586.rpm php5-sysvsem-5.3.5-367.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-367.1.i586.rpm php5-sysvshm-5.3.5-367.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-367.1.i586.rpm php5-tidy-5.3.5-367.1.i586.rpm php5-tidy-debuginfo-5.3.5-367.1.i586.rpm php5-tokenizer-5.3.5-367.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-367.1.i586.rpm php5-wddx-5.3.5-367.1.i586.rpm php5-wddx-debuginfo-5.3.5-367.1.i586.rpm php5-xmlreader-5.3.5-367.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-367.1.i586.rpm php5-xmlrpc-5.3.5-367.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-367.1.i586.rpm php5-xmlwriter-5.3.5-367.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-367.1.i586.rpm php5-xsl-5.3.5-367.1.i586.rpm php5-xsl-debuginfo-5.3.5-367.1.i586.rpm php5-zip-5.3.5-367.1.i586.rpm php5-zip-debuginfo-5.3.5-367.1.i586.rpm php5-zlib-5.3.5-367.1.i586.rpm php5-zlib-debuginfo-5.3.5-367.1.i586.rpm apache2-mod_php5-5.3.5-367.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-367.1.x86_64.rpm php5-5.3.5-367.1.x86_64.rpm php5-bcmath-5.3.5-367.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-367.1.x86_64.rpm php5-bz2-5.3.5-367.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-367.1.x86_64.rpm php5-calendar-5.3.5-367.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-367.1.x86_64.rpm php5-ctype-5.3.5-367.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-367.1.x86_64.rpm php5-curl-5.3.5-367.1.x86_64.rpm php5-curl-debuginfo-5.3.5-367.1.x86_64.rpm php5-dba-5.3.5-367.1.x86_64.rpm php5-dba-debuginfo-5.3.5-367.1.x86_64.rpm php5-debuginfo-5.3.5-367.1.x86_64.rpm php5-debugsource-5.3.5-367.1.x86_64.rpm php5-devel-5.3.5-367.1.x86_64.rpm php5-dom-5.3.5-367.1.x86_64.rpm php5-dom-debuginfo-5.3.5-367.1.x86_64.rpm php5-enchant-5.3.5-367.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-367.1.x86_64.rpm php5-exif-5.3.5-367.1.x86_64.rpm php5-exif-debuginfo-5.3.5-367.1.x86_64.rpm php5-fastcgi-5.3.5-367.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-367.1.x86_64.rpm php5-fileinfo-5.3.5-367.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-367.1.x86_64.rpm php5-fpm-5.3.5-367.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-367.1.x86_64.rpm php5-ftp-5.3.5-367.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-367.1.x86_64.rpm php5-gd-5.3.5-367.1.x86_64.rpm php5-gd-debuginfo-5.3.5-367.1.x86_64.rpm php5-gettext-5.3.5-367.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-367.1.x86_64.rpm php5-gmp-5.3.5-367.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-367.1.x86_64.rpm php5-hash-5.3.5-367.1.x86_64.rpm php5-hash-debuginfo-5.3.5-367.1.x86_64.rpm php5-iconv-5.3.5-367.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-367.1.x86_64.rpm php5-imap-5.3.5-367.1.x86_64.rpm php5-imap-debuginfo-5.3.5-367.1.x86_64.rpm php5-intl-5.3.5-367.1.x86_64.rpm php5-intl-debuginfo-5.3.5-367.1.x86_64.rpm php5-json-5.3.5-367.1.x86_64.rpm php5-json-debuginfo-5.3.5-367.1.x86_64.rpm php5-ldap-5.3.5-367.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-367.1.x86_64.rpm php5-mbstring-5.3.5-367.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-367.1.x86_64.rpm php5-mcrypt-5.3.5-367.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-367.1.x86_64.rpm php5-mysql-5.3.5-367.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-367.1.x86_64.rpm php5-odbc-5.3.5-367.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-367.1.x86_64.rpm php5-openssl-5.3.5-367.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-367.1.x86_64.rpm php5-pcntl-5.3.5-367.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-367.1.x86_64.rpm php5-pdo-5.3.5-367.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-367.1.x86_64.rpm php5-pgsql-5.3.5-367.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-367.1.x86_64.rpm php5-phar-5.3.5-367.1.x86_64.rpm php5-phar-debuginfo-5.3.5-367.1.x86_64.rpm php5-posix-5.3.5-367.1.x86_64.rpm php5-posix-debuginfo-5.3.5-367.1.x86_64.rpm php5-pspell-5.3.5-367.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-367.1.x86_64.rpm php5-readline-5.3.5-367.1.x86_64.rpm php5-readline-debuginfo-5.3.5-367.1.x86_64.rpm php5-shmop-5.3.5-367.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-367.1.x86_64.rpm php5-snmp-5.3.5-367.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-367.1.x86_64.rpm php5-soap-5.3.5-367.1.x86_64.rpm php5-soap-debuginfo-5.3.5-367.1.x86_64.rpm php5-sockets-5.3.5-367.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-367.1.x86_64.rpm php5-sqlite-5.3.5-367.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-367.1.x86_64.rpm php5-suhosin-5.3.5-367.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-367.1.x86_64.rpm php5-sysvmsg-5.3.5-367.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-367.1.x86_64.rpm php5-sysvsem-5.3.5-367.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-367.1.x86_64.rpm php5-sysvshm-5.3.5-367.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-367.1.x86_64.rpm php5-tidy-5.3.5-367.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-367.1.x86_64.rpm php5-tokenizer-5.3.5-367.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-367.1.x86_64.rpm php5-wddx-5.3.5-367.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-367.1.x86_64.rpm php5-xmlreader-5.3.5-367.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-367.1.x86_64.rpm php5-xmlrpc-5.3.5-367.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-367.1.x86_64.rpm php5-xmlwriter-5.3.5-367.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-367.1.x86_64.rpm php5-xsl-5.3.5-367.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-367.1.x86_64.rpm php5-zip-5.3.5-367.1.x86_64.rpm php5-zip-debuginfo-5.3.5-367.1.x86_64.rpm php5-zlib-5.3.5-367.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-367.1.x86_64.rpm 2014-1 moderate openSUSE Evergreen 11.4 gpg2 was patched to fix a possible DoS. This security issue was fixed: - Denial of service through infinite loop with garbled compressed data packets (CVE-2014-4617) gpg2-2.0.19-22.1.i586.rpm gpg2-2.0.19-22.1.src.rpm gpg2-debuginfo-2.0.19-22.1.i586.rpm gpg2-debugsource-2.0.19-22.1.i586.rpm gpg2-lang-2.0.19-22.1.noarch.rpm gpg2-2.0.19-22.1.x86_64.rpm gpg2-debuginfo-2.0.19-22.1.x86_64.rpm gpg2-debugsource-2.0.19-22.1.x86_64.rpm 2014-80 moderate openSUSE Evergreen 11.4 memcached was updated to version 1.4.20 to fix five security issues. These security issues were fixed: - DoS when printing out keys to be deleted in verbose mode (CVE-2013-0179) - Remote DoS (crash) via a request that triggers "unbounded key print" (CVE-2013-7291) - Remote DoS (segmentation fault) via a request to delete a key (CVE-2013-7290) - SASL authentication allows wrong credentials to access memcache (CVE-2013-7239) - Remote DoS (CVE-2011-4971) memcached-1.4.20-7.1.i586.rpm memcached-1.4.20-7.1.src.rpm memcached-debuginfo-1.4.20-7.1.i586.rpm memcached-debugsource-1.4.20-7.1.i586.rpm memcached-1.4.20-7.1.x86_64.rpm memcached-debuginfo-1.4.20-7.1.x86_64.rpm memcached-debugsource-1.4.20-7.1.x86_64.rpm 2014-78 moderate openSUSE Evergreen 11.4 xalan-j2 was updated to ensure secure processing can't be circumvented (CVE-2014-0107). xalan-j2-2.7.0-253.1.noarch.rpm xalan-j2-2.7.0-253.1.src.rpm xalan-j2-demo-2.7.0-253.1.noarch.rpm xalan-j2-javadoc-2.7.0-253.1.noarch.rpm xalan-j2-manual-2.7.0-253.1.noarch.rpm xalan-j2-xsltc-2.7.0-253.1.noarch.rpm 2014-79 moderate openSUSE Evergreen 11.4 samba was updated to fix two security issues. These security issues were fixed: - Fix segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler (CVE-2014-3493) - Fix nmbd denial of service (CVE-2014-0244) samba-doc-3.6.3-134.1.src.rpm ldapsmb-1.34b-134.1.i586.rpm libldb-devel-1.0.2-134.1.i586.rpm libldb1-1.0.2-134.1.i586.rpm libldb1-32bit-1.0.2-134.1.x86_64.rpm libldb1-debuginfo-1.0.2-134.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-134.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-134.1.ia64.rpm libldb1-x86-1.0.2-134.1.ia64.rpm libnetapi-devel-3.6.3-134.1.i586.rpm libnetapi0-3.6.3-134.1.i586.rpm libnetapi0-debuginfo-3.6.3-134.1.i586.rpm libsmbclient-devel-3.6.3-134.1.i586.rpm libsmbclient0-3.6.3-134.1.i586.rpm libsmbclient0-32bit-3.6.3-134.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-134.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-134.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-134.1.ia64.rpm libsmbclient0-x86-3.6.3-134.1.ia64.rpm libsmbsharemodes-devel-3.6.3-134.1.i586.rpm libsmbsharemodes0-3.6.3-134.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-134.1.i586.rpm libtalloc-devel-2.0.5-134.1.i586.rpm libtalloc2-2.0.5-134.1.i586.rpm libtalloc2-32bit-2.0.5-134.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-134.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-134.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-134.1.ia64.rpm libtalloc2-x86-2.0.5-134.1.ia64.rpm libtdb-devel-1.2.9-134.1.i586.rpm libtdb1-1.2.9-134.1.i586.rpm libtdb1-32bit-1.2.9-134.1.x86_64.rpm libtdb1-debuginfo-1.2.9-134.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-134.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-134.1.ia64.rpm libtdb1-x86-1.2.9-134.1.ia64.rpm libtevent-devel-0.9.11-134.1.i586.rpm libtevent0-0.9.11-134.1.i586.rpm libtevent0-32bit-0.9.11-134.1.x86_64.rpm libtevent0-debuginfo-0.9.11-134.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-134.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-134.1.ia64.rpm libtevent0-x86-0.9.11-134.1.ia64.rpm libwbclient-devel-3.6.3-134.1.i586.rpm libwbclient0-3.6.3-134.1.i586.rpm libwbclient0-32bit-3.6.3-134.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-134.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-134.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-134.1.ia64.rpm libwbclient0-x86-3.6.3-134.1.ia64.rpm samba-3.6.3-134.1.i586.rpm samba-3.6.3-134.1.src.rpm samba-32bit-3.6.3-134.1.x86_64.rpm samba-client-3.6.3-134.1.i586.rpm samba-client-32bit-3.6.3-134.1.x86_64.rpm samba-client-debuginfo-3.6.3-134.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-134.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-134.1.ia64.rpm samba-client-x86-3.6.3-134.1.ia64.rpm samba-debuginfo-3.6.3-134.1.i586.rpm samba-debuginfo-32bit-3.6.3-134.1.x86_64.rpm samba-debuginfo-x86-3.6.3-134.1.ia64.rpm samba-debugsource-3.6.3-134.1.i586.rpm samba-devel-3.6.3-134.1.i586.rpm samba-doc-3.6.3-134.1.noarch.rpm samba-krb-printing-3.6.3-134.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-134.1.i586.rpm samba-winbind-3.6.3-134.1.i586.rpm samba-winbind-32bit-3.6.3-134.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-134.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-134.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-134.1.ia64.rpm samba-winbind-x86-3.6.3-134.1.ia64.rpm samba-x86-3.6.3-134.1.ia64.rpm ldapsmb-1.34b-134.1.x86_64.rpm libldb-devel-1.0.2-134.1.x86_64.rpm libldb1-1.0.2-134.1.x86_64.rpm libldb1-debuginfo-1.0.2-134.1.x86_64.rpm libnetapi-devel-3.6.3-134.1.x86_64.rpm libnetapi0-3.6.3-134.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-134.1.x86_64.rpm libsmbclient-devel-3.6.3-134.1.x86_64.rpm libsmbclient0-3.6.3-134.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-134.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-134.1.x86_64.rpm libsmbsharemodes0-3.6.3-134.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-134.1.x86_64.rpm libtalloc-devel-2.0.5-134.1.x86_64.rpm libtalloc2-2.0.5-134.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-134.1.x86_64.rpm libtdb-devel-1.2.9-134.1.x86_64.rpm libtdb1-1.2.9-134.1.x86_64.rpm libtdb1-debuginfo-1.2.9-134.1.x86_64.rpm libtevent-devel-0.9.11-134.1.x86_64.rpm libtevent0-0.9.11-134.1.x86_64.rpm libtevent0-debuginfo-0.9.11-134.1.x86_64.rpm libwbclient-devel-3.6.3-134.1.x86_64.rpm libwbclient0-3.6.3-134.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-134.1.x86_64.rpm samba-3.6.3-134.1.x86_64.rpm samba-client-3.6.3-134.1.x86_64.rpm samba-client-debuginfo-3.6.3-134.1.x86_64.rpm samba-debuginfo-3.6.3-134.1.x86_64.rpm samba-debugsource-3.6.3-134.1.x86_64.rpm samba-devel-3.6.3-134.1.x86_64.rpm samba-krb-printing-3.6.3-134.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-134.1.x86_64.rpm samba-winbind-3.6.3-134.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-134.1.x86_64.rpm 2014-71 moderate openSUSE Evergreen 11.4 This update fixes the following issues with clamav: -bnc#884589: Update to 0.98.4: * Fix infinite loop in clamdscan when clamd is not running. * Fix buffer underruns when handling multi-part MIME email attachments. * Fix onfiguration of OpenSSL on various platforms. * Fix linking issues with libclamunrar. clamav-0.98.4-33.1.i586.rpm clamav-0.98.4-33.1.src.rpm clamav-db-0.98.4-33.1.noarch.rpm clamav-debuginfo-0.98.4-33.1.i586.rpm clamav-debugsource-0.98.4-33.1.i586.rpm clamav-0.98.4-33.1.x86_64.rpm clamav-debuginfo-0.98.4-33.1.x86_64.rpm clamav-debugsource-0.98.4-33.1.x86_64.rpm 2012-19 important openSUSE Evergreen 11.4 A Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. libxml2-2.7.8-37.1.i586.rpm libxml2-2.7.8-37.1.src.rpm libxml2-32bit-2.7.8-37.1.x86_64.rpm libxml2-debuginfo-2.7.8-37.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-37.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-37.1.ia64.rpm libxml2-debugsource-2.7.8-37.1.i586.rpm libxml2-devel-2.7.8-37.1.i586.rpm libxml2-devel-32bit-2.7.8-37.1.x86_64.rpm libxml2-doc-2.7.8-37.1.noarch.rpm libxml2-x86-2.7.8-37.1.ia64.rpm libxml2-2.7.8-37.1.x86_64.rpm libxml2-debuginfo-2.7.8-37.1.x86_64.rpm libxml2-debugsource-2.7.8-37.1.x86_64.rpm libxml2-devel-2.7.8-37.1.x86_64.rpm 2014-72 important openSUSE Evergreen 11.4 apache2: - ECC support was added to mod_ssl - fix for a race condition in mod_status known as CVE-2014-0226 can lead to information disclosure; mod_status is not active by default, and is normally only open for connects from localhost. - fix for bug known as CVE-2014-0098 that can crash the apache process if a specially designed cookie is sent to the server (log_cookie.c) - fix for crash bug in mod_dav known as CVE-2013-6438 - fix for a problem with non-responsive CGI scripts that would otherwise cause the server to stall and deny service. CVE-2014-0231, new configuration parameter CGIDScriptTimeout defaults to 60s. apache2-mod_security2: - specially drafted chunked http requests allow an attacker to bypass filters configured in mod_security2. This vulnerability is known as CVE-2013-5705. apache2-mod_security2-2.7.5-16.1.i586.rpm apache2-mod_security2-2.7.5-16.1.src.rpm apache2-mod_security2-debuginfo-2.7.5-16.1.i586.rpm apache2-mod_security2-debugsource-2.7.5-16.1.i586.rpm apache2-2.2.17-80.1.i586.rpm apache2-2.2.17-80.1.src.rpm apache2-debuginfo-2.2.17-80.1.i586.rpm apache2-debugsource-2.2.17-80.1.i586.rpm apache2-devel-2.2.17-80.1.i586.rpm apache2-doc-2.2.17-80.1.noarch.rpm apache2-event-2.2.17-80.1.i586.rpm apache2-event-debuginfo-2.2.17-80.1.i586.rpm apache2-example-certificates-2.2.17-80.1.i586.rpm apache2-example-pages-2.2.17-80.1.i586.rpm apache2-itk-2.2.17-80.1.i586.rpm apache2-itk-debuginfo-2.2.17-80.1.i586.rpm apache2-prefork-2.2.17-80.1.i586.rpm apache2-prefork-debuginfo-2.2.17-80.1.i586.rpm apache2-utils-2.2.17-80.1.i586.rpm apache2-utils-debuginfo-2.2.17-80.1.i586.rpm apache2-worker-2.2.17-80.1.i586.rpm apache2-worker-debuginfo-2.2.17-80.1.i586.rpm apache2-mod_security2-2.7.5-16.1.x86_64.rpm apache2-mod_security2-debuginfo-2.7.5-16.1.x86_64.rpm apache2-mod_security2-debugsource-2.7.5-16.1.x86_64.rpm apache2-2.2.17-80.1.x86_64.rpm apache2-debuginfo-2.2.17-80.1.x86_64.rpm apache2-debugsource-2.2.17-80.1.x86_64.rpm apache2-devel-2.2.17-80.1.x86_64.rpm apache2-event-2.2.17-80.1.x86_64.rpm apache2-event-debuginfo-2.2.17-80.1.x86_64.rpm apache2-example-certificates-2.2.17-80.1.x86_64.rpm apache2-example-pages-2.2.17-80.1.x86_64.rpm apache2-itk-2.2.17-80.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-80.1.x86_64.rpm apache2-prefork-2.2.17-80.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-80.1.x86_64.rpm apache2-utils-2.2.17-80.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-80.1.x86_64.rpm apache2-worker-2.2.17-80.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-80.1.x86_64.rpm 2014-75 critical openSUSE Evergreen 11.4 This critical flash-player update fixes the following CVEs: - Security update to 11.2.202.400 (bnc#891688): * APSB14-18, CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545 flash-player-11.2.202.400-123.1.i586.rpm flash-player-11.2.202.400-123.1.nosrc.rpm flash-player-gnome-11.2.202.400-123.1.i586.rpm flash-player-kde4-11.2.202.400-123.1.i586.rpm flash-player-11.2.202.400-123.1.x86_64.rpm flash-player-gnome-11.2.202.400-123.1.x86_64.rpm flash-player-kde4-11.2.202.400-123.1.x86_64.rpm 2014-81 moderate openSUSE Evergreen 11.4 update to version 1.7.2 * bugfix release which contains several bugfixes including mail with only Bcc recipients sent in plain text unexpectedly (CVE-2014-5369) enigmail-1.7.2-9.1.i586.rpm enigmail-1.7.2-9.1.src.rpm enigmail-debuginfo-1.7.2-9.1.i586.rpm enigmail-debugsource-1.7.2-9.1.i586.rpm enigmail-1.7.2-9.1.x86_64.rpm enigmail-debuginfo-1.7.2-9.1.x86_64.rpm enigmail-debugsource-1.7.2-9.1.x86_64.rpm 2014-82 important openSUSE Evergreen 11.4 This patch contains security updates for * mozilla-nss 3.16.4 - The following 1024-bit root CA certificate was restored to allow more time to develop a better transition strategy for affected sites. It was removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy forum led to the decision to keep this root included longer in order to give website administrators more time to update their web servers. - CN = GTE CyberTrust Global Root * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit intermediate CA certificate has been included, without explicit trust. The intention is to mitigate the effects of the previous removal of the 1024-bit Entrust.net root certificate, because many public Internet sites still use the "USERTrust Legacy Secure Server CA" intermediate certificate that is signed by the 1024-bit Entrust.net root certificate. The inclusion of the intermediate certificate is a temporary measure to allow those sites to function, by allowing them to find a trust path to another 2048-bit root CA certificate. The temporarily included intermediate certificate expires November 1, 2015. * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance for version 24 stopped MozillaFirefox-24.8.0-127.1.i586.rpm MozillaFirefox-24.8.0-127.1.src.rpm MozillaFirefox-branding-upstream-24.8.0-127.1.i586.rpm MozillaFirefox-buildsymbols-24.8.0-127.1.i586.rpm MozillaFirefox-debuginfo-24.8.0-127.1.i586.rpm MozillaFirefox-debugsource-24.8.0-127.1.i586.rpm MozillaFirefox-devel-24.8.0-127.1.i586.rpm MozillaFirefox-translations-common-24.8.0-127.1.i586.rpm MozillaFirefox-translations-other-24.8.0-127.1.i586.rpm libfreebl3-3.16.4-94.1.i586.rpm libfreebl3-32bit-3.16.4-94.1.x86_64.rpm libfreebl3-debuginfo-3.16.4-94.1.i586.rpm libfreebl3-debuginfo-32bit-3.16.4-94.1.x86_64.rpm libfreebl3-debuginfo-x86-3.16.4-94.1.ia64.rpm libfreebl3-x86-3.16.4-94.1.ia64.rpm libsoftokn3-3.16.4-94.1.i586.rpm libsoftokn3-32bit-3.16.4-94.1.x86_64.rpm libsoftokn3-debuginfo-3.16.4-94.1.i586.rpm libsoftokn3-debuginfo-32bit-3.16.4-94.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.16.4-94.1.ia64.rpm libsoftokn3-x86-3.16.4-94.1.ia64.rpm mozilla-nss-3.16.4-94.1.i586.rpm mozilla-nss-3.16.4-94.1.src.rpm mozilla-nss-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-certs-3.16.4-94.1.i586.rpm mozilla-nss-certs-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.4-94.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.16.4-94.1.ia64.rpm mozilla-nss-certs-x86-3.16.4-94.1.ia64.rpm mozilla-nss-debuginfo-3.16.4-94.1.i586.rpm mozilla-nss-debuginfo-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.16.4-94.1.ia64.rpm mozilla-nss-debugsource-3.16.4-94.1.i586.rpm mozilla-nss-devel-3.16.4-94.1.i586.rpm mozilla-nss-sysinit-3.16.4-94.1.i586.rpm mozilla-nss-sysinit-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.4-94.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.16.4-94.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.16.4-94.1.ia64.rpm mozilla-nss-sysinit-x86-3.16.4-94.1.ia64.rpm mozilla-nss-tools-3.16.4-94.1.i586.rpm mozilla-nss-tools-debuginfo-3.16.4-94.1.i586.rpm mozilla-nss-x86-3.16.4-94.1.ia64.rpm MozillaFirefox-24.8.0-127.1.x86_64.rpm MozillaFirefox-branding-upstream-24.8.0-127.1.x86_64.rpm MozillaFirefox-buildsymbols-24.8.0-127.1.x86_64.rpm MozillaFirefox-debuginfo-24.8.0-127.1.x86_64.rpm MozillaFirefox-debugsource-24.8.0-127.1.x86_64.rpm MozillaFirefox-devel-24.8.0-127.1.x86_64.rpm MozillaFirefox-translations-common-24.8.0-127.1.x86_64.rpm MozillaFirefox-translations-other-24.8.0-127.1.x86_64.rpm libfreebl3-3.16.4-94.1.x86_64.rpm libfreebl3-debuginfo-3.16.4-94.1.x86_64.rpm libsoftokn3-3.16.4-94.1.x86_64.rpm libsoftokn3-debuginfo-3.16.4-94.1.x86_64.rpm mozilla-nss-3.16.4-94.1.x86_64.rpm mozilla-nss-certs-3.16.4-94.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.4-94.1.x86_64.rpm mozilla-nss-debuginfo-3.16.4-94.1.x86_64.rpm mozilla-nss-debugsource-3.16.4-94.1.x86_64.rpm mozilla-nss-devel-3.16.4-94.1.x86_64.rpm mozilla-nss-sysinit-3.16.4-94.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.4-94.1.x86_64.rpm mozilla-nss-tools-3.16.4-94.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.16.4-94.1.x86_64.rpm 2014-89 moderate openSUSE Evergreen 11.4 kernel update for Evergreen 11.4, fixes 18 CVE issues (see the changelog for list) kernel-debug-3.0.101-91.1.i586.rpm True kernel-debug-3.0.101-91.1.nosrc.rpm True kernel-debug-base-3.0.101-91.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-debug-debuginfo-3.0.101-91.1.i586.rpm True kernel-debug-debugsource-3.0.101-91.1.i586.rpm True kernel-debug-devel-3.0.101-91.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-debug-hmac-3.0.101-91.1.i586.rpm True kernel-default-3.0.101-91.1.i586.rpm True kernel-default-3.0.101-91.1.nosrc.rpm True kernel-default-base-3.0.101-91.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-default-debuginfo-3.0.101-91.1.i586.rpm True kernel-default-debugsource-3.0.101-91.1.i586.rpm True kernel-default-devel-3.0.101-91.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-default-hmac-3.0.101-91.1.i586.rpm True kernel-desktop-3.0.101-91.1.i586.rpm True kernel-desktop-3.0.101-91.1.nosrc.rpm True kernel-desktop-base-3.0.101-91.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-91.1.i586.rpm True kernel-desktop-debugsource-3.0.101-91.1.i586.rpm True kernel-desktop-devel-3.0.101-91.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-desktop-hmac-3.0.101-91.1.i586.rpm True kernel-docs-3.0.101-91.2.noarch.rpm True kernel-docs-3.0.101-91.2.src.rpm True kernel-ec2-3.0.101-91.1.i586.rpm True kernel-ec2-3.0.101-91.1.nosrc.rpm True kernel-ec2-base-3.0.101-91.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-91.1.i586.rpm True kernel-ec2-debugsource-3.0.101-91.1.i586.rpm True kernel-ec2-devel-3.0.101-91.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-ec2-extra-3.0.101-91.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-91.1.i586.rpm True kernel-ec2-hmac-3.0.101-91.1.i586.rpm True kernel-pae-3.0.101-91.1.i586.rpm True kernel-pae-3.0.101-91.1.nosrc.rpm True kernel-pae-base-3.0.101-91.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-pae-debuginfo-3.0.101-91.1.i586.rpm True kernel-pae-debugsource-3.0.101-91.1.i586.rpm True kernel-pae-devel-3.0.101-91.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-pae-hmac-3.0.101-91.1.i586.rpm True kernel-source-3.0.101-91.1.i586.rpm True kernel-source-3.0.101-91.1.src.rpm True kernel-source-vanilla-3.0.101-91.1.i586.rpm True kernel-syms-3.0.101-91.1.i586.rpm True kernel-syms-3.0.101-91.1.src.rpm True kernel-trace-3.0.101-91.1.i586.rpm True kernel-trace-3.0.101-91.1.nosrc.rpm True kernel-trace-base-3.0.101-91.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-trace-debuginfo-3.0.101-91.1.i586.rpm True kernel-trace-debugsource-3.0.101-91.1.i586.rpm True kernel-trace-devel-3.0.101-91.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-trace-hmac-3.0.101-91.1.i586.rpm True kernel-vanilla-3.0.101-91.1.i586.rpm True kernel-vanilla-3.0.101-91.1.nosrc.rpm True kernel-vanilla-base-3.0.101-91.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-91.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-91.1.i586.rpm True kernel-vanilla-devel-3.0.101-91.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-vanilla-hmac-3.0.101-91.1.i586.rpm True kernel-vmi-3.0.101-91.1.i586.rpm True kernel-vmi-3.0.101-91.1.nosrc.rpm True kernel-vmi-base-3.0.101-91.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-91.1.i586.rpm True kernel-vmi-debugsource-3.0.101-91.1.i586.rpm True kernel-vmi-devel-3.0.101-91.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-vmi-hmac-3.0.101-91.1.i586.rpm True kernel-xen-3.0.101-91.1.i586.rpm True kernel-xen-3.0.101-91.1.nosrc.rpm True kernel-xen-base-3.0.101-91.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-91.1.i586.rpm True kernel-xen-debuginfo-3.0.101-91.1.i586.rpm True kernel-xen-debugsource-3.0.101-91.1.i586.rpm True kernel-xen-devel-3.0.101-91.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-91.1.i586.rpm True kernel-xen-hmac-3.0.101-91.1.i586.rpm True preload-1.2-6.69.2.i586.rpm True preload-1.2-6.69.2.src.rpm True preload-debuginfo-1.2-6.69.2.i586.rpm True preload-debugsource-1.2-6.69.2.i586.rpm True preload-kmp-default-1.2_3.0.101_91-6.69.2.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_91-6.69.2.i586.rpm True preload-kmp-desktop-1.2_3.0.101_91-6.69.2.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_91-6.69.2.i586.rpm True kernel-debug-3.0.101-91.1.x86_64.rpm True kernel-debug-base-3.0.101-91.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-91.1.x86_64.rpm True kernel-debug-devel-3.0.101-91.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-debug-hmac-3.0.101-91.1.x86_64.rpm True kernel-default-3.0.101-91.1.x86_64.rpm True kernel-default-base-3.0.101-91.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-default-debugsource-3.0.101-91.1.x86_64.rpm True kernel-default-devel-3.0.101-91.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-default-hmac-3.0.101-91.1.x86_64.rpm True kernel-desktop-3.0.101-91.1.x86_64.rpm True kernel-desktop-base-3.0.101-91.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-91.1.x86_64.rpm True kernel-desktop-devel-3.0.101-91.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-91.1.x86_64.rpm True kernel-ec2-3.0.101-91.1.x86_64.rpm True kernel-ec2-base-3.0.101-91.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-91.1.x86_64.rpm True kernel-ec2-devel-3.0.101-91.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-ec2-extra-3.0.101-91.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-91.1.x86_64.rpm True kernel-source-3.0.101-91.1.x86_64.rpm True kernel-source-vanilla-3.0.101-91.1.x86_64.rpm True kernel-syms-3.0.101-91.1.x86_64.rpm True kernel-trace-3.0.101-91.1.x86_64.rpm True kernel-trace-base-3.0.101-91.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-91.1.x86_64.rpm True kernel-trace-devel-3.0.101-91.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-trace-hmac-3.0.101-91.1.x86_64.rpm True kernel-vanilla-3.0.101-91.1.x86_64.rpm True kernel-vanilla-base-3.0.101-91.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-91.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-91.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-91.1.x86_64.rpm True kernel-xen-3.0.101-91.1.x86_64.rpm True kernel-xen-base-3.0.101-91.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-91.1.x86_64.rpm True kernel-xen-devel-3.0.101-91.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-91.1.x86_64.rpm True kernel-xen-hmac-3.0.101-91.1.x86_64.rpm True preload-1.2-6.69.2.x86_64.rpm True preload-debuginfo-1.2-6.69.2.x86_64.rpm True preload-debugsource-1.2-6.69.2.x86_64.rpm True preload-kmp-default-1.2_3.0.101_91-6.69.2.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_91-6.69.2.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_91-6.69.2.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_91-6.69.2.x86_64.rpm True 2014-83 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.406 (bnc#895856): * APSB14-21, CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559 More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html flash-player-11.2.202.406-127.1.i586.rpm flash-player-11.2.202.406-127.1.nosrc.rpm flash-player-gnome-11.2.202.406-127.1.i586.rpm flash-player-kde4-11.2.202.406-127.1.i586.rpm flash-player-11.2.202.406-127.1.x86_64.rpm flash-player-gnome-11.2.202.406-127.1.x86_64.rpm flash-player-kde4-11.2.202.406-127.1.x86_64.rpm 2014-84 moderate openSUSE Evergreen 11.4 restrict query, configuration, modification access from world by default. Avoids that ntp can be used as a DDoS amplifier. The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. ntp-4.2.6p3-6.24.1.i586.rpm ntp-4.2.6p3-6.24.1.src.rpm ntp-debuginfo-4.2.6p3-6.24.1.i586.rpm ntp-debugsource-4.2.6p3-6.24.1.i586.rpm ntp-doc-4.2.6p3-6.24.1.i586.rpm ntp-4.2.6p3-6.24.1.x86_64.rpm ntp-debuginfo-4.2.6p3-6.24.1.x86_64.rpm ntp-debugsource-4.2.6p3-6.24.1.x86_64.rpm ntp-doc-4.2.6p3-6.24.1.x86_64.rpm 2014-85 moderate openSUSE Evergreen 11.4 This patch fixes the following issues: - cdf_read_short_sector insufficient boundary check - mconvert incorrect handling of truncated pascal string size - cdf_check_stream_offset insufficient boundary check - cdf_count_chain insufficient boundary check - cdf_read_property_info insufficient boundary check - unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion - type confusion issue in phpinfo() leading to information leak - SPL Iterators use-after-free - ArrayIterator use-after-free due to object change during sorting apache2-mod_php5-5.3.17-379.1.i586.rpm apache2-mod_php5-debuginfo-5.3.17-379.1.i586.rpm php5-5.3.17-379.1.i586.rpm php5-5.3.17-379.1.src.rpm php5-bcmath-5.3.17-379.1.i586.rpm php5-bcmath-debuginfo-5.3.17-379.1.i586.rpm php5-bz2-5.3.17-379.1.i586.rpm php5-bz2-debuginfo-5.3.17-379.1.i586.rpm php5-calendar-5.3.17-379.1.i586.rpm php5-calendar-debuginfo-5.3.17-379.1.i586.rpm php5-ctype-5.3.17-379.1.i586.rpm php5-ctype-debuginfo-5.3.17-379.1.i586.rpm php5-curl-5.3.17-379.1.i586.rpm php5-curl-debuginfo-5.3.17-379.1.i586.rpm php5-dba-5.3.17-379.1.i586.rpm php5-dba-debuginfo-5.3.17-379.1.i586.rpm php5-debuginfo-5.3.17-379.1.i586.rpm php5-debugsource-5.3.17-379.1.i586.rpm php5-devel-5.3.17-379.1.i586.rpm php5-dom-5.3.17-379.1.i586.rpm php5-dom-debuginfo-5.3.17-379.1.i586.rpm php5-enchant-5.3.17-379.1.i586.rpm php5-enchant-debuginfo-5.3.17-379.1.i586.rpm php5-exif-5.3.17-379.1.i586.rpm php5-exif-debuginfo-5.3.17-379.1.i586.rpm php5-fastcgi-5.3.17-379.1.i586.rpm php5-fastcgi-debuginfo-5.3.17-379.1.i586.rpm php5-fileinfo-5.3.17-379.1.i586.rpm php5-fileinfo-debuginfo-5.3.17-379.1.i586.rpm php5-fpm-5.3.17-379.1.i586.rpm php5-fpm-debuginfo-5.3.17-379.1.i586.rpm php5-ftp-5.3.17-379.1.i586.rpm php5-ftp-debuginfo-5.3.17-379.1.i586.rpm php5-gd-5.3.17-379.1.i586.rpm php5-gd-debuginfo-5.3.17-379.1.i586.rpm php5-gettext-5.3.17-379.1.i586.rpm php5-gettext-debuginfo-5.3.17-379.1.i586.rpm php5-gmp-5.3.17-379.1.i586.rpm php5-gmp-debuginfo-5.3.17-379.1.i586.rpm php5-iconv-5.3.17-379.1.i586.rpm php5-iconv-debuginfo-5.3.17-379.1.i586.rpm php5-imap-5.3.17-379.1.i586.rpm php5-imap-debuginfo-5.3.17-379.1.i586.rpm php5-intl-5.3.17-379.1.i586.rpm php5-intl-debuginfo-5.3.17-379.1.i586.rpm php5-json-5.3.17-379.1.i586.rpm php5-json-debuginfo-5.3.17-379.1.i586.rpm php5-ldap-5.3.17-379.1.i586.rpm php5-ldap-debuginfo-5.3.17-379.1.i586.rpm php5-mbstring-5.3.17-379.1.i586.rpm php5-mbstring-debuginfo-5.3.17-379.1.i586.rpm php5-mcrypt-5.3.17-379.1.i586.rpm php5-mcrypt-debuginfo-5.3.17-379.1.i586.rpm php5-mysql-5.3.17-379.1.i586.rpm php5-mysql-debuginfo-5.3.17-379.1.i586.rpm php5-odbc-5.3.17-379.1.i586.rpm php5-odbc-debuginfo-5.3.17-379.1.i586.rpm php5-openssl-5.3.17-379.1.i586.rpm php5-openssl-debuginfo-5.3.17-379.1.i586.rpm php5-pcntl-5.3.17-379.1.i586.rpm php5-pcntl-debuginfo-5.3.17-379.1.i586.rpm php5-pdo-5.3.17-379.1.i586.rpm php5-pdo-debuginfo-5.3.17-379.1.i586.rpm php5-pear-5.3.17-379.1.i586.rpm php5-pgsql-5.3.17-379.1.i586.rpm php5-pgsql-debuginfo-5.3.17-379.1.i586.rpm php5-phar-5.3.17-379.1.i586.rpm php5-phar-debuginfo-5.3.17-379.1.i586.rpm php5-posix-5.3.17-379.1.i586.rpm php5-posix-debuginfo-5.3.17-379.1.i586.rpm php5-pspell-5.3.17-379.1.i586.rpm php5-pspell-debuginfo-5.3.17-379.1.i586.rpm php5-readline-5.3.17-379.1.i586.rpm php5-readline-debuginfo-5.3.17-379.1.i586.rpm php5-shmop-5.3.17-379.1.i586.rpm php5-shmop-debuginfo-5.3.17-379.1.i586.rpm php5-snmp-5.3.17-379.1.i586.rpm php5-snmp-debuginfo-5.3.17-379.1.i586.rpm php5-soap-5.3.17-379.1.i586.rpm php5-soap-debuginfo-5.3.17-379.1.i586.rpm php5-sockets-5.3.17-379.1.i586.rpm php5-sockets-debuginfo-5.3.17-379.1.i586.rpm php5-sqlite-5.3.17-379.1.i586.rpm php5-sqlite-debuginfo-5.3.17-379.1.i586.rpm php5-suhosin-5.3.17-379.1.i586.rpm php5-suhosin-debuginfo-5.3.17-379.1.i586.rpm php5-sysvmsg-5.3.17-379.1.i586.rpm php5-sysvmsg-debuginfo-5.3.17-379.1.i586.rpm php5-sysvsem-5.3.17-379.1.i586.rpm php5-sysvsem-debuginfo-5.3.17-379.1.i586.rpm php5-sysvshm-5.3.17-379.1.i586.rpm php5-sysvshm-debuginfo-5.3.17-379.1.i586.rpm php5-tidy-5.3.17-379.1.i586.rpm php5-tidy-debuginfo-5.3.17-379.1.i586.rpm php5-tokenizer-5.3.17-379.1.i586.rpm php5-tokenizer-debuginfo-5.3.17-379.1.i586.rpm php5-wddx-5.3.17-379.1.i586.rpm php5-wddx-debuginfo-5.3.17-379.1.i586.rpm php5-xmlreader-5.3.17-379.1.i586.rpm php5-xmlreader-debuginfo-5.3.17-379.1.i586.rpm php5-xmlrpc-5.3.17-379.1.i586.rpm php5-xmlrpc-debuginfo-5.3.17-379.1.i586.rpm php5-xmlwriter-5.3.17-379.1.i586.rpm php5-xmlwriter-debuginfo-5.3.17-379.1.i586.rpm php5-xsl-5.3.17-379.1.i586.rpm php5-xsl-debuginfo-5.3.17-379.1.i586.rpm php5-zip-5.3.17-379.1.i586.rpm php5-zip-debuginfo-5.3.17-379.1.i586.rpm php5-zlib-5.3.17-379.1.i586.rpm php5-zlib-debuginfo-5.3.17-379.1.i586.rpm apache2-mod_php5-5.3.17-379.