openSUSE-2012-750 moderate openSUSE 11.4 Update dbus-1-x11-1.4.1-7.31.1.i586.rpm dbus-1-x11-1.4.1-7.31.1.src.rpm dbus-1-x11-debuginfo-1.4.1-7.31.1.i586.rpm dbus-1-x11-debugsource-1.4.1-7.31.1.i586.rpm dbus-1-1.4.1-7.31.1.i586.rpm dbus-1-1.4.1-7.31.1.src.rpm dbus-1-32bit-1.4.1-7.31.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.31.1.i586.rpm dbus-1-debuginfo-32bit-1.4.1-7.31.1.x86_64.rpm dbus-1-debuginfo-x86-1.4.1-7.31.1.ia64.rpm dbus-1-debugsource-1.4.1-7.31.1.i586.rpm dbus-1-devel-1.4.1-7.31.1.i586.rpm dbus-1-devel-32bit-1.4.1-7.31.1.x86_64.rpm dbus-1-devel-doc-1.4.1-7.31.1.noarch.rpm dbus-1-x86-1.4.1-7.31.1.ia64.rpm dbus-1-x11-1.4.1-7.31.1.x86_64.rpm dbus-1-x11-debuginfo-1.4.1-7.31.1.x86_64.rpm dbus-1-x11-debugsource-1.4.1-7.31.1.x86_64.rpm dbus-1-1.4.1-7.31.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.31.1.x86_64.rpm dbus-1-debugsource-1.4.1-7.31.1.x86_64.rpm dbus-1-devel-1.4.1-7.31.1.x86_64.rpm openSUSE-2012-714 low openSUSE 11.4 Update The ca-certificates-mozilla certificate store was updated with the Mozilla certdata.txt update to 1.85. Following changes were done: * new "Actalis Authentication Root CA" * new "Trustis FPS Root CA" * new "StartCom Certification Authority" * new "StartCom Certification Authority G2" * new "Buypass Class 2 Root CA" * new "Buypass Class 3 Root CA" * updated: "Sonera Class2 CA": remove code-signing * updated: "thawte Primary Root CA": added code-signing * updated: "Trustis_FPS_Root_CA.pem": added code-signing * updated: VeriSign Class 3 Public Primary Certification Authority - G5": added code-signing, email-protection Mozilla tracker bug: https://bugzilla.mozilla.org/show_bug.cgi?id=757197 ca-certificates-mozilla-1.85-9.1.noarch.rpm ca-certificates-mozilla-1.85-9.1.src.rpm openSUSE-2012-719 low openSUSE 11.4 Update A denial of service attack (NULL ptr dereference) in claws mail was fixed. claws-mail-3.7.8-11.1.i586.rpm claws-mail-3.7.8-11.1.src.rpm claws-mail-debuginfo-3.7.8-11.1.i586.rpm claws-mail-debugsource-3.7.8-11.1.i586.rpm claws-mail-devel-3.7.8-11.1.i586.rpm claws-mail-lang-3.7.8-11.1.noarch.rpm claws-mail-3.7.8-11.1.x86_64.rpm claws-mail-debuginfo-3.7.8-11.1.x86_64.rpm claws-mail-debugsource-3.7.8-11.1.x86_64.rpm claws-mail-devel-3.7.8-11.1.x86_64.rpm openSUSE-2012-744 low openSUSE 11.4 Update This update fixes the following issues for openvpn: - bnc#781106: Fixed openvpn init script to not map reopen to reload so the reopen code is without any effect - bnc#692440: Added requested OPENVPN_AUTOSTART variable allowing to provide an optional list of config names started by default openvpn-2.1.4-11.30.1.i586.rpm openvpn-2.1.4-11.30.1.src.rpm openvpn-auth-pam-plugin-2.1.4-11.30.1.i586.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.30.1.i586.rpm openvpn-debuginfo-2.1.4-11.30.1.i586.rpm openvpn-debugsource-2.1.4-11.30.1.i586.rpm openvpn-down-root-plugin-2.1.4-11.30.1.i586.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.30.1.i586.rpm openvpn-2.1.4-11.30.1.x86_64.rpm openvpn-auth-pam-plugin-2.1.4-11.30.1.x86_64.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.30.1.x86_64.rpm openvpn-debuginfo-2.1.4-11.30.1.x86_64.rpm openvpn-debugsource-2.1.4-11.30.1.x86_64.rpm openvpn-down-root-plugin-2.1.4-11.30.1.x86_64.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.30.1.x86_64.rpm openSUSE-2012-737 low openSUSE 11.4 Update chmsee was rebuild to work with the Mozilla 16.0.1 release. chmsee-1.3.1.1-11.1.i586.rpm chmsee-1.3.1.1-11.1.src.rpm chmsee-debuginfo-1.3.1.1-11.1.i586.rpm chmsee-debugsource-1.3.1.1-11.1.i586.rpm chmsee-lang-1.3.1.1-11.1.noarch.rpm chmsee-1.3.1.1-11.1.x86_64.rpm chmsee-debuginfo-1.3.1.1-11.1.x86_64.rpm chmsee-debugsource-1.3.1.1-11.1.x86_64.rpm openSUSE-2012-734 low openSUSE 11.4 Update This update fixes the following issue for rsh: - bnc#783187: fork before exec to avoid SIGHUP from systemd-logind 11.4 only: - bnc#723593: Use a better fix. The current patch causes NULL dereference when pam getenvlist returns NULL (already fixed in 12.1 and 12.2) rsh-0.17-718.1.i586.rpm rsh-0.17-718.1.src.rpm rsh-debuginfo-0.17-718.1.i586.rpm rsh-debugsource-0.17-718.1.i586.rpm rsh-server-0.17-718.1.i586.rpm rsh-server-debuginfo-0.17-718.1.i586.rpm rsh-0.17-718.1.x86_64.rpm rsh-debuginfo-0.17-718.1.x86_64.rpm rsh-debugsource-0.17-718.1.x86_64.rpm rsh-server-0.17-718.1.x86_64.rpm rsh-server-debuginfo-0.17-718.1.x86_64.rpm openSUSE-2012-755 important openSUSE 11.4 Update java 1.6.0 openjdk / icedtea was updated to 1.11.5 (bnc#785433) * Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7167656, CVE-2012-5077: Multiple Seeders are being created - S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector - S7172522, CVE-2012-5072: Improve DomainCombiner checking - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC - S7189103, CVE-2012-5069: Executors needs to maintain state - S7189490: More improvements to DomainCombiner checking - S7189567, CVE-2012-5085: java net obselete protocol - S7192975, CVE-2012-5071: Conditional usage check is wrong - S7195194, CVE-2012-5084: Better data validation for Swing - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved - S7195919, CVE-2012-5079: (sl) ServiceLoader can throw CCE without needing to create instance - S7198296, CVE-2012-5089: Refactor classloader usage - S7158800: Improve storage of symbol tables - S7158801: Improve VM CompileOnly option - S7158804: Improve config file parsing - S7176337: Additional changes needed for 7158801 fix - S7198606, CVE-2012-4416: Improve VM optimization * Backports - S7175845: "jar uf" changes file permissions unexpectedly - S7177216: native2ascii changes file permissions of input file - S7199153: TEST_BUG: try-with-resources syntax pushed to 6-open repo * Bug fixes - PR1194: IcedTea tries to build with /usr/lib/jvm/java-openjdk (now a 1.7 VM) by default java-1_6_0-openjdk-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.5-21.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.5-21.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.5-21.1.x86_64.rpm openSUSE-2012-762 low openSUSE 11.4 Update This udpate fixes the following issue for enblend-enfuse: - bnc#786566: workaround vigra bug where arithmetic coded JPEG is always created with libjpeg-turbo enblend-enfuse-4.0-9.1.i586.rpm enblend-enfuse-4.0-9.1.src.rpm enblend-enfuse-debuginfo-4.0-9.1.i586.rpm enblend-enfuse-debugsource-4.0-9.1.i586.rpm enblend-enfuse-4.0-9.1.x86_64.rpm enblend-enfuse-debuginfo-4.0-9.1.x86_64.rpm enblend-enfuse-debugsource-4.0-9.1.x86_64.rpm openSUSE-2012-738 critical openSUSE 11.4 Update This update fixes a remotely exploitable overflow in DKIM handling. exim-4.80.1-23.1.i586.rpm exim-4.80.1-23.1.src.rpm exim-debuginfo-4.80.1-23.1.i586.rpm exim-debugsource-4.80.1-23.1.i586.rpm eximon-4.80.1-23.1.i586.rpm eximon-debuginfo-4.80.1-23.1.i586.rpm eximstats-html-4.80.1-23.1.i586.rpm exim-4.80.1-23.1.x86_64.rpm exim-debuginfo-4.80.1-23.1.x86_64.rpm exim-debugsource-4.80.1-23.1.x86_64.rpm eximon-4.80.1-23.1.x86_64.rpm eximon-debuginfo-4.80.1-23.1.x86_64.rpm eximstats-html-4.80.1-23.1.x86_64.rpm openSUSE-2012-745 important openSUSE 11.4 Update Mozilla Firefox, Thunderbird and XULRunner were updated to 16.0.2. Mozilla Seamonkey was updated to 2.13.2. Tracker bug: bnc#786522 A security issues was fixed: * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 (bmo#800666, bmo#793121, bmo#802557) Fixes for Location object issues The update also brings back Obsoletes for libproxy's mozjs plugin for distributions before 12.2 to avoid crashes MozillaFirefox-16.0.2-45.1.i586.rpm MozillaFirefox-16.0.2-45.1.src.rpm MozillaFirefox-branding-upstream-16.0.2-45.1.i586.rpm MozillaFirefox-buildsymbols-16.0.2-45.1.i586.rpm MozillaFirefox-debuginfo-16.0.2-45.1.i586.rpm MozillaFirefox-debugsource-16.0.2-45.1.i586.rpm MozillaFirefox-devel-16.0.2-45.1.i586.rpm MozillaFirefox-translations-common-16.0.2-45.1.i586.rpm MozillaFirefox-translations-other-16.0.2-45.1.i586.rpm MozillaThunderbird-16.0.2-37.1.i586.rpm MozillaThunderbird-16.0.2-37.1.src.rpm MozillaThunderbird-buildsymbols-16.0.2-37.1.i586.rpm MozillaThunderbird-debuginfo-16.0.2-37.1.i586.rpm MozillaThunderbird-debugsource-16.0.2-37.1.i586.rpm MozillaThunderbird-devel-16.0.2-37.1.i586.rpm MozillaThunderbird-devel-debuginfo-16.0.2-37.1.i586.rpm MozillaThunderbird-translations-common-16.0.2-37.1.i586.rpm MozillaThunderbird-translations-other-16.0.2-37.1.i586.rpm enigmail-1.4.5.+16.0.2-37.1.i586.rpm enigmail-debuginfo-1.4.5.+16.0.2-37.1.i586.rpm seamonkey-2.13.2-41.1.i586.rpm seamonkey-2.13.2-41.1.src.rpm seamonkey-debuginfo-2.13.2-41.1.i586.rpm seamonkey-debugsource-2.13.2-41.1.i586.rpm seamonkey-dom-inspector-2.13.2-41.1.i586.rpm seamonkey-irc-2.13.2-41.1.i586.rpm seamonkey-translations-common-2.13.2-41.1.i586.rpm seamonkey-translations-other-2.13.2-41.1.i586.rpm seamonkey-venkman-2.13.2-41.1.i586.rpm MozillaFirefox-16.0.2-45.1.x86_64.rpm MozillaFirefox-branding-upstream-16.0.2-45.1.x86_64.rpm MozillaFirefox-buildsymbols-16.0.2-45.1.x86_64.rpm MozillaFirefox-debuginfo-16.0.2-45.1.x86_64.rpm MozillaFirefox-debugsource-16.0.2-45.1.x86_64.rpm MozillaFirefox-devel-16.0.2-45.1.x86_64.rpm MozillaFirefox-translations-common-16.0.2-45.1.x86_64.rpm MozillaFirefox-translations-other-16.0.2-45.1.x86_64.rpm MozillaThunderbird-16.0.2-37.1.x86_64.rpm MozillaThunderbird-buildsymbols-16.0.2-37.1.x86_64.rpm MozillaThunderbird-debuginfo-16.0.2-37.1.x86_64.rpm MozillaThunderbird-debugsource-16.0.2-37.1.x86_64.rpm MozillaThunderbird-devel-16.0.2-37.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-16.0.2-37.1.x86_64.rpm MozillaThunderbird-translations-common-16.0.2-37.1.x86_64.rpm MozillaThunderbird-translations-other-16.0.2-37.1.x86_64.rpm enigmail-1.4.5.+16.0.2-37.1.x86_64.rpm enigmail-debuginfo-1.4.5.+16.0.2-37.1.x86_64.rpm seamonkey-2.13.2-41.1.x86_64.rpm seamonkey-debuginfo-2.13.2-41.1.x86_64.rpm seamonkey-debugsource-2.13.2-41.1.x86_64.rpm seamonkey-dom-inspector-2.13.2-41.1.x86_64.rpm seamonkey-irc-2.13.2-41.1.x86_64.rpm seamonkey-translations-common-2.13.2-41.1.x86_64.rpm seamonkey-translations-other-2.13.2-41.1.x86_64.rpm seamonkey-venkman-2.13.2-41.1.x86_64.rpm openSUSE-2012-746 important openSUSE 11.4 Update This update fixes the following issues for timezone: - bnc#787005: update to 2012h: * Samoa fall 2012 and later * Palestine fall 2012 * Bahia no longer has DST * Tocantins has DST * Israel has new DST rules next year * Jordan stays on DST this winter - Update Url from the glibc page (which doesn't talk about timezone data at all (anymore?)) to the IANA page which is much more informative. timezone-java-2012h-10.1.noarch.rpm timezone-java-2012h-10.1.src.rpm timezone-2012h-10.1.i586.rpm timezone-2012h-10.1.src.rpm timezone-debuginfo-2012h-10.1.i586.rpm timezone-debugsource-2012h-10.1.i586.rpm timezone-2012h-10.1.x86_64.rpm timezone-debuginfo-2012h-10.1.x86_64.rpm timezone-debugsource-2012h-10.1.x86_64.rpm openSUSE-2012-756 moderate openSUSE 11.4 Update The openSUSE 11.4 kernel was updated to fix various bugs and security issues. This is the final update of the 2.6.37 kernel of openSUSE 11.4. kernel-debug-2.6.37.6-24.1.i586.rpm True kernel-debug-2.6.37.6-24.1.nosrc.rpm True kernel-debug-base-2.6.37.6-24.1.i586.rpm True kernel-debug-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-debug-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-debug-debugsource-2.6.37.6-24.1.i586.rpm True kernel-debug-devel-2.6.37.6-24.1.i586.rpm True kernel-debug-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-default-2.6.37.6-24.1.i586.rpm True kernel-default-2.6.37.6-24.1.nosrc.rpm True kernel-default-base-2.6.37.6-24.1.i586.rpm True kernel-default-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-default-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-default-debugsource-2.6.37.6-24.1.i586.rpm True kernel-default-devel-2.6.37.6-24.1.i586.rpm True kernel-default-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-desktop-2.6.37.6-24.1.i586.rpm True kernel-desktop-2.6.37.6-24.1.nosrc.rpm True kernel-desktop-base-2.6.37.6-24.1.i586.rpm True kernel-desktop-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-desktop-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-desktop-debugsource-2.6.37.6-24.1.i586.rpm True kernel-desktop-devel-2.6.37.6-24.1.i586.rpm True kernel-desktop-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-docs-2.6.37.6-24.2.noarch.rpm True kernel-docs-2.6.37.6-24.2.src.rpm True kernel-ec2-2.6.37.6-24.1.i586.rpm True kernel-ec2-2.6.37.6-24.1.nosrc.rpm True kernel-ec2-base-2.6.37.6-24.1.i586.rpm True kernel-ec2-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-ec2-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-ec2-debugsource-2.6.37.6-24.1.i586.rpm True kernel-ec2-devel-2.6.37.6-24.1.i586.rpm True kernel-ec2-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-ec2-extra-2.6.37.6-24.1.i586.rpm True kernel-ec2-extra-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-pae-2.6.37.6-24.1.i586.rpm True kernel-pae-2.6.37.6-24.1.nosrc.rpm True kernel-pae-base-2.6.37.6-24.1.i586.rpm True kernel-pae-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-pae-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-pae-debugsource-2.6.37.6-24.1.i586.rpm True kernel-pae-devel-2.6.37.6-24.1.i586.rpm True kernel-pae-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-devel-2.6.37.6-24.1.noarch.rpm True kernel-source-2.6.37.6-24.1.noarch.rpm True kernel-source-2.6.37.6-24.1.src.rpm True kernel-source-vanilla-2.6.37.6-24.1.noarch.rpm True kernel-syms-2.6.37.6-24.1.i586.rpm True kernel-syms-2.6.37.6-24.1.src.rpm True kernel-trace-2.6.37.6-24.1.i586.rpm True kernel-trace-2.6.37.6-24.1.nosrc.rpm True kernel-trace-base-2.6.37.6-24.1.i586.rpm True kernel-trace-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-trace-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-trace-debugsource-2.6.37.6-24.1.i586.rpm True kernel-trace-devel-2.6.37.6-24.1.i586.rpm True kernel-trace-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vanilla-2.6.37.6-24.1.i586.rpm True kernel-vanilla-2.6.37.6-24.1.nosrc.rpm True kernel-vanilla-base-2.6.37.6-24.1.i586.rpm True kernel-vanilla-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vanilla-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vanilla-debugsource-2.6.37.6-24.1.i586.rpm True kernel-vanilla-devel-2.6.37.6-24.1.i586.rpm True kernel-vanilla-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vmi-2.6.37.6-24.1.i586.rpm True kernel-vmi-2.6.37.6-24.1.nosrc.rpm True kernel-vmi-base-2.6.37.6-24.1.i586.rpm True kernel-vmi-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vmi-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-vmi-debugsource-2.6.37.6-24.1.i586.rpm True kernel-vmi-devel-2.6.37.6-24.1.i586.rpm True kernel-vmi-devel-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-xen-2.6.37.6-24.1.i586.rpm True kernel-xen-2.6.37.6-24.1.nosrc.rpm True kernel-xen-base-2.6.37.6-24.1.i586.rpm True kernel-xen-base-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-xen-debuginfo-2.6.37.6-24.1.i586.rpm True kernel-xen-debugsource-2.6.37.6-24.1.i586.rpm True kernel-xen-devel-2.6.37.6-24.1.i586.rpm True kernel-xen-devel-debuginfo-2.6.37.6-24.1.i586.rpm True preload-1.2-6.19.1.i586.rpm True preload-1.2-6.19.1.src.rpm True preload-debuginfo-1.2-6.19.1.i586.rpm True preload-debugsource-1.2-6.19.1.i586.rpm True preload-kmp-default-1.2_k2.6.37.6_24-6.19.1.i586.rpm True preload-kmp-default-debuginfo-1.2_k2.6.37.6_24-6.19.1.i586.rpm True preload-kmp-desktop-1.2_k2.6.37.6_24-6.19.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_24-6.19.1.i586.rpm True kernel-debug-2.6.37.6-24.1.x86_64.rpm True kernel-debug-base-2.6.37.6-24.1.x86_64.rpm True kernel-debug-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-debug-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-debug-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-debug-devel-2.6.37.6-24.1.x86_64.rpm True kernel-debug-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-default-2.6.37.6-24.1.x86_64.rpm True kernel-default-base-2.6.37.6-24.1.x86_64.rpm True kernel-default-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-default-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-default-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-default-devel-2.6.37.6-24.1.x86_64.rpm True kernel-default-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-base-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-devel-2.6.37.6-24.1.x86_64.rpm True kernel-desktop-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-base-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-devel-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-extra-2.6.37.6-24.1.x86_64.rpm True kernel-ec2-extra-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-syms-2.6.37.6-24.1.x86_64.rpm True kernel-trace-2.6.37.6-24.1.x86_64.rpm True kernel-trace-base-2.6.37.6-24.1.x86_64.rpm True kernel-trace-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-trace-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-trace-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-trace-devel-2.6.37.6-24.1.x86_64.rpm True kernel-trace-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-base-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-devel-2.6.37.6-24.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-xen-2.6.37.6-24.1.x86_64.rpm True kernel-xen-base-2.6.37.6-24.1.x86_64.rpm True kernel-xen-base-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-xen-debuginfo-2.6.37.6-24.1.x86_64.rpm True kernel-xen-debugsource-2.6.37.6-24.1.x86_64.rpm True kernel-xen-devel-2.6.37.6-24.1.x86_64.rpm True kernel-xen-devel-debuginfo-2.6.37.6-24.1.x86_64.rpm True preload-1.2-6.19.1.x86_64.rpm True preload-debuginfo-1.2-6.19.1.x86_64.rpm True preload-debugsource-1.2-6.19.1.x86_64.rpm True preload-kmp-default-1.2_k2.6.37.6_24-6.19.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_k2.6.37.6_24-6.19.1.x86_64.rpm True preload-kmp-desktop-1.2_k2.6.37.6_24-6.19.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_24-6.19.1.x86_64.rpm True openSUSE-2012-763 moderate openSUSE 11.4 Update This update of ruby fixed multiple SAFE level bypass flaws. ruby-1.8.7.p357-0.28.1.i586.rpm ruby-1.8.7.p357-0.28.1.src.rpm ruby-debuginfo-1.8.7.p357-0.28.1.i586.rpm ruby-debugsource-1.8.7.p357-0.28.1.i586.rpm ruby-devel-1.8.7.p357-0.28.1.i586.rpm ruby-doc-html-1.8.7.p357-0.28.1.noarch.rpm ruby-doc-ri-1.8.7.p357-0.28.1.noarch.rpm ruby-examples-1.8.7.p357-0.28.1.i586.rpm ruby-test-suite-1.8.7.p357-0.28.1.i586.rpm ruby-tk-1.8.7.p357-0.28.1.i586.rpm ruby-tk-debuginfo-1.8.7.p357-0.28.1.i586.rpm ruby-1.8.7.p357-0.28.1.x86_64.rpm ruby-debuginfo-1.8.7.p357-0.28.1.x86_64.rpm ruby-debugsource-1.8.7.p357-0.28.1.x86_64.rpm ruby-devel-1.8.7.p357-0.28.1.x86_64.rpm ruby-examples-1.8.7.p357-0.28.1.x86_64.rpm ruby-test-suite-1.8.7.p357-0.28.1.x86_64.rpm ruby-tk-1.8.7.p357-0.28.1.x86_64.rpm ruby-tk-debuginfo-1.8.7.p357-0.28.1.x86_64.rpm openSUSE-2012-758 low openSUSE 11.4 Update Some potential mcrypt buffer overflows in the commandline tool were fixed, which could lead to early aborts of mcrypt. Due to FORTIFY_SOURCE catching such cases, it would have only aborted mcrypt with a buffer overflow backtrace. mcrypt-2.6.8-24.1.i586.rpm mcrypt-2.6.8-24.1.src.rpm mcrypt-debuginfo-2.6.8-24.1.i586.rpm mcrypt-debugsource-2.6.8-24.1.i586.rpm mcrypt-2.6.8-24.1.x86_64.rpm mcrypt-debuginfo-2.6.8-24.1.x86_64.rpm mcrypt-debugsource-2.6.8-24.1.x86_64.rpm openSUSE-2012-174 moderate openSUSE 11.4 Update Specially crafted MIME headers could crash openssl's ASN.1 parser libopenssl-devel-1.0.0c-18.34.1.i586.rpm libopenssl1_0_0-1.0.0c-18.34.1.i586.rpm libopenssl1_0_0-32bit-1.0.0c-18.34.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.34.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.34.1.x86_64.rpm openssl-1.0.0c-18.34.1.i586.rpm openssl-1.0.0c-18.34.1.src.rpm openssl-debuginfo-1.0.0c-18.34.1.i586.rpm openssl-debugsource-1.0.0c-18.34.1.i586.rpm openssl-doc-1.0.0c-18.34.1.noarch.rpm libopenssl-devel-1.0.0c-18.34.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.34.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.34.1.x86_64.rpm openssl-1.0.0c-18.34.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.34.1.x86_64.rpm openssl-debugsource-1.0.0c-18.34.1.x86_64.rpm openSUSE-2012-173 moderate openSUSE 11.4 Update This update fixes the following issue for python: - Fix regression in acceptance of unicode strings in add_option calls (http://bugs.python.org/issue9161) python-2.7-9.40.1.i586.rpm python-2.7-9.40.1.src.rpm python-32bit-2.7-9.40.1.x86_64.rpm python-curses-2.7-9.40.1.i586.rpm python-curses-debuginfo-2.7-9.40.1.i586.rpm python-debuginfo-2.7-9.40.1.i586.rpm python-debuginfo-32bit-2.7-9.40.1.x86_64.rpm python-debugsource-2.7-9.40.1.i586.rpm python-demo-2.7-9.40.1.i586.rpm python-gdbm-2.7-9.40.1.i586.rpm python-gdbm-debuginfo-2.7-9.40.1.i586.rpm python-idle-2.7-9.40.1.i586.rpm python-tk-2.7-9.40.1.i586.rpm python-tk-debuginfo-2.7-9.40.1.i586.rpm python-2.7-9.40.1.x86_64.rpm python-curses-2.7-9.40.1.x86_64.rpm python-curses-debuginfo-2.7-9.40.1.x86_64.rpm python-debuginfo-2.7-9.40.1.x86_64.rpm python-debugsource-2.7-9.40.1.x86_64.rpm python-demo-2.7-9.40.1.x86_64.rpm python-gdbm-2.7-9.40.1.x86_64.rpm python-gdbm-debuginfo-2.7-9.40.1.x86_64.rpm python-idle-2.7-9.40.1.x86_64.rpm python-tk-2.7-9.40.1.x86_64.rpm python-tk-debuginfo-2.7-9.40.1.x86_64.rpm openSUSE-2012-168 moderate openSUSE 11.4 Update - update to 1.2 - New features: * Signed JNLP support * Support for client authentication certificates * Cache size enforcement now supported via itweb-settings * Applet parameter passing through JNLP files now supported * Better icons for access warning dialog * Security Dialog UI revamped to make it look less threatening when appropriate - Fixes (plugin, webstart, common) * PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error * PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application * PR788: Elluminate Live! is not working * PR804: javaws launcher incorrectly handles file names with spaces * PR820, bnc#746895: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp * PR838: IcedTea plugin crashes with chrome browser when javascript is executed * PR852: Classloader not being flushed after last applet from a site is closed * RH586194: Unable to connect to connect with Juniper VPN client * PR771: IcedTea-Web certificate verification code does not use the right API * PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted. * PR789: typo in jrunscript.sh * PR808: javaws is unable to start, when missing jars are enumerated before main jar * RH738814: Access denied at ssl handshake * Support for authenticating using client certificates - fix bnc#737105/FATE#313084: add Supplements: packageand(broswer(npapi):java-openjdk) ensures the web plugin is pulled in when openjdk and capable browser is installed - enable make check in respective section icedtea-web-1.2-0.10.1.i586.rpm icedtea-web-1.2-0.10.1.src.rpm icedtea-web-debuginfo-1.2-0.10.1.i586.rpm icedtea-web-debugsource-1.2-0.10.1.i586.rpm icedtea-web-javadoc-1.2-0.10.1.noarch.rpm icedtea-web-1.2-0.10.1.x86_64.rpm icedtea-web-debuginfo-1.2-0.10.1.x86_64.rpm icedtea-web-debugsource-1.2-0.10.1.x86_64.rpm openSUSE-2012-172 moderate openSUSE 11.4 Update the previous logrotate introduced a regression that made logrotate fail in some cases logrotate-3.7.9-6.12.1.i586.rpm logrotate-3.7.9-6.12.1.src.rpm logrotate-debuginfo-3.7.9-6.12.1.i586.rpm logrotate-debugsource-3.7.9-6.12.1.i586.rpm logrotate-3.7.9-6.12.1.x86_64.rpm logrotate-debuginfo-3.7.9-6.12.1.x86_64.rpm logrotate-debugsource-3.7.9-6.12.1.x86_64.rpm openSUSE-2012-188 important openSUSE 11.4 Update Adding 'su' option to syslogd lograte configuration to fix the following error message: "/var/log/news" has insecure permissions. It must be owned and be writable by root only to avoid security issues. klogd-1.4.1-735.1.i586.rpm klogd-debuginfo-1.4.1-735.1.i586.rpm syslogd-1.4.1-735.1.i586.rpm syslogd-1.4.1-735.1.src.rpm syslogd-debuginfo-1.4.1-735.1.i586.rpm syslogd-debugsource-1.4.1-735.1.i586.rpm klogd-1.4.1-735.1.x86_64.rpm klogd-debuginfo-1.4.1-735.1.x86_64.rpm syslogd-1.4.1-735.1.x86_64.rpm syslogd-debuginfo-1.4.1-735.1.x86_64.rpm syslogd-debugsource-1.4.1-735.1.x86_64.rpm openSUSE-2012-167 low openSUSE 11.4 Update This update to jakarta-commons-net fixes handling of FTP actions when remote file is in a sub-directory and has a date of Feb 29. jakarta-commons-net-1.4.1-12.1.noarch.rpm jakarta-commons-net-1.4.1-12.1.src.rpm jakarta-commons-net-javadoc-1.4.1-12.1.noarch.rpm openSUSE-2012-180 low openSUSE 11.4 Update perl-DBD-Pg was prone to format string errors which could crash applications perl-DBD-Pg-2.17.2-8.1.i586.rpm perl-DBD-Pg-2.17.2-8.1.src.rpm perl-DBD-Pg-debuginfo-2.17.2-8.1.i586.rpm perl-DBD-Pg-debugsource-2.17.2-8.1.i586.rpm perl-DBD-Pg-2.17.2-8.1.x86_64.rpm perl-DBD-Pg-debuginfo-2.17.2-8.1.x86_64.rpm perl-DBD-Pg-debugsource-2.17.2-8.1.x86_64.rpm openSUSE-2012-175 moderate openSUSE 11.4 Update Changes in MozillaThunderbird: - update to Thunderbird 11.0 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards Changes in mozilla-xulrunner192: - security update to 1.9.2.28 (bnc#750044) * MFSA 2011-55/CVE-2011-3658 (bmo#708186) nsSVGValue out-of-bounds access * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards Changes in MozillaFirefox: - update to Firefox 11.0 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards Changes in seamonkey: - update to Seamonkey 2.8 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards Changes in chmsee: - Update to version 1.99.08 Changes in mozilla-nss: - update to 3.13.3 RTM - distrust Trustwave's MITM certificates (bmo#724929) - fix generic blacklisting mechanism (bmo#727204) Changes in mozilla-nspr: - update to version 4.9 RTM MozillaFirefox-11.0-0.15.2.i586.rpm MozillaFirefox-11.0-0.15.2.src.rpm MozillaFirefox-branding-upstream-11.0-0.15.2.i586.rpm MozillaFirefox-buildsymbols-11.0-0.15.2.i586.rpm MozillaFirefox-debuginfo-11.0-0.15.2.i586.rpm MozillaFirefox-debugsource-11.0-0.15.2.i586.rpm MozillaFirefox-devel-11.0-0.15.2.i586.rpm MozillaFirefox-translations-common-11.0-0.15.2.i586.rpm MozillaFirefox-translations-other-11.0-0.15.2.i586.rpm MozillaThunderbird-3.1.20-0.15.4.i586.rpm MozillaThunderbird-3.1.20-0.15.4.src.rpm MozillaThunderbird-buildsymbols-3.1.20-0.15.4.i586.rpm MozillaThunderbird-debuginfo-3.1.20-0.15.4.i586.rpm MozillaThunderbird-debugsource-3.1.20-0.15.4.i586.rpm MozillaThunderbird-devel-3.1.20-0.15.4.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.20-0.15.4.i586.rpm MozillaThunderbird-translations-common-3.1.20-0.15.4.i586.rpm MozillaThunderbird-translations-other-3.1.20-0.15.4.i586.rpm enigmail-1.1.2+3.1.20-0.15.4.i586.rpm enigmail-debuginfo-1.1.2+3.1.20-0.15.4.i586.rpm mozilla-nspr-32bit-4.9.0-0.13.1.x86_64.rpm mozilla-nspr-4.9.0-0.13.1.i586.rpm mozilla-nspr-4.9.0-0.13.1.src.rpm mozilla-nspr-debuginfo-32bit-4.9.0-0.13.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.0-0.13.1.i586.rpm mozilla-nspr-debugsource-4.9.0-0.13.1.i586.rpm mozilla-nspr-devel-4.9.0-0.13.1.i586.rpm libfreebl3-3.13.3-0.41.2.i586.rpm libfreebl3-32bit-3.13.3-0.41.2.x86_64.rpm libfreebl3-debuginfo-3.13.3-0.41.2.i586.rpm libfreebl3-debuginfo-32bit-3.13.3-0.41.2.x86_64.rpm libsoftokn3-3.13.3-0.41.2.i586.rpm libsoftokn3-32bit-3.13.3-0.41.2.x86_64.rpm libsoftokn3-debuginfo-3.13.3-0.41.2.i586.rpm libsoftokn3-debuginfo-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-3.13.3-0.41.2.i586.rpm mozilla-nss-3.13.3-0.41.2.src.rpm mozilla-nss-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-certs-3.13.3-0.41.2.i586.rpm mozilla-nss-certs-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.3-0.41.2.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-debuginfo-3.13.3-0.41.2.i586.rpm mozilla-nss-debuginfo-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-debugsource-3.13.3-0.41.2.i586.rpm mozilla-nss-devel-3.13.3-0.41.2.i586.rpm mozilla-nss-sysinit-3.13.3-0.41.2.i586.rpm mozilla-nss-sysinit-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.3-0.41.2.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-tools-3.13.3-0.41.2.i586.rpm mozilla-nss-tools-debuginfo-3.13.3-0.41.2.i586.rpm mozilla-js192-1.9.2.28-0.22.2.i586.rpm mozilla-js192-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-js192-debuginfo-1.9.2.28-0.22.2.i586.rpm mozilla-js192-debuginfo-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-1.9.2.28-0.22.2.src.rpm mozilla-xulrunner192-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-devel-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-gnome-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.28-0.22.2.i586.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.28-0.22.2.x86_64.rpm seamonkey-2.8-0.15.1.i586.rpm seamonkey-2.8-0.15.1.src.rpm seamonkey-debuginfo-2.8-0.15.1.i586.rpm seamonkey-debugsource-2.8-0.15.1.i586.rpm seamonkey-dom-inspector-2.8-0.15.1.i586.rpm seamonkey-irc-2.8-0.15.1.i586.rpm seamonkey-translations-common-2.8-0.15.1.i586.rpm seamonkey-translations-other-2.8-0.15.1.i586.rpm seamonkey-venkman-2.8-0.15.1.i586.rpm MozillaFirefox-11.0-0.15.2.x86_64.rpm MozillaFirefox-branding-upstream-11.0-0.15.2.x86_64.rpm MozillaFirefox-buildsymbols-11.0-0.15.2.x86_64.rpm MozillaFirefox-debuginfo-11.0-0.15.2.x86_64.rpm MozillaFirefox-debugsource-11.0-0.15.2.x86_64.rpm MozillaFirefox-devel-11.0-0.15.2.x86_64.rpm MozillaFirefox-translations-common-11.0-0.15.2.x86_64.rpm MozillaFirefox-translations-other-11.0-0.15.2.x86_64.rpm MozillaThunderbird-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-debuginfo-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-debugsource-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-devel-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-translations-common-3.1.20-0.15.4.x86_64.rpm MozillaThunderbird-translations-other-3.1.20-0.15.4.x86_64.rpm enigmail-1.1.2+3.1.20-0.15.4.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.20-0.15.4.x86_64.rpm mozilla-nspr-4.9.0-0.13.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.0-0.13.1.x86_64.rpm mozilla-nspr-debugsource-4.9.0-0.13.1.x86_64.rpm mozilla-nspr-devel-4.9.0-0.13.1.x86_64.rpm libfreebl3-3.13.3-0.41.2.x86_64.rpm libfreebl3-debuginfo-3.13.3-0.41.2.x86_64.rpm libsoftokn3-3.13.3-0.41.2.x86_64.rpm libsoftokn3-debuginfo-3.13.3-0.41.2.x86_64.rpm mozilla-nss-3.13.3-0.41.2.x86_64.rpm mozilla-nss-certs-3.13.3-0.41.2.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.3-0.41.2.x86_64.rpm mozilla-nss-debuginfo-3.13.3-0.41.2.x86_64.rpm mozilla-nss-debugsource-3.13.3-0.41.2.x86_64.rpm mozilla-nss-devel-3.13.3-0.41.2.x86_64.rpm mozilla-nss-sysinit-3.13.3-0.41.2.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.3-0.41.2.x86_64.rpm mozilla-nss-tools-3.13.3-0.41.2.x86_64.rpm mozilla-nss-tools-debuginfo-3.13.3-0.41.2.x86_64.rpm mozilla-js192-1.9.2.28-0.22.2.x86_64.rpm mozilla-js192-debuginfo-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.28-0.22.2.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.28-0.22.2.x86_64.rpm seamonkey-2.8-0.15.1.x86_64.rpm seamonkey-debuginfo-2.8-0.15.1.x86_64.rpm seamonkey-debugsource-2.8-0.15.1.x86_64.rpm seamonkey-dom-inspector-2.8-0.15.1.x86_64.rpm seamonkey-irc-2.8-0.15.1.x86_64.rpm seamonkey-translations-common-2.8-0.15.1.x86_64.rpm seamonkey-translations-other-2.8-0.15.1.x86_64.rpm seamonkey-venkman-2.8-0.15.1.x86_64.rpm openSUSE-2012-302 moderate openSUSE 11.4 Update python3-doc-3.1-6.1.noarch.rpm python3-doc-3.1-6.1.src.rpm python3-doc-pdf-3.1-6.1.noarch.rpm python3-2to3-3.1.3-6.5.i586.rpm python3-3.1.3-6.5.i586.rpm python3-3.1.3-6.5.src.rpm python3-32bit-3.1.3-6.5.x86_64.rpm python3-curses-3.1.3-6.5.i586.rpm python3-curses-debuginfo-3.1.3-6.5.i586.rpm python3-dbm-3.1.3-6.5.i586.rpm python3-dbm-debuginfo-3.1.3-6.5.i586.rpm python3-debuginfo-3.1.3-6.5.i586.rpm python3-debuginfo-32bit-3.1.3-6.5.x86_64.rpm python3-debuginfo-x86-3.1.3-6.5.ia64.rpm python3-debugsource-3.1.3-6.5.i586.rpm python3-demo-3.1.3-6.5.i586.rpm python3-devel-3.1.3-6.5.i586.rpm python3-idle-3.1.3-6.5.i586.rpm python3-tk-3.1.3-6.5.i586.rpm python3-tk-debuginfo-3.1.3-6.5.i586.rpm python3-x86-3.1.3-6.5.ia64.rpm python3-xml-3.1.3-6.5.i586.rpm python3-xml-debuginfo-3.1.3-6.5.i586.rpm python3-2to3-3.1.3-6.5.x86_64.rpm python3-3.1.3-6.5.x86_64.rpm python3-curses-3.1.3-6.5.x86_64.rpm python3-curses-debuginfo-3.1.3-6.5.x86_64.rpm python3-dbm-3.1.3-6.5.x86_64.rpm python3-dbm-debuginfo-3.1.3-6.5.x86_64.rpm python3-debuginfo-3.1.3-6.5.x86_64.rpm python3-debugsource-3.1.3-6.5.x86_64.rpm python3-demo-3.1.3-6.5.x86_64.rpm python3-devel-3.1.3-6.5.x86_64.rpm python3-idle-3.1.3-6.5.x86_64.rpm python3-tk-3.1.3-6.5.x86_64.rpm python3-tk-debuginfo-3.1.3-6.5.x86_64.rpm python3-xml-3.1.3-6.5.x86_64.rpm python3-xml-debuginfo-3.1.3-6.5.x86_64.rpm openSUSE-2012-170 low openSUSE 11.4 Update This update of osc to 0.134.1 provides the following changes: * adding unlock command * maintenance_incident requests get created with source revision of package * Enables new maintenance submissions for new OBS 2.3 maintenance model * Fixes srcmd5 revisions in submit request, when link target != submission target * patchinfo call can work without checked out copy now * use qemu as fallback for building not directly supported architectures * "results --watch" option to watch build results until they finished building * fixes injection of terminal control chars (bnc#749335)(CVE-2012-1095) * support dryrun of branching to preview the expected result. "osc sm" is doing this now by default. * maintenance requests accept package lists as source and target incidents to be merged in * add "setincident" command to "request" to re-direct a maintenance request * ask user to create "maintenance incident" request when submit request is failing at release project * "osc my patchinfos" is showing patchinfos where any open bug is assigned to user * "osc my" or "osc my work" is including assigned patchinfos * "osc branch --maintenance" is creating setups for maintenance * removed debug code lead to warning message (fix by Marcus_H) * add --meta option also to "list", "cat" and "less" commands * project checkout is skipping packages linking to project local packages by default * add --keep-link option to copypac command * source validators are not called by default anymore: * support source services using OBS project or package name * support updateing _patchinfo file with new issues just by calling "osc patchinfo" again * branch --add-repositories can be used to add repos from source project to target project * branch --extend-package-names can be used to do mbranch like branch of a single package * branch --new-package can be used to do branch from a not yet existing package (to define later submit target) * show declined requests which created by user build-initvm-2012.03.06-10.1.i586.rpm build-initvm-2012.03.06-10.1.src.rpm build-initvm-debuginfo-2012.03.06-10.1.i586.rpm build-initvm-debuginfo-32bit-2012.03.06-10.1.x86_64.rpm build-initvm-debuginfo-i586-2012.03.06-10.1.x86_64.rpm build-initvm-debuginfo-x86-2012.03.06-10.1.ia64.rpm build-initvm-i586-2012.03.06-10.1.x86_64.rpm build-mkbaselibs-sle-2012.03.06-10.1.noarch.rpm build-mkbaselibs-sle-2012.03.06-10.1.src.rpm build-2012.03.06-10.1.noarch.rpm build-2012.03.06-10.1.src.rpm build-mkbaselibs-2012.03.06-10.1.noarch.rpm build-mkdrpms-2012.03.06-10.1.noarch.rpm obs-service-download_files-0.3-6.1.noarch.rpm obs-service-download_files-0.3-6.1.src.rpm obs-service-format_spec_file-0.4.1-6.1.noarch.rpm obs-service-format_spec_file-0.4.1-6.1.src.rpm obs-service-source_validator-0.2-7.1.noarch.rpm obs-service-source_validator-0.2-7.1.src.rpm osc-0.134.1-6.1.noarch.rpm osc-0.134.1-6.1.src.rpm build-initvm-2012.03.06-10.1.x86_64.rpm build-initvm-debuginfo-2012.03.06-10.1.x86_64.rpm openSUSE-2012-205 moderate openSUSE 11.4 Update - mount.cifs: Properly update mtab during remount; (bnc#747906). cifs-utils-4.9-1.5.1.i586.rpm cifs-utils-4.9-1.5.1.src.rpm cifs-utils-debuginfo-4.9-1.5.1.i586.rpm cifs-utils-debugsource-4.9-1.5.1.i586.rpm cifs-utils-4.9-1.5.1.x86_64.rpm cifs-utils-debuginfo-4.9-1.5.1.x86_64.rpm cifs-utils-debugsource-4.9-1.5.1.x86_64.rpm openSUSE-2012-177 moderate openSUSE 11.4 Update specially crafted swf files could cause an integer overflow in gnash gnash-0.8.8-6.13.1.i586.rpm gnash-0.8.8-6.13.1.src.rpm gnash-debuginfo-0.8.8-6.13.1.i586.rpm gnash-debugsource-0.8.8-6.13.1.i586.rpm gnash-devel-0.8.8-6.13.1.i586.rpm gnash-0.8.8-6.13.1.x86_64.rpm gnash-debuginfo-0.8.8-6.13.1.x86_64.rpm gnash-debugsource-0.8.8-6.13.1.x86_64.rpm gnash-devel-0.8.8-6.13.1.x86_64.rpm openSUSE-2012-186 moderate openSUSE 11.4 Update specially crafted png files could cause a buffer overflow in libpng libpng12-0-1.2.48-13.1.i586.rpm libpng12-0-32bit-1.2.48-13.1.x86_64.rpm libpng12-0-debuginfo-1.2.48-13.1.i586.rpm libpng12-0-debuginfo-32bit-1.2.48-13.1.x86_64.rpm libpng12-1.2.48-13.1.src.rpm libpng12-compat-devel-1.2.48-13.1.i586.rpm libpng12-compat-devel-32bit-1.2.48-13.1.x86_64.rpm libpng12-debugsource-1.2.48-13.1.i586.rpm libpng12-devel-1.2.48-13.1.i586.rpm libpng12-devel-32bit-1.2.48-13.1.x86_64.rpm libpng14-1.4.4-17.1.src.rpm libpng14-14-1.4.4-17.1.i586.rpm libpng14-14-32bit-1.4.4-17.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-17.1.i586.rpm libpng14-14-debuginfo-32bit-1.4.4-17.1.x86_64.rpm libpng14-compat-devel-1.4.4-17.1.i586.rpm libpng14-compat-devel-32bit-1.4.4-17.1.x86_64.rpm libpng14-debugsource-1.4.4-17.1.i586.rpm libpng14-devel-1.4.4-17.1.i586.rpm libpng14-devel-32bit-1.4.4-17.1.x86_64.rpm libpng12-0-1.2.48-13.1.x86_64.rpm libpng12-0-debuginfo-1.2.48-13.1.x86_64.rpm libpng12-compat-devel-1.2.48-13.1.x86_64.rpm libpng12-debugsource-1.2.48-13.1.x86_64.rpm libpng12-devel-1.2.48-13.1.x86_64.rpm libpng14-14-1.4.4-17.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-17.1.x86_64.rpm libpng14-compat-devel-1.4.4-17.1.x86_64.rpm libpng14-debugsource-1.4.4-17.1.x86_64.rpm libpng14-devel-1.4.4-17.1.x86_64.rpm openSUSE-2012-187 moderate openSUSE 11.4 Update - updated to libreoffice-3.4.5.4 (SUSE 3.4.5-rc2) * calc * pie charts colors messed in XLS import (fdo#40320) * correctly import data point formats in data series (fdo#40320) * components * crash when parsing XML signatures (fdo#39657) * broken getDataArray (fdo#46165, fdo#38441, i#117010) * don't paint a frame around the list of edit boxes (fdo#42543) * inconsistent compression method for encrypted documents (bnc#653688) * filters * more on bentConnectors (bnc#736495) * wrong text color in smartArt (bnc#746996) * reading of w:textbox contents (bnc#693388) * textbox position and size DOCX import (fdo#45560) * RTF/DOCX import of transparent frames (bnc#695479) * consecutive frames in RTF/DOCX import (bnc#703032) * handling of frame properties in RTF import (bnc#417818) * force imported XLSX active tab to be shown (bnc#748198) * create TableManager for inside shapes (bnc#747471, bnc#693238) * textboxes import with OLE objects inside (bnc#747471, bnc#693238) * impress * do not create an empty slide when printing handouts (fdo#31966) * libs-core * default shortcut for .uno:SearchDialog should be Ctrl+H * crash using instances dialog of dataform navigator (fdo#44816) * libs-extern * disable problematic reading of external entities in raptor * libs-gui * correctly calculate leap year * use proper Indian Rupee currency symbol U+20B9 (rh#794679) * writer * field refreshing (fdo#39694) * more layout crashers (i#101776, fdo#39510) * textbox borders style and width in DOCX import (fdo#45560) * expand all text fields when setting properties (fdo#42073) - updated to libreoffice-3.4.5.3 (SUSE 3.4.5-rc1) * version 3.4.5.3, tag suse-3.4.5.3 (SUSE LO 3.4.5-rc1) * SmartArt import * custom shapes import * Oracle Java 1.7.0 detection * reading AES-encrypted ODF 1.2 documents as generated by LO 3.5 * base * iterator misuse (fdo #44040, bnc#742178) * calc * allow pasting to multiple ranges (bnc#715094) * correctly convert chart data ranges (bnc#727504) * definedName corruption for XLSX export (bnc#741182) * adjust/shrink the ranges while copying (bnc#677811) * extra graph data is displayed for label (bnc#717290) * getCellRangeByName failure for named range (bnc#738113) * graph in XLS file has dates displayed wrong (bnc#720443) * improve performance of large Excel documents (bnc#715104) * display page background color/image properly (bnc#722045) * pivot table output becoming empty on re-save (bnc#715543) * encode virtual paths to local volume correctly (bnc#719887) * avoid adjusting cell-anchored objects on other sheets (bnc#726152) * make sure to adjust the sheet index of drawing objects (bnc#733864) * make the data validation popup more reliable (fdo #36851, bnc#737190) * filters * table style (bnc#705991) * text rotation fixes (bnc#734734) * crash in PPTX import (bnc#706792) * read w:sdt* contents (bnc#705949) * connector shape fixes (bnc#719989) * legacy fragment import (bnc#699334) * non-working Excel macros (bnc#705977) * free drawn curves import (bnc#657909) * group shape transformations (bnc#621739) * extLst of drawings in diagrams import (bnc#655408) * flip properties of custom shapes import (bnc#705985) * line spacing is used from previous values (bnc#734734) * missing ooxml customshape->mso shape name entries (bnc#737921) * word doesn't break the numberings and prefers hiding them (bnc#707157) * impress * undo corruption (bnc#685123) * do not set duplicate master slide names (bnc#735533) * libs-core * handle copy and paste from ConsoleOne (bnc#704274) * VBA control events not working, broken eventattacher (bnc#718227) * "General Error" when double-click graphic in presentation (bnc#720948) * libs-extern-sys * upgrade graphite to 1.0.3 fix surrogate support * libs-gui * crash at exit (bnc#728603) * radial gradient offset (bnc#714787) * horizontal scrollbars with KDE oxygen style (bnc#722918) * rendering of metafiles embedded in EMF+ (updated) (bnc#705956) * postprocess * make the 3D transitions work again (bnc#728559) * ure * make Duden Korrektor 5 and 6 work * writer * frame selection (bnc#740117) * crash when editing index (bnc#726174) * order database properties (bnc#740032) * numbering levels in DOC import (bnc#715115) * image size issue in DOC import (bnc#718971) * pointless forward moving of a table (bnc#706138) * tabs set after the end margin in DOCX import (bnc#693238) * add hyperlinks by default in Table of Contents (bnc#705956) - updated to libreoffice-3.4.4.3 (SUSE 3.4.4-rc1 == final): * base * crash when inserting a constant in a query (fdo#38286) * calc * crash when modifying a named range * speed up range name lookup by index (bnc#715104) * recalculate matrix formula dimension correctly (fdo#39485) * mark all formula cells dirty when appending a new sheet (fdo#35965) * components * handling of SAFEARRAY(s) in olebridge (fdo#38441) * filters * auto fit text VIEWING too small in PPT import (fdo#41245) * impress * hang in slideshow (fdo#32861) * crash while dropping texture (fdo#38391) * libs-core * recognize .svg in ODF container (fdo#41995) * dictionaries lost after LibO upgrade (fdo#37195) * crash when "Find Record" button is clicked in Base (fdo#40701) * fix the drawing of dotted and dashed borders in Calc (fdo#37129) * VBA control events not working; broken eventattacher (bnc#718227) * libs-extern-sys * upgrade graphite to 1.0.3 to fix surrogate support * libs-gui * crash when changing screen resolution * let Qt call XInitThreads() (fdo#40298) * activation order crashes address database (fdo#41022) * drawing of dotted and dashed borders in Calc (fdo#37129) * translations * update translations * writer * leak in PDF export (i#116448) * crash when editing index (bnc#726174) * crash while processing incorrect range of pages (fdo#35513) * crash on closing document with footnotes (fdo#39510, lp#854626) libreoffice-branding-upstream-3.4.5.5-97.1.noarch.rpm libreoffice-branding-upstream-3.4.5.5-97.1.src.rpm libreoffice-help-en-US-3.4.5.5-97.1.noarch.rpm libreoffice-help-en-US-3.4.5.5-97.1.src.rpm libreoffice-help-cs-3.4.5.5-97.1.noarch.rpm libreoffice-help-da-3.4.5.5-97.1.noarch.rpm libreoffice-help-de-3.4.5.5-97.1.noarch.rpm libreoffice-help-en-GB-3.4.5.5-97.1.noarch.rpm libreoffice-help-group1-3.4.5.5-97.1.src.rpm libreoffice-help-en-ZA-3.4.5.5-97.1.noarch.rpm libreoffice-help-es-3.4.5.5-97.1.noarch.rpm libreoffice-help-et-3.4.5.5-97.1.noarch.rpm libreoffice-help-fr-3.4.5.5-97.1.noarch.rpm libreoffice-help-gl-3.4.5.5-97.1.noarch.rpm libreoffice-help-group2-3.4.5.5-97.1.src.rpm libreoffice-help-group3-3.4.5.5-97.1.src.rpm libreoffice-help-gu-IN-3.4.5.5-97.1.noarch.rpm libreoffice-help-hi-IN-3.4.5.5-97.1.noarch.rpm libreoffice-help-hu-3.4.5.5-97.1.noarch.rpm libreoffice-help-it-3.4.5.5-97.1.noarch.rpm libreoffice-help-ja-3.4.5.5-97.1.noarch.rpm libreoffice-help-km-3.4.5.5-97.1.noarch.rpm libreoffice-help-group4-3.4.5.5-97.1.src.rpm libreoffice-help-ko-3.4.5.5-97.1.noarch.rpm libreoffice-help-nl-3.4.5.5-97.1.noarch.rpm libreoffice-help-pl-3.4.5.5-97.1.noarch.rpm libreoffice-help-pt-3.4.5.5-97.1.noarch.rpm libreoffice-help-group5-3.4.5.5-97.1.src.rpm libreoffice-help-pt-BR-3.4.5.5-97.1.noarch.rpm libreoffice-help-ru-3.4.5.5-97.1.noarch.rpm libreoffice-help-sl-3.4.5.5-97.1.noarch.rpm libreoffice-help-sv-3.4.5.5-97.1.noarch.rpm libreoffice-help-zh-CN-3.4.5.5-97.1.noarch.rpm libreoffice-help-zh-TW-3.4.5.5-97.1.noarch.rpm libreoffice-icon-theme-crystal-3.4.5.5-14.1.noarch.rpm libreoffice-icon-theme-galaxy-3.4.5.5-14.1.noarch.rpm libreoffice-icon-theme-hicontrast-3.4.5.5-14.1.noarch.rpm libreoffice-icon-theme-oxygen-3.4.5.5-14.1.noarch.rpm libreoffice-icon-theme-tango-3.4.5.5-14.1.noarch.rpm libreoffice-icon-themes-3.4.5.5-14.1.src.rpm libreoffice-l10n-3.4.5.5-122.1.src.rpm libreoffice-l10n-af-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ar-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-be-BY-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-bg-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-br-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ca-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-cs-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-cy-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-da-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-de-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-el-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-en-GB-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-en-ZA-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-es-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-et-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-fi-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-fr-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ga-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-gl-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-gu-IN-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-he-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-hi-IN-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-hr-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-hu-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-it-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ja-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ka-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-km-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ko-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-lt-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-mk-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-nb-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-nl-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-nn-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-nr-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-pa-IN-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-pl-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-pt-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-pt-BR-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ru-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-rw-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-sh-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-sk-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-sl-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-sr-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ss-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-st-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-sv-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-tg-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-th-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-tr-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ts-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-uk-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-ve-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-vi-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-xh-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-zh-CN-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-zh-TW-3.4.5.5-122.1.noarch.rpm libreoffice-l10n-zu-3.4.5.5-122.1.noarch.rpm libreoffice-3.4.5.5-97.1.i586.rpm libreoffice-3.4.5.5-97.1.src.rpm libreoffice-base-3.4.5.5-97.1.i586.rpm libreoffice-base-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-base-drivers-mysql-3.4.5.5-97.1.i586.rpm libreoffice-base-drivers-mysql-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-base-drivers-postgresql-3.4.5.5-97.1.i586.rpm libreoffice-base-drivers-postgresql-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-base-extensions-3.4.5.5-97.1.i586.rpm libreoffice-calc-3.4.5.5-97.1.i586.rpm libreoffice-calc-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-calc-extensions-3.4.5.5-97.1.i586.rpm libreoffice-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-debugsource-3.4.5.5-97.1.i586.rpm libreoffice-draw-3.4.5.5-97.1.i586.rpm libreoffice-draw-extensions-3.4.5.5-97.1.i586.rpm libreoffice-draw-extensions-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-filters-optional-3.4.5.5-97.1.i586.rpm libreoffice-filters-optional-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-gnome-3.4.5.5-97.1.i586.rpm libreoffice-gnome-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-icon-themes-prebuilt-3.4.5.5-97.1.i586.rpm libreoffice-impress-3.4.5.5-97.1.i586.rpm libreoffice-impress-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-impress-extensions-3.4.5.5-97.1.i586.rpm libreoffice-impress-extensions-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-kde-3.4.5.5-97.1.i586.rpm libreoffice-kde-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-kde4-3.4.5.5-97.1.i586.rpm libreoffice-kde4-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-l10n-prebuilt-3.4.5.5-97.1.i586.rpm libreoffice-mailmerge-3.4.5.5-97.1.i586.rpm libreoffice-math-3.4.5.5-97.1.i586.rpm libreoffice-math-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-officebean-3.4.5.5-97.1.i586.rpm libreoffice-officebean-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-pyuno-3.4.5.5-97.1.i586.rpm libreoffice-pyuno-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-sdk-3.4.5.5-97.1.i586.rpm libreoffice-sdk-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-sdk-doc-3.4.5.5-97.1.i586.rpm libreoffice-testtool-3.4.5.5-97.1.i586.rpm libreoffice-testtool-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-writer-3.4.5.5-97.1.i586.rpm libreoffice-writer-debuginfo-3.4.5.5-97.1.i586.rpm libreoffice-writer-extensions-3.4.5.5-97.1.i586.rpm libreoffice-3.4.5.5-97.1.x86_64.rpm libreoffice-base-3.4.5.5-97.1.x86_64.rpm libreoffice-base-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-base-drivers-mysql-3.4.5.5-97.1.x86_64.rpm libreoffice-base-drivers-mysql-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-base-drivers-postgresql-3.4.5.5-97.1.x86_64.rpm libreoffice-base-drivers-postgresql-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-base-extensions-3.4.5.5-97.1.x86_64.rpm libreoffice-calc-3.4.5.5-97.1.x86_64.rpm libreoffice-calc-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-calc-extensions-3.4.5.5-97.1.x86_64.rpm libreoffice-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-debugsource-3.4.5.5-97.1.x86_64.rpm libreoffice-draw-3.4.5.5-97.1.x86_64.rpm libreoffice-draw-extensions-3.4.5.5-97.1.x86_64.rpm libreoffice-draw-extensions-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-filters-optional-3.4.5.5-97.1.x86_64.rpm libreoffice-filters-optional-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-gnome-3.4.5.5-97.1.x86_64.rpm libreoffice-gnome-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-icon-themes-prebuilt-3.4.5.5-97.1.x86_64.rpm libreoffice-impress-3.4.5.5-97.1.x86_64.rpm libreoffice-impress-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-impress-extensions-3.4.5.5-97.1.x86_64.rpm libreoffice-impress-extensions-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-kde-3.4.5.5-97.1.x86_64.rpm libreoffice-kde-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-kde4-3.4.5.5-97.1.x86_64.rpm libreoffice-kde4-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-l10n-prebuilt-3.4.5.5-97.1.x86_64.rpm libreoffice-mailmerge-3.4.5.5-97.1.x86_64.rpm libreoffice-math-3.4.5.5-97.1.x86_64.rpm libreoffice-math-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-officebean-3.4.5.5-97.1.x86_64.rpm libreoffice-officebean-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-pyuno-3.4.5.5-97.1.x86_64.rpm libreoffice-pyuno-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-sdk-3.4.5.5-97.1.x86_64.rpm libreoffice-sdk-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-sdk-doc-3.4.5.5-97.1.x86_64.rpm libreoffice-testtool-3.4.5.5-97.1.x86_64.rpm libreoffice-testtool-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-writer-3.4.5.5-97.1.x86_64.rpm libreoffice-writer-debuginfo-3.4.5.5-97.1.x86_64.rpm libreoffice-writer-extensions-3.4.5.5-97.1.x86_64.rpm openSUSE-2012-209 moderate openSUSE 11.4 Update specially crafted http responses from upstream server could leak already freed memory nginx-0.8-0.8.53-4.14.1.i586.rpm nginx-0.8-0.8.53-4.14.1.src.rpm nginx-0.8-debuginfo-0.8.53-4.14.1.i586.rpm nginx-0.8-debugsource-0.8.53-4.14.1.i586.rpm nginx-0.8-0.8.53-4.14.1.x86_64.rpm nginx-0.8-debuginfo-0.8.53-4.14.1.x86_64.rpm nginx-0.8-debugsource-0.8.53-4.14.1.x86_64.rpm openSUSE-2012-208 important openSUSE 11.4 Update Fixed bnc#751887 - Hibernation failure after security patches applied; Fixed bnc#751621 - /usr/lib/pm-utils/sleep.d/06autofs unconditionally (re)starts autofs Fixed bnc#751811 - pm-suspend generates defective /var/log/pm-suspend.log file pm-utils-1.4.1-5.24.1.i586.rpm pm-utils-1.4.1-5.24.1.src.rpm pm-utils-debuginfo-1.4.1-5.24.1.i586.rpm pm-utils-debugsource-1.4.1-5.24.1.i586.rpm pm-utils-ndiswrapper-1.4.1-5.24.1.i586.rpm pm-utils-1.4.1-5.24.1.x86_64.rpm pm-utils-debuginfo-1.4.1-5.24.1.x86_64.rpm pm-utils-debugsource-1.4.1-5.24.1.x86_64.rpm pm-utils-ndiswrapper-1.4.1-5.24.1.x86_64.rpm openSUSE-2012-265 low openSUSE 11.4 Update Wine was updated to its 1.4 final release (bnc#751716) This release represents 20 months of development effort and over 16,000 individual changes. The main highlights are the new DIB graphics engine, a redesigned audio stack, and full support for bidirectional text and character shaping. wine-gecko-1.4-10.1.noarch.rpm wine-gecko-1.4-10.1.src.rpm wine-1.4-12.1.i586.rpm wine-1.4-12.1.src.rpm wine-32bit-1.4-12.1.i586.rpm wine-32bit-1.4-12.1.x86_64.rpm wine-debuginfo-1.4-12.1.i586.rpm wine-debuginfo-32bit-1.4-12.1.i586.rpm wine-debuginfo-32bit-1.4-12.1.x86_64.rpm wine-debuginfo-x86-1.4-12.1.ia64.rpm wine-debugsource-1.4-12.1.i586.rpm wine-devel-1.4-12.1.i586.rpm wine-devel-32bit-1.4-12.1.i586.rpm wine-devel-32bit-1.4-12.1.x86_64.rpm wine-devel-debuginfo-1.4-12.1.i586.rpm wine-devel-debuginfo-32bit-1.4-12.1.i586.rpm wine-devel-debuginfo-32bit-1.4-12.1.x86_64.rpm wine-devel-debuginfo-x86-1.4-12.1.ia64.rpm wine-x86-1.4-12.1.ia64.rpm wine-1.4-12.1.x86_64.rpm wine-debuginfo-1.4-12.1.x86_64.rpm wine-debugsource-1.4-12.1.x86_64.rpm wine-devel-1.4-12.1.x86_64.rpm wine-devel-debuginfo-1.4-12.1.x86_64.rpm openSUSE-2012-189 low openSUSE 11.4 Update This updates the drdb userland tools to match the kernel module version. Besides, the version update fixes the following issues: * Fix for possible deadlock on IO error during resync * Fixed a race condition between adding and removing network configuration. Lead to a BUG_ON() when triggered. * Fixed spurious full syncs that could happen after an empty resync and concurrent connection loss. * Fixed spurious full syncs that happened when connection got lost while one node was in WFSyncUUID state (Bugz 318) * Fixed a race in the meta-data update code path, that could lead to forgotten updates to the meta-data. That in fact could lead to unexpected behavior at the next connect * Fixed potential deadlock on detach * Fixed potential data divergence after multiple failures * Implicitly create unconfigured devices which are referenced in sync-after dependencies. drbd-8.3.9-7.1.i586.rpm drbd-8.3.9-7.1.src.rpm drbd-debuginfo-8.3.9-7.1.i586.rpm drbd-debugsource-8.3.9-7.1.i586.rpm drbd-8.3.9-7.1.x86_64.rpm drbd-debuginfo-8.3.9-7.1.x86_64.rpm drbd-debugsource-8.3.9-7.1.x86_64.rpm openSUSE-2012-222 low openSUSE 11.4 Update python-pam was prone to a double-free issue python-pam-0.5.0-79.1.i586.rpm python-pam-0.5.0-79.1.src.rpm python-pam-debuginfo-0.5.0-79.1.i586.rpm python-pam-debugsource-0.5.0-79.1.i586.rpm python-pam-0.5.0-79.1.x86_64.rpm python-pam-debuginfo-0.5.0-79.1.x86_64.rpm python-pam-debugsource-0.5.0-79.1.x86_64.rpm openSUSE-2012-185 low openSUSE 11.4 Update This update fixes the following bugs: - fix agent crash when reloading a subagent (AgentX) during a query (bnc#670789) - avoid an unnecessary stop/start cycle in the agent after log rotation (bnc#707636) - fix logging option in snmptrapd init script (bnc#712174) - add VxFS, ReiserFS and OCFS2 to the list of known file systems (bnc#715199) libsnmp25-32bit-5.6.1-4.29.1.x86_64.rpm libsnmp25-5.6.1-4.29.1.i586.rpm libsnmp25-debuginfo-32bit-5.6.1-4.29.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.29.1.i586.rpm net-snmp-5.6.1-4.29.1.i586.rpm net-snmp-5.6.1-4.29.1.src.rpm net-snmp-debuginfo-5.6.1-4.29.1.i586.rpm net-snmp-debugsource-5.6.1-4.29.1.i586.rpm net-snmp-devel-5.6.1-4.29.1.i586.rpm perl-SNMP-5.6.1-4.29.1.i586.rpm perl-SNMP-debuginfo-5.6.1-4.29.1.i586.rpm snmp-mibs-5.6.1-4.29.1.i586.rpm libsnmp25-5.6.1-4.29.