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.17-379.1.x86_64.rpm php5-5.3.17-379.1.x86_64.rpm php5-bcmath-5.3.17-379.1.x86_64.rpm php5-bcmath-debuginfo-5.3.17-379.1.x86_64.rpm php5-bz2-5.3.17-379.1.x86_64.rpm php5-bz2-debuginfo-5.3.17-379.1.x86_64.rpm php5-calendar-5.3.17-379.1.x86_64.rpm php5-calendar-debuginfo-5.3.17-379.1.x86_64.rpm php5-ctype-5.3.17-379.1.x86_64.rpm php5-ctype-debuginfo-5.3.17-379.1.x86_64.rpm php5-curl-5.3.17-379.1.x86_64.rpm php5-curl-debuginfo-5.3.17-379.1.x86_64.rpm php5-dba-5.3.17-379.1.x86_64.rpm php5-dba-debuginfo-5.3.17-379.1.x86_64.rpm php5-debuginfo-5.3.17-379.1.x86_64.rpm php5-debugsource-5.3.17-379.1.x86_64.rpm php5-devel-5.3.17-379.1.x86_64.rpm php5-dom-5.3.17-379.1.x86_64.rpm php5-dom-debuginfo-5.3.17-379.1.x86_64.rpm php5-enchant-5.3.17-379.1.x86_64.rpm php5-enchant-debuginfo-5.3.17-379.1.x86_64.rpm php5-exif-5.3.17-379.1.x86_64.rpm php5-exif-debuginfo-5.3.17-379.1.x86_64.rpm php5-fastcgi-5.3.17-379.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.17-379.1.x86_64.rpm php5-fileinfo-5.3.17-379.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.17-379.1.x86_64.rpm php5-fpm-5.3.17-379.1.x86_64.rpm php5-fpm-debuginfo-5.3.17-379.1.x86_64.rpm php5-ftp-5.3.17-379.1.x86_64.rpm php5-ftp-debuginfo-5.3.17-379.1.x86_64.rpm php5-gd-5.3.17-379.1.x86_64.rpm php5-gd-debuginfo-5.3.17-379.1.x86_64.rpm php5-gettext-5.3.17-379.1.x86_64.rpm php5-gettext-debuginfo-5.3.17-379.1.x86_64.rpm php5-gmp-5.3.17-379.1.x86_64.rpm php5-gmp-debuginfo-5.3.17-379.1.x86_64.rpm php5-iconv-5.3.17-379.1.x86_64.rpm php5-iconv-debuginfo-5.3.17-379.1.x86_64.rpm php5-imap-5.3.17-379.1.x86_64.rpm php5-imap-debuginfo-5.3.17-379.1.x86_64.rpm php5-intl-5.3.17-379.1.x86_64.rpm php5-intl-debuginfo-5.3.17-379.1.x86_64.rpm php5-json-5.3.17-379.1.x86_64.rpm php5-json-debuginfo-5.3.17-379.1.x86_64.rpm php5-ldap-5.3.17-379.1.x86_64.rpm php5-ldap-debuginfo-5.3.17-379.1.x86_64.rpm php5-mbstring-5.3.17-379.1.x86_64.rpm php5-mbstring-debuginfo-5.3.17-379.1.x86_64.rpm php5-mcrypt-5.3.17-379.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.17-379.1.x86_64.rpm php5-mysql-5.3.17-379.1.x86_64.rpm php5-mysql-debuginfo-5.3.17-379.1.x86_64.rpm php5-odbc-5.3.17-379.1.x86_64.rpm php5-odbc-debuginfo-5.3.17-379.1.x86_64.rpm php5-openssl-5.3.17-379.1.x86_64.rpm php5-openssl-debuginfo-5.3.17-379.1.x86_64.rpm php5-pcntl-5.3.17-379.1.x86_64.rpm php5-pcntl-debuginfo-5.3.17-379.1.x86_64.rpm php5-pdo-5.3.17-379.1.x86_64.rpm php5-pdo-debuginfo-5.3.17-379.1.x86_64.rpm php5-pear-5.3.17-379.1.x86_64.rpm php5-pgsql-5.3.17-379.1.x86_64.rpm php5-pgsql-debuginfo-5.3.17-379.1.x86_64.rpm php5-phar-5.3.17-379.1.x86_64.rpm php5-phar-debuginfo-5.3.17-379.1.x86_64.rpm php5-posix-5.3.17-379.1.x86_64.rpm php5-posix-debuginfo-5.3.17-379.1.x86_64.rpm php5-pspell-5.3.17-379.1.x86_64.rpm php5-pspell-debuginfo-5.3.17-379.1.x86_64.rpm php5-readline-5.3.17-379.1.x86_64.rpm php5-readline-debuginfo-5.3.17-379.1.x86_64.rpm php5-shmop-5.3.17-379.1.x86_64.rpm php5-shmop-debuginfo-5.3.17-379.1.x86_64.rpm php5-snmp-5.3.17-379.1.x86_64.rpm php5-snmp-debuginfo-5.3.17-379.1.x86_64.rpm php5-soap-5.3.17-379.1.x86_64.rpm php5-soap-debuginfo-5.3.17-379.1.x86_64.rpm php5-sockets-5.3.17-379.1.x86_64.rpm php5-sockets-debuginfo-5.3.17-379.1.x86_64.rpm php5-sqlite-5.3.17-379.1.x86_64.rpm php5-sqlite-debuginfo-5.3.17-379.1.x86_64.rpm php5-suhosin-5.3.17-379.1.x86_64.rpm php5-suhosin-debuginfo-5.3.17-379.1.x86_64.rpm php5-sysvmsg-5.3.17-379.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.17-379.1.x86_64.rpm php5-sysvsem-5.3.17-379.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.17-379.1.x86_64.rpm php5-sysvshm-5.3.17-379.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.17-379.1.x86_64.rpm php5-tidy-5.3.17-379.1.x86_64.rpm php5-tidy-debuginfo-5.3.17-379.1.x86_64.rpm php5-tokenizer-5.3.17-379.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.17-379.1.x86_64.rpm php5-wddx-5.3.17-379.1.x86_64.rpm php5-wddx-debuginfo-5.3.17-379.1.x86_64.rpm php5-xmlreader-5.3.17-379.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.17-379.1.x86_64.rpm php5-xmlrpc-5.3.17-379.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.17-379.1.x86_64.rpm php5-xmlwriter-5.3.17-379.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.17-379.1.x86_64.rpm php5-xsl-5.3.17-379.1.x86_64.rpm php5-xsl-debuginfo-5.3.17-379.1.x86_64.rpm php5-zip-5.3.17-379.1.x86_64.rpm php5-zip-debuginfo-5.3.17-379.1.x86_64.rpm php5-zlib-5.3.17-379.1.x86_64.rpm php5-zlib-debuginfo-5.3.17-379.1.x86_64.rpm 2014-87 critical openSUSE Evergreen 11.4 NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. libfreebl3-3.16.5-98.1.i586.rpm libfreebl3-32bit-3.16.5-98.1.x86_64.rpm libfreebl3-debuginfo-3.16.5-98.1.i586.rpm libfreebl3-debuginfo-32bit-3.16.5-98.1.x86_64.rpm libfreebl3-debuginfo-x86-3.16.5-98.1.ia64.rpm libfreebl3-x86-3.16.5-98.1.ia64.rpm libsoftokn3-3.16.5-98.1.i586.rpm libsoftokn3-32bit-3.16.5-98.1.x86_64.rpm libsoftokn3-debuginfo-3.16.5-98.1.i586.rpm libsoftokn3-debuginfo-32bit-3.16.5-98.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.16.5-98.1.ia64.rpm libsoftokn3-x86-3.16.5-98.1.ia64.rpm mozilla-nss-3.16.5-98.1.i586.rpm mozilla-nss-3.16.5-98.1.src.rpm mozilla-nss-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-certs-3.16.5-98.1.i586.rpm mozilla-nss-certs-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.5-98.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.16.5-98.1.ia64.rpm mozilla-nss-certs-x86-3.16.5-98.1.ia64.rpm mozilla-nss-debuginfo-3.16.5-98.1.i586.rpm mozilla-nss-debuginfo-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.16.5-98.1.ia64.rpm mozilla-nss-debugsource-3.16.5-98.1.i586.rpm mozilla-nss-devel-3.16.5-98.1.i586.rpm mozilla-nss-sysinit-3.16.5-98.1.i586.rpm mozilla-nss-sysinit-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.5-98.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.16.5-98.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.16.5-98.1.ia64.rpm mozilla-nss-sysinit-x86-3.16.5-98.1.ia64.rpm mozilla-nss-tools-3.16.5-98.1.i586.rpm mozilla-nss-tools-debuginfo-3.16.5-98.1.i586.rpm mozilla-nss-x86-3.16.5-98.1.ia64.rpm libfreebl3-3.16.5-98.1.x86_64.rpm libfreebl3-debuginfo-3.16.5-98.1.x86_64.rpm libsoftokn3-3.16.5-98.1.x86_64.rpm libsoftokn3-debuginfo-3.16.5-98.1.x86_64.rpm mozilla-nss-3.16.5-98.1.x86_64.rpm mozilla-nss-certs-3.16.5-98.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.16.5-98.1.x86_64.rpm mozilla-nss-debuginfo-3.16.5-98.1.x86_64.rpm mozilla-nss-debugsource-3.16.5-98.1.x86_64.rpm mozilla-nss-devel-3.16.5-98.1.x86_64.rpm mozilla-nss-sysinit-3.16.5-98.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.16.5-98.1.x86_64.rpm mozilla-nss-tools-3.16.5-98.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.16.5-98.1.x86_64.rpm 2014-86 important openSUSE Evergreen 11.4 This update fixes a bug in the bash shell that allows an attacker to execute arbitrary commands upon shell invocation if he can control the shell's environment. This is particularly dangerous if the shell is used as a cgi interpreter for a web server, or if the shell handles untrusted input inherited in the environment from other sources. bash-4.1-20.31.1.i586.rpm bash-4.1-20.31.1.src.rpm bash-debuginfo-32bit-4.1-20.31.1.x86_64.rpm bash-debuginfo-4.1-20.31.1.i586.rpm bash-debuginfo-x86-4.1-20.31.1.ia64.rpm bash-debugsource-4.1-20.31.1.i586.rpm bash-devel-4.1-18.31.1.i586.rpm bash-doc-4.1-18.31.1.noarch.rpm bash-lang-4.1-20.31.1.noarch.rpm bash-loadables-4.1-18.31.1.i586.rpm bash-loadables-debuginfo-4.1-18.31.1.i586.rpm bash-x86-4.1-20.31.1.ia64.rpm libreadline6-32bit-6.1-18.31.1.x86_64.rpm libreadline6-6.1-18.31.1.i586.rpm libreadline6-debuginfo-32bit-6.1-18.31.1.x86_64.rpm libreadline6-debuginfo-6.1-18.31.1.i586.rpm libreadline6-debuginfo-x86-6.1-18.31.1.ia64.rpm libreadline6-x86-6.1-18.31.1.ia64.rpm readline-devel-32bit-6.1-18.31.1.x86_64.rpm readline-devel-6.1-18.31.1.i586.rpm readline-doc-6.1-18.31.1.noarch.rpm bash-4.1-20.31.1.x86_64.rpm bash-debuginfo-4.1-20.31.1.x86_64.rpm bash-debugsource-4.1-20.31.1.x86_64.rpm bash-devel-4.1-18.31.1.x86_64.rpm bash-loadables-4.1-18.31.1.x86_64.rpm bash-loadables-debuginfo-4.1-18.31.1.x86_64.rpm libreadline6-6.1-18.31.1.x86_64.rpm libreadline6-debuginfo-6.1-18.31.1.x86_64.rpm readline-devel-6.1-18.31.1.x86_64.rpm 2012-20 critical openSUSE Evergreen 11.4 This version upgrade of flash-player fixed multiple unspecified code execution vulnerabilities. flash-player-11.2.202.258-35.1.i586.rpm flash-player-11.2.202.258-35.1.nosrc.rpm flash-player-gnome-11.2.202.258-35.1.i586.rpm flash-player-kde4-11.2.202.258-35.1.i586.rpm flash-player-11.2.202.258-35.1.x86_64.rpm flash-player-gnome-11.2.202.258-35.1.x86_64.rpm flash-player-kde4-11.2.202.258-35.1.x86_64.rpm 2014-88 moderate openSUSE Evergreen 11.4 CVE-2014-5459: It was reported that the pear utility insecurely used the /tmp/ directory for cache data. A local attacker could use this flaw to perform a symbolic link attack against a user (typically the root user) running a pear command, causing an arbitrary file to be overwritten, possibly leading to a denial of service. CVE-2014-3597: Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. apache2-mod_php5-5.3.17-383.1.i586.rpm apache2-mod_php5-debuginfo-5.3.17-383.1.i586.rpm php5-5.3.17-383.1.i586.rpm php5-5.3.17-383.1.src.rpm php5-bcmath-5.3.17-383.1.i586.rpm php5-bcmath-debuginfo-5.3.17-383.1.i586.rpm php5-bz2-5.3.17-383.1.i586.rpm php5-bz2-debuginfo-5.3.17-383.1.i586.rpm php5-calendar-5.3.17-383.1.i586.rpm php5-calendar-debuginfo-5.3.17-383.1.i586.rpm php5-ctype-5.3.17-383.1.i586.rpm php5-ctype-debuginfo-5.3.17-383.1.i586.rpm php5-curl-5.3.17-383.1.i586.rpm php5-curl-debuginfo-5.3.17-383.1.i586.rpm php5-dba-5.3.17-383.1.i586.rpm php5-dba-debuginfo-5.3.17-383.1.i586.rpm php5-debuginfo-5.3.17-383.1.i586.rpm php5-debugsource-5.3.17-383.1.i586.rpm php5-devel-5.3.17-383.1.i586.rpm php5-dom-5.3.17-383.1.i586.rpm php5-dom-debuginfo-5.3.17-383.1.i586.rpm php5-enchant-5.3.17-383.1.i586.rpm php5-enchant-debuginfo-5.3.17-383.1.i586.rpm php5-exif-5.3.17-383.1.i586.rpm php5-exif-debuginfo-5.3.17-383.1.i586.rpm php5-fastcgi-5.3.17-383.1.i586.rpm php5-fastcgi-debuginfo-5.3.17-383.1.i586.rpm php5-fileinfo-5.3.17-383.1.i586.rpm php5-fileinfo-debuginfo-5.3.17-383.1.i586.rpm php5-fpm-5.3.17-383.1.i586.rpm php5-fpm-debuginfo-5.3.17-383.1.i586.rpm php5-ftp-5.3.17-383.1.i586.rpm php5-ftp-debuginfo-5.3.17-383.1.i586.rpm php5-gd-5.3.17-383.1.i586.rpm php5-gd-debuginfo-5.3.17-383.1.i586.rpm php5-gettext-5.3.17-383.1.i586.rpm php5-gettext-debuginfo-5.3.17-383.1.i586.rpm php5-gmp-5.3.17-383.1.i586.rpm php5-gmp-debuginfo-5.3.17-383.1.i586.rpm php5-iconv-5.3.17-383.1.i586.rpm php5-iconv-debuginfo-5.3.17-383.1.i586.rpm php5-imap-5.3.17-383.1.i586.rpm php5-imap-debuginfo-5.3.17-383.1.i586.rpm php5-intl-5.3.17-383.1.i586.rpm php5-intl-debuginfo-5.3.17-383.1.i586.rpm php5-json-5.3.17-383.1.i586.rpm php5-json-debuginfo-5.3.17-383.1.i586.rpm php5-ldap-5.3.17-383.1.i586.rpm php5-ldap-debuginfo-5.3.17-383.1.i586.rpm php5-mbstring-5.3.17-383.1.i586.rpm php5-mbstring-debuginfo-5.3.17-383.1.i586.rpm php5-mcrypt-5.3.17-383.1.i586.rpm php5-mcrypt-debuginfo-5.3.17-383.1.i586.rpm php5-mysql-5.3.17-383.1.i586.rpm php5-mysql-debuginfo-5.3.17-383.1.i586.rpm php5-odbc-5.3.17-383.1.i586.rpm php5-odbc-debuginfo-5.3.17-383.1.i586.rpm php5-openssl-5.3.17-383.1.i586.rpm php5-openssl-debuginfo-5.3.17-383.1.i586.rpm php5-pcntl-5.3.17-383.1.i586.rpm php5-pcntl-debuginfo-5.3.17-383.1.i586.rpm php5-pdo-5.3.17-383.1.i586.rpm php5-pdo-debuginfo-5.3.17-383.1.i586.rpm php5-pear-5.3.17-383.1.i586.rpm php5-pgsql-5.3.17-383.1.i586.rpm php5-pgsql-debuginfo-5.3.17-383.1.i586.rpm php5-phar-5.3.17-383.1.i586.rpm php5-phar-debuginfo-5.3.17-383.1.i586.rpm php5-posix-5.3.17-383.1.i586.rpm php5-posix-debuginfo-5.3.17-383.1.i586.rpm php5-pspell-5.3.17-383.1.i586.rpm php5-pspell-debuginfo-5.3.17-383.1.i586.rpm php5-readline-5.3.17-383.1.i586.rpm php5-readline-debuginfo-5.3.17-383.1.i586.rpm php5-shmop-5.3.17-383.1.i586.rpm php5-shmop-debuginfo-5.3.17-383.1.i586.rpm php5-snmp-5.3.17-383.1.i586.rpm php5-snmp-debuginfo-5.3.17-383.1.i586.rpm php5-soap-5.3.17-383.1.i586.rpm php5-soap-debuginfo-5.3.17-383.1.i586.rpm php5-sockets-5.3.17-383.1.i586.rpm php5-sockets-debuginfo-5.3.17-383.1.i586.rpm php5-sqlite-5.3.17-383.1.i586.rpm php5-sqlite-debuginfo-5.3.17-383.1.i586.rpm php5-suhosin-5.3.17-383.1.i586.rpm php5-suhosin-debuginfo-5.3.17-383.1.i586.rpm php5-sysvmsg-5.3.17-383.1.i586.rpm php5-sysvmsg-debuginfo-5.3.17-383.1.i586.rpm php5-sysvsem-5.3.17-383.1.i586.rpm php5-sysvsem-debuginfo-5.3.17-383.1.i586.rpm php5-sysvshm-5.3.17-383.1.i586.rpm php5-sysvshm-debuginfo-5.3.17-383.1.i586.rpm php5-tidy-5.3.17-383.1.i586.rpm php5-tidy-debuginfo-5.3.17-383.1.i586.rpm php5-tokenizer-5.3.17-383.1.i586.rpm php5-tokenizer-debuginfo-5.3.17-383.1.i586.rpm php5-wddx-5.3.17-383.1.i586.rpm php5-wddx-debuginfo-5.3.17-383.1.i586.rpm php5-xmlreader-5.3.17-383.1.i586.rpm php5-xmlreader-debuginfo-5.3.17-383.1.i586.rpm php5-xmlrpc-5.3.17-383.1.i586.rpm php5-xmlrpc-debuginfo-5.3.17-383.1.i586.rpm php5-xmlwriter-5.3.17-383.1.i586.rpm php5-xmlwriter-debuginfo-5.3.17-383.1.i586.rpm php5-xsl-5.3.17-383.1.i586.rpm php5-xsl-debuginfo-5.3.17-383.1.i586.rpm php5-zip-5.3.17-383.1.i586.rpm php5-zip-debuginfo-5.3.17-383.1.i586.rpm php5-zlib-5.3.17-383.1.i586.rpm php5-zlib-debuginfo-5.3.17-383.1.i586.rpm apache2-mod_php5-5.3.17-383.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.17-383.1.x86_64.rpm php5-5.3.17-383.1.x86_64.rpm php5-bcmath-5.3.17-383.1.x86_64.rpm php5-bcmath-debuginfo-5.3.17-383.1.x86_64.rpm php5-bz2-5.3.17-383.1.x86_64.rpm php5-bz2-debuginfo-5.3.17-383.1.x86_64.rpm php5-calendar-5.3.17-383.1.x86_64.rpm php5-calendar-debuginfo-5.3.17-383.1.x86_64.rpm php5-ctype-5.3.17-383.1.x86_64.rpm php5-ctype-debuginfo-5.3.17-383.1.x86_64.rpm php5-curl-5.3.17-383.1.x86_64.rpm php5-curl-debuginfo-5.3.17-383.1.x86_64.rpm php5-dba-5.3.17-383.1.x86_64.rpm php5-dba-debuginfo-5.3.17-383.1.x86_64.rpm php5-debuginfo-5.3.17-383.1.x86_64.rpm php5-debugsource-5.3.17-383.1.x86_64.rpm php5-devel-5.3.17-383.1.x86_64.rpm php5-dom-5.3.17-383.1.x86_64.rpm php5-dom-debuginfo-5.3.17-383.1.x86_64.rpm php5-enchant-5.3.17-383.1.x86_64.rpm php5-enchant-debuginfo-5.3.17-383.1.x86_64.rpm php5-exif-5.3.17-383.1.x86_64.rpm php5-exif-debuginfo-5.3.17-383.1.x86_64.rpm php5-fastcgi-5.3.17-383.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.17-383.1.x86_64.rpm php5-fileinfo-5.3.17-383.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.17-383.1.x86_64.rpm php5-fpm-5.3.17-383.1.x86_64.rpm php5-fpm-debuginfo-5.3.17-383.1.x86_64.rpm php5-ftp-5.3.17-383.1.x86_64.rpm php5-ftp-debuginfo-5.3.17-383.1.x86_64.rpm php5-gd-5.3.17-383.1.x86_64.rpm php5-gd-debuginfo-5.3.17-383.1.x86_64.rpm php5-gettext-5.3.17-383.1.x86_64.rpm php5-gettext-debuginfo-5.3.17-383.1.x86_64.rpm php5-gmp-5.3.17-383.1.x86_64.rpm php5-gmp-debuginfo-5.3.17-383.1.x86_64.rpm php5-iconv-5.3.17-383.1.x86_64.rpm php5-iconv-debuginfo-5.3.17-383.1.x86_64.rpm php5-imap-5.3.17-383.1.x86_64.rpm php5-imap-debuginfo-5.3.17-383.1.x86_64.rpm php5-intl-5.3.17-383.1.x86_64.rpm php5-intl-debuginfo-5.3.17-383.1.x86_64.rpm php5-json-5.3.17-383.1.x86_64.rpm php5-json-debuginfo-5.3.17-383.1.x86_64.rpm php5-ldap-5.3.17-383.1.x86_64.rpm php5-ldap-debuginfo-5.3.17-383.1.x86_64.rpm php5-mbstring-5.3.17-383.1.x86_64.rpm php5-mbstring-debuginfo-5.3.17-383.1.x86_64.rpm php5-mcrypt-5.3.17-383.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.17-383.1.x86_64.rpm php5-mysql-5.3.17-383.1.x86_64.rpm php5-mysql-debuginfo-5.3.17-383.1.x86_64.rpm php5-odbc-5.3.17-383.1.x86_64.rpm php5-odbc-debuginfo-5.3.17-383.1.x86_64.rpm php5-openssl-5.3.17-383.1.x86_64.rpm php5-openssl-debuginfo-5.3.17-383.1.x86_64.rpm php5-pcntl-5.3.17-383.1.x86_64.rpm php5-pcntl-debuginfo-5.3.17-383.1.x86_64.rpm php5-pdo-5.3.17-383.1.x86_64.rpm php5-pdo-debuginfo-5.3.17-383.1.x86_64.rpm php5-pear-5.3.17-383.1.x86_64.rpm php5-pgsql-5.3.17-383.1.x86_64.rpm php5-pgsql-debuginfo-5.3.17-383.1.x86_64.rpm php5-phar-5.3.17-383.1.x86_64.rpm php5-phar-debuginfo-5.3.17-383.1.x86_64.rpm php5-posix-5.3.17-383.1.x86_64.rpm php5-posix-debuginfo-5.3.17-383.1.x86_64.rpm php5-pspell-5.3.17-383.1.x86_64.rpm php5-pspell-debuginfo-5.3.17-383.1.x86_64.rpm php5-readline-5.3.17-383.1.x86_64.rpm php5-readline-debuginfo-5.3.17-383.1.x86_64.rpm php5-shmop-5.3.17-383.1.x86_64.rpm php5-shmop-debuginfo-5.3.17-383.1.x86_64.rpm php5-snmp-5.3.17-383.1.x86_64.rpm php5-snmp-debuginfo-5.3.17-383.1.x86_64.rpm php5-soap-5.3.17-383.1.x86_64.rpm php5-soap-debuginfo-5.3.17-383.1.x86_64.rpm php5-sockets-5.3.17-383.1.x86_64.rpm php5-sockets-debuginfo-5.3.17-383.1.x86_64.rpm php5-sqlite-5.3.17-383.1.x86_64.rpm php5-sqlite-debuginfo-5.3.17-383.1.x86_64.rpm php5-suhosin-5.3.17-383.1.x86_64.rpm php5-suhosin-debuginfo-5.3.17-383.1.x86_64.rpm php5-sysvmsg-5.3.17-383.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.17-383.1.x86_64.rpm php5-sysvsem-5.3.17-383.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.17-383.1.x86_64.rpm php5-sysvshm-5.3.17-383.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.17-383.1.x86_64.rpm php5-tidy-5.3.17-383.1.x86_64.rpm php5-tidy-debuginfo-5.3.17-383.1.x86_64.rpm php5-tokenizer-5.3.17-383.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.17-383.1.x86_64.rpm php5-wddx-5.3.17-383.1.x86_64.rpm php5-wddx-debuginfo-5.3.17-383.1.x86_64.rpm php5-xmlreader-5.3.17-383.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.17-383.1.x86_64.rpm php5-xmlrpc-5.3.17-383.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.17-383.1.x86_64.rpm php5-xmlwriter-5.3.17-383.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.17-383.1.x86_64.rpm php5-xsl-5.3.17-383.1.x86_64.rpm php5-xsl-debuginfo-5.3.17-383.1.x86_64.rpm php5-zip-5.3.17-383.1.x86_64.rpm php5-zip-debuginfo-5.3.17-383.1.x86_64.rpm php5-zlib-5.3.17-383.1.x86_64.rpm php5-zlib-debuginfo-5.3.17-383.1.x86_64.rpm 2014-90 important openSUSE Evergreen 11.4 This update for bash completely disables the importing of shell functions from the environment and thereby remove the exposure of the parser from untrusted/harmful environment. bash-4.1-20.35.1.i586.rpm bash-4.1-20.35.1.src.rpm bash-debuginfo-32bit-4.1-20.35.1.x86_64.rpm bash-debuginfo-4.1-20.35.1.i586.rpm bash-debuginfo-x86-4.1-20.35.1.ia64.rpm bash-debugsource-4.1-20.35.1.i586.rpm bash-devel-4.1-18.35.1.i586.rpm bash-doc-4.1-18.35.1.noarch.rpm bash-lang-4.1-20.35.1.noarch.rpm bash-loadables-4.1-18.35.1.i586.rpm bash-loadables-debuginfo-4.1-18.35.1.i586.rpm bash-x86-4.1-20.35.1.ia64.rpm libreadline6-32bit-6.1-18.35.1.x86_64.rpm libreadline6-6.1-18.35.1.i586.rpm libreadline6-debuginfo-32bit-6.1-18.35.1.x86_64.rpm libreadline6-debuginfo-6.1-18.35.1.i586.rpm libreadline6-debuginfo-x86-6.1-18.35.1.ia64.rpm libreadline6-x86-6.1-18.35.1.ia64.rpm readline-devel-32bit-6.1-18.35.1.x86_64.rpm readline-devel-6.1-18.35.1.i586.rpm readline-doc-6.1-18.35.1.noarch.rpm bash-4.1-20.35.1.x86_64.rpm bash-debuginfo-4.1-20.35.1.x86_64.rpm bash-debugsource-4.1-20.35.1.x86_64.rpm bash-devel-4.1-18.35.1.x86_64.rpm bash-loadables-4.1-18.35.1.x86_64.rpm bash-loadables-debuginfo-4.1-18.35.1.x86_64.rpm libreadline6-6.1-18.35.1.x86_64.rpm libreadline6-debuginfo-6.1-18.35.1.x86_64.rpm readline-devel-6.1-18.35.1.x86_64.rpm 2014-91 critical openSUSE Evergreen 11.4 Flash player was updated to latest version 11.2.202.424 which provide additional hardening against CVE-2014-8439. flash-player-11.2.202.424-131.1.i586.rpm flash-player-11.2.202.424-131.1.nosrc.rpm flash-player-gnome-11.2.202.424-131.1.i586.rpm flash-player-kde4-11.2.202.424-131.1.i586.rpm flash-player-11.2.202.424-131.1.x86_64.rpm flash-player-gnome-11.2.202.424-131.1.x86_64.rpm flash-player-kde4-11.2.202.424-131.1.x86_64.rpm 2014-93 important openSUSE Evergreen 11.4 This patch contains a fix for Firebird server crashes when handling a malformed network packet. firebird-2.1.3.18185.0-20.1.i586.rpm firebird-2.1.3.18185.0-20.1.src.rpm firebird-classic-2.1.3.18185.0-20.1.i586.rpm firebird-classic-debuginfo-2.1.3.18185.0-20.1.i586.rpm firebird-debuginfo-2.1.3.18185.0-20.1.i586.rpm firebird-debugsource-2.1.3.18185.0-20.1.i586.rpm firebird-devel-2.1.3.18185.0-20.1.i586.rpm firebird-devel-debuginfo-2.1.3.18185.0-20.1.i586.rpm firebird-doc-2.1.3.18185.0-20.1.i586.rpm firebird-filesystem-2.1.3.18185.0-20.1.i586.rpm firebird-superserver-2.1.3.18185.0-20.1.i586.rpm firebird-superserver-debuginfo-2.1.3.18185.0-20.1.i586.rpm libfbclient2-2.1.3.18185.0-20.1.i586.rpm libfbclient2-debuginfo-2.1.3.18185.0-20.1.i586.rpm libfbembed2-2.1.3.18185.0-20.1.i586.rpm libfbembed2-debuginfo-2.1.3.18185.0-20.1.i586.rpm firebird-2.1.3.18185.0-20.1.x86_64.rpm firebird-classic-2.1.3.18185.0-20.1.x86_64.rpm firebird-classic-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm firebird-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm firebird-debugsource-2.1.3.18185.0-20.1.x86_64.rpm firebird-devel-2.1.3.18185.0-20.1.x86_64.rpm firebird-devel-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm firebird-doc-2.1.3.18185.0-20.1.x86_64.rpm firebird-filesystem-2.1.3.18185.0-20.1.x86_64.rpm firebird-superserver-2.1.3.18185.0-20.1.x86_64.rpm firebird-superserver-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm libfbclient2-2.1.3.18185.0-20.1.x86_64.rpm libfbclient2-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm libfbembed2-2.1.3.18185.0-20.1.x86_64.rpm libfbembed2-debuginfo-2.1.3.18185.0-20.1.x86_64.rpm 2014-92 critical openSUSE Evergreen 11.4 Flash-player was updated to version 11.2.202.245 fixing numerous vulnerabilities: *memory corruption vulnerabilities that could lead to code execution (CVE-2014-0587, CVE-2014-9164). *use-after-free vulnerability that could lead to code execution (CVE-2014-8443). *stack-based buffer overflow vulnerability that could lead to code execution (CVE-2014-9163). *information disclosure vulnerability (CVE-2014-9162). *vulnerability that could be exploited to circumvent the same-origin policy (CVE-2014-0580). flash-player-11.2.202.425-135.1.i586.rpm flash-player-11.2.202.425-135.1.nosrc.rpm flash-player-gnome-11.2.202.425-135.1.i586.rpm flash-player-kde4-11.2.202.425-135.1.i586.rpm flash-player-11.2.202.425-135.1.x86_64.rpm flash-player-gnome-11.2.202.425-135.1.x86_64.rpm flash-player-kde4-11.2.202.425-135.1.x86_64.rpm 2014-94 important openSUSE Evergreen 11.4 clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files (CVE-2013-6497). - Heap-based buffer overflow when scanning crypted PE files (CVE-2014-9050). The following non-security issues were fixed: - Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. - Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. - Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs. - Resolution of many of the warning messages from ClamAV compilation. - Improved detection of malicious PE files. - ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode (bnc#904207). - Fix server socket setup code in clamd (bnc#903489). clamav-0.98.5-37.1.i586.rpm clamav-0.98.5-37.1.src.rpm clamav-db-0.98.5-37.1.noarch.rpm clamav-debuginfo-0.98.5-37.1.i586.rpm clamav-debugsource-0.98.5-37.1.i586.rpm clamav-0.98.5-37.1.x86_64.rpm clamav-debuginfo-0.98.5-37.1.x86_64.rpm clamav-debugsource-0.98.5-37.1.x86_64.rpm 2014-95 critical openSUSE Evergreen 11.4 The network timeservice ntp was updated to fix critical security issues (bnc#910764, CERT VU#852879) * A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure() where updated to avoid buffer overflows that could be exploited. (CVE-2014-9295) * Furthermore a problem inside the ntpd error handling was found that is missing a return statement. This could also lead to a potentially attack vector. (CVE-2014-9296) ntp-4.2.6p3-6.28.1.i586.rpm ntp-4.2.6p3-6.28.1.src.rpm ntp-debuginfo-4.2.6p3-6.28.1.i586.rpm ntp-debugsource-4.2.6p3-6.28.1.i586.rpm ntp-doc-4.2.6p3-6.28.1.i586.rpm ntp-4.2.6p3-6.28.1.x86_64.rpm ntp-debuginfo-4.2.6p3-6.28.1.x86_64.rpm ntp-debugsource-4.2.6p3-6.28.1.x86_64.rpm ntp-doc-4.2.6p3-6.28.1.x86_64.rpm 2014-97 important openSUSE Evergreen 11.4 Kernel update for Evergreen 11.4, fixes * CVE-2014-8133 * CVE-2014-9090 * CVE-2014-9322 kernel-debug-3.0.101-95.1.i586.rpm True kernel-debug-3.0.101-95.1.nosrc.rpm True kernel-debug-base-3.0.101-95.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-debug-debuginfo-3.0.101-95.1.i586.rpm True kernel-debug-debugsource-3.0.101-95.1.i586.rpm True kernel-debug-devel-3.0.101-95.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-debug-hmac-3.0.101-95.1.i586.rpm True kernel-default-3.0.101-95.1.i586.rpm True kernel-default-3.0.101-95.1.nosrc.rpm True kernel-default-base-3.0.101-95.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-default-debuginfo-3.0.101-95.1.i586.rpm True kernel-default-debugsource-3.0.101-95.1.i586.rpm True kernel-default-devel-3.0.101-95.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-default-hmac-3.0.101-95.1.i586.rpm True kernel-desktop-3.0.101-95.1.i586.rpm True kernel-desktop-3.0.101-95.1.nosrc.rpm True kernel-desktop-base-3.0.101-95.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-95.1.i586.rpm True kernel-desktop-debugsource-3.0.101-95.1.i586.rpm True kernel-desktop-devel-3.0.101-95.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-desktop-hmac-3.0.101-95.1.i586.rpm True kernel-docs-3.0.101-95.2.noarch.rpm True kernel-docs-3.0.101-95.2.src.rpm True kernel-ec2-3.0.101-95.1.i586.rpm True kernel-ec2-3.0.101-95.1.nosrc.rpm True kernel-ec2-base-3.0.101-95.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-95.1.i586.rpm True kernel-ec2-debugsource-3.0.101-95.1.i586.rpm True kernel-ec2-devel-3.0.101-95.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-ec2-extra-3.0.101-95.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-95.1.i586.rpm True kernel-ec2-hmac-3.0.101-95.1.i586.rpm True kernel-pae-3.0.101-95.1.i586.rpm True kernel-pae-3.0.101-95.1.nosrc.rpm True kernel-pae-base-3.0.101-95.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-pae-debuginfo-3.0.101-95.1.i586.rpm True kernel-pae-debugsource-3.0.101-95.1.i586.rpm True kernel-pae-devel-3.0.101-95.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-pae-hmac-3.0.101-95.1.i586.rpm True kernel-source-3.0.101-95.1.i586.rpm True kernel-source-3.0.101-95.1.src.rpm True kernel-source-vanilla-3.0.101-95.1.i586.rpm True kernel-syms-3.0.101-95.1.i586.rpm True kernel-syms-3.0.101-95.1.src.rpm True kernel-trace-3.0.101-95.1.i586.rpm True kernel-trace-3.0.101-95.1.nosrc.rpm True kernel-trace-base-3.0.101-95.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-trace-debuginfo-3.0.101-95.1.i586.rpm True kernel-trace-debugsource-3.0.101-95.1.i586.rpm True kernel-trace-devel-3.0.101-95.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-trace-hmac-3.0.101-95.1.i586.rpm True kernel-vanilla-3.0.101-95.1.i586.rpm True kernel-vanilla-3.0.101-95.1.nosrc.rpm True kernel-vanilla-base-3.0.101-95.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-95.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-95.1.i586.rpm True kernel-vanilla-devel-3.0.101-95.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-vanilla-hmac-3.0.101-95.1.i586.rpm True kernel-vmi-3.0.101-95.1.i586.rpm True kernel-vmi-3.0.101-95.1.nosrc.rpm True kernel-vmi-base-3.0.101-95.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-95.1.i586.rpm True kernel-vmi-debugsource-3.0.101-95.1.i586.rpm True kernel-vmi-devel-3.0.101-95.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-vmi-hmac-3.0.101-95.1.i586.rpm True kernel-xen-3.0.101-95.1.i586.rpm True kernel-xen-3.0.101-95.1.nosrc.rpm True kernel-xen-base-3.0.101-95.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-95.1.i586.rpm True kernel-xen-debuginfo-3.0.101-95.1.i586.rpm True kernel-xen-debugsource-3.0.101-95.1.i586.rpm True kernel-xen-devel-3.0.101-95.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-95.1.i586.rpm True kernel-xen-hmac-3.0.101-95.1.i586.rpm True preload-1.2-6.73.1.i586.rpm True preload-1.2-6.73.1.src.rpm True preload-debuginfo-1.2-6.73.1.i586.rpm True preload-debugsource-1.2-6.73.1.i586.rpm True preload-kmp-default-1.2_3.0.101_95-6.73.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_95-6.73.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_95-6.73.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_95-6.73.1.i586.rpm True kernel-debug-3.0.101-95.1.x86_64.rpm True kernel-debug-base-3.0.101-95.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-95.1.x86_64.rpm True kernel-debug-devel-3.0.101-95.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-debug-hmac-3.0.101-95.1.x86_64.rpm True kernel-default-3.0.101-95.1.x86_64.rpm True kernel-default-base-3.0.101-95.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-default-debugsource-3.0.101-95.1.x86_64.rpm True kernel-default-devel-3.0.101-95.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-default-hmac-3.0.101-95.1.x86_64.rpm True kernel-desktop-3.0.101-95.1.x86_64.rpm True kernel-desktop-base-3.0.101-95.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-95.1.x86_64.rpm True kernel-desktop-devel-3.0.101-95.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-95.1.x86_64.rpm True kernel-ec2-3.0.101-95.1.x86_64.rpm True kernel-ec2-base-3.0.101-95.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-95.1.x86_64.rpm True kernel-ec2-devel-3.0.101-95.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-ec2-extra-3.0.101-95.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-95.1.x86_64.rpm True kernel-source-3.0.101-95.1.x86_64.rpm True kernel-source-vanilla-3.0.101-95.1.x86_64.rpm True kernel-syms-3.0.101-95.1.x86_64.rpm True kernel-trace-3.0.101-95.1.x86_64.rpm True kernel-trace-base-3.0.101-95.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-95.1.x86_64.rpm True kernel-trace-devel-3.0.101-95.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-trace-hmac-3.0.101-95.1.x86_64.rpm True kernel-vanilla-3.0.101-95.1.x86_64.rpm True kernel-vanilla-base-3.0.101-95.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-95.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-95.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-95.1.x86_64.rpm True kernel-xen-3.0.101-95.1.x86_64.rpm True kernel-xen-base-3.0.101-95.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-95.1.x86_64.rpm True kernel-xen-devel-3.0.101-95.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-95.1.x86_64.rpm True kernel-xen-hmac-3.0.101-95.1.x86_64.rpm True preload-1.2-6.73.1.x86_64.rpm True preload-debuginfo-1.2-6.73.1.x86_64.rpm True preload-debugsource-1.2-6.73.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_95-6.73.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_95-6.73.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_95-6.73.