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.29.1.x86_64.rpm net-snmp-5.6.1-4.29.1.x86_64.rpm net-snmp-debuginfo-5.6.1-4.29.1.x86_64.rpm net-snmp-debugsource-5.6.1-4.29.1.x86_64.rpm net-snmp-devel-5.6.1-4.29.1.x86_64.rpm perl-SNMP-5.6.1-4.29.1.x86_64.rpm perl-SNMP-debuginfo-5.6.1-4.29.1.x86_64.rpm snmp-mibs-5.6.1-4.29.1.x86_64.rpm openSUSE-2012-221 low openSUSE 11.4 Update specially crafted CDF files could crash the "file" program file-32bit-5.04-13.1.x86_64.rpm file-5.04-13.1.i586.rpm file-5.04-13.1.src.rpm file-debuginfo-32bit-5.04-13.1.x86_64.rpm file-debuginfo-5.04-13.1.i586.rpm file-debugsource-5.04-13.1.i586.rpm file-devel-5.04-13.1.i586.rpm python-magic-5.04-13.1.i586.rpm python-magic-5.04-13.1.src.rpm python-magic-debuginfo-5.04-13.1.i586.rpm python-magic-debugsource-5.04-13.1.i586.rpm file-5.04-13.1.x86_64.rpm file-debuginfo-5.04-13.1.x86_64.rpm file-debugsource-5.04-13.1.x86_64.rpm file-devel-5.04-13.1.x86_64.rpm python-magic-5.04-13.1.x86_64.rpm python-magic-debuginfo-5.04-13.1.x86_64.rpm python-magic-debugsource-5.04-13.1.x86_64.rpm openSUSE-2012-194 moderate openSUSE 11.4 Update This update fixes the following issues for mc: - 681060, 715658: keep english version of help and hints in the main package mc-4.7.5.1-6.2.i586.rpm mc-4.7.5.1-6.2.src.rpm mc-debuginfo-4.7.5.1-6.2.i586.rpm mc-debugsource-4.7.5.1-6.2.i586.rpm mc-lang-4.7.5.1-6.2.noarch.rpm mc-4.7.5.1-6.2.x86_64.rpm mc-debuginfo-4.7.5.1-6.2.x86_64.rpm mc-debugsource-4.7.5.1-6.2.x86_64.rpm openSUSE-2012-312 moderate openSUSE 11.4 Update This softwaremgmt update fixes the following issues: zypper: - Update zypper-po.tar.bz2 - 719690: Return nonzero (104 - INF_CAP_NOT_FOUND) when query matches no package libzypp: - Update zypp-po.tar.bz2 - 679322: Force libproxy into using "/etc/sysconfig/proxy" if it exists - 740764: Correctly use user:pass directly embedded in a proxy url - 749418: Apply soft locks by name and not per package - 716972: CheckAccessDeleted: avoid duplicate entries for the same PID - 710269: Fix mount entry comparison libzypp-bindings: - disable use of %jobs to avoid swapping during compilation libsatsolver: - updated specfile libqdialogsolver1: - updated specfile libzypp-testsuite-tools: - updated specfile libqdialogsolver1-1.3.0-11.2.i586.rpm True libqdialogsolver1-1.3.0-11.2.src.rpm True libqdialogsolver1-debuginfo-1.3.0-11.2.i586.rpm True libqdialogsolver1-debugsource-1.3.0-11.2.i586.rpm True libqdialogsolver1-devel-1.3.0-11.2.i586.rpm True libsatsolver-0.16.3-28.1.src.rpm True libsatsolver-debugsource-0.16.3-28.1.i586.rpm True libsatsolver-demo-0.16.3-28.1.i586.rpm True libsatsolver-demo-debuginfo-0.16.3-28.1.i586.rpm True libsatsolver-devel-0.16.3-28.1.i586.rpm True libsatsolver-devel-debuginfo-0.16.3-28.1.i586.rpm True perl-satsolver-0.16.3-28.1.i586.rpm True perl-satsolver-debuginfo-0.16.3-28.1.i586.rpm True python-satsolver-0.16.3-28.1.i586.rpm True python-satsolver-debuginfo-0.16.3-28.1.i586.rpm True ruby-satsolver-0.16.3-28.1.i586.rpm True ruby-satsolver-debuginfo-0.16.3-28.1.i586.rpm True satsolver-tools-0.16.3-28.1.i586.rpm True satsolver-tools-debuginfo-0.16.3-28.1.i586.rpm True libzypp-bindings-0.5.9-9.1.src.rpm True libzypp-bindings-debugsource-0.5.9-9.1.i586.rpm True perl-zypp-0.5.9-9.1.i586.rpm True perl-zypp-debuginfo-0.5.9-9.1.i586.rpm True python-zypp-0.5.9-9.1.i586.rpm True python-zypp-debuginfo-0.5.9-9.1.i586.rpm True ruby-zypp-0.5.9-9.1.i586.rpm True ruby-zypp-debuginfo-0.5.9-9.1.i586.rpm True libzypp-testsuite-tools-4.2.11-9.1.i586.rpm True libzypp-testsuite-tools-4.2.11-9.1.src.rpm True libzypp-testsuite-tools-data-4.2.11-9.1.noarch.rpm True libzypp-8.13.5-15.1.i586.rpm True libzypp-8.13.5-15.1.src.rpm True libzypp-debuginfo-8.13.5-15.1.i586.rpm True libzypp-debugsource-8.13.5-15.1.i586.rpm True libzypp-devel-8.13.5-15.1.i586.rpm True zypper-1.5.9-12.1.i586.rpm True zypper-1.5.9-12.1.src.rpm True zypper-debuginfo-1.5.9-12.1.i586.rpm True zypper-debugsource-1.5.9-12.1.i586.rpm True libqdialogsolver1-1.3.0-11.2.x86_64.rpm True libqdialogsolver1-debuginfo-1.3.0-11.2.x86_64.rpm True libqdialogsolver1-debugsource-1.3.0-11.2.x86_64.rpm True libqdialogsolver1-devel-1.3.0-11.2.x86_64.rpm True libsatsolver-debugsource-0.16.3-28.1.x86_64.rpm True libsatsolver-demo-0.16.3-28.1.x86_64.rpm True libsatsolver-demo-debuginfo-0.16.3-28.1.x86_64.rpm True libsatsolver-devel-0.16.3-28.1.x86_64.rpm True libsatsolver-devel-debuginfo-0.16.3-28.1.x86_64.rpm True perl-satsolver-0.16.3-28.1.x86_64.rpm True perl-satsolver-debuginfo-0.16.3-28.1.x86_64.rpm True python-satsolver-0.16.3-28.1.x86_64.rpm True python-satsolver-debuginfo-0.16.3-28.1.x86_64.rpm True ruby-satsolver-0.16.3-28.1.x86_64.rpm True ruby-satsolver-debuginfo-0.16.3-28.1.x86_64.rpm True satsolver-tools-0.16.3-28.1.x86_64.rpm True satsolver-tools-debuginfo-0.16.3-28.1.x86_64.rpm True libzypp-bindings-debugsource-0.5.9-9.1.x86_64.rpm True perl-zypp-0.5.9-9.1.x86_64.rpm True perl-zypp-debuginfo-0.5.9-9.1.x86_64.rpm True python-zypp-0.5.9-9.1.x86_64.rpm True python-zypp-debuginfo-0.5.9-9.1.x86_64.rpm True ruby-zypp-0.5.9-9.1.x86_64.rpm True ruby-zypp-debuginfo-0.5.9-9.1.x86_64.rpm True libzypp-testsuite-tools-4.2.11-9.1.x86_64.rpm True libzypp-8.13.5-15.1.x86_64.rpm True libzypp-debuginfo-8.13.5-15.1.x86_64.rpm True libzypp-debugsource-8.13.5-15.1.x86_64.rpm True libzypp-devel-8.13.5-15.1.x86_64.rpm True zypper-1.5.9-12.1.x86_64.rpm True zypper-debuginfo-1.5.9-12.1.x86_64.rpm True zypper-debugsource-1.5.9-12.1.x86_64.rpm True openSUSE-2012-196 low openSUSE 11.4 Update dosemu was updated to the current SVN 1.4 branch state to allow running DOS programs with the mmap_min_addr security protection enabled. If the mmap_min_addr protection is set, dosemu will fall back transparently to vm86 emulation. bnc#742752 dosemu-1.4.0.1.r2065-77.2.i586.rpm dosemu-1.4.0.1.r2065-77.2.src.rpm dosemu-debuginfo-1.4.0.1.r2065-77.2.i586.rpm dosemu-debugsource-1.4.0.1.r2065-77.2.i586.rpm dosemu-1.4.0.1.r2065-77.2.x86_64.rpm dosemu-debuginfo-1.4.0.1.r2065-77.2.x86_64.rpm dosemu-debugsource-1.4.0.1.r2065-77.2.x86_64.rpm openSUSE-2012-210 low openSUSE 11.4 Update Changes in openssl: - S/MIME verification may erroneously fail - Free headers after use in error message - Symmetric crypto errors in PKCS7_decrypt libopenssl-devel-1.0.0c-18.36.1.i586.rpm libopenssl1_0_0-1.0.0c-18.36.1.i586.rpm libopenssl1_0_0-32bit-1.0.0c-18.36.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.36.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.36.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0c-18.36.1.ia64.rpm libopenssl1_0_0-x86-1.0.0c-18.36.1.ia64.rpm openssl-1.0.0c-18.36.1.i586.rpm openssl-1.0.0c-18.36.1.src.rpm openssl-debuginfo-1.0.0c-18.36.1.i586.rpm openssl-debugsource-1.0.0c-18.36.1.i586.rpm openssl-doc-1.0.0c-18.36.1.noarch.rpm libopenssl-devel-1.0.0c-18.36.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.36.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.36.1.x86_64.rpm openssl-1.0.0c-18.36.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.36.1.x86_64.rpm openssl-debugsource-1.0.0c-18.36.1.x86_64.rpm openSUSE-2012-200 low openSUSE 11.4 Update This update fixes the following issue for freeradius-server: - 752873: fixed running with perl module freeradius-server-2.1.10-5.1.i586.rpm freeradius-server-2.1.10-5.1.src.rpm freeradius-server-debuginfo-2.1.10-5.1.i586.rpm freeradius-server-debugsource-2.1.10-5.1.i586.rpm freeradius-server-devel-2.1.10-5.1.i586.rpm freeradius-server-dialupadmin-2.1.10-5.1.i586.rpm freeradius-server-doc-2.1.10-5.1.i586.rpm freeradius-server-libs-2.1.10-5.1.i586.rpm freeradius-server-libs-debuginfo-2.1.10-5.1.i586.rpm freeradius-server-utils-2.1.10-5.1.i586.rpm freeradius-server-utils-debuginfo-2.1.10-5.1.i586.rpm freeradius-server-2.1.10-5.1.x86_64.rpm freeradius-server-debuginfo-2.1.10-5.1.x86_64.rpm freeradius-server-debugsource-2.1.10-5.1.x86_64.rpm freeradius-server-devel-2.1.10-5.1.x86_64.rpm freeradius-server-dialupadmin-2.1.10-5.1.x86_64.rpm freeradius-server-doc-2.1.10-5.1.x86_64.rpm freeradius-server-libs-2.1.10-5.1.x86_64.rpm freeradius-server-libs-debuginfo-2.1.10-5.1.x86_64.rpm freeradius-server-utils-2.1.10-5.1.x86_64.rpm freeradius-server-utils-debuginfo-2.1.10-5.1.x86_64.rpm openSUSE-2012-184 critical openSUSE 11.4 Update Adobe Flash Player 11.1.102.63 fixes a memory corruption vulnerability in the NetStream class that could lead to code execution flash-player-11.2.202.228-6.1.i586.rpm flash-player-11.2.202.228-6.1.nosrc.rpm flash-player-gnome-11.2.202.228-6.1.i586.rpm flash-player-kde4-11.2.202.228-6.1.i586.rpm flash-player-11.2.202.228-6.1.x86_64.rpm flash-player-gnome-11.2.202.228-6.1.x86_64.rpm flash-player-kde4-11.2.202.228-6.1.x86_64.rpm openSUSE-2012-220 important openSUSE 11.4 Update Specially crafted font files could cause buffer overflows in freetype freetype2-2.4.4-7.24.1.src.rpm freetype2-debugsource-2.4.4-7.24.1.i586.rpm freetype2-devel-2.4.4-7.24.1.i586.rpm freetype2-devel-32bit-2.4.4-7.24.1.x86_64.rpm libfreetype6-2.4.4-7.24.1.i586.rpm libfreetype6-32bit-2.4.4-7.24.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.24.1.i586.rpm libfreetype6-debuginfo-32bit-2.4.4-7.24.1.x86_64.rpm libfreetype6-debuginfo-x86-2.4.4-7.24.1.ia64.rpm libfreetype6-x86-2.4.4-7.24.1.ia64.rpm freetype2-debugsource-2.4.4-7.24.1.x86_64.rpm freetype2-devel-2.4.4-7.24.1.x86_64.rpm libfreetype6-2.4.4-7.24.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.24.1.x86_64.rpm openSUSE-2012-219 low openSUSE 11.4 Update update to 5.0.4, fix for bnc#754694 (CVE-2012-1600) phpPgAdmin-5.0.4-66.1.noarch.rpm phpPgAdmin-5.0.4-66.1.src.rpm openSUSE-2012-217 moderate openSUSE 11.4 Update specially crafted png files could cause a memory corruption in libpng's png_set_text_2() libpng12-0-1.2.49-16.1.i586.rpm libpng12-0-32bit-1.2.49-16.1.x86_64.rpm libpng12-0-debuginfo-1.2.49-16.1.i586.rpm libpng12-0-debuginfo-32bit-1.2.49-16.1.x86_64.rpm libpng12-0-debuginfo-x86-1.2.49-16.1.ia64.rpm libpng12-0-x86-1.2.49-16.1.ia64.rpm libpng12-1.2.49-16.1.src.rpm libpng12-compat-devel-1.2.49-16.1.i586.rpm libpng12-compat-devel-32bit-1.2.49-16.1.x86_64.rpm libpng12-debugsource-1.2.49-16.1.i586.rpm libpng12-devel-1.2.49-16.1.i586.rpm libpng12-devel-32bit-1.2.49-16.1.x86_64.rpm libpng14-1.4.4-20.1.src.rpm libpng14-14-1.4.4-20.1.i586.rpm libpng14-14-32bit-1.4.4-20.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-20.1.i586.rpm libpng14-14-debuginfo-32bit-1.4.4-20.1.x86_64.rpm libpng14-14-debuginfo-x86-1.4.4-20.1.ia64.rpm libpng14-14-x86-1.4.4-20.1.ia64.rpm libpng14-compat-devel-1.4.4-20.1.i586.rpm libpng14-compat-devel-32bit-1.4.4-20.1.x86_64.rpm libpng14-debugsource-1.4.4-20.1.i586.rpm libpng14-devel-1.4.4-20.1.i586.rpm libpng14-devel-32bit-1.4.4-20.1.x86_64.rpm libpng12-0-1.2.49-16.1.x86_64.rpm libpng12-0-debuginfo-1.2.49-16.1.x86_64.rpm libpng12-compat-devel-1.2.49-16.1.x86_64.rpm libpng12-debugsource-1.2.49-16.1.x86_64.rpm libpng12-devel-1.2.49-16.1.x86_64.rpm libpng14-14-1.4.4-20.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-20.1.x86_64.rpm libpng14-compat-devel-1.4.4-20.1.x86_64.rpm libpng14-debugsource-1.4.4-20.1.x86_64.rpm libpng14-devel-1.4.4-20.1.x86_64.rpm openSUSE-2012-234 moderate openSUSE 11.4 Update specially crafted tiff files could cause a heap overflow in libtiff libtiff-devel-3.9.4-3.25.1.i586.rpm libtiff-devel-32bit-3.9.4-3.25.1.x86_64.rpm libtiff3-3.9.4-3.25.1.i586.rpm libtiff3-32bit-3.9.4-3.25.1.x86_64.rpm libtiff3-debuginfo-3.9.4-3.25.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-3.25.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-3.25.1.ia64.rpm libtiff3-x86-3.9.4-3.25.1.ia64.rpm tiff-3.9.4-3.25.1.i586.rpm tiff-3.9.4-3.25.1.src.rpm tiff-debuginfo-3.9.4-3.25.1.i586.rpm tiff-debugsource-3.9.4-3.25.1.i586.rpm libtiff-devel-3.9.4-3.25.1.x86_64.rpm libtiff3-3.9.4-3.25.1.x86_64.rpm libtiff3-debuginfo-3.9.4-3.25.1.x86_64.rpm tiff-3.9.4-3.25.1.x86_64.rpm tiff-debuginfo-3.9.4-3.25.1.x86_64.rpm tiff-debugsource-3.9.4-3.25.1.x86_64.rpm openSUSE-2012-244 low openSUSE 11.4 Update Scripts that accept multiple file uploads in a single request were potentially vulnerable to a directory traversal attack apache2-mod_php5-5.3.5-5.329.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-5.329.1.i586.rpm php5-5.3.5-5.329.1.i586.rpm php5-5.3.5-5.329.1.src.rpm php5-bcmath-5.3.5-5.329.1.i586.rpm php5-bcmath-debuginfo-5.3.5-5.329.1.i586.rpm php5-bz2-5.3.5-5.329.1.i586.rpm php5-bz2-debuginfo-5.3.5-5.329.1.i586.rpm php5-calendar-5.3.5-5.329.1.i586.rpm php5-calendar-debuginfo-5.3.5-5.329.1.i586.rpm php5-ctype-5.3.5-5.329.1.i586.rpm php5-ctype-debuginfo-5.3.5-5.329.1.i586.rpm php5-curl-5.3.5-5.329.1.i586.rpm php5-curl-debuginfo-5.3.5-5.329.1.i586.rpm php5-dba-5.3.5-5.329.1.i586.rpm php5-dba-debuginfo-5.3.5-5.329.1.i586.rpm php5-debuginfo-5.3.5-5.329.1.i586.rpm php5-debugsource-5.3.5-5.329.1.i586.rpm php5-devel-5.3.5-5.329.1.i586.rpm php5-dom-5.3.5-5.329.1.i586.rpm php5-dom-debuginfo-5.3.5-5.329.1.i586.rpm php5-enchant-5.3.5-5.329.1.i586.rpm php5-enchant-debuginfo-5.3.5-5.329.1.i586.rpm php5-exif-5.3.5-5.329.1.i586.rpm php5-exif-debuginfo-5.3.5-5.329.1.i586.rpm php5-fastcgi-5.3.5-5.329.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-5.329.1.i586.rpm php5-fileinfo-5.3.5-5.329.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-5.329.1.i586.rpm php5-fpm-5.3.5-5.329.1.i586.rpm php5-fpm-debuginfo-5.3.5-5.329.1.i586.rpm php5-ftp-5.3.5-5.329.1.i586.rpm php5-ftp-debuginfo-5.3.5-5.329.1.i586.rpm php5-gd-5.3.5-5.329.1.i586.rpm php5-gd-debuginfo-5.3.5-5.329.1.i586.rpm php5-gettext-5.3.5-5.329.1.i586.rpm php5-gettext-debuginfo-5.3.5-5.329.1.i586.rpm php5-gmp-5.3.5-5.329.1.i586.rpm php5-gmp-debuginfo-5.3.5-5.329.1.i586.rpm php5-hash-5.3.5-5.329.1.i586.rpm php5-hash-debuginfo-5.3.5-5.329.1.i586.rpm php5-iconv-5.3.5-5.329.1.i586.rpm php5-iconv-debuginfo-5.3.5-5.329.1.i586.rpm php5-imap-5.3.5-5.329.1.i586.rpm php5-imap-debuginfo-5.3.5-5.329.1.i586.rpm php5-intl-5.3.5-5.329.1.i586.rpm php5-intl-debuginfo-5.3.5-5.329.1.i586.rpm php5-json-5.3.5-5.329.1.i586.rpm php5-json-debuginfo-5.3.5-5.329.1.i586.rpm php5-ldap-5.3.5-5.329.1.i586.rpm php5-ldap-debuginfo-5.3.5-5.329.1.i586.rpm php5-mbstring-5.3.5-5.329.1.i586.rpm php5-mbstring-debuginfo-5.3.5-5.329.1.i586.rpm php5-mcrypt-5.3.5-5.329.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-5.329.1.i586.rpm php5-mysql-5.3.5-5.329.1.i586.rpm php5-mysql-debuginfo-5.3.5-5.329.1.i586.rpm php5-odbc-5.3.5-5.329.1.i586.rpm php5-odbc-debuginfo-5.3.5-5.329.1.i586.rpm php5-openssl-5.3.5-5.329.1.i586.rpm php5-openssl-debuginfo-5.3.5-5.329.1.i586.rpm php5-pcntl-5.3.5-5.329.1.i586.rpm php5-pcntl-debuginfo-5.3.5-5.329.1.i586.rpm php5-pdo-5.3.5-5.329.1.i586.rpm php5-pdo-debuginfo-5.3.5-5.329.1.i586.rpm php5-pear-5.3.5-5.329.1.noarch.rpm php5-pgsql-5.3.5-5.329.1.i586.rpm php5-pgsql-debuginfo-5.3.5-5.329.1.i586.rpm php5-phar-5.3.5-5.329.1.i586.rpm php5-phar-debuginfo-5.3.5-5.329.1.i586.rpm php5-posix-5.3.5-5.329.1.i586.rpm php5-posix-debuginfo-5.3.5-5.329.1.i586.rpm php5-pspell-5.3.5-5.329.1.i586.rpm php5-pspell-debuginfo-5.3.5-5.329.1.i586.rpm php5-readline-5.3.5-5.329.1.i586.rpm php5-readline-debuginfo-5.3.5-5.329.1.i586.rpm php5-shmop-5.3.5-5.329.1.i586.rpm php5-shmop-debuginfo-5.3.5-5.329.1.i586.rpm php5-snmp-5.3.5-5.329.1.i586.rpm php5-snmp-debuginfo-5.3.5-5.329.1.i586.rpm php5-soap-5.3.5-5.329.1.i586.rpm php5-soap-debuginfo-5.3.5-5.329.1.i586.rpm php5-sockets-5.3.5-5.329.1.i586.rpm php5-sockets-debuginfo-5.3.5-5.329.1.i586.rpm php5-sqlite-5.3.5-5.329.1.i586.rpm php5-sqlite-debuginfo-5.3.5-5.329.1.i586.rpm php5-suhosin-5.3.5-5.329.1.i586.rpm php5-suhosin-debuginfo-5.3.5-5.329.1.i586.rpm php5-sysvmsg-5.3.5-5.329.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-5.329.1.i586.rpm php5-sysvsem-5.3.5-5.329.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-5.329.1.i586.rpm php5-sysvshm-5.3.5-5.329.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-5.329.1.i586.rpm php5-tidy-5.3.5-5.329.1.i586.rpm php5-tidy-debuginfo-5.3.5-5.329.1.i586.rpm php5-tokenizer-5.3.5-5.329.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-5.329.1.i586.rpm php5-wddx-5.3.5-5.329.1.i586.rpm php5-wddx-debuginfo-5.3.5-5.329.1.i586.rpm php5-xmlreader-5.3.5-5.329.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-5.329.1.i586.rpm php5-xmlrpc-5.3.5-5.329.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-5.329.1.i586.rpm php5-xmlwriter-5.3.5-5.329.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-5.329.1.i586.rpm php5-xsl-5.3.5-5.329.1.i586.rpm php5-xsl-debuginfo-5.3.5-5.329.1.i586.rpm php5-zip-5.3.5-5.329.1.i586.rpm php5-zip-debuginfo-5.3.5-5.329.1.i586.rpm php5-zlib-5.3.5-5.329.1.i586.rpm php5-zlib-debuginfo-5.3.5-5.329.1.i586.rpm apache2-mod_php5-5.3.5-5.329.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-5.3.5-5.329.1.x86_64.rpm php5-bcmath-5.3.5-5.329.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-bz2-5.3.5-5.329.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-calendar-5.3.5-5.329.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-ctype-5.3.5-5.329.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-curl-5.3.5-5.329.1.x86_64.rpm php5-curl-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-dba-5.3.5-5.329.1.x86_64.rpm php5-dba-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-debugsource-5.3.5-5.329.1.x86_64.rpm php5-devel-5.3.5-5.329.1.x86_64.rpm php5-dom-5.3.5-5.329.1.x86_64.rpm php5-dom-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-enchant-5.3.5-5.329.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-exif-5.3.5-5.329.1.x86_64.rpm php5-exif-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-fastcgi-5.3.5-5.329.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-fileinfo-5.3.5-5.329.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-fpm-5.3.5-5.329.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-ftp-5.3.5-5.329.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-gd-5.3.5-5.329.1.x86_64.rpm php5-gd-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-gettext-5.3.5-5.329.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-gmp-5.3.5-5.329.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-hash-5.3.5-5.329.1.x86_64.rpm php5-hash-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-iconv-5.3.5-5.329.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-imap-5.3.5-5.329.1.x86_64.rpm php5-imap-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-intl-5.3.5-5.329.1.x86_64.rpm php5-intl-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-json-5.3.5-5.329.1.x86_64.rpm php5-json-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-ldap-5.3.5-5.329.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-mbstring-5.3.5-5.329.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-mcrypt-5.3.5-5.329.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-mysql-5.3.5-5.329.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-odbc-5.3.5-5.329.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-openssl-5.3.5-5.329.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-pcntl-5.3.5-5.329.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-pdo-5.3.5-5.329.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-pgsql-5.3.5-5.329.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-phar-5.3.5-5.329.1.x86_64.rpm php5-phar-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-posix-5.3.5-5.329.1.x86_64.rpm php5-posix-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-pspell-5.3.5-5.329.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-readline-5.3.5-5.329.1.x86_64.rpm php5-readline-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-shmop-5.3.5-5.329.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-snmp-5.3.5-5.329.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-soap-5.3.5-5.329.1.x86_64.rpm php5-soap-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-sockets-5.3.5-5.329.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-sqlite-5.3.5-5.329.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-suhosin-5.3.5-5.329.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-sysvmsg-5.3.5-5.329.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-sysvsem-5.3.5-5.329.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-sysvshm-5.3.5-5.329.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-tidy-5.3.5-5.329.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-tokenizer-5.3.5-5.329.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-wddx-5.3.5-5.329.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-xmlreader-5.3.5-5.329.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-xmlrpc-5.3.5-5.329.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-xmlwriter-5.3.5-5.329.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-xsl-5.3.5-5.329.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-zip-5.3.5-5.329.1.x86_64.rpm php5-zip-debuginfo-5.3.5-5.329.1.x86_64.rpm php5-zlib-5.3.5-5.329.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-5.329.1.x86_64.rpm openSUSE-2012-229 important openSUSE 11.4 Update This update fixes the following issue for pm-utils: - Fixed 06autofs, which got stuck waiting for stdin and made suspend impossible pm-utils-1.4.1-5.27.1.i586.rpm pm-utils-1.4.1-5.27.1.src.rpm pm-utils-debuginfo-1.4.1-5.27.1.i586.rpm pm-utils-debugsource-1.4.1-5.27.1.i586.rpm pm-utils-ndiswrapper-1.4.1-5.27.1.i586.rpm pm-utils-1.4.1-5.27.1.x86_64.rpm pm-utils-debuginfo-1.4.1-5.27.1.x86_64.rpm pm-utils-debugsource-1.4.1-5.27.1.x86_64.rpm pm-utils-ndiswrapper-1.4.1-5.27.1.x86_64.rpm openSUSE-2012-242 moderate openSUSE 11.4 Update The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL was vulnerable to a Million Message Attack (MMA) adaptive chosen ciphertext attack (CVE-2012-0884). libopenssl-devel-1.0.0c-18.39.1.i586.rpm libopenssl1_0_0-1.0.0c-18.39.1.i586.rpm libopenssl1_0_0-32bit-1.0.0c-18.39.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.39.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.39.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0c-18.39.1.ia64.rpm libopenssl1_0_0-x86-1.0.0c-18.39.1.ia64.rpm openssl-1.0.0c-18.39.1.i586.rpm openssl-1.0.0c-18.39.1.src.rpm openssl-debuginfo-1.0.0c-18.39.1.i586.rpm openssl-debugsource-1.0.0c-18.39.1.i586.rpm openssl-doc-1.0.0c-18.39.1.noarch.rpm libopenssl-devel-1.0.0c-18.39.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.39.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.39.1.x86_64.rpm openssl-1.0.0c-18.39.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.39.1.x86_64.rpm openssl-debugsource-1.0.0c-18.39.1.x86_64.rpm openSUSE-2012-224 critical openSUSE 11.4 Update Samba upgrade to version 3.6.3 fixes the following security issue: - PIDL based autogenerated code allows overwriting beyond of allocated array. Remove attackers could exploit that to execute arbitrary code as root (CVE-2012-1182, bso#8815, bnc#752797) Please see /usr/share/doc/packages/samba/WHATSNEW.txt from the samba-doc package or the package change log (rpm -q --changelog samba) for more details of the version update. samba-doc-3.6.3-112.1.src.rpm ldapsmb-1.34b-112.1.i586.rpm libldb-devel-1.0.2-112.1.i586.rpm libldb1-1.0.2-112.1.i586.rpm libldb1-32bit-1.0.2-112.1.x86_64.rpm libldb1-debuginfo-1.0.2-112.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-112.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-112.1.ia64.rpm libldb1-x86-1.0.2-112.1.ia64.rpm libnetapi-devel-3.6.3-112.1.i586.rpm libnetapi0-3.6.3-112.1.i586.rpm libnetapi0-debuginfo-3.6.3-112.1.i586.rpm libsmbclient-devel-3.6.3-112.1.i586.rpm libsmbclient0-3.6.3-112.1.i586.rpm libsmbclient0-32bit-3.6.3-112.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-112.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-112.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-112.1.ia64.rpm libsmbclient0-x86-3.6.3-112.1.ia64.rpm libsmbsharemodes-devel-3.6.3-112.1.i586.rpm libsmbsharemodes0-3.6.3-112.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-112.1.i586.rpm libtalloc-devel-2.0.5-112.1.i586.rpm libtalloc2-2.0.5-112.1.i586.rpm libtalloc2-32bit-2.0.5-112.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-112.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-112.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-112.1.ia64.rpm libtalloc2-x86-2.0.5-112.1.ia64.rpm libtdb-devel-1.2.9-112.1.i586.rpm libtdb1-1.2.9-112.1.i586.rpm libtdb1-32bit-1.2.9-112.1.x86_64.rpm libtdb1-debuginfo-1.2.9-112.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-112.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-112.1.ia64.rpm libtdb1-x86-1.2.9-112.1.ia64.rpm libtevent-devel-0.9.11-112.1.i586.rpm libtevent0-0.9.11-112.1.i586.rpm libtevent0-32bit-0.9.11-112.1.x86_64.rpm libtevent0-debuginfo-0.9.11-112.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-112.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-112.1.ia64.rpm libtevent0-x86-0.9.11-112.1.ia64.rpm libwbclient-devel-3.6.3-112.1.i586.rpm libwbclient0-3.6.3-112.1.i586.rpm libwbclient0-32bit-3.6.3-112.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-112.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-112.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-112.1.ia64.rpm libwbclient0-x86-3.6.3-112.1.ia64.rpm samba-3.6.3-112.1.i586.rpm samba-3.6.3-112.1.src.rpm samba-32bit-3.6.3-112.1.x86_64.rpm samba-client-3.6.3-112.1.i586.rpm samba-client-32bit-3.6.3-112.1.x86_64.rpm samba-client-debuginfo-3.6.3-112.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-112.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-112.1.ia64.rpm samba-client-x86-3.6.3-112.1.ia64.rpm samba-debuginfo-3.6.3-112.1.i586.rpm samba-debuginfo-32bit-3.6.3-112.1.x86_64.rpm samba-debuginfo-x86-3.6.3-112.1.ia64.rpm samba-debugsource-3.6.3-112.1.i586.rpm samba-devel-3.6.3-112.1.i586.rpm samba-doc-3.6.3-112.1.noarch.rpm samba-krb-printing-3.6.3-112.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-112.1.i586.rpm samba-winbind-3.6.3-112.1.i586.rpm samba-winbind-32bit-3.6.3-112.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-112.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-112.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-112.1.ia64.rpm samba-winbind-x86-3.6.3-112.1.ia64.rpm samba-x86-3.6.3-112.1.ia64.rpm ldapsmb-1.34b-112.1.x86_64.rpm libldb-devel-1.0.2-112.1.x86_64.rpm libldb1-1.0.2-112.1.x86_64.rpm libldb1-debuginfo-1.0.2-112.1.x86_64.rpm libnetapi-devel-3.6.3-112.1.x86_64.rpm libnetapi0-3.6.3-112.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-112.1.x86_64.rpm libsmbclient-devel-3.6.3-112.1.x86_64.rpm libsmbclient0-3.6.3-112.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-112.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-112.1.x86_64.rpm libsmbsharemodes0-3.6.3-112.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-112.1.x86_64.rpm libtalloc-devel-2.0.5-112.1.x86_64.rpm libtalloc2-2.0.5-112.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-112.1.x86_64.rpm libtdb-devel-1.2.9-112.1.x86_64.rpm libtdb1-1.2.9-112.1.x86_64.rpm libtdb1-debuginfo-1.2.9-112.1.x86_64.rpm libtevent-devel-0.9.11-112.1.x86_64.rpm libtevent0-0.9.11-112.1.x86_64.rpm libtevent0-debuginfo-0.9.11-112.1.x86_64.rpm libwbclient-devel-3.6.3-112.1.x86_64.rpm libwbclient0-3.6.3-112.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-112.1.x86_64.rpm samba-3.6.3-112.1.x86_64.rpm samba-client-3.6.3-112.1.x86_64.rpm samba-client-debuginfo-3.6.3-112.1.x86_64.rpm samba-debuginfo-3.6.3-112.1.x86_64.rpm samba-debugsource-3.6.3-112.1.x86_64.rpm samba-devel-3.6.3-112.1.x86_64.rpm samba-krb-printing-3.6.3-112.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-112.1.x86_64.rpm samba-winbind-3.6.3-112.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-112.1.x86_64.rpm openSUSE-2012-238 low openSUSE 11.4 Update libmtp was fixed to not call mtp-probe on new devices, which avoids crashing some specific devices like colormeters and similar. On openSUSE 12.1 libmtp was also upgraded to 1.1.3 to support lots of newer devices. libmtp-1.0.6-7.1.src.rpm libmtp-debugsource-1.0.6-7.1.i586.rpm libmtp-devel-1.0.6-7.1.i586.rpm libmtp8-1.0.6-7.1.i586.rpm libmtp8-debuginfo-1.0.6-7.1.i586.rpm mtp-tools-1.0.6-7.1.i586.rpm mtp-tools-debuginfo-1.0.6-7.1.i586.rpm libmtp-debugsource-1.0.6-7.1.x86_64.rpm libmtp-devel-1.0.6-7.1.x86_64.rpm libmtp8-1.0.6-7.1.x86_64.rpm libmtp8-debuginfo-1.0.6-7.1.x86_64.rpm mtp-tools-1.0.6-7.1.x86_64.rpm mtp-tools-debuginfo-1.0.6-7.1.x86_64.rpm openSUSE-2012-226 important openSUSE 11.4 Update Acroread update to version 9.5.1 to fix several security issues acroread-9.5.1-0.7.1.i586.rpm acroread-9.5.1-0.7.1.nosrc.rpm openSUSE-2012-236 low openSUSE 11.4 Update This update fixes the following issues for subversion: - 753940: version 1.6.18 - User-visible changes: * reject invalid svn:mergeinfo at commit time over DAV (issue #3953) * fix reintegrate merge regression introduced in 1.6.13 (issue #3957) * make the stderr output of the post-commit hook XML-safe (r893478) * fix a rare source of FSFS corruption (r1240752) * plug a memory leak in the bdb backend (r1205726) * server-side performance fix for "log -g" (r1152282) * fix description of svndumpfilter's --targets option (r1151911) * fix datastream corruption during resumed transfer in ra_serf (r1154733) * fix a crash in ra_svn SASL authentication (r1166555, -678) * fix potential corruption on 32-bit FSFS with large files (r1230212) * make website links point to subversion.apache.org (r896893, -901, r915036) * fix non-fatal FSFS corruption bug with concurrent commits (issue #4129) - Developer-visible changes: * fix sqlite distfile retrieval in get-deps.sh (r1134734) * fix swig-py memory leak (r1235264, -296, -302, -736) * allow passing --with-jdk to gen-make.py on Windows (r966167) libsvn_auth_gnome_keyring-1-0-1.6.18-1.40.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.18-1.40.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.18-1.40.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.18-1.40.1.i586.rpm subversion-1.6.18-1.40.1.i586.rpm subversion-1.6.18-1.40.1.src.rpm subversion-debuginfo-1.6.18-1.40.1.i586.rpm subversion-debugsource-1.6.18-1.40.1.i586.rpm subversion-devel-1.6.18-1.40.1.i586.rpm subversion-perl-1.6.18-1.40.1.i586.rpm subversion-perl-debuginfo-1.6.18-1.40.1.i586.rpm subversion-python-1.6.18-1.40.1.i586.rpm subversion-python-debuginfo-1.6.18-1.40.1.i586.rpm subversion-ruby-1.6.18-1.40.1.i586.rpm subversion-ruby-debuginfo-1.6.18-1.40.1.i586.rpm subversion-server-1.6.18-1.40.1.i586.rpm subversion-server-debuginfo-1.6.18-1.40.1.i586.rpm subversion-tools-1.6.18-1.40.1.i586.rpm subversion-tools-debuginfo-1.6.18-1.40.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.18-1.40.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.18-1.40.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.18-1.40.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-1.6.18-1.40.1.x86_64.rpm subversion-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-debugsource-1.6.18-1.40.1.x86_64.rpm subversion-devel-1.6.18-1.40.1.x86_64.rpm subversion-perl-1.6.18-1.40.1.x86_64.rpm subversion-perl-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-python-1.6.18-1.40.1.x86_64.rpm subversion-python-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-ruby-1.6.18-1.40.1.x86_64.rpm subversion-ruby-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-server-1.6.18-1.40.1.x86_64.rpm subversion-server-debuginfo-1.6.18-1.40.1.x86_64.rpm subversion-tools-1.6.18-1.40.1.x86_64.rpm subversion-tools-debuginfo-1.6.18-1.40.1.x86_64.rpm openSUSE-2012-256 low openSUSE 11.4 Update This update fixes the following issues for open-vm-tools: Fixes for 12.1 and 11.4: - 703959: Build vmci as first module and copy Modules.symvers to source of all subsequent modules to be built. Fixes issues where vmhgfs for example does not have all symbols available and fails to load - 698181: Add a tools.conf to the package. All settings are left to default except [guestinfo] / disable-perf-mon=1 - 748517: added call to vmware-rpctool in %preun to unset the installed version - Add vmhgfs-2011.12.20.patch: Fix build of vmhgfs module with kernel 3.2. - Update FSF address part in vmtoolsd header. - Update to version 8.8.1 (Stable series): - Updated code for compatibility with newer Linux kernel releases and with newer NetworkManager releases. - dropped vmxnet+kernel-3.0 (not needed anymore) - 743130: build with PIE Fixes for 11.4 only (already fixed in 12.1): - Update to version 8.8.0 (Stable series): - This release of open-vm-tools matches the VMware Tools package released with Workstation 8.0 and Fusion 4.0. It's targeted at desktop users who want the latest features in (VMware's) Unity, HGFS and drag and drop support. - Add open-vm-tools-vmxnet+kernel-3.0.patch: HAVE_NETDEV_PRIV is gone in kernel 3.0 and netdev_priv is in kernel since 2.6.6. - use set_permissions instead of run_permissions on 11.4+ - Update to version 2011.07.19: - Fix an issue in the HGFS driver that could lead to a kernel panic. - Update some code to support new compiler and kernel versions. - Minor bug fixes and code cleanup. - Changes from version 2011.06.27: - A few enhancements to Unity: XFCE support, better interaction with "the other" (Ubuntu's) Unity and compositing window managers, better X error handling, and a few bug fixes. - few bug fixes in HGFS, and minor bug fixes in other components. - Otherwise, mostly code cleanup. libvmtools-devel-2012.8.8.1-32.1.i586.rpm libvmtools0-2012.8.8.1-32.1.i586.rpm libvmtools0-debuginfo-2012.8.8.1-32.1.i586.rpm open-vm-tools-2012.8.8.1-32.1.i586.rpm open-vm-tools-2012.8.8.1-32.1.src.rpm open-vm-tools-debuginfo-2012.8.8.1-32.1.i586.rpm open-vm-tools-debugsource-2012.8.8.1-32.1.i586.rpm open-vm-tools-gui-2012.8.8.1-32.1.i586.rpm open-vm-tools-gui-debuginfo-2012.8.8.1-32.1.i586.rpm vmware-guest-kmp-default-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm vmware-guest-kmp-default-debuginfo-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm vmware-guest-kmp-desktop-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm vmware-guest-kmp-desktop-debuginfo-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm vmware-guest-kmp-pae-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm vmware-guest-kmp-pae-debuginfo-2012.8.8.1_k2.6.37.6_0.11-32.1.i586.rpm libvmtools-devel-2012.8.8.1-32.1.x86_64.rpm libvmtools0-2012.8.8.1-32.1.x86_64.rpm libvmtools0-debuginfo-2012.8.8.1-32.1.x86_64.rpm open-vm-tools-2012.8.8.1-32.1.x86_64.rpm open-vm-tools-debuginfo-2012.8.8.1-32.1.x86_64.rpm open-vm-tools-debugsource-2012.8.8.1-32.1.x86_64.rpm open-vm-tools-gui-2012.8.8.1-32.1.x86_64.rpm open-vm-tools-gui-debuginfo-2012.8.8.1-32.1.x86_64.rpm vmware-guest-kmp-default-2012.8.8.1_k2.6.37.6_0.11-32.1.x86_64.rpm vmware-guest-kmp-default-debuginfo-2012.8.8.1_k2.6.37.6_0.11-32.1.x86_64.rpm vmware-guest-kmp-desktop-2012.8.8.1_k2.6.37.6_0.11-32.1.x86_64.rpm vmware-guest-kmp-desktop-debuginfo-2012.8.8.1_k2.6.37.6_0.11-32.1.x86_64.rpm openSUSE-2012-240 low openSUSE 11.4 Update - Fixed bnc#706314 by upgrading to 1.3.1.1 - Added chmsee-1.3.1.1-fix-toolbar.patch to fix visual glitches with menu and toolbar chmsee-1.3.1.1-8.1.i586.rpm chmsee-1.3.1.1-8.1.src.rpm chmsee-debuginfo-1.3.1.1-8.1.i586.rpm chmsee-debugsource-1.3.1.1-8.1.i586.rpm chmsee-lang-1.3.1.1-8.1.noarch.rpm chmsee-1.3.1.1-8.1.x86_64.rpm chmsee-debuginfo-1.3.1.1-8.1.x86_64.rpm chmsee-debugsource-1.3.1.1-8.1.x86_64.rpm openSUSE-2012-248 moderate openSUSE 11.4 Update Changes in wireshark: - update to 1.4.12 - fix bnc#754474, bnc#754476, bnc#754477(fixed upstream) - Security fixes: - wnpa-sec-2012-04 The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823) - wnpa-sec-2012-06 The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804) - wnpa-sec-2012-07 The MP2T dissector could try to allocate too much memory and crash. (Bug 6804) - The Windows installers now include GnuTLS 1.12.18, which fixes several vulnerabilities. - Bug fixes: - Some PGM options are not parsed correctly. (Bug 5687) - dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark). (Bug 5939) - No error for UDP/IPv6 packet with zero checksum. (Bug 6232) - packetBB dissector bug: More than 1000000 items in the tree -- possible infinite loop. (Bug 6687) - Ethernet traces in K12 text format sometimes give bogus "malformed frame" errors and other problems. (Bug 6735) - non-IPP packets to or from port 631 are dissected as IPP. (Bug 6765) - IAX2 dissector reads past end of packet for unknown IEs. (Bug 6815) - Pcap-NG files with SHB options longer than 100 bytes aren't recognized as pcap-NG files, and options longer than 100 bytes in other blocks aren't handled either. (Bug 6846) - Patch to fix DTLS decryption. (Bug 6847) - Expression... dialog is crash. (Bug 6891) - ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972) - Radiotap dissector lists a bogus "DBM TX Attenuation" bit. (Bug 7000) - MySQL dissector assertion. (Ask 8649) Updated Protocol Support HTTP, ISAKMP, MySQL, PacketBB, PGM, TCP, UDP New and Updated Capture File Support Endace ERF, Pcap-NG. wireshark-1.4.12-0.10.1.i586.rpm wireshark-1.4.12-0.10.1.src.rpm wireshark-debuginfo-1.4.12-0.10.1.i586.rpm wireshark-debugsource-1.4.12-0.10.1.i586.rpm wireshark-devel-1.4.12-0.10.1.i586.rpm wireshark-1.4.12-0.10.1.x86_64.rpm wireshark-debuginfo-1.4.12-0.10.1.x86_64.rpm wireshark-debugsource-1.4.12-0.10.1.x86_64.rpm wireshark-devel-1.4.12-0.10.1.x86_64.rpm openSUSE-2012-287 moderate openSUSE 11.4 Update Specially crafted YAML could allow attackers to execute arbitrary code due to the use of yaml.load instead of yaml.safe_load. cobbler-2.2.1-40.1.i586.rpm cobbler-2.2.1-40.1.src.rpm cobbler-web-2.2.1-40.1.i586.rpm koan-2.2.1-40.1.i586.rpm cobbler-2.2.1-40.1.x86_64.rpm cobbler-web-2.2.1-40.1.x86_64.rpm koan-2.2.1-40.1.x86_64.rpm openSUSE-2012-245 moderate openSUSE 11.4 Update the previous expat security update caused a regression with some programs expat-2.0.1-102.108.1.i586.rpm expat-2.0.1-102.108.1.src.rpm expat-debuginfo-2.0.1-102.108.1.i586.rpm expat-debuginfo-32bit-2.0.1-102.108.1.x86_64.rpm expat-debuginfo-x86-2.0.1-102.108.1.ia64.rpm expat-debugsource-2.0.1-102.108.1.i586.rpm libexpat-devel-2.0.1-102.108.1.i586.rpm libexpat-devel-32bit-2.0.1-102.108.1.x86_64.rpm libexpat1-2.0.1-102.108.1.i586.rpm libexpat1-32bit-2.0.1-102.108.1.x86_64.rpm libexpat1-debuginfo-2.0.1-102.108.1.i586.rpm libexpat1-debuginfo-32bit-2.0.1-102.108.1.x86_64.rpm libexpat1-debuginfo-x86-2.0.1-102.108.1.ia64.rpm libexpat1-x86-2.0.1-102.108.1.ia64.rpm expat-2.0.1-102.108.1.x86_64.rpm expat-debuginfo-2.0.1-102.108.1.x86_64.rpm expat-debugsource-2.0.1-102.108.1.x86_64.rpm libexpat-devel-2.0.1-102.108.1.x86_64.rpm libexpat1-2.0.1-102.108.1.x86_64.rpm libexpat1-debuginfo-2.0.1-102.108.1.x86_64.rpm openSUSE-2012-250 low openSUSE 11.4 Update This update fixes the following issue for flash-player: - 757428: Update to 11.2.202.233 *This release addresses a printing issue that was found in the previous version of Flash Player flash-player-11.2.202.233-9.1.i586.rpm flash-player-11.2.202.233-9.1.nosrc.rpm flash-player-gnome-11.2.202.233-9.1.i586.rpm flash-player-kde4-11.2.202.233-9.1.i586.rpm flash-player-11.2.202.233-9.1.x86_64.rpm flash-player-gnome-11.2.202.233-9.1.x86_64.rpm flash-player-kde4-11.2.202.233-9.1.x86_64.rpm openSUSE-2012-246 moderate openSUSE 11.4 Update specially crafted files could cause buffer overflows in csound csound-5.06.0-139.144.1.i586.rpm csound-5.06.0-139.144.1.src.rpm csound-5.06.0-139.144.1.x86_64.rpm openSUSE-2012-249 moderate openSUSE 11.4 Update Specially crafted type1 fonts could cause memory corruptions in t1lib t1lib-5.1.2-16.1.i586.rpm t1lib-5.1.2-16.1.src.rpm t1lib-debuginfo-5.1.2-16.1.i586.rpm t1lib-debugsource-5.1.2-16.1.i586.rpm t1lib-devel-5.1.2-16.1.i586.rpm t1lib-5.1.2-16.1.x86_64.rpm t1lib-debuginfo-5.1.2-16.1.x86_64.rpm t1lib-debugsource-5.1.2-16.1.x86_64.rpm t1lib-devel-5.1.2-16.1.x86_64.rpm openSUSE-2012-252 low openSUSE 11.4 Update This update fixes the following issue for xfdesktop: - 669768: added a check for GDK_GRAB_INVALID_TIME in xfdesktop_popup_grab_available to mitigate slow menu popups on a right mouse click xfdesktop-4.8.1-3.9.1.i586.rpm xfdesktop-4.8.1-3.9.1.src.rpm xfdesktop-branding-upstream-4.8.1-3.9.1.noarch.rpm xfdesktop-debuginfo-4.8.1-3.9.1.i586.rpm xfdesktop-debugsource-4.8.1-3.9.1.i586.rpm xfdesktop-4.8.1-3.9.1.x86_64.rpm xfdesktop-debuginfo-4.8.1-3.9.1.x86_64.rpm xfdesktop-debugsource-4.8.1-3.9.1.x86_64.rpm openSUSE-2012-260 moderate openSUSE 11.4 Update specially crafted signature headers could crash rpm rpm-32bit-4.8.0-28.41.1.x86_64.rpm rpm-4.8.0-28.41.1.i586.rpm rpm-4.8.0-28.41.1.src.rpm rpm-debuginfo-32bit-4.8.0-28.41.1.x86_64.rpm rpm-debuginfo-4.8.0-28.41.1.i586.rpm rpm-debuginfo-x86-4.8.0-28.41.1.ia64.rpm rpm-debugsource-4.8.0-28.41.1.i586.rpm rpm-devel-4.8.0-28.41.1.i586.rpm rpm-x86-4.8.0-28.41.1.ia64.rpm rpm-4.8.0-28.41.1.x86_64.rpm rpm-debuginfo-4.8.0-28.41.1.x86_64.rpm rpm-debugsource-4.8.0-28.41.1.x86_64.rpm rpm-devel-4.8.0-28.41.1.x86_64.rpm openSUSE-2012-268 low openSUSE 11.4 Update mount.cifs could leak information about existence of files normally not accessible to users cifs-utils-4.9-1.9.1.i586.rpm cifs-utils-4.9-1.9.1.src.rpm cifs-utils-debuginfo-4.9-1.9.1.i586.rpm cifs-utils-debugsource-4.9-1.9.1.i586.rpm cifs-utils-4.9-1.9.1.x86_64.rpm cifs-utils-debuginfo-4.9-1.9.1.x86_64.rpm cifs-utils-debugsource-4.9-1.9.1.x86_64.rpm openSUSE-2012-310 moderate openSUSE 11.4 Update Specially crafted files could cause overflows in ImageMagick ImageMagick-6.6.5.8-8.71.1.i586.rpm ImageMagick-6.6.5.8-8.71.1.src.rpm ImageMagick-debuginfo-6.6.5.8-8.71.1.i586.rpm ImageMagick-debugsource-6.6.5.8-8.71.1.i586.rpm ImageMagick-devel-6.6.5.8-8.71.1.i586.rpm ImageMagick-doc-6.6.5.8-8.71.1.noarch.rpm ImageMagick-extra-6.6.5.8-8.71.1.i586.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.71.1.i586.rpm libMagick++-devel-6.6.5.8-8.71.1.i586.rpm libMagick++4-6.6.5.8-8.71.1.i586.rpm libMagick++4-debuginfo-6.6.5.8-8.71.1.i586.rpm libMagickCore4-32bit-6.6.5.8-8.71.1.x86_64.rpm libMagickCore4-6.6.5.8-8.71.1.i586.rpm libMagickCore4-debuginfo-32bit-6.6.5.8-8.71.1.x86_64.rpm libMagickCore4-debuginfo-6.6.5.8-8.71.1.i586.rpm libMagickCore4-debuginfo-x86-6.6.5.8-8.71.1.ia64.rpm libMagickCore4-x86-6.6.5.8-8.71.1.ia64.rpm libMagickWand4-32bit-6.6.5.8-8.71.1.x86_64.rpm libMagickWand4-6.6.5.8-8.71.1.i586.rpm libMagickWand4-debuginfo-32bit-6.6.5.8-8.71.1.x86_64.rpm libMagickWand4-debuginfo-6.6.5.8-8.71.1.i586.rpm libMagickWand4-debuginfo-x86-6.6.5.8-8.71.1.ia64.rpm libMagickWand4-x86-6.6.5.8-8.71.1.ia64.rpm perl-PerlMagick-6.6.5.8-8.71.1.i586.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.71.1.i586.rpm ImageMagick-6.6.5.8-8.71.1.x86_64.rpm ImageMagick-debuginfo-6.6.5.8-8.71.1.x86_64.rpm ImageMagick-debugsource-6.6.5.8-8.71.1.x86_64.rpm ImageMagick-devel-6.6.5.8-8.71.1.x86_64.rpm ImageMagick-extra-6.6.5.8-8.71.1.x86_64.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.71.1.x86_64.rpm libMagick++-devel-6.6.5.8-8.71.1.x86_64.rpm libMagick++4-6.6.5.8-8.71.1.x86_64.rpm libMagick++4-debuginfo-6.6.5.8-8.71.1.x86_64.rpm libMagickCore4-6.6.5.8-8.71.1.x86_64.rpm libMagickCore4-debuginfo-6.6.5.8-8.71.1.x86_64.rpm libMagickWand4-6.6.5.8-8.71.1.x86_64.rpm libMagickWand4-debuginfo-6.6.5.8-8.71.1.x86_64.rpm perl-PerlMagick-6.6.5.8-8.71.1.x86_64.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.71.1.x86_64.rpm openSUSE-2012-294 moderate openSUSE 11.4 Update python-django update version to 1.2.7 fixes several security issues including denial of service, CSRF and information leaks: https://www.djangoproject.com/weblog/2011/sep/10/127/ python-django-1.2.7-6.1.noarch.rpm python-django-1.2.7-6.1.src.rpm openSUSE-2012-267 moderate openSUSE 11.4 Update libsoup considered all ssl connections as trusted even if no CA certificates were configured. epiphany-2.30.6-14.1.i586.rpm epiphany-2.30.6-14.1.src.rpm epiphany-branding-upstream-2.30.6-14.1.i586.rpm epiphany-debuginfo-2.30.6-14.1.i586.rpm epiphany-debugsource-2.30.6-14.1.i586.rpm epiphany-devel-2.30.6-14.1.i586.rpm epiphany-lang-2.30.6-14.1.noarch.rpm libsoup-2.32.2-3.12.1.src.rpm libsoup-2_4-1-2.32.2-3.12.1.i586.rpm libsoup-2_4-1-32bit-2.32.2-3.12.1.x86_64.rpm libsoup-2_4-1-debuginfo-2.32.2-3.12.1.i586.rpm libsoup-2_4-1-debuginfo-32bit-2.32.2-3.12.1.x86_64.rpm libsoup-2_4-1-debuginfo-x86-2.32.2-3.12.1.ia64.rpm libsoup-2_4-1-x86-2.32.2-3.12.1.ia64.rpm libsoup-debugsource-2.32.2-3.12.1.i586.rpm libsoup-devel-2.32.2-3.12.1.i586.rpm libsoup-devel-32bit-2.32.2-3.12.1.x86_64.rpm midori-0.3.0-7.13.1.i586.rpm midori-0.3.0-7.13.1.src.rpm midori-debuginfo-0.3.0-7.13.1.i586.rpm midori-debugsource-0.3.0-7.13.1.i586.rpm midori-devel-0.3.0-7.13.1.i586.rpm midori-lang-0.3.0-7.13.1.noarch.rpm epiphany-2.30.6-14.1.x86_64.rpm epiphany-branding-upstream-2.30.6-14.1.x86_64.rpm epiphany-debuginfo-2.30.6-14.1.x86_64.rpm epiphany-debugsource-2.30.6-14.1.x86_64.rpm epiphany-devel-2.30.6-14.1.x86_64.rpm libsoup-2_4-1-2.32.2-3.12.1.x86_64.rpm libsoup-2_4-1-debuginfo-2.32.2-3.12.1.x86_64.rpm libsoup-debugsource-2.32.2-3.12.1.x86_64.rpm libsoup-devel-2.32.2-3.12.1.x86_64.rpm midori-0.3.0-7.13.1.x86_64.rpm midori-debuginfo-0.3.0-7.13.1.x86_64.rpm midori-debugsource-0.3.0-7.13.1.x86_64.rpm midori-devel-0.3.0-7.13.1.x86_64.rpm openSUSE-2012-254 moderate openSUSE 11.4 Update Changes in xulrunner: - update to 12.0 (bnc#758408) * rebased patches * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - added mozilla-libnotify.patch to allow fallback from libnotify to xul based events if no notification-daemon is running - gcc 4.7 fixes * mozilla-gcc47.patch * disabled crashreporter temporarily for Factory Changes in MozillaFirefox: - update to Firefox 12.0 (bnc#758408) * rebased patches * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - added mozilla-libnotify.patch to allow fallback from libnotify to xul based events if no notification-daemon is running - gcc 4.7 fixes * mozilla-gcc47.patch * disabled crashreporter temporarily for Factory - recommend libcanberra0 for proper sound notifications Changes in MozillaThunderbird: - update to Thunderbird 12.0 (bnc#758408) * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - update Enigmail to 1.4.1 - added mozilla-revert_621446.patch - added mozilla-libnotify.patch (bmo#737646) - added mailnew-showalert.patch (bmo#739146) - added mozilla-gcc47.patch and mailnews-literals.patch to fix compilation issues with recent gcc 4.7 - disabled crashreporter temporarily for Factory (gcc 4.7 issue) Changes in seamonkey: - update to Seamonkey 2.9 (bnc#758408) * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - update to 2.9b4 - added mozilla-sle11.patch and add exceptions to be able to build for SLE11/11.1 - exclude broken gl locale from build - fixed build on 11.2-x86_64 by adding mozilla-revert_621446.patch - added mozilla-gcc47.patch and mailnews-literals.patch to fix compilation issues with recent gcc 4.7 MozillaFirefox-12.0-18.1.i586.rpm MozillaFirefox-12.0-18.1.src.rpm MozillaFirefox-branding-upstream-12.0-18.1.i586.rpm MozillaFirefox-buildsymbols-12.0-18.1.i586.rpm MozillaFirefox-debuginfo-12.0-18.1.i586.rpm MozillaFirefox-debugsource-12.0-18.1.i586.rpm MozillaFirefox-devel-12.0-18.1.i586.rpm MozillaFirefox-translations-common-12.0-18.1.i586.rpm MozillaFirefox-translations-other-12.0-18.1.i586.rpm MozillaThunderbird-12.0-18.1.i586.rpm MozillaThunderbird-12.0-18.1.src.rpm MozillaThunderbird-buildsymbols-12.0-18.1.i586.rpm MozillaThunderbird-debuginfo-12.0-18.1.i586.rpm MozillaThunderbird-debugsource-12.0-18.1.i586.rpm MozillaThunderbird-devel-12.0-18.1.i586.rpm MozillaThunderbird-translations-common-12.0-18.1.i586.rpm MozillaThunderbird-translations-other-12.0-18.1.i586.rpm enigmail-1.4.1+12.0-18.1.i586.rpm enigmail-debuginfo-1.4.1+12.0-18.1.i586.rpm seamonkey-2.9-18.1.i586.rpm seamonkey-2.9-18.1.src.rpm seamonkey-debuginfo-2.9-18.1.i586.rpm seamonkey-debugsource-2.9-18.1.i586.rpm seamonkey-dom-inspector-2.9-18.1.i586.rpm seamonkey-irc-2.9-18.1.i586.rpm seamonkey-translations-common-2.9-18.1.i586.rpm seamonkey-translations-other-2.9-18.1.i586.rpm seamonkey-venkman-2.9-18.1.i586.rpm MozillaFirefox-12.0-18.1.x86_64.rpm MozillaFirefox-branding-upstream-12.0-18.1.x86_64.rpm MozillaFirefox-buildsymbols-12.0-18.1.x86_64.rpm MozillaFirefox-debuginfo-12.0-18.1.x86_64.rpm MozillaFirefox-debugsource-12.0-18.1.x86_64.rpm MozillaFirefox-devel-12.0-18.1.x86_64.rpm MozillaFirefox-translations-common-12.0-18.1.x86_64.rpm MozillaFirefox-translations-other-12.0-18.1.x86_64.rpm MozillaThunderbird-12.0-18.1.x86_64.rpm MozillaThunderbird-buildsymbols-12.0-18.1.x86_64.rpm MozillaThunderbird-debuginfo-12.0-18.1.x86_64.rpm MozillaThunderbird-debugsource-12.0-18.1.x86_64.rpm MozillaThunderbird-devel-12.0-18.1.x86_64.rpm MozillaThunderbird-translations-common-12.0-18.1.x86_64.rpm MozillaThunderbird-translations-other-12.0-18.1.x86_64.rpm enigmail-1.4.1+12.0-18.1.x86_64.rpm enigmail-debuginfo-1.4.1+12.0-18.1.x86_64.rpm seamonkey-2.9-18.1.x86_64.rpm seamonkey-debuginfo-2.9-18.1.x86_64.rpm seamonkey-debugsource-2.9-18.1.x86_64.rpm seamonkey-dom-inspector-2.9-18.1.x86_64.rpm seamonkey-irc-2.9-18.1.x86_64.rpm seamonkey-translations-common-2.9-18.1.x86_64.rpm seamonkey-translations-other-2.9-18.1.x86_64.rpm seamonkey-venkman-2.9-18.1.x86_64.rpm openSUSE-2012-258 important openSUSE 11.4 Update - docs-xml: fix default name resolve order; (bso#7564). - s3-aio-fork: Fix a segfault in vfs_aio_fork; (bso#8836). - docs: remove whitespace in example samba.ldif; (bso#8789). - s3-smbd: move print_backend_init() behind init_system_info(); (bso#8845). - s3-docs: Prepend '/' to filename argument; (bso#8826). - Restrict self granting privileges where security=ads for Samba post-3.3.16; CVE-2012-2111; (bnc#757576). samba-doc-3.6.3-115.1.src.rpm ldapsmb-1.34b-115.1.i586.rpm libldb-devel-1.0.2-115.1.i586.rpm libldb1-1.0.2-115.1.i586.rpm libldb1-32bit-1.0.2-115.1.x86_64.rpm libldb1-debuginfo-1.0.2-115.1.i586.rpm libldb1-debuginfo-32bit-1.0.2-115.1.x86_64.rpm libldb1-debuginfo-x86-1.0.2-115.1.ia64.rpm libldb1-x86-1.0.2-115.1.ia64.rpm libnetapi-devel-3.6.3-115.1.i586.rpm libnetapi0-3.6.3-115.1.i586.rpm libnetapi0-debuginfo-3.6.3-115.1.i586.rpm libsmbclient-devel-3.6.3-115.1.i586.rpm libsmbclient0-3.6.3-115.1.i586.rpm libsmbclient0-32bit-3.6.3-115.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-115.1.i586.rpm libsmbclient0-debuginfo-32bit-3.6.3-115.1.x86_64.rpm libsmbclient0-debuginfo-x86-3.6.3-115.1.ia64.rpm libsmbclient0-x86-3.6.3-115.1.ia64.rpm libsmbsharemodes-devel-3.6.3-115.1.i586.rpm libsmbsharemodes0-3.6.3-115.1.i586.rpm libsmbsharemodes0-debuginfo-3.6.3-115.1.i586.rpm libtalloc-devel-2.0.5-115.1.i586.rpm libtalloc2-2.0.5-115.1.i586.rpm libtalloc2-32bit-2.0.5-115.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-115.1.i586.rpm libtalloc2-debuginfo-32bit-2.0.5-115.1.x86_64.rpm libtalloc2-debuginfo-x86-2.0.5-115.1.ia64.rpm libtalloc2-x86-2.0.5-115.1.ia64.rpm libtdb-devel-1.2.9-115.1.i586.rpm libtdb1-1.2.9-115.1.i586.rpm libtdb1-32bit-1.2.9-115.1.x86_64.rpm libtdb1-debuginfo-1.2.9-115.1.i586.rpm libtdb1-debuginfo-32bit-1.2.9-115.1.x86_64.rpm libtdb1-debuginfo-x86-1.2.9-115.1.ia64.rpm libtdb1-x86-1.2.9-115.1.ia64.rpm libtevent-devel-0.9.11-115.1.i586.rpm libtevent0-0.9.11-115.1.i586.rpm libtevent0-32bit-0.9.11-115.1.x86_64.rpm libtevent0-debuginfo-0.9.11-115.1.i586.rpm libtevent0-debuginfo-32bit-0.9.11-115.1.x86_64.rpm libtevent0-debuginfo-x86-0.9.11-115.1.ia64.rpm libtevent0-x86-0.9.11-115.1.ia64.rpm libwbclient-devel-3.6.3-115.1.i586.rpm libwbclient0-3.6.3-115.1.i586.rpm libwbclient0-32bit-3.6.3-115.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-115.1.i586.rpm libwbclient0-debuginfo-32bit-3.6.3-115.1.x86_64.rpm libwbclient0-debuginfo-x86-3.6.3-115.1.ia64.rpm libwbclient0-x86-3.6.3-115.1.ia64.rpm samba-3.6.3-115.1.i586.rpm samba-3.6.3-115.1.src.rpm samba-32bit-3.6.3-115.1.x86_64.rpm samba-client-3.6.3-115.1.i586.rpm samba-client-32bit-3.6.3-115.1.x86_64.rpm samba-client-debuginfo-3.6.3-115.1.i586.rpm samba-client-debuginfo-32bit-3.6.3-115.1.x86_64.rpm samba-client-debuginfo-x86-3.6.3-115.1.ia64.rpm samba-client-x86-3.6.3-115.1.ia64.rpm samba-debuginfo-3.6.3-115.1.i586.rpm samba-debuginfo-32bit-3.6.3-115.1.x86_64.rpm samba-debuginfo-x86-3.6.3-115.1.ia64.rpm samba-debugsource-3.6.3-115.1.i586.rpm samba-devel-3.6.3-115.1.i586.rpm samba-doc-3.6.3-115.1.noarch.rpm samba-krb-printing-3.6.3-115.1.i586.rpm samba-krb-printing-debuginfo-3.6.3-115.1.i586.rpm samba-winbind-3.6.3-115.1.i586.rpm samba-winbind-32bit-3.6.3-115.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-115.1.i586.rpm samba-winbind-debuginfo-32bit-3.6.3-115.1.x86_64.rpm samba-winbind-debuginfo-x86-3.6.3-115.1.ia64.rpm samba-winbind-x86-3.6.3-115.1.ia64.rpm samba-x86-3.6.3-115.1.ia64.rpm ldapsmb-1.34b-115.1.x86_64.rpm libldb-devel-1.0.2-115.1.x86_64.rpm libldb1-1.0.2-115.1.x86_64.rpm libldb1-debuginfo-1.0.2-115.1.x86_64.rpm libnetapi-devel-3.6.3-115.1.x86_64.rpm libnetapi0-3.6.3-115.1.x86_64.rpm libnetapi0-debuginfo-3.6.3-115.1.x86_64.rpm libsmbclient-devel-3.6.3-115.1.x86_64.rpm libsmbclient0-3.6.3-115.1.x86_64.rpm libsmbclient0-debuginfo-3.6.3-115.1.x86_64.rpm libsmbsharemodes-devel-3.6.3-115.1.x86_64.rpm libsmbsharemodes0-3.6.3-115.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.6.3-115.1.x86_64.rpm libtalloc-devel-2.0.5-115.1.x86_64.rpm libtalloc2-2.0.5-115.1.x86_64.rpm libtalloc2-debuginfo-2.0.5-115.1.x86_64.rpm libtdb-devel-1.2.9-115.1.x86_64.rpm libtdb1-1.2.9-115.1.x86_64.rpm libtdb1-debuginfo-1.2.9-115.1.x86_64.rpm libtevent-devel-0.9.11-115.1.x86_64.rpm libtevent0-0.9.11-115.1.x86_64.rpm libtevent0-debuginfo-0.9.11-115.1.x86_64.rpm libwbclient-devel-3.6.3-115.1.x86_64.rpm libwbclient0-3.6.3-115.1.x86_64.rpm libwbclient0-debuginfo-3.6.3-115.1.x86_64.rpm samba-3.6.3-115.1.x86_64.rpm samba-client-3.6.3-115.1.x86_64.rpm samba-client-debuginfo-3.6.3-115.1.x86_64.rpm samba-debuginfo-3.6.3-115.1.x86_64.rpm samba-debugsource-3.6.3-115.1.x86_64.rpm samba-devel-3.6.3-115.1.x86_64.rpm samba-krb-printing-3.6.3-115.1.x86_64.rpm samba-krb-printing-debuginfo-3.6.3-115.1.x86_64.rpm samba-winbind-3.6.3-115.1.x86_64.rpm samba-winbind-debuginfo-3.6.3-115.1.x86_64.rpm openSUSE-2012-266 low openSUSE 11.4 Update This update fixes the following issues for apparmor: - 757545: update samba profiles to have the same permissions as in openSUSE 12.1 (with some exceptions, see bnc#757545#c12) This also fixes bnc#725967, bnc#738041, bnc#738041 - add missing x bit for directories in /etc/apparmor/ and /etc/apparmor.d/ apache2-mod_apparmor-2.5.1.r1445-52.126.1.i586.rpm apache2-mod_apparmor-debuginfo-2.5.1.r1445-52.126.1.i586.rpm apparmor-2.5.1.r1445-52.126.1.src.rpm apparmor-debugsource-2.5.1.r1445-52.126.1.i586.rpm apparmor-docs-2.5.1.r1445-52.126.1.noarch.rpm apparmor-parser-2.5.1.r1445-52.126.1.i586.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.126.1.i586.rpm apparmor-parser-lang-2.5.1.r1445-52.126.1.noarch.rpm apparmor-profiles-2.5.1.r1445-52.126.1.noarch.rpm apparmor-utils-2.5.1.r1445-52.126.1.noarch.rpm apparmor-utils-lang-2.5.1.r1445-52.126.1.noarch.rpm libapparmor-devel-2.5.1.r1445-52.126.1.i586.rpm libapparmor1-2.5.1.r1445-52.126.1.i586.rpm libapparmor1-32bit-2.5.1.r1445-52.126.1.x86_64.rpm libapparmor1-debuginfo-2.5.1.r1445-52.126.1.i586.rpm libapparmor1-debuginfo-32bit-2.5.1.r1445-52.126.1.x86_64.rpm libapparmor1-debuginfo-x86-2.5.1.r1445-52.126.1.ia64.rpm libapparmor1-x86-2.5.1.r1445-52.126.1.ia64.rpm pam_apparmor-2.5.1.r1445-52.126.1.i586.rpm pam_apparmor-32bit-2.5.1.r1445-52.126.1.x86_64.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.126.1.i586.rpm pam_apparmor-debuginfo-32bit-2.5.1.r1445-52.126.1.x86_64.rpm pam_apparmor-debuginfo-x86-2.5.1.r1445-52.126.1.ia64.rpm pam_apparmor-x86-2.5.1.r1445-52.126.1.ia64.rpm perl-apparmor-2.5.1.r1445-52.126.1.i586.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.126.1.i586.rpm tomcat_apparmor-2.5.1.r1445-52.126.1.i586.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.126.1.i586.rpm apache2-mod_apparmor-2.5.1.r1445-52.126.1.x86_64.rpm apache2-mod_apparmor-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm apparmor-debugsource-2.5.1.r1445-52.126.1.x86_64.rpm apparmor-parser-2.5.1.r1445-52.126.1.x86_64.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm libapparmor-devel-2.5.1.r1445-52.126.1.x86_64.rpm libapparmor1-2.5.1.r1445-52.126.1.x86_64.rpm libapparmor1-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm pam_apparmor-2.5.1.r1445-52.126.1.x86_64.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm perl-apparmor-2.5.1.r1445-52.126.1.x86_64.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm tomcat_apparmor-2.5.1.r1445-52.126.1.x86_64.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.126.1.x86_64.rpm openSUSE-2012-264 low openSUSE 11.4 Update The previous libmtp did not disable mtp-probe fully, making udev print out "missing mtp-probe" messages. This update also disables the udev rule. libmtp-1.0.6-10.1.src.rpm libmtp-debugsource-1.0.6-10.1.i586.rpm libmtp-devel-1.0.6-10.1.i586.rpm libmtp8-1.0.6-10.1.i586.rpm libmtp8-debuginfo-1.0.6-10.1.i586.rpm mtp-tools-1.0.6-10.1.i586.rpm mtp-tools-debuginfo-1.0.6-10.1.i586.rpm libmtp-debugsource-1.0.6-10.1.x86_64.rpm libmtp-devel-1.0.6-10.1.x86_64.rpm libmtp8-1.0.6-10.1.x86_64.rpm libmtp8-debuginfo-1.0.6-10.1.x86_64.rpm mtp-tools-1.0.6-10.1.x86_64.rpm mtp-tools-debuginfo-1.0.6-10.1.x86_64.rpm openSUSE-2012-270 important openSUSE 11.4 Update The Opera web browser was updated to 11.62 fixing various bugs and security issues. opera-11.62-16.1.i586.rpm opera-11.62-16.1.nosrc.rpm opera-gtk-11.62-16.1.i586.rpm opera-kde4-11.62-16.1.i586.rpm opera-11.62-16.1.x86_64.rpm opera-gtk-11.62-16.1.x86_64.rpm opera-kde4-11.62-16.1.x86_64.rpm openSUSE-2012-298 low openSUSE 11.4 Update local users could read mailman's mail archive mailman-2.1.14-4.12.1.i586.rpm mailman-2.1.14-4.12.1.src.rpm mailman-debuginfo-2.1.14-4.12.1.i586.rpm mailman-debugsource-2.1.14-4.12.1.i586.rpm mailman-2.1.14-4.12.1.x86_64.rpm mailman-debuginfo-2.1.14-4.12.1.x86_64.rpm mailman-debugsource-2.1.14-4.12.1.x86_64.rpm openSUSE-2012-261 critical openSUSE 11.4 Update when used in CGI mode remote attackers could inject command line arguments to php apache2-mod_php5-5.3.5-332.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-332.1.i586.rpm php5-5.3.5-332.1.i586.rpm php5-5.3.5-332.1.src.rpm php5-bcmath-5.3.5-332.1.i586.rpm php5-bcmath-debuginfo-5.3.5-332.1.i586.rpm php5-bz2-5.3.5-332.1.i586.rpm php5-bz2-debuginfo-5.3.5-332.1.i586.rpm php5-calendar-5.3.5-332.1.i586.rpm php5-calendar-debuginfo-5.3.5-332.1.i586.rpm php5-ctype-5.3.5-332.1.i586.rpm php5-ctype-debuginfo-5.3.5-332.1.i586.rpm php5-curl-5.3.5-332.1.i586.rpm php5-curl-debuginfo-5.3.5-332.1.i586.rpm php5-dba-5.3.5-332.1.i586.rpm php5-dba-debuginfo-5.3.5-332.1.i586.rpm php5-debuginfo-5.3.5-332.1.i586.rpm php5-debugsource-5.3.5-332.1.i586.rpm php5-devel-5.3.5-332.1.i586.rpm php5-dom-5.3.5-332.1.i586.rpm php5-dom-debuginfo-5.3.5-332.1.i586.rpm php5-enchant-5.3.5-332.1.i586.rpm php5-enchant-debuginfo-5.3.5-332.1.i586.rpm php5-exif-5.3.5-332.1.i586.rpm php5-exif-debuginfo-5.3.5-332.1.i586.rpm php5-fastcgi-5.3.5-332.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-332.1.i586.rpm php5-fileinfo-5.3.5-332.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-332.1.i586.rpm php5-fpm-5.3.5-332.1.i586.rpm php5-fpm-debuginfo-5.3.5-332.1.i586.rpm php5-ftp-5.3.5-332.1.i586.rpm php5-ftp-debuginfo-5.3.5-332.1.i586.rpm php5-gd-5.3.5-332.1.i586.rpm php5-gd-debuginfo-5.3.5-332.1.i586.rpm php5-gettext-5.3.5-332.1.i586.rpm php5-gettext-debuginfo-5.3.5-332.1.i586.rpm php5-gmp-5.3.5-332.1.i586.rpm php5-gmp-debuginfo-5.3.5-332.1.i586.rpm php5-hash-5.3.5-332.1.i586.rpm php5-hash-debuginfo-5.3.5-332.1.i586.rpm php5-iconv-5.3.5-332.1.i586.rpm php5-iconv-debuginfo-5.3.5-332.1.i586.rpm php5-imap-5.3.5-332.1.i586.rpm php5-imap-debuginfo-5.3.5-332.1.i586.rpm php5-intl-5.3.5-332.1.i586.rpm php5-intl-debuginfo-5.3.5-332.1.i586.rpm php5-json-5.3.5-332.1.i586.rpm php5-json-debuginfo-5.3.5-332.1.i586.rpm php5-ldap-5.3.5-332.1.i586.rpm php5-ldap-debuginfo-5.3.5-332.1.i586.rpm php5-mbstring-5.3.5-332.1.i586.rpm php5-mbstring-debuginfo-5.3.5-332.1.i586.rpm php5-mcrypt-5.3.5-332.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-332.1.i586.rpm php5-mysql-5.3.5-332.1.i586.rpm php5-mysql-debuginfo-5.3.5-332.1.i586.rpm php5-odbc-5.3.5-332.1.i586.rpm php5-odbc-debuginfo-5.3.5-332.1.i586.rpm php5-openssl-5.3.5-332.1.i586.rpm php5-openssl-debuginfo-5.3.5-332.1.i586.rpm php5-pcntl-5.3.5-332.1.i586.rpm php5-pcntl-debuginfo-5.3.5-332.1.i586.rpm php5-pdo-5.3.5-332.1.i586.rpm php5-pdo-debuginfo-5.3.5-332.1.i586.rpm php5-pear-5.3.5-332.1.noarch.rpm php5-pgsql-5.3.5-332.1.i586.rpm php5-pgsql-debuginfo-5.3.5-332.1.i586.rpm php5-phar-5.3.5-332.1.i586.rpm php5-phar-debuginfo-5.3.5-332.1.i586.rpm php5-posix-5.3.5-332.1.i586.rpm php5-posix-debuginfo-5.3.5-332.1.i586.rpm php5-pspell-5.3.5-332.1.i586.rpm php5-pspell-debuginfo-5.3.5-332.1.i586.rpm php5-readline-5.3.5-332.1.i586.rpm php5-readline-debuginfo-5.3.5-332.1.i586.rpm php5-shmop-5.3.5-332.1.i586.rpm php5-shmop-debuginfo-5.3.5-332.1.i586.rpm php5-snmp-5.3.5-332.1.i586.rpm php5-snmp-debuginfo-5.3.5-332.1.i586.rpm php5-soap-5.3.5-332.1.i586.rpm php5-soap-debuginfo-5.3.5-332.1.i586.rpm php5-sockets-5.3.5-332.1.i586.rpm php5-sockets-debuginfo-5.3.5-332.1.i586.rpm php5-sqlite-5.3.5-332.1.i586.rpm php5-sqlite-debuginfo-5.3.5-332.1.i586.rpm php5-suhosin-5.3.5-332.1.i586.rpm php5-suhosin-debuginfo-5.3.5-332.1.i586.rpm php5-sysvmsg-5.3.5-332.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-332.1.i586.rpm php5-sysvsem-5.3.5-332.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-332.1.i586.rpm php5-sysvshm-5.3.5-332.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-332.1.i586.rpm php5-tidy-5.3.5-332.1.i586.rpm php5-tidy-debuginfo-5.3.5-332.1.i586.rpm php5-tokenizer-5.3.5-332.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-332.1.i586.rpm php5-wddx-5.3.5-332.1.i586.rpm php5-wddx-debuginfo-5.3.5-332.1.i586.rpm php5-xmlreader-5.3.5-332.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-332.1.i586.rpm php5-xmlrpc-5.3.5-332.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-332.1.i586.rpm php5-xmlwriter-5.3.5-332.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-332.1.i586.rpm php5-xsl-5.3.5-332.1.i586.rpm php5-xsl-debuginfo-5.3.5-332.1.i586.rpm php5-zip-5.3.5-332.1.i586.rpm php5-zip-debuginfo-5.3.5-332.1.i586.rpm php5-zlib-5.3.5-332.1.i586.rpm php5-zlib-debuginfo-5.3.5-332.1.i586.rpm apache2-mod_php5-5.3.5-332.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-332.1.x86_64.rpm php5-5.3.5-332.1.x86_64.rpm php5-bcmath-5.3.5-332.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-332.1.x86_64.rpm php5-bz2-5.3.5-332.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-332.1.x86_64.rpm php5-calendar-5.3.5-332.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-332.1.x86_64.rpm php5-ctype-5.3.5-332.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-332.1.x86_64.rpm php5-curl-5.3.5-332.1.x86_64.rpm php5-curl-debuginfo-5.3.5-332.1.x86_64.rpm php5-dba-5.3.5-332.1.x86_64.rpm php5-dba-debuginfo-5.3.5-332.1.x86_64.rpm php5-debuginfo-5.3.5-332.1.x86_64.rpm php5-debugsource-5.3.5-332.1.x86_64.rpm php5-devel-5.3.5-332.1.x86_64.rpm php5-dom-5.3.5-332.1.x86_64.rpm php5-dom-debuginfo-5.3.5-332.1.x86_64.rpm php5-enchant-5.3.5-332.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-332.1.x86_64.rpm php5-exif-5.3.5-332.1.x86_64.rpm php5-exif-debuginfo-5.3.5-332.1.x86_64.rpm php5-fastcgi-5.3.5-332.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-332.1.x86_64.rpm php5-fileinfo-5.3.5-332.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-332.1.x86_64.rpm php5-fpm-5.3.5-332.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-332.1.x86_64.rpm php5-ftp-5.3.5-332.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-332.1.x86_64.rpm php5-gd-5.3.5-332.1.x86_64.rpm php5-gd-debuginfo-5.3.5-332.1.x86_64.rpm php5-gettext-5.3.5-332.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-332.1.x86_64.rpm php5-gmp-5.3.5-332.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-332.1.x86_64.rpm php5-hash-5.3.5-332.1.x86_64.rpm php5-hash-debuginfo-5.3.5-332.1.x86_64.rpm php5-iconv-5.3.5-332.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-332.1.x86_64.rpm php5-imap-5.3.5-332.1.x86_64.rpm php5-imap-debuginfo-5.3.5-332.1.x86_64.rpm php5-intl-5.3.5-332.1.x86_64.rpm php5-intl-debuginfo-5.3.5-332.1.x86_64.rpm php5-json-5.3.5-332.1.x86_64.rpm php5-json-debuginfo-5.3.5-332.1.x86_64.rpm php5-ldap-5.3.5-332.