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_95-6.73.1.x86_64.rpm True 2014-98 moderate openSUSE Evergreen 11.4 This update fixes the following security issues: bnc#863741 (CVE-2014-1912): Fixed potential buffer overflow in socket.recvfrom_into bnc#884075 (CVE-2014-4616): Missing boundary check in JSON module bnc#885882 (CVE-2014-4650): CGIHTTPServer file disclosure and directory traversal through URL-encoded characters remove link count optimizations that are incorrect on btrfs (and possibly other filesystems) bnc#898572 (CVE-2014-7185): potential wraparound/overflow in buffer() bnc#901715: Disable SSL2 by default libpython2_7-1_0-2.7.3-56.1.i586.rpm libpython2_7-1_0-32bit-2.7.3-56.1.x86_64.rpm libpython2_7-1_0-debuginfo-2.7.3-56.1.i586.rpm libpython2_7-1_0-debuginfo-32bit-2.7.3-56.1.x86_64.rpm libpython2_7-1_0-debuginfo-x86-2.7.3-56.1.ia64.rpm libpython2_7-1_0-x86-2.7.3-56.1.ia64.rpm python-base-2.7.3-56.1.i586.rpm python-base-2.7.3-56.1.src.rpm python-base-32bit-2.7.3-56.1.x86_64.rpm python-base-debuginfo-2.7.3-56.1.i586.rpm python-base-debuginfo-32bit-2.7.3-56.1.x86_64.rpm python-base-debuginfo-x86-2.7.3-56.1.ia64.rpm python-base-debugsource-2.7.3-56.1.i586.rpm python-base-x86-2.7.3-56.1.ia64.rpm python-devel-2.7.3-56.1.i586.rpm python-xml-2.7.3-56.1.i586.rpm python-xml-debuginfo-2.7.3-56.1.i586.rpm python-doc-2.7-56.1.noarch.rpm python-doc-2.7-56.1.src.rpm python-doc-pdf-2.7-56.1.noarch.rpm python-2.7.3-56.1.i586.rpm python-2.7.3-56.1.src.rpm python-32bit-2.7.3-56.1.x86_64.rpm python-curses-2.7.3-56.1.i586.rpm python-curses-debuginfo-2.7.3-56.1.i586.rpm python-debuginfo-2.7.3-56.1.i586.rpm python-debuginfo-32bit-2.7.3-56.1.x86_64.rpm python-debuginfo-x86-2.7.3-56.1.ia64.rpm python-debugsource-2.7.3-56.1.i586.rpm python-demo-2.7.3-56.1.i586.rpm python-gdbm-2.7.3-56.1.i586.rpm python-gdbm-debuginfo-2.7.3-56.1.i586.rpm python-idle-2.7.3-56.1.i586.rpm python-tk-2.7.3-56.1.i586.rpm python-tk-debuginfo-2.7.3-56.1.i586.rpm python-x86-2.7.3-56.1.ia64.rpm libpython2_7-1_0-2.7.3-56.1.x86_64.rpm libpython2_7-1_0-debuginfo-2.7.3-56.1.x86_64.rpm python-base-2.7.3-56.1.x86_64.rpm python-base-debuginfo-2.7.3-56.1.x86_64.rpm python-base-debugsource-2.7.3-56.1.x86_64.rpm python-devel-2.7.3-56.1.x86_64.rpm python-xml-2.7.3-56.1.x86_64.rpm python-xml-debuginfo-2.7.3-56.1.x86_64.rpm python-2.7.3-56.1.x86_64.rpm python-curses-2.7.3-56.1.x86_64.rpm python-curses-debuginfo-2.7.3-56.1.x86_64.rpm python-debuginfo-2.7.3-56.1.x86_64.rpm python-debugsource-2.7.3-56.1.x86_64.rpm python-demo-2.7.3-56.1.x86_64.rpm python-gdbm-2.7.3-56.1.x86_64.rpm python-gdbm-debuginfo-2.7.3-56.1.x86_64.rpm python-idle-2.7.3-56.1.x86_64.rpm python-tk-2.7.3-56.1.x86_64.rpm python-tk-debuginfo-2.7.3-56.1.x86_64.rpm 2014-96 moderate openSUSE Evergreen 11.4 - security update: * CVE-2014-3670 [bnc#902357] * CVE-2014-3669 [bnc#902360] * CVE-2014-3668 [bnc#902368] - added patches: * php-CVE-2014-3670.patch * php-CVE-2014-3669.patch * php-CVE-2014-3668.patch apache2-mod_php5-5.3.17-387.1.i586.rpm apache2-mod_php5-debuginfo-5.3.17-387.1.i586.rpm php5-5.3.17-387.1.i586.rpm php5-5.3.17-387.1.src.rpm php5-bcmath-5.3.17-387.1.i586.rpm php5-bcmath-debuginfo-5.3.17-387.1.i586.rpm php5-bz2-5.3.17-387.1.i586.rpm php5-bz2-debuginfo-5.3.17-387.1.i586.rpm php5-calendar-5.3.17-387.1.i586.rpm php5-calendar-debuginfo-5.3.17-387.1.i586.rpm php5-ctype-5.3.17-387.1.i586.rpm php5-ctype-debuginfo-5.3.17-387.1.i586.rpm php5-curl-5.3.17-387.1.i586.rpm php5-curl-debuginfo-5.3.17-387.1.i586.rpm php5-dba-5.3.17-387.1.i586.rpm php5-dba-debuginfo-5.3.17-387.1.i586.rpm php5-debuginfo-5.3.17-387.1.i586.rpm php5-debugsource-5.3.17-387.1.i586.rpm php5-devel-5.3.17-387.1.i586.rpm php5-dom-5.3.17-387.1.i586.rpm php5-dom-debuginfo-5.3.17-387.1.i586.rpm php5-enchant-5.3.17-387.1.i586.rpm php5-enchant-debuginfo-5.3.17-387.1.i586.rpm php5-exif-5.3.17-387.1.i586.rpm php5-exif-debuginfo-5.3.17-387.1.i586.rpm php5-fastcgi-5.3.17-387.1.i586.rpm php5-fastcgi-debuginfo-5.3.17-387.1.i586.rpm php5-fileinfo-5.3.17-387.1.i586.rpm php5-fileinfo-debuginfo-5.3.17-387.1.i586.rpm php5-fpm-5.3.17-387.1.i586.rpm php5-fpm-debuginfo-5.3.17-387.1.i586.rpm php5-ftp-5.3.17-387.1.i586.rpm php5-ftp-debuginfo-5.3.17-387.1.i586.rpm php5-gd-5.3.17-387.1.i586.rpm php5-gd-debuginfo-5.3.17-387.1.i586.rpm php5-gettext-5.3.17-387.1.i586.rpm php5-gettext-debuginfo-5.3.17-387.1.i586.rpm php5-gmp-5.3.17-387.1.i586.rpm php5-gmp-debuginfo-5.3.17-387.1.i586.rpm php5-iconv-5.3.17-387.1.i586.rpm php5-iconv-debuginfo-5.3.17-387.1.i586.rpm php5-imap-5.3.17-387.1.i586.rpm php5-imap-debuginfo-5.3.17-387.1.i586.rpm php5-intl-5.3.17-387.1.i586.rpm php5-intl-debuginfo-5.3.17-387.1.i586.rpm php5-json-5.3.17-387.1.i586.rpm php5-json-debuginfo-5.3.17-387.1.i586.rpm php5-ldap-5.3.17-387.1.i586.rpm php5-ldap-debuginfo-5.3.17-387.1.i586.rpm php5-mbstring-5.3.17-387.1.i586.rpm php5-mbstring-debuginfo-5.3.17-387.1.i586.rpm php5-mcrypt-5.3.17-387.1.i586.rpm php5-mcrypt-debuginfo-5.3.17-387.1.i586.rpm php5-mysql-5.3.17-387.1.i586.rpm php5-mysql-debuginfo-5.3.17-387.1.i586.rpm php5-odbc-5.3.17-387.1.i586.rpm php5-odbc-debuginfo-5.3.17-387.1.i586.rpm php5-openssl-5.3.17-387.1.i586.rpm php5-openssl-debuginfo-5.3.17-387.1.i586.rpm php5-pcntl-5.3.17-387.1.i586.rpm php5-pcntl-debuginfo-5.3.17-387.1.i586.rpm php5-pdo-5.3.17-387.1.i586.rpm php5-pdo-debuginfo-5.3.17-387.1.i586.rpm php5-pear-5.3.17-387.1.noarch.rpm php5-pgsql-5.3.17-387.1.i586.rpm php5-pgsql-debuginfo-5.3.17-387.1.i586.rpm php5-phar-5.3.17-387.1.i586.rpm php5-phar-debuginfo-5.3.17-387.1.i586.rpm php5-posix-5.3.17-387.1.i586.rpm php5-posix-debuginfo-5.3.17-387.1.i586.rpm php5-pspell-5.3.17-387.1.i586.rpm php5-pspell-debuginfo-5.3.17-387.1.i586.rpm php5-readline-5.3.17-387.1.i586.rpm php5-readline-debuginfo-5.3.17-387.1.i586.rpm php5-shmop-5.3.17-387.1.i586.rpm php5-shmop-debuginfo-5.3.17-387.1.i586.rpm php5-snmp-5.3.17-387.1.i586.rpm php5-snmp-debuginfo-5.3.17-387.1.i586.rpm php5-soap-5.3.17-387.1.i586.rpm php5-soap-debuginfo-5.3.17-387.1.i586.rpm php5-sockets-5.3.17-387.1.i586.rpm php5-sockets-debuginfo-5.3.17-387.1.i586.rpm php5-sqlite-5.3.17-387.1.i586.rpm php5-sqlite-debuginfo-5.3.17-387.1.i586.rpm php5-suhosin-5.3.17-387.1.i586.rpm php5-suhosin-debuginfo-5.3.17-387.1.i586.rpm php5-sysvmsg-5.3.17-387.1.i586.rpm php5-sysvmsg-debuginfo-5.3.17-387.1.i586.rpm php5-sysvsem-5.3.17-387.1.i586.rpm php5-sysvsem-debuginfo-5.3.17-387.1.i586.rpm php5-sysvshm-5.3.17-387.1.i586.rpm php5-sysvshm-debuginfo-5.3.17-387.1.i586.rpm php5-tidy-5.3.17-387.1.i586.rpm php5-tidy-debuginfo-5.3.17-387.1.i586.rpm php5-tokenizer-5.3.17-387.1.i586.rpm php5-tokenizer-debuginfo-5.3.17-387.1.i586.rpm php5-wddx-5.3.17-387.1.i586.rpm php5-wddx-debuginfo-5.3.17-387.1.i586.rpm php5-xmlreader-5.3.17-387.1.i586.rpm php5-xmlreader-debuginfo-5.3.17-387.1.i586.rpm php5-xmlrpc-5.3.17-387.1.i586.rpm php5-xmlrpc-debuginfo-5.3.17-387.1.i586.rpm php5-xmlwriter-5.3.17-387.1.i586.rpm php5-xmlwriter-debuginfo-5.3.17-387.1.i586.rpm php5-xsl-5.3.17-387.1.i586.rpm php5-xsl-debuginfo-5.3.17-387.1.i586.rpm php5-zip-5.3.17-387.1.i586.rpm php5-zip-debuginfo-5.3.17-387.1.i586.rpm php5-zlib-5.3.17-387.1.i586.rpm php5-zlib-debuginfo-5.3.17-387.1.i586.rpm apache2-mod_php5-5.3.17-387.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.17-387.1.x86_64.rpm php5-5.3.17-387.1.x86_64.rpm php5-bcmath-5.3.17-387.1.x86_64.rpm php5-bcmath-debuginfo-5.3.17-387.1.x86_64.rpm php5-bz2-5.3.17-387.1.x86_64.rpm php5-bz2-debuginfo-5.3.17-387.1.x86_64.rpm php5-calendar-5.3.17-387.1.x86_64.rpm php5-calendar-debuginfo-5.3.17-387.1.x86_64.rpm php5-ctype-5.3.17-387.1.x86_64.rpm php5-ctype-debuginfo-5.3.17-387.1.x86_64.rpm php5-curl-5.3.17-387.1.x86_64.rpm php5-curl-debuginfo-5.3.17-387.1.x86_64.rpm php5-dba-5.3.17-387.1.x86_64.rpm php5-dba-debuginfo-5.3.17-387.1.x86_64.rpm php5-debuginfo-5.3.17-387.1.x86_64.rpm php5-debugsource-5.3.17-387.1.x86_64.rpm php5-devel-5.3.17-387.1.x86_64.rpm php5-dom-5.3.17-387.1.x86_64.rpm php5-dom-debuginfo-5.3.17-387.1.x86_64.rpm php5-enchant-5.3.17-387.1.x86_64.rpm php5-enchant-debuginfo-5.3.17-387.1.x86_64.rpm php5-exif-5.3.17-387.1.x86_64.rpm php5-exif-debuginfo-5.3.17-387.1.x86_64.rpm php5-fastcgi-5.3.17-387.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.17-387.1.x86_64.rpm php5-fileinfo-5.3.17-387.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.17-387.1.x86_64.rpm php5-fpm-5.3.17-387.1.x86_64.rpm php5-fpm-debuginfo-5.3.17-387.1.x86_64.rpm php5-ftp-5.3.17-387.1.x86_64.rpm php5-ftp-debuginfo-5.3.17-387.1.x86_64.rpm php5-gd-5.3.17-387.1.x86_64.rpm php5-gd-debuginfo-5.3.17-387.1.x86_64.rpm php5-gettext-5.3.17-387.1.x86_64.rpm php5-gettext-debuginfo-5.3.17-387.1.x86_64.rpm php5-gmp-5.3.17-387.1.x86_64.rpm php5-gmp-debuginfo-5.3.17-387.1.x86_64.rpm php5-iconv-5.3.17-387.1.x86_64.rpm php5-iconv-debuginfo-5.3.17-387.1.x86_64.rpm php5-imap-5.3.17-387.1.x86_64.rpm php5-imap-debuginfo-5.3.17-387.1.x86_64.rpm php5-intl-5.3.17-387.1.x86_64.rpm php5-intl-debuginfo-5.3.17-387.1.x86_64.rpm php5-json-5.3.17-387.1.x86_64.rpm php5-json-debuginfo-5.3.17-387.1.x86_64.rpm php5-ldap-5.3.17-387.1.x86_64.rpm php5-ldap-debuginfo-5.3.17-387.1.x86_64.rpm php5-mbstring-5.3.17-387.1.x86_64.rpm php5-mbstring-debuginfo-5.3.17-387.1.x86_64.rpm php5-mcrypt-5.3.17-387.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.17-387.1.x86_64.rpm php5-mysql-5.3.17-387.1.x86_64.rpm php5-mysql-debuginfo-5.3.17-387.1.x86_64.rpm php5-odbc-5.3.17-387.1.x86_64.rpm php5-odbc-debuginfo-5.3.17-387.1.x86_64.rpm php5-openssl-5.3.17-387.1.x86_64.rpm php5-openssl-debuginfo-5.3.17-387.1.x86_64.rpm php5-pcntl-5.3.17-387.1.x86_64.rpm php5-pcntl-debuginfo-5.3.17-387.1.x86_64.rpm php5-pdo-5.3.17-387.1.x86_64.rpm php5-pdo-debuginfo-5.3.17-387.1.x86_64.rpm php5-pgsql-5.3.17-387.1.x86_64.rpm php5-pgsql-debuginfo-5.3.17-387.1.x86_64.rpm php5-phar-5.3.17-387.1.x86_64.rpm php5-phar-debuginfo-5.3.17-387.1.x86_64.rpm php5-posix-5.3.17-387.1.x86_64.rpm php5-posix-debuginfo-5.3.17-387.1.x86_64.rpm php5-pspell-5.3.17-387.1.x86_64.rpm php5-pspell-debuginfo-5.3.17-387.1.x86_64.rpm php5-readline-5.3.17-387.1.x86_64.rpm php5-readline-debuginfo-5.3.17-387.1.x86_64.rpm php5-shmop-5.3.17-387.1.x86_64.rpm php5-shmop-debuginfo-5.3.17-387.1.x86_64.rpm php5-snmp-5.3.17-387.1.x86_64.rpm php5-snmp-debuginfo-5.3.17-387.1.x86_64.rpm php5-soap-5.3.17-387.1.x86_64.rpm php5-soap-debuginfo-5.3.17-387.1.x86_64.rpm php5-sockets-5.3.17-387.1.x86_64.rpm php5-sockets-debuginfo-5.3.17-387.1.x86_64.rpm php5-sqlite-5.3.17-387.1.x86_64.rpm php5-sqlite-debuginfo-5.3.17-387.1.x86_64.rpm php5-suhosin-5.3.17-387.1.x86_64.rpm php5-suhosin-debuginfo-5.3.17-387.1.x86_64.rpm php5-sysvmsg-5.3.17-387.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.17-387.1.x86_64.rpm php5-sysvsem-5.3.17-387.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.17-387.1.x86_64.rpm php5-sysvshm-5.3.17-387.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.17-387.1.x86_64.rpm php5-tidy-5.3.17-387.1.x86_64.rpm php5-tidy-debuginfo-5.3.17-387.1.x86_64.rpm php5-tokenizer-5.3.17-387.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.17-387.1.x86_64.rpm php5-wddx-5.3.17-387.1.x86_64.rpm php5-wddx-debuginfo-5.3.17-387.1.x86_64.rpm php5-xmlreader-5.3.17-387.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.17-387.1.x86_64.rpm php5-xmlrpc-5.3.17-387.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.17-387.1.x86_64.rpm php5-xmlwriter-5.3.17-387.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.17-387.1.x86_64.rpm php5-xsl-5.3.17-387.1.x86_64.rpm php5-xsl-debuginfo-5.3.17-387.1.x86_64.rpm php5-zip-5.3.17-387.1.x86_64.rpm php5-zip-debuginfo-5.3.17-387.1.x86_64.rpm php5-zlib-5.3.17-387.1.x86_64.rpm php5-zlib-debuginfo-5.3.17-387.1.x86_64.rpm 2012-25 important openSUSE Evergreen 11.4 XEN was updated to fix various denial of service issues. - bnc#789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26) - bnc#789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27) - bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28) - bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29) - bnc#789948 - CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30) - bnc#789950 - CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31) xen-4.0.3_05-49.1.i586.rpm True xen-4.0.3_05-49.1.src.rpm True xen-debugsource-4.0.3_05-49.1.i586.rpm True xen-devel-4.0.3_05-49.1.i586.rpm True xen-doc-html-4.0.3_05-49.1.i586.rpm True xen-doc-pdf-4.0.3_05-49.1.i586.rpm True xen-kmp-default-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-kmp-pae-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-kmp-pae-debuginfo-4.0.3_05_k2.6.37.6_24-49.1.i586.rpm True xen-libs-4.0.3_05-49.1.i586.rpm True xen-libs-debuginfo-4.0.3_05-49.1.i586.rpm True xen-tools-4.0.3_05-49.1.i586.rpm True xen-tools-debuginfo-4.0.3_05-49.1.i586.rpm True xen-tools-domU-4.0.3_05-49.1.i586.rpm True xen-tools-domU-debuginfo-4.0.3_05-49.1.i586.rpm True xen-4.0.3_05-49.1.x86_64.rpm True xen-debugsource-4.0.3_05-49.1.x86_64.rpm True xen-devel-4.0.3_05-49.1.x86_64.rpm True xen-doc-html-4.0.3_05-49.1.x86_64.rpm True xen-doc-pdf-4.0.3_05-49.1.x86_64.rpm True xen-kmp-default-4.0.3_05_k2.6.37.6_24-49.1.x86_64.rpm True xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-49.1.x86_64.rpm True xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-49.1.x86_64.rpm True xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-49.1.x86_64.rpm True xen-libs-4.0.3_05-49.1.x86_64.rpm True xen-libs-debuginfo-4.0.3_05-49.1.x86_64.rpm True xen-tools-4.0.3_05-49.1.x86_64.rpm True xen-tools-debuginfo-4.0.3_05-49.1.x86_64.rpm True xen-tools-domU-4.0.3_05-49.1.x86_64.rpm True xen-tools-domU-debuginfo-4.0.3_05-49.1.x86_64.rpm True 2015-4 important openSUSE Evergreen 11.4 This update lifts Firefox to the latest 31 ESR release to fix known security issues. MozillaFirefox-31.4.0-133.1.i586.rpm MozillaFirefox-31.4.0-133.1.src.rpm MozillaFirefox-branding-upstream-31.4.0-133.1.i586.rpm MozillaFirefox-buildsymbols-31.4.0-133.1.i586.rpm MozillaFirefox-debuginfo-31.4.0-133.1.i586.rpm MozillaFirefox-debugsource-31.4.0-133.1.i586.rpm MozillaFirefox-devel-31.4.0-133.1.i586.rpm MozillaFirefox-translations-common-31.4.0-133.1.i586.rpm MozillaFirefox-translations-other-31.4.0-133.1.i586.rpm mozilla-nspr-32bit-4.10.7-49.1.x86_64.rpm mozilla-nspr-4.10.7-49.1.i586.rpm mozilla-nspr-4.10.7-49.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.7-49.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.7-49.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.7-49.1.ia64.rpm mozilla-nspr-debugsource-4.10.7-49.1.i586.rpm mozilla-nspr-devel-4.10.7-49.1.i586.rpm mozilla-nspr-x86-4.10.7-49.1.ia64.rpm libfreebl3-3.17.3-104.1.i586.rpm libfreebl3-32bit-3.17.3-104.1.x86_64.rpm libfreebl3-debuginfo-3.17.3-104.1.i586.rpm libfreebl3-debuginfo-32bit-3.17.3-104.1.x86_64.rpm libfreebl3-debuginfo-x86-3.17.3-104.1.ia64.rpm libfreebl3-x86-3.17.3-104.1.ia64.rpm libsoftokn3-3.17.3-104.1.i586.rpm libsoftokn3-32bit-3.17.3-104.1.x86_64.rpm libsoftokn3-debuginfo-3.17.3-104.1.i586.rpm libsoftokn3-debuginfo-32bit-3.17.3-104.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.17.3-104.1.ia64.rpm libsoftokn3-x86-3.17.3-104.1.ia64.rpm mozilla-nss-3.17.3-104.1.i586.rpm mozilla-nss-3.17.3-104.1.src.rpm mozilla-nss-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-certs-3.17.3-104.1.i586.rpm mozilla-nss-certs-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.17.3-104.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.17.3-104.1.ia64.rpm mozilla-nss-certs-x86-3.17.3-104.1.ia64.rpm mozilla-nss-debuginfo-3.17.3-104.1.i586.rpm mozilla-nss-debuginfo-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.17.3-104.1.ia64.rpm mozilla-nss-debugsource-3.17.3-104.1.i586.rpm mozilla-nss-devel-3.17.3-104.1.i586.rpm mozilla-nss-sysinit-3.17.3-104.1.i586.rpm mozilla-nss-sysinit-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.17.3-104.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.17.3-104.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.17.3-104.1.ia64.rpm mozilla-nss-sysinit-x86-3.17.3-104.1.ia64.rpm mozilla-nss-tools-3.17.3-104.1.i586.rpm mozilla-nss-tools-debuginfo-3.17.3-104.1.i586.rpm mozilla-nss-x86-3.17.3-104.1.ia64.rpm MozillaFirefox-31.4.0-133.1.x86_64.rpm MozillaFirefox-branding-upstream-31.4.0-133.1.x86_64.rpm MozillaFirefox-buildsymbols-31.4.0-133.1.x86_64.rpm MozillaFirefox-debuginfo-31.4.0-133.1.x86_64.rpm MozillaFirefox-debugsource-31.4.0-133.1.x86_64.rpm MozillaFirefox-devel-31.4.0-133.1.x86_64.rpm MozillaFirefox-translations-common-31.4.0-133.1.x86_64.rpm MozillaFirefox-translations-other-31.4.0-133.1.x86_64.rpm mozilla-nspr-4.10.7-49.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.7-49.1.x86_64.rpm mozilla-nspr-debugsource-4.10.7-49.1.x86_64.rpm mozilla-nspr-devel-4.10.7-49.1.x86_64.rpm libfreebl3-3.17.3-104.1.x86_64.rpm libfreebl3-debuginfo-3.17.3-104.1.x86_64.rpm libsoftokn3-3.17.3-104.1.x86_64.rpm libsoftokn3-debuginfo-3.17.3-104.1.x86_64.rpm mozilla-nss-3.17.3-104.1.x86_64.rpm mozilla-nss-certs-3.17.3-104.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.17.3-104.1.x86_64.rpm mozilla-nss-debuginfo-3.17.3-104.1.x86_64.rpm mozilla-nss-debugsource-3.17.3-104.1.x86_64.rpm mozilla-nss-devel-3.17.3-104.1.x86_64.rpm mozilla-nss-sysinit-3.17.3-104.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.17.3-104.1.x86_64.rpm mozilla-nss-tools-3.17.3-104.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.17.3-104.1.x86_64.rpm 2015-1 moderate openSUSE Evergreen 11.4 - security update: * CVE-2014-3670 [bnc#902357] * CVE-2014-3669 [bnc#902360] * CVE-2014-3668 [bnc#902368] - added patches: * php-CVE-2014-3670.patch * php-CVE-2014-3669.patch * php-CVE-2014-3668.patch apache2-mod_php5-5.3.17-387.2.i586.rpm apache2-mod_php5-debuginfo-5.3.17-387.2.i586.rpm php5-5.3.17-387.2.i586.rpm php5-5.3.17-387.2.src.rpm php5-bcmath-5.3.17-387.2.i586.rpm php5-bcmath-debuginfo-5.3.17-387.2.i586.rpm php5-bz2-5.3.17-387.2.i586.rpm php5-bz2-debuginfo-5.3.17-387.2.i586.rpm php5-calendar-5.3.17-387.2.i586.rpm php5-calendar-debuginfo-5.3.17-387.2.i586.rpm php5-ctype-5.3.17-387.2.i586.rpm php5-ctype-debuginfo-5.3.17-387.2.i586.rpm php5-curl-5.3.17-387.2.i586.rpm php5-curl-debuginfo-5.3.17-387.2.i586.rpm php5-dba-5.3.17-387.2.i586.rpm php5-dba-debuginfo-5.3.17-387.2.i586.rpm php5-debuginfo-5.3.17-387.2.i586.rpm php5-debugsource-5.3.17-387.2.i586.rpm php5-devel-5.3.17-387.2.i586.rpm php5-dom-5.3.17-387.2.i586.rpm php5-dom-debuginfo-5.3.17-387.2.i586.rpm php5-enchant-5.3.17-387.2.i586.rpm php5-enchant-debuginfo-5.3.17-387.2.i586.rpm php5-exif-5.3.17-387.2.i586.rpm php5-exif-debuginfo-5.3.17-387.2.i586.rpm php5-fastcgi-5.3.17-387.2.i586.rpm php5-fastcgi-debuginfo-5.3.17-387.2.i586.rpm php5-fileinfo-5.3.17-387.2.i586.rpm php5-fileinfo-debuginfo-5.3.17-387.2.i586.rpm php5-fpm-5.3.17-387.2.i586.rpm php5-fpm-debuginfo-5.3.17-387.2.i586.rpm php5-ftp-5.3.17-387.2.i586.rpm php5-ftp-debuginfo-5.3.17-387.2.i586.rpm php5-gd-5.3.17-387.2.i586.rpm php5-gd-debuginfo-5.3.17-387.2.i586.rpm php5-gettext-5.3.17-387.2.i586.rpm php5-gettext-debuginfo-5.3.17-387.2.i586.rpm php5-gmp-5.3.17-387.2.i586.rpm php5-gmp-debuginfo-5.3.17-387.2.i586.rpm php5-iconv-5.3.17-387.2.i586.rpm php5-iconv-debuginfo-5.3.17-387.2.i586.rpm php5-imap-5.3.17-387.2.i586.rpm php5-imap-debuginfo-5.3.17-387.2.i586.rpm php5-intl-5.3.17-387.2.i586.rpm php5-intl-debuginfo-5.3.17-387.2.i586.rpm php5-json-5.3.17-387.2.i586.rpm php5-json-debuginfo-5.3.17-387.2.i586.rpm php5-ldap-5.3.17-387.2.i586.rpm php5-ldap-debuginfo-5.3.17-387.2.i586.rpm php5-mbstring-5.3.17-387.2.i586.rpm php5-mbstring-debuginfo-5.3.17-387.2.i586.rpm php5-mcrypt-5.3.17-387.2.i586.rpm php5-mcrypt-debuginfo-5.3.17-387.2.i586.rpm php5-mysql-5.3.17-387.2.i586.rpm php5-mysql-debuginfo-5.3.17-387.2.i586.rpm php5-odbc-5.3.17-387.2.i586.rpm php5-odbc-debuginfo-5.3.17-387.2.i586.rpm php5-openssl-5.3.17-387.2.i586.rpm php5-openssl-debuginfo-5.3.17-387.2.i586.rpm php5-pcntl-5.3.17-387.2.i586.rpm php5-pcntl-debuginfo-5.3.17-387.2.i586.rpm php5-pdo-5.3.17-387.2.i586.rpm php5-pdo-debuginfo-5.3.17-387.2.i586.rpm php5-pear-5.3.17-387.2.noarch.rpm php5-pgsql-5.3.17-387.2.i586.rpm php5-pgsql-debuginfo-5.3.17-387.2.i586.rpm php5-phar-5.3.17-387.2.i586.rpm php5-phar-debuginfo-5.3.17-387.2.i586.rpm php5-posix-5.3.17-387.2.i586.rpm php5-posix-debuginfo-5.3.17-387.2.i586.rpm php5-pspell-5.3.17-387.2.i586.rpm php5-pspell-debuginfo-5.3.17-387.2.i586.rpm php5-readline-5.3.17-387.2.i586.rpm php5-readline-debuginfo-5.3.17-387.2.i586.rpm php5-shmop-5.3.17-387.2.i586.rpm php5-shmop-debuginfo-5.3.17-387.2.i586.rpm php5-snmp-5.3.17-387.2.i586.rpm php5-snmp-debuginfo-5.3.17-387.2.i586.rpm php5-soap-5.3.17-387.2.i586.rpm php5-soap-debuginfo-5.3.17-387.2.i586.rpm php5-sockets-5.3.17-387.2.i586.rpm php5-sockets-debuginfo-5.3.17-387.2.i586.rpm php5-sqlite-5.3.17-387.2.i586.rpm php5-sqlite-debuginfo-5.3.17-387.2.i586.rpm php5-suhosin-5.3.17-387.2.i586.rpm php5-suhosin-debuginfo-5.3.17-387.2.i586.rpm php5-sysvmsg-5.3.17-387.2.i586.rpm php5-sysvmsg-debuginfo-5.3.17-387.2.i586.rpm php5-sysvsem-5.3.17-387.2.i586.rpm php5-sysvsem-debuginfo-5.3.17-387.2.i586.rpm php5-sysvshm-5.3.17-387.2.i586.rpm php5-sysvshm-debuginfo-5.3.17-387.2.i586.rpm php5-tidy-5.3.17-387.2.i586.rpm php5-tidy-debuginfo-5.3.17-387.2.i586.rpm php5-tokenizer-5.3.17-387.2.i586.rpm php5-tokenizer-debuginfo-5.3.17-387.2.i586.rpm php5-wddx-5.3.17-387.2.i586.rpm php5-wddx-debuginfo-5.3.17-387.2.i586.rpm php5-xmlreader-5.3.17-387.2.i586.rpm php5-xmlreader-debuginfo-5.3.17-387.2.i586.rpm php5-xmlrpc-5.3.17-387.2.i586.rpm php5-xmlrpc-debuginfo-5.3.17-387.2.i586.rpm php5-xmlwriter-5.3.17-387.2.i586.rpm php5-xmlwriter-debuginfo-5.3.17-387.2.i586.rpm php5-xsl-5.3.17-387.2.i586.rpm php5-xsl-debuginfo-5.3.17-387.2.i586.rpm php5-zip-5.3.17-387.2.i586.rpm php5-zip-debuginfo-5.3.17-387.2.i586.rpm php5-zlib-5.3.17-387.2.i586.rpm php5-zlib-debuginfo-5.3.17-387.2.i586.rpm apache2-mod_php5-5.3.17-387.2.x86_64.rpm apache2-mod_php5-debuginfo-5.3.17-387.2.x86_64.rpm php5-5.3.17-387.2.x86_64.rpm php5-bcmath-5.3.17-387.2.x86_64.rpm php5-bcmath-debuginfo-5.3.17-387.2.x86_64.rpm php5-bz2-5.3.17-387.2.x86_64.rpm php5-bz2-debuginfo-5.3.17-387.2.x86_64.rpm php5-calendar-5.3.17-387.2.x86_64.rpm php5-calendar-debuginfo-5.3.17-387.2.x86_64.rpm php5-ctype-5.3.17-387.2.x86_64.rpm php5-ctype-debuginfo-5.3.17-387.2.x86_64.rpm php5-curl-5.3.17-387.2.x86_64.rpm php5-curl-debuginfo-5.3.17-387.2.x86_64.rpm php5-dba-5.3.17-387.2.x86_64.rpm php5-dba-debuginfo-5.3.17-387.2.x86_64.rpm php5-debuginfo-5.3.17-387.2.x86_64.rpm php5-debugsource-5.3.17-387.2.x86_64.rpm php5-devel-5.3.17-387.2.x86_64.rpm php5-dom-5.3.17-387.2.x86_64.rpm php5-dom-debuginfo-5.3.17-387.2.x86_64.rpm php5-enchant-5.3.17-387.2.x86_64.rpm php5-enchant-debuginfo-5.3.17-387.2.x86_64.rpm php5-exif-5.3.17-387.2.x86_64.rpm php5-exif-debuginfo-5.3.17-387.2.x86_64.rpm php5-fastcgi-5.3.17-387.2.x86_64.rpm php5-fastcgi-debuginfo-5.3.17-387.2.x86_64.rpm php5-fileinfo-5.3.17-387.2.x86_64.rpm php5-fileinfo-debuginfo-5.3.17-387.2.x86_64.rpm php5-fpm-5.3.17-387.2.x86_64.rpm php5-fpm-debuginfo-5.3.17-387.2.x86_64.rpm php5-ftp-5.3.17-387.2.x86_64.rpm php5-ftp-debuginfo-5.3.17-387.2.x86_64.rpm php5-gd-5.3.17-387.2.x86_64.rpm php5-gd-debuginfo-5.3.17-387.2.x86_64.rpm php5-gettext-5.3.17-387.2.x86_64.rpm php5-gettext-debuginfo-5.3.17-387.2.x86_64.rpm php5-gmp-5.3.17-387.2.x86_64.rpm php5-gmp-debuginfo-5.3.17-387.2.x86_64.rpm php5-iconv-5.3.17-387.2.x86_64.rpm php5-iconv-debuginfo-5.3.17-387.2.x86_64.rpm php5-imap-5.3.17-387.2.x86_64.rpm php5-imap-debuginfo-5.3.17-387.2.x86_64.rpm php5-intl-5.3.17-387.2.x86_64.rpm php5-intl-debuginfo-5.3.17-387.2.x86_64.rpm php5-json-5.3.17-387.2.x86_64.rpm php5-json-debuginfo-5.3.17-387.2.x86_64.rpm php5-ldap-5.3.17-387.2.x86_64.rpm php5-ldap-debuginfo-5.3.17-387.2.x86_64.rpm php5-mbstring-5.3.17-387.2.x86_64.rpm php5-mbstring-debuginfo-5.3.17-387.2.x86_64.rpm php5-mcrypt-5.3.17-387.2.x86_64.rpm php5-mcrypt-debuginfo-5.3.17-387.2.x86_64.rpm php5-mysql-5.3.17-387.2.x86_64.rpm php5-mysql-debuginfo-5.3.17-387.2.x86_64.rpm php5-odbc-5.3.17-387.2.x86_64.rpm php5-odbc-debuginfo-5.3.17-387.2.x86_64.rpm php5-openssl-5.3.17-387.2.x86_64.rpm php5-openssl-debuginfo-5.3.17-387.2.x86_64.rpm php5-pcntl-5.3.17-387.2.x86_64.rpm php5-pcntl-debuginfo-5.3.17-387.2.x86_64.rpm php5-pdo-5.3.17-387.2.x86_64.rpm php5-pdo-debuginfo-5.3.17-387.2.x86_64.rpm php5-pgsql-5.3.17-387.2.x86_64.rpm php5-pgsql-debuginfo-5.3.17-387.2.x86_64.rpm php5-phar-5.3.17-387.2.x86_64.rpm php5-phar-debuginfo-5.3.17-387.2.x86_64.rpm php5-posix-5.3.17-387.2.x86_64.rpm php5-posix-debuginfo-5.3.17-387.2.x86_64.rpm php5-pspell-5.3.17-387.2.x86_64.rpm php5-pspell-debuginfo-5.3.17-387.2.x86_64.rpm php5-readline-5.3.17-387.2.x86_64.rpm php5-readline-debuginfo-5.3.17-387.2.x86_64.rpm php5-shmop-5.3.17-387.2.x86_64.rpm php5-shmop-debuginfo-5.3.17-387.2.x86_64.rpm php5-snmp-5.3.17-387.2.x86_64.rpm php5-snmp-debuginfo-5.3.17-387.2.x86_64.rpm php5-soap-5.3.17-387.2.x86_64.rpm php5-soap-debuginfo-5.3.17-387.2.x86_64.rpm php5-sockets-5.3.17-387.2.x86_64.rpm php5-sockets-debuginfo-5.3.17-387.2.x86_64.rpm php5-sqlite-5.3.17-387.2.x86_64.rpm php5-sqlite-debuginfo-5.3.17-387.2.x86_64.rpm php5-suhosin-5.3.17-387.2.x86_64.rpm php5-suhosin-debuginfo-5.3.17-387.2.x86_64.rpm php5-sysvmsg-5.3.17-387.2.x86_64.rpm php5-sysvmsg-debuginfo-5.3.17-387.2.x86_64.rpm php5-sysvsem-5.3.17-387.2.x86_64.rpm php5-sysvsem-debuginfo-5.3.17-387.2.x86_64.rpm php5-sysvshm-5.3.17-387.2.x86_64.rpm php5-sysvshm-debuginfo-5.3.17-387.2.x86_64.rpm php5-tidy-5.3.17-387.2.x86_64.rpm php5-tidy-debuginfo-5.3.17-387.2.x86_64.rpm php5-tokenizer-5.3.17-387.2.x86_64.rpm php5-tokenizer-debuginfo-5.3.17-387.2.x86_64.rpm php5-wddx-5.3.17-387.2.x86_64.rpm php5-wddx-debuginfo-5.3.17-387.2.x86_64.rpm php5-xmlreader-5.3.17-387.2.x86_64.rpm php5-xmlreader-debuginfo-5.3.17-387.2.x86_64.rpm php5-xmlrpc-5.3.17-387.2.x86_64.rpm php5-xmlrpc-debuginfo-5.3.17-387.2.x86_64.rpm php5-xmlwriter-5.3.17-387.2.x86_64.rpm php5-xmlwriter-debuginfo-5.3.17-387.2.x86_64.rpm php5-xsl-5.3.17-387.2.x86_64.rpm php5-xsl-debuginfo-5.3.17-387.2.x86_64.rpm php5-zip-5.3.17-387.2.x86_64.rpm php5-zip-debuginfo-5.3.17-387.2.x86_64.rpm php5-zlib-5.3.17-387.2.x86_64.rpm php5-zlib-debuginfo-5.3.17-387.2.x86_64.rpm 2015-2 important openSUSE Evergreen 11.4 Following issues was resolved in this update: *an improper file validation issue CVE-2015-0301), *an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system (CVE-2015-0302), *memory corruption vulnerabilities that could lead to code execution (CVE-2015-0303, CVE-2015-0306), *heap-based buffer overflow vulnerabilities that could lead to code execution (CVE-2015-0304,CVE-2015-0309), *type confusion vulnerability that could lead to code execution (CVE-2015-0305), *an out-of-bounds read vulnerability that could be exploited to leak memory addresses (CVE-2015-0307), *a use-after-free vulnerability that could lead to code execution (CVE-2015-0308). flash-player-11.2.202.429-139.1.i586.rpm flash-player-11.2.202.429-139.1.nosrc.rpm flash-player-gnome-11.2.202.429-139.1.i586.rpm flash-player-kde4-11.2.202.429-139.1.i586.rpm flash-player-11.2.202.429-139.1.x86_64.rpm flash-player-gnome-11.2.202.429-139.1.x86_64.rpm flash-player-kde4-11.2.202.429-139.1.x86_64.rpm 2015-3 moderate openSUSE Evergreen 11.4 This patch contains a set of packages which needed a rebuild against latest Python because of binary incompatiblity. apache2-mod_python-3.3.1-161.8.1.i586.rpm apache2-mod_python-3.3.1-161.8.1.src.rpm apache2-mod_python-debuginfo-3.3.1-161.8.1.i586.rpm apache2-mod_python-debugsource-3.3.1-161.8.1.i586.rpm xchat-2.8.8-8.1.i586.rpm xchat-2.8.8-8.1.src.rpm xchat-debuginfo-2.8.8-8.1.i586.rpm xchat-debugsource-2.8.8-8.1.i586.rpm xchat-lang-2.8.8-8.1.noarch.rpm xchat-perl-2.8.8-8.1.i586.rpm xchat-perl-debuginfo-2.8.8-8.1.i586.rpm xchat-python-2.8.8-8.1.i586.rpm xchat-python-debuginfo-2.8.8-8.1.i586.rpm xchat-tcl-2.8.8-8.1.i586.rpm xchat-tcl-debuginfo-2.8.8-8.1.i586.rpm apache2-mod_python-3.3.1-161.8.1.x86_64.rpm apache2-mod_python-debuginfo-3.3.1-161.8.1.x86_64.rpm apache2-mod_python-debugsource-3.3.1-161.8.1.x86_64.rpm xchat-2.8.8-8.1.x86_64.rpm xchat-debuginfo-2.8.8-8.1.x86_64.rpm xchat-debugsource-2.8.8-8.1.x86_64.rpm xchat-perl-2.8.8-8.1.x86_64.rpm xchat-perl-debuginfo-2.8.8-8.1.x86_64.rpm xchat-python-2.8.8-8.1.x86_64.rpm xchat-python-debuginfo-2.8.8-8.1.x86_64.rpm xchat-tcl-2.8.8-8.1.x86_64.rpm xchat-tcl-debuginfo-2.8.8-8.1.x86_64.rpm 2015-5 critical openSUSE Evergreen 11.4 This update for Flash player fixes known security issues. flash-player-11.2.202.440-143.1.i586.rpm flash-player-11.2.202.440-143.1.nosrc.rpm flash-player-gnome-11.2.202.440-143.1.i586.rpm flash-player-kde4-11.2.202.440-143.1.i586.rpm flash-player-11.2.202.440-143.1.x86_64.rpm flash-player-gnome-11.2.202.440-143.1.x86_64.rpm flash-player-kde4-11.2.202.440-143.1.x86_64.rpm 2015-6 critical openSUSE Evergreen 11.4 CVE-2015-0235: A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname(), that could lead to a local or remote buffer overflow. (bsc#913646) glibc-2.11.3-12.66.1.i686.rpm glibc-2.11.3-12.66.1.nosrc.rpm glibc-32bit-2.11.3-12.66.1.x86_64.rpm glibc-debuginfo-2.11.3-12.66.1.i686.rpm glibc-debuginfo-32bit-2.11.3-12.66.1.x86_64.rpm glibc-debuginfo-x86-2.11.3-12.66.1.ia64.rpm glibc-debugsource-2.11.3-12.66.1.i686.rpm glibc-devel-2.11.3-12.66.1.i686.rpm glibc-devel-32bit-2.11.3-12.66.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.66.1.i686.rpm glibc-devel-debuginfo-32bit-2.11.3-12.66.1.x86_64.rpm glibc-devel-debuginfo-x86-2.11.3-12.66.1.ia64.rpm glibc-html-2.11.3-12.66.1.i686.rpm glibc-i18ndata-2.11.3-12.66.1.i686.rpm glibc-info-2.11.3-12.66.1.i686.rpm glibc-locale-2.11.3-12.66.1.i686.rpm glibc-locale-32bit-2.11.3-12.66.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.66.1.i686.rpm glibc-locale-debuginfo-32bit-2.11.3-12.66.1.x86_64.rpm glibc-locale-debuginfo-x86-2.11.3-12.66.1.ia64.rpm glibc-locale-x86-2.11.3-12.66.1.ia64.rpm glibc-obsolete-2.11.3-12.66.1.i686.rpm glibc-obsolete-debuginfo-2.11.3-12.66.1.i686.rpm glibc-profile-2.11.3-12.66.1.i686.rpm glibc-profile-32bit-2.11.3-12.66.1.x86_64.rpm glibc-profile-x86-2.11.3-12.66.1.ia64.rpm glibc-x86-2.11.3-12.66.1.ia64.rpm nscd-2.11.3-12.66.1.i686.rpm nscd-debuginfo-2.11.3-12.66.1.i686.rpm glibc-2.11.3-12.66.1.i586.rpm glibc-2.11.3-12.66.1.src.rpm glibc-debuginfo-2.11.3-12.66.1.i586.rpm glibc-debugsource-2.11.3-12.66.1.i586.rpm glibc-devel-2.11.3-12.66.1.i586.rpm glibc-devel-debuginfo-2.11.3-12.66.1.i586.rpm glibc-html-2.11.3-12.66.1.i586.rpm glibc-i18ndata-2.11.3-12.66.1.i586.rpm glibc-info-2.11.3-12.66.1.i586.rpm glibc-locale-2.11.3-12.66.1.i586.rpm glibc-locale-debuginfo-2.11.3-12.66.1.i586.rpm glibc-obsolete-2.11.3-12.66.1.i586.rpm glibc-obsolete-debuginfo-2.11.3-12.66.1.i586.rpm glibc-profile-2.11.3-12.66.1.i586.rpm nscd-2.11.3-12.66.1.i586.rpm nscd-debuginfo-2.11.3-12.66.1.i586.rpm glibc-2.11.3-12.66.1.x86_64.rpm glibc-debuginfo-2.11.3-12.66.1.x86_64.rpm glibc-debugsource-2.11.3-12.66.1.x86_64.rpm glibc-devel-2.11.3-12.66.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.66.1.x86_64.rpm glibc-html-2.11.3-12.66.1.x86_64.rpm glibc-i18ndata-2.11.3-12.66.1.x86_64.rpm glibc-info-2.11.3-12.66.1.x86_64.rpm glibc-locale-2.11.3-12.66.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.66.1.x86_64.rpm glibc-obsolete-2.11.3-12.66.1.x86_64.rpm glibc-profile-2.11.3-12.66.1.x86_64.rpm nscd-2.11.3-12.66.1.x86_64.rpm nscd-debuginfo-2.11.3-12.66.1.x86_64.rpm 2015-7 critical openSUSE Evergreen 11.4 flash-player was updated to version 11.2.202.442 to fix 18 security issues. These security issues were fixed: - Use-after-free vulnerabilities that could lead to code execution (CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322). - Memory corruption vulnerabilities that could lead to code execution (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, CVE-2015-0330). - Type confusion vulnerabilities that could lead to code execution (CVE-2015-0317, CVE-2015-0319). - Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-0323, CVE-2015-0327). - Buffer overflow vulnerability that could lead to code execution (CVE-2015-0324). - Null pointer dereference issues (CVE-2015-0325, CVE-2015-0326, CVE-2015-0328). More information is available at https://helpx.adobe.com/security/products/flash-player/apsb15-04.html flash-player-11.2.202.442-147.1.i586.rpm flash-player-11.2.202.442-147.1.nosrc.rpm flash-player-gnome-11.2.202.442-147.1.i586.rpm flash-player-kde4-11.2.202.442-147.1.i586.rpm flash-player-11.2.202.442-147.1.x86_64.rpm flash-player-gnome-11.2.202.442-147.1.x86_64.rpm flash-player-kde4-11.2.202.442-147.1.x86_64.rpm 2015-9 moderate openSUSE Evergreen 11.4 - Security and bugfix release 9.0.19: *Fix buffer overruns in to_char() (CVE-2015-0241) *Fix buffer overrun in replacement *printf() functions (CVE-2015-0242) *Fix buffer overruns in contrib/pgcrypto (CVE-2015-0243) *Fix possible loss of frontend/backend protocol synchronization after an error (CVE-2015-0244) *Fix information leak via constraint-violation error messages (CVE-2014-8161) - for details see: http://www.postgresql.org/docs/9.0/static/release-9-0-19.html libecpg6-9.0.19-47.1.i586.rpm libecpg6-debuginfo-9.0.19-47.1.i586.rpm libpq5-32bit-9.0.19-47.1.x86_64.rpm libpq5-9.0.19-47.1.i586.rpm libpq5-debuginfo-32bit-9.0.19-47.1.x86_64.rpm libpq5-debuginfo-9.0.19-47.1.i586.rpm libpq5-debuginfo-x86-9.0.19-47.1.ia64.rpm libpq5-x86-9.0.19-47.1.ia64.rpm postgresql-devel-9.0.19-47.1.i586.rpm postgresql-devel-debuginfo-9.0.19-47.1.i586.rpm postgresql-libs-9.0.19-47.1.src.rpm postgresql-libs-debugsource-9.0.19-47.1.i586.rpm postgresql-9.0.19-47.1.i586.rpm postgresql-9.0.19-47.1.src.rpm postgresql-contrib-9.0.19-47.1.i586.rpm postgresql-contrib-debuginfo-9.0.19-47.1.i586.rpm postgresql-debuginfo-9.0.19-47.1.i586.rpm postgresql-debugsource-9.0.19-47.1.i586.rpm postgresql-docs-9.0.19-47.1.noarch.rpm postgresql-plperl-9.0.19-47.1.i586.rpm postgresql-plperl-debuginfo-9.0.19-47.1.i586.rpm postgresql-plpython-9.0.19-47.1.i586.rpm postgresql-plpython-debuginfo-9.0.19-47.1.i586.rpm postgresql-pltcl-9.0.19-47.1.i586.rpm postgresql-pltcl-debuginfo-9.0.19-47.1.i586.rpm postgresql-server-9.0.19-47.1.i586.rpm postgresql-server-debuginfo-9.0.19-47.1.i586.rpm libecpg6-9.0.19-47.1.x86_64.rpm libecpg6-debuginfo-9.0.19-47.1.x86_64.rpm libpq5-9.0.19-47.1.x86_64.rpm libpq5-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-devel-9.0.19-47.1.x86_64.rpm postgresql-devel-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-libs-debugsource-9.0.19-47.1.x86_64.rpm postgresql-9.0.19-47.1.x86_64.rpm postgresql-contrib-9.0.19-47.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-debugsource-9.0.19-47.1.x86_64.rpm postgresql-plperl-9.0.19-47.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-plpython-9.0.19-47.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-pltcl-9.0.19-47.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.19-47.1.x86_64.rpm postgresql-server-9.0.19-47.1.x86_64.rpm postgresql-server-debuginfo-9.0.19-47.1.x86_64.rpm 2015-10 important openSUSE Evergreen 11.4 kernel update for Evergreen 11.4, includes leap second deadlock fix and fixes for other security and stability issues kernel-debug-3.0.101-99.1.i586.rpm True kernel-debug-3.0.101-99.1.nosrc.rpm True kernel-debug-base-3.0.101-99.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-debug-debuginfo-3.0.101-99.1.i586.rpm True kernel-debug-debugsource-3.0.101-99.1.i586.rpm True kernel-debug-devel-3.0.101-99.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-debug-hmac-3.0.101-99.1.i586.rpm True kernel-default-3.0.101-99.1.i586.rpm True kernel-default-3.0.101-99.1.nosrc.rpm True kernel-default-base-3.0.101-99.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-default-debuginfo-3.0.101-99.1.i586.rpm True kernel-default-debugsource-3.0.101-99.1.i586.rpm True kernel-default-devel-3.0.101-99.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-default-hmac-3.0.101-99.1.i586.rpm True kernel-desktop-3.0.101-99.1.i586.rpm True kernel-desktop-3.0.101-99.1.nosrc.rpm True kernel-desktop-base-3.0.101-99.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-99.1.i586.rpm True kernel-desktop-debugsource-3.0.101-99.1.i586.rpm True kernel-desktop-devel-3.0.101-99.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-desktop-hmac-3.0.101-99.1.i586.rpm True kernel-docs-3.0.101-99.2.noarch.rpm True kernel-docs-3.0.101-99.2.src.rpm True kernel-ec2-3.0.101-99.1.i586.rpm True kernel-ec2-3.0.101-99.1.nosrc.rpm True kernel-ec2-base-3.0.101-99.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-99.1.i586.rpm True kernel-ec2-debugsource-3.0.101-99.1.i586.rpm True kernel-ec2-devel-3.0.101-99.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-ec2-extra-3.0.101-99.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-99.1.i586.rpm True kernel-ec2-hmac-3.0.101-99.1.i586.rpm True kernel-pae-3.0.101-99.1.i586.rpm True kernel-pae-3.0.101-99.1.nosrc.rpm True kernel-pae-base-3.0.101-99.