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-332.1.x86_64.rpm php5-mbstring-5.3.5-332.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-332.1.x86_64.rpm php5-mcrypt-5.3.5-332.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-332.1.x86_64.rpm php5-mysql-5.3.5-332.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-332.1.x86_64.rpm php5-odbc-5.3.5-332.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-332.1.x86_64.rpm php5-openssl-5.3.5-332.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-332.1.x86_64.rpm php5-pcntl-5.3.5-332.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-332.1.x86_64.rpm php5-pdo-5.3.5-332.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-332.1.x86_64.rpm php5-pgsql-5.3.5-332.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-332.1.x86_64.rpm php5-phar-5.3.5-332.1.x86_64.rpm php5-phar-debuginfo-5.3.5-332.1.x86_64.rpm php5-posix-5.3.5-332.1.x86_64.rpm php5-posix-debuginfo-5.3.5-332.1.x86_64.rpm php5-pspell-5.3.5-332.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-332.1.x86_64.rpm php5-readline-5.3.5-332.1.x86_64.rpm php5-readline-debuginfo-5.3.5-332.1.x86_64.rpm php5-shmop-5.3.5-332.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-332.1.x86_64.rpm php5-snmp-5.3.5-332.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-332.1.x86_64.rpm php5-soap-5.3.5-332.1.x86_64.rpm php5-soap-debuginfo-5.3.5-332.1.x86_64.rpm php5-sockets-5.3.5-332.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-332.1.x86_64.rpm php5-sqlite-5.3.5-332.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-332.1.x86_64.rpm php5-suhosin-5.3.5-332.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-332.1.x86_64.rpm php5-sysvmsg-5.3.5-332.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-332.1.x86_64.rpm php5-sysvsem-5.3.5-332.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-332.1.x86_64.rpm php5-sysvshm-5.3.5-332.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-332.1.x86_64.rpm php5-tidy-5.3.5-332.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-332.1.x86_64.rpm php5-tokenizer-5.3.5-332.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-332.1.x86_64.rpm php5-wddx-5.3.5-332.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-332.1.x86_64.rpm php5-xmlreader-5.3.5-332.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-332.1.x86_64.rpm php5-xmlrpc-5.3.5-332.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-332.1.x86_64.rpm php5-xmlwriter-5.3.5-332.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-332.1.x86_64.rpm php5-xsl-5.3.5-332.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-332.1.x86_64.rpm php5-zip-5.3.5-332.1.x86_64.rpm php5-zip-debuginfo-5.3.5-332.1.x86_64.rpm php5-zlib-5.3.5-332.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-332.1.x86_64.rpm openSUSE-2012-275 low openSUSE 11.4 Update Specially crafted MP4 files could crash taglib taglib-1.6.2-10.1.i586.rpm taglib-1.6.2-10.1.src.rpm taglib-32bit-1.6.2-10.1.x86_64.rpm taglib-debuginfo-1.6.2-10.1.i586.rpm taglib-debuginfo-32bit-1.6.2-10.1.x86_64.rpm taglib-debuginfo-x86-1.6.2-10.1.ia64.rpm taglib-debugsource-1.6.2-10.1.i586.rpm taglib-devel-1.6.2-10.1.i586.rpm taglib-x86-1.6.2-10.1.ia64.rpm taglib-1.6.2-10.1.x86_64.rpm taglib-debuginfo-1.6.2-10.1.x86_64.rpm taglib-debugsource-1.6.2-10.1.x86_64.rpm taglib-devel-1.6.2-10.1.x86_64.rpm openSUSE-2012-262 critical openSUSE 11.4 Update flash-player update to 11.2.202.235 fixes a potential remote code execution vulnerability flash-player-11.2.202.235-14.1.i586.rpm flash-player-11.2.202.235-14.1.nosrc.rpm flash-player-gnome-11.2.202.235-14.1.i586.rpm flash-player-kde4-11.2.202.235-14.1.i586.rpm flash-player-11.2.202.235-14.1.x86_64.rpm flash-player-gnome-11.2.202.235-14.1.x86_64.rpm flash-player-kde4-11.2.202.235-14.1.x86_64.rpm openSUSE-2012-273 moderate openSUSE 11.4 Update mysql update to version 5.1.62 fixes several security issues and bugs. Please refer to the following upstream announcements for details: - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-58.html - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-59.html - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-60.html - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-61.html - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html libmysqlclient-devel-5.1.62-52.1.i586.rpm libmysqlclient16-32bit-5.1.62-52.1.x86_64.rpm libmysqlclient16-5.1.62-52.1.i586.rpm libmysqlclient16-debuginfo-32bit-5.1.62-52.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.62-52.1.i586.rpm libmysqlclient16-debuginfo-x86-5.1.62-52.1.ia64.rpm libmysqlclient16-x86-5.1.62-52.1.ia64.rpm libmysqlclient_r16-32bit-5.1.62-52.1.x86_64.rpm libmysqlclient_r16-5.1.62-52.1.i586.rpm libmysqlclient_r16-debuginfo-32bit-5.1.62-52.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.62-52.1.i586.rpm libmysqlclient_r16-debuginfo-x86-5.1.62-52.1.ia64.rpm libmysqlclient_r16-x86-5.1.62-52.1.ia64.rpm libmysqld-devel-5.1.62-52.1.i586.rpm libmysqld0-5.1.62-52.1.i586.rpm libmysqld0-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-5.1.62-52.1.i586.rpm mysql-community-server-5.1.62-52.1.src.rpm mysql-community-server-bench-5.1.62-52.1.i586.rpm mysql-community-server-bench-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-client-5.1.62-52.1.i586.rpm mysql-community-server-client-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-debug-5.1.62-52.1.i586.rpm mysql-community-server-debug-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-debugsource-5.1.62-52.1.i586.rpm mysql-community-server-test-5.1.62-52.1.i586.rpm mysql-community-server-test-debuginfo-5.1.62-52.1.i586.rpm mysql-community-server-tools-5.1.62-52.1.i586.rpm mysql-community-server-tools-debuginfo-5.1.62-52.1.i586.rpm libmysqlclient-devel-5.1.62-52.1.x86_64.rpm libmysqlclient16-5.1.62-52.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.62-52.1.x86_64.rpm libmysqlclient_r16-5.1.62-52.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.62-52.1.x86_64.rpm libmysqld-devel-5.1.62-52.1.x86_64.rpm libmysqld0-5.1.62-52.1.x86_64.rpm libmysqld0-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-5.1.62-52.1.x86_64.rpm mysql-community-server-bench-5.1.62-52.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-client-5.1.62-52.1.x86_64.rpm mysql-community-server-client-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-debug-5.1.62-52.1.x86_64.rpm mysql-community-server-debug-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-debugsource-5.1.62-52.1.x86_64.rpm mysql-community-server-test-5.1.62-52.1.x86_64.rpm mysql-community-server-test-debuginfo-5.1.62-52.1.x86_64.rpm mysql-community-server-tools-5.1.62-52.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.1.62-52.1.x86_64.rpm openSUSE-2012-274 moderate openSUSE 11.4 Update mariadb update to version 5.1.62 fixes several security issues and bugs. Please refer to the following upstream announcement for details: http://kb.askmonty.org/en/changelogs-mariadb-51-series libmariadbclient16-5.1.62-39.1.i586.rpm libmariadbclient16-debuginfo-5.1.62-39.1.i586.rpm libmariadbclient_r16-5.1.62-39.1.i586.rpm libmariadbclient_r16-debuginfo-5.1.62-39.1.i586.rpm mariadb-5.1.62-39.1.i586.rpm mariadb-5.1.62-39.1.src.rpm mariadb-bench-5.1.62-39.1.i586.rpm mariadb-bench-debuginfo-5.1.62-39.1.i586.rpm mariadb-client-5.1.62-39.1.i586.rpm mariadb-client-debuginfo-5.1.62-39.1.i586.rpm mariadb-debug-5.1.62-39.1.i586.rpm mariadb-debug-debuginfo-5.1.62-39.1.i586.rpm mariadb-debuginfo-5.1.62-39.1.i586.rpm mariadb-debugsource-5.1.62-39.1.i586.rpm mariadb-test-5.1.62-39.1.i586.rpm mariadb-test-debuginfo-5.1.62-39.1.i586.rpm mariadb-tools-5.1.62-39.1.i586.rpm mariadb-tools-debuginfo-5.1.62-39.1.i586.rpm libmariadbclient16-5.1.62-39.1.x86_64.rpm libmariadbclient16-debuginfo-5.1.62-39.1.x86_64.rpm libmariadbclient_r16-5.1.62-39.1.x86_64.rpm libmariadbclient_r16-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-5.1.62-39.1.x86_64.rpm mariadb-bench-5.1.62-39.1.x86_64.rpm mariadb-bench-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-client-5.1.62-39.1.x86_64.rpm mariadb-client-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-debug-5.1.62-39.1.x86_64.rpm mariadb-debug-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-debugsource-5.1.62-39.1.x86_64.rpm mariadb-test-5.1.62-39.1.x86_64.rpm mariadb-test-debuginfo-5.1.62-39.1.x86_64.rpm mariadb-tools-5.1.62-39.1.x86_64.rpm mariadb-tools-debuginfo-5.1.62-39.1.x86_64.rpm openSUSE-2012-276 moderate openSUSE 11.4 Update MySQL Cluster 7.1.21 fixes several security issues and bugs. Please refer to the following upstream announcement for details: http://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html libmysqlclusterclient16-7.1.21-52.1.i586.rpm libmysqlclusterclient16-debuginfo-7.1.21-52.1.i586.rpm libmysqlclusterclient_r16-7.1.21-52.1.i586.rpm libmysqlclusterclient_r16-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-7.1.21-52.1.i586.rpm mysql-cluster-7.1.21-52.1.src.rpm mysql-cluster-bench-7.1.21-52.1.i586.rpm mysql-cluster-bench-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-client-7.1.21-52.1.i586.rpm mysql-cluster-client-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-debug-7.1.21-52.1.i586.rpm mysql-cluster-debug-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-debugsource-7.1.21-52.1.i586.rpm mysql-cluster-ndb-extra-7.1.21-52.1.i586.rpm mysql-cluster-ndb-extra-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-ndb-management-7.1.21-52.1.i586.rpm mysql-cluster-ndb-management-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-ndb-storage-7.1.21-52.1.i586.rpm mysql-cluster-ndb-storage-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-ndb-tools-7.1.21-52.1.i586.rpm mysql-cluster-ndb-tools-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-test-7.1.21-52.1.i586.rpm mysql-cluster-test-debuginfo-7.1.21-52.1.i586.rpm mysql-cluster-tools-7.1.21-52.1.i586.rpm mysql-cluster-tools-debuginfo-7.1.21-52.1.i586.rpm libmysqlclusterclient16-7.1.21-52.1.x86_64.rpm libmysqlclusterclient16-debuginfo-7.1.21-52.1.x86_64.rpm libmysqlclusterclient_r16-7.1.21-52.1.x86_64.rpm libmysqlclusterclient_r16-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-7.1.21-52.1.x86_64.rpm mysql-cluster-bench-7.1.21-52.1.x86_64.rpm mysql-cluster-bench-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-client-7.1.21-52.1.x86_64.rpm mysql-cluster-client-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-debug-7.1.21-52.1.x86_64.rpm mysql-cluster-debug-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-debugsource-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-extra-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-extra-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-management-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-management-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-storage-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-storage-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-tools-7.1.21-52.1.x86_64.rpm mysql-cluster-ndb-tools-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-test-7.1.21-52.1.x86_64.rpm mysql-cluster-test-debuginfo-7.1.21-52.1.x86_64.rpm mysql-cluster-tools-7.1.21-52.1.x86_64.rpm mysql-cluster-tools-debuginfo-7.1.21-52.1.x86_64.rpm openSUSE-2012-279 low openSUSE 11.4 Update This update fixes the following issue for suspend: - 472861: Fixes an issue with serial consoles disallowing suspend suspend-0.80.20100129-10.1.i586.rpm suspend-0.80.20100129-10.1.src.rpm suspend-debuginfo-0.80.20100129-10.1.i586.rpm suspend-debugsource-0.80.20100129-10.1.i586.rpm suspend-0.80.20100129-10.1.x86_64.rpm suspend-debuginfo-0.80.20100129-10.1.x86_64.rpm suspend-debugsource-0.80.20100129-10.1.x86_64.rpm openSUSE-2012-271 important openSUSE 11.4 Update opera update to 11.64 fixes a security vulnerability that could lead to code execution. full changelog available at: http://www.opera.com/docs/changelogs/unix/1164/ opera-11.64-19.1.i586.rpm opera-11.64-19.1.nosrc.rpm opera-gtk-11.64-19.1.i586.rpm opera-kde4-11.64-19.1.i586.rpm opera-11.64-19.1.x86_64.rpm opera-gtk-11.64-19.1.x86_64.rpm opera-kde4-11.64-19.1.x86_64.rpm openSUSE-2012-299 moderate openSUSE 11.4 Update SNMP GET request involving on a non-existent extension table entry could crash snmpd libsnmp25-32bit-5.6.1-4.32.1.x86_64.rpm libsnmp25-5.6.1-4.32.1.i586.rpm libsnmp25-debuginfo-32bit-5.6.1-4.32.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.32.1.i586.rpm libsnmp25-debuginfo-x86-5.6.1-4.32.1.ia64.rpm libsnmp25-x86-5.6.1-4.32.1.ia64.rpm net-snmp-5.6.1-4.32.1.i586.rpm net-snmp-5.6.1-4.32.1.src.rpm net-snmp-debuginfo-5.6.1-4.32.1.i586.rpm net-snmp-debugsource-5.6.1-4.32.1.i586.rpm net-snmp-devel-5.6.1-4.32.1.i586.rpm perl-SNMP-5.6.1-4.32.1.i586.rpm perl-SNMP-debuginfo-5.6.1-4.32.1.i586.rpm snmp-mibs-5.6.1-4.32.1.i586.rpm libsnmp25-5.6.1-4.32.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.32.1.x86_64.rpm net-snmp-5.6.1-4.32.1.x86_64.rpm net-snmp-debuginfo-5.6.1-4.32.1.x86_64.rpm net-snmp-debugsource-5.6.1-4.32.1.x86_64.rpm net-snmp-devel-5.6.1-4.32.1.x86_64.rpm perl-SNMP-5.6.1-4.32.1.x86_64.rpm perl-SNMP-debuginfo-5.6.1-4.32.1.x86_64.rpm snmp-mibs-5.6.1-4.32.1.x86_64.rpm openSUSE-2012-291 low openSUSE 11.4 Update This update fixes the following issue for ntp: -656509: don't use --bind on /var/lib/ntp/proc ntp-4.2.6p3-6.21.1.i586.rpm ntp-4.2.6p3-6.21.1.src.rpm ntp-debuginfo-4.2.6p3-6.21.1.i586.rpm ntp-debugsource-4.2.6p3-6.21.1.i586.rpm ntp-doc-4.2.6p3-6.21.1.i586.rpm ntp-4.2.6p3-6.21.1.x86_64.rpm ntp-debuginfo-4.2.6p3-6.21.1.x86_64.rpm ntp-debugsource-4.2.6p3-6.21.1.x86_64.rpm ntp-doc-4.2.6p3-6.21.1.x86_64.rpm openSUSE-2012-292 moderate openSUSE 11.4 Update Specially crafted CDF/CFBF files could trigger an out of memory condition jakarta-poi-2.5.1-12.1.noarch.rpm jakarta-poi-2.5.1-12.1.src.rpm jakarta-poi-javadoc-2.5.1-12.1.noarch.rpm jakarta-poi-manual-2.5.1-12.1.noarch.rpm openSUSE-2012-293 moderate openSUSE 11.4 Update sudo did not always honor the Host_List setting in /etc/sudoers properly sudo-1.7.6p2-0.13.1.i586.rpm sudo-1.7.6p2-0.13.1.src.rpm sudo-debuginfo-1.7.6p2-0.13.1.i586.rpm sudo-debugsource-1.7.6p2-0.13.1.i586.rpm sudo-1.7.6p2-0.13.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.13.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.13.1.x86_64.rpm openSUSE-2012-303 low openSUSE 11.4 Update This update fixes the following issue for man-pages: - 470005, 742607, 753103: open 2: Describe race of direct I/O and fork() man-pages-3.32-9.1.noarch.rpm man-pages-3.32-9.1.src.rpm openSUSE-2012-297 moderate openSUSE 11.4 Update This update is a maintenance release of Wireshark. It fixes some vulererabilities when dissecting certain protocols. As packages for these protocols may be received over the network, an attacker may trigger infinite or large loops or crashes of the dissector. Wireshark release notes and advisories: - http://www.wireshark.org/docs/relnotes/wireshark-1.4.13.html - http://www.wireshark.org/security/wnpa-sec-2012-08.html * CVE-2012-2392 - http://www.wireshark.org/security/wnpa-sec-2012-09.html * CVE-2012-2393 - http://www.wireshark.org/security/wnpa-sec-2012-10.html * CVE-2012-2394 wireshark-1.4.13-0.14.1.i586.rpm wireshark-1.4.13-0.14.1.src.rpm wireshark-debuginfo-1.4.13-0.14.1.i586.rpm wireshark-debugsource-1.4.13-0.14.1.i586.rpm wireshark-devel-1.4.13-0.14.1.i586.rpm wireshark-1.4.13-0.14.1.x86_64.rpm wireshark-debuginfo-1.4.13-0.14.1.x86_64.rpm wireshark-debugsource-1.4.13-0.14.1.x86_64.rpm wireshark-devel-1.4.13-0.14.1.x86_64.rpm openSUSE-2012-296 important openSUSE 11.4 Update The xmlrpc interface of cobbler was prone to command injectoin cobbler-2.2.1-45.1.i586.rpm cobbler-2.2.1-45.1.src.rpm cobbler-web-2.2.1-45.1.i586.rpm koan-2.2.1-45.1.i586.rpm cobbler-2.2.1-45.1.x86_64.rpm cobbler-web-2.2.1-45.1.x86_64.rpm koan-2.2.1-45.1.x86_64.rpm openSUSE-2012-311 moderate openSUSE 11.4 Update Specially crafted tar archives could cause an integer overflow in the phar extension apache2-mod_php5-5.3.5-338.2.i586.rpm apache2-mod_php5-debuginfo-5.3.5-338.2.i586.rpm php5-5.3.5-338.2.i586.rpm php5-5.3.5-338.2.src.rpm php5-bcmath-5.3.5-338.2.i586.rpm php5-bcmath-debuginfo-5.3.5-338.2.i586.rpm php5-bz2-5.3.5-338.2.i586.rpm php5-bz2-debuginfo-5.3.5-338.2.i586.rpm php5-calendar-5.3.5-338.2.i586.rpm php5-calendar-debuginfo-5.3.5-338.2.i586.rpm php5-ctype-5.3.5-338.2.i586.rpm php5-ctype-debuginfo-5.3.5-338.2.i586.rpm php5-curl-5.3.5-338.2.i586.rpm php5-curl-debuginfo-5.3.5-338.2.i586.rpm php5-dba-5.3.5-338.2.i586.rpm php5-dba-debuginfo-5.3.5-338.2.i586.rpm php5-debuginfo-5.3.5-338.2.i586.rpm php5-debugsource-5.3.5-338.2.i586.rpm php5-devel-5.3.5-338.2.i586.rpm php5-dom-5.3.5-338.2.i586.rpm php5-dom-debuginfo-5.3.5-338.2.i586.rpm php5-enchant-5.3.5-338.2.i586.rpm php5-enchant-debuginfo-5.3.5-338.2.i586.rpm php5-exif-5.3.5-338.2.i586.rpm php5-exif-debuginfo-5.3.5-338.2.i586.rpm php5-fastcgi-5.3.5-338.2.i586.rpm php5-fastcgi-debuginfo-5.3.5-338.2.i586.rpm php5-fileinfo-5.3.5-338.2.i586.rpm php5-fileinfo-debuginfo-5.3.5-338.2.i586.rpm php5-fpm-5.3.5-338.2.i586.rpm php5-fpm-debuginfo-5.3.5-338.2.i586.rpm php5-ftp-5.3.5-338.2.i586.rpm php5-ftp-debuginfo-5.3.5-338.2.i586.rpm php5-gd-5.3.5-338.2.i586.rpm php5-gd-debuginfo-5.3.5-338.2.i586.rpm php5-gettext-5.3.5-338.2.i586.rpm php5-gettext-debuginfo-5.3.5-338.2.i586.rpm php5-gmp-5.3.5-338.2.i586.rpm php5-gmp-debuginfo-5.3.5-338.2.i586.rpm php5-hash-5.3.5-338.2.i586.rpm php5-hash-debuginfo-5.3.5-338.2.i586.rpm php5-iconv-5.3.5-338.2.i586.rpm php5-iconv-debuginfo-5.3.5-338.2.i586.rpm php5-imap-5.3.5-338.2.i586.rpm php5-imap-debuginfo-5.3.5-338.2.i586.rpm php5-intl-5.3.5-338.2.i586.rpm php5-intl-debuginfo-5.3.5-338.2.i586.rpm php5-json-5.3.5-338.2.i586.rpm php5-json-debuginfo-5.3.5-338.2.i586.rpm php5-ldap-5.3.5-338.2.i586.rpm php5-ldap-debuginfo-5.3.5-338.2.i586.rpm php5-mbstring-5.3.5-338.2.i586.rpm php5-mbstring-debuginfo-5.3.5-338.2.i586.rpm php5-mcrypt-5.3.5-338.2.i586.rpm php5-mcrypt-debuginfo-5.3.5-338.2.i586.rpm php5-mysql-5.3.5-338.2.i586.rpm php5-mysql-debuginfo-5.3.5-338.2.i586.rpm php5-odbc-5.3.5-338.2.i586.rpm php5-odbc-debuginfo-5.3.5-338.2.i586.rpm php5-openssl-5.3.5-338.2.i586.rpm php5-openssl-debuginfo-5.3.5-338.2.i586.rpm php5-pcntl-5.3.5-338.2.i586.rpm php5-pcntl-debuginfo-5.3.5-338.2.i586.rpm php5-pdo-5.3.5-338.2.i586.rpm php5-pdo-debuginfo-5.3.5-338.2.i586.rpm php5-pear-5.3.5-338.2.noarch.rpm php5-pgsql-5.3.5-338.2.i586.rpm php5-pgsql-debuginfo-5.3.5-338.2.i586.rpm php5-phar-5.3.5-338.2.i586.rpm php5-phar-debuginfo-5.3.5-338.2.i586.rpm php5-posix-5.3.5-338.2.i586.rpm php5-posix-debuginfo-5.3.5-338.2.i586.rpm php5-pspell-5.3.5-338.2.i586.rpm php5-pspell-debuginfo-5.3.5-338.2.i586.rpm php5-readline-5.3.5-338.2.i586.rpm php5-readline-debuginfo-5.3.5-338.2.i586.rpm php5-shmop-5.3.5-338.2.i586.rpm php5-shmop-debuginfo-5.3.5-338.2.i586.rpm php5-snmp-5.3.5-338.2.i586.rpm php5-snmp-debuginfo-5.3.5-338.2.i586.rpm php5-soap-5.3.5-338.2.i586.rpm php5-soap-debuginfo-5.3.5-338.2.i586.rpm php5-sockets-5.3.5-338.2.i586.rpm php5-sockets-debuginfo-5.3.5-338.2.i586.rpm php5-sqlite-5.3.5-338.2.i586.rpm php5-sqlite-debuginfo-5.3.5-338.2.i586.rpm php5-suhosin-5.3.5-338.2.i586.rpm php5-suhosin-debuginfo-5.3.5-338.2.i586.rpm php5-sysvmsg-5.3.5-338.2.i586.rpm php5-sysvmsg-debuginfo-5.3.5-338.2.i586.rpm php5-sysvsem-5.3.5-338.2.i586.rpm php5-sysvsem-debuginfo-5.3.5-338.2.i586.rpm php5-sysvshm-5.3.5-338.2.i586.rpm php5-sysvshm-debuginfo-5.3.5-338.2.i586.rpm php5-tidy-5.3.5-338.2.i586.rpm php5-tidy-debuginfo-5.3.5-338.2.i586.rpm php5-tokenizer-5.3.5-338.2.i586.rpm php5-tokenizer-debuginfo-5.3.5-338.2.i586.rpm php5-wddx-5.3.5-338.2.i586.rpm php5-wddx-debuginfo-5.3.5-338.2.i586.rpm php5-xmlreader-5.3.5-338.2.i586.rpm php5-xmlreader-debuginfo-5.3.5-338.2.i586.rpm php5-xmlrpc-5.3.5-338.2.i586.rpm php5-xmlrpc-debuginfo-5.3.5-338.2.i586.rpm php5-xmlwriter-5.3.5-338.2.i586.rpm php5-xmlwriter-debuginfo-5.3.5-338.2.i586.rpm php5-xsl-5.3.5-338.2.i586.rpm php5-xsl-debuginfo-5.3.5-338.2.i586.rpm php5-zip-5.3.5-338.2.i586.rpm php5-zip-debuginfo-5.3.5-338.2.i586.rpm php5-zlib-5.3.5-338.2.i586.rpm php5-zlib-debuginfo-5.3.5-338.2.i586.rpm apache2-mod_php5-5.3.5-338.2.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-338.2.x86_64.rpm php5-5.3.5-338.2.x86_64.rpm php5-bcmath-5.3.5-338.2.x86_64.rpm php5-bcmath-debuginfo-5.3.5-338.2.x86_64.rpm php5-bz2-5.3.5-338.2.x86_64.rpm php5-bz2-debuginfo-5.3.5-338.2.x86_64.rpm php5-calendar-5.3.5-338.2.x86_64.rpm php5-calendar-debuginfo-5.3.5-338.2.x86_64.rpm php5-ctype-5.3.5-338.2.x86_64.rpm php5-ctype-debuginfo-5.3.5-338.2.x86_64.rpm php5-curl-5.3.5-338.2.x86_64.rpm php5-curl-debuginfo-5.3.5-338.2.x86_64.rpm php5-dba-5.3.5-338.2.x86_64.rpm php5-dba-debuginfo-5.3.5-338.2.x86_64.rpm php5-debuginfo-5.3.5-338.2.x86_64.rpm php5-debugsource-5.3.5-338.2.x86_64.rpm php5-devel-5.3.5-338.2.x86_64.rpm php5-dom-5.3.5-338.2.x86_64.rpm php5-dom-debuginfo-5.3.5-338.2.x86_64.rpm php5-enchant-5.3.5-338.2.x86_64.rpm php5-enchant-debuginfo-5.3.5-338.2.x86_64.rpm php5-exif-5.3.5-338.2.x86_64.rpm php5-exif-debuginfo-5.3.5-338.2.x86_64.rpm php5-fastcgi-5.3.5-338.2.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-338.2.x86_64.rpm php5-fileinfo-5.3.5-338.2.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-338.2.x86_64.rpm php5-fpm-5.3.5-338.2.x86_64.rpm php5-fpm-debuginfo-5.3.5-338.2.x86_64.rpm php5-ftp-5.3.5-338.2.x86_64.rpm php5-ftp-debuginfo-5.3.5-338.2.x86_64.rpm php5-gd-5.3.5-338.2.x86_64.rpm php5-gd-debuginfo-5.3.5-338.2.x86_64.rpm php5-gettext-5.3.5-338.2.x86_64.rpm php5-gettext-debuginfo-5.3.5-338.2.x86_64.rpm php5-gmp-5.3.5-338.2.x86_64.rpm php5-gmp-debuginfo-5.3.5-338.2.x86_64.rpm php5-hash-5.3.5-338.2.x86_64.rpm php5-hash-debuginfo-5.3.5-338.2.x86_64.rpm php5-iconv-5.3.5-338.2.x86_64.rpm php5-iconv-debuginfo-5.3.5-338.2.x86_64.rpm php5-imap-5.3.5-338.2.x86_64.rpm php5-imap-debuginfo-5.3.5-338.2.x86_64.rpm php5-intl-5.3.5-338.2.x86_64.rpm php5-intl-debuginfo-5.3.5-338.2.x86_64.rpm php5-json-5.3.5-338.2.x86_64.rpm php5-json-debuginfo-5.3.5-338.2.x86_64.rpm php5-ldap-5.3.5-338.2.x86_64.rpm php5-ldap-debuginfo-5.3.5-338.2.x86_64.rpm php5-mbstring-5.3.5-338.2.x86_64.rpm php5-mbstring-debuginfo-5.3.5-338.2.x86_64.rpm php5-mcrypt-5.3.5-338.2.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-338.2.x86_64.rpm php5-mysql-5.3.5-338.2.x86_64.rpm php5-mysql-debuginfo-5.3.5-338.2.x86_64.rpm php5-odbc-5.3.5-338.2.x86_64.rpm php5-odbc-debuginfo-5.3.5-338.2.x86_64.rpm php5-openssl-5.3.5-338.2.x86_64.rpm php5-openssl-debuginfo-5.3.5-338.2.x86_64.rpm php5-pcntl-5.3.5-338.2.x86_64.rpm php5-pcntl-debuginfo-5.3.5-338.2.x86_64.rpm php5-pdo-5.3.5-338.2.x86_64.rpm php5-pdo-debuginfo-5.3.5-338.2.x86_64.rpm php5-pgsql-5.3.5-338.2.x86_64.rpm php5-pgsql-debuginfo-5.3.5-338.2.x86_64.rpm php5-phar-5.3.5-338.2.x86_64.rpm php5-phar-debuginfo-5.3.5-338.2.x86_64.rpm php5-posix-5.3.5-338.2.x86_64.rpm php5-posix-debuginfo-5.3.5-338.2.x86_64.rpm php5-pspell-5.3.5-338.2.x86_64.rpm php5-pspell-debuginfo-5.3.5-338.2.x86_64.rpm php5-readline-5.3.5-338.2.x86_64.rpm php5-readline-debuginfo-5.3.5-338.2.x86_64.rpm php5-shmop-5.3.5-338.2.x86_64.rpm php5-shmop-debuginfo-5.3.5-338.2.x86_64.rpm php5-snmp-5.3.5-338.2.x86_64.rpm php5-snmp-debuginfo-5.3.5-338.2.x86_64.rpm php5-soap-5.3.5-338.2.x86_64.rpm php5-soap-debuginfo-5.3.5-338.2.x86_64.rpm php5-sockets-5.3.5-338.2.x86_64.rpm php5-sockets-debuginfo-5.3.5-338.2.x86_64.rpm php5-sqlite-5.3.5-338.2.x86_64.rpm php5-sqlite-debuginfo-5.3.5-338.2.x86_64.rpm php5-suhosin-5.3.5-338.2.x86_64.rpm php5-suhosin-debuginfo-5.3.5-338.2.x86_64.rpm php5-sysvmsg-5.3.5-338.2.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-338.2.x86_64.rpm php5-sysvsem-5.3.5-338.2.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-338.2.x86_64.rpm php5-sysvshm-5.3.5-338.2.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-338.2.x86_64.rpm php5-tidy-5.3.5-338.2.x86_64.rpm php5-tidy-debuginfo-5.3.5-338.2.x86_64.rpm php5-tokenizer-5.3.5-338.2.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-338.2.x86_64.rpm php5-wddx-5.3.5-338.2.x86_64.rpm php5-wddx-debuginfo-5.3.5-338.2.x86_64.rpm php5-xmlreader-5.3.5-338.2.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-338.2.x86_64.rpm php5-xmlrpc-5.3.5-338.2.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-338.2.x86_64.rpm php5-xmlwriter-5.3.5-338.2.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-338.2.x86_64.rpm php5-xsl-5.3.5-338.2.x86_64.rpm php5-xsl-debuginfo-5.3.5-338.2.x86_64.rpm php5-zip-5.3.5-338.2.x86_64.rpm php5-zip-debuginfo-5.3.5-338.2.x86_64.rpm php5-zlib-5.3.5-338.2.x86_64.rpm php5-zlib-debuginfo-5.3.5-338.2.x86_64.rpm openSUSE-2012-320 moderate openSUSE 11.4 Update specially crafted xpath statements could cause an out of bounds memory write libxml2-2.7.8-31.1.i586.rpm libxml2-2.7.8-31.1.src.rpm libxml2-32bit-2.7.8-31.1.x86_64.rpm libxml2-debuginfo-2.7.8-31.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-31.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-31.1.ia64.rpm libxml2-debugsource-2.7.8-31.1.i586.rpm libxml2-devel-2.7.8-31.1.i586.rpm libxml2-devel-32bit-2.7.8-31.1.x86_64.rpm libxml2-doc-2.7.8-31.1.noarch.rpm libxml2-x86-2.7.8-31.1.ia64.rpm libxml2-2.7.8-31.1.x86_64.rpm libxml2-debuginfo-2.7.8-31.1.x86_64.rpm libxml2-debugsource-2.7.8-31.1.x86_64.rpm libxml2-devel-2.7.8-31.1.x86_64.rpm openSUSE-2012-309 important openSUSE 11.4 Update Strongswan's gmp plugin could treat empty RSA signature as valid ones strongswan-4.5.0-6.45.1.i586.rpm strongswan-4.5.0-6.45.1.src.rpm strongswan-debugsource-4.5.0-6.45.1.i586.rpm strongswan-doc-4.5.0-6.45.1.i586.rpm strongswan-ikev1-4.5.0-6.45.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-ikev2-4.5.0-6.45.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-ipsec-4.5.0-6.45.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-libs0-4.5.0-6.45.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-mysql-4.5.0-6.45.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-nm-4.5.0-6.45.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-sqlite-4.5.0-6.45.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.45.1.i586.rpm strongswan-4.5.0-6.45.1.x86_64.rpm strongswan-debugsource-4.5.0-6.45.1.x86_64.rpm strongswan-doc-4.5.0-6.45.1.x86_64.rpm strongswan-ikev1-4.5.0-6.45.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-ikev2-4.5.0-6.45.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-ipsec-4.5.0-6.45.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-libs0-4.5.0-6.45.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-mysql-4.5.0-6.45.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-nm-4.5.0-6.45.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.45.1.x86_64.rpm strongswan-sqlite-4.5.0-6.45.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.45.1.x86_64.rpm openSUSE-2012-314 moderate openSUSE 11.4 Update pidgin-otr was prone to a format string flaw in log_message_cb pidgin-otr-3.2.0-151.1.i586.rpm pidgin-otr-3.2.0-151.1.src.rpm pidgin-otr-debuginfo-3.2.0-151.1.i586.rpm pidgin-otr-debugsource-3.2.0-151.1.i586.rpm pidgin-otr-3.2.0-151.1.x86_64.rpm pidgin-otr-debuginfo-3.2.0-151.1.x86_64.rpm pidgin-otr-debugsource-3.2.0-151.1.x86_64.rpm openSUSE-2012-316 important openSUSE 11.4 Update A remote denial of service in the bind nameserver via zero length rdata fields was fixed. bind-9.7.4P1-0.28.1.i586.rpm bind-9.7.4P1-0.28.1.src.rpm bind-chrootenv-9.7.4P1-0.28.1.i586.rpm bind-debuginfo-9.7.4P1-0.28.1.i586.rpm bind-debugsource-9.7.4P1-0.28.1.i586.rpm bind-devel-9.7.4P1-0.28.1.i586.rpm bind-doc-9.7.4P1-0.28.1.noarch.rpm bind-libs-32bit-9.7.4P1-0.28.1.x86_64.rpm bind-libs-9.7.4P1-0.28.1.i586.rpm bind-libs-debuginfo-32bit-9.7.4P1-0.28.1.x86_64.rpm bind-libs-debuginfo-9.7.4P1-0.28.1.i586.rpm bind-libs-debuginfo-x86-9.7.4P1-0.28.1.ia64.rpm bind-libs-x86-9.7.4P1-0.28.1.ia64.rpm bind-lwresd-9.7.4P1-0.28.1.i586.rpm bind-lwresd-debuginfo-9.7.4P1-0.28.1.i586.rpm bind-utils-9.7.4P1-0.28.1.i586.rpm bind-utils-debuginfo-9.7.4P1-0.28.1.i586.rpm bind-9.7.4P1-0.28.1.x86_64.rpm bind-chrootenv-9.7.4P1-0.28.1.x86_64.rpm bind-debuginfo-9.7.4P1-0.28.1.x86_64.rpm bind-debugsource-9.7.4P1-0.28.1.x86_64.rpm bind-devel-9.7.4P1-0.28.1.x86_64.rpm bind-libs-9.7.4P1-0.28.1.x86_64.rpm bind-libs-debuginfo-9.7.4P1-0.28.1.x86_64.rpm bind-lwresd-9.7.4P1-0.28.1.x86_64.rpm bind-lwresd-debuginfo-9.7.4P1-0.28.1.x86_64.rpm bind-utils-9.7.4P1-0.28.1.x86_64.rpm bind-utils-debuginfo-9.7.4P1-0.28.1.x86_64.rpm openSUSE-2012-333 important openSUSE 11.4 Update Changes in MozillaFirefox: - update to Firefox 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix sound notifications when filename/path contains a whitespace (bmo#749739) - fix build on arm - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) Changes in MozillaThunderbird: - update to Thunderbird 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix build with system NSPR (mozilla-system-nspr.patch) - add dependentlibs.list for improved XRE startup - update enigmail to 1.4.2 - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) - update to Thunderbird 12.0.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) - fixed build with gcc 4.7 Changes in seamonkey: - update to Seamonkey 2.10 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - requires NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - update to Seamonkey 2.9.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) - fixed build with gcc 4.7 Changes in mozilla-nss: - update to 3.13.5 RTM - update to 3.13.4 RTM * fixed some bugs * fixed cert verification regression in PKIX mode (bmo#737802) introduced in 3.13.2 Changes in xulrunner: - update to 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - reenabled crashreporter for Factory/12.2 (fixed in mozilla-gcc47.patch) MozillaFirefox-13.0-25.2.i586.rpm MozillaFirefox-13.0-25.2.src.rpm MozillaFirefox-branding-upstream-13.0-25.2.i586.rpm MozillaFirefox-buildsymbols-13.0-25.2.i586.rpm MozillaFirefox-debuginfo-13.0-25.2.i586.rpm MozillaFirefox-debugsource-13.0-25.2.i586.rpm MozillaFirefox-devel-13.0-25.2.i586.rpm MozillaFirefox-translations-common-13.0-25.2.i586.rpm MozillaFirefox-translations-other-13.0-25.2.i586.rpm MozillaThunderbird-13.0-21.2.i586.rpm MozillaThunderbird-13.0-21.2.src.rpm MozillaThunderbird-buildsymbols-13.0-21.2.i586.rpm MozillaThunderbird-debuginfo-13.0-21.2.i586.rpm MozillaThunderbird-debugsource-13.0-21.2.i586.rpm MozillaThunderbird-devel-13.0-21.2.i586.rpm MozillaThunderbird-translations-common-13.0-21.2.i586.rpm MozillaThunderbird-translations-other-13.0-21.2.i586.rpm enigmail-1.4.2+13.0-21.2.i586.rpm enigmail-debuginfo-1.4.2+13.0-21.2.i586.rpm libfreebl3-3.13.5-44.1.i586.rpm libfreebl3-32bit-3.13.5-44.1.x86_64.rpm libfreebl3-debuginfo-3.13.5-44.1.i586.rpm libfreebl3-debuginfo-32bit-3.13.5-44.1.x86_64.rpm libfreebl3-debuginfo-x86-3.13.5-44.1.ia64.rpm libfreebl3-debuginfo-x86-debuginfo-3.13.5-44.1.ia64.rpm libfreebl3-x86-3.13.5-44.1.ia64.rpm libsoftokn3-3.13.5-44.1.i586.rpm libsoftokn3-32bit-3.13.5-44.1.x86_64.rpm libsoftokn3-debuginfo-3.13.5-44.1.i586.rpm libsoftokn3-debuginfo-32bit-3.13.5-44.