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-pae-debuginfo-3.0.101-99.1.i586.rpm True kernel-pae-debugsource-3.0.101-99.1.i586.rpm True kernel-pae-devel-3.0.101-99.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-pae-hmac-3.0.101-99.1.i586.rpm True kernel-source-3.0.101-99.1.i586.rpm True kernel-source-3.0.101-99.1.src.rpm True kernel-source-vanilla-3.0.101-99.1.i586.rpm True kernel-syms-3.0.101-99.1.i586.rpm True kernel-syms-3.0.101-99.1.src.rpm True kernel-trace-3.0.101-99.1.i586.rpm True kernel-trace-3.0.101-99.1.nosrc.rpm True kernel-trace-base-3.0.101-99.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-trace-debuginfo-3.0.101-99.1.i586.rpm True kernel-trace-debugsource-3.0.101-99.1.i586.rpm True kernel-trace-devel-3.0.101-99.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-trace-hmac-3.0.101-99.1.i586.rpm True kernel-vanilla-3.0.101-99.1.i586.rpm True kernel-vanilla-3.0.101-99.1.nosrc.rpm True kernel-vanilla-base-3.0.101-99.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-99.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-99.1.i586.rpm True kernel-vanilla-devel-3.0.101-99.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-vanilla-hmac-3.0.101-99.1.i586.rpm True kernel-vmi-3.0.101-99.1.i586.rpm True kernel-vmi-3.0.101-99.1.nosrc.rpm True kernel-vmi-base-3.0.101-99.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-99.1.i586.rpm True kernel-vmi-debugsource-3.0.101-99.1.i586.rpm True kernel-vmi-devel-3.0.101-99.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-vmi-hmac-3.0.101-99.1.i586.rpm True kernel-xen-3.0.101-99.1.i586.rpm True kernel-xen-3.0.101-99.1.nosrc.rpm True kernel-xen-base-3.0.101-99.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-99.1.i586.rpm True kernel-xen-debuginfo-3.0.101-99.1.i586.rpm True kernel-xen-debugsource-3.0.101-99.1.i586.rpm True kernel-xen-devel-3.0.101-99.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-99.1.i586.rpm True kernel-xen-hmac-3.0.101-99.1.i586.rpm True preload-1.2-6.77.1.i586.rpm True preload-1.2-6.77.1.src.rpm True preload-debuginfo-1.2-6.77.1.i586.rpm True preload-debugsource-1.2-6.77.1.i586.rpm True preload-kmp-default-1.2_3.0.101_99-6.77.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_99-6.77.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_99-6.77.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_99-6.77.1.i586.rpm True kernel-debug-3.0.101-99.1.x86_64.rpm True kernel-debug-base-3.0.101-99.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-99.1.x86_64.rpm True kernel-debug-devel-3.0.101-99.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-debug-hmac-3.0.101-99.1.x86_64.rpm True kernel-default-3.0.101-99.1.x86_64.rpm True kernel-default-base-3.0.101-99.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-default-debugsource-3.0.101-99.1.x86_64.rpm True kernel-default-devel-3.0.101-99.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-default-hmac-3.0.101-99.1.x86_64.rpm True kernel-desktop-3.0.101-99.1.x86_64.rpm True kernel-desktop-base-3.0.101-99.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-99.1.x86_64.rpm True kernel-desktop-devel-3.0.101-99.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-99.1.x86_64.rpm True kernel-ec2-3.0.101-99.1.x86_64.rpm True kernel-ec2-base-3.0.101-99.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-99.1.x86_64.rpm True kernel-ec2-devel-3.0.101-99.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-ec2-extra-3.0.101-99.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-99.1.x86_64.rpm True kernel-source-3.0.101-99.1.x86_64.rpm True kernel-source-vanilla-3.0.101-99.1.x86_64.rpm True kernel-syms-3.0.101-99.1.x86_64.rpm True kernel-trace-3.0.101-99.1.x86_64.rpm True kernel-trace-base-3.0.101-99.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-99.1.x86_64.rpm True kernel-trace-devel-3.0.101-99.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-trace-hmac-3.0.101-99.1.x86_64.rpm True kernel-vanilla-3.0.101-99.1.x86_64.rpm True kernel-vanilla-base-3.0.101-99.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-99.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-99.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-99.1.x86_64.rpm True kernel-xen-3.0.101-99.1.x86_64.rpm True kernel-xen-base-3.0.101-99.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-99.1.x86_64.rpm True kernel-xen-devel-3.0.101-99.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-99.1.x86_64.rpm True kernel-xen-hmac-3.0.101-99.1.x86_64.rpm True preload-1.2-6.77.1.x86_64.rpm True preload-debuginfo-1.2-6.77.1.x86_64.rpm True preload-debugsource-1.2-6.77.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_99-6.77.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_99-6.77.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_99-6.77.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_99-6.77.1.x86_64.rpm True 2015-8 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.451 (bsc#922033). These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution(CVE-2015-0332,CVE-2015-0333, CVE-2015-0335, CVE-2015-0339). - Type confusion vulnerabilities that could lead to code execution(CVE-2015-0334, CVE-2015-0336). - A vulnerability that could lead to a cross-domain policy bypass(CVE-2015-0337). - A vulnerability that could lead to a file upload restriction bypass(CVE-2015-0340). - An integer overflow vulnerability that could lead to code execution(CVE-2015-0338). - Use-after-free vulnerabilities that could lead to code execution(CVE-2015-0341, CVE-2015-0342). flash-player-11.2.202.451-155.1.i586.rpm flash-player-11.2.202.451-155.1.nosrc.rpm flash-player-gnome-11.2.202.451-155.1.i586.rpm flash-player-kde4-11.2.202.451-155.1.i586.rpm flash-player-11.2.202.451-155.1.x86_64.rpm flash-player-gnome-11.2.202.451-155.1.x86_64.rpm flash-player-kde4-11.2.202.451-155.1.x86_64.rpm 2013-7 low openSUSE Evergreen 11.4 This release fixes a significant page ordering issue with Hot Standby which could cause index corruption on the standby under some circumstances. In addition, this update patches timing issues with checkpoint and transaction ID wraparound which could cause data corruption in some cases. This update also fixes multiple issues with CREATE INDEX CONCURRENTLY and DROP INDEX CONCURRENTLY, which can cause those commands to fail or produce corrupt indexes. Users who use this feature may want to REINDEX or recreate affected indexes libecpg6-9.0.11-21.1.i586.rpm libecpg6-debuginfo-9.0.11-21.1.i586.rpm libpq5-32bit-9.0.11-21.1.x86_64.rpm libpq5-9.0.11-21.1.i586.rpm libpq5-debuginfo-32bit-9.0.11-21.1.x86_64.rpm libpq5-debuginfo-9.0.11-21.1.i586.rpm libpq5-debuginfo-x86-9.0.11-21.1.ia64.rpm libpq5-x86-9.0.11-21.1.ia64.rpm postgresql-devel-9.0.11-21.1.i586.rpm postgresql-devel-debuginfo-9.0.11-21.1.i586.rpm postgresql-libs-9.0.11-21.1.src.rpm postgresql-libs-debugsource-9.0.11-21.1.i586.rpm postgresql-9.0.11-21.1.i586.rpm postgresql-9.0.11-21.1.src.rpm postgresql-contrib-9.0.11-21.1.i586.rpm postgresql-contrib-debuginfo-9.0.11-21.1.i586.rpm postgresql-debuginfo-9.0.11-21.1.i586.rpm postgresql-debugsource-9.0.11-21.1.i586.rpm postgresql-docs-9.0.11-21.1.noarch.rpm postgresql-plperl-9.0.11-21.1.i586.rpm postgresql-plperl-debuginfo-9.0.11-21.1.i586.rpm postgresql-plpython-9.0.11-21.1.i586.rpm postgresql-plpython-debuginfo-9.0.11-21.1.i586.rpm postgresql-pltcl-9.0.11-21.1.i586.rpm postgresql-pltcl-debuginfo-9.0.11-21.1.i586.rpm postgresql-server-9.0.11-21.1.i586.rpm postgresql-server-debuginfo-9.0.11-21.1.i586.rpm libecpg6-9.0.11-21.1.x86_64.rpm libecpg6-debuginfo-9.0.11-21.1.x86_64.rpm libpq5-9.0.11-21.1.x86_64.rpm libpq5-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-devel-9.0.11-21.1.x86_64.rpm postgresql-devel-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-libs-debugsource-9.0.11-21.1.x86_64.rpm postgresql-9.0.11-21.1.x86_64.rpm postgresql-contrib-9.0.11-21.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-debugsource-9.0.11-21.1.x86_64.rpm postgresql-plperl-9.0.11-21.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-plpython-9.0.11-21.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-pltcl-9.0.11-21.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.11-21.1.x86_64.rpm postgresql-server-9.0.11-21.1.x86_64.rpm postgresql-server-debuginfo-9.0.11-21.1.x86_64.rpm 2015-11 important openSUSE Evergreen 11.4 Update to Firefox 31.5.3 (bnc#923534) * MFSA 2015-28/CVE-2015-0818 (bmo#1144988) Privilege escalation through SVG navigation * MFSA 2015-29/CVE-2015-0817 (bmo#1145255) Code execution through incorrect JavaScript bounds checking elimination - update to Firefox 31.5.0esr (bnc#917597) * MFSA 2015-11/CVE-2015-0836 Miscellaneous memory safety hazards * MFSA 2015-12/CVE-2015-0833 (bmo#945192) Invoking Mozilla updater will load locally stored DLL files (Windows only) * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) Use-after-free in IndexedDB * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) Out-of-bounds read and write while rendering SVG content * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) Reading of local files through manipulation of form autocomplete MozillaFirefox-31.5.3-137.1.i586.rpm MozillaFirefox-31.5.3-137.1.src.rpm MozillaFirefox-branding-upstream-31.5.3-137.1.i586.rpm MozillaFirefox-buildsymbols-31.5.3-137.1.i586.rpm MozillaFirefox-debuginfo-31.5.3-137.1.i586.rpm MozillaFirefox-debugsource-31.5.3-137.1.i586.rpm MozillaFirefox-devel-31.5.3-137.1.i586.rpm MozillaFirefox-translations-common-31.5.3-137.1.i586.rpm MozillaFirefox-translations-other-31.5.3-137.1.i586.rpm MozillaFirefox-31.5.3-137.1.x86_64.rpm MozillaFirefox-branding-upstream-31.5.3-137.1.x86_64.rpm MozillaFirefox-buildsymbols-31.5.3-137.1.x86_64.rpm MozillaFirefox-debuginfo-31.5.3-137.1.x86_64.rpm MozillaFirefox-debugsource-31.5.3-137.1.x86_64.rpm MozillaFirefox-devel-31.5.3-137.1.x86_64.rpm MozillaFirefox-translations-common-31.5.3-137.1.x86_64.rpm MozillaFirefox-translations-other-31.5.3-137.1.x86_64.rpm 2015-503 important openSUSE Evergreen 11.4 Combined Mozilla update: - Update Firefox to 31.8.0 - Update Thunderbird to 31.8.0 - Update mozilla-nspr to 4.10.6 - Update mozilla-nss to 3.19.2 to fix several security issues. MozillaFirefox-31.8.0-143.1.i586.rpm MozillaFirefox-31.8.0-143.1.src.rpm MozillaFirefox-branding-upstream-31.8.0-143.1.i586.rpm MozillaFirefox-buildsymbols-31.8.0-143.1.i586.rpm MozillaFirefox-debuginfo-31.8.0-143.1.i586.rpm MozillaFirefox-debugsource-31.8.0-143.1.i586.rpm MozillaFirefox-devel-31.8.0-143.1.i586.rpm MozillaFirefox-translations-common-31.8.0-143.1.i586.rpm MozillaFirefox-translations-other-31.8.0-143.1.i586.rpm MozillaThunderbird-31.8.0-110.1.i586.rpm MozillaThunderbird-31.8.0-110.1.src.rpm MozillaThunderbird-buildsymbols-31.8.0-110.1.i586.rpm MozillaThunderbird-debuginfo-31.8.0-110.1.i586.rpm MozillaThunderbird-debugsource-31.8.0-110.1.i586.rpm MozillaThunderbird-devel-31.8.0-110.1.i586.rpm MozillaThunderbird-translations-common-31.8.0-110.1.i586.rpm MozillaThunderbird-translations-other-31.8.0-110.1.i586.rpm mozilla-nspr-32bit-4.10.8-52.1.x86_64.rpm mozilla-nspr-4.10.8-52.1.i586.rpm mozilla-nspr-4.10.8-52.1.src.rpm mozilla-nspr-debuginfo-32bit-4.10.8-52.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.8-52.1.i586.rpm mozilla-nspr-debuginfo-x86-4.10.8-52.1.ia64.rpm mozilla-nspr-debugsource-4.10.8-52.1.i586.rpm mozilla-nspr-devel-4.10.8-52.1.i586.rpm mozilla-nspr-x86-4.10.8-52.1.ia64.rpm libfreebl3-3.19.2-107.1.i586.rpm libfreebl3-32bit-3.19.2-107.1.x86_64.rpm libfreebl3-debuginfo-3.19.2-107.1.i586.rpm libfreebl3-debuginfo-32bit-3.19.2-107.1.x86_64.rpm libfreebl3-debuginfo-x86-3.19.2-107.1.ia64.rpm libfreebl3-x86-3.19.2-107.1.ia64.rpm libsoftokn3-3.19.2-107.1.i586.rpm libsoftokn3-32bit-3.19.2-107.1.x86_64.rpm libsoftokn3-debuginfo-3.19.2-107.1.i586.rpm libsoftokn3-debuginfo-32bit-3.19.2-107.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.19.2-107.1.ia64.rpm libsoftokn3-x86-3.19.2-107.1.ia64.rpm mozilla-nss-3.19.2-107.1.i586.rpm mozilla-nss-3.19.2-107.1.src.rpm mozilla-nss-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-certs-3.19.2-107.1.i586.rpm mozilla-nss-certs-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.19.2-107.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.19.2-107.1.ia64.rpm mozilla-nss-certs-x86-3.19.2-107.1.ia64.rpm mozilla-nss-debuginfo-3.19.2-107.1.i586.rpm mozilla-nss-debuginfo-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.19.2-107.1.ia64.rpm mozilla-nss-debugsource-3.19.2-107.1.i586.rpm mozilla-nss-devel-3.19.2-107.1.i586.rpm mozilla-nss-sysinit-3.19.2-107.1.i586.rpm mozilla-nss-sysinit-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.19.2-107.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.19.2-107.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.19.2-107.1.ia64.rpm mozilla-nss-sysinit-x86-3.19.2-107.1.ia64.rpm mozilla-nss-tools-3.19.2-107.1.i586.rpm mozilla-nss-tools-debuginfo-3.19.2-107.1.i586.rpm mozilla-nss-x86-3.19.2-107.1.ia64.rpm MozillaFirefox-31.8.0-143.1.x86_64.rpm MozillaFirefox-branding-upstream-31.8.0-143.1.x86_64.rpm MozillaFirefox-buildsymbols-31.8.0-143.1.x86_64.rpm MozillaFirefox-debuginfo-31.8.0-143.1.x86_64.rpm MozillaFirefox-debugsource-31.8.0-143.1.x86_64.rpm MozillaFirefox-devel-31.8.0-143.1.x86_64.rpm MozillaFirefox-translations-common-31.8.0-143.1.x86_64.rpm MozillaFirefox-translations-other-31.8.0-143.1.x86_64.rpm MozillaThunderbird-31.8.0-110.1.x86_64.rpm MozillaThunderbird-buildsymbols-31.8.0-110.1.x86_64.rpm MozillaThunderbird-debuginfo-31.8.0-110.1.x86_64.rpm MozillaThunderbird-debugsource-31.8.0-110.1.x86_64.rpm MozillaThunderbird-devel-31.8.0-110.1.x86_64.rpm MozillaThunderbird-translations-common-31.8.0-110.1.x86_64.rpm MozillaThunderbird-translations-other-31.8.0-110.1.x86_64.rpm mozilla-nspr-4.10.8-52.1.x86_64.rpm mozilla-nspr-debuginfo-4.10.8-52.1.x86_64.rpm mozilla-nspr-debugsource-4.10.8-52.1.x86_64.rpm mozilla-nspr-devel-4.10.8-52.1.x86_64.rpm libfreebl3-3.19.2-107.1.x86_64.rpm libfreebl3-debuginfo-3.19.2-107.1.x86_64.rpm libsoftokn3-3.19.2-107.1.x86_64.rpm libsoftokn3-debuginfo-3.19.2-107.1.x86_64.rpm mozilla-nss-3.19.2-107.1.x86_64.rpm mozilla-nss-certs-3.19.2-107.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.19.2-107.1.x86_64.rpm mozilla-nss-debuginfo-3.19.2-107.1.x86_64.rpm mozilla-nss-debugsource-3.19.2-107.1.x86_64.rpm mozilla-nss-devel-3.19.2-107.1.x86_64.rpm mozilla-nss-sysinit-3.19.2-107.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.19.2-107.1.x86_64.rpm mozilla-nss-tools-3.19.2-107.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.19.2-107.1.x86_64.rpm 2015-12 moderate openSUSE Evergreen 11.4 escription: This recommended update for timezone provides version 2015b with various fixes and adjustments (boo#923493): - Changes to time zones: + Mongolia DST observance 2015 + Palestine DST dates 2015 and 2015 + correct 1982 zone shift in Pacific/Easter, regression in 2015a + More pre-1970 zones have been turned into links, when they differed from existing zones only for older time stamps: * America/Antigua * America/Cayman * Pacific/Midway, * Pacific/Saipan. + Correct the 1992-2010 DST abbreviation in Volgograd from "MSK" to "MSD". - Changes to code: + Fix integer overflow bug in reference 'mktime' implementation. + Allow -Dtime_tz=time_t compilations, and allow -Dtime_tz=... libraries to be used in the same executable as standard-library time_t functions. timezone-java-2015b-33.1.noarch.rpm timezone-java-2015b-33.1.src.rpm timezone-2015b-33.1.i586.rpm timezone-2015b-33.1.src.rpm timezone-debuginfo-2015b-33.1.i586.rpm timezone-debugsource-2015b-33.1.i586.rpm timezone-2015b-33.1.x86_64.rpm timezone-debuginfo-2015b-33.1.x86_64.rpm timezone-debugsource-2015b-33.1.x86_64.rpm 2015-13 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.457 to fix several security issues that could lead to remote code execution. An exploit for CVE-2015-3043 was reported to exist in the wild. The following vulnerabilities were fixed: * Memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043). * Type confusion vulnerability that could lead to code execution (CVE-2015-0356). * Buffer overflow vulnerability that could lead to code execution (CVE-2015-0348). * Use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039). * Double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359). * Memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040). * Security bypass vulnerability that could lead to information disclosure (CVE-2015-3044) flash-player-11.2.202.457-158.1.i586.rpm flash-player-11.2.202.457-158.1.nosrc.rpm flash-player-gnome-11.2.202.457-158.1.i586.rpm flash-player-kde4-11.2.202.457-158.1.i586.rpm flash-player-11.2.202.457-158.1.x86_64.rpm flash-player-gnome-11.2.202.457-158.1.x86_64.rpm flash-player-kde4-11.2.202.457-158.1.x86_64.rpm 2015-14 important openSUSE Evergreen 11.4 The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues. The following vulnerabilities were fixed (bsc#930677): * APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087, CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091, CVE-2015-3092, CVE-2015-3093 More information can be found at the Adobe Security Bulletin APSB15-09: https://helpx.adobe.com/security/products/flash-player/apsb15-09.html flash-player-11.2.202.460-161.1.i586.rpm flash-player-11.2.202.460-161.1.nosrc.rpm flash-player-gnome-11.2.202.460-161.1.i586.rpm flash-player-kde4-11.2.202.460-161.1.i586.rpm flash-player-11.2.202.460-161.1.x86_64.rpm flash-player-gnome-11.2.202.460-161.1.x86_64.rpm flash-player-kde4-11.2.202.460-161.1.x86_64.rpm 2015-15 important openSUSE Evergreen 11.4 - update to Firefox 31.7.0esr (bnc#930622) * MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards * MFSA 2015-47/VE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML * MFSA 2015-57/CVE-2011-3079 (bmo#1087565) Privilege escalation through IPC channel messages MozillaFirefox-31.7.0-140.1.i586.rpm MozillaFirefox-31.7.0-140.1.src.rpm MozillaFirefox-branding-upstream-31.7.0-140.1.i586.rpm MozillaFirefox-buildsymbols-31.7.0-140.1.i586.rpm MozillaFirefox-debuginfo-31.7.0-140.1.i586.rpm MozillaFirefox-debugsource-31.7.0-140.1.i586.rpm MozillaFirefox-devel-31.7.0-140.1.i586.rpm MozillaFirefox-translations-common-31.7.0-140.1.i586.rpm MozillaFirefox-translations-other-31.7.0-140.1.i586.rpm MozillaFirefox-31.7.0-140.1.x86_64.rpm MozillaFirefox-branding-upstream-31.7.0-140.1.x86_64.rpm MozillaFirefox-buildsymbols-31.7.0-140.1.x86_64.rpm MozillaFirefox-debuginfo-31.7.0-140.1.x86_64.rpm MozillaFirefox-debugsource-31.7.0-140.1.x86_64.rpm MozillaFirefox-devel-31.7.0-140.1.x86_64.rpm MozillaFirefox-translations-common-31.7.0-140.1.x86_64.rpm MozillaFirefox-translations-other-31.7.0-140.1.x86_64.rpm 2015-16 moderate openSUSE Evergreen 11.4 The openssl update to 1.0.1 was using the wrong CA trust store path. This update makes openssl use /etc/ssl/certs again as the previous version. libopenssl-devel-1.0.1k-65.1.i586.rpm libopenssl-devel-32bit-1.0.1k-65.1.x86_64.rpm libopenssl1_0_0-1.0.1k-65.1.i586.rpm libopenssl1_0_0-32bit-1.0.1k-65.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1k-65.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.1k-65.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.1k-65.1.ia64.rpm libopenssl1_0_0-x86-1.0.1k-65.1.ia64.rpm openssl-1.0.1k-65.1.i586.rpm openssl-1.0.1k-65.1.src.rpm openssl-debuginfo-1.0.1k-65.1.i586.rpm openssl-debugsource-1.0.1k-65.1.i586.rpm openssl-doc-1.0.1k-65.1.noarch.rpm libopenssl-devel-1.0.1k-65.1.x86_64.rpm libopenssl1_0_0-1.0.1k-65.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1k-65.1.x86_64.rpm openssl-1.0.1k-65.1.x86_64.rpm openssl-debuginfo-1.0.1k-65.1.x86_64.rpm openssl-debugsource-1.0.1k-65.1.x86_64.rpm 2015-17 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.466 to fix multiple security issues. The following vulnerabilities were fixed: * CVE-2015-3096: bypass for CVE-2014-5333 * CVE-2015-3098: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3099: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3100: stack overflow vulnerability that could lead to code execution * CVE-2015-3102: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure * CVE-2015-3103: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3104: integer overflow vulnerability that could lead to code execution * CVE-2015-3105: memory corruption vulnerability that could lead to code execution * CVE-2015-3106: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3107: use-after-free vulnerabilities that could lead to code execution * CVE-2015-3108: memory leak vulnerability that could be used to bypass ASLR flash-player-11.2.202.466-164.1.i586.rpm flash-player-11.2.202.466-164.1.nosrc.rpm flash-player-gnome-11.2.202.466-164.1.i586.rpm flash-player-kde4-11.2.202.466-164.1.i586.rpm flash-player-11.2.202.466-164.1.x86_64.rpm flash-player-gnome-11.2.202.466-164.1.x86_64.rpm flash-player-kde4-11.2.202.466-164.1.x86_64.rpm 2015-525 moderate openSUSE Evergreen 11.4 Tolerate tilde in package version. This allows building packages which use the tilde to indicate a pre version. Note: zypper will not handle tilde in 11.4, '1.0~rc1' is seen as newer than '1.0'. Handle also /etc/alternatives properly to fix buildfailures which happen with some newer packages. rpm-32bit-4.8.0-28.43.1.x86_64.rpm True rpm-4.8.0-28.43.1.i586.rpm True rpm-4.8.0-28.43.1.src.rpm True rpm-debuginfo-32bit-4.8.0-28.43.1.x86_64.rpm True rpm-debuginfo-4.8.0-28.43.1.i586.rpm True rpm-debuginfo-x86-4.8.0-28.43.1.ia64.rpm True rpm-debugsource-4.8.0-28.43.1.i586.rpm True rpm-devel-4.8.0-28.43.1.i586.rpm True rpm-x86-4.8.0-28.43.1.ia64.rpm True rpm-4.8.0-28.43.1.x86_64.rpm True rpm-debuginfo-4.8.0-28.43.1.x86_64.rpm True rpm-debugsource-4.8.0-28.43.1.x86_64.rpm True rpm-devel-4.8.0-28.43.1.x86_64.rpm True 2015-462 important openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.468 to fix one security issue. The following vulnerability was fixed: * CVE-2015-3113: A heap buffer overflow vulnerability could have allowed code execution (bsc#935701, APSB15-14) flash-player-11.2.202.468-167.1.i586.rpm flash-player-11.2.202.468-167.1.nosrc.rpm flash-player-gnome-11.2.202.468-167.1.i586.rpm flash-player-kde4-11.2.202.468-167.1.i586.rpm flash-player-11.2.202.468-167.1.x86_64.rpm flash-player-gnome-11.2.202.468-167.1.x86_64.rpm flash-player-kde4-11.2.202.468-167.1.x86_64.rpm 2012-23 moderate openSUSE Evergreen 11.4 - Update to 12.12 * Fixes and Stability Enhancements - New option 'Delete settings and data for all extensions' option (off by default) in the Delete Private Data dialog - Corrected an issue where using the 'Delete Private Data' dialog could delete extension and settings data - Redesigned the 'Delete Private Data' dialog to be more usable with small screens - Fixed an issue where quitting Opera while in fullscreen mode could cripple the interface on the next start-up - Fixed an issue where malformed GIF images could allow execution of arbitrary code - Fixed an issue where repeated attempts to access a target site could trigger address field spoofing - Fixed an issue where private data could be disclosed to other computer users, or be modified by them * full changelog available at: http://www.opera.com/docs/changelogs/unix/1212 opera-12.12-44.1.i586.rpm opera-12.12-44.1.nosrc.rpm opera-gtk-12.12-44.1.i586.rpm opera-kde4-12.12-44.1.i586.rpm opera-12.12-44.1.x86_64.rpm opera-gtk-12.12-44.1.x86_64.rpm opera-kde4-12.12-44.1.x86_64.rpm 2015-475 critical openSUSE Evergreen 11.4 flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2015-5119: Unspecified vulnerability allowing remote attackers to take over the system (bsc#937339). flash-player-11.2.202.481-170.1.i586.rpm flash-player-11.2.202.481-170.1.nosrc.rpm flash-player-gnome-11.2.202.481-170.1.i586.rpm flash-player-kde4-11.2.202.481-170.1.i586.rpm flash-player-11.2.202.481-170.1.x86_64.rpm flash-player-gnome-11.2.202.481-170.1.x86_64.rpm flash-player-kde4-11.2.202.481-170.1.x86_64.rpm 2015-791 important openSUSE Evergreen 11.4 Update to 1.0.1p: - CVE-2015-1793: fix for CA flag certificate chain validatin logic error, also known as "OprahSSL". * CVE-2015-4000 aka Logjam: TLS MITM DH keylength downgrade * CVE-2015-1788 Malformed ECParameters causes infinite loop * CVE-2015-1789 OOB read in X509_cmp_time via ASN1_TIME string * CVE-2015-1790 PKCS7 crash with missing EnvelopedContent * CVE-2015-1792 CMS verify infinite loop with unknown hash function * CVE-2015-1791 Race condition handling NewSessionTicket (low profile vuln.) - re-diff'd: openssl-ocloexec.patch VIA_padlock_support_on_64systems.patch compression_methods_switch.patch 0005-libssl-Hide-library-private-symbols.patch - openssl-1.0.1c-default-paths.patch replaced by re-diff'd openssl-1.0.1n-default-paths.patch - obsoleted: openssl-CVE-2015-0209.patch (NULL pointer checks were upstreamed differently in upstream versions after Feb 2015) - obsoleted by identical upstream fixes: openssl-CVE-2015-0286.patch openssl-CVE-2015-0287.patch openssl-CVE-2015-0288.patch openssl-CVE-2015-0289.patch openssl-CVE-2015-0293.patch libopenssl-devel-1.0.1p-68.2.i586.rpm libopenssl-devel-32bit-1.0.1p-68.2.x86_64.rpm libopenssl1_0_0-1.0.1p-68.2.i586.rpm libopenssl1_0_0-32bit-1.0.1p-68.2.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-68.2.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.1p-68.2.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.1p-68.2.ia64.rpm libopenssl1_0_0-x86-1.0.1p-68.2.ia64.rpm openssl-1.0.1p-68.2.i586.rpm openssl-1.0.1p-68.2.src.rpm openssl-debuginfo-1.0.1p-68.2.i586.rpm openssl-debugsource-1.0.1p-68.2.i586.rpm openssl-doc-1.0.1p-68.2.noarch.rpm postfix-2.7.2-13.38.1.i586.rpm postfix-2.7.2-13.38.1.src.rpm postfix-debuginfo-2.7.2-13.38.1.i586.rpm postfix-debugsource-2.7.2-13.38.1.i586.rpm postfix-devel-2.7.2-13.38.1.i586.rpm postfix-doc-2.7.2-13.38.1.noarch.rpm postfix-mysql-2.7.2-13.38.1.i586.rpm postfix-mysql-debuginfo-2.7.2-13.38.1.i586.rpm postfix-postgresql-2.7.2-13.38.1.i586.rpm postfix-postgresql-debuginfo-2.7.2-13.38.1.i586.rpm libopenssl-devel-1.0.1p-68.2.x86_64.rpm libopenssl1_0_0-1.0.1p-68.2.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-68.2.x86_64.rpm openssl-1.0.1p-68.2.x86_64.rpm openssl-debuginfo-1.0.1p-68.2.x86_64.rpm openssl-debugsource-1.0.1p-68.2.x86_64.rpm postfix-2.7.2-13.38.1.x86_64.rpm postfix-debuginfo-2.7.2-13.38.1.x86_64.rpm postfix-debugsource-2.7.2-13.38.1.x86_64.rpm postfix-devel-2.7.2-13.38.1.x86_64.rpm postfix-mysql-2.7.2-13.38.1.x86_64.rpm postfix-mysql-debuginfo-2.7.2-13.38.1.x86_64.rpm postfix-postgresql-2.7.2-13.38.1.x86_64.rpm postfix-postgresql-debuginfo-2.7.2-13.38.1.x86_64.rpm 2015-502 critical openSUSE Evergreen 11.4 flash-player was updated to fix two security issues. These security issues were fixed: - CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function (bsc#937752). - CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property (bsc#937752). flash-player-11.2.202.491-173.1.i586.rpm flash-player-11.2.202.491-173.1.nosrc.rpm flash-player-gnome-11.2.202.491-173.1.i586.rpm flash-player-kde4-11.2.202.491-173.1.i586.rpm flash-player-11.2.202.491-173.1.x86_64.rpm flash-player-gnome-11.2.202.491-173.1.x86_64.rpm flash-player-kde4-11.2.202.491-173.1.x86_64.rpm 2015-527 important openSUSE Evergreen 11.4 bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries (boo#939567) Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling. bind-9.9.4P2-66.1.i586.rpm bind-9.9.4P2-66.1.src.rpm bind-chrootenv-9.9.4P2-66.1.i586.rpm bind-debuginfo-9.9.4P2-66.1.i586.rpm bind-debugsource-9.9.4P2-66.1.i586.rpm bind-devel-9.9.4P2-66.1.i586.rpm bind-doc-9.9.4P2-66.1.noarch.rpm bind-libs-32bit-9.9.4P2-66.1.x86_64.rpm bind-libs-9.9.4P2-66.1.i586.rpm bind-libs-debuginfo-32bit-9.9.4P2-66.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-66.1.i586.rpm bind-libs-debuginfo-x86-9.9.4P2-66.1.ia64.rpm bind-libs-x86-9.9.4P2-66.1.ia64.rpm bind-lwresd-9.9.4P2-66.1.i586.rpm bind-lwresd-debuginfo-9.9.4P2-66.1.i586.rpm bind-utils-9.9.4P2-66.1.i586.rpm bind-utils-debuginfo-9.9.4P2-66.1.i586.rpm bind-9.9.4P2-66.1.x86_64.rpm bind-chrootenv-9.9.4P2-66.1.x86_64.rpm bind-debuginfo-9.9.4P2-66.1.x86_64.rpm bind-debugsource-9.9.4P2-66.1.x86_64.rpm bind-devel-9.9.4P2-66.1.x86_64.rpm bind-libs-9.9.4P2-66.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-66.1.x86_64.rpm bind-lwresd-9.9.4P2-66.1.x86_64.rpm bind-lwresd-debuginfo-9.9.4P2-66.1.x86_64.rpm bind-utils-9.9.4P2-66.1.x86_64.rpm bind-utils-debuginfo-9.9.4P2-66.1.x86_64.rpm 2015-625 important openSUSE Evergreen 11.4 BIND was updated to fix a denial of service against servers performing validation on DNSSEC-signed records (CVE-2015-5722, bsc#944066). bind-9.9.4P2-69.1.i586.rpm bind-9.9.4P2-69.1.src.rpm bind-chrootenv-9.9.4P2-69.1.i586.rpm bind-debuginfo-9.9.4P2-69.1.i586.rpm bind-debugsource-9.9.4P2-69.1.i586.rpm bind-devel-9.9.4P2-69.1.i586.rpm bind-doc-9.9.4P2-69.1.noarch.rpm bind-libs-32bit-9.9.4P2-69.1.x86_64.rpm bind-libs-9.9.4P2-69.1.i586.rpm bind-libs-debuginfo-32bit-9.9.4P2-69.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-69.1.i586.rpm bind-libs-debuginfo-x86-9.9.4P2-69.1.ia64.rpm bind-libs-x86-9.9.4P2-69.1.ia64.rpm bind-lwresd-9.9.4P2-69.1.i586.rpm bind-lwresd-debuginfo-9.9.4P2-69.1.i586.rpm bind-utils-9.9.4P2-69.1.i586.rpm bind-utils-debuginfo-9.9.4P2-69.1.i586.rpm bind-9.9.4P2-69.1.x86_64.rpm bind-chrootenv-9.9.4P2-69.1.x86_64.rpm bind-debuginfo-9.9.4P2-69.1.x86_64.rpm bind-debugsource-9.9.4P2-69.1.x86_64.rpm bind-devel-9.9.4P2-69.1.x86_64.rpm bind-libs-9.9.4P2-69.