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.13.5-44.1.ia64.rpm libsoftokn3-debuginfo-x86-debuginfo-3.13.5-44.1.ia64.rpm libsoftokn3-x86-3.13.5-44.1.ia64.rpm mozilla-nss-3.13.5-44.1.i586.rpm mozilla-nss-3.13.5-44.1.src.rpm mozilla-nss-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-certs-3.13.5-44.1.i586.rpm mozilla-nss-certs-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.5-44.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.13.5-44.1.ia64.rpm mozilla-nss-certs-debuginfo-x86-debuginfo-3.13.5-44.1.ia64.rpm mozilla-nss-certs-x86-3.13.5-44.1.ia64.rpm mozilla-nss-debuginfo-3.13.5-44.1.i586.rpm mozilla-nss-debuginfo-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.13.5-44.1.ia64.rpm mozilla-nss-debuginfo-x86-debuginfo-3.13.5-44.1.ia64.rpm mozilla-nss-debugsource-3.13.5-44.1.i586.rpm mozilla-nss-debugsource-3.13.5-44.1.ia64.rpm mozilla-nss-debugsource-3.13.5-44.1.x86_64.rpm mozilla-nss-devel-3.13.5-44.1.i586.rpm mozilla-nss-sysinit-3.13.5-44.1.i586.rpm mozilla-nss-sysinit-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.5-44.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.13.5-44.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.13.5-44.1.ia64.rpm mozilla-nss-sysinit-debuginfo-x86-debuginfo-3.13.5-44.1.ia64.rpm mozilla-nss-sysinit-x86-3.13.5-44.1.ia64.rpm mozilla-nss-tools-3.13.5-44.1.i586.rpm mozilla-nss-tools-debuginfo-3.13.5-44.1.i586.rpm mozilla-nss-x86-3.13.5-44.1.ia64.rpm seamonkey-2.10-21.2.i586.rpm seamonkey-2.10-21.2.src.rpm seamonkey-debuginfo-2.10-21.2.i586.rpm seamonkey-debugsource-2.10-21.2.i586.rpm seamonkey-dom-inspector-2.10-21.2.i586.rpm seamonkey-irc-2.10-21.2.i586.rpm seamonkey-translations-common-2.10-21.2.i586.rpm seamonkey-translations-other-2.10-21.2.i586.rpm seamonkey-venkman-2.10-21.2.i586.rpm MozillaFirefox-13.0-25.2.x86_64.rpm MozillaFirefox-branding-upstream-13.0-25.2.x86_64.rpm MozillaFirefox-buildsymbols-13.0-25.2.x86_64.rpm MozillaFirefox-debuginfo-13.0-25.2.x86_64.rpm MozillaFirefox-debugsource-13.0-25.2.x86_64.rpm MozillaFirefox-devel-13.0-25.2.x86_64.rpm MozillaFirefox-translations-common-13.0-25.2.x86_64.rpm MozillaFirefox-translations-other-13.0-25.2.x86_64.rpm MozillaThunderbird-13.0-21.2.x86_64.rpm MozillaThunderbird-buildsymbols-13.0-21.2.x86_64.rpm MozillaThunderbird-debuginfo-13.0-21.2.x86_64.rpm MozillaThunderbird-debugsource-13.0-21.2.x86_64.rpm MozillaThunderbird-devel-13.0-21.2.x86_64.rpm MozillaThunderbird-translations-common-13.0-21.2.x86_64.rpm MozillaThunderbird-translations-other-13.0-21.2.x86_64.rpm enigmail-1.4.2+13.0-21.2.x86_64.rpm enigmail-debuginfo-1.4.2+13.0-21.2.x86_64.rpm libfreebl3-3.13.5-44.1.x86_64.rpm libfreebl3-debuginfo-3.13.5-44.1.x86_64.rpm libsoftokn3-3.13.5-44.1.x86_64.rpm libsoftokn3-debuginfo-3.13.5-44.1.x86_64.rpm mozilla-nss-3.13.5-44.1.x86_64.rpm mozilla-nss-certs-3.13.5-44.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.5-44.1.x86_64.rpm mozilla-nss-debuginfo-3.13.5-44.1.x86_64.rpm mozilla-nss-devel-3.13.5-44.1.x86_64.rpm mozilla-nss-sysinit-3.13.5-44.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.5-44.1.x86_64.rpm mozilla-nss-tools-3.13.5-44.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.13.5-44.1.x86_64.rpm seamonkey-2.10-21.2.x86_64.rpm seamonkey-debuginfo-2.10-21.2.x86_64.rpm seamonkey-debugsource-2.10-21.2.x86_64.rpm seamonkey-dom-inspector-2.10-21.2.x86_64.rpm seamonkey-irc-2.10-21.2.x86_64.rpm seamonkey-translations-common-2.10-21.2.x86_64.rpm seamonkey-translations-other-2.10-21.2.x86_64.rpm seamonkey-venkman-2.10-21.2.x86_64.rpm openSUSE-2012-331 low openSUSE 11.4 Update A buffer overread was fixed in libvpx which could lead to crashes of applications using libvpx. libvpx-0.9.5-8.1.src.rpm libvpx-debugsource-0.9.5-8.1.i586.rpm libvpx-devel-0.9.5-8.1.i586.rpm libvpx0-0.9.5-8.1.i586.rpm libvpx0-debuginfo-0.9.5-8.1.i586.rpm vpx-tools-0.9.5-8.1.i586.rpm vpx-tools-debuginfo-0.9.5-8.1.i586.rpm libvpx-debugsource-0.9.5-8.1.x86_64.rpm libvpx-devel-0.9.5-8.1.x86_64.rpm libvpx0-0.9.5-8.1.x86_64.rpm libvpx0-debuginfo-0.9.5-8.1.x86_64.rpm vpx-tools-0.9.5-8.1.x86_64.rpm vpx-tools-debuginfo-0.9.5-8.1.x86_64.rpm openSUSE-2012-321 low openSUSE 11.4 Update This update of sudo fixes two bugs: The pam session could be leaked, e.g. when pam_mount is used. bnc#751453 tls_globalcert parameters were not evaluated correctly. bnc#760697 sudo-1.7.6p2-0.16.1.i586.rpm sudo-1.7.6p2-0.16.1.src.rpm sudo-debuginfo-1.7.6p2-0.16.1.i586.rpm sudo-debugsource-1.7.6p2-0.16.1.i586.rpm sudo-1.7.6p2-0.16.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.16.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.16.1.x86_64.rpm openSUSE-2012-315 critical openSUSE 11.4 Update Adobe Flash Player was updated to 11.2.202.236, fixing lots of bugs and critical security issues. We also disabled inclusion of mms.cfg again, as it caused trouble on hardware accelerated systems. flash-player-11.2.202.236-17.1.i586.rpm flash-player-11.2.202.236-17.1.nosrc.rpm flash-player-gnome-11.2.202.236-17.1.i586.rpm flash-player-kde4-11.2.202.236-17.1.i586.rpm flash-player-11.2.202.236-17.1.x86_64.rpm flash-player-gnome-11.2.202.236-17.1.x86_64.rpm flash-player-kde4-11.2.202.236-17.1.x86_64.rpm openSUSE-2012-323 low openSUSE 11.4 Update This update of atftpd fixes a race condition where two server threads pick up a single client, which causes the transported file being overwritten (bnc#599856) atftp-0.7.0-143.152.1.i586.rpm atftp-0.7.0-143.152.1.src.rpm atftp-debuginfo-0.7.0-143.152.1.i586.rpm atftp-debugsource-0.7.0-143.152.1.i586.rpm atftp-0.7.0-143.152.1.x86_64.rpm atftp-debuginfo-0.7.0-143.152.1.x86_64.rpm atftp-debugsource-0.7.0-143.152.1.x86_64.rpm openSUSE-2012-326 important openSUSE 11.4 Update This update fixes the following issues for the software management: libzypp (11.4 and 12.1): - Fix processing of weak locks (bnc#749418, bnc#765164) - Fix typos in zypp.conf (bnc#761985) zypper (12.1 only): - Don't treat patches with licensed packages as interactive is --auto-agree-with-licenses is used (bnc#730824) libzypp-8.13.6-18.1.i586.rpm True libzypp-8.13.6-18.1.src.rpm True libzypp-debuginfo-8.13.6-18.1.i586.rpm True libzypp-debugsource-8.13.6-18.1.i586.rpm True libzypp-devel-8.13.6-18.1.i586.rpm True libzypp-8.13.6-18.1.x86_64.rpm True libzypp-debuginfo-8.13.6-18.1.x86_64.rpm True libzypp-debugsource-8.13.6-18.1.x86_64.rpm True libzypp-devel-8.13.6-18.1.x86_64.rpm True openSUSE-2012-348 low openSUSE 11.4 Update This update of socat fixes a buffer overflow in READLINE output mode. socat-1.7.1.3-6.1.i586.rpm socat-1.7.1.3-6.1.src.rpm socat-debuginfo-1.7.1.3-6.1.i586.rpm socat-debugsource-1.7.1.3-6.1.i586.rpm socat-1.7.1.3-6.1.x86_64.rpm socat-debuginfo-1.7.1.3-6.1.x86_64.rpm socat-debugsource-1.7.1.3-6.1.x86_64.rpm openSUSE-2012-378 important openSUSE 11.4 Update Fixing CVE-2012-2122: authentication bypass due to incorrect type casting libmysqlclusterclient16-7.1.22-55.1.i586.rpm libmysqlclusterclient16-debuginfo-7.1.22-55.1.i586.rpm libmysqlclusterclient_r16-7.1.22-55.1.i586.rpm libmysqlclusterclient_r16-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-7.1.22-55.1.i586.rpm mysql-cluster-7.1.22-55.1.src.rpm mysql-cluster-bench-7.1.22-55.1.i586.rpm mysql-cluster-bench-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-client-7.1.22-55.1.i586.rpm mysql-cluster-client-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debug-7.1.22-55.1.i586.rpm mysql-cluster-debug-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debugsource-7.1.22-55.1.i586.rpm mysql-cluster-ndb-extra-7.1.22-55.1.i586.rpm mysql-cluster-ndb-extra-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-management-7.1.22-55.1.i586.rpm mysql-cluster-ndb-management-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-storage-7.1.22-55.1.i586.rpm mysql-cluster-ndb-storage-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-tools-7.1.22-55.1.i586.rpm mysql-cluster-ndb-tools-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-test-7.1.22-55.1.i586.rpm mysql-cluster-test-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-tools-7.1.22-55.1.i586.rpm mysql-cluster-tools-debuginfo-7.1.22-55.1.i586.rpm libmysqlclusterclient16-7.1.22-55.1.x86_64.rpm libmysqlclusterclient16-debuginfo-7.1.22-55.1.x86_64.rpm libmysqlclusterclient_r16-7.1.22-55.1.x86_64.rpm libmysqlclusterclient_r16-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-7.1.22-55.1.x86_64.rpm mysql-cluster-bench-7.1.22-55.1.x86_64.rpm mysql-cluster-bench-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-client-7.1.22-55.1.x86_64.rpm mysql-cluster-client-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debug-7.1.22-55.1.x86_64.rpm mysql-cluster-debug-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debugsource-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-extra-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-extra-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-management-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-management-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-storage-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-storage-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-tools-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-tools-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-test-7.1.22-55.1.x86_64.rpm mysql-cluster-test-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-tools-7.1.22-55.1.x86_64.rpm mysql-cluster-tools-debuginfo-7.1.22-55.1.x86_64.rpm openSUSE-2012-328 low openSUSE 11.4 Update This update fixes the following issues for amanda: - 739222: Amanda is not running with the correct permissions behind xinetd - 755268: amanda backup system built without ssh support amanda-2.6.1.1-16.1.i586.rpm amanda-2.6.1.1-16.1.src.rpm amanda-debuginfo-2.6.1.1-16.1.i586.rpm amanda-debugsource-2.6.1.1-16.1.i586.rpm amanda-2.6.1.1-16.1.x86_64.rpm amanda-debuginfo-2.6.1.1-16.1.x86_64.rpm amanda-debugsource-2.6.1.1-16.1.x86_64.rpm openSUSE-2012-368 critical openSUSE 11.4 Update This version upgrade of java-1_6_0-openjdk fixes multiple security flaws: - S7079902, CVE-2012-1711: Refine CORBA data models - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC - S7143872, CVE-2012-1718: Improve certificate extension processing - S7152811, CVE-2012-1723: Issues in client compiler - S7157609, CVE-2012-1724: Issues with loop - S7160757, CVE-2012-1725: Problem with hotspot runtime_classfile java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.11.2.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.3-0.11.2.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.3-0.11.2.x86_64.rpm openSUSE-2012-342 moderate openSUSE 11.4 Update This kernel update of the openSUSE 12.1 kernel fixes lots of bugs and security issues. Following issues were fixed: - tcp: drop SYN+FIN messages (bnc#765102). - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (bnc#765320, CVE-2012-2136). - fcaps: clear the same personality flags as suid when fcaps are used (bnc#758260 CVE-2012-2123). - macvtap: zerocopy: validate vectors before building skb (bnc#758243 CVE-2012-2119). - hfsplus: Fix potential buffer overflows (bnc#760902 CVE-2009-4020). - xfrm: take net hdr len into account for esp payload size calculation (bnc#759545). - ext4: fix undefined behavior in ext4_fill_flex_info() (bnc#757278). - igb: fix rtnl race in PM resume path (bnc#748859). - ixgbe: add missing rtnl_lock in PM resume path (bnc#748859). - b43: allocate receive buffers big enough for max frame len + offset (bnc#717749). - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. - xenbus_dev: add missing error checks to watch handling. - hwmon: (coretemp-xen) Fix TjMax detection for older CPUs. - hwmon: (coretemp-xen) Relax target temperature range check. - Refresh other Xen patches. - tlan: add cast needed for proper 64 bit operation (bnc#756840). - dl2k: Tighten ioctl permissions (bnc#758813). - [media] cx22702: Fix signal strength. - fs: cachefiles: Add support for large files in filesystem caching (bnc#747038). - bridge: correct IPv6 checksum after pull (bnc#738644). - bridge: fix a possible use after free (bnc#738644). - bridge: Pseudo-header required for the checksum of ICMPv6 (bnc#738644). - bridge: mcast snooping, fix length check of snooped MLDv1/2 (bnc#738644). - PCI/ACPI: Report ASPM support to BIOS if not disabled from command line (bnc#714455). - ipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID (bnc#756203). - drm/i915/crt: Remove 0xa0 probe for VGA. - tty_audit: fix tty_audit_add_data live lock on audit disabled (bnc#721366). - drm/i915: suspend fbdev device around suspend/hibernate (bnc#732908). - dlm: Do not allocate a fd for peeloff (bnc#729247). - sctp: Export sctp_do_peeloff (bnc#729247). - i2c-algo-bit: Fix spurious SCL timeouts under heavy load. - patches.fixes/epoll-dont-limit-non-nested.patch: Don't limit non-nested epoll paths (bnc#676204). - Update patches.suse/sd_init.mark_majors_busy.patch (bnc#744658). - igb: Fix for Alt MAC Address feature on 82580 and later devices (bnc#746980). - mark busy sd majors as allocated (bug#744658). - regset: Return -EFAULT, not -EIO, on host-side memory fault (bnc# 750079 CVE-2012-1097). - regset: Prevent null pointer reference on readonly regsets (bnc#750079 CVE-2012-1097). - mm: memcg: Correct unregistring of events attached to the same eventfd (CVE-2012-1146 bnc#750959). - befs: Validate length of long symbolic links (CVE-2011-2928 bnc#713430). - si4713-i2c: avoid potential buffer overflow on si4713 (CVE-2011-2700 bnc#707332). - staging: comedi: fix infoleak to userspace (CVE-2011-2909 bnc#711941). - hfs: add sanity check for file name length (CVE-2011-4330 bnc#731673). - cifs: fix dentry refcount leak when opening a FIFO on lookup (CVE-2012-1090 bnc#749569). - drm: integer overflow in drm_mode_dirtyfb_ioctl() (CVE-2012-0044 bnc#740745). - xfs: fix acl count validation in xfs_acl_from_disk() (CVE-2012-0038 bnc#740703). - xfs: validate acl count (CVE-2012-0038 bnc#740703). - patches.fixes/xfs-fix-possible-memory-corruption-in-xfs_readlink: Work around missing xfs_alert(). - xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (CVE-2011-4077 bnc#726600). - xfs: Fix possible memory corruption in xfs_readlink (CVE-2011-4077 bnc#726600). - ext4: make ext4_split_extent() handle error correctly. - ext4: ext4_ext_convert_to_initialized bug found in extended FSX testing. - ext4: add ext4_split_extent_at() and ext4_split_extent(). - ext4: reimplement convert and split_unwritten (CVE-2011-3638 bnc#726045). - patches.fixes/epoll-limit-paths.patch: epoll: limit paths (bnc#676204 CVE-2011-1083). - patches.kabi/epoll-kabi-fix.patch: epoll: hide kabi change in struct file (bnc#676204 CVE-2011-1083). - NAT/FTP: Fix broken conntrack (bnc#681639 bnc#466279 bnc#747660). - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (bnc#740448 CVE-2012-0207). - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (bnc#745832 CVE-2011-4086). - AppArmor: fix oops in apparmor_setprocattr (bnc#717209 CVE-2011-3619). - Refresh patches.suse/SoN-22-netvm.patch. Clean and *working* patches. - Refresh patches.suse/SoN-22-netvm.patch. (bnc#683671) Fix an rcu locking imbalance in the receive path triggered when using vlans. - Fix mangled patch (invalid date) Although accepted by `patch`, this is rejected by `git apply` - Fix mangled diff lines (leading space tab vs tab) Although accepted by `patch`, these are rejected by `git apply` - jbd/jbd2: validate sb->s_first in journal_get_superblock() (bnc#730118). - fsnotify: don't BUG in fsnotify_destroy_mark() (bnc#689860). - Fix patches.fixes/x25-Handle-undersized-fragmented-skbs.patch (CVE-2010-3873 bnc#651219). - Fix patches.fixes/x25-Prevent-skb-overreads-when-checking-call-user-da.patch (CVE-2010-3873 bnc#651219). - Fix patches.fixes/x25-Validate-incoming-call-user-data-lengths.patch (CVE-2010-3873 bnc#651219). - Fix patches.fixes/x25-possible-skb-leak-on-bad-facilities.patch (CVE-2010-3873 bnc#651219 CVE-2010-4164 bnc#653260). - Update patches.fixes/econet-4-byte-infoleak-to-the-network.patch (bnc#681186 CVE-2011-1173). Fix reference. - hwmon: (w83627ehf) Properly report thermal diode sensors. - nl80211: fix overflow in ssid_len (bnc#703410 CVE-2011-2517). - nl80211: fix check for valid SSID size in scan operations (bnc#703410 CVE-2011-2517). - x25: Prevent skb overreads when checking call user data (CVE-2010-3873 bnc#737624). - x25: Handle undersized/fragmented skbs (CVE-2010-3873 bnc#737624). - x25: Validate incoming call user data lengths (CVE-2010-3873 bnc#737624). - x25: possible skb leak on bad facilities (CVE-2010-3873 bnc#737624). - net: Add a flow_cache_flush_deferred function (bnc#737624). - xfrm: avoid possible oopse in xfrm_alloc_dst (bnc#737624). - scm: lower SCM_MAX_FD (bnc#655696 CVE-2010-4249). kernel-debug-2.6.37.6-0.20.1.i586.rpm True kernel-debug-2.6.37.6-0.20.1.nosrc.rpm True kernel-debug-base-2.6.37.6-0.20.1.i586.rpm True kernel-debug-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-debug-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-debug-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-debug-devel-2.6.37.6-0.20.1.i586.rpm True kernel-debug-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-default-2.6.37.6-0.20.1.i586.rpm True kernel-default-2.6.37.6-0.20.1.nosrc.rpm True kernel-default-base-2.6.37.6-0.20.1.i586.rpm True kernel-default-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-default-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-default-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-default-devel-2.6.37.6-0.20.1.i586.rpm True kernel-default-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-2.6.37.6-0.20.1.nosrc.rpm True kernel-desktop-base-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-devel-2.6.37.6-0.20.1.i586.rpm True kernel-desktop-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-docs-2.6.37.6-0.20.2.noarch.rpm True kernel-docs-2.6.37.6-0.20.2.src.rpm True kernel-ec2-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-2.6.37.6-0.20.1.nosrc.rpm True kernel-ec2-base-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-devel-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-extra-2.6.37.6-0.20.1.i586.rpm True kernel-ec2-extra-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-pae-2.6.37.6-0.20.1.i586.rpm True kernel-pae-2.6.37.6-0.20.1.nosrc.rpm True kernel-pae-base-2.6.37.6-0.20.1.i586.rpm True kernel-pae-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-pae-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-pae-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-pae-devel-2.6.37.6-0.20.1.i586.rpm True kernel-pae-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-devel-2.6.37.6-0.20.1.noarch.rpm True kernel-source-2.6.37.6-0.20.1.noarch.rpm True kernel-source-2.6.37.6-0.20.1.src.rpm True kernel-source-vanilla-2.6.37.6-0.20.1.noarch.rpm True kernel-syms-2.6.37.6-0.20.1.i586.rpm True kernel-syms-2.6.37.6-0.20.1.src.rpm True kernel-trace-2.6.37.6-0.20.1.i586.rpm True kernel-trace-2.6.37.6-0.20.1.nosrc.rpm True kernel-trace-base-2.6.37.6-0.20.1.i586.rpm True kernel-trace-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-trace-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-trace-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-trace-devel-2.6.37.6-0.20.1.i586.rpm True kernel-trace-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-2.6.37.6-0.20.1.nosrc.rpm True kernel-vanilla-base-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-devel-2.6.37.6-0.20.1.i586.rpm True kernel-vanilla-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-2.6.37.6-0.20.1.nosrc.rpm True kernel-vmi-base-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-devel-2.6.37.6-0.20.1.i586.rpm True kernel-vmi-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-xen-2.6.37.6-0.20.1.i586.rpm True kernel-xen-2.6.37.6-0.20.1.nosrc.rpm True kernel-xen-base-2.6.37.6-0.20.1.i586.rpm True kernel-xen-base-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-xen-debuginfo-2.6.37.6-0.20.1.i586.rpm True kernel-xen-debugsource-2.6.37.6-0.20.1.i586.rpm True kernel-xen-devel-2.6.37.6-0.20.1.i586.rpm True kernel-xen-devel-debuginfo-2.6.37.6-0.20.1.i586.rpm True preload-1.2-6.17.1.i586.rpm True preload-1.2-6.17.1.src.rpm True preload-debuginfo-1.2-6.17.1.i586.rpm True preload-debugsource-1.2-6.17.1.i586.rpm True preload-kmp-default-1.2_k2.6.37.6_0.20-6.17.1.i586.rpm True preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.20-6.17.1.i586.rpm True preload-kmp-desktop-1.2_k2.6.37.6_0.20-6.17.1.i586.rpm True preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.20-6.17.1.i586.rpm True kernel-debug-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-debug-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-default-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-desktop-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-extra-2.6.37.6-0.20.1.x86_64.rpm True kernel-ec2-extra-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-syms-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-trace-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-vanilla-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-base-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-base-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-debugsource-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-devel-2.6.37.6-0.20.1.x86_64.rpm True kernel-xen-devel-debuginfo-2.6.37.6-0.20.1.x86_64.rpm True preload-1.2-6.17.1.x86_64.rpm True preload-debuginfo-1.2-6.17.1.x86_64.rpm True preload-debugsource-1.2-6.17.1.x86_64.rpm True preload-kmp-default-1.2_k2.6.37.6_0.20-6.17.1.x86_64.rpm True preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.20-6.17.1.x86_64.rpm True preload-kmp-desktop-1.2_k2.6.37.6_0.20-6.17.1.x86_64.rpm True preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.20-6.17.1.x86_64.rpm True openSUSE-2012-360 low openSUSE 11.4 Update Fixing CVE-2012-1013 (krb5 kadmind denial of service via null pointer dereference) krb5-1.8.3-16.49.1.i586.rpm krb5-1.8.3-16.49.1.src.rpm krb5-32bit-1.8.3-16.49.1.x86_64.rpm krb5-client-1.8.3-16.49.1.i586.rpm krb5-client-debuginfo-1.8.3-16.49.1.i586.rpm krb5-debuginfo-1.8.3-16.49.1.i586.rpm krb5-debuginfo-32bit-1.8.3-16.49.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-16.49.1.ia64.rpm krb5-debuginfo-x86-debuginfo-1.8.3-16.49.1.ia64.rpm krb5-debugsource-1.8.3-16.49.1.i586.rpm krb5-debugsource-1.8.3-16.49.1.ia64.rpm krb5-debugsource-1.8.3-16.49.1.x86_64.rpm krb5-devel-1.8.3-16.49.1.i586.rpm krb5-devel-32bit-1.8.3-16.49.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-16.49.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.49.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-16.49.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.49.1.i586.rpm krb5-server-1.8.3-16.49.1.i586.rpm krb5-server-debuginfo-1.8.3-16.49.1.i586.rpm krb5-x86-1.8.3-16.49.1.ia64.rpm krb5-1.8.3-16.49.1.x86_64.rpm krb5-client-1.8.3-16.49.1.x86_64.rpm krb5-client-debuginfo-1.8.3-16.49.1.x86_64.rpm krb5-debuginfo-1.8.3-16.49.1.x86_64.rpm krb5-devel-1.8.3-16.49.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-16.49.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.49.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-16.49.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.49.1.x86_64.rpm krb5-server-1.8.3-16.49.1.x86_64.rpm krb5-server-debuginfo-1.8.3-16.49.1.x86_64.rpm openSUSE-2012-365 moderate openSUSE 11.4 Update - security update: * Fix BSD crypt 8bit character mishandling (CVE-2012-2143) [bnc#766798] apache2-mod_php5-5.3.5-341.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-341.1.i586.rpm php5-5.3.5-341.1.i586.rpm php5-5.3.5-341.1.src.rpm php5-bcmath-5.3.5-341.1.i586.rpm php5-bcmath-debuginfo-5.3.5-341.1.i586.rpm php5-bz2-5.3.5-341.1.i586.rpm php5-bz2-debuginfo-5.3.5-341.1.i586.rpm php5-calendar-5.3.5-341.1.i586.rpm php5-calendar-debuginfo-5.3.5-341.1.i586.rpm php5-ctype-5.3.5-341.1.i586.rpm php5-ctype-debuginfo-5.3.5-341.1.i586.rpm php5-curl-5.3.5-341.1.i586.rpm php5-curl-debuginfo-5.3.5-341.1.i586.rpm php5-dba-5.3.5-341.1.i586.rpm php5-dba-debuginfo-5.3.5-341.1.i586.rpm php5-debuginfo-5.3.5-341.1.i586.rpm php5-debugsource-5.3.5-341.1.i586.rpm php5-devel-5.3.5-341.1.i586.rpm php5-dom-5.3.5-341.1.i586.rpm php5-dom-debuginfo-5.3.5-341.1.i586.rpm php5-enchant-5.3.5-341.1.i586.rpm php5-enchant-debuginfo-5.3.5-341.1.i586.rpm php5-exif-5.3.5-341.1.i586.rpm php5-exif-debuginfo-5.3.5-341.1.i586.rpm php5-fastcgi-5.3.5-341.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-341.1.i586.rpm php5-fileinfo-5.3.5-341.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-341.1.i586.rpm php5-fpm-5.3.5-341.1.i586.rpm php5-fpm-debuginfo-5.3.5-341.1.i586.rpm php5-ftp-5.3.5-341.1.i586.rpm php5-ftp-debuginfo-5.3.5-341.1.i586.rpm php5-gd-5.3.5-341.1.i586.rpm php5-gd-debuginfo-5.3.5-341.1.i586.rpm php5-gettext-5.3.5-341.1.i586.rpm php5-gettext-debuginfo-5.3.5-341.1.i586.rpm php5-gmp-5.3.5-341.1.i586.rpm php5-gmp-debuginfo-5.3.5-341.1.i586.rpm php5-hash-5.3.5-341.1.i586.rpm php5-hash-debuginfo-5.3.5-341.1.i586.rpm php5-iconv-5.3.5-341.1.i586.rpm php5-iconv-debuginfo-5.3.5-341.1.i586.rpm php5-imap-5.3.5-341.1.i586.rpm php5-imap-debuginfo-5.3.5-341.1.i586.rpm php5-intl-5.3.5-341.1.i586.rpm php5-intl-debuginfo-5.3.5-341.1.i586.rpm php5-json-5.3.5-341.1.i586.rpm php5-json-debuginfo-5.3.5-341.1.i586.rpm php5-ldap-5.3.5-341.1.i586.rpm php5-ldap-debuginfo-5.3.5-341.1.i586.rpm php5-mbstring-5.3.5-341.1.i586.rpm php5-mbstring-debuginfo-5.3.5-341.1.i586.rpm php5-mcrypt-5.3.5-341.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-341.1.i586.rpm php5-mysql-5.3.5-341.1.i586.rpm php5-mysql-debuginfo-5.3.5-341.1.i586.rpm php5-odbc-5.3.5-341.1.i586.rpm php5-odbc-debuginfo-5.3.5-341.1.i586.rpm php5-openssl-5.3.5-341.1.i586.rpm php5-openssl-debuginfo-5.3.5-341.1.i586.rpm php5-pcntl-5.3.5-341.1.i586.rpm php5-pcntl-debuginfo-5.3.5-341.1.i586.rpm php5-pdo-5.3.5-341.1.i586.rpm php5-pdo-debuginfo-5.3.5-341.1.i586.rpm php5-pear-5.3.5-341.1.noarch.rpm php5-pgsql-5.3.5-341.1.i586.rpm php5-pgsql-debuginfo-5.3.5-341.1.i586.rpm php5-phar-5.3.5-341.1.i586.rpm php5-phar-debuginfo-5.3.5-341.1.i586.rpm php5-posix-5.3.5-341.1.i586.rpm php5-posix-debuginfo-5.3.5-341.1.i586.rpm php5-pspell-5.3.5-341.1.i586.rpm php5-pspell-debuginfo-5.3.5-341.1.i586.rpm php5-readline-5.3.5-341.1.i586.rpm php5-readline-debuginfo-5.3.5-341.1.i586.rpm php5-shmop-5.3.5-341.1.i586.rpm php5-shmop-debuginfo-5.3.5-341.1.i586.rpm php5-snmp-5.3.5-341.1.i586.rpm php5-snmp-debuginfo-5.3.5-341.1.i586.rpm php5-soap-5.3.5-341.1.i586.rpm php5-soap-debuginfo-5.3.5-341.1.i586.rpm php5-sockets-5.3.5-341.1.i586.rpm php5-sockets-debuginfo-5.3.5-341.1.i586.rpm php5-sqlite-5.3.5-341.1.i586.rpm php5-sqlite-debuginfo-5.3.5-341.1.i586.rpm php5-suhosin-5.3.5-341.1.i586.rpm php5-suhosin-debuginfo-5.3.5-341.1.i586.rpm php5-sysvmsg-5.3.5-341.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-341.1.i586.rpm php5-sysvsem-5.3.5-341.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-341.1.i586.rpm php5-sysvshm-5.3.5-341.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-341.1.i586.rpm php5-tidy-5.3.5-341.1.i586.rpm php5-tidy-debuginfo-5.3.5-341.1.i586.rpm php5-tokenizer-5.3.5-341.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-341.1.i586.rpm php5-wddx-5.3.5-341.1.i586.rpm php5-wddx-debuginfo-5.3.5-341.1.i586.rpm php5-xmlreader-5.3.5-341.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-341.1.i586.rpm php5-xmlrpc-5.3.5-341.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-341.1.i586.rpm php5-xmlwriter-5.3.5-341.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-341.1.i586.rpm php5-xsl-5.3.5-341.1.i586.rpm php5-xsl-debuginfo-5.3.5-341.1.i586.rpm php5-zip-5.3.5-341.1.i586.rpm php5-zip-debuginfo-5.3.5-341.1.i586.rpm php5-zlib-5.3.5-341.1.i586.rpm php5-zlib-debuginfo-5.3.5-341.1.i586.rpm apache2-mod_php5-5.3.5-341.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-341.1.x86_64.rpm php5-5.3.5-341.1.x86_64.rpm php5-bcmath-5.3.5-341.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-341.1.x86_64.rpm php5-bz2-5.3.5-341.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-341.1.x86_64.rpm php5-calendar-5.3.5-341.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-341.1.x86_64.rpm php5-ctype-5.3.5-341.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-341.1.x86_64.rpm php5-curl-5.3.5-341.1.x86_64.rpm php5-curl-debuginfo-5.3.5-341.1.x86_64.rpm php5-dba-5.3.5-341.1.x86_64.rpm php5-dba-debuginfo-5.3.5-341.1.x86_64.rpm php5-debuginfo-5.3.5-341.1.x86_64.rpm php5-debugsource-5.3.5-341.1.x86_64.rpm php5-devel-5.3.5-341.1.x86_64.rpm php5-dom-5.3.5-341.1.x86_64.rpm php5-dom-debuginfo-5.3.5-341.1.x86_64.rpm php5-enchant-5.3.5-341.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-341.1.x86_64.rpm php5-exif-5.3.5-341.1.x86_64.rpm php5-exif-debuginfo-5.3.5-341.1.x86_64.rpm php5-fastcgi-5.3.5-341.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-341.1.x86_64.rpm php5-fileinfo-5.3.5-341.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-341.1.x86_64.rpm php5-fpm-5.3.5-341.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-341.1.x86_64.rpm php5-ftp-5.3.5-341.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-341.1.x86_64.rpm php5-gd-5.3.5-341.1.x86_64.rpm php5-gd-debuginfo-5.3.5-341.1.x86_64.rpm php5-gettext-5.3.5-341.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-341.1.x86_64.rpm php5-gmp-5.3.5-341.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-341.1.x86_64.rpm php5-hash-5.3.5-341.1.x86_64.rpm php5-hash-debuginfo-5.3.5-341.1.x86_64.rpm php5-iconv-5.3.5-341.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-341.1.x86_64.rpm php5-imap-5.3.5-341.1.x86_64.rpm php5-imap-debuginfo-5.3.5-341.1.x86_64.rpm php5-intl-5.3.5-341.1.x86_64.rpm php5-intl-debuginfo-5.3.5-341.1.x86_64.rpm php5-json-5.3.5-341.1.x86_64.rpm php5-json-debuginfo-5.3.5-341.1.x86_64.rpm php5-ldap-5.3.5-341.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-341.1.x86_64.rpm php5-mbstring-5.3.5-341.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-341.1.x86_64.rpm php5-mcrypt-5.3.5-341.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-341.1.x86_64.rpm php5-mysql-5.3.5-341.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-341.1.x86_64.rpm php5-odbc-5.3.5-341.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-341.1.x86_64.rpm php5-openssl-5.3.5-341.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-341.1.x86_64.rpm php5-pcntl-5.3.5-341.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-341.1.x86_64.rpm php5-pdo-5.3.5-341.