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-69.1.x86_64.rpm bind-lwresd-9.9.4P2-69.1.x86_64.rpm bind-lwresd-debuginfo-9.9.4P2-69.1.x86_64.rpm bind-utils-9.9.4P2-69.1.x86_64.rpm bind-utils-debuginfo-9.9.4P2-69.1.x86_64.rpm 2015-790 low openSUSE Evergreen 11.4 kernel update for Evergreen 11.4 kernel-debug-3.0.101-102.1.i586.rpm kernel-debug-3.0.101-102.1.nosrc.rpm kernel-debug-base-3.0.101-102.1.i586.rpm kernel-debug-base-debuginfo-3.0.101-102.1.i586.rpm kernel-debug-debuginfo-3.0.101-102.1.i586.rpm kernel-debug-debugsource-3.0.101-102.1.i586.rpm kernel-debug-devel-3.0.101-102.1.i586.rpm kernel-debug-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-debug-hmac-3.0.101-102.1.i586.rpm kernel-default-3.0.101-102.1.i586.rpm kernel-default-3.0.101-102.1.nosrc.rpm kernel-default-base-3.0.101-102.1.i586.rpm kernel-default-base-debuginfo-3.0.101-102.1.i586.rpm kernel-default-debuginfo-3.0.101-102.1.i586.rpm kernel-default-debugsource-3.0.101-102.1.i586.rpm kernel-default-devel-3.0.101-102.1.i586.rpm kernel-default-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-default-hmac-3.0.101-102.1.i586.rpm kernel-desktop-3.0.101-102.1.i586.rpm kernel-desktop-3.0.101-102.1.nosrc.rpm kernel-desktop-base-3.0.101-102.1.i586.rpm kernel-desktop-base-debuginfo-3.0.101-102.1.i586.rpm kernel-desktop-debuginfo-3.0.101-102.1.i586.rpm kernel-desktop-debugsource-3.0.101-102.1.i586.rpm kernel-desktop-devel-3.0.101-102.1.i586.rpm kernel-desktop-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-desktop-hmac-3.0.101-102.1.i586.rpm kernel-docs-3.0.101-102.1.noarch.rpm kernel-docs-3.0.101-102.1.src.rpm kernel-ec2-3.0.101-102.1.i586.rpm kernel-ec2-3.0.101-102.1.nosrc.rpm kernel-ec2-base-3.0.101-102.1.i586.rpm kernel-ec2-base-debuginfo-3.0.101-102.1.i586.rpm kernel-ec2-debuginfo-3.0.101-102.1.i586.rpm kernel-ec2-debugsource-3.0.101-102.1.i586.rpm kernel-ec2-devel-3.0.101-102.1.i586.rpm kernel-ec2-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-ec2-extra-3.0.101-102.1.i586.rpm kernel-ec2-extra-debuginfo-3.0.101-102.1.i586.rpm kernel-ec2-hmac-3.0.101-102.1.i586.rpm kernel-pae-3.0.101-102.1.i586.rpm kernel-pae-3.0.101-102.1.nosrc.rpm kernel-pae-base-3.0.101-102.1.i586.rpm kernel-pae-base-debuginfo-3.0.101-102.1.i586.rpm kernel-pae-debuginfo-3.0.101-102.1.i586.rpm kernel-pae-debugsource-3.0.101-102.1.i586.rpm kernel-pae-devel-3.0.101-102.1.i586.rpm kernel-pae-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-pae-hmac-3.0.101-102.1.i586.rpm kernel-source-3.0.101-102.1.i586.rpm kernel-source-3.0.101-102.1.src.rpm kernel-source-vanilla-3.0.101-102.1.i586.rpm kernel-syms-3.0.101-102.1.i586.rpm kernel-syms-3.0.101-102.1.src.rpm kernel-trace-3.0.101-102.1.i586.rpm kernel-trace-3.0.101-102.1.nosrc.rpm kernel-trace-base-3.0.101-102.1.i586.rpm kernel-trace-base-debuginfo-3.0.101-102.1.i586.rpm kernel-trace-debuginfo-3.0.101-102.1.i586.rpm kernel-trace-debugsource-3.0.101-102.1.i586.rpm kernel-trace-devel-3.0.101-102.1.i586.rpm kernel-trace-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-trace-hmac-3.0.101-102.1.i586.rpm kernel-vanilla-3.0.101-102.1.i586.rpm kernel-vanilla-3.0.101-102.1.nosrc.rpm kernel-vanilla-base-3.0.101-102.1.i586.rpm kernel-vanilla-base-debuginfo-3.0.101-102.1.i586.rpm kernel-vanilla-debuginfo-3.0.101-102.1.i586.rpm kernel-vanilla-debugsource-3.0.101-102.1.i586.rpm kernel-vanilla-devel-3.0.101-102.1.i586.rpm kernel-vanilla-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-vanilla-hmac-3.0.101-102.1.i586.rpm kernel-vmi-3.0.101-102.1.i586.rpm kernel-vmi-3.0.101-102.1.nosrc.rpm kernel-vmi-base-3.0.101-102.1.i586.rpm kernel-vmi-base-debuginfo-3.0.101-102.1.i586.rpm kernel-vmi-debuginfo-3.0.101-102.1.i586.rpm kernel-vmi-debugsource-3.0.101-102.1.i586.rpm kernel-vmi-devel-3.0.101-102.1.i586.rpm kernel-vmi-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-vmi-hmac-3.0.101-102.1.i586.rpm kernel-xen-3.0.101-102.1.i586.rpm kernel-xen-3.0.101-102.1.nosrc.rpm kernel-xen-base-3.0.101-102.1.i586.rpm kernel-xen-base-debuginfo-3.0.101-102.1.i586.rpm kernel-xen-debuginfo-3.0.101-102.1.i586.rpm kernel-xen-debugsource-3.0.101-102.1.i586.rpm kernel-xen-devel-3.0.101-102.1.i586.rpm kernel-xen-devel-debuginfo-3.0.101-102.1.i586.rpm kernel-xen-hmac-3.0.101-102.1.i586.rpm preload-1.2-6.80.1.i586.rpm preload-1.2-6.80.1.src.rpm preload-debuginfo-1.2-6.80.1.i586.rpm preload-debugsource-1.2-6.80.1.i586.rpm preload-kmp-default-1.2_3.0.101_102-6.80.1.i586.rpm preload-kmp-default-debuginfo-1.2_3.0.101_102-6.80.1.i586.rpm preload-kmp-desktop-1.2_3.0.101_102-6.80.1.i586.rpm preload-kmp-desktop-debuginfo-1.2_3.0.101_102-6.80.1.i586.rpm kernel-debug-3.0.101-102.1.x86_64.rpm kernel-debug-base-3.0.101-102.1.x86_64.rpm kernel-debug-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-debug-debuginfo-3.0.101-102.1.x86_64.rpm kernel-debug-debugsource-3.0.101-102.1.x86_64.rpm kernel-debug-devel-3.0.101-102.1.x86_64.rpm kernel-debug-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-debug-hmac-3.0.101-102.1.x86_64.rpm kernel-default-3.0.101-102.1.x86_64.rpm kernel-default-base-3.0.101-102.1.x86_64.rpm kernel-default-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-default-debuginfo-3.0.101-102.1.x86_64.rpm kernel-default-debugsource-3.0.101-102.1.x86_64.rpm kernel-default-devel-3.0.101-102.1.x86_64.rpm kernel-default-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-default-hmac-3.0.101-102.1.x86_64.rpm kernel-desktop-3.0.101-102.1.x86_64.rpm kernel-desktop-base-3.0.101-102.1.x86_64.rpm kernel-desktop-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-desktop-debuginfo-3.0.101-102.1.x86_64.rpm kernel-desktop-debugsource-3.0.101-102.1.x86_64.rpm kernel-desktop-devel-3.0.101-102.1.x86_64.rpm kernel-desktop-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-desktop-hmac-3.0.101-102.1.x86_64.rpm kernel-ec2-3.0.101-102.1.x86_64.rpm kernel-ec2-base-3.0.101-102.1.x86_64.rpm kernel-ec2-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-ec2-debuginfo-3.0.101-102.1.x86_64.rpm kernel-ec2-debugsource-3.0.101-102.1.x86_64.rpm kernel-ec2-devel-3.0.101-102.1.x86_64.rpm kernel-ec2-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-ec2-extra-3.0.101-102.1.x86_64.rpm kernel-ec2-extra-debuginfo-3.0.101-102.1.x86_64.rpm kernel-ec2-hmac-3.0.101-102.1.x86_64.rpm kernel-source-3.0.101-102.1.x86_64.rpm kernel-source-vanilla-3.0.101-102.1.x86_64.rpm kernel-syms-3.0.101-102.1.x86_64.rpm kernel-trace-3.0.101-102.1.x86_64.rpm kernel-trace-base-3.0.101-102.1.x86_64.rpm kernel-trace-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-trace-debuginfo-3.0.101-102.1.x86_64.rpm kernel-trace-debugsource-3.0.101-102.1.x86_64.rpm kernel-trace-devel-3.0.101-102.1.x86_64.rpm kernel-trace-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-trace-hmac-3.0.101-102.1.x86_64.rpm kernel-vanilla-3.0.101-102.1.x86_64.rpm kernel-vanilla-base-3.0.101-102.1.x86_64.rpm kernel-vanilla-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-vanilla-debuginfo-3.0.101-102.1.x86_64.rpm kernel-vanilla-debugsource-3.0.101-102.1.x86_64.rpm kernel-vanilla-devel-3.0.101-102.1.x86_64.rpm kernel-vanilla-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-vanilla-hmac-3.0.101-102.1.x86_64.rpm kernel-xen-3.0.101-102.1.x86_64.rpm kernel-xen-base-3.0.101-102.1.x86_64.rpm kernel-xen-base-debuginfo-3.0.101-102.1.x86_64.rpm kernel-xen-debuginfo-3.0.101-102.1.x86_64.rpm kernel-xen-debugsource-3.0.101-102.1.x86_64.rpm kernel-xen-devel-3.0.101-102.1.x86_64.rpm kernel-xen-devel-debuginfo-3.0.101-102.1.x86_64.rpm kernel-xen-hmac-3.0.101-102.1.x86_64.rpm preload-1.2-6.80.1.x86_64.rpm preload-debuginfo-1.2-6.80.1.x86_64.rpm preload-debugsource-1.2-6.80.1.x86_64.rpm preload-kmp-default-1.2_3.0.101_102-6.80.1.x86_64.rpm preload-kmp-default-debuginfo-1.2_3.0.101_102-6.80.1.x86_64.rpm preload-kmp-desktop-1.2_3.0.101_102-6.80.1.x86_64.rpm preload-kmp-desktop-debuginfo-1.2_3.0.101_102-6.80.1.x86_64.rpm 2015-670 critical openSUSE Evergreen 11.4 This security issue was fixed: - CVE-2015-7645: Critical vulnerability affecting 11.2.202.535 used in Pawn Storm (APSA15-05) (bsc#950474). flash-player-11.2.202.540-176.1.i586.rpm flash-player-11.2.202.540-176.1.nosrc.rpm flash-player-gnome-11.2.202.540-176.1.i586.rpm flash-player-kde4-11.2.202.540-176.1.i586.rpm flash-player-11.2.202.540-176.1.x86_64.rpm flash-player-gnome-11.2.202.540-176.1.x86_64.rpm flash-player-kde4-11.2.202.540-176.1.x86_64.rpm 2015-969 important openSUSE Evergreen 11.4 This update for bind fixes the following security issue: - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (boo#958861). bind-9.9.4P2-72.1.i586.rpm bind-9.9.4P2-72.1.src.rpm bind-chrootenv-9.9.4P2-72.1.i586.rpm bind-debuginfo-9.9.4P2-72.1.i586.rpm bind-debugsource-9.9.4P2-72.1.i586.rpm bind-devel-9.9.4P2-72.1.i586.rpm bind-doc-9.9.4P2-72.1.noarch.rpm bind-libs-32bit-9.9.4P2-72.1.x86_64.rpm bind-libs-9.9.4P2-72.1.i586.rpm bind-libs-debuginfo-32bit-9.9.4P2-72.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-72.1.i586.rpm bind-libs-debuginfo-x86-9.9.4P2-72.1.ia64.rpm bind-libs-x86-9.9.4P2-72.1.ia64.rpm bind-lwresd-9.9.4P2-72.1.i586.rpm bind-lwresd-debuginfo-9.9.4P2-72.1.i586.rpm bind-utils-9.9.4P2-72.1.i586.rpm bind-utils-debuginfo-9.9.4P2-72.1.i586.rpm bind-9.9.4P2-72.1.x86_64.rpm bind-chrootenv-9.9.4P2-72.1.x86_64.rpm bind-debuginfo-9.9.4P2-72.1.x86_64.rpm bind-debugsource-9.9.4P2-72.1.x86_64.rpm bind-devel-9.9.4P2-72.1.x86_64.rpm bind-libs-9.9.4P2-72.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-72.1.x86_64.rpm bind-lwresd-9.9.4P2-72.1.x86_64.rpm bind-lwresd-debuginfo-9.9.4P2-72.1.x86_64.rpm bind-utils-9.9.4P2-72.1.x86_64.rpm bind-utils-debuginfo-9.9.4P2-72.1.x86_64.rpm 2015-970 important openSUSE Evergreen 11.4 This update for grub2 fixes the following issue: - CVE-2015-8370: Fix for overflow in grub_password_get and grub_user_get functions (bsc#956631) grub2-1.98-14.1.i586.rpm grub2-1.98-14.1.src.rpm grub2-debuginfo-1.98-14.1.i586.rpm grub2-debugsource-1.98-14.1.i586.rpm grub2-1.98-14.1.x86_64.rpm grub2-debuginfo-1.98-14.1.x86_64.rpm grub2-debugsource-1.98-14.1.x86_64.rpm 2015-976 important openSUSE Evergreen 11.4 This update for flash-player fixes the following issues: - Security update to 11.2.202.559 (boo#960317): * APSB16-01, CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651 flash-player-11.2.202.559-179.1.i586.rpm flash-player-11.2.202.559-179.1.nosrc.rpm flash-player-gnome-11.2.202.559-179.1.i586.rpm flash-player-kde4-11.2.202.559-179.1.i586.rpm flash-player-11.2.202.559-179.1.x86_64.rpm flash-player-gnome-11.2.202.559-179.1.x86_64.rpm flash-player-kde4-11.2.202.559-179.1.x86_64.rpm 2012-24 moderate openSUSE Evergreen 11.4 - fix bnc#793394 - bypass of security constraints (CVE-2012-3546) * apache-tomcat-CVE-2012-3546.patch http://svn.apache.org/viewvc?view=revision&revision=1381035 - fix bnc#793391 - bypass of CSRF prevention filter (CVE-2012-4431) * apache-tomcat-CVE-2012-4431.patch http://svn.apache.org/viewvc?view=revision&revision=1394456 - document how to protect against slowloris DoS (CVE-2012-5568/bnc#791679) in README.SUSE - fixes bnc#791423 - cnonce tracking weakness (CVE-2012-5885) bnc#791424 - authentication caching weakness (CVE-2012-5886) bnc#791426 - stale nonce weakness (CVE-2012-5887) * apache-tomcat-CVE-2009-2693-CVE-2009-2901-CVE-2009-2902.patch http://svn.apache.org/viewvc?view=revision&revision=1380829 - fix bnc#789406 - HTTP NIO connector OOM DoS via a request with large headers (CVE-2012-2733) * http://svn.apache.org/viewvc?view=revision&revision=1356208 tomcat6-6.0.32-7.34.1.noarch.rpm tomcat6-6.0.32-7.34.1.src.rpm tomcat6-admin-webapps-6.0.32-7.34.1.noarch.rpm tomcat6-docs-webapp-6.0.32-7.34.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-7.34.1.noarch.rpm tomcat6-javadoc-6.0.32-7.34.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-7.34.1.noarch.rpm tomcat6-lib-6.0.32-7.34.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-7.34.1.noarch.rpm tomcat6-webapps-6.0.32-7.34.1.noarch.rpm 2016-48 critical openSUSE Evergreen 11.4 - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642) - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645) This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server. openssh-askpass-gnome-5.8p1-11.1.i586.rpm openssh-askpass-gnome-5.8p1-11.1.src.rpm openssh-askpass-gnome-debuginfo-5.8p1-11.1.i586.rpm openssh-5.8p1-11.1.i586.rpm openssh-5.8p1-11.1.src.rpm openssh-askpass-5.8p1-11.1.i586.rpm openssh-askpass-debuginfo-5.8p1-11.1.i586.rpm openssh-debuginfo-5.8p1-11.1.i586.rpm openssh-debugsource-5.8p1-11.1.i586.rpm openssh-askpass-gnome-5.8p1-11.1.x86_64.rpm openssh-askpass-gnome-debuginfo-5.8p1-11.1.x86_64.rpm openssh-5.8p1-11.1.x86_64.rpm openssh-askpass-5.8p1-11.1.x86_64.rpm openssh-askpass-debuginfo-5.8p1-11.1.x86_64.rpm openssh-debuginfo-5.8p1-11.1.x86_64.rpm openssh-debugsource-5.8p1-11.1.x86_64.rpm 2013-1 important openSUSE Evergreen 11.4 mysql community server was updated to 5.1.67, fixing bugs and security issues. See http://dev.mysql.com/doc/refman/5.1/en/news-5-1-67.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html libmysqlclient-devel-5.1.67-58.1.i586.rpm libmysqlclient16-32bit-5.1.67-58.1.x86_64.rpm libmysqlclient16-5.1.67-58.1.i586.rpm libmysqlclient16-debuginfo-32bit-5.1.67-58.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.67-58.1.i586.rpm libmysqlclient16-debuginfo-x86-5.1.67-58.1.ia64.rpm libmysqlclient16-x86-5.1.67-58.1.ia64.rpm libmysqlclient_r16-32bit-5.1.67-58.1.x86_64.rpm libmysqlclient_r16-5.1.67-58.1.i586.rpm libmysqlclient_r16-debuginfo-32bit-5.1.67-58.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.67-58.1.i586.rpm libmysqlclient_r16-debuginfo-x86-5.1.67-58.1.ia64.rpm libmysqlclient_r16-x86-5.1.67-58.1.ia64.rpm libmysqld-devel-5.1.67-58.1.i586.rpm libmysqld0-5.1.67-58.1.i586.rpm libmysqld0-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-5.1.67-58.1.i586.rpm mysql-community-server-5.1.67-58.1.src.rpm mysql-community-server-bench-5.1.67-58.1.i586.rpm mysql-community-server-bench-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-client-5.1.67-58.1.i586.rpm mysql-community-server-client-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-debug-5.1.67-58.1.i586.rpm mysql-community-server-debug-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-debugsource-5.1.67-58.1.i586.rpm mysql-community-server-test-5.1.67-58.1.i586.rpm mysql-community-server-test-debuginfo-5.1.67-58.1.i586.rpm mysql-community-server-tools-5.1.67-58.1.i586.rpm mysql-community-server-tools-debuginfo-5.1.67-58.1.i586.rpm libmysqlclient-devel-5.1.67-58.1.x86_64.rpm libmysqlclient16-5.1.67-58.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.67-58.1.x86_64.rpm libmysqlclient_r16-5.1.67-58.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.67-58.1.x86_64.rpm libmysqld-devel-5.1.67-58.1.x86_64.rpm libmysqld0-5.1.67-58.1.x86_64.rpm libmysqld0-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-5.1.67-58.1.x86_64.rpm mysql-community-server-bench-5.1.67-58.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-client-5.1.67-58.1.x86_64.rpm mysql-community-server-client-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-debug-5.1.67-58.1.x86_64.rpm mysql-community-server-debug-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-debugsource-5.1.67-58.1.x86_64.rpm mysql-community-server-test-5.1.67-58.1.x86_64.rpm mysql-community-server-test-debuginfo-5.1.67-58.1.x86_64.rpm mysql-community-server-tools-5.1.67-58.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.1.67-58.1.x86_64.rpm 2013-2 important openSUSE Evergreen 11.4 MariaDB was updated to 5.1.66: https://kb.askmonty.org/en/mariadb-5166-release-notes/ https://kb.askmonty.org/en/mariadb-5166-changelog/ libmariadbclient16-5.1.66-42.1.i586.rpm libmariadbclient16-debuginfo-5.1.66-42.1.i586.rpm libmariadbclient_r16-5.1.66-42.1.i586.rpm libmariadbclient_r16-debuginfo-5.1.66-42.1.i586.rpm mariadb-5.1.66-42.1.i586.rpm mariadb-5.1.66-42.1.src.rpm mariadb-bench-5.1.66-42.1.i586.rpm mariadb-bench-debuginfo-5.1.66-42.1.i586.rpm mariadb-client-5.1.66-42.1.i586.rpm mariadb-client-debuginfo-5.1.66-42.1.i586.rpm mariadb-debug-5.1.66-42.1.i586.rpm mariadb-debug-debuginfo-5.1.66-42.1.i586.rpm mariadb-debuginfo-5.1.66-42.1.i586.rpm mariadb-debugsource-5.1.66-42.1.i586.rpm mariadb-test-5.1.66-42.1.i586.rpm mariadb-test-debuginfo-5.1.66-42.1.i586.rpm mariadb-tools-5.1.66-42.1.i586.rpm mariadb-tools-debuginfo-5.1.66-42.1.i586.rpm libmariadbclient16-5.1.66-42.1.x86_64.rpm libmariadbclient16-debuginfo-5.1.66-42.1.x86_64.rpm libmariadbclient_r16-5.1.66-42.1.x86_64.rpm libmariadbclient_r16-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-5.1.66-42.1.x86_64.rpm mariadb-bench-5.1.66-42.1.x86_64.rpm mariadb-bench-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-client-5.1.66-42.1.x86_64.rpm mariadb-client-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-debug-5.1.66-42.1.x86_64.rpm mariadb-debug-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-debugsource-5.1.66-42.1.x86_64.rpm mariadb-test-5.1.66-42.1.x86_64.rpm mariadb-test-debuginfo-5.1.66-42.1.x86_64.rpm mariadb-tools-5.1.66-42.1.x86_64.rpm mariadb-tools-debuginfo-5.1.66-42.1.x86_64.rpm 2013-6 moderate openSUSE Evergreen 11.4 libqt4 received security fixes for: - XMLHttpRequest could redirect to a file: URL (CVE-2012-5624, bnc#793194) - Disable SSL compression by default to mitigate CRIME attack (CVE-2012-4929) libQtWebKit-devel-4.7.1-8.63.1.i586.rpm libQtWebKit4-32bit-4.7.1-8.63.1.x86_64.rpm libQtWebKit4-4.7.1-8.63.1.i586.rpm libQtWebKit4-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.63.1.i586.rpm libQtWebKit4-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libQtWebKit4-x86-4.7.1-8.63.1.ia64.rpm libqt4-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-4.7.1-8.63.1.i586.rpm libqt4-4.7.1-8.63.1.src.rpm libqt4-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libqt4-debugsource-4.7.1-8.63.1.i586.rpm libqt4-devel-4.7.1-8.63.1.i586.rpm libqt4-devel-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-qt3support-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-qt3support-4.7.1-8.63.1.i586.rpm libqt4-qt3support-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-qt3support-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libqt4-qt3support-x86-4.7.1-8.63.1.ia64.rpm libqt4-sql-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-sql-4.7.1-8.63.1.i586.rpm libqt4-sql-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-sql-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libqt4-sql-sqlite-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.63.1.i586.rpm libqt4-sql-sqlite-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-sql-sqlite-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libqt4-sql-sqlite-x86-4.7.1-8.63.1.ia64.rpm libqt4-sql-x86-4.7.1-8.63.1.ia64.rpm libqt4-x11-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-x11-4.7.1-8.63.1.i586.rpm libqt4-x11-debuginfo-32bit-4.7.1-8.63.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.63.1.i586.rpm libqt4-x11-debuginfo-x86-4.7.1-8.63.1.ia64.rpm libqt4-x11-x86-4.7.1-8.63.1.ia64.rpm libqt4-x86-4.7.1-8.63.1.ia64.rpm libQtWebKit-devel-4.7.1-8.63.1.x86_64.rpm libQtWebKit4-4.7.1-8.63.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-4.7.1-8.63.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-debugsource-4.7.1-8.63.1.x86_64.rpm libqt4-devel-4.7.1-8.63.1.x86_64.rpm libqt4-devel-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-qt3support-4.7.1-8.63.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-sql-4.7.1-8.63.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.63.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.63.1.x86_64.rpm libqt4-x11-4.7.1-8.63.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.63.1.x86_64.rpm 2013-3 moderate openSUSE Evergreen 11.4 The root SSL certificate store was updated to revision 1.87 (bnc#796628) * new "EE Certification Centre Root CA" * new "T-TeleSec GlobalRoot Class 3" ca-certificates-mozilla-1.87-13.1.noarch.rpm ca-certificates-mozilla-1.87-13.1.src.rpm 2016-234 critical openSUSE Evergreen 11.4 This update for glibc fixes the following security issues: * fix stack overflow in the glibc libresolv DNS resolver function getaddrinfo(), known as CVE-2015-7547. It is a client side networked/remote vulnerability. glibc-2.11.3-69.1.i686.rpm glibc-2.11.3-69.1.nosrc.rpm glibc-32bit-2.11.3-69.1.x86_64.rpm glibc-debuginfo-2.11.3-69.1.i686.rpm glibc-debuginfo-32bit-2.11.3-69.1.x86_64.rpm glibc-debuginfo-x86-2.11.3-69.1.ia64.rpm glibc-debugsource-2.11.3-69.1.i686.rpm glibc-devel-2.11.3-69.1.i686.rpm glibc-devel-32bit-2.11.3-69.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-69.1.i686.rpm glibc-devel-debuginfo-32bit-2.11.3-69.1.x86_64.rpm glibc-devel-debuginfo-x86-2.11.3-69.1.ia64.rpm glibc-html-2.11.3-69.1.i686.rpm glibc-i18ndata-2.11.3-69.1.i686.rpm glibc-info-2.11.3-69.1.i686.rpm glibc-locale-2.11.3-69.1.i686.rpm glibc-locale-32bit-2.11.3-69.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-69.1.i686.rpm glibc-locale-debuginfo-32bit-2.11.3-69.1.x86_64.rpm glibc-locale-debuginfo-x86-2.11.3-69.1.ia64.rpm glibc-locale-x86-2.11.3-69.1.ia64.rpm glibc-obsolete-2.11.3-69.1.i686.rpm glibc-obsolete-debuginfo-2.11.3-69.1.i686.rpm glibc-profile-2.11.3-69.1.i686.rpm glibc-profile-32bit-2.11.3-69.1.x86_64.rpm glibc-profile-x86-2.11.3-69.1.ia64.rpm glibc-x86-2.11.3-69.1.ia64.rpm nscd-2.11.3-69.1.i686.rpm nscd-debuginfo-2.11.3-69.1.i686.rpm glibc-2.11.3-69.2.i586.rpm glibc-2.11.3-69.2.src.rpm glibc-debuginfo-2.11.3-69.2.i586.rpm glibc-debugsource-2.11.3-69.2.i586.rpm glibc-devel-2.11.3-69.2.i586.rpm glibc-devel-debuginfo-2.11.3-69.2.i586.rpm glibc-html-2.11.3-69.2.i586.rpm glibc-i18ndata-2.11.3-69.2.i586.rpm glibc-info-2.11.3-69.2.i586.rpm glibc-locale-2.11.3-69.2.i586.rpm glibc-locale-debuginfo-2.11.3-69.2.i586.rpm glibc-obsolete-2.11.3-69.2.i586.rpm glibc-obsolete-debuginfo-2.11.3-69.2.i586.rpm glibc-profile-2.11.3-69.2.i586.rpm nscd-2.11.3-69.2.i586.rpm nscd-debuginfo-2.11.3-69.2.i586.rpm glibc-2.11.3-69.2.x86_64.rpm glibc-debuginfo-2.11.3-69.2.x86_64.rpm glibc-debugsource-2.11.3-69.2.x86_64.rpm glibc-devel-2.11.3-69.2.x86_64.rpm glibc-devel-debuginfo-2.11.3-69.2.x86_64.rpm glibc-html-2.11.3-69.2.x86_64.rpm glibc-i18ndata-2.11.3-69.2.x86_64.rpm glibc-info-2.11.3-69.2.x86_64.rpm glibc-locale-2.11.3-69.2.x86_64.rpm glibc-locale-debuginfo-2.11.3-69.2.x86_64.rpm glibc-obsolete-2.11.3-69.2.x86_64.rpm glibc-profile-2.11.3-69.2.x86_64.rpm nscd-2.11.3-69.2.x86_64.rpm nscd-debuginfo-2.11.3-69.2.x86_64.rpm 2013-4 important openSUSE Evergreen 11.4 The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas * MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads * MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups * MFSA 2013-06/CVE-2013-0751 (bmo#790454) Touch events are shared across iframes * MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads * MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection * MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values * MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy * MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects * MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in Javascript string concatenation * MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG * MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype * MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects * MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream * MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager * MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate * MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in Javascript Proxy objects Mozilla NSPR was updated to 4.9.4, containing some small bugfixes and new features. Mozilla NSS was updated to 3.14.1 containing various new features, security fix and bugfixes: * MFSA 2013-20/CVE-2013-0743 (bmo#825022, bnc#796628) revoke mis-issued intermediate certificates from TURKTRUST Cryptographic changes done: * Support for TLS 1.1 (RFC 4346) * Experimental support for DTLS 1.0 (RFC 4347) and DTLS-SRTP (RFC 5764) * Support for AES-CTR, AES-CTS, and AES-GCM * Support for Keying Material Exporters for TLS (RFC 5705) * Support for certificate signatures using the MD5 hash algorithm is now disabled by default * The NSS license has changed to MPL 2.0. Previous releases were released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more information about MPL 2.0, please see http://www.mozilla.org/MPL/2.0/FAQ.html. For an additional explanation on GPL/LGPL compatibility, see security/nss/COPYING in the source code. * Export and DES cipher suites are disabled by default. Non-ECC AES and Triple DES cipher suites are enabled by default Please see http://www.mozilla.org/security/announce/ for more information. MozillaFirefox-18.0-57.1.i586.rpm MozillaFirefox-18.0-57.1.src.rpm MozillaFirefox-branding-upstream-18.0-57.1.i586.rpm MozillaFirefox-buildsymbols-18.0-57.1.i586.rpm MozillaFirefox-debuginfo-18.0-57.1.i586.rpm MozillaFirefox-debugsource-18.0-57.1.i586.rpm MozillaFirefox-devel-18.0-57.1.i586.rpm MozillaFirefox-translations-common-18.0-57.1.i586.rpm MozillaFirefox-translations-other-18.0-57.1.i586.rpm MozillaThunderbird-17.0.2-45.1.i586.rpm MozillaThunderbird-17.0.2-45.1.src.rpm MozillaThunderbird-buildsymbols-17.0.2-45.1.i586.rpm MozillaThunderbird-debuginfo-17.0.2-45.1.i586.rpm MozillaThunderbird-debugsource-17.0.2-45.1.i586.rpm MozillaThunderbird-devel-17.0.2-45.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.2-45.1.i586.rpm MozillaThunderbird-translations-common-17.0.2-45.1.i586.rpm MozillaThunderbird-translations-other-17.0.2-45.1.i586.rpm enigmail-1.5.0+17.0.2-45.1.i586.rpm enigmail-debuginfo-1.5.0+17.0.2-45.1.i586.rpm mozilla-nspr-32bit-4.9.4-20.1.x86_64.rpm mozilla-nspr-4.9.4-20.1.i586.rpm mozilla-nspr-4.9.4-20.1.src.rpm mozilla-nspr-debuginfo-32bit-4.9.4-20.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.4-20.1.i586.rpm mozilla-nspr-debuginfo-x86-4.9.4-20.1.ia64.rpm mozilla-nspr-debugsource-4.9.4-20.1.i586.rpm mozilla-nspr-devel-4.9.4-20.1.i586.rpm mozilla-nspr-x86-4.9.4-20.1.ia64.rpm libfreebl3-3.14.1-51.1.i586.rpm libfreebl3-32bit-3.14.1-51.1.x86_64.rpm libfreebl3-debuginfo-3.14.1-51.1.i586.rpm libfreebl3-debuginfo-32bit-3.14.1-51.1.x86_64.rpm libfreebl3-debuginfo-x86-3.14.1-51.1.ia64.rpm libfreebl3-x86-3.14.1-51.1.ia64.rpm libsoftokn3-3.14.1-51.1.i586.rpm libsoftokn3-32bit-3.14.1-51.1.x86_64.rpm libsoftokn3-debuginfo-3.14.1-51.1.i586.rpm libsoftokn3-debuginfo-32bit-3.14.1-51.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.14.1-51.1.ia64.rpm libsoftokn3-x86-3.14.1-51.1.ia64.rpm mozilla-nss-3.14.1-51.1.i586.rpm mozilla-nss-3.14.1-51.1.src.rpm mozilla-nss-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-certs-3.14.1-51.1.i586.rpm mozilla-nss-certs-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.14.1-51.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.14.1-51.1.ia64.rpm mozilla-nss-certs-x86-3.14.1-51.1.ia64.rpm mozilla-nss-debuginfo-3.14.1-51.1.i586.rpm mozilla-nss-debuginfo-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.14.1-51.1.ia64.rpm mozilla-nss-debugsource-3.14.1-51.1.i586.rpm mozilla-nss-devel-3.14.1-51.1.i586.rpm mozilla-nss-sysinit-3.14.1-51.1.i586.rpm mozilla-nss-sysinit-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.14.1-51.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.14.1-51.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.14.1-51.1.ia64.rpm mozilla-nss-sysinit-x86-3.14.1-51.1.ia64.rpm mozilla-nss-tools-3.14.1-51.1.i586.rpm mozilla-nss-tools-debuginfo-3.14.1-51.1.i586.rpm mozilla-nss-x86-3.14.1-51.1.ia64.rpm seamonkey-2.15-49.1.i586.rpm seamonkey-2.15-49.1.src.rpm seamonkey-debuginfo-2.15-49.1.i586.rpm seamonkey-debugsource-2.15-49.1.i586.rpm seamonkey-dom-inspector-2.15-49.1.i586.rpm seamonkey-irc-2.15-49.1.i586.rpm seamonkey-translations-common-2.15-49.1.i586.rpm seamonkey-translations-other-2.15-49.1.i586.rpm seamonkey-venkman-2.15-49.1.i586.rpm MozillaFirefox-18.0-57.1.x86_64.rpm MozillaFirefox-branding-upstream-18.0-57.1.x86_64.rpm MozillaFirefox-buildsymbols-18.0-57.1.x86_64.rpm MozillaFirefox-debuginfo-18.0-57.1.x86_64.rpm MozillaFirefox-debugsource-18.0-57.1.x86_64.rpm MozillaFirefox-devel-18.0-57.1.x86_64.rpm MozillaFirefox-translations-common-18.0-57.1.x86_64.rpm MozillaFirefox-translations-other-18.0-57.1.x86_64.rpm MozillaThunderbird-17.0.2-45.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.2-45.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0.2-45.1.x86_64.rpm MozillaThunderbird-debugsource-17.0.2-45.1.x86_64.rpm MozillaThunderbird-devel-17.0.2-45.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.2-45.1.x86_64.rpm MozillaThunderbird-translations-common-17.0.2-45.1.x86_64.rpm MozillaThunderbird-translations-other-17.0.2-45.1.x86_64.rpm enigmail-1.5.0+17.0.2-45.1.x86_64.rpm enigmail-debuginfo-1.5.0+17.0.2-45.1.x86_64.rpm mozilla-nspr-4.9.4-20.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.4-20.1.x86_64.rpm mozilla-nspr-debugsource-4.9.4-20.1.x86_64.rpm mozilla-nspr-devel-4.9.4-20.1.x86_64.rpm libfreebl3-3.14.1-51.1.x86_64.rpm libfreebl3-debuginfo-3.14.1-51.1.x86_64.rpm libsoftokn3-3.14.1-51.1.x86_64.rpm libsoftokn3-debuginfo-3.14.1-51.1.x86_64.rpm mozilla-nss-3.14.1-51.1.x86_64.rpm mozilla-nss-certs-3.14.1-51.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.14.1-51.1.x86_64.rpm mozilla-nss-debuginfo-3.14.1-51.1.x86_64.rpm mozilla-nss-debugsource-3.14.1-51.1.x86_64.rpm mozilla-nss-devel-3.14.1-51.1.x86_64.rpm mozilla-nss-sysinit-3.14.1-51.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.14.1-51.1.x86_64.rpm mozilla-nss-tools-3.14.1-51.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.14.1-51.1.x86_64.rpm seamonkey-2.15-49.1.x86_64.rpm seamonkey-debuginfo-2.15-49.1.x86_64.rpm seamonkey-debugsource-2.15-49.1.x86_64.rpm seamonkey-dom-inspector-2.15-49.1.x86_64.rpm seamonkey-irc-2.15-49.1.x86_64.rpm seamonkey-translations-common-2.15-49.1.x86_64.rpm seamonkey-translations-other-2.15-49.1.x86_64.rpm seamonkey-venkman-2.15-49.1.x86_64.rpm 2013-5 moderate openSUSE Evergreen 11.4 - Update to 11.2.202.261: (bnc#797442) * CVE-2013-0630 More details can be found on https://www.adobe.com/support/security/bulletins/apsb13-01.html flash-player-11.2.202.261-39.1.i586.rpm flash-player-11.2.202.261-39.1.nosrc.rpm flash-player-gnome-11.2.202.261-39.1.i586.rpm flash-player-kde4-11.2.202.261-39.1.i586.rpm flash-player-11.2.202.261-39.1.x86_64.rpm flash-player-gnome-11.2.202.261-39.1.x86_64.rpm flash-player-kde4-11.2.202.261-39.1.x86_64.rpm 2013-11 moderate openSUSE Evergreen 11.4 - fix bnc#794548 - denial of service (CVE-2012-4534) * apache-tomcat-CVE-2012-4534.patch fixes apache#53138, apache#52858 http://svn.apache.org/viewvc?view=rev&rev=1372035 - fix a minor issue in apache-tomcat-CVE-2012-4431.patch use the already initialized session variable instead of an another call req.getSesssion() tomcat6-6.0.32-38.1.noarch.rpm tomcat6-6.0.32-38.1.src.rpm tomcat6-admin-webapps-6.0.32-38.1.noarch.rpm tomcat6-docs-webapp-6.0.32-38.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-38.1.noarch.rpm tomcat6-javadoc-6.0.32-38.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-38.1.noarch.rpm tomcat6-lib-6.0.32-38.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-38.1.noarch.rpm tomcat6-webapps-6.0.32-38.1.noarch.rpm 2013-14 moderate openSUSE Evergreen 11.4 Tiff package was updates fixing following security issues: * CVE-2012-4447 * CVE-2012-4564 * CVE-2012-5581 libtiff-devel-3.9.4-34.1.i586.rpm libtiff-devel-32bit-3.9.4-34.1.x86_64.rpm libtiff3-3.9.4-34.1.i586.rpm libtiff3-32bit-3.9.4-34.1.x86_64.rpm libtiff3-debuginfo-3.9.4-34.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-34.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-34.1.ia64.rpm libtiff3-x86-3.9.4-34.1.ia64.rpm tiff-3.9.4-34.1.i586.rpm tiff-3.9.4-34.1.src.rpm tiff-debuginfo-3.9.4-34.1.i586.rpm tiff-debugsource-3.9.4-34.1.i586.rpm libtiff-devel-3.9.4-34.1.x86_64.rpm libtiff3-3.9.4-34.1.x86_64.rpm libtiff3-debuginfo-3.9.4-34.1.x86_64.rpm tiff-3.9.4-34.1.x86_64.rpm tiff-debuginfo-3.9.4-34.1.x86_64.rpm tiff-debugsource-3.9.4-34.1.x86_64.rpm 2013-9 moderate openSUSE Evergreen 11.4 - fix for CVE-2011-4966 (bnc#797313) (freeradius-server-CVE-2011-4966.patch) - fixed a bug in the logrotate script (bnc#797292) freeradius-server-2.1.10-16.1.i586.rpm freeradius-server-2.1.10-16.1.src.rpm freeradius-server-debuginfo-2.1.10-16.1.i586.rpm freeradius-server-debugsource-2.1.10-16.1.i586.rpm freeradius-server-devel-2.1.10-16.1.i586.rpm freeradius-server-dialupadmin-2.1.10-16.1.i586.rpm freeradius-server-doc-2.1.10-16.1.i586.rpm freeradius-server-libs-2.1.10-16.1.i586.rpm freeradius-server-libs-debuginfo-2.1.10-16.1.i586.rpm freeradius-server-utils-2.1.10-16.1.i586.rpm freeradius-server-utils-debuginfo-2.1.10-16.1.i586.rpm freeradius-server-2.1.10-16.1.x86_64.rpm freeradius-server-debuginfo-2.1.10-16.1.x86_64.rpm freeradius-server-debugsource-2.1.10-16.1.x86_64.rpm freeradius-server-devel-2.1.10-16.1.x86_64.rpm freeradius-server-dialupadmin-2.1.10-16.1.x86_64.rpm freeradius-server-doc-2.1.10-16.1.x86_64.rpm freeradius-server-libs-2.1.10-16.1.x86_64.rpm freeradius-server-libs-debuginfo-2.1.10-16.1.x86_64.rpm freeradius-server-utils-2.1.10-16.1.x86_64.rpm freeradius-server-utils-debuginfo-2.1.10-16.1.x86_64.rpm 2013-10 moderate openSUSE Evergreen 11.4 fix for bnc#794954, CVE-2012-5643, SQUID:2012-1 - Additional fixes for CVE-2012-5643 / SQUID:2012-1 * http://www.squid-cache.org/Advisories/SQUID-2012_1.txt * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643 squid3-3.1.23-15.1.i586.rpm squid3-3.1.23-15.1.src.rpm squid3-debuginfo-3.1.23-15.1.i586.rpm squid3-debugsource-3.1.23-15.1.i586.rpm squid3-3.1.23-15.1.x86_64.rpm squid3-debuginfo-3.1.23-15.1.x86_64.rpm squid3-debugsource-3.1.23-15.1.x86_64.rpm 2016-293 important openSUSE Evergreen 11.4 This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack (bsc#968046): OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. This update changes the openssl library to: * Disable SSLv2 protocol support by default. This can be overridden by setting the environment variable "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag. Note that various services and clients had already disabled SSL protocol 2 by default previously. * Disable all weak EXPORT ciphers by default. These can be reenabled if required by old legacy software using the environment variable "OPENSSL_ALLOW_EXPORT". - CVE-2016-0702 aka the "CacheBleed" attack. (bsc#968050) Various changes in the modular exponentation code were added that make sure that it is not possible to recover RSA secret keys by analyzing cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. Note that this was only exploitable if the malicious code was running on the same hyper threaded Intel Sandy Bridge processor as the victim thread performing decryptions. - CVE-2016-0705 (bnc#968047): A double free() bug in the DSA ASN1 parser code was fixed that could be abused to facilitate a denial-of-service attack. - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions had a bug that could result in an attempt to de-reference a NULL pointer leading to crashes. This could have security consequences if these functions were ever called by user applications with large untrusted hex/decimal data. Also, internal usage of these functions in OpenSSL uses data from config files or application command line arguments. If user developed applications generated config file data based on untrusted data, then this could have had security consequences as well. - CVE-2016-0798 (bnc#968265) The SRP user database lookup method SRP_VBASE_get_by_user() had a memory leak that attackers could abuse to facility DoS attacks. To mitigate the issue, the seed handling in SRP_VBASE_get_by_user() was disabled even if the user has configured a seed. Applications are advised to migrate to SRP_VBASE_get1_by_user(). - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr() and doapr_outch() functions could miscalculate the length of a string and attempt to access out-of-bounds memory locations. These problems could have enabled attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could have been vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could have been vulnerable if the data is from untrusted sources. OpenSSL command line applications could also have been vulnerable when they print out ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is not considered directly vulnerable. - CVE-2015-3197 (bsc#963415): The SSLv2 protocol did not block disabled ciphers. Note that the March 1st 2016 release also references following CVEs that were fixed by us with CVE-2015-0293 in 2015: - CVE-2016-0703 (bsc#968051): This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. It would have made the above "DROWN" attack much easier. - CVE-2016-0704 (bsc#968053): "Bleichenbacher oracle in SSLv2" This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. It would have made the above "DROWN" attack much easier. Older issues fixed: - CVE-2015-1794 follow-up to CVE-2015-1794 (the CVE bug as such doesn't affect 1.0.1 but use these patches to prevent potential attacks - CVE-2015-3195 fix leak with ASN.1 combine (bsc#957812) - CVE-2015-3194 add PSS parameter check (bsc#957815) - CVE-2015-3197 better SSLv2 cipher-suite enforcement (bsc#963415) libopenssl-devel-1.0.1p-71.1.i586.rpm libopenssl-devel-32bit-1.0.1p-71.1.x86_64.rpm libopenssl1_0_0-1.0.1p-71.1.i586.rpm libopenssl1_0_0-32bit-1.0.1p-71.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-71.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.1p-71.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.1p-71.1.ia64.rpm libopenssl1_0_0-x86-1.0.1p-71.1.ia64.rpm openssl-1.0.1p-71.1.i586.rpm openssl-1.0.1p-71.1.src.rpm openssl-debuginfo-1.0.1p-71.1.i586.rpm openssl-debugsource-1.0.1p-71.1.i586.rpm openssl-doc-1.0.1p-71.1.noarch.rpm libopenssl-devel-1.0.1p-71.1.x86_64.rpm libopenssl1_0_0-1.0.1p-71.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-71.1.x86_64.rpm openssl-1.0.1p-71.1.x86_64.rpm openssl-debuginfo-1.0.1p-71.1.x86_64.rpm openssl-debugsource-1.0.1p-71.1.x86_64.rpm 2016-365 important openSUSE Evergreen 11.4 This update for bind fixes the following issues: * CVE-2016-1285: remote DoS caused by malformed data on control channel * CVE-2016-1286: remote DoS via assertion failure in parsing of signature records for DNAME records bind-9.9.4P2-75.1.i586.rpm bind-9.9.4P2-75.1.src.rpm bind-chrootenv-9.9.4P2-75.1.i586.rpm bind-debuginfo-9.9.4P2-75.1.i586.rpm bind-debugsource-9.9.4P2-75.1.i586.rpm bind-devel-9.9.4P2-75.1.i586.rpm bind-doc-9.9.4P2-75.1.noarch.rpm bind-libs-32bit-9.9.4P2-75.1.x86_64.rpm bind-libs-9.9.4P2-75.1.i586.rpm bind-libs-debuginfo-32bit-9.9.4P2-75.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-75.1.i586.rpm bind-libs-debuginfo-x86-9.9.4P2-75.1.ia64.rpm bind-libs-x86-9.9.4P2-75.1.ia64.rpm bind-lwresd-9.9.4P2-75.1.i586.rpm bind-lwresd-debuginfo-9.9.4P2-75.1.i586.rpm bind-utils-9.9.4P2-75.1.i586.rpm bind-utils-debuginfo-9.9.4P2-75.1.i586.rpm bind-9.9.4P2-75.1.x86_64.rpm bind-chrootenv-9.9.4P2-75.1.x86_64.rpm bind-debuginfo-9.9.4P2-75.1.x86_64.rpm bind-debugsource-9.9.4P2-75.1.x86_64.rpm bind-devel-9.9.4P2-75.1.x86_64.rpm bind-libs-9.9.4P2-75.1.x86_64.rpm bind-libs-debuginfo-9.9.4P2-75.1.x86_64.rpm bind-lwresd-9.9.4P2-75.1.x86_64.rpm bind-lwresd-debuginfo-9.9.4P2-75.1.x86_64.rpm bind-utils-9.9.4P2-75.1.x86_64.rpm bind-utils-debuginfo-9.9.4P2-75.1.x86_64.rpm 2016-366 important openSUSE Evergreen 11.4 This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code (CVE-2016-2315, CVE-2016-2324, bsc#971328). git-1.7.3.4-4.14.1.i586.rpm git-1.7.3.4-4.14.1.src.rpm git-arch-1.7.3.4-4.14.1.i586.rpm git-core-1.7.3.4-4.14.1.i586.rpm git-core-debuginfo-1.7.3.4-4.14.1.i586.rpm git-cvs-1.7.3.4-4.14.1.i586.rpm git-daemon-1.7.3.4-4.14.1.i586.rpm git-daemon-debuginfo-1.7.3.4-4.14.1.i586.rpm git-debugsource-1.7.3.4-4.14.1.i586.rpm git-email-1.7.3.4-4.14.1.i586.rpm git-gui-1.7.3.4-4.14.1.i586.rpm git-remote-helpers-1.7.3.4-4.14.1.i586.rpm git-svn-1.7.3.4-4.14.1.i586.rpm git-web-1.7.3.4-4.14.1.i586.rpm gitk-1.7.3.4-4.14.1.i586.rpm git-1.7.3.4-4.14.1.x86_64.rpm git-arch-1.7.3.4-4.14.1.x86_64.rpm git-core-1.7.3.4-4.14.1.x86_64.rpm git-core-debuginfo-1.7.3.4-4.14.1.x86_64.rpm git-cvs-1.7.3.4-4.14.1.x86_64.rpm git-daemon-1.7.3.4-4.14.1.x86_64.rpm git-daemon-debuginfo-1.7.3.4-4.14.1.x86_64.rpm git-debugsource-1.7.3.4-4.14.1.x86_64.rpm git-email-1.7.3.4-4.14.1.x86_64.rpm git-gui-1.7.3.4-4.14.1.x86_64.rpm git-remote-helpers-1.7.3.4-4.14.1.x86_64.rpm git-svn-1.7.3.4-4.14.1.x86_64.rpm git-web-1.7.3.4-4.14.1.x86_64.rpm gitk-1.7.3.4-4.14.1.x86_64.rpm 2016-367 important openSUSE Evergreen 11.4 This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code (CVE-2016-2315, CVE-2016-2324, bsc#971328). cgit-0.8.3.3-5.11.1.i586.rpm cgit-0.8.3.3-5.11.1.src.rpm cgit-debuginfo-0.8.3.3-5.11.1.i586.rpm cgit-debugsource-0.8.3.3-5.11.1.i586.rpm cgit-0.8.3.3-5.11.1.x86_64.rpm cgit-debuginfo-0.8.3.3-5.11.1.x86_64.rpm cgit-debugsource-0.8.3.3-5.11.1.x86_64.rpm 2016-490 important openSUSE Evergreen 11.4 This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2114: "server signing = mandatory" not enforced (bsc#973035). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). The openSUSE 13.1 update also upgrades to samba 4.2.4 as 4.1.x versions are no longer supported by upstream. As a side effect, libpdb0 package was replaced by libsamba-passdb0. samba-doc-3.6.3-141.1.src.rpm ldapsmb-1.34b-141.1.i586.rpm libldb-devel-1.0.2-141.1.i586.rpm libldb1-1.0.2-141.1.i586.rpm libldb1-32bit-1.0.2-141.1.x86_64.rpm libldb1-debuginfo-1.0.2-141.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-141.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-141.1.ia64.rpm libldb1-x86-1.0.2-141.1.ia64.rpm libnetapi-devel-3.6.3-141.1.i586.rpm libnetapi0-3.6.3-141.1.i586.rpm libnetapi0-debuginfo-3.6.3-141.1.i586.rpm libsmbclient-devel-3.6.3-141.1.i586.rpm libsmbclient0-3.6.3-141.1.i586.rpm libsmbclient0-32bit-3.6.3-141.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-141.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-141.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-141.1.ia64.rpm libsmbclient0-x86-3.6.3-141.1.ia64.rpm libsmbsharemodes-devel-3.6.3-141.1.i586.rpm libsmbsharemodes0-3.6.3-141.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-141.1.i586.rpm libtalloc-devel-2.0.5-141.1.i586.rpm libtalloc2-2.0.5-141.1.i586.rpm libtalloc2-32bit-2.0.5-141.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-141.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-141.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-141.1.ia64.rpm libtalloc2-x86-2.0.5-141.1.ia64.rpm libtdb-devel-1.2.9-141.1.i586.rpm libtdb1-1.2.9-141.1.i586.rpm libtdb1-32bit-1.2.9-141.1.x86_64.rpm libtdb1-debuginfo-1.2.9-141.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-141.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-141.1.ia64.rpm libtdb1-x86-1.2.9-141.1.ia64.rpm libtevent-devel-0.9.11-141.1.i586.rpm libtevent0-0.9.11-141.1.i586.rpm libtevent0-32bit-0.9.11-141.1.x86_64.rpm libtevent0-debuginfo-0.9.11-141.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-141.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-141.1.ia64.rpm libtevent0-x86-0.9.11-141.1.ia64.rpm libwbclient-devel-3.6.3-141.1.i586.rpm libwbclient0-3.6.3-141.1.i586.rpm libwbclient0-32bit-3.6.3-141.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-141.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-141.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-141.1.ia64.rpm libwbclient0-x86-3.6.3-141.1.ia64.rpm samba-3.6.3-141.1.i586.rpm samba-3.6.3-141.1.src.rpm samba-32bit-3.6.3-141.1.x86_64.rpm samba-client-3.6.3-141.1.i586.rpm samba-client-32bit-3.6.3-141.1.x86_64.rpm samba-client-debuginfo-3.6.3-141.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-141.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-141.1.ia64.rpm samba-client-x86-3.6.3-141.1.ia64.rpm samba-debuginfo-3.6.3-141.1.i586.rpm samba-debuginfo-32bit-3.6.3-141.1.x86_64.rpm samba-debuginfo-x86-3.6.3-141.1.ia64.rpm samba-debugsource-3.6.3-141.1.i586.rpm samba-devel-3.6.3-141.1.i586.rpm samba-doc-3.6.3-141.1.noarch.rpm samba-krb-printing-3.6.3-141.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-141.1.i586.rpm samba-winbind-3.6.3-141.1.i586.rpm samba-winbind-32bit-3.6.3-141.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-141.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-141.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-141.1.ia64.rpm samba-winbind-x86-3.6.3-141.1.ia64.rpm samba-x86-3.6.3-141.1.ia64.rpm ldapsmb-1.34b-141.1.x86_64.rpm libldb-devel-1.0.2-141.1.x86_64.rpm libldb1-1.0.2-141.1.x86_64.rpm libldb1-debuginfo-1.0.2-141.1.x86_64.rpm libnetapi-devel-3.6.3-141.1.x86_64.rpm libnetapi0-3.6.3-141.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-141.1.x86_64.rpm libsmbclient-devel-3.6.3-141.1.x86_64.rpm libsmbclient0-3.6.3-141.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-141.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-141.1.x86_64.rpm libsmbsharemodes0-3.6.3-141.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-141.1.x86_64.rpm libtalloc-devel-2.0.5-141.1.x86_64.rpm libtalloc2-2.0.5-141.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-141.1.x86_64.rpm libtdb-devel-1.2.9-141.1.x86_64.rpm libtdb1-1.2.9-141.1.x86_64.rpm libtdb1-debuginfo-1.2.9-141.1.x86_64.rpm libtevent-devel-0.9.11-141.1.x86_64.rpm libtevent0-0.9.11-141.1.x86_64.rpm libtevent0-debuginfo-0.9.11-141.1.x86_64.rpm libwbclient-devel-3.6.3-141.1.x86_64.rpm libwbclient0-3.6.3-141.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-141.1.x86_64.rpm samba-3.6.3-141.1.x86_64.rpm samba-client-3.6.3-141.1.x86_64.rpm samba-client-debuginfo-3.6.3-141.1.x86_64.rpm samba-debuginfo-3.6.3-141.1.x86_64.rpm samba-debugsource-3.6.3-141.1.x86_64.rpm samba-devel-3.6.3-141.1.x86_64.rpm samba-krb-printing-3.6.3-141.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-141.1.x86_64.rpm samba-winbind-3.6.3-141.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-141.1.x86_64.rpm 2016-513 important openSUSE Evergreen 11.4 flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2016-1019: Adobe Flash Player earlier allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016 Aliased: (bsc#974209). flash-player-11.2.202.616-182.1.i586.rpm flash-player-11.2.202.616-182.1.nosrc.rpm flash-player-gnome-11.2.202.616-182.1.i586.rpm flash-player-kde4-11.2.202.616-182.1.i586.rpm flash-player-11.2.202.616-182.1.x86_64.rpm flash-player-gnome-11.2.202.616-182.1.x86_64.rpm flash-player-kde4-11.2.202.616-182.1.x86_64.rpm 2016-562 important openSUSE Evergreen 11.4 This update for openssl fixes the following issues: - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614) - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615) - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616) - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617) - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942) - bsc#976943: Buffer overrun in ASN1_parse libopenssl-devel-1.0.1p-74.1.i586.rpm libopenssl-devel-32bit-1.0.1p-74.1.x86_64.rpm libopenssl1_0_0-1.0.1p-74.1.i586.rpm libopenssl1_0_0-32bit-1.0.1p-74.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-74.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.1p-74.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.1p-74.1.ia64.rpm libopenssl1_0_0-x86-1.0.1p-74.1.ia64.rpm openssl-1.0.1p-74.1.i586.rpm openssl-1.0.1p-74.1.src.rpm openssl-debuginfo-1.0.1p-74.1.i586.rpm openssl-debugsource-1.0.1p-74.1.i586.rpm openssl-doc-1.0.1p-74.1.noarch.rpm libopenssl-devel-1.0.1p-74.1.x86_64.rpm libopenssl1_0_0-1.0.1p-74.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.1p-74.1.x86_64.rpm openssl-1.0.1p-74.1.x86_64.rpm openssl-debuginfo-1.0.1p-74.1.x86_64.rpm openssl-debugsource-1.0.1p-74.1.x86_64.rpm 2016-563 important openSUSE Evergreen 11.4 This update for libopenssl0_9_8 fixes the following issues: - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614) - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615) - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617) - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942) - CVE-2016-0702: Side channel attack on modular exponentiation "CacheBleed" (bsc#968050) - bsc#976943: Buffer overrun in ASN1_parse and updates the package to version 0.9.8zh which collects many other fixes, including security ones. libopenssl0_9_8-0.9.8zh-14.1.i586.rpm libopenssl0_9_8-0.9.8zh-14.1.src.rpm libopenssl0_9_8-32bit-0.9.8zh-14.1.x86_64.rpm libopenssl0_9_8-debuginfo-0.9.8zh-14.1.i586.rpm libopenssl0_9_8-debuginfo-32bit-0.9.8zh-14.1.x86_64.rpm libopenssl0_9_8-debuginfo-x86-0.9.8zh-14.1.ia64.rpm libopenssl0_9_8-debugsource-0.9.8zh-14.1.i586.rpm libopenssl0_9_8-x86-0.9.8zh-14.1.ia64.rpm libopenssl0_9_8-0.9.8zh-14.1.x86_64.rpm libopenssl0_9_8-debuginfo-0.9.8zh-14.1.x86_64.rpm libopenssl0_9_8-debugsource-0.9.8zh-14.1.x86_64.rpm 2016-587 important openSUSE Evergreen 11.4 This security update for flash-player to 11.2.202.621 fixes the following issues (boo#979422): A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. (APSA16-02) https://helpx.adobe.com/security/products/flash-player/apsa16-02.html flash-player-11.2.202.621-185.1.i586.rpm flash-player-11.2.202.621-185.1.nosrc.rpm flash-player-gnome-11.2.202.621-185.1.i586.rpm flash-player-kde4-11.2.202.621-185.1.i586.rpm flash-player-11.2.202.621-185.1.x86_64.rpm flash-player-gnome-11.2.202.621-185.1.x86_64.rpm flash-player-kde4-11.2.202.621-185.1.x86_64.rpm 2016-1236 important openSUSE Evergreen 11.4 This kernel update fixes the well known "Dirty COW" issue as well as a bunch of other security and non-security related issues. kernel-debug-3.0.101-105.1.i586.rpm True kernel-debug-3.0.101-105.1.nosrc.rpm True kernel-debug-base-3.0.101-105.1.i586.rpm True kernel-debug-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-debug-debuginfo-3.0.101-105.1.i586.rpm True kernel-debug-debugsource-3.0.101-105.1.i586.rpm True kernel-debug-devel-3.0.101-105.1.i586.rpm True kernel-debug-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-debug-hmac-3.0.101-105.1.i586.rpm True kernel-default-3.0.101-105.1.i586.rpm True kernel-default-3.0.101-105.1.nosrc.rpm True kernel-default-base-3.0.101-105.1.i586.rpm True kernel-default-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-default-debuginfo-3.0.101-105.1.i586.rpm True kernel-default-debugsource-3.0.101-105.1.i586.rpm True kernel-default-devel-3.0.101-105.1.i586.rpm True kernel-default-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-default-hmac-3.0.101-105.1.i586.rpm True kernel-desktop-3.0.101-105.1.i586.rpm True kernel-desktop-3.0.101-105.1.nosrc.rpm True kernel-desktop-base-3.0.101-105.1.i586.rpm True kernel-desktop-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-desktop-debuginfo-3.0.101-105.1.i586.rpm True kernel-desktop-debugsource-3.0.101-105.1.i586.rpm True kernel-desktop-devel-3.0.101-105.1.i586.rpm True kernel-desktop-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-desktop-hmac-3.0.101-105.1.i586.rpm True kernel-docs-3.0.101-105.2.noarch.rpm True kernel-docs-3.0.101-105.2.src.rpm True kernel-ec2-3.0.101-105.1.i586.rpm True kernel-ec2-3.0.101-105.1.nosrc.rpm True kernel-ec2-base-3.0.101-105.1.i586.rpm True kernel-ec2-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-ec2-debuginfo-3.0.101-105.1.i586.rpm True kernel-ec2-debugsource-3.0.101-105.1.i586.rpm True kernel-ec2-devel-3.0.101-105.1.i586.rpm True kernel-ec2-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-ec2-extra-3.0.101-105.1.i586.rpm True kernel-ec2-extra-debuginfo-3.0.101-105.1.i586.rpm True kernel-ec2-hmac-3.0.101-105.1.i586.rpm True kernel-pae-3.0.101-105.1.i586.rpm True kernel-pae-3.0.101-105.1.nosrc.rpm True kernel-pae-base-3.0.101-105.1.i586.rpm True kernel-pae-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-pae-debuginfo-3.0.101-105.1.i586.rpm True kernel-pae-debugsource-3.0.101-105.1.i586.rpm True kernel-pae-devel-3.0.101-105.1.i586.rpm True kernel-pae-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-pae-hmac-3.0.101-105.1.i586.rpm True kernel-source-3.0.101-105.1.i586.rpm True kernel-source-3.0.101-105.1.src.rpm True kernel-source-vanilla-3.0.101-105.1.i586.rpm True kernel-syms-3.0.101-105.1.i586.rpm True kernel-syms-3.0.101-105.1.src.rpm True kernel-trace-3.0.101-105.1.i586.rpm True kernel-trace-3.0.101-105.1.nosrc.rpm True kernel-trace-base-3.0.101-105.1.i586.rpm True kernel-trace-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-trace-debuginfo-3.0.101-105.1.i586.rpm True kernel-trace-debugsource-3.0.101-105.1.i586.rpm True kernel-trace-devel-3.0.101-105.1.i586.rpm True kernel-trace-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-trace-hmac-3.0.101-105.1.i586.rpm True kernel-vanilla-3.0.101-105.1.i586.rpm True kernel-vanilla-3.0.101-105.1.nosrc.rpm True kernel-vanilla-base-3.0.101-105.1.i586.rpm True kernel-vanilla-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-vanilla-debuginfo-3.0.101-105.1.i586.rpm True kernel-vanilla-debugsource-3.0.101-105.1.i586.rpm True kernel-vanilla-devel-3.0.101-105.1.i586.rpm True kernel-vanilla-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-vanilla-hmac-3.0.101-105.1.i586.rpm True kernel-vmi-3.0.101-105.1.i586.rpm True kernel-vmi-3.0.101-105.1.nosrc.rpm True kernel-vmi-base-3.0.101-105.1.i586.rpm True kernel-vmi-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-vmi-debuginfo-3.0.101-105.1.i586.rpm True kernel-vmi-debugsource-3.0.101-105.1.i586.rpm True kernel-vmi-devel-3.0.101-105.1.i586.rpm True kernel-vmi-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-vmi-hmac-3.0.101-105.1.i586.rpm True kernel-xen-3.0.101-105.1.i586.rpm True kernel-xen-3.0.101-105.1.nosrc.rpm True kernel-xen-base-3.0.101-105.1.i586.rpm True kernel-xen-base-debuginfo-3.0.101-105.1.i586.rpm True kernel-xen-debuginfo-3.0.101-105.1.i586.rpm True kernel-xen-debugsource-3.0.101-105.1.i586.rpm True kernel-xen-devel-3.0.101-105.1.i586.rpm True kernel-xen-devel-debuginfo-3.0.101-105.1.i586.rpm True kernel-xen-hmac-3.0.101-105.1.i586.rpm True preload-1.2-6.83.1.i586.rpm True preload-1.2-6.83.1.src.rpm True preload-debuginfo-1.2-6.83.1.i586.rpm True preload-debugsource-1.2-6.83.1.i586.rpm True preload-kmp-default-1.2_3.0.101_105-6.83.1.i586.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_105-6.83.1.i586.rpm True preload-kmp-desktop-1.2_3.0.101_105-6.83.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_105-6.83.1.i586.rpm True kernel-debug-3.0.101-105.1.x86_64.rpm True kernel-debug-base-3.0.101-105.1.x86_64.rpm True kernel-debug-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-debug-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-debug-debugsource-3.0.101-105.1.x86_64.rpm True kernel-debug-devel-3.0.101-105.1.x86_64.rpm True kernel-debug-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-debug-hmac-3.0.101-105.1.x86_64.rpm True kernel-default-3.0.101-105.1.x86_64.rpm True kernel-default-base-3.0.101-105.1.x86_64.rpm True kernel-default-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-default-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-default-debugsource-3.0.101-105.1.x86_64.rpm True kernel-default-devel-3.0.101-105.1.x86_64.rpm True kernel-default-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-default-hmac-3.0.101-105.1.x86_64.rpm True kernel-desktop-3.0.101-105.1.x86_64.rpm True kernel-desktop-base-3.0.101-105.1.x86_64.rpm True kernel-desktop-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-desktop-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-desktop-debugsource-3.0.101-105.1.x86_64.rpm True kernel-desktop-devel-3.0.101-105.1.x86_64.rpm True kernel-desktop-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-desktop-hmac-3.0.101-105.1.x86_64.rpm True kernel-ec2-3.0.101-105.1.x86_64.rpm True kernel-ec2-base-3.0.101-105.1.x86_64.rpm True kernel-ec2-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-ec2-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-ec2-debugsource-3.0.101-105.1.x86_64.rpm True kernel-ec2-devel-3.0.101-105.1.x86_64.rpm True kernel-ec2-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-ec2-extra-3.0.101-105.1.x86_64.rpm True kernel-ec2-extra-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-ec2-hmac-3.0.101-105.1.x86_64.rpm True kernel-source-3.0.101-105.1.x86_64.rpm True kernel-source-vanilla-3.0.101-105.1.x86_64.rpm True kernel-syms-3.0.101-105.1.x86_64.rpm True kernel-trace-3.0.101-105.1.x86_64.rpm True kernel-trace-base-3.0.101-105.1.x86_64.rpm True kernel-trace-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-trace-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-trace-debugsource-3.0.101-105.1.x86_64.rpm True kernel-trace-devel-3.0.101-105.1.x86_64.rpm True kernel-trace-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-trace-hmac-3.0.101-105.1.x86_64.rpm True kernel-vanilla-3.0.101-105.1.x86_64.rpm True kernel-vanilla-base-3.0.101-105.1.x86_64.rpm True kernel-vanilla-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-vanilla-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-vanilla-debugsource-3.0.101-105.1.x86_64.rpm True kernel-vanilla-devel-3.0.101-105.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-vanilla-hmac-3.0.101-105.1.x86_64.rpm True kernel-xen-3.0.101-105.1.x86_64.rpm True kernel-xen-base-3.0.101-105.1.x86_64.rpm True kernel-xen-base-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-xen-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-xen-debugsource-3.0.101-105.1.x86_64.rpm True kernel-xen-devel-3.0.101-105.1.x86_64.rpm True kernel-xen-devel-debuginfo-3.0.101-105.1.x86_64.rpm True kernel-xen-hmac-3.0.101-105.1.x86_64.rpm True preload-1.2-6.83.1.x86_64.rpm True preload-debuginfo-1.2-6.83.1.x86_64.rpm True preload-debugsource-1.2-6.83.1.x86_64.rpm True preload-kmp-default-1.2_3.0.101_105-6.83.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_3.0.101_105-6.83.1.x86_64.rpm True preload-kmp-desktop-1.2_3.0.101_105-6.83.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_3.0.101_105-6.83.1.x86_64.rpm True 2013-8 moderate openSUSE Evergreen 11.4 - Update to 9.5.3 (bnc#797529) to fix: CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616, CVE-2013-0617, CVE-2013-0618, CVE-2013-0619, CVE-2013-0620, CVE-2013-0621, CVE-2013-0622, CVE-2013-0623, CVE-2013-0624, CVE-2013-0626, CVE-2013-0627 - move the browser plugin to a subpackage(bnc#768492, bnc#757393). acroread-9.5.3-10.1.i586.rpm acroread-9.5.3-10.1.nosrc.rpm acroread-browser-plugin-9.5.3-10.1.i586.rpm 2013-12 moderate openSUSE Evergreen 11.4 - new license string. - BNC#795826, CVE-2012-5668.patch - BNC#795826, CVE-2012-5669.patch [bdf] Fix Savannah bug #37906. * src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for checking `glyph_enc'. freetype2-2.4.4-7.27.1.src.rpm freetype2-debugsource-2.4.4-7.27.1.i586.rpm freetype2-devel-2.4.4-7.27.1.i586.rpm freetype2-devel-32bit-2.4.4-7.27.1.x86_64.rpm libfreetype6-2.4.4-7.27.1.i586.rpm libfreetype6-32bit-2.4.4-7.27.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.27.1.i586.rpm libfreetype6-debuginfo-32bit-2.4.4-7.27.1.x86_64.rpm libfreetype6-debuginfo-x86-2.4.4-7.27.1.ia64.rpm libfreetype6-x86-2.4.4-7.27.1.ia64.rpm freetype2-debugsource-2.4.4-7.27.1.x86_64.rpm freetype2-devel-2.4.4-7.27.1.x86_64.rpm libfreetype6-2.4.4-7.27.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.27.1.x86_64.rpm 2013-13 moderate openSUSE Evergreen 11.4 - avoid stack based buffer overflow in web interface (history): added nagios-history_buffer_overflow.patch - (bnc#797237) fixes CVE-2012-6096 nagios-3.2.3-3.18.1.i586.rpm nagios-3.2.3-3.18.1.src.rpm nagios-debuginfo-3.2.3-3.18.1.i586.rpm nagios-debugsource-3.2.3-3.18.1.i586.rpm nagios-devel-3.2.3-3.18.1.i586.rpm nagios-www-3.2.3-3.18.1.i586.rpm nagios-3.2.3-3.18.1.x86_64.rpm nagios-debuginfo-3.2.3-3.18.1.x86_64.rpm nagios-debugsource-3.2.3-3.18.1.x86_64.rpm nagios-devel-3.2.3-3.18.1.x86_64.rpm nagios-www-3.2.3-3.18.1.x86_64.rpm 2013-16 moderate openSUSE Evergreen 11.4 - Avoid segmentation fault in "join -i" with long line input (bnc#798541, VUL-1, CVE-2013-0223) - Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1, CVE-2013-0222) - Avoid segmentation fault in "sort -d" and "sort -M" with long line input (bnc#798538, VUL-1, CVE-2013-0221) coreutils-8.9-23.1.i586.rpm coreutils-8.9-23.1.src.rpm coreutils-debuginfo-8.9-23.1.i586.rpm coreutils-debuginfo-x86-8.9-23.1.ia64.rpm coreutils-debugsource-8.9-23.1.i586.rpm coreutils-lang-8.9-23.1.noarch.rpm coreutils-x86-8.9-23.1.ia64.rpm coreutils-8.9-23.1.x86_64.rpm coreutils-debuginfo-8.9-23.1.x86_64.rpm coreutils-debugsource-8.9-23.1.x86_64.rpm 2013-17 moderate openSUSE Evergreen 11.4 - ignore case when checking against SNI server names. [bnc#798733] httpd-2.2.x-bnc798733-SNI_ignorecase.diff - better cleanup of busy count after recovering from failure [bnc#789828] httpd-2.2.x-bnc789828-mod_balancer.diff - httpd-2.2.x-bnc788121-CVE-2012-4557-mod_proxy_ajp_timeout.diff: backend timeouts should not affect the entire worker. [bnc#788121] - httpd-2.2.x-envvars.diff obsoletes httpd-2.0.54-envvars.dif: Fix for low profile bug CVE-2012-0883 about improper LD_LIBRARY_PATH handling. [bnc#757710] - httpd-2.2.x-bnc777260-CVE-2012-2687-mod_negotiation_filename_xss.diff Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory. CVE-2012-2687 [bnc#777260] - httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff reworked to reflect the upstream changes. This will prevent the "Invalid URI in request OPTIONS *" messages in the error log. [bnc#722545] - /etc/init.d/apache2: new argument "check-reload". Exits 1 if httpd2 runs on deleted binaries such as after package update, else 0. This is used by equally modified /etc/logrotate.d/apache2, which uses "/etc/init.d/apache2 check-reload" in its prerotate script. These changes prevent httpd2 from being (gracefully) reloaded by logrotate, executed by cron, if new binaries have been installed. Instead, a warning is printed on stdout and is being logged to the syslogs. If this happens, apache's logs are NOT rotated, and the running processes are left untouched. This limits the maximum damage of log rotation to unrotated logs. "/etc/init.d/apache2 restart" (or "rcapache2 restart") must be executed manually in such a case. [bnc#728876] apache2-2.2.17-4.64.1.i586.rpm apache2-2.2.17-4.64.1.src.rpm apache2-debuginfo-2.2.17-4.64.1.i586.rpm apache2-debugsource-2.2.17-4.64.1.i586.rpm apache2-devel-2.2.17-4.64.1.i586.rpm apache2-doc-2.2.17-4.64.1.noarch.rpm apache2-event-2.2.17-4.64.1.i586.rpm apache2-event-debuginfo-2.2.17-4.64.1.i586.rpm apache2-example-certificates-2.2.17-4.64.1.i586.rpm apache2-example-pages-2.2.17-4.64.1.i586.rpm apache2-itk-2.2.17-4.64.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.64.1.i586.rpm apache2-prefork-2.2.17-4.64.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.64.1.i586.rpm apache2-utils-2.2.17-4.64.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.64.1.i586.rpm apache2-worker-2.2.17-4.64.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.64.1.i586.rpm apache2-2.2.17-4.64.1.x86_64.rpm apache2-debuginfo-2.2.17-4.64.1.x86_64.rpm apache2-debugsource-2.2.17-4.64.1.x86_64.rpm apache2-devel-2.2.17-4.64.1.x86_64.rpm apache2-event-2.2.17-4.64.1.x86_64.rpm apache2-event-debuginfo-2.2.17-4.64.1.x86_64.rpm apache2-example-certificates-2.2.17-4.64.1.x86_64.rpm apache2-example-pages-2.2.17-4.64.1.x86_64.rpm apache2-itk-2.2.17-4.64.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.64.1.x86_64.rpm apache2-prefork-2.2.17-4.64.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.64.1.x86_64.rpm apache2-utils-2.2.17-4.64.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.64.1.x86_64.rpm apache2-worker-2.2.17-4.64.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.64.1.x86_64.rpm 2013-15 moderate openSUSE Evergreen 11.4 - Add cert-blacklist-more.diff, cert-blacklist-tuerktrust.diff: * blacklist more evil certificates - Add weak-ssl-certificates.diff: * blacklist weak certificates - enable linked support for OpenSSL - openssl-incompatibility-fix.diff: Fix wrong error reporting when using a binary incompatible version of openSSL (bnc#797006, CVE-2012-6093) libQtWebKit-devel-4.7.1-8.68.1.i586.rpm libQtWebKit4-32bit-4.7.1-8.68.1.x86_64.rpm libQtWebKit4-4.7.1-8.68.1.i586.rpm libQtWebKit4-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.68.1.i586.rpm libQtWebKit4-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libQtWebKit4-x86-4.7.1-8.68.1.ia64.rpm libqt4-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-4.7.1-8.68.1.i586.rpm libqt4-4.7.1-8.68.1.src.rpm libqt4-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libqt4-debugsource-4.7.1-8.68.1.i586.rpm libqt4-devel-4.7.1-8.68.1.i586.rpm libqt4-devel-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-qt3support-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-qt3support-4.7.1-8.68.1.i586.rpm libqt4-qt3support-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-qt3support-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libqt4-qt3support-x86-4.7.1-8.68.1.ia64.rpm libqt4-sql-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-sql-4.7.1-8.68.1.i586.rpm libqt4-sql-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-sql-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libqt4-sql-sqlite-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.68.1.i586.rpm libqt4-sql-sqlite-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-sql-sqlite-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libqt4-sql-sqlite-x86-4.7.1-8.68.1.ia64.rpm libqt4-sql-x86-4.7.1-8.68.1.ia64.rpm libqt4-x11-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-x11-4.7.1-8.68.1.i586.rpm libqt4-x11-debuginfo-32bit-4.7.1-8.68.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.68.1.i586.rpm libqt4-x11-debuginfo-x86-4.7.1-8.68.1.ia64.rpm libqt4-x11-x86-4.7.1-8.68.1.ia64.rpm libqt4-x86-4.7.1-8.68.1.ia64.rpm libQtWebKit-devel-4.7.1-8.68.1.x86_64.rpm libQtWebKit4-4.7.1-8.68.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-4.7.1-8.68.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-debugsource-4.7.1-8.68.1.x86_64.rpm libqt4-devel-4.7.1-8.68.1.x86_64.rpm libqt4-devel-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-qt3support-4.7.1-8.68.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-sql-4.7.1-8.68.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.68.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.68.1.x86_64.rpm libqt4-x11-4.7.1-8.68.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.68.1.x86_64.rpm 2013-20 moderate openSUSE Evergreen 11.4 - The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 are affected by a cross-site request forgery; CVE-2013-0214; (bnc#799641). - The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 could possibly be used in clickjacking attacks; CVE-2013-0213; (bnc#800982). samba-doc-3.6.3-118.1.src.rpm ldapsmb-1.34b-118.1.i586.rpm libldb-devel-1.0.2-118.1.i586.rpm libldb1-1.0.2-118.1.i586.rpm libldb1-32bit-1.0.2-118.1.x86_64.rpm libldb1-debuginfo-1.0.2-118.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-118.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-118.1.ia64.rpm libldb1-x86-1.0.2-118.1.ia64.rpm libnetapi-devel-3.6.3-118.1.i586.rpm libnetapi0-3.6.3-118.1.i586.rpm libnetapi0-debuginfo-3.6.3-118.1.i586.rpm libsmbclient-devel-3.6.3-118.1.i586.rpm libsmbclient0-3.6.3-118.1.i586.rpm libsmbclient0-32bit-3.6.3-118.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-118.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-118.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-118.1.ia64.rpm libsmbclient0-x86-3.6.3-118.1.ia64.rpm libsmbsharemodes-devel-3.6.3-118.1.i586.rpm libsmbsharemodes0-3.6.3-118.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-118.1.i586.rpm libtalloc-devel-2.0.5-118.1.i586.rpm libtalloc2-2.0.5-118.1.i586.rpm libtalloc2-32bit-2.0.5-118.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-118.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-118.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-118.1.ia64.rpm libtalloc2-x86-2.0.5-118.1.ia64.rpm libtdb-devel-1.2.9-118.1.i586.rpm libtdb1-1.2.9-118.1.i586.rpm libtdb1-32bit-1.2.9-118.1.x86_64.rpm libtdb1-debuginfo-1.2.9-118.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-118.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-118.1.ia64.rpm libtdb1-x86-1.2.9-118.1.ia64.rpm libtevent-devel-0.9.11-118.1.i586.rpm libtevent0-0.9.11-118.1.i586.rpm libtevent0-32bit-0.9.11-118.1.x86_64.rpm libtevent0-debuginfo-0.9.11-118.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-118.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-118.1.ia64.rpm libtevent0-x86-0.9.11-118.1.ia64.rpm libwbclient-devel-3.6.3-118.1.i586.rpm libwbclient0-3.6.3-118.1.i586.rpm libwbclient0-32bit-3.6.3-118.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-118.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-118.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-118.1.ia64.rpm libwbclient0-x86-3.6.3-118.1.ia64.rpm samba-3.6.3-118.1.i586.rpm samba-3.6.3-118.1.src.rpm samba-32bit-3.6.3-118.1.x86_64.rpm samba-client-3.6.3-118.1.i586.rpm samba-client-32bit-3.6.3-118.1.x86_64.rpm samba-client-debuginfo-3.6.3-118.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-118.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-118.1.ia64.rpm samba-client-x86-3.6.3-118.1.ia64.rpm samba-debuginfo-3.6.3-118.1.i586.rpm samba-debuginfo-32bit-3.6.3-118.1.x86_64.rpm samba-debuginfo-x86-3.6.3-118.1.ia64.rpm samba-debugsource-3.6.3-118.1.i586.rpm samba-devel-3.6.3-118.1.i586.rpm samba-doc-3.6.3-118.1.noarch.rpm samba-krb-printing-3.6.3-118.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-118.1.i586.rpm samba-winbind-3.6.3-118.1.i586.rpm samba-winbind-32bit-3.6.3-118.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-118.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-118.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-118.1.ia64.rpm samba-winbind-x86-3.6.3-118.1.ia64.rpm samba-x86-3.6.3-118.1.ia64.rpm ldapsmb-1.34b-118.1.x86_64.rpm libldb-devel-1.0.2-118.1.x86_64.rpm libldb1-1.0.2-118.1.x86_64.rpm libldb1-debuginfo-1.0.2-118.1.x86_64.rpm libnetapi-devel-3.6.3-118.1.x86_64.rpm libnetapi0-3.6.3-118.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-118.1.x86_64.rpm libsmbclient-devel-3.6.3-118.1.x86_64.rpm libsmbclient0-3.6.3-118.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-118.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-118.1.x86_64.rpm libsmbsharemodes0-3.6.3-118.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-118.1.x86_64.rpm libtalloc-devel-2.0.5-118.1.x86_64.rpm libtalloc2-2.0.5-118.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-118.1.x86_64.rpm libtdb-devel-1.2.9-118.1.x86_64.rpm libtdb1-1.2.9-118.1.x86_64.rpm libtdb1-debuginfo-1.2.9-118.1.x86_64.rpm libtevent-devel-0.9.11-118.1.x86_64.rpm libtevent0-0.9.11-118.1.x86_64.rpm libtevent0-debuginfo-0.9.11-118.1.x86_64.rpm libwbclient-devel-3.6.3-118.1.x86_64.rpm libwbclient0-3.6.3-118.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-118.1.x86_64.rpm samba-3.6.3-118.1.x86_64.rpm samba-client-3.6.3-118.1.x86_64.rpm samba-client-debuginfo-3.6.3-118.1.x86_64.rpm samba-debuginfo-3.6.3-118.1.x86_64.rpm samba-debugsource-3.6.3-118.1.x86_64.rpm samba-devel-3.6.3-118.1.x86_64.rpm samba-krb-printing-3.6.3-118.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-118.1.x86_64.rpm samba-winbind-3.6.3-118.