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-341.1.x86_64.rpm php5-pgsql-5.3.5-341.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-341.1.x86_64.rpm php5-phar-5.3.5-341.1.x86_64.rpm php5-phar-debuginfo-5.3.5-341.1.x86_64.rpm php5-posix-5.3.5-341.1.x86_64.rpm php5-posix-debuginfo-5.3.5-341.1.x86_64.rpm php5-pspell-5.3.5-341.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-341.1.x86_64.rpm php5-readline-5.3.5-341.1.x86_64.rpm php5-readline-debuginfo-5.3.5-341.1.x86_64.rpm php5-shmop-5.3.5-341.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-341.1.x86_64.rpm php5-snmp-5.3.5-341.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-341.1.x86_64.rpm php5-soap-5.3.5-341.1.x86_64.rpm php5-soap-debuginfo-5.3.5-341.1.x86_64.rpm php5-sockets-5.3.5-341.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-341.1.x86_64.rpm php5-sqlite-5.3.5-341.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-341.1.x86_64.rpm php5-suhosin-5.3.5-341.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-341.1.x86_64.rpm php5-sysvmsg-5.3.5-341.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-341.1.x86_64.rpm php5-sysvsem-5.3.5-341.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-341.1.x86_64.rpm php5-sysvshm-5.3.5-341.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-341.1.x86_64.rpm php5-tidy-5.3.5-341.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-341.1.x86_64.rpm php5-tokenizer-5.3.5-341.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-341.1.x86_64.rpm php5-wddx-5.3.5-341.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-341.1.x86_64.rpm php5-xmlreader-5.3.5-341.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-341.1.x86_64.rpm php5-xmlrpc-5.3.5-341.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-341.1.x86_64.rpm php5-xmlwriter-5.3.5-341.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-341.1.x86_64.rpm php5-xsl-5.3.5-341.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-341.1.x86_64.rpm php5-zip-5.3.5-341.1.x86_64.rpm php5-zip-debuginfo-5.3.5-341.1.x86_64.rpm php5-zlib-5.3.5-341.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-341.1.x86_64.rpm openSUSE-2012-362 important openSUSE 11.4 Update This update addresses possible evasion cases in some archive formats and stability issues in portions of the bytecode engine. clamav-0.97.5-10.1.i586.rpm clamav-0.97.5-10.1.src.rpm clamav-db-0.97.5-10.1.noarch.rpm clamav-debuginfo-0.97.5-10.1.i586.rpm clamav-debugsource-0.97.5-10.1.i586.rpm clamav-0.97.5-10.1.x86_64.rpm clamav-debuginfo-0.97.5-10.1.x86_64.rpm clamav-debugsource-0.97.5-10.1.x86_64.rpm openSUSE-2012-366 moderate openSUSE 11.4 Update - update to 12.00 * full changelog available at: http://www.opera.com/docs/changelogs/unix/1120/ - fixes [bnc#767045] opera-12.00-22.1.i586.rpm opera-12.00-22.1.nosrc.rpm opera-gtk-12.00-22.1.i586.rpm opera-kde4-12.00-22.1.i586.rpm opera-12.00-22.1.x86_64.rpm opera-gtk-12.00-22.1.x86_64.rpm opera-kde4-12.00-22.1.x86_64.rpm openSUSE-2012-367 moderate openSUSE 11.4 Update - fixes bnc#764127 CVE-2012-2417 insecure ElGamal key generation python-crypto-2.3-6.1.i586.rpm python-crypto-2.3-6.1.src.rpm python-crypto-debuginfo-2.3-6.1.i586.rpm python-crypto-2.3-6.1.x86_64.rpm openSUSE-2012-361 moderate openSUSE 11.4 Update - fixing multiple integer overflows: * CVE-2012-2113 [bnc#767852] * CVE-2012-2088 [bnc#767854] libtiff-devel-3.9.4-28.1.i586.rpm libtiff-devel-32bit-3.9.4-28.1.x86_64.rpm libtiff3-3.9.4-28.1.i586.rpm libtiff3-32bit-3.9.4-28.1.x86_64.rpm libtiff3-debuginfo-3.9.4-28.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-28.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-28.1.ia64.rpm libtiff3-debuginfo-x86-debuginfo-3.9.4-28.1.ia64.rpm libtiff3-x86-3.9.4-28.1.ia64.rpm tiff-3.9.4-28.1.i586.rpm tiff-3.9.4-28.1.src.rpm tiff-debuginfo-3.9.4-28.1.i586.rpm tiff-debugsource-3.9.4-28.1.i586.rpm tiff-debugsource-3.9.4-28.1.ia64.rpm tiff-debugsource-3.9.4-28.1.x86_64.rpm libtiff-devel-3.9.4-28.1.x86_64.rpm libtiff3-3.9.4-28.1.x86_64.rpm libtiff3-debuginfo-3.9.4-28.1.x86_64.rpm tiff-3.9.4-28.1.x86_64.rpm tiff-debuginfo-3.9.4-28.1.x86_64.rpm openSUSE-2012-345 low openSUSE 11.4 Update This updates includes the latest SSL root certificates trusted by Mozilla as of 2012-04-25. - new: EC_ACC.pem - new: Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem - new: Security_Communication_RootCA2.pem - removed: TC_TrustCenter_Germany_Class_2_CA.pem - removed: TC_TrustCenter_Germany_Class_3_CA.pem - removed: Verisign_Class_1_Public_Primary_Certification_Authority.1.pem - removed: Verisign_Class_2_Public_Primary_Certification_Authority.pem - removed: Verisign_Class_4_Public_Primary_Certification_Authority_G2.pem ca-certificates-mozilla-1.76-6.1.noarch.rpm ca-certificates-mozilla-1.76-6.1.src.rpm openSUSE-2012-339 low openSUSE 11.4 Update SuSEfirewall2 was updated to: - Allow IPv6 Multicast Listener Discovery - fix icmpv6 handling FW_SERVICES_*_* SuSEfirewall2-3.6.261-3.8.1.noarch.rpm SuSEfirewall2-3.6.261-3.8.1.src.rpm openSUSE-2012-359 low openSUSE 11.4 Update This update fixes the following issues for pm-utils: - 751621: Test systemd presence (/proc/1/comm) and choose either systemctl or /sbin/service when stopping and restarting services. This should make the services stop and start properly, but avoid dumping binary crap in the log (bnc#751811). - 753589: sysctl.conf settings are lost when changing powerstate - 633496: /usr/lib/pm-utils/sleep.d/75modules should cancel suspend2disk when unloading a module fails - 697379: Powermanagement snd_hda_intel - Skript /usr/lib/pm-utils/intel-audio-powersave doesnt work - 768867: Changed licence in specfile to GPL-2.0 pm-utils-1.4.1-5.32.1.i586.rpm pm-utils-1.4.1-5.32.1.src.rpm pm-utils-debuginfo-1.4.1-5.32.1.i586.rpm pm-utils-debugsource-1.4.1-5.32.1.i586.rpm pm-utils-ndiswrapper-1.4.1-5.32.1.i586.rpm pm-utils-1.4.1-5.32.1.x86_64.rpm pm-utils-debuginfo-1.4.1-5.32.1.x86_64.rpm pm-utils-debugsource-1.4.1-5.32.1.x86_64.rpm pm-utils-ndiswrapper-1.4.1-5.32.1.x86_64.rpm openSUSE-2012-364 moderate openSUSE 11.4 Update - fix vulnerability to temporary file symlink attacks in snapshot file mode. (bnc#764526) (CVE-2012-2652) kvm-0.14.0.0-1.20.1.i586.rpm kvm-0.14.0.0-1.20.1.src.rpm kvm-debuginfo-0.14.0.0-1.20.1.i586.rpm kvm-debugsource-0.14.0.0-1.20.1.i586.rpm kvm-0.14.0.0-1.20.1.x86_64.rpm kvm-debuginfo-0.14.0.0-1.20.1.x86_64.rpm kvm-debugsource-0.14.0.0-1.20.1.x86_64.rpm openSUSE-2012-363 moderate openSUSE 11.4 Update - update to 1.1.15 (bnc#768680): * security fix: complete authz support for remote SVN views (CVE-2012-3356) * security fix: log msg leak in SVN revision view with unreadable copy source (CVE-2012-3357) Additionally the following non-security issues have been addressed: * fix several instances of incorrect information in remote SVN views * increase performance of some revision metadata lookups in remote SVN views * fix RSS feed regression introduced in 1.1.14 * fix annotation of svn files with non-URI-safe paths * handle file:/// Subversion rootpaths as local roots * fix bug caused by trying to case-normalize anon usernames * speed up log handling by reusing tokenization results * add support for custom review log markup rules * fix svndbadmin failure on deleted paths under Subversion 1.7 * fix annotation of files in svn roots with non-URI-safe paths * fix stray annotation warning in markup display of images * more gracefully handle attempts to display binary content * fix path display in patch and certain diff views * fix broken cvsdb glob searching * allow svn revision specifiers to have leading r's * allow environmental override of configuration location * fix exception HTML-escaping non-string data under WSGI * add links to root logs from roots view * use Pygments lexer-guessing functionality - add supplements for apache2/subversion-server viewvc-1.1.15-6.1.noarch.rpm viewvc-1.1.15-6.1.src.rpm openSUSE-2012-369 moderate openSUSE 11.4 Update - Fixed bnc#747657: CVE-2012-1053, CVE-2012-1054: improper privilege dropping and file handling flaws This was done by updating to the new version in stable branch. The stable branch receives only security fixes and this update does not provide any new features. - Fixed bnc#755869 CVE-2012-1988: Filebucket arbitrary code execution - Fixed bnc#755872 CVE-2012-1986: Arbitrary File Read - Fixed bnc#755870 CVE-2012-1987: Denial of Service - Fixed bnc#755871 CVE-2012-1989: Arbitrary File Write puppet-2.6.16-4.23.1.i586.rpm puppet-2.6.16-4.23.1.src.rpm puppet-server-2.6.16-4.23.1.i586.rpm puppet-2.6.16-4.23.1.x86_64.rpm puppet-server-2.6.16-4.23.1.x86_64.rpm openSUSE-2012-381 moderate openSUSE 11.4 Update Changes in libgdata: - Add libgdata-validate-ssl-cert.patch: validate SSL certificates for all connections. Fix bnc#752088, CVE-2012-1177. - Add gnome-common BuildRequires and call gnome-autogen.sh: needed for above patch. - Pass --with-ca-certs=/etc/ssl/ca-bundle.pem to configure to let libgdata know about the location of our certificates. libgdata-0.6.6-5.1.src.rpm libgdata-debugsource-0.6.6-5.1.i586.rpm libgdata-debugsource-0.6.6-5.1.ia64.rpm libgdata-debugsource-0.6.6-5.1.x86_64.rpm libgdata-devel-0.6.6-5.1.i586.rpm libgdata-lang-0.6.6-5.1.noarch.rpm libgdata7-0.6.6-5.1.i586.rpm libgdata7-32bit-0.6.6-5.1.x86_64.rpm libgdata7-debuginfo-0.6.6-5.1.i586.rpm libgdata7-debuginfo-32bit-0.6.6-5.1.x86_64.rpm libgdata7-debuginfo-x86-0.6.6-5.1.ia64.rpm libgdata7-debuginfo-x86-debuginfo-0.6.6-5.1.ia64.rpm libgdata7-x86-0.6.6-5.1.ia64.rpm libgdata-devel-0.6.6-5.1.x86_64.rpm libgdata7-0.6.6-5.1.x86_64.rpm libgdata7-debuginfo-0.6.6-5.1.x86_64.rpm openSUSE-2012-384 moderate openSUSE 11.4 Update Changes in pidgin: - bnc#761155, CVE-2012-2318, remote crash via specially-crafted MSN notification message finch-2.7.10-4.47.1.i586.rpm finch-debuginfo-2.7.10-4.47.1.i586.rpm finch-devel-2.7.10-4.47.1.i586.rpm libpurple-2.7.10-4.47.1.i586.rpm libpurple-debuginfo-2.7.10-4.47.1.i586.rpm libpurple-devel-2.7.10-4.47.1.i586.rpm libpurple-lang-2.7.10-4.47.1.noarch.rpm libpurple-meanwhile-2.7.10-4.47.1.i586.rpm libpurple-meanwhile-debuginfo-2.7.10-4.47.1.i586.rpm libpurple-tcl-2.7.10-4.47.1.i586.rpm libpurple-tcl-debuginfo-2.7.10-4.47.1.i586.rpm pidgin-2.7.10-4.47.1.i586.rpm pidgin-2.7.10-4.47.1.src.rpm pidgin-debuginfo-2.7.10-4.47.1.i586.rpm pidgin-debugsource-2.7.10-4.47.1.i586.rpm pidgin-devel-2.7.10-4.47.1.i586.rpm pidgin-evolution-2.7.10-4.47.1.i586.rpm pidgin-evolution-debuginfo-2.7.10-4.47.1.i586.rpm finch-2.7.10-4.47.1.x86_64.rpm finch-debuginfo-2.7.10-4.47.1.x86_64.rpm finch-devel-2.7.10-4.47.1.x86_64.rpm libpurple-2.7.10-4.47.1.x86_64.rpm libpurple-debuginfo-2.7.10-4.47.1.x86_64.rpm libpurple-devel-2.7.10-4.47.1.x86_64.rpm libpurple-meanwhile-2.7.10-4.47.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.7.10-4.47.1.x86_64.rpm libpurple-tcl-2.7.10-4.47.1.x86_64.rpm libpurple-tcl-debuginfo-2.7.10-4.47.1.x86_64.rpm pidgin-2.7.10-4.47.1.x86_64.rpm pidgin-debuginfo-2.7.10-4.47.1.x86_64.rpm pidgin-debugsource-2.7.10-4.47.1.x86_64.rpm pidgin-devel-2.7.10-4.47.1.x86_64.rpm pidgin-evolution-2.7.10-4.47.1.x86_64.rpm pidgin-evolution-debuginfo-2.7.10-4.47.1.x86_64.rpm openSUSE-2012-383 moderate openSUSE 11.4 Update Fixed domain name resolving flaw: CVE-2012-1033, bnc#746074 Non-security fixes: - more than 40 other bugs fixed (see CHANGES for details) - 9.7.6-P1 bind-9.7.6P1-0.31.1.i586.rpm bind-9.7.6P1-0.31.1.src.rpm bind-chrootenv-9.7.6P1-0.31.1.i586.rpm bind-debuginfo-9.7.6P1-0.31.1.i586.rpm bind-debugsource-9.7.6P1-0.31.1.i586.rpm bind-debugsource-9.7.6P1-0.31.1.ia64.rpm bind-debugsource-9.7.6P1-0.31.1.x86_64.rpm bind-devel-9.7.6P1-0.31.1.i586.rpm bind-doc-9.7.6P1-0.31.1.noarch.rpm bind-libs-32bit-9.7.6P1-0.31.1.x86_64.rpm bind-libs-9.7.6P1-0.31.1.i586.rpm bind-libs-debuginfo-32bit-9.7.6P1-0.31.1.x86_64.rpm bind-libs-debuginfo-9.7.6P1-0.31.1.i586.rpm bind-libs-debuginfo-x86-9.7.6P1-0.31.1.ia64.rpm bind-libs-debuginfo-x86-debuginfo-9.7.6P1-0.31.1.ia64.rpm bind-libs-x86-9.7.6P1-0.31.1.ia64.rpm bind-lwresd-9.7.6P1-0.31.1.i586.rpm bind-lwresd-debuginfo-9.7.6P1-0.31.1.i586.rpm bind-utils-9.7.6P1-0.31.1.i586.rpm bind-utils-debuginfo-9.7.6P1-0.31.1.i586.rpm bind-9.7.6P1-0.31.1.x86_64.rpm bind-chrootenv-9.7.6P1-0.31.1.x86_64.rpm bind-debuginfo-9.7.6P1-0.31.1.x86_64.rpm bind-devel-9.7.6P1-0.31.1.x86_64.rpm bind-libs-9.7.6P1-0.31.1.x86_64.rpm bind-libs-debuginfo-9.7.6P1-0.31.1.x86_64.rpm bind-lwresd-9.7.6P1-0.31.1.x86_64.rpm bind-lwresd-debuginfo-9.7.6P1-0.31.1.x86_64.rpm bind-utils-9.7.6P1-0.31.1.x86_64.rpm bind-utils-debuginfo-9.7.6P1-0.31.1.x86_64.rpm openSUSE-2012-376 moderate openSUSE 11.4 Update This update to scribus 1.4.1 has stability fixes, removes content with incorrect licensing. This update also adds new palettes and updated documentation and translations for many languages. scribus-1.4.1-5.1.i586.rpm scribus-1.4.1-5.1.src.rpm scribus-debuginfo-1.4.1-5.1.i586.rpm scribus-debugsource-1.4.1-5.1.i586.rpm scribus-devel-1.4.1-5.1.i586.rpm scribus-1.4.1-5.1.x86_64.rpm scribus-debuginfo-1.4.1-5.1.x86_64.rpm scribus-debugsource-1.4.1-5.1.x86_64.rpm scribus-devel-1.4.1-5.1.x86_64.rpm openSUSE-2012-390 low openSUSE 11.4 Update - fixed bnc#769770 to improve reporting of account names with equal UIDs. - change tmp fie handling and removed obsolete code - bnc#746042 handle new "rpm -Va" output for md5 sums and don't limit the mount point detection to special filesystems seccheck-2.0-668.673.1.noarch.rpm seccheck-2.0-668.673.1.src.rpm openSUSE-2012-389 low openSUSE 11.4 Update This update fixes the following issue for glibc: - 770060: Fix tls initialization with dlopen glibc-2.11.3-12.59.1.i686.rpm glibc-2.11.3-12.59.1.nosrc.rpm glibc-32bit-2.11.3-12.59.1.x86_64.rpm glibc-debuginfo-2.11.3-12.59.1.i686.rpm glibc-debuginfo-32bit-2.11.3-12.59.1.x86_64.rpm glibc-debuginfo-x86-2.11.3-12.59.1.ia64.rpm glibc-debugsource-2.11.3-12.59.1.i686.rpm glibc-devel-2.11.3-12.59.1.i686.rpm glibc-devel-32bit-2.11.3-12.59.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.59.1.i686.rpm glibc-devel-debuginfo-32bit-2.11.3-12.59.1.x86_64.rpm glibc-devel-debuginfo-x86-2.11.3-12.59.1.ia64.rpm glibc-html-2.11.3-12.59.1.i686.rpm glibc-i18ndata-2.11.3-12.59.1.i686.rpm glibc-info-2.11.3-12.59.1.i686.rpm glibc-locale-2.11.3-12.59.1.i686.rpm glibc-locale-32bit-2.11.3-12.59.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.59.1.i686.rpm glibc-locale-debuginfo-32bit-2.11.3-12.59.1.x86_64.rpm glibc-locale-debuginfo-x86-2.11.3-12.59.1.ia64.rpm glibc-locale-x86-2.11.3-12.59.1.ia64.rpm glibc-obsolete-2.11.3-12.59.1.i686.rpm glibc-obsolete-debuginfo-2.11.3-12.59.1.i686.rpm glibc-profile-2.11.3-12.59.1.i686.rpm glibc-profile-32bit-2.11.3-12.59.1.x86_64.rpm glibc-profile-x86-2.11.3-12.59.1.ia64.rpm glibc-x86-2.11.3-12.59.1.ia64.rpm nscd-2.11.3-12.59.1.i686.rpm nscd-debuginfo-2.11.3-12.59.1.i686.rpm glibc-2.11.3-12.59.1.i586.rpm glibc-2.11.3-12.59.1.src.rpm glibc-debuginfo-2.11.3-12.59.1.i586.rpm glibc-debugsource-2.11.3-12.59.1.i586.rpm glibc-devel-2.11.3-12.59.1.i586.rpm glibc-devel-debuginfo-2.11.3-12.59.1.i586.rpm glibc-html-2.11.3-12.59.1.i586.rpm glibc-i18ndata-2.11.3-12.59.1.i586.rpm glibc-info-2.11.3-12.59.1.i586.rpm glibc-locale-2.11.3-12.59.1.i586.rpm glibc-locale-debuginfo-2.11.3-12.59.1.i586.rpm glibc-obsolete-2.11.3-12.59.1.i586.rpm glibc-obsolete-debuginfo-2.11.3-12.59.1.i586.rpm glibc-profile-2.11.3-12.59.1.i586.rpm nscd-2.11.3-12.59.1.i586.rpm nscd-debuginfo-2.11.3-12.59.1.i586.rpm glibc-2.11.3-12.59.1.x86_64.rpm glibc-debuginfo-2.11.3-12.59.1.x86_64.rpm glibc-debugsource-2.11.3-12.59.1.x86_64.rpm glibc-devel-2.11.3-12.59.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.59.1.x86_64.rpm glibc-html-2.11.3-12.59.1.x86_64.rpm glibc-i18ndata-2.11.3-12.59.1.x86_64.rpm glibc-info-2.11.3-12.59.1.x86_64.rpm glibc-locale-2.11.3-12.59.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.59.1.x86_64.rpm glibc-obsolete-2.11.3-12.59.1.x86_64.rpm glibc-profile-2.11.3-12.59.1.x86_64.rpm nscd-2.11.3-12.59.1.x86_64.rpm nscd-debuginfo-2.11.3-12.59.1.x86_64.rpm openSUSE-2012-393 moderate openSUSE 11.4 Update Changes in libxslt, libxslt-python: - fixing an incorrect read operation in the XSL implementation (CVE-2012-2825, bnc#769182) that could cause a DoS condition libxslt-1.1.26-3.14.1.i586.rpm libxslt-1.1.26-3.14.1.src.rpm libxslt-32bit-1.1.26-3.14.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.14.1.i586.rpm libxslt-debuginfo-32bit-1.1.26-3.14.1.x86_64.rpm libxslt-debuginfo-x86-1.1.26-3.14.1.ia64.rpm libxslt-debugsource-1.1.26-3.14.1.i586.rpm libxslt-devel-1.1.26-3.14.1.i586.rpm libxslt-devel-32bit-1.1.26-3.14.1.x86_64.rpm libxslt-x86-1.1.26-3.14.1.ia64.rpm libxslt-1.1.26-3.14.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.14.1.x86_64.rpm libxslt-debugsource-1.1.26-3.14.1.x86_64.rpm libxslt-devel-1.1.26-3.14.1.x86_64.rpm openSUSE-2012-394 moderate openSUSE 11.4 Update The following changes have been made: - Add gypsy-CVE-2011-0523.patch: add config file to restrict the files that can be read. Fix CVE-2011-0523 and bnc#666839. - Add gypsy-CVE-2011-0524.patch: use snprintf() to avoid buffer overflows. Fix CVE-2011-0524 and bnc#666839. - Add gnome-common BuildRequires and call to gnome-autogen.sh for gypsy-CVE-2011-0523.patch, since it touches the build system. gypsy-0.8-5.1.i586.rpm gypsy-0.8-5.1.src.rpm gypsy-debuginfo-0.8-5.1.i586.rpm gypsy-debugsource-0.8-5.1.i586.rpm libgypsy-devel-0.8-5.1.i586.rpm libgypsy0-0.8-5.1.i586.rpm libgypsy0-debuginfo-0.8-5.1.i586.rpm gypsy-0.8-5.1.x86_64.rpm gypsy-debuginfo-0.8-5.1.x86_64.rpm gypsy-debugsource-0.8-5.1.x86_64.rpm libgypsy-devel-0.8-5.1.x86_64.rpm libgypsy0-0.8-5.1.x86_64.rpm libgypsy0-debuginfo-0.8-5.1.x86_64.rpm openSUSE-2012-407 moderate openSUSE 11.4 Update puppet was updated to fix various security issues: CVEs fixed: - bnc#770828 - CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master - bnc#770829 - CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients - bnc#770827 - CVE-2012-3866: puppet: last_run_report.yaml left world-readable - bnc#770833 - CVE-2012-3867: puppet: insufficient input validation for agent certificate names - using the new stable version, 2.6.17, which only receives security fixes. - Removed runlevel 4. puppet-2.6.17-26.1.i586.rpm puppet-2.6.17-26.1.src.rpm puppet-server-2.6.17-26.1.i586.rpm puppet-2.6.17-26.1.x86_64.rpm puppet-server-2.6.17-26.1.x86_64.rpm openSUSE-2012-408 low openSUSE 11.4 Update Bash was fixed to avoid a possible buffer overflow when expanding the /dev/fd prefix with e.g. the test builtin (bnc#770795) (CVE-2012-3410) Due to _FORTIFY_SOURCE=2 enablement, the exploit will only abort the shell. bash-4.1-20.28.1.i586.rpm bash-4.1-20.28.1.src.rpm bash-debuginfo-32bit-4.1-20.28.1.x86_64.rpm bash-debuginfo-4.1-20.28.1.i586.rpm bash-debuginfo-x86-4.1-20.28.1.ia64.rpm bash-debugsource-4.1-20.28.1.i586.rpm bash-devel-4.1-18.28.1.i586.rpm bash-doc-4.1-18.28.1.noarch.rpm bash-lang-4.1-20.28.1.noarch.rpm bash-loadables-4.1-18.28.1.i586.rpm bash-loadables-debuginfo-4.1-18.28.1.i586.rpm bash-x86-4.1-20.28.1.ia64.rpm libreadline6-32bit-6.1-18.28.1.x86_64.rpm libreadline6-6.1-18.28.1.i586.rpm libreadline6-debuginfo-32bit-6.1-18.28.1.x86_64.rpm libreadline6-debuginfo-6.1-18.28.1.i586.rpm libreadline6-debuginfo-x86-6.1-18.28.1.ia64.rpm libreadline6-x86-6.1-18.28.1.ia64.rpm readline-devel-32bit-6.1-18.28.1.x86_64.rpm readline-devel-6.1-18.28.1.i586.rpm readline-doc-6.1-18.28.1.noarch.rpm bash-4.1-20.28.1.x86_64.rpm bash-debuginfo-4.1-20.28.1.x86_64.rpm bash-debugsource-4.1-20.28.1.x86_64.rpm bash-devel-4.1-18.28.1.x86_64.rpm bash-loadables-4.1-18.28.1.x86_64.rpm bash-loadables-debuginfo-4.1-18.28.1.x86_64.rpm libreadline6-6.1-18.28.1.x86_64.rpm libreadline6-debuginfo-6.1-18.28.1.x86_64.rpm readline-devel-6.1-18.28.1.x86_64.rpm openSUSE-2012-409 moderate openSUSE 11.4 Update Fix integer overflow in XBM file loader. Fix bnc#762735, CVE-2012-2370. gdk-pixbuf-2.22.1-7.1.src.rpm gdk-pixbuf-debugsource-2.22.1-7.1.i586.rpm gdk-pixbuf-devel-2.22.1-7.1.i586.rpm gdk-pixbuf-devel-debuginfo-2.22.1-7.1.i586.rpm gdk-pixbuf-lang-2.22.1-7.1.noarch.rpm gdk-pixbuf-query-loaders-2.22.1-7.1.i586.rpm gdk-pixbuf-query-loaders-32bit-2.22.1-7.1.x86_64.rpm gdk-pixbuf-query-loaders-debuginfo-2.22.1-7.1.i586.rpm gdk-pixbuf-query-loaders-debuginfo-32bit-2.22.1-7.1.x86_64.rpm gdk-pixbuf-query-loaders-debuginfo-x86-2.22.1-7.1.ia64.rpm gdk-pixbuf-query-loaders-x86-2.22.1-7.1.ia64.rpm libgdk_pixbuf-2_0-0-2.22.1-7.1.i586.rpm libgdk_pixbuf-2_0-0-32bit-2.22.1-7.1.x86_64.rpm libgdk_pixbuf-2_0-0-debuginfo-2.22.1-7.1.i586.rpm libgdk_pixbuf-2_0-0-debuginfo-32bit-2.22.1-7.1.x86_64.rpm libgdk_pixbuf-2_0-0-debuginfo-x86-2.22.1-7.1.ia64.rpm libgdk_pixbuf-2_0-0-x86-2.22.1-7.1.ia64.rpm gdk-pixbuf-debugsource-2.22.1-7.1.x86_64.rpm gdk-pixbuf-devel-2.22.1-7.1.x86_64.rpm gdk-pixbuf-devel-debuginfo-2.22.1-7.1.x86_64.rpm gdk-pixbuf-query-loaders-2.22.1-7.1.x86_64.rpm gdk-pixbuf-query-loaders-debuginfo-2.22.1-7.1.x86_64.rpm libgdk_pixbuf-2_0-0-2.22.1-7.1.x86_64.rpm libgdk_pixbuf-2_0-0-debuginfo-2.22.1-7.1.x86_64.rpm openSUSE-2012-466 low openSUSE 11.4 Update This update brings Libreoffice to 3.5.4.7 and contains lots of bugfixes. libreoffice-branding-upstream-3.5.4.7-100.1.noarch.rpm libreoffice-branding-upstream-3.5.4.7-100.1.src.rpm libreoffice-help-en-US-3.5.4.7-100.1.noarch.rpm libreoffice-help-en-US-3.5.4.7-100.1.src.rpm libreoffice-help-cs-3.5.4.7-100.1.noarch.rpm libreoffice-help-da-3.5.4.7-100.1.noarch.rpm libreoffice-help-de-3.5.4.7-100.1.noarch.rpm libreoffice-help-en-GB-3.5.4.7-100.1.noarch.rpm libreoffice-help-group1-3.5.4.7-100.1.src.rpm libreoffice-help-en-ZA-3.5.4.7-100.1.noarch.rpm libreoffice-help-es-3.5.4.7-100.1.noarch.rpm libreoffice-help-et-3.5.4.7-100.1.noarch.rpm libreoffice-help-fr-3.5.4.7-100.1.noarch.rpm libreoffice-help-gl-3.5.4.7-100.1.noarch.rpm libreoffice-help-group2-3.5.4.7-100.1.src.rpm libreoffice-help-group3-3.5.4.7-100.1.src.rpm libreoffice-help-gu-IN-3.5.4.7-100.1.noarch.rpm libreoffice-help-hi-IN-3.5.4.7-100.1.noarch.rpm libreoffice-help-hu-3.5.4.7-100.1.noarch.rpm libreoffice-help-it-3.5.4.7-100.1.noarch.rpm libreoffice-help-ja-3.5.4.7-100.1.noarch.rpm libreoffice-help-km-3.5.4.7-100.1.noarch.rpm libreoffice-help-group4-3.5.4.7-100.1.src.rpm libreoffice-help-ko-3.5.4.7-100.1.noarch.rpm libreoffice-help-nl-3.5.4.7-100.1.noarch.rpm libreoffice-help-pl-3.5.4.7-100.1.noarch.rpm libreoffice-help-pt-3.5.4.7-100.1.noarch.rpm libreoffice-help-group5-3.5.4.7-100.1.src.rpm libreoffice-help-pt-BR-3.5.4.7-100.1.noarch.rpm libreoffice-help-ru-3.5.4.7-100.1.noarch.rpm libreoffice-help-sl-3.5.4.7-100.1.noarch.rpm libreoffice-help-sv-3.5.4.7-100.1.noarch.rpm libreoffice-help-zh-CN-3.5.4.7-100.1.noarch.rpm libreoffice-help-zh-TW-3.5.4.7-100.1.noarch.rpm libreoffice-icon-theme-crystal-3.5.4.7-100.1.noarch.rpm libreoffice-icon-theme-galaxy-3.5.4.7-100.1.noarch.rpm libreoffice-icon-theme-hicontrast-3.5.4.7-100.1.noarch.rpm libreoffice-icon-theme-oxygen-3.5.4.7-100.1.noarch.rpm libreoffice-icon-theme-tango-3.5.4.7-100.1.noarch.rpm libreoffice-icon-themes-3.5.4.7-100.1.src.rpm libreoffice-l10n-3.5.4.7-100.1.src.rpm libreoffice-l10n-af-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ar-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-be-BY-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-bg-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-br-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ca-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-cs-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-cy-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-da-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-de-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-el-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-en-GB-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-en-ZA-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-es-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-et-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-fi-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-fr-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ga-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-gl-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-gu-IN-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-he-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-hi-IN-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-hr-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-hu-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-it-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ja-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ka-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-km-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ko-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-lt-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-mk-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-nb-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-nl-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-nn-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-nr-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-pa-IN-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-pl-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-pt-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-pt-BR-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ru-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-rw-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-sh-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-sk-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-sl-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-sr-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ss-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-st-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-sv-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-tg-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-th-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-tr-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ts-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-uk-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-ve-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-vi-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-xh-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-zh-CN-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-zh-TW-3.5.4.7-100.1.noarch.rpm libreoffice-l10n-zu-3.5.4.7-100.1.noarch.rpm libreoffice-languagetool-1.4-37.1.noarch.rpm libreoffice-languagetool-1.4-37.1.src.rpm libreoffice-languagetool-ca-1.4-37.1.noarch.rpm libreoffice-languagetool-de-1.4-37.1.noarch.rpm libreoffice-languagetool-en-1.4-37.1.noarch.rpm libreoffice-languagetool-es-1.4-37.1.noarch.rpm libreoffice-languagetool-fr-1.4-37.1.noarch.rpm libreoffice-languagetool-gl-1.4-37.1.noarch.rpm libreoffice-languagetool-it-1.4-37.1.noarch.rpm libreoffice-languagetool-km-1.4-37.1.noarch.rpm libreoffice-languagetool-nl-1.4-37.1.noarch.rpm libreoffice-languagetool-pl-1.4-37.1.noarch.rpm libreoffice-languagetool-ro-1.4-37.1.noarch.rpm libreoffice-languagetool-ru-1.4-37.1.noarch.rpm libreoffice-languagetool-sk-1.4-37.1.noarch.rpm libreoffice-languagetool-sv-1.4-37.1.noarch.rpm libreoffice-openclipart-3.5-6.3.noarch.rpm libreoffice-openclipart-3.5-6.3.src.rpm libreoffice-3.5.4.7-100.1.i586.rpm libreoffice-3.5.4.7-100.1.src.rpm libreoffice-base-3.5.4.7-100.1.i586.rpm libreoffice-base-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-base-drivers-mysql-3.5.4.7-100.1.i586.rpm libreoffice-base-drivers-mysql-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-base-drivers-postgresql-3.5.4.7-100.1.i586.rpm libreoffice-base-drivers-postgresql-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-base-extensions-3.5.4.7-100.1.i586.rpm libreoffice-calc-3.5.4.7-100.1.i586.rpm libreoffice-calc-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-calc-extensions-3.5.4.7-100.1.i586.rpm libreoffice-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-debugsource-3.5.4.7-100.1.i586.rpm libreoffice-draw-3.5.4.7-100.1.i586.rpm libreoffice-draw-extensions-3.5.4.7-100.1.i586.rpm libreoffice-draw-extensions-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-filters-optional-3.5.4.7-100.1.i586.rpm libreoffice-filters-optional-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-gnome-3.5.4.7-100.1.i586.rpm libreoffice-gnome-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-icon-themes-prebuilt-3.5.4.7-100.1.i586.rpm libreoffice-impress-3.5.4.7-100.1.i586.rpm libreoffice-impress-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-impress-extensions-3.5.4.7-100.1.i586.rpm libreoffice-impress-extensions-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-kde-3.5.4.7-100.1.i586.rpm libreoffice-kde-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-kde4-3.5.4.7-100.1.i586.rpm libreoffice-kde4-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-l10n-prebuilt-3.5.4.7-100.1.i586.rpm libreoffice-mailmerge-3.5.4.7-100.1.i586.rpm libreoffice-math-3.5.4.7-100.1.i586.rpm libreoffice-math-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-officebean-3.5.4.7-100.1.i586.rpm libreoffice-officebean-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-pyuno-3.5.4.7-100.1.i586.rpm libreoffice-pyuno-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-sdk-3.5.4.7-100.1.i586.rpm libreoffice-sdk-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-sdk-doc-3.5.4.7-100.1.i586.rpm libreoffice-writer-3.5.4.7-100.1.i586.rpm libreoffice-writer-debuginfo-3.5.4.7-100.1.i586.rpm libreoffice-writer-extensions-3.5.4.7-100.1.i586.rpm libreoffice-3.5.4.7-100.1.x86_64.rpm libreoffice-base-3.5.4.7-100.1.x86_64.rpm libreoffice-base-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-base-drivers-mysql-3.5.4.7-100.1.x86_64.rpm libreoffice-base-drivers-mysql-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-base-drivers-postgresql-3.5.4.7-100.1.x86_64.rpm libreoffice-base-drivers-postgresql-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-base-extensions-3.5.4.7-100.1.x86_64.rpm libreoffice-calc-3.5.4.7-100.1.x86_64.rpm libreoffice-calc-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-calc-extensions-3.5.4.7-100.1.x86_64.rpm libreoffice-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-debugsource-3.5.4.7-100.1.x86_64.rpm libreoffice-draw-3.5.4.7-100.1.x86_64.rpm libreoffice-draw-extensions-3.5.4.7-100.1.x86_64.rpm libreoffice-draw-extensions-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-filters-optional-3.5.4.7-100.1.x86_64.rpm libreoffice-filters-optional-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-gnome-3.5.4.7-100.1.x86_64.rpm libreoffice-gnome-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-icon-themes-prebuilt-3.5.4.7-100.1.x86_64.rpm libreoffice-impress-3.5.4.7-100.1.x86_64.rpm libreoffice-impress-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-impress-extensions-3.5.4.7-100.1.x86_64.rpm libreoffice-impress-extensions-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-kde-3.5.4.7-100.1.x86_64.rpm libreoffice-kde-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-kde4-3.5.4.7-100.1.x86_64.rpm libreoffice-kde4-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-l10n-prebuilt-3.5.4.7-100.1.x86_64.rpm libreoffice-mailmerge-3.5.4.7-100.1.x86_64.rpm libreoffice-math-3.5.4.7-100.1.x86_64.rpm libreoffice-math-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-officebean-3.5.4.7-100.1.x86_64.rpm libreoffice-officebean-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-pyuno-3.5.4.7-100.1.x86_64.rpm libreoffice-pyuno-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-sdk-3.5.4.7-100.1.x86_64.rpm libreoffice-sdk-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-sdk-doc-3.5.4.7-100.1.x86_64.rpm libreoffice-writer-3.5.4.7-100.1.x86_64.rpm libreoffice-writer-debuginfo-3.5.4.7-100.1.x86_64.rpm libreoffice-writer-extensions-3.5.4.7-100.1.x86_64.rpm openSUSE-2012-448 low openSUSE 11.4 Update The game rocksndiamonds created ~/.rocksndiamonds/ world writeable, allowing other users to save files in there or corrupt your game state. This was fixed. rocksndiamonds-3.2.4-94.2.i586.rpm rocksndiamonds-3.2.4-94.2.src.rpm rocksndiamonds-debuginfo-3.2.4-94.2.i586.rpm rocksndiamonds-debugsource-3.2.4-94.2.i586.rpm rocksndiamonds-3.2.4-94.2.x86_64.rpm rocksndiamonds-debuginfo-3.2.4-94.2.x86_64.rpm rocksndiamonds-debugsource-3.2.4-94.2.x86_64.rpm openSUSE-2012-438 low openSUSE 11.4 Update dbus-1 had a low global session limit making larger deployments less usable. This update does: - add patch: dbus-1.2.10-fd-limit-backport.patch - Raise file descriptor limit to match configuration. The default configuration has hardcoded 2048 complete connections, and 64 incomplete. We need at least that number of file descriptors, plus some for internal use. In the bus, attempt to call setrlimit() before we drop privileges. Practically speaking for this means the system bus gets it, the session bus doesn't. Upstream: bugs.freedesktop.org/show_bug.cgi?id=33474 . Fixes bnc#739743). dbus-1-1.4.1-7.24.1.i586.rpm dbus-1-1.4.1-7.24.1.src.rpm dbus-1-32bit-1.4.1-7.24.