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-118.1.x86_64.rpm 2013-18 moderate openSUSE Evergreen 11.4 NTFS and FAT filesystem corruption with Windows 8 systems - ntfs-3g vfat state saved across shutdowns ntfs-3g-2010.10.2-5.1.i586.rpm ntfs-3g-2010.10.2-5.1.src.rpm ntfs-3g-debuginfo-2010.10.2-5.1.i586.rpm ntfs-3g-debugsource-2010.10.2-5.1.i586.rpm ntfs-3g-devel-2010.10.2-5.1.i586.rpm ntfs-3g-2010.10.2-5.1.x86_64.rpm ntfs-3g-debuginfo-2010.10.2-5.1.x86_64.rpm ntfs-3g-debugsource-2010.10.2-5.1.x86_64.rpm ntfs-3g-devel-2010.10.2-5.1.x86_64.rpm 2013-24 low openSUSE Evergreen 11.4 The last Nagios security fixes contained incorrect snprintf usage which would likely lead to crashes. nagios-3.2.3-3.22.1.i586.rpm nagios-3.2.3-3.22.1.src.rpm nagios-debuginfo-3.2.3-3.22.1.i586.rpm nagios-debugsource-3.2.3-3.22.1.i586.rpm nagios-devel-3.2.3-3.22.1.i586.rpm nagios-www-3.2.3-3.22.1.i586.rpm nagios-3.2.3-3.22.1.x86_64.rpm nagios-debuginfo-3.2.3-3.22.1.x86_64.rpm nagios-debugsource-3.2.3-3.22.1.x86_64.rpm nagios-devel-3.2.3-3.22.1.x86_64.rpm nagios-www-3.2.3-3.22.1.x86_64.rpm 2013-21 important openSUSE Evergreen 11.4 This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions was fixed. CVE-2013-0155: Unsafe Query Generation Risk in Ruby on Rails was fixed. CVE-2013-0156: Multiple vulnerabilities in parameter parsing in Action Pack were fixed. CVE-2012-5664: options hashes should only be extracted if there are extra parameters CVE-2012-2695: Fix SQL injection via nested hashes in conditions CVE-2013-0156: Hash.from_xml raises when it encounters type="symbol" or type="yaml". Use Hash.from_trusted_xml to parse this XM rubygem-actionmailer-2_3-2.3.16-0.16.1.i586.rpm rubygem-actionmailer-2_3-2.3.16-0.16.1.src.rpm rubygem-actionmailer-2_3-doc-2.3.16-0.16.1.i586.rpm rubygem-actionmailer-2_3-testsuite-2.3.16-0.16.1.i586.rpm rubygem-actionmailer-2.3.16-0.6.1.noarch.rpm rubygem-actionmailer-2.3.16-0.6.1.src.rpm rubygem-actionpack-2_3-2.3.16-0.23.1.i586.rpm rubygem-actionpack-2_3-2.3.16-0.23.1.src.rpm rubygem-actionpack-2_3-doc-2.3.16-0.23.1.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.16-0.23.1.i586.rpm rubygem-actionpack-2.3.16-0.6.1.noarch.rpm rubygem-actionpack-2.3.16-0.6.1.src.rpm rubygem-activerecord-2_3-2.3.16-0.19.1.i586.rpm rubygem-activerecord-2_3-2.3.16-0.19.1.src.rpm rubygem-activerecord-2_3-doc-2.3.16-0.19.1.i586.rpm rubygem-activerecord-2_3-testsuite-2.3.16-0.19.1.i586.rpm rubygem-activerecord-2.3.16-0.6.1.noarch.rpm rubygem-activerecord-2.3.16-0.6.1.src.rpm rubygem-activeresource-2_3-2.3.16-0.16.1.i586.rpm rubygem-activeresource-2_3-2.3.16-0.16.1.src.rpm rubygem-activeresource-2_3-doc-2.3.16-0.16.1.i586.rpm rubygem-activeresource-2_3-testsuite-2.3.16-0.16.1.i586.rpm rubygem-activeresource-2.3.16-0.6.1.noarch.rpm rubygem-activeresource-2.3.16-0.6.1.src.rpm rubygem-activesupport-2_3-2.3.16-0.16.1.i586.rpm rubygem-activesupport-2_3-2.3.16-0.16.1.src.rpm rubygem-activesupport-2_3-doc-2.3.16-0.16.1.i586.rpm rubygem-activesupport-2.3.16-0.6.1.noarch.rpm rubygem-activesupport-2.3.16-0.6.1.src.rpm rubygem-rack-1.1.5-0.8.1.i586.rpm rubygem-rack-1.1.5-0.8.1.src.rpm rubygem-rails-2_3-2.3.16-0.12.1.i586.rpm rubygem-rails-2_3-2.3.16-0.12.1.src.rpm rubygem-rails-2_3-doc-2.3.16-0.12.1.i586.rpm rubygem-rails-2.3.16-0.6.1.noarch.rpm rubygem-rails-2.3.16-0.6.1.src.rpm rubygem-actionmailer-2_3-2.3.16-0.16.1.x86_64.rpm rubygem-actionmailer-2_3-doc-2.3.16-0.16.1.x86_64.rpm rubygem-actionmailer-2_3-testsuite-2.3.16-0.16.1.x86_64.rpm rubygem-actionpack-2_3-2.3.16-0.23.1.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.16-0.23.1.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.16-0.23.1.x86_64.rpm rubygem-activerecord-2_3-2.3.16-0.19.1.x86_64.rpm rubygem-activerecord-2_3-doc-2.3.16-0.19.1.x86_64.rpm rubygem-activerecord-2_3-testsuite-2.3.16-0.19.1.x86_64.rpm rubygem-activeresource-2_3-2.3.16-0.16.1.x86_64.rpm rubygem-activeresource-2_3-doc-2.3.16-0.16.1.x86_64.rpm rubygem-activeresource-2_3-testsuite-2.3.16-0.16.1.x86_64.rpm rubygem-activesupport-2_3-2.3.16-0.16.1.x86_64.rpm rubygem-activesupport-2_3-doc-2.3.16-0.16.1.x86_64.rpm rubygem-rack-1.1.5-0.8.1.x86_64.rpm rubygem-rails-2_3-2.3.16-0.12.1.x86_64.rpm rubygem-rails-2_3-doc-2.3.16-0.12.1.x86_64.rpm 2013-19 low openSUSE Evergreen 11.4 Opera was updated to 12.14 version fixing stability issues. This update also consists updates for Opera 12.13 which is a recommended upgrade offering security and stability enhancements. -fixed an issue where Opera gets internal communication errors on Facebook -fixed an issue where no webpages load on startup, if Opera is disconnected from the Internet -fixed an issue where images will not load after back navigation, when a site uses the HTML5 history API (deviantart.com) -improved protection against hijacking of the default search, including a one-time reset -fixed an issue where DOM events manipulation might be used to execute arbitrary code; -fixed an issue where use of SVG clipPaths could allow execution of arbitrary code; -fixed a low severity security issue; details will be disclosed at a later date -fixed an issue where CORS requests could omit the preflight request; opera-12.14-48.1.i586.rpm opera-12.14-48.1.nosrc.rpm opera-gtk-12.14-48.1.i586.rpm opera-kde4-12.14-48.1.i586.rpm opera-12.14-48.1.x86_64.rpm opera-gtk-12.14-48.1.x86_64.rpm opera-kde4-12.14-48.1.x86_64.rpm 2013-26 moderate openSUSE Evergreen 11.4 Inkscape was updated to fix two security issues: - inkscape occasionaly tries to open EPS files from /tmp (bnc#796306, CVE-2012-6076). - inkscape could load XML from external hosts (bnc#794958, CWE-827, CVE-2012-5656). inkscape-0.48.1-8.1.i586.rpm inkscape-0.48.1-8.1.src.rpm inkscape-debuginfo-0.48.1-8.1.i586.rpm inkscape-debugsource-0.48.1-8.1.i586.rpm inkscape-extensions-dia-0.48.1-8.1.i586.rpm inkscape-extensions-extra-0.48.1-8.1.i586.rpm inkscape-extensions-fig-0.48.1-8.1.i586.rpm inkscape-extensions-gimp-0.48.1-8.1.i586.rpm inkscape-extensions-skencil-0.48.1-8.1.i586.rpm inkscape-lang-0.48.1-8.1.noarch.rpm inkscape-0.48.1-8.1.x86_64.rpm inkscape-debuginfo-0.48.1-8.1.x86_64.rpm inkscape-debugsource-0.48.1-8.1.x86_64.rpm inkscape-extensions-dia-0.48.1-8.1.x86_64.rpm inkscape-extensions-extra-0.48.1-8.1.x86_64.rpm inkscape-extensions-fig-0.48.1-8.1.x86_64.rpm inkscape-extensions-gimp-0.48.1-8.1.x86_64.rpm inkscape-extensions-skencil-0.48.1-8.1.x86_64.rpm 2013-22 critical openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.262 to fix various security issues and bugs. flash-player-11.2.202.262-43.1.i586.rpm flash-player-11.2.202.262-43.1.nosrc.rpm flash-player-gnome-11.2.202.262-43.1.i586.rpm flash-player-kde4-11.2.202.262-43.1.i586.rpm flash-player-11.2.202.262-43.1.x86_64.rpm flash-player-gnome-11.2.202.262-43.1.x86_64.rpm flash-player-kde4-11.2.202.262-43.1.x86_64.rpm 2013-28 moderate openSUSE Evergreen 11.4 Fixed bugs: *Prevent execution of enum_recv from SQL (CVE-2013-0255); *Update minimum recovery point when truncating a relation file *Fix SQL grammar to allow subscripting or field selection from a sub-SELECT result *Protect against race conditions when scanning pg_tablespace *Prevent DROP OWNED from trying to drop whole databases or tablespaces *Fix error in vacuum_freeze_table_age implementation *Prevent misbehavior when a RowExpr or XmlExpr is parse-analyzed twice *Improve defenses against integer overflow in hashtable sizing calculations *Reject out-of-range dates in to_date() *Fix possible crash in psql's \? command when not connected to a database *Fix one-byte buffer overrun in libpq's PQprintTuples *Make ecpglib use translated messages properly *Properly install ecpg_compat and pgtypes libraries on MSVC *Rearrange configure's tests for supplied functions so it is not fooled by bogus exports from libedit/libreadline * Add new timezone abbreviation FET libecpg6-9.0.12-27.1.i586.rpm libecpg6-debuginfo-9.0.12-27.1.i586.rpm libpq5-32bit-9.0.12-27.1.x86_64.rpm libpq5-9.0.12-27.1.i586.rpm libpq5-debuginfo-32bit-9.0.12-27.1.x86_64.rpm libpq5-debuginfo-9.0.12-27.1.i586.rpm libpq5-debuginfo-x86-9.0.12-27.1.ia64.rpm libpq5-x86-9.0.12-27.1.ia64.rpm postgresql-devel-9.0.12-27.1.i586.rpm postgresql-devel-debuginfo-9.0.12-27.1.i586.rpm postgresql-libs-9.0.12-27.1.src.rpm postgresql-libs-debugsource-9.0.12-27.1.i586.rpm postgresql-9.0.12-27.1.i586.rpm postgresql-9.0.12-27.1.src.rpm postgresql-contrib-9.0.12-27.1.i586.rpm postgresql-contrib-debuginfo-9.0.12-27.1.i586.rpm postgresql-debuginfo-9.0.12-27.1.i586.rpm postgresql-debugsource-9.0.12-27.1.i586.rpm postgresql-docs-9.0.12-27.1.noarch.rpm postgresql-plperl-9.0.12-27.1.i586.rpm postgresql-plperl-debuginfo-9.0.12-27.1.i586.rpm postgresql-plpython-9.0.12-27.1.i586.rpm postgresql-plpython-debuginfo-9.0.12-27.1.i586.rpm postgresql-pltcl-9.0.12-27.1.i586.rpm postgresql-pltcl-debuginfo-9.0.12-27.1.i586.rpm postgresql-server-9.0.12-27.1.i586.rpm postgresql-server-debuginfo-9.0.12-27.1.i586.rpm libecpg6-9.0.12-27.1.x86_64.rpm libecpg6-debuginfo-9.0.12-27.1.x86_64.rpm libpq5-9.0.12-27.1.x86_64.rpm libpq5-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-devel-9.0.12-27.1.x86_64.rpm postgresql-devel-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-libs-debugsource-9.0.12-27.1.x86_64.rpm postgresql-9.0.12-27.1.x86_64.rpm postgresql-contrib-9.0.12-27.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-debugsource-9.0.12-27.1.x86_64.rpm postgresql-plperl-9.0.12-27.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-plpython-9.0.12-27.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-pltcl-9.0.12-27.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.12-27.1.x86_64.rpm postgresql-server-9.0.12-27.1.x86_64.rpm postgresql-server-debuginfo-9.0.12-27.1.x86_64.rpm 2013-23 moderate openSUSE Evergreen 11.4 wireshark was updated to 1.8.5 to fix bugs and security issues. Vulnerabilities fixed: * Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 * The CLNP dissector could crash wnpa-sec-2013-02 CVE-2013-1582 * The DTN dissector could crash wnpa-sec-2013-03 CVE-2013-1583 CVE-2013-1584 * The MS-MMC dissector (and possibly others) could crash wnpa-sec-2013-04 CVE-2013-1585 * The DTLS dissector could crash wnpa-sec-2013-05 CVE-2013-1586 * The ROHC dissector could crash wnpa-sec-2013-06 CVE-2013-1587 * The DCP-ETSI dissector could corrupt memory wnpa-sec-2013-07 CVE-2013-1588 * The Wireshark dissection engine could crash wnpa-sec-2013-08 CVE-2013-1589 * The NTLMSSP dissector could overflow a buffer wnpa-sec-2013-09 CVE-2013-1590 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html wireshark-1.8.5-37.1.i586.rpm wireshark-1.8.5-37.1.src.rpm wireshark-debuginfo-1.8.5-37.1.i586.rpm wireshark-debugsource-1.8.5-37.1.i586.rpm wireshark-devel-1.8.5-37.1.i586.rpm wireshark-1.8.5-37.1.x86_64.rpm wireshark-debuginfo-1.8.5-37.1.x86_64.rpm wireshark-debugsource-1.8.5-37.1.x86_64.rpm wireshark-devel-1.8.5-37.1.x86_64.rpm 2013-25 critical openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.270: (bnc#803485) * APSB13-05, CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639, CVE-2013-0638, CVE-2013-0637 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-05.html flash-player-11.2.202.270-47.1.i586.rpm flash-player-11.2.202.270-47.1.nosrc.rpm flash-player-gnome-11.2.202.270-47.1.i586.rpm flash-player-kde4-11.2.202.270-47.1.i586.rpm flash-player-11.2.202.270-47.1.x86_64.rpm flash-player-gnome-11.2.202.270-47.1.x86_64.rpm flash-player-kde4-11.2.202.270-47.1.x86_64.rpm 2013-27 important openSUSE Evergreen 11.4 OpenJDK (java-1_6_0-openjdk) was updated to 1.12.1 to fix bugs and security issues (bnc#801972) * Security fixes (on top of 1.12.0) - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdown - S7141694, CVE-2013-0429: Improving CORBA internals - S7173145: Improve in-memory representation of splashscreens - S7186945: Unpack200 improvement - S7186946: Refine unpacker resource usage - S7186948: Improve Swing data validation - S7186952, CVE-2013-0432: Improve clipboard access - S7186954: Improve connection performance - S7186957: Improve Pack200 data validation - S7192392, CVE-2013-0443: Better validation of client keys - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages - S7192977, CVE-2013-0442: Issue in toolkit thread - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies - S7200491: Tighten up JTable layout code - S7200500: Launcher better input validation - S7201064: Better dialogue checking - S7201066, CVE-2013-0441: Change modifiers on unused fields - S7201068, CVE-2013-0435: Better handling of UI elements - S7201070: Serialization to conform to protocol - S7201071, CVE-2013-0433: InetSocketAddress serialization issue - S8000210: Improve JarFile code quality - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class - S8000540, CVE-2013-1475: Improve IIOP type reuse management - S8000631, CVE-2013-1476: Restrict access to class constructor - S8001235, CVE-2013-0434: Improve JAXP HTTP handling java-1_6_0-openjdk-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.1-25.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.1-25.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.1-25.1.x86_64.rpm 2013-29 moderate openSUSE Evergreen 11.4 Firefox was updated to version 19.0. Seamonkey was updated to version 2.16. Thunderbird was updated to version 17.0.3. * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer MozillaFirefox-19.0-61.1.i586.rpm MozillaFirefox-19.0-61.1.src.rpm MozillaFirefox-branding-upstream-19.0-61.1.i586.rpm MozillaFirefox-buildsymbols-19.0-61.1.i586.rpm MozillaFirefox-debuginfo-19.0-61.1.i586.rpm MozillaFirefox-debugsource-19.0-61.1.i586.rpm MozillaFirefox-devel-19.0-61.1.i586.rpm MozillaFirefox-translations-common-19.0-61.1.i586.rpm MozillaFirefox-translations-other-19.0-61.1.i586.rpm MozillaThunderbird-17.0.3-49.1.i586.rpm MozillaThunderbird-17.0.3-49.1.src.rpm MozillaThunderbird-buildsymbols-17.0.3-49.1.i586.rpm MozillaThunderbird-debuginfo-17.0.3-49.1.i586.rpm MozillaThunderbird-debugsource-17.0.3-49.1.i586.rpm MozillaThunderbird-devel-17.0.3-49.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.3-49.1.i586.rpm MozillaThunderbird-translations-common-17.0.3-49.1.i586.rpm MozillaThunderbird-translations-other-17.0.3-49.1.i586.rpm enigmail-1.5.1+17.0.3-49.1.i586.rpm enigmail-debuginfo-1.5.1+17.0.3-49.1.i586.rpm seamonkey-2.16-53.1.i586.rpm seamonkey-2.16-53.1.src.rpm seamonkey-debuginfo-2.16-53.1.i586.rpm seamonkey-debugsource-2.16-53.1.i586.rpm seamonkey-dom-inspector-2.16-53.1.i586.rpm seamonkey-irc-2.16-53.1.i586.rpm seamonkey-translations-common-2.16-53.1.i586.rpm seamonkey-translations-other-2.16-53.1.i586.rpm seamonkey-venkman-2.16-53.1.i586.rpm MozillaFirefox-19.0-61.1.x86_64.rpm MozillaFirefox-branding-upstream-19.0-61.1.x86_64.rpm MozillaFirefox-buildsymbols-19.0-61.1.x86_64.rpm MozillaFirefox-debuginfo-19.0-61.1.x86_64.rpm MozillaFirefox-debugsource-19.0-61.1.x86_64.rpm MozillaFirefox-devel-19.0-61.1.x86_64.rpm MozillaFirefox-translations-common-19.0-61.1.x86_64.rpm MozillaFirefox-translations-other-19.0-61.1.x86_64.rpm MozillaThunderbird-17.0.3-49.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.3-49.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0.3-49.1.x86_64.rpm MozillaThunderbird-debugsource-17.0.3-49.1.x86_64.rpm MozillaThunderbird-devel-17.0.3-49.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.3-49.1.x86_64.rpm MozillaThunderbird-translations-common-17.0.3-49.1.x86_64.rpm MozillaThunderbird-translations-other-17.0.3-49.1.x86_64.rpm enigmail-1.5.1+17.0.3-49.1.x86_64.rpm enigmail-debuginfo-1.5.1+17.0.3-49.1.x86_64.rpm seamonkey-2.16-53.1.x86_64.rpm seamonkey-debuginfo-2.16-53.1.x86_64.rpm seamonkey-debugsource-2.16-53.1.x86_64.rpm seamonkey-dom-inspector-2.16-53.1.x86_64.rpm seamonkey-irc-2.16-53.1.x86_64.rpm seamonkey-translations-common-2.16-53.1.x86_64.rpm seamonkey-translations-other-2.16-53.1.x86_64.rpm seamonkey-venkman-2.16-53.1.x86_64.rpm 2013-33 important openSUSE Evergreen 11.4 java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654) containing security and bugfixes: * Security fixes - S8006446: Restrict MBeanServer access (CVE-2013-1486) - S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) - S8007688: Blacklist known bad certificate (issued by DigiCert) * Backports - S8007393: Possible race condition after JDK-6664509 - S8007611: logging behavior in applet changed * Bug fixes - PR1319: Support GIF lib v5. java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-29.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.3-29.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.3-29.1.x86_64.rpm 2013-30 moderate openSUSE Evergreen 11.4 openssl was updated to 1.0.0k security release to fix bugs and security issues. (bnc#802648 bnc#802746) The version was upgraded to avoid backporting the large fixes for SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169) TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686) OCSP invalid key DoS issue (CVE-2013-0166) Also the following bugfix was included: bnc#757773 - c_rehash to accept more filename extensions libopenssl-devel-1.0.0k-18.45.1.i586.rpm libopenssl1_0_0-1.0.0k-18.45.1.i586.rpm libopenssl1_0_0-32bit-1.0.0k-18.45.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0k-18.45.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0k-18.45.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0k-18.45.1.ia64.rpm libopenssl1_0_0-x86-1.0.0k-18.45.1.ia64.rpm openssl-1.0.0k-18.45.1.i586.rpm openssl-1.0.0k-18.45.1.src.rpm openssl-debuginfo-1.0.0k-18.45.1.i586.rpm openssl-debugsource-1.0.0k-18.45.1.i586.rpm openssl-doc-1.0.0k-18.45.1.noarch.rpm libopenssl-devel-1.0.0k-18.45.1.x86_64.rpm libopenssl1_0_0-1.0.0k-18.45.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0k-18.45.1.x86_64.rpm openssl-1.0.0k-18.45.1.x86_64.rpm openssl-debuginfo-1.0.0k-18.45.1.x86_64.rpm openssl-debugsource-1.0.0k-18.45.1.x86_64.rpm 2013-31 critical openSUSE Evergreen 11.4 acroread was updated to 9.5.4 to fix remote code execution problems. (CVE-2013-0640, CVE-2013-0641) More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.html acroread-9.5.4-14.1.i586.rpm acroread-9.5.4-14.1.nosrc.rpm acroread-browser-plugin-9.5.4-14.1.i586.rpm 2013-34 moderate openSUSE Evergreen 11.4 git imap-send was fixed to do SSL host verification. This can be disabled if necessary in the config file. git-1.7.3.4-4.11.1.i586.rpm git-1.7.3.4-4.11.1.src.rpm git-arch-1.7.3.4-4.11.1.i586.rpm git-core-1.7.3.4-4.11.1.i586.rpm git-core-debuginfo-1.7.3.4-4.11.1.i586.rpm git-cvs-1.7.3.4-4.11.1.i586.rpm git-daemon-1.7.3.4-4.11.1.i586.rpm git-daemon-debuginfo-1.7.3.4-4.11.1.i586.rpm git-debugsource-1.7.3.4-4.11.1.i586.rpm git-email-1.7.3.4-4.11.1.i586.rpm git-gui-1.7.3.4-4.11.1.i586.rpm git-remote-helpers-1.7.3.4-4.11.1.i586.rpm git-svn-1.7.3.4-4.11.1.i586.rpm git-web-1.7.3.4-4.11.1.i586.rpm gitk-1.7.3.4-4.11.1.i586.rpm git-1.7.3.4-4.11.1.x86_64.rpm git-arch-1.7.3.4-4.11.1.x86_64.rpm git-core-1.7.3.4-4.11.1.x86_64.rpm git-core-debuginfo-1.7.3.4-4.11.1.x86_64.rpm git-cvs-1.7.3.4-4.11.1.x86_64.rpm git-daemon-1.7.3.4-4.11.1.x86_64.rpm git-daemon-debuginfo-1.7.3.4-4.11.1.x86_64.rpm git-debugsource-1.7.3.4-4.11.1.x86_64.rpm git-email-1.7.3.4-4.11.1.x86_64.rpm git-gui-1.7.3.4-4.11.1.x86_64.rpm git-remote-helpers-1.7.3.4-4.11.1.x86_64.rpm git-svn-1.7.3.4-4.11.1.x86_64.rpm git-web-1.7.3.4-4.11.1.x86_64.rpm gitk-1.7.3.4-4.11.1.x86_64.rpm 2013-36 low openSUSE Evergreen 11.4 This update fixes some issues with openSUSE's patches to the KDE application launcher ("Kickoff"): - bnc#803179: sort entries by genericName if "Show applications by name" is switched off - bnc#356553: add ":F" to the sortOrder list if it isn't included to make sure collapsed entries are really shown - bnc#641916: display program icon instead of submenu icon when using reduced menu depth - bnc#725829: don't set name to null if it is equal to genericName or genericName is empty kdebase4-wallpapers-4.6.0-5.18.1.noarch.rpm kdebase4-wallpapers-4.6.0-5.18.1.src.rpm kde4-kgreeter-plugins-4.6.0-10.18.1.i586.rpm kde4-kgreeter-plugins-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-4.6.0-10.18.1.i586.rpm kdebase4-workspace-4.6.0-10.18.1.src.rpm kdebase4-workspace-branding-upstream-4.6.0-10.18.1.i586.rpm kdebase4-workspace-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-debugsource-4.6.0-10.18.1.i586.rpm kdebase4-workspace-devel-4.6.0-10.18.1.i586.rpm kdebase4-workspace-devel-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-google-gadgets-4.6.0-10.18.1.i586.rpm kdebase4-workspace-google-gadgets-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-ksysguardd-4.6.0-10.18.1.i586.rpm kdebase4-workspace-ksysguardd-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-liboxygenstyle-32bit-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-liboxygenstyle-4.6.0-10.18.1.i586.rpm kdebase4-workspace-liboxygenstyle-debuginfo-32bit-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-liboxygenstyle-debuginfo-4.6.0-10.18.1.i586.rpm kdebase4-workspace-liboxygenstyle-debuginfo-x86-4.6.0-10.18.1.ia64.rpm kdebase4-workspace-liboxygenstyle-x86-4.6.0-10.18.1.ia64.rpm kdm-4.6.0-10.18.1.i586.rpm kdm-branding-upstream-4.6.0-10.18.1.i586.rpm kdm-debuginfo-4.6.0-10.18.1.i586.rpm kwin-4.6.0-10.18.1.i586.rpm kwin-debuginfo-4.6.0-10.18.1.i586.rpm kdelibs4-4.6.0-6.69.1.i586.rpm kdelibs4-4.6.0-6.69.1.src.rpm kdelibs4-branding-upstream-4.6.0-6.69.1.i586.rpm kdelibs4-core-4.6.0-6.69.1.i586.rpm kdelibs4-core-debuginfo-4.6.0-6.69.1.i586.rpm kdelibs4-debuginfo-4.6.0-6.69.1.i586.rpm kdelibs4-debugsource-4.6.0-6.69.1.i586.rpm kdelibs4-doc-4.6.0-6.69.1.i586.rpm kdelibs4-doc-debuginfo-4.6.0-6.69.1.i586.rpm libkde4-32bit-4.6.0-6.69.1.x86_64.rpm libkde4-4.6.0-6.69.1.i586.rpm libkde4-debuginfo-32bit-4.6.0-6.69.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.69.1.i586.rpm libkde4-debuginfo-x86-4.6.0-6.69.1.ia64.rpm libkde4-devel-4.6.0-6.69.1.i586.rpm libkde4-x86-4.6.0-6.69.1.ia64.rpm libkdecore4-32bit-4.6.0-6.69.1.x86_64.rpm libkdecore4-4.6.0-6.69.1.i586.rpm libkdecore4-debuginfo-32bit-4.6.0-6.69.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.69.1.i586.rpm libkdecore4-debuginfo-x86-4.6.0-6.69.1.ia64.rpm libkdecore4-devel-4.6.0-6.69.1.i586.rpm libkdecore4-devel-debuginfo-4.6.0-6.69.1.i586.rpm libkdecore4-x86-4.6.0-6.69.1.ia64.rpm libksuseinstall-devel-4.6.0-6.69.1.i586.rpm libksuseinstall1-32bit-4.6.0-6.69.1.x86_64.rpm libksuseinstall1-4.6.0-6.69.1.i586.rpm libksuseinstall1-debuginfo-32bit-4.6.0-6.69.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.69.1.i586.rpm libksuseinstall1-debuginfo-x86-4.6.0-6.69.1.ia64.rpm libksuseinstall1-x86-4.6.0-6.69.1.ia64.rpm kde4-kgreeter-plugins-4.6.0-10.18.1.x86_64.rpm kde4-kgreeter-plugins-debuginfo-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-branding-upstream-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-debuginfo-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-debugsource-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-devel-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-devel-debuginfo-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-google-gadgets-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-google-gadgets-debuginfo-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-ksysguardd-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-ksysguardd-debuginfo-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-liboxygenstyle-4.6.0-10.18.1.x86_64.rpm kdebase4-workspace-liboxygenstyle-debuginfo-4.6.0-10.18.1.x86_64.rpm kdm-4.6.0-10.18.1.x86_64.rpm kdm-branding-upstream-4.6.0-10.18.1.x86_64.rpm kdm-debuginfo-4.6.0-10.18.1.x86_64.rpm kwin-4.6.0-10.18.1.x86_64.rpm kwin-debuginfo-4.6.0-10.18.1.x86_64.rpm kdelibs4-4.6.0-6.69.1.x86_64.rpm kdelibs4-branding-upstream-4.6.0-6.69.1.x86_64.rpm kdelibs4-core-4.6.0-6.69.1.x86_64.rpm kdelibs4-core-debuginfo-4.6.0-6.69.1.x86_64.rpm kdelibs4-debuginfo-4.6.0-6.69.1.x86_64.rpm kdelibs4-debugsource-4.6.0-6.69.1.x86_64.rpm kdelibs4-doc-4.6.0-6.69.1.x86_64.rpm kdelibs4-doc-debuginfo-4.6.0-6.69.1.x86_64.rpm libkde4-4.6.0-6.69.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.69.1.x86_64.rpm libkde4-devel-4.6.0-6.69.1.x86_64.rpm libkdecore4-4.6.0-6.69.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.69.1.x86_64.rpm libkdecore4-devel-4.6.0-6.69.1.x86_64.rpm libkdecore4-devel-debuginfo-4.6.0-6.69.1.x86_64.rpm libksuseinstall-devel-4.6.0-6.69.1.x86_64.rpm libksuseinstall1-4.6.0-6.69.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.69.1.x86_64.rpm 2013-32 critical openSUSE Evergreen 11.4 Flash Player was updated to 11.2.202.273 to fix critical security issues: (bnc#806415) * APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.html flash-player-11.2.202.273-51.1.i586.rpm flash-player-11.2.202.273-51.1.nosrc.rpm flash-player-gnome-11.2.202.273-51.1.i586.rpm flash-player-kde4-11.2.202.273-51.1.i586.rpm flash-player-11.2.202.273-51.1.x86_64.rpm flash-player-gnome-11.2.202.273-51.1.x86_64.rpm flash-player-kde4-11.2.202.273-51.1.x86_64.rpm 2013-42 moderate openSUSE Evergreen 11.4 The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby Rack was updated to 1.1.6. The updates fix various security issues and bugs. - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to 1.1.6 (bnc#802794) * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie rubygem-actionmailer-2_3-2.3.17-0.24.1.i586.rpm rubygem-actionmailer-2_3-2.3.17-0.24.1.src.rpm rubygem-actionmailer-2_3-doc-2.3.17-0.24.1.i586.rpm rubygem-actionmailer-2_3-testsuite-2.3.17-0.24.1.i586.rpm rubygem-actionmailer-2.3.17-14.1.noarch.rpm rubygem-actionmailer-2.3.17-14.1.src.rpm rubygem-actionpack-2_3-2.3.17-31.1.i586.rpm rubygem-actionpack-2_3-2.3.17-31.1.src.rpm rubygem-actionpack-2_3-doc-2.3.17-31.1.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.17-31.1.i586.rpm rubygem-actionpack-2.3.17-14.1.noarch.rpm rubygem-actionpack-2.3.17-14.1.src.rpm rubygem-activerecord-2_3-2.3.17-27.1.i586.rpm rubygem-activerecord-2_3-2.3.17-27.1.src.rpm rubygem-activerecord-2_3-doc-2.3.17-27.1.i586.rpm rubygem-activerecord-2_3-testsuite-2.3.17-27.1.i586.rpm rubygem-activerecord-2.3.17-14.1.noarch.rpm rubygem-activerecord-2.3.17-14.1.src.rpm rubygem-activeresource-2_3-2.3.17-24.1.i586.rpm rubygem-activeresource-2_3-2.3.17-24.1.src.rpm rubygem-activeresource-2_3-doc-2.3.17-24.1.i586.rpm rubygem-activeresource-2_3-testsuite-2.3.17-24.1.i586.rpm rubygem-activeresource-2.3.17-14.1.noarch.rpm rubygem-activeresource-2.3.17-14.1.src.rpm rubygem-activesupport-2_3-2.3.17-24.1.i586.rpm rubygem-activesupport-2_3-2.3.17-24.1.src.rpm rubygem-activesupport-2_3-doc-2.3.17-24.1.i586.rpm rubygem-activesupport-2.3.17-14.1.noarch.rpm rubygem-activesupport-2.3.17-14.1.src.rpm rubygem-rack-1.1.6-16.1.i586.rpm rubygem-rack-1.1.6-16.1.src.rpm rubygem-rails-2_3-2.3.17-20.1.i586.rpm rubygem-rails-2_3-2.3.17-20.1.src.rpm rubygem-rails-2_3-doc-2.3.17-20.1.i586.rpm rubygem-rails-2.3.17-14.1.noarch.rpm rubygem-rails-2.3.17-14.1.src.rpm rubygem-actionmailer-2_3-2.3.17-0.24.1.x86_64.rpm rubygem-actionmailer-2_3-doc-2.3.17-0.24.1.x86_64.rpm rubygem-actionmailer-2_3-testsuite-2.3.17-0.24.1.x86_64.rpm rubygem-actionpack-2_3-2.3.17-31.1.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.17-31.1.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.17-31.1.x86_64.rpm rubygem-activerecord-2_3-2.3.17-27.1.x86_64.rpm rubygem-activerecord-2_3-doc-2.3.17-27.1.x86_64.rpm rubygem-activerecord-2_3-testsuite-2.3.17-27.1.x86_64.rpm rubygem-activeresource-2_3-2.3.17-24.1.x86_64.rpm rubygem-activeresource-2_3-doc-2.3.17-24.1.x86_64.rpm rubygem-activeresource-2_3-testsuite-2.3.17-24.1.x86_64.rpm rubygem-activesupport-2_3-2.3.17-24.1.x86_64.rpm rubygem-activesupport-2_3-doc-2.3.17-24.1.x86_64.rpm rubygem-rack-1.1.6-16.1.x86_64.rpm rubygem-rails-2_3-2.3.17-20.1.x86_64.rpm rubygem-rails-2_3-doc-2.3.17-20.1.x86_64.rpm 2013-35 important openSUSE Evergreen 11.4 pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274) - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. (CVE-2013-0273) - Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272) finch-2.7.10-4.53.1.i586.rpm finch-debuginfo-2.7.10-4.53.1.i586.rpm finch-devel-2.7.10-4.53.1.i586.rpm libpurple-2.7.10-4.53.1.i586.rpm libpurple-debuginfo-2.7.10-4.53.1.i586.rpm libpurple-devel-2.7.10-4.53.1.i586.rpm libpurple-lang-2.7.10-4.53.1.noarch.rpm libpurple-meanwhile-2.7.10-4.53.1.i586.rpm libpurple-meanwhile-debuginfo-2.7.10-4.53.1.i586.rpm libpurple-tcl-2.7.10-4.53.1.i586.rpm libpurple-tcl-debuginfo-2.7.10-4.53.1.i586.rpm pidgin-2.7.10-4.53.1.i586.rpm pidgin-2.7.10-4.53.1.src.rpm pidgin-debuginfo-2.7.10-4.53.1.i586.rpm pidgin-debugsource-2.7.10-4.53.1.i586.rpm pidgin-devel-2.7.10-4.53.1.i586.rpm pidgin-evolution-2.7.10-4.53.1.i586.rpm pidgin-evolution-debuginfo-2.7.10-4.53.1.i586.rpm finch-2.7.10-4.53.1.x86_64.rpm finch-debuginfo-2.7.10-4.53.1.x86_64.rpm finch-devel-2.7.10-4.53.1.x86_64.rpm libpurple-2.7.10-4.53.1.x86_64.rpm libpurple-debuginfo-2.7.10-4.53.1.x86_64.rpm libpurple-devel-2.7.10-4.53.1.x86_64.rpm libpurple-meanwhile-2.7.10-4.53.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.7.10-4.53.1.x86_64.rpm libpurple-tcl-2.7.10-4.53.1.x86_64.rpm libpurple-tcl-debuginfo-2.7.10-4.53.1.x86_64.rpm pidgin-2.7.10-4.53.1.x86_64.rpm pidgin-debuginfo-2.7.10-4.53.1.x86_64.rpm pidgin-debugsource-2.7.10-4.53.1.x86_64.rpm pidgin-devel-2.7.10-4.53.1.x86_64.rpm pidgin-evolution-2.7.10-4.53.1.x86_64.rpm pidgin-evolution-debuginfo-2.7.10-4.53.1.x86_64.rpm 2013-45 low openSUSE Evergreen 11.4 Sudo was updated fixing following security issues: -Authentication bypass when clock is reset (CVE-2013-1775) ; -Potential bypass of tty_tickets constraints (CVE-2013-1776). sudo-1.7.6p2-0.19.1.i586.rpm sudo-1.7.6p2-0.19.1.src.rpm sudo-debuginfo-1.7.6p2-0.19.1.i586.rpm sudo-debugsource-1.7.6p2-0.19.1.i586.rpm sudo-1.7.6p2-0.19.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.19.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.19.1.x86_64.rpm 2013-43 important openSUSE Evergreen 11.4 This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird. firebird-2.1.3.18185.0-16.1.i586.rpm firebird-2.1.3.18185.0-16.1.src.rpm firebird-classic-2.1.3.18185.0-16.1.i586.rpm firebird-classic-debuginfo-2.1.3.18185.0-16.1.i586.rpm firebird-debuginfo-2.1.3.18185.0-16.1.i586.rpm firebird-debugsource-2.1.3.18185.0-16.1.i586.rpm firebird-devel-2.1.3.18185.0-16.1.i586.rpm firebird-devel-debuginfo-2.1.3.18185.0-16.1.i586.rpm firebird-doc-2.1.3.18185.0-16.1.i586.rpm firebird-filesystem-2.1.3.18185.0-16.1.i586.rpm firebird-superserver-2.1.3.18185.0-16.1.i586.rpm firebird-superserver-debuginfo-2.1.3.18185.0-16.1.i586.rpm libfbclient2-2.1.3.18185.0-16.1.i586.rpm libfbclient2-debuginfo-2.1.3.18185.0-16.1.i586.rpm libfbembed2-2.1.3.18185.0-16.1.i586.rpm libfbembed2-debuginfo-2.1.3.18185.0-16.1.i586.rpm firebird-2.1.3.18185.0-16.1.x86_64.rpm firebird-classic-2.1.3.18185.0-16.1.x86_64.rpm firebird-classic-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm firebird-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm firebird-debugsource-2.1.3.18185.0-16.1.x86_64.rpm firebird-devel-2.1.3.18185.0-16.1.x86_64.rpm firebird-devel-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm firebird-doc-2.1.3.18185.0-16.1.x86_64.rpm firebird-filesystem-2.1.3.18185.0-16.1.x86_64.rpm firebird-superserver-2.1.3.18185.0-16.1.x86_64.rpm firebird-superserver-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm libfbclient2-2.1.3.18185.0-16.1.x86_64.rpm libfbclient2-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm libfbembed2-2.1.3.18185.0-16.1.x86_64.rpm libfbembed2-debuginfo-2.1.3.18185.0-16.1.x86_64.rpm 2012-3 important openSUSE Evergreen 11.4 Fixed security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate Cross-Site Scripting; -a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date -an issue where specially crafted SVG images could allow execution of arbitrary code; -a moderate severity issue, as reported by the Google Security Group; details will be disclosed at a later date Full changelog available at: http://www.opera.com/docs/changelogs/unix/1210 opera-12.10-36.1.i586.rpm opera-12.10-36.1.nosrc.rpm opera-gtk-12.10-36.1.i586.rpm opera-kde4-12.10-36.1.i586.rpm opera-12.10-36.1.x86_64.rpm opera-gtk-12.10-36.1.x86_64.rpm opera-kde4-12.10-36.1.x86_64.rpm 2013-38 important openSUSE Evergreen 11.4 Update to - Firefox 19.0.2 - Seamonkey 2.16.1 - Thunderbird 17.0.4 which fix a use-after-free in HTML Editor which could allow for arbitrary code execution. MozillaFirefox-19.0.2-65.1.i586.rpm MozillaFirefox-19.0.2-65.1.src.rpm MozillaFirefox-branding-upstream-19.0.2-65.1.i586.rpm MozillaFirefox-buildsymbols-19.0.2-65.1.i586.rpm MozillaFirefox-debuginfo-19.0.2-65.1.i586.rpm MozillaFirefox-debugsource-19.0.2-65.1.i586.rpm MozillaFirefox-devel-19.0.2-65.1.i586.rpm MozillaFirefox-translations-common-19.0.2-65.1.i586.rpm MozillaFirefox-translations-other-19.0.2-65.1.i586.rpm MozillaThunderbird-17.0.4-53.1.i586.rpm MozillaThunderbird-17.0.4-53.1.src.rpm MozillaThunderbird-buildsymbols-17.0.4-53.1.i586.rpm MozillaThunderbird-debuginfo-17.0.4-53.1.i586.rpm MozillaThunderbird-debugsource-17.0.4-53.1.i586.rpm MozillaThunderbird-devel-17.0.4-53.1.i586.rpm MozillaThunderbird-devel-debuginfo-17.0.4-53.1.i586.rpm MozillaThunderbird-translations-common-17.0.4-53.1.i586.rpm MozillaThunderbird-translations-other-17.0.4-53.1.i586.rpm enigmail-1.5.1+17.0.4-53.1.i586.rpm enigmail-debuginfo-1.5.1+17.0.4-53.1.i586.rpm seamonkey-2.16.1-57.1.i586.rpm seamonkey-2.16.1-57.1.src.rpm seamonkey-debuginfo-2.16.1-57.1.i586.rpm seamonkey-debugsource-2.16.1-57.1.i586.rpm seamonkey-dom-inspector-2.16.1-57.1.i586.rpm seamonkey-irc-2.16.1-57.1.i586.rpm seamonkey-translations-common-2.16.1-57.1.i586.rpm seamonkey-translations-other-2.16.1-57.1.i586.rpm seamonkey-venkman-2.16.1-57.1.i586.rpm MozillaFirefox-19.0.2-65.1.x86_64.rpm MozillaFirefox-branding-upstream-19.0.2-65.1.x86_64.rpm MozillaFirefox-buildsymbols-19.0.2-65.1.x86_64.rpm MozillaFirefox-debuginfo-19.0.2-65.1.x86_64.rpm MozillaFirefox-debugsource-19.0.2-65.1.x86_64.rpm MozillaFirefox-devel-19.0.2-65.1.x86_64.rpm MozillaFirefox-translations-common-19.0.2-65.1.x86_64.rpm MozillaFirefox-translations-other-19.0.2-65.1.x86_64.rpm MozillaThunderbird-17.0.4-53.1.x86_64.rpm MozillaThunderbird-buildsymbols-17.0.4-53.1.x86_64.rpm MozillaThunderbird-debuginfo-17.0.4-53.1.x86_64.rpm MozillaThunderbird-debugsource-17.0.4-53.1.x86_64.rpm MozillaThunderbird-devel-17.0.4-53.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-17.0.4-53.1.x86_64.rpm MozillaThunderbird-translations-common-17.0.4-53.1.x86_64.rpm MozillaThunderbird-translations-other-17.0.4-53.1.x86_64.rpm enigmail-1.5.1+17.0.4-53.1.x86_64.rpm enigmail-debuginfo-1.5.1+17.0.4-53.1.x86_64.rpm seamonkey-2.16.1-57.1.x86_64.rpm seamonkey-debuginfo-2.16.1-57.1.x86_64.rpm seamonkey-debugsource-2.16.1-57.1.x86_64.rpm seamonkey-dom-inspector-2.16.1-57.1.x86_64.rpm seamonkey-irc-2.16.1-57.1.x86_64.rpm seamonkey-translations-common-2.16.1-57.1.x86_64.rpm seamonkey-translations-other-2.16.1-57.1.x86_64.rpm seamonkey-venkman-2.16.1-57.1.x86_64.rpm 2013-37 moderate openSUSE Evergreen 11.4 libqt4 was updated to fix a information disclosure via QSharedMemory (CVE-2013-0254). libQtWebKit-devel-4.7.1-8.72.1.i586.rpm libQtWebKit4-32bit-4.7.1-8.72.1.x86_64.rpm libQtWebKit4-4.7.1-8.72.1.i586.rpm libQtWebKit4-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.72.1.i586.rpm libQtWebKit4-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libQtWebKit4-x86-4.7.1-8.72.1.ia64.rpm libqt4-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-4.7.1-8.72.1.i586.rpm libqt4-4.7.1-8.72.1.src.rpm libqt4-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libqt4-debugsource-4.7.1-8.72.1.i586.rpm libqt4-devel-4.7.1-8.72.1.i586.rpm libqt4-devel-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-qt3support-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-qt3support-4.7.1-8.72.1.i586.rpm libqt4-qt3support-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-qt3support-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libqt4-qt3support-x86-4.7.1-8.72.1.ia64.rpm libqt4-sql-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-sql-4.7.1-8.72.1.i586.rpm libqt4-sql-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-sql-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libqt4-sql-sqlite-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.72.1.i586.rpm libqt4-sql-sqlite-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-sql-sqlite-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libqt4-sql-sqlite-x86-4.7.1-8.72.1.ia64.rpm libqt4-sql-x86-4.7.1-8.72.1.ia64.rpm libqt4-x11-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-x11-4.7.1-8.72.1.i586.rpm libqt4-x11-debuginfo-32bit-4.7.1-8.72.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.72.1.i586.rpm libqt4-x11-debuginfo-x86-4.7.1-8.72.1.ia64.rpm libqt4-x11-x86-4.7.1-8.72.1.ia64.rpm libqt4-x86-4.7.1-8.72.1.ia64.rpm libQtWebKit-devel-4.7.1-8.72.1.x86_64.rpm libQtWebKit4-4.7.1-8.72.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-4.7.1-8.72.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-debugsource-4.7.1-8.72.1.x86_64.rpm libqt4-devel-4.7.1-8.72.1.x86_64.rpm libqt4-devel-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-qt3support-4.7.1-8.72.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-sql-4.7.1-8.72.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.72.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.72.1.x86_64.rpm libqt4-x11-4.7.1-8.72.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.72.1.x86_64.rpm 2013-39 important openSUSE Evergreen 11.4 java-1_6_0-openjdk aka IcedTea was updated to 1.12.4 - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-33.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.4-33.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.4-33.1.x86_64.rpm 2013-40 important openSUSE Evergreen 11.4 This update provides the latest timezone information for your system. The changes in detail are: * Chile is changing its DST rules * Estimate Morocco 2013-2038 transitions for Ramadan * New alias Europe/Busingen for Europe/Zurich * New zones Asia/Khandyga, Asia/Ust-Nera * Libya moving to CET, but with DST. timezone-java-2013a-14.1.noarch.rpm timezone-java-2013a-14.1.src.rpm timezone-2013a-14.1.i586.rpm timezone-2013a-14.1.src.rpm timezone-debuginfo-2013a-14.1.i586.rpm timezone-debugsource-2013a-14.1.i586.rpm timezone-2013a-14.1.x86_64.rpm timezone-debuginfo-2013a-14.1.x86_64.rpm timezone-debugsource-2013a-14.1.x86_64.rpm 2013-44 moderate openSUSE Evergreen 11.4 wireshark was updated to 1.8.6 [bnc#807942] + vulnerabilities fixed: * The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 * The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 * The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 * The MS-MMS dissector could crash. wnpa-sec-2013-13 CVE-2013-2478 * The MPLS Echo dissector could go into an infinite loop. wnpa-sec-2013-14 CVE-2013-2479 * The RTPS and RTPS2 dissectors could crash. wnpa-sec-2013-15 CVE-2013-2480 * The Mount dissector could crash. wnpa-sec-2013-16 CVE-2013-2481 * The AMPQ dissector could go into an infinite loop. wnpa-sec-2013-17 CVE-2013-2482 * The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18 CVE-2013-2483 * The CIMD dissector could crash. wnpa-sec-2013-19 CVE-2013-2484 * The FCSP dissector could go into an infinite loop. wnpa-sec-2013-20 CVE-2013-2485 * The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487 * The DTLS dissector could crash. wnpa-sec-2013-22 CVE-2013-2488 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html wireshark-1.8.6-41.1.i586.rpm wireshark-1.8.6-41.1.src.rpm wireshark-debuginfo-1.8.6-41.1.i586.rpm wireshark-debugsource-1.8.6-41.1.i586.rpm wireshark-devel-1.8.6-41.1.i586.rpm wireshark-1.8.6-41.1.x86_64.rpm wireshark-debuginfo-1.8.6-41.1.x86_64.rpm wireshark-debugsource-1.8.6-41.1.x86_64.rpm wireshark-devel-1.8.6-41.1.x86_64.rpm 2013-41 critical openSUSE Evergreen 11.4 Adobe Flash Player was updated to 11.2.202.275: (bnc#808973) * APSB13-09, CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.html flash-player-11.2.202.275-55.1.i586.rpm flash-player-11.2.202.275-55.1.nosrc.rpm flash-player-gnome-11.2.202.275-55.1.i586.rpm flash-player-kde4-11.2.202.275-55.1.i586.rpm flash-player-11.2.202.275-55.1.x86_64.rpm flash-player-gnome-11.2.202.275-55.1.x86_64.rpm flash-player-kde4-11.2.202.275-55.1.x86_64.rpm 2013-46 important openSUSE Evergreen 11.4 Perl was updated to fix 3 security issues: - fix rehash denial of service (compute time) [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329] perl-32bit-5.12.3-11.36.1.x86_64.rpm perl-5.12.3-11.36.1.i586.rpm perl-5.12.3-11.36.1.src.rpm perl-base-32bit-5.12.3-11.36.1.x86_64.rpm perl-base-5.12.3-11.36.1.i586.rpm perl-base-debuginfo-32bit-5.12.3-11.36.1.x86_64.rpm perl-base-debuginfo-5.12.3-11.36.1.i586.rpm perl-base-debuginfo-x86-5.12.3-11.36.1.ia64.rpm perl-base-x86-5.12.3-11.36.1.ia64.rpm perl-debuginfo-32bit-5.12.3-11.36.1.x86_64.rpm perl-debuginfo-5.12.3-11.36.1.i586.rpm perl-debuginfo-x86-5.12.3-11.36.1.ia64.rpm perl-debugsource-5.12.3-11.36.1.i586.rpm perl-doc-5.12.3-11.36.1.noarch.rpm perl-x86-5.12.3-11.36.1.ia64.rpm perl-5.12.3-11.36.1.x86_64.rpm perl-base-5.12.3-11.36.1.x86_64.rpm perl-base-debuginfo-5.12.3-11.36.1.x86_64.rpm perl-debuginfo-5.12.3-11.36.1.x86_64.rpm perl-debugsource-5.12.3-11.36.1.x86_64.rpm 2013-61 low openSUSE Evergreen 11.4 crypt() return value wasn't checked properly which could allow remote denial of service crashing the application. thttpd-2.25b-184.1.i586.rpm thttpd-2.25b-184.1.src.rpm thttpd-debuginfo-2.25b-184.1.i586.rpm thttpd-debugsource-2.25b-184.1.i586.rpm thttpd-2.25b-184.1.x86_64.rpm thttpd-debuginfo-2.25b-184.1.x86_64.rpm thttpd-debugsource-2.25b-184.1.x86_64.rpm 2013-49 moderate openSUSE Evergreen 11.4 libxml2 was updated to limit internal entity expansion denial of service problems (IXE) (CVE-2013-0338) (bnc#805233) libxml2-2.7.8-41.1.i586.rpm libxml2-2.7.8-41.1.src.rpm libxml2-32bit-2.7.8-41.1.x86_64.rpm libxml2-debuginfo-2.7.8-41.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-41.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-41.1.ia64.rpm libxml2-debugsource-2.7.8-41.1.i586.rpm libxml2-devel-2.7.8-41.1.i586.rpm libxml2-devel-32bit-2.7.8-41.1.x86_64.rpm libxml2-doc-2.7.8-41.1.noarch.rpm libxml2-x86-2.7.8-41.1.ia64.rpm libxml2-2.7.8-41.1.x86_64.rpm libxml2-debuginfo-2.7.8-41.1.x86_64.rpm libxml2-debugsource-2.7.8-41.1.x86_64.rpm libxml2-devel-2.7.8-41.1.x86_64.rpm 2013-50 moderate openSUSE Evergreen 11.4 clamav was updated to version 0.97.7 (bnc#809945) and contains several hardening fixes which might be security issues. clamav-0.97.7-17.1.i586.rpm clamav-0.97.7-17.1.src.rpm clamav-db-0.97.7-17.1.noarch.rpm clamav-debuginfo-0.97.7-17.1.i586.rpm clamav-debugsource-0.97.7-17.1.i586.rpm clamav-0.97.7-17.1.x86_64.rpm clamav-debuginfo-0.97.7-17.1.x86_64.rpm clamav-debugsource-0.97.7-17.1.x86_64.rpm 2012-2 important openSUSE Evergreen 11.4 Update to 11.2.202.251: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system flash-player-11.2.202.251-31.1.i586.rpm flash-player-11.2.202.251-31.1.nosrc.rpm flash-player-gnome-11.2.202.251-31.1.i586.rpm flash-player-kde4-11.2.202.251-31.1.i586.rpm flash-player-11.2.202.251-31.1.x86_64.rpm flash-player-gnome-11.2.202.251-31.1.x86_64.rpm flash-player-kde4-11.2.202.251-31.1.x86_64.rpm 2013-47 moderate openSUSE Evergreen 11.4 krb5 was updated to fix a security issues in PKINIT: - fix PKINIT null pointer deref (CVE-2013-1415 bnc#806715) krb5-1.8.3-55.1.i586.rpm krb5-1.8.3-55.1.src.rpm krb5-32bit-1.8.3-55.1.x86_64.rpm krb5-client-1.8.3-55.1.i586.rpm krb5-client-debuginfo-1.8.3-55.1.i586.rpm krb5-debuginfo-1.8.3-55.1.i586.rpm krb5-debuginfo-32bit-1.8.3-55.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-55.1.ia64.rpm krb5-debugsource-1.8.3-55.1.i586.rpm krb5-devel-1.8.3-55.1.i586.rpm krb5-devel-32bit-1.8.3-55.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-55.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-55.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-55.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-55.1.i586.rpm krb5-server-1.8.3-55.1.i586.rpm krb5-server-debuginfo-1.8.3-55.1.i586.rpm krb5-x86-1.8.3-55.1.ia64.rpm krb5-1.8.3-55.1.x86_64.rpm krb5-client-1.8.3-55.1.x86_64.rpm krb5-client-debuginfo-1.8.3-55.1.x86_64.rpm krb5-debuginfo-1.8.3-55.1.x86_64.rpm krb5-debugsource-1.8.3-55.1.x86_64.rpm krb5-devel-1.8.3-55.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-55.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-55.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-55.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-55.1.x86_64.rpm krb5-server-1.8.3-55.1.x86_64.rpm krb5-server-debuginfo-1.8.3-55.1.x86_64.rpm 2013-55 important openSUSE Evergreen 11.4 NRPE (the Nagios Remote Plug-In Executor) allows the passing of $() to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as (typically, 'nagios'). With this update NRPE will deny remote requests containing a bash command substitution. nagios-nrpe-2.12-25.2.i586.rpm nagios-nrpe-2.12-25.2.src.rpm nagios-nrpe-debuginfo-2.12-25.2.i586.rpm nagios-nrpe-debugsource-2.12-25.2.i586.rpm nagios-nrpe-doc-2.12-25.2.i586.rpm nagios-plugins-nrpe-2.12-25.2.i586.rpm nagios-plugins-nrpe-debuginfo-2.12-25.2.i586.rpm nagios-nrpe-2.12-25.2.x86_64.rpm nagios-nrpe-debuginfo-2.12-25.2.x86_64.rpm nagios-nrpe-debugsource-2.12-25.2.x86_64.rpm nagios-nrpe-doc-2.12-25.2.x86_64.rpm nagios-plugins-nrpe-2.12-25.2.x86_64.rpm nagios-plugins-nrpe-debuginfo-2.12-25.2.x86_64.rpm 2013-48 moderate openSUSE Evergreen 11.4 nss-pam-ldap was updated to fix a FD_SET overflow, happening when more than 1024 filedescriptors are opened. (CVE-2013-0288) nss-pam-ldapd-0.7.13-6.1.i586.rpm nss-pam-ldapd-0.7.13-6.1.src.rpm nss-pam-ldapd-32bit-0.7.13-6.1.x86_64.rpm nss-pam-ldapd-debuginfo-0.7.13-6.1.i586.rpm nss-pam-ldapd-debuginfo-32bit-0.7.13-6.1.x86_64.rpm nss-pam-ldapd-debuginfo-x86-0.7.13-6.1.ia64.rpm nss-pam-ldapd-debugsource-0.7.13-6.1.i586.rpm nss-pam-ldapd-x86-0.7.13-6.1.ia64.rpm nss-pam-ldapd-0.7.13-6.1.x86_64.rpm nss-pam-ldapd-debuginfo-0.7.13-6.1.x86_64.rpm nss-pam-ldapd-debugsource-0.7.13-6.1.x86_64.rpm 2013-54 low openSUSE Evergreen 11.4 Ruby was updated to fix a XML entity expansion denial of service attack (CVE-2013-1821) ruby-1.8.7.p357-0.32.1.i586.rpm ruby-1.8.7.p357-0.32.1.src.rpm ruby-debuginfo-1.8.7.p357-0.32.1.i586.rpm ruby-debugsource-1.8.7.p357-0.32.1.i586.rpm ruby-devel-1.8.7.p357-0.32.1.i586.rpm ruby-doc-html-1.8.7.p357-0.32.1.noarch.rpm ruby-doc-ri-1.8.7.p357-0.32.1.noarch.rpm ruby-examples-1.8.7.p357-0.32.1.i586.rpm ruby-test-suite-1.8.7.p357-0.32.1.i586.rpm ruby-tk-1.8.7.p357-0.32.1.i586.rpm ruby-tk-debuginfo-1.8.7.p357-0.32.1.i586.rpm ruby-1.8.7.p357-0.32.1.x86_64.rpm ruby-debuginfo-1.8.7.p357-0.32.1.x86_64.rpm ruby-debugsource-1.8.7.p357-0.32.1.x86_64.rpm ruby-devel-1.8.7.p357-0.32.1.x86_64.rpm ruby-examples-1.8.7.p357-0.32.1.x86_64.rpm ruby-test-suite-1.8.7.p357-0.32.1.x86_64.rpm ruby-tk-1.8.7.p357-0.32.1.x86_64.rpm ruby-tk-debuginfo-1.8.7.p357-0.32.1.x86_64.rpm 2013-53 moderate openSUSE Evergreen 11.4 Two denial of service problems (crashes with NULL pointer derference) were fixed in libxslt, which could potentially be used by remote attackers to crash libxslt using programs. libxslt-1.1.26-3.17.1.i586.rpm libxslt-1.1.26-3.17.1.src.rpm libxslt-32bit-1.1.26-3.17.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.17.1.i586.rpm libxslt-debuginfo-32bit-1.1.26-3.17.1.x86_64.rpm libxslt-debuginfo-x86-1.1.26-3.17.1.ia64.rpm libxslt-debugsource-1.1.26-3.17.1.i586.rpm libxslt-devel-1.1.26-3.17.1.i586.rpm libxslt-devel-32bit-1.1.26-3.17.1.x86_64.rpm libxslt-x86-1.1.26-3.17.1.ia64.rpm libxslt-1.1.26-3.17.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.17.1.x86_64.rpm libxslt-debugsource-1.1.26-3.17.1.x86_64.rpm libxslt-devel-1.1.26-3.17.1.x86_64.rpm 2013-67 moderate openSUSE Evergreen 11.4 bind was updated to 9.9.2-P2, fixing a security issue in regular expression handling. [CVE-2013-2266] [RT #32688] https://kb.isc.org/article/AA-00871 (bnc#811876) bind-9.9.2P2-45.1.i586.rpm bind-9.9.2P2-45.1.src.rpm bind-chrootenv-9.9.2P2-45.1.i586.rpm bind-debuginfo-9.9.2P2-45.1.i586.rpm bind-debugsource-9.9.2P2-45.1.i586.rpm bind-devel-9.9.2P2-45.1.i586.rpm bind-doc-9.9.2P2-45.1.noarch.rpm bind-libs-32bit-9.9.2P2-45.1.x86_64.rpm bind-libs-9.9.2P2-45.1.i586.rpm bind-libs-debuginfo-32bit-9.9.2P2-45.1.x86_64.rpm bind-libs-debuginfo-9.9.2P2-45.1.i586.rpm bind-libs-debuginfo-x86-9.9.2P2-45.1.ia64.rpm bind-libs-x86-9.9.2P2-45.1.ia64.rpm bind-lwresd-9.9.2P2-45.1.i586.rpm bind-lwresd-debuginfo-9.9.2P2-45.1.i586.rpm bind-utils-9.9.2P2-45.1.i586.rpm bind-utils-debuginfo-9.9.2P2-45.1.i586.rpm bind-9.9.2P2-45.1.x86_64.rpm bind-chrootenv-9.9.2P2-45.1.x86_64.rpm bind-debuginfo-9.9.2P2-45.1.x86_64.rpm bind-debugsource-9.9.2P2-45.1.x86_64.rpm bind-devel-9.9.2P2-45.1.x86_64.rpm bind-libs-9.9.2P2-45.1.x86_64.rpm bind-libs-debuginfo-9.9.2P2-45.1.x86_64.rpm bind-lwresd-9.9.2P2-45.1.x86_64.rpm bind-lwresd-debuginfo-9.9.2P2-45.1.x86_64.rpm bind-utils-9.9.2P2-45.1.x86_64.rpm bind-utils-debuginfo-9.9.2P2-45.1.x86_64.rpm 2013-57 moderate openSUSE Evergreen 11.4 apache2 was updated to fix: - fix for cross site scripting vulnerability in mod_balancer. This is CVE-2012-4558 [bnc#807152] - fixes for low profile cross site scripting vulnerabilities, known as CVE-2012-3499 [bnc#806458] - Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory. CVE-2012-2687 [bnc#777260] And also these bugs: - httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when checking against SNI server names. [bnc#798733] apache2-2.2.17-4.68.1.i586.rpm apache2-2.2.17-4.68.1.src.rpm apache2-debuginfo-2.2.17-4.68.1.i586.rpm apache2-debugsource-2.2.17-4.68.1.i586.rpm apache2-devel-2.2.17-4.68.1.i586.rpm apache2-doc-2.2.17-4.68.1.noarch.rpm apache2-event-2.2.17-4.68.1.i586.rpm apache2-event-debuginfo-2.2.17-4.68.1.i586.rpm apache2-example-certificates-2.2.17-4.68.1.i586.rpm apache2-example-pages-2.2.17-4.68.1.i586.rpm apache2-itk-2.2.17-4.68.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.68.1.i586.rpm apache2-prefork-2.2.17-4.68.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.68.1.i586.rpm apache2-utils-2.2.17-4.68.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.68.1.i586.rpm apache2-worker-2.2.17-4.68.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.68.1.i586.rpm apache2-2.2.17-4.68.1.x86_64.rpm apache2-debuginfo-2.2.17-4.68.1.x86_64.rpm apache2-debugsource-2.2.17-4.68.1.x86_64.rpm apache2-devel-2.2.17-4.68.1.x86_64.rpm apache2-event-2.2.17-4.68.1.x86_64.rpm apache2-event-debuginfo-2.2.17-4.68.1.x86_64.rpm apache2-example-certificates-2.2.17-4.68.1.x86_64.rpm apache2-example-pages-2.2.17-4.68.1.x86_64.rpm apache2-itk-2.2.17-4.68.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.68.1.x86_64.rpm apache2-prefork-2.2.17-4.68.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.68.1.x86_64.rpm apache2-utils-2.2.17-4.68.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.68.1.x86_64.rpm apache2-worker-2.2.17-4.68.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.68.1.x86_64.rpm 2013-62 moderate openSUSE Evergreen 11.4 Various security issues were fixed in puppet. CVE-2013-1655 CVE-2013-2275 CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 puppet-2.6.17-29.1.i586.rpm puppet-2.6.17-29.1.src.rpm puppet-server-2.6.17-29.1.i586.rpm puppet-2.6.17-29.1.x86_64.rpm puppet-server-2.6.17-29.1.x86_64.rpm 2013-51 moderate openSUSE Evergreen 11.4 privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 (bnc#809123) - changes in 3.0.21 * On POSIX-like platforms, network sockets with file descriptor values above FD_SETSIZE are properly rejected. Previously they could cause memory corruption in configurations that allowed the limit to be reached. * Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentionally allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley. * Compiles on OS/2 again now that unistd.h is only included on platforms that have it. * The show-status page shows the FEATURE_STRPTIME_SANITY_CHECKS status. * A couple of assert()s that could theoretically dereference NULL pointers in debug builds have been relocated. * Added an LSB info block to the generic start script. Based on a patch from Natxo Asenjo. * The max-client-connections default has been changed to 128 which should be more than enough for most setups. * Block rover.ebay./ar.*\&adtype= instead of "/.*\&adtype=" which caused too man false positives. Reported by u302320 in #360284, additional feedback from Adam Piggott. * Unblock '.advrider.com/' and '/.*ADVrider'. Anonymously reported in #3603636. * Stop blocking '/js/slider\.js'. Reported by Adam Piggott in #3606635 and _lvm in #2791160. * Added an iframes filter. * The whole GPLv2 text is included in the user manual now, so Privoxy can serve it itself and the user can read it without having to wade through GPLv3 ads first. * Properly numbered and underlined a couple of section titles in the config that where previously overlooked due to a flaw in the conversion script. Reported by Ralf Jungblut. * Improved the support instruction to hopefully make it harder to unintentionally provide insufficient information when requesting support. Previously it wasn't obvious that the information we need in bug reports is usually also required in support requests. * Removed documentation about packages that haven't been provided in years. * Only log the test number when not running in verbose mode The position of the test is rarely relevant and it previously - for full list of changes see ChangeLog file shipped together with this package privoxy-3.0.21-7.1.i586.rpm privoxy-3.0.21-7.1.src.rpm privoxy-debuginfo-3.0.21-7.1.i586.rpm privoxy-debugsource-3.0.21-7.1.i586.rpm privoxy-doc-3.0.21-7.1.i586.rpm privoxy-3.0.21-7.1.x86_64.rpm privoxy-debuginfo-3.0.21-7.1.x86_64.rpm privoxy-debugsource-3.0.21-7.1.x86_64.rpm privoxy-doc-3.0.21-7.1.x86_64.rpm 2013-52 low openSUSE Evergreen 11.4 This update of fail2ban fixes a startup related startup-problem and a security problem fixed upstream (CVE-2012-5642). fail2ban-0.8.4-18.1.noarch.rpm fail2ban-0.8.4-18.1.src.rpm 2012-7 low openSUSE Evergreen 11.4 - NULL pointer dereference (bnc#778669, CVE-2012-4233) - bullet-color-pptx-import.diff: bullets should have same color as following text by default; missing part of the fix (bnc#734733) - update to suse-3.5.4.13 (SUSE 3.5 bugfix release 13, based on upstream 3.5.6-rc2) * polygon fill rule (bnc#759172) * open XML in Writer (bnc#777181) * undo in text objects (fdo#36138) * broken numbering level (bnc#760019) * better MathML detection (bnc#774921) * pictures in DOCX import (bnc#772094) * collapsing border painting (fdo#39415) * better DOCX text box export (fdo#45724) * hidden text in PPTX import (bnc#759180) * slide notes in PPTX import (bnc#768027) * RTL paragraphs in DOC import (fdo#43398) * better vertical text imports (bnc#744510) * HYPERLINK field in DOCX import (fdo#51034) * shadow color on partial redraw (bnc#773515) * floating objects in DOCX import (bnc#775899) * graphite2 hyphenation regression (fdo#49486) * missing shape position and size (bnc#760997) * page style attributes in ODF import (fdo#38056) * browsing in Template dialog crasher (fdo#46249) * wrong master slide shape being used (bnc#758565) * page borders regression in ODT import (fdo#38056) * invalidate bound rect after drag&amp;drop (fdo#44534) * rotated shape margins in PPTX import (bnc#773048) * pasting into more than 1 sheet crasher (fdo#47311) * crashers in PPT/PPTX import (bnc#768027, bnc#774167 * missing footnote in DOCX/DOC/RTF export (fdo#46020) * checkbox no-label behaviour (fdo#51336, bnc#757602) * try somewhat harder to read w:position (bnc#773061) * FormatNumber can handle sal_uInt32 values (fdo#51793) * rectangle-paragraph tables in DOCX import (bnc#775899) * header and bullet in slideshow transition (bnc#759172) * default background color in DOC/DOCX export (fdo#45724) * font name / size attributes in DOCX import (bnc#774681) * zero rect. size causing wrong line positions (fdo#47434) * adjusted display of Bracket/BracePair in PPT (bnc#741480) * use Unicode functions for QuickStarter tooltip (fdo#52143) * TabRatio API and detect macro at group shape fixes (bnc#770708) * indented text in DOCX file does not wrap correctly (bnc#775906) * undocked toolbars do not show all icons in special ratio (fdo#47071) * cross-reference text when Caption order is Numbering first (fdo#50801) * bullet color same as following text by default (bnc#719988, bnc#734733) * misc RTF import fixes (rhbz#819304, fdo#49666, bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335, fdo#48446, fdo#49892, fdo#46966) - update to libvisio 0.0.19: * file displays as blank page in Draw (fdo#50990) - use the vendor SUSE instead of Novell, Inc. - install-with-vendor-SUSE.diff: fix installation with the vendor "SUSE" libreoffice-branding-upstream-3.5.4.13-103.1.noarch.rpm libreoffice-branding-upstream-3.5.4.13-103.1.src.rpm libreoffice-help-en-US-3.5.4.13-103.1.noarch.rpm libreoffice-help-en-US-3.5.4.13-103.1.src.rpm libreoffice-help-cs-3.5.4.13-103.1.noarch.rpm libreoffice-help-da-3.5.4.13-103.1.noarch.rpm libreoffice-help-de-3.5.4.13-103.1.noarch.rpm libreoffice-help-en-GB-3.5.4.13-103.1.noarch.rpm libreoffice-help-group1-3.5.4.13-103.1.src.rpm libreoffice-help-en-ZA-3.5.4.13-103.1.noarch.rpm libreoffice-help-es-3.5.4.13-103.1.noarch.rpm libreoffice-help-et-3.5.4.13-103.1.noarch.rpm libreoffice-help-fr-3.5.4.13-103.1.noarch.rpm libreoffice-help-gl-3.5.4.13-103.1.noarch.rpm libreoffice-help-group2-3.5.4.13-103.1.src.rpm libreoffice-help-group3-3.5.4.13-103.1.src.rpm libreoffice-help-gu-IN-3.5.4.13-103.1.noarch.rpm libreoffice-help-hi-IN-3.5.4.13-103.1.noarch.rpm libreoffice-help-hu-3.5.4.13-103.1.noarch.rpm libreoffice-help-it-3.5.4.13-103.1.noarch.rpm libreoffice-help-ja-3.5.4.13-103.1.noarch.rpm libreoffice-help-km-3.5.4.13-103.1.noarch.rpm libreoffice-help-group4-3.5.4.13-103.1.src.rpm libreoffice-help-ko-3.5.4.13-103.1.noarch.rpm libreoffice-help-nl-3.5.4.13-103.1.noarch.rpm libreoffice-help-pl-3.5.4.13-103.1.noarch.rpm libreoffice-help-pt-3.5.4.13-103.1.noarch.rpm libreoffice-help-group5-3.5.4.13-103.1.src.rpm libreoffice-help-pt-BR-3.5.4.13-103.1.noarch.rpm libreoffice-help-ru-3.5.4.13-103.1.noarch.rpm libreoffice-help-sl-3.5.4.13-103.1.noarch.rpm libreoffice-help-sv-3.5.4.13-103.1.noarch.rpm libreoffice-help-zh-CN-3.5.4.13-103.1.noarch.rpm libreoffice-help-zh-TW-3.5.4.13-103.1.noarch.rpm libreoffice-icon-theme-crystal-3.5.4.13-103.1.noarch.rpm libreoffice-icon-theme-galaxy-3.5.4.13-103.1.noarch.rpm libreoffice-icon-theme-hicontrast-3.5.4.13-103.1.noarch.rpm libreoffice-icon-theme-oxygen-3.5.4.13-103.1.noarch.rpm libreoffice-icon-theme-tango-3.5.4.13-103.1.noarch.rpm libreoffice-icon-themes-3.5.4.13-103.1.src.rpm libreoffice-l10n-3.5.4.13-103.1.src.rpm libreoffice-l10n-af-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ar-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-be-BY-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-bg-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-br-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ca-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-cs-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-cy-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-da-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-de-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-el-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-en-GB-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-en-ZA-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-es-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-et-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-fi-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-fr-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ga-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-gl-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-gu-IN-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-he-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-hi-IN-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-hr-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-hu-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-it-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ja-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ka-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-km-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ko-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-lt-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-mk-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-nb-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-nl-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-nn-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-nr-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-pa-IN-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-pl-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-pt-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-pt-BR-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ru-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-rw-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-sh-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-sk-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-sl-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-sr-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ss-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-st-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-sv-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-tg-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-th-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-tr-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ts-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-uk-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-ve-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-vi-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-xh-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-zh-CN-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-zh-TW-3.5.4.13-103.1.noarch.rpm libreoffice-l10n-zu-3.5.4.13-103.1.noarch.rpm libreoffice-3.5.4.13-103.1.i586.rpm libreoffice-3.5.4.13-103.1.src.rpm libreoffice-base-3.5.4.13-103.1.i586.rpm libreoffice-base-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-base-drivers-mysql-3.5.4.13-103.1.i586.rpm libreoffice-base-drivers-mysql-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-base-drivers-postgresql-3.5.4.13-103.1.i586.rpm libreoffice-base-drivers-postgresql-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-base-extensions-3.5.4.13-103.1.i586.rpm libreoffice-calc-3.5.4.13-103.1.i586.rpm libreoffice-calc-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-calc-extensions-3.5.4.13-103.1.i586.rpm libreoffice-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-debugsource-3.5.4.13-103.1.i586.rpm libreoffice-draw-3.5.4.13-103.1.i586.rpm libreoffice-draw-extensions-3.5.4.13-103.1.i586.rpm libreoffice-draw-extensions-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-filters-optional-3.5.4.13-103.1.i586.rpm libreoffice-filters-optional-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-gnome-3.5.4.13-103.1.i586.rpm libreoffice-gnome-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-icon-themes-prebuilt-3.5.4.13-103.1.i586.rpm libreoffice-impress-3.5.4.13-103.1.i586.rpm libreoffice-impress-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-impress-extensions-3.5.4.13-103.1.i586.rpm libreoffice-impress-extensions-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-kde-3.5.4.13-103.1.i586.rpm libreoffice-kde-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-kde4-3.5.4.13-103.1.i586.rpm libreoffice-kde4-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-l10n-prebuilt-3.5.4.13-103.1.i586.rpm libreoffice-mailmerge-3.5.4.13-103.1.i586.rpm libreoffice-math-3.5.4.13-103.1.i586.rpm libreoffice-math-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-officebean-3.5.4.13-103.1.i586.rpm libreoffice-officebean-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-pyuno-3.5.4.13-103.1.i586.rpm libreoffice-pyuno-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-sdk-3.5.4.13-103.1.i586.rpm libreoffice-sdk-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-sdk-doc-3.5.4.13-103.1.i586.rpm libreoffice-writer-3.5.4.13-103.1.i586.rpm libreoffice-writer-debuginfo-3.5.4.13-103.1.i586.rpm libreoffice-writer-extensions-3.5.4.13-103.1.i586.rpm libreoffice-3.5.4.13-103.1.x86_64.rpm libreoffice-base-3.5.4.13-103.1.x86_64.rpm libreoffice-base-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-base-drivers-mysql-3.5.4.13-103.1.x86_64.rpm libreoffice-base-drivers-mysql-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-base-drivers-postgresql-3.5.4.13-103.1.x86_64.rpm libreoffice-base-drivers-postgresql-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-base-extensions-3.5.4.13-103.1.x86_64.rpm libreoffice-calc-3.5.4.13-103.1.x86_64.rpm libreoffice-calc-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-calc-extensions-3.5.4.13-103.1.x86_64.rpm libreoffice-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-debugsource-3.5.4.13-103.1.x86_64.rpm libreoffice-draw-3.5.4.13-103.1.x86_64.rpm libreoffice-draw-extensions-3.5.4.13-103.1.x86_64.rpm libreoffice-draw-extensions-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-filters-optional-3.5.4.13-103.1.x86_64.rpm libreoffice-filters-optional-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-gnome-3.5.4.13-103.1.x86_64.rpm libreoffice-gnome-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-icon-themes-prebuilt-3.5.4.13-103.1.x86_64.rpm libreoffice-impress-3.5.4.13-103.1.x86_64.rpm libreoffice-impress-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-impress-extensions-3.5.4.13-103.1.x86_64.rpm libreoffice-impress-extensions-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-kde-3.5.4.13-103.1.x86_64.rpm libreoffice-kde-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-kde4-3.5.4.13-103.1.x86_64.rpm libreoffice-kde4-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-l10n-prebuilt-3.5.4.13-103.1.x86_64.rpm libreoffice-mailmerge-3.5.4.13-103.1.x86_64.rpm libreoffice-math-3.5.4.13-103.1.x86_64.rpm libreoffice-math-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-officebean-3.5.4.13-103.1.x86_64.rpm libreoffice-officebean-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-pyuno-3.5.4.13-103.1.x86_64.rpm libreoffice-pyuno-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-sdk-3.5.4.13-103.1.x86_64.rpm libreoffice-sdk-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-sdk-doc-3.5.4.13-103.1.x86_64.rpm libreoffice-writer-3.5.4.13-103.1.x86_64.rpm libreoffice-writer-debuginfo-3.5.4.13-103.1.x86_64.rpm libreoffice-writer-extensions-3.5.4.13-103.1.x86_64.rpm 2012-3 important openSUSE Evergreen 11.4 Fixed security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate Cross-Site Scripting; -a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date -an issue where specially crafted SVG images could allow execution of arbitrary code; -a moderate severity issue, as reported by the Google Security Group; details will be disclosed at a later date Full changelog available at: http://www.opera.com/docs/changelogs/unix/1210 opera-12.10-32.1.nosrc.rpm opera-12.10-32.1.x86_64.rpm opera-gtk-12.10-32.1.x86_64.rpm opera-kde4-12.10-32.1.x86_64.rpm opera-12.10-32.1.i586.rpm opera-gtk-12.10-32.1.i586.rpm opera-kde4-12.10-32.1.i586.rpm 2012-2 important openSUSE Evergreen 11.4 Update to 11.2.202.251: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system flash-player-11.2.202.251-27.1.nosrc.rpm flash-player-11.2.202.251-27.1.x86_64.rpm flash-player-gnome-11.2.202.251-27.1.x86_64.rpm flash-player-kde4-11.2.202.251-27.1.x86_64.rpm flash-player-11.2.202.251-27.1.i586.rpm flash-player-gnome-11.2.202.251-27.1.i586.rpm flash-player-kde4-11.2.202.251-27.1.i586.rpm