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.24.1.i586.rpm dbus-1-debuginfo-32bit-1.4.1-7.24.1.x86_64.rpm dbus-1-debuginfo-x86-1.4.1-7.24.1.ia64.rpm dbus-1-debugsource-1.4.1-7.24.1.i586.rpm dbus-1-devel-1.4.1-7.24.1.i586.rpm dbus-1-devel-32bit-1.4.1-7.24.1.x86_64.rpm dbus-1-devel-doc-1.4.1-7.24.1.noarch.rpm dbus-1-x86-1.4.1-7.24.1.ia64.rpm dbus-1-1.4.1-7.24.1.x86_64.rpm dbus-1-debuginfo-1.4.1-7.24.1.x86_64.rpm dbus-1-debugsource-1.4.1-7.24.1.x86_64.rpm dbus-1-devel-1.4.1-7.24.1.x86_64.rpm openSUSE-2012-432 moderate openSUSE 11.4 Update Changes in pidgin: - Fixing bnc#752275, CVE-2012-1178: Pidgin fails to verify the text's utf-8 encoding finch-2.7.10-4.50.1.i586.rpm finch-debuginfo-2.7.10-4.50.1.i586.rpm finch-devel-2.7.10-4.50.1.i586.rpm libpurple-2.7.10-4.50.1.i586.rpm libpurple-debuginfo-2.7.10-4.50.1.i586.rpm libpurple-devel-2.7.10-4.50.1.i586.rpm libpurple-lang-2.7.10-4.50.1.noarch.rpm libpurple-meanwhile-2.7.10-4.50.1.i586.rpm libpurple-meanwhile-debuginfo-2.7.10-4.50.1.i586.rpm libpurple-tcl-2.7.10-4.50.1.i586.rpm libpurple-tcl-debuginfo-2.7.10-4.50.1.i586.rpm pidgin-2.7.10-4.50.1.i586.rpm pidgin-2.7.10-4.50.1.src.rpm pidgin-debuginfo-2.7.10-4.50.1.i586.rpm pidgin-debugsource-2.7.10-4.50.1.i586.rpm pidgin-devel-2.7.10-4.50.1.i586.rpm pidgin-evolution-2.7.10-4.50.1.i586.rpm pidgin-evolution-debuginfo-2.7.10-4.50.1.i586.rpm finch-2.7.10-4.50.1.x86_64.rpm finch-debuginfo-2.7.10-4.50.1.x86_64.rpm finch-devel-2.7.10-4.50.1.x86_64.rpm libpurple-2.7.10-4.50.1.x86_64.rpm libpurple-debuginfo-2.7.10-4.50.1.x86_64.rpm libpurple-devel-2.7.10-4.50.1.x86_64.rpm libpurple-meanwhile-2.7.10-4.50.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.7.10-4.50.1.x86_64.rpm libpurple-tcl-2.7.10-4.50.1.x86_64.rpm libpurple-tcl-debuginfo-2.7.10-4.50.1.x86_64.rpm pidgin-2.7.10-4.50.1.x86_64.rpm pidgin-debuginfo-2.7.10-4.50.1.x86_64.rpm pidgin-debugsource-2.7.10-4.50.1.x86_64.rpm pidgin-devel-2.7.10-4.50.1.x86_64.rpm pidgin-evolution-2.7.10-4.50.1.x86_64.rpm pidgin-evolution-debuginfo-2.7.10-4.50.1.x86_64.rpm openSUSE-2012-440 low openSUSE 11.4 Update Several security issues were found by the Google Security Team in libexif and fixed there. libexif-0.6.20-10.1.src.rpm libexif-debugsource-0.6.20-10.1.i586.rpm libexif-devel-0.6.20-10.1.i586.rpm libexif12-0.6.20-10.1.i586.rpm libexif12-32bit-0.6.20-10.1.x86_64.rpm libexif12-debuginfo-0.6.20-10.1.i586.rpm libexif12-debuginfo-32bit-0.6.20-10.1.x86_64.rpm libexif12-debuginfo-x86-0.6.20-10.1.ia64.rpm libexif12-x86-0.6.20-10.1.ia64.rpm libexif-debugsource-0.6.20-10.1.x86_64.rpm libexif-devel-0.6.20-10.1.x86_64.rpm libexif12-0.6.20-10.1.x86_64.rpm libexif12-debuginfo-0.6.20-10.1.x86_64.rpm openSUSE-2012-439 moderate openSUSE 11.4 Update Changes in arpwatch: - arpwatch-2.1a11-drop-privs.dif: call initgroups() with pw->pw_gid, not NULL, to not have groupid 0 initialized. (bnc#764521, CVE-2012-2653) arpwatch-2.1a15-143.1.i586.rpm arpwatch-2.1a15-143.1.src.rpm arpwatch-debuginfo-2.1a15-143.1.i586.rpm arpwatch-debugsource-2.1a15-143.1.i586.rpm arpwatch-ethercodes-build-2.1a15-143.1.i586.rpm arpwatch-2.1a15-143.1.x86_64.rpm arpwatch-debuginfo-2.1a15-143.1.x86_64.rpm arpwatch-debugsource-2.1a15-143.1.x86_64.rpm arpwatch-ethercodes-build-2.1a15-143.1.x86_64.rpm openSUSE-2012-410 critical openSUSE 11.4 Update MozillaFirefox was updated to 14.0.1 to fix various bugs and security issues. Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. CVE-2012-1949: Brian Smith, Gary Kwong, Christian Holler, Jesse Ruderman, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey reported memory safety problems and crashes that affect Firefox 13. CVE-2012-1948: Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 13. MFSA 2012-43 / CVE-2012-1950: Security researcher Mario Gomes andresearch firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the addressbar by canceling the page load. This causes the address of the previously site entered to be displayed in the addressbar instead of the currently loaded page. This could lead to potential phishing attacks on users. MFSA 2012-44 Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues: two use-after-free problems, one out of bounds read bug, and a bad cast. The first use-after-free problem is caused when an array of nsSMILTimeValueSpec objects is destroyed but attempts are made to call into objects in this array later. The second use-after-free problem is in nsDocument::AdoptNode when it adopts into an empty document and then adopts into another document, emptying the first one. The heap buffer overflow is in ElementAnimations when data is read off of end of an array and then pointers are dereferenced. The bad cast happens when nsTableFrame::InsertFrames is called with frames in aFrameList that are a mix of row group frames and column group frames. AppendFrames is not able to handle this mix. All four of these issues are potentially exploitable. CVE-2012-1951: Heap-use-after-free in nsSMILTimeValueSpec::IsEventBased CVE-2012-1954: Heap-use-after-free in nsDocument::AdoptNode CVE-2012-1953: Out of bounds read in ElementAnimations::EnsureStyleRuleFor CVE-2012-1952: Bad cast in nsTableFrame::InsertFrames MFSA 2012-45 / CVE-2012-1955: Security researcher Mariusz Mlynski reported an issue with spoofing of the location property. In this issue, calls to history.forward and history.back are used to navigate to a site while displaying the previous site in the addressbar but changing the baseURI to the newer site. This can be used for phishing by allowing the user input form or other data on the newer, attacking, site while appearing to be on the older, displayed site. MFSA 2012-46 / CVE-2012-1966: Mozilla security researcher moz_bug_r_a4 reported a cross-site scripting (XSS) attack through the context menu using a data: URL. In this issue, context menu functionality ("View Image", "Show only this frame", and "View background image") are disallowed in a javascript: URL but allowed in a data: URL, allowing for XSS. This can lead to arbitrary code execution. MFSA 2012-47 / CVE-2012-1957: Security researcher Mario Heiderich reported that javascript could be executed in the HTML feed-view using <embed> tag within the RSS <description>. This problem is due to <embed> tags not being filtered out during parsing and can lead to a potential cross-site scripting (XSS) attack. The flaw existed in a parser utility class and could affect other parts of the browser or add-ons which rely on that class to sanitize untrusted input. MFSA 2012-48 / CVE-2012-1958: Security researcher Arthur Gerkis used the Address Sanitizer tool to find a use-after-free in nsGlobalWindow::PageHidden when mFocusedContent is released and oldFocusedContent is used afterwards. This use-after-free could possibly allow for remote code execution. MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby Holley found that same-compartment security wrappers (SCSW) can be bypassed by passing them to another compartment. Cross-compartment wrappers often do not go through SCSW, but have a filtering policy built into them. When an object is wrapped cross-compartment, the SCSW is stripped off and, when the object is read read back, it is not known that SCSW was previously present, resulting in a bypassing of SCSW. This could result in untrusted content having access to the XBL that implements browser functionality. MFSA 2012-50 / CVE-2012-1960: Google developer Tony Payne reported an out of bounds (OOB) read in QCMS, Mozilla’s color management library. With a carefully crafted color profile portions of a user's memory could be incorporated into a transformed image and possibly deciphered. MFSA 2012-51 / CVE-2012-1961: Bugzilla developer Frédéric Buclin reported that the "X-Frame-Options header is ignored when the value is duplicated, for example X-Frame-Options: SAMEORIGIN, SAMEORIGIN. This duplication occurs for unknown reasons on some websites and when it occurs results in Mozilla browsers not being protected against possible clickjacking attacks on those pages. MFSA 2012-52 / CVE-2012-1962: Security researcher Bill Keese reported a memory corruption. This is caused by JSDependentString::undepend changing a dependent string into a fixed string when there are additional dependent strings relying on the same base. When the undepend occurs during conversion, the base data is freed, leaving other dependent strings with dangling pointers. This can lead to a potentially exploitable crash. MFSA 2012-53 / CVE-2012-1963: Security researcher Karthikeyan Bhargavan of Prosecco at INRIA reported Content Security Policy (CSP) 1.0 implementation errors. CSP violation reports generated by Firefox and sent to the "report-uri" location include sensitive data within the "blocked-uri" parameter. These include fragment components and query strings even if the "blocked-uri" parameter has a different origin than the protected resource. This can be used to retrieve a user's OAuth 2.0 access tokens and OpenID credentials by malicious sites. MFSA 2012-54 / CVE-2012-1964: Security Researcher Matt McCutchen reported that a clickjacking attack using the certificate warning page. A man-in-the-middle (MITM) attacker can use an iframe to display its own certificate error warning page (about:certerror) with the "Add Exception" button of a real warning page from a malicious site. This can mislead users to adding a certificate exception for a different site than the perceived one. This can lead to compromised communications with the user perceived site through the MITM attack once the certificate exception has been added. MFSA 2012-55 / CVE-2012-1965: Security researchers Mario Gomes and Soroush Dalili reported that since Mozilla allows the pseudo-protocol feed: to prefix any valid URL, it is possible to construct feed:javascript: URLs that will execute scripts in some contexts. On some sites it may be possible to use this to evade output filtering that would otherwise strip javascript: URLs and thus contribute to cross-site scripting (XSS) problems on these sites. MFSA 2012-56 / CVE-2012-1967: Mozilla security researcher moz_bug_r_a4 reported a arbitrary code execution attack using a javascript: URL. The Gecko engine features a JavaScript sandbox utility that allows the browser or add-ons to safely execute script in the context of a web page. In certain cases, javascript: URLs are executed in such a sandbox with insufficient context that can allow those scripts to escape from the sandbox and run with elevated privilege. This can lead to arbitrary code execution. MozillaFirefox-14.0.1-28.1.i586.rpm MozillaFirefox-14.0.1-28.1.src.rpm MozillaFirefox-branding-upstream-14.0.1-28.1.i586.rpm MozillaFirefox-buildsymbols-14.0.1-28.1.i586.rpm MozillaFirefox-debuginfo-14.0.1-28.1.i586.rpm MozillaFirefox-debugsource-14.0.1-28.1.i586.rpm MozillaFirefox-devel-14.0.1-28.1.i586.rpm MozillaFirefox-translations-common-14.0.1-28.1.i586.rpm MozillaFirefox-translations-other-14.0.1-28.1.i586.rpm MozillaFirefox-14.0.1-28.1.x86_64.rpm MozillaFirefox-branding-upstream-14.0.1-28.1.x86_64.rpm MozillaFirefox-buildsymbols-14.0.1-28.1.x86_64.rpm MozillaFirefox-debuginfo-14.0.1-28.1.x86_64.rpm MozillaFirefox-debugsource-14.0.1-28.1.x86_64.rpm MozillaFirefox-devel-14.0.1-28.1.x86_64.rpm MozillaFirefox-translations-common-14.0.1-28.1.x86_64.rpm MozillaFirefox-translations-other-14.0.1-28.1.x86_64.rpm openSUSE-2012-443 important openSUSE 11.4 Update Mozilla Thunderbird was updated to version 14.0 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs * relicensed to MPL-2.0 - update Enigmail to 1.4.3 - no crashreport on %arm, fixing build MozillaThunderbird-14.0-24.2.i586.rpm MozillaThunderbird-14.0-24.2.src.rpm MozillaThunderbird-buildsymbols-14.0-24.2.i586.rpm MozillaThunderbird-debuginfo-14.0-24.2.i586.rpm MozillaThunderbird-debugsource-14.0-24.2.i586.rpm MozillaThunderbird-devel-14.0-24.2.i586.rpm MozillaThunderbird-devel-debuginfo-14.0-24.2.i586.rpm MozillaThunderbird-translations-common-14.0-24.2.i586.rpm MozillaThunderbird-translations-other-14.0-24.2.i586.rpm enigmail-1.4.3+14.0-24.2.i586.rpm enigmail-debuginfo-1.4.3+14.0-24.2.i586.rpm MozillaThunderbird-14.0-24.1.x86_64.rpm MozillaThunderbird-buildsymbols-14.0-24.1.x86_64.rpm MozillaThunderbird-debuginfo-14.0-24.1.x86_64.rpm MozillaThunderbird-debugsource-14.0-24.1.x86_64.rpm MozillaThunderbird-devel-14.0-24.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-14.0-24.1.x86_64.rpm MozillaThunderbird-translations-common-14.0-24.1.x86_64.rpm MozillaThunderbird-translations-other-14.0-24.1.x86_64.rpm enigmail-1.4.3+14.0-24.1.x86_64.rpm enigmail-debuginfo-1.4.3+14.0-24.1.x86_64.rpm openSUSE-2012-473 important openSUSE 11.4 Update Seamonkey was updated to version 2.11 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs * relicensed to MPL-2.0 - updated/removed patches - requires NSS 3.13.5 - update to Seamonkey 2.10.1 seamonkey-2.11-24.3.i586.rpm seamonkey-2.11-24.3.src.rpm seamonkey-debuginfo-2.11-24.3.i586.rpm seamonkey-debugsource-2.11-24.3.i586.rpm seamonkey-dom-inspector-2.11-24.3.i586.rpm seamonkey-irc-2.11-24.3.i586.rpm seamonkey-translations-common-2.11-24.3.i586.rpm seamonkey-translations-other-2.11-24.3.i586.rpm seamonkey-venkman-2.11-24.3.i586.rpm seamonkey-2.11-24.3.x86_64.rpm seamonkey-debuginfo-2.11-24.3.x86_64.rpm seamonkey-debugsource-2.11-24.3.x86_64.rpm seamonkey-dom-inspector-2.11-24.3.x86_64.rpm seamonkey-irc-2.11-24.3.x86_64.rpm seamonkey-translations-common-2.11-24.3.x86_64.rpm seamonkey-translations-other-2.11-24.3.x86_64.rpm seamonkey-venkman-2.11-24.3.x86_64.rpm openSUSE-2012-492 moderate openSUSE 11.4 Update The following issues was fixed in tiff: - a overflow in tiff2pdf (CVE-2012-3401) [bnc#770816] libtiff-devel-3.9.4-31.1.i586.rpm libtiff-devel-32bit-3.9.4-31.1.x86_64.rpm libtiff3-3.9.4-31.1.i586.rpm libtiff3-32bit-3.9.4-31.1.x86_64.rpm libtiff3-debuginfo-3.9.4-31.1.i586.rpm libtiff3-debuginfo-32bit-3.9.4-31.1.x86_64.rpm libtiff3-debuginfo-x86-3.9.4-31.1.ia64.rpm libtiff3-x86-3.9.4-31.1.ia64.rpm tiff-3.9.4-31.1.i586.rpm tiff-3.9.4-31.1.src.rpm tiff-debuginfo-3.9.4-31.1.i586.rpm tiff-debugsource-3.9.4-31.1.i586.rpm libtiff-devel-3.9.4-31.1.x86_64.rpm libtiff3-3.9.4-31.1.x86_64.rpm libtiff3-debuginfo-3.9.4-31.1.x86_64.rpm tiff-3.9.4-31.1.x86_64.rpm tiff-debuginfo-3.9.4-31.1.x86_64.rpm tiff-debugsource-3.9.4-31.1.x86_64.rpm openSUSE-2012-469 moderate openSUSE 11.4 Update - fixed heap overflow [bnc#771791] * CVE-2012-2806.patch libjpeg-turbo-1.0.1-6.1.i586.rpm libjpeg-turbo-1.0.1-6.1.src.rpm libjpeg-turbo-debuginfo-1.0.1-6.1.i586.rpm libjpeg-turbo-debugsource-1.0.1-6.1.i586.rpm libjpeg62-32bit-62.0.0-6.1.x86_64.rpm libjpeg62-62.0.0-6.1.i586.rpm libjpeg62-debuginfo-32bit-62.0.0-6.1.x86_64.rpm libjpeg62-debuginfo-62.0.0-6.1.i586.rpm libjpeg62-debuginfo-x86-62.0.0-6.1.ia64.rpm libjpeg62-devel-32bit-62.0.0-6.1.x86_64.rpm libjpeg62-devel-62.0.0-6.1.i586.rpm libjpeg62-x86-62.0.0-6.1.ia64.rpm libjpeg-turbo-1.0.1-6.1.x86_64.rpm libjpeg-turbo-debuginfo-1.0.1-6.1.x86_64.rpm libjpeg-turbo-debugsource-1.0.1-6.1.x86_64.rpm libjpeg62-62.0.0-6.1.x86_64.rpm libjpeg62-debuginfo-62.0.0-6.1.x86_64.rpm libjpeg62-devel-62.0.0-6.1.x86_64.rpm openSUSE-2012-491 moderate openSUSE 11.4 Update This security update fixes problems in rhythmbox: - Add rhythmbox-CVE-2012-3355.patch: fix insecure temporary directory use in context plugin. (bnc#768681, CVE-2012-3355) rhythmbox-0.13.3-8.1.i586.rpm rhythmbox-0.13.3-8.1.src.rpm rhythmbox-debuginfo-0.13.3-8.1.i586.rpm rhythmbox-debugsource-0.13.3-8.1.i586.rpm rhythmbox-devel-0.13.3-8.1.i586.rpm rhythmbox-lang-0.13.3-8.1.noarch.rpm rhythmbox-0.13.3-8.1.x86_64.rpm rhythmbox-debuginfo-0.13.3-8.1.x86_64.rpm rhythmbox-debugsource-0.13.3-8.1.x86_64.rpm rhythmbox-devel-0.13.3-8.1.x86_64.rpm openSUSE-2012-470 moderate openSUSE 11.4 Update - This version update fixes the following security issues (bnc#772738): * The PPP dissector could crash (wnpa-sec-2012-11 CVE-2012-4048) * The NFS dissector could use excessive amounts of CPU (wnpa-sec-2012-12 CVE-2012-4049) wireshark-1.4.14-0.19.1.i586.rpm wireshark-1.4.14-0.19.1.src.rpm wireshark-debuginfo-1.4.14-0.19.1.i586.rpm wireshark-debugsource-1.4.14-0.19.1.i586.rpm wireshark-devel-1.4.14-0.19.1.i586.rpm wireshark-1.4.14-0.19.1.x86_64.rpm wireshark-debuginfo-1.4.14-0.19.1.x86_64.rpm wireshark-debugsource-1.4.14-0.19.1.x86_64.rpm wireshark-devel-1.4.14-0.19.1.x86_64.rpm openSUSE-2012-471 low openSUSE 11.4 Update - Add vte-CVE-2011-2198.patch: fix memory exhaustion through malicious escape sequences. Fix bnc#699214, CVE-2011-2198 (openSUSE 11.4 only). - Add vte-CVE-2012-2738.patch: fix potential DoS through malicious escape sequences. Fix bnc#772761, CVE-2012-2738. glade3-catalog-vte-0.26.2-5.1.i586.rpm libvte9-0.26.2-5.1.i586.rpm libvte9-debuginfo-0.26.2-5.1.i586.rpm python-vte-0.26.2-5.1.i586.rpm python-vte-debuginfo-0.26.2-5.1.i586.rpm vte-0.26.2-5.1.src.rpm vte-debugsource-0.26.2-5.1.i586.rpm vte-devel-0.26.2-5.1.i586.rpm vte-lang-0.26.2-5.1.noarch.rpm vte-tools-0.26.2-5.1.i586.rpm vte-tools-debuginfo-0.26.2-5.1.i586.rpm glade3-catalog-vte-0.26.2-5.1.x86_64.rpm libvte9-0.26.2-5.1.x86_64.rpm libvte9-debuginfo-0.26.2-5.1.x86_64.rpm python-vte-0.26.2-5.1.x86_64.rpm python-vte-debuginfo-0.26.2-5.1.x86_64.rpm vte-debugsource-0.26.2-5.1.x86_64.rpm vte-devel-0.26.2-5.1.x86_64.rpm vte-tools-0.26.2-5.1.x86_64.rpm vte-tools-debuginfo-0.26.2-5.1.x86_64.rpm openSUSE-2012-474 moderate openSUSE 11.4 Update - fixed CVE-2012-3425 [bnc#772760] libpng14-1.4.4-23.1.src.rpm libpng14-14-1.4.4-23.1.i586.rpm libpng14-14-32bit-1.4.4-23.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-23.1.i586.rpm libpng14-14-debuginfo-32bit-1.4.4-23.1.x86_64.rpm libpng14-14-debuginfo-x86-1.4.4-23.1.ia64.rpm libpng14-14-x86-1.4.4-23.1.ia64.rpm libpng14-compat-devel-1.4.4-23.1.i586.rpm libpng14-compat-devel-32bit-1.4.4-23.1.x86_64.rpm libpng14-debugsource-1.4.4-23.1.i586.rpm libpng14-devel-1.4.4-23.1.i586.rpm libpng14-devel-32bit-1.4.4-23.1.x86_64.rpm libpng14-14-1.4.4-23.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-23.1.x86_64.rpm libpng14-compat-devel-1.4.4-23.1.x86_64.rpm libpng14-debugsource-1.4.4-23.1.x86_64.rpm libpng14-devel-1.4.4-23.1.x86_64.rpm openSUSE-2012-493 moderate openSUSE 11.4 Update bind was updated to fix a remote denial of service (crash) problem in high load DNSSEC scenarious. bind-9.7.6P2-0.34.1.i586.rpm bind-9.7.6P2-0.34.1.src.rpm bind-chrootenv-9.7.6P2-0.34.1.i586.rpm bind-debuginfo-9.7.6P2-0.34.1.i586.rpm bind-debugsource-9.7.6P2-0.34.1.i586.rpm bind-devel-9.7.6P2-0.34.1.i586.rpm bind-doc-9.7.6P2-0.34.1.noarch.rpm bind-libs-32bit-9.7.6P2-0.34.1.x86_64.rpm bind-libs-9.7.6P2-0.34.1.i586.rpm bind-libs-debuginfo-32bit-9.7.6P2-0.34.1.x86_64.rpm bind-libs-debuginfo-9.7.6P2-0.34.1.i586.rpm bind-libs-debuginfo-x86-9.7.6P2-0.34.1.ia64.rpm bind-libs-x86-9.7.6P2-0.34.1.ia64.rpm bind-lwresd-9.7.6P2-0.34.1.i586.rpm bind-lwresd-debuginfo-9.7.6P2-0.34.1.i586.rpm bind-utils-9.7.6P2-0.34.1.i586.rpm bind-utils-debuginfo-9.7.6P2-0.34.1.i586.rpm bind-9.7.6P2-0.34.1.x86_64.rpm bind-chrootenv-9.7.6P2-0.34.1.x86_64.rpm bind-debuginfo-9.7.6P2-0.34.1.x86_64.rpm bind-debugsource-9.7.6P2-0.34.1.x86_64.rpm bind-devel-9.7.6P2-0.34.1.x86_64.rpm bind-libs-9.7.6P2-0.34.1.x86_64.rpm bind-libs-debuginfo-9.7.6P2-0.34.1.x86_64.rpm bind-lwresd-9.7.6P2-0.34.1.x86_64.rpm bind-lwresd-debuginfo-9.7.6P2-0.34.1.x86_64.rpm bind-utils-9.7.6P2-0.34.1.x86_64.rpm bind-utils-debuginfo-9.7.6P2-0.34.1.x86_64.rpm openSUSE-2012-498 moderate openSUSE 11.4 Update Mono was updated to fix: A cross site scripting attack in the System.Web class "forbidden extensions" filtering was fixed. (CVE-2012-3382) ibm-data-db2-2.8.2-0.5.1.i586.rpm libmono-2_0-1-2.8.2-0.5.1.i586.rpm libmono-2_0-1-debuginfo-2.8.2-0.5.1.i586.rpm libmono-2_0-devel-2.8.2-0.5.1.i586.rpm libmonosgen-2_0-0-2.8.2-0.5.1.i586.rpm libmonosgen-2_0-0-debuginfo-2.8.2-0.5.1.i586.rpm libmonosgen-2_0-devel-2.8.2-0.5.1.i586.rpm mono-complete-2.8.2-0.5.1.i586.rpm mono-core-2.8.2-0.5.1.i586.rpm mono-core-2.8.2-0.5.1.src.rpm mono-core-debuginfo-2.8.2-0.5.1.i586.rpm mono-core-debugsource-2.8.2-0.5.1.i586.rpm mono-data-2.8.2-0.5.1.i586.rpm mono-data-oracle-2.8.2-0.5.1.i586.rpm mono-data-postgresql-2.8.2-0.5.1.i586.rpm mono-data-sqlite-2.8.2-0.5.1.i586.rpm mono-devel-2.8.2-0.5.1.i586.rpm mono-devel-debuginfo-2.8.2-0.5.1.i586.rpm mono-extras-2.8.2-0.5.1.i586.rpm mono-locale-extras-2.8.2-0.5.1.i586.rpm mono-mvc-2.8.2-0.5.1.i586.rpm mono-nunit-2.8.2-0.5.1.i586.rpm mono-wcf-2.8.2-0.5.1.i586.rpm mono-web-2.8.2-0.5.1.i586.rpm mono-winforms-2.8.2-0.5.1.i586.rpm mono-winfxcore-2.8.2-0.5.1.i586.rpm monodoc-core-2.8.2-0.5.1.i586.rpm ibm-data-db2-2.8.2-0.5.1.x86_64.rpm libmono-2_0-1-2.8.2-0.5.1.x86_64.rpm libmono-2_0-1-debuginfo-2.8.2-0.5.1.x86_64.rpm libmono-2_0-devel-2.8.2-0.5.1.x86_64.rpm libmonosgen-2_0-0-2.8.2-0.5.1.x86_64.rpm libmonosgen-2_0-0-debuginfo-2.8.2-0.5.1.x86_64.rpm libmonosgen-2_0-devel-2.8.2-0.5.1.x86_64.rpm mono-complete-2.8.2-0.5.1.x86_64.rpm mono-core-2.8.2-0.5.1.x86_64.rpm mono-core-debuginfo-2.8.2-0.5.1.x86_64.rpm mono-core-debugsource-2.8.2-0.5.1.x86_64.rpm mono-data-2.8.2-0.5.1.x86_64.rpm mono-data-oracle-2.8.2-0.5.1.x86_64.rpm mono-data-postgresql-2.8.2-0.5.1.x86_64.rpm mono-data-sqlite-2.8.2-0.5.1.x86_64.rpm mono-devel-2.8.2-0.5.1.x86_64.rpm mono-devel-debuginfo-2.8.2-0.5.1.x86_64.rpm mono-extras-2.8.2-0.5.1.x86_64.rpm mono-locale-extras-2.8.2-0.5.1.x86_64.rpm mono-mvc-2.8.2-0.5.1.x86_64.rpm mono-nunit-2.8.2-0.5.1.x86_64.rpm mono-wcf-2.8.2-0.5.1.x86_64.rpm mono-web-2.8.2-0.5.1.x86_64.rpm mono-winforms-2.8.2-0.5.1.x86_64.rpm mono-winfxcore-2.8.2-0.5.1.x86_64.rpm monodoc-core-2.8.2-0.5.1.x86_64.rpm openSUSE-2012-497 moderate openSUSE 11.4 Update Several potential codeexecution flaws were fixed in krb5. krb5-1.8.3-52.1.i586.rpm krb5-1.8.3-52.1.src.rpm krb5-32bit-1.8.3-52.1.x86_64.rpm krb5-client-1.8.3-52.1.i586.rpm krb5-client-debuginfo-1.8.3-52.1.i586.rpm krb5-debuginfo-1.8.3-52.1.i586.rpm krb5-debuginfo-32bit-1.8.3-52.1.x86_64.rpm krb5-debuginfo-x86-1.8.3-52.1.ia64.rpm krb5-debugsource-1.8.3-52.1.i586.rpm krb5-devel-1.8.3-52.1.i586.rpm krb5-devel-32bit-1.8.3-52.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-52.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-52.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-52.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-52.1.i586.rpm krb5-server-1.8.3-52.1.i586.rpm krb5-server-debuginfo-1.8.3-52.1.i586.rpm krb5-x86-1.8.3-52.1.ia64.rpm krb5-1.8.3-52.1.x86_64.rpm krb5-client-1.8.3-52.1.x86_64.rpm krb5-client-debuginfo-1.8.3-52.1.x86_64.rpm krb5-debuginfo-1.8.3-52.1.x86_64.rpm krb5-debugsource-1.8.3-52.1.x86_64.rpm krb5-devel-1.8.3-52.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-52.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-52.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-52.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-52.1.x86_64.rpm krb5-server-1.8.3-52.1.x86_64.rpm krb5-server-debuginfo-1.8.3-52.1.x86_64.rpm openSUSE-2012-501 moderate openSUSE 11.4 Update Fixed an integer overflow in libxml2 which could lead to crashes or potential code execution. libxml2-2.7.8-34.1.i586.rpm libxml2-2.7.8-34.1.src.rpm libxml2-32bit-2.7.8-34.1.x86_64.rpm libxml2-debuginfo-2.7.8-34.1.i586.rpm libxml2-debuginfo-32bit-2.7.8-34.1.x86_64.rpm libxml2-debuginfo-x86-2.7.8-34.1.ia64.rpm libxml2-debugsource-2.7.8-34.1.i586.rpm libxml2-devel-2.7.8-34.1.i586.rpm libxml2-devel-32bit-2.7.8-34.1.x86_64.rpm libxml2-doc-2.7.8-34.1.noarch.rpm libxml2-x86-2.7.8-34.1.ia64.rpm libxml2-2.7.8-34.1.x86_64.rpm libxml2-debuginfo-2.7.8-34.1.x86_64.rpm libxml2-debugsource-2.7.8-34.1.x86_64.rpm libxml2-devel-2.7.8-34.1.x86_64.rpm openSUSE-2012-529 moderate openSUSE 11.4 Update quota was fixed to handle tcp wrappers in rquotad correctly. quota-3.17-20.1.i586.rpm quota-3.17-20.1.src.rpm quota-debuginfo-3.17-20.1.i586.rpm quota-debugsource-3.17-20.1.i586.rpm quota-nfs-3.17-20.1.i586.rpm quota-nfs-debuginfo-3.17-20.1.i586.rpm quota-3.17-20.1.x86_64.rpm quota-debuginfo-3.17-20.1.x86_64.rpm quota-debugsource-3.17-20.1.x86_64.rpm quota-nfs-3.17-20.1.x86_64.rpm quota-nfs-debuginfo-3.17-20.1.x86_64.rpm openSUSE-2012-508 important openSUSE 11.4 Update 3 Security issues were fixed in rails 2.3 core components. 2 NULL query issues where fixed in the actionpack gem. 1 SQL injection was fixed in the activerecord gem. rubygem-actionpack-2_3-2.3.14-0.16.1.i586.rpm rubygem-actionpack-2_3-2.3.14-0.16.1.src.rpm rubygem-actionpack-2_3-doc-2.3.14-0.16.1.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.16.1.i586.rpm rubygem-activerecord-2_3-2.3.14-0.16.1.i586.rpm rubygem-activerecord-2_3-2.3.14-0.16.1.src.rpm rubygem-activerecord-2_3-doc-2.3.14-0.16.1.i586.rpm rubygem-activerecord-2_3-testsuite-2.3.14-0.16.1.i586.rpm rubygem-actionpack-2_3-2.3.14-0.16.1.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.14-0.16.1.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.16.1.x86_64.rpm rubygem-activerecord-2_3-2.3.14-0.16.1.x86_64.rpm rubygem-activerecord-2_3-doc-2.3.14-0.16.1.x86_64.rpm rubygem-activerecord-2_3-testsuite-2.3.14-0.16.1.x86_64.rpm openSUSE-2012-512 important openSUSE 11.4 Update - update to 1.2.1 (bnc#773458) - Security Updates * CVE-2012-3422, RH840592: Potential read from an uninitialized memory location * CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings - NetX * PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen") * PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly * 816592: icedtea-web not loading GeoGebra java applets in Firefox or Chrome - Plugin * PR863: Error passing strings to applet methods in Chromium * PR895: IcedTea-Web searches for missing classes on each loadClass or findClass * PR518: NPString.utf8characters not guaranteed to be nul-terminated - Common * RH838417: Disambiguate signed applet security prompt from certificate warning * RH838559: Disambiguate signed applet security prompt from certificate warning icedtea-web-1.2.1-0.13.1.i586.rpm icedtea-web-1.2.1-0.13.1.src.rpm icedtea-web-debuginfo-1.2.1-0.13.1.i586.rpm icedtea-web-debugsource-1.2.1-0.13.1.i586.rpm icedtea-web-javadoc-1.2.1-0.13.1.noarch.rpm icedtea-web-1.2.1-0.13.1.x86_64.rpm icedtea-web-debuginfo-1.2.1-0.13.1.x86_64.rpm icedtea-web-debugsource-1.2.1-0.13.1.x86_64.rpm openSUSE-2012-502 moderate openSUSE 11.4 Update Three security issues were fixed in php5: CVE-2012-2688: php5: potential overflow in _php_stream_scandir CVE-2012-3365: open_basedir bypass via SQLite extension Also a out of band read sql denial of service was fixed (bnc#769785) apache2-mod_php5-5.3.5-344.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-344.1.i586.rpm php5-5.3.5-344.1.i586.rpm php5-5.3.5-344.1.src.rpm php5-bcmath-5.3.5-344.1.i586.rpm php5-bcmath-debuginfo-5.3.5-344.1.i586.rpm php5-bz2-5.3.5-344.1.i586.rpm php5-bz2-debuginfo-5.3.5-344.1.i586.rpm php5-calendar-5.3.5-344.1.i586.rpm php5-calendar-debuginfo-5.3.5-344.1.i586.rpm php5-ctype-5.3.5-344.1.i586.rpm php5-ctype-debuginfo-5.3.5-344.1.i586.rpm php5-curl-5.3.5-344.1.i586.rpm php5-curl-debuginfo-5.3.5-344.1.i586.rpm php5-dba-5.3.5-344.1.i586.rpm php5-dba-debuginfo-5.3.5-344.1.i586.rpm php5-debuginfo-5.3.5-344.1.i586.rpm php5-debugsource-5.3.5-344.1.i586.rpm php5-devel-5.3.5-344.1.i586.rpm php5-dom-5.3.5-344.1.i586.rpm php5-dom-debuginfo-5.3.5-344.1.i586.rpm php5-enchant-5.3.5-344.1.i586.rpm php5-enchant-debuginfo-5.3.5-344.1.i586.rpm php5-exif-5.3.5-344.1.i586.rpm php5-exif-debuginfo-5.3.5-344.1.i586.rpm php5-fastcgi-5.3.5-344.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-344.1.i586.rpm php5-fileinfo-5.3.5-344.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-344.1.i586.rpm php5-fpm-5.3.5-344.1.i586.rpm php5-fpm-debuginfo-5.3.5-344.1.i586.rpm php5-ftp-5.3.5-344.1.i586.rpm php5-ftp-debuginfo-5.3.5-344.1.i586.rpm php5-gd-5.3.5-344.1.i586.rpm php5-gd-debuginfo-5.3.5-344.1.i586.rpm php5-gettext-5.3.5-344.1.i586.rpm php5-gettext-debuginfo-5.3.5-344.1.i586.rpm php5-gmp-5.3.5-344.1.i586.rpm php5-gmp-debuginfo-5.3.5-344.1.i586.rpm php5-hash-5.3.5-344.1.i586.rpm php5-hash-debuginfo-5.3.5-344.1.i586.rpm php5-iconv-5.3.5-344.1.i586.rpm php5-iconv-debuginfo-5.3.5-344.1.i586.rpm php5-imap-5.3.5-344.1.i586.rpm php5-imap-debuginfo-5.3.5-344.1.i586.rpm php5-intl-5.3.5-344.1.i586.rpm php5-intl-debuginfo-5.3.5-344.1.i586.rpm php5-json-5.3.5-344.1.i586.rpm php5-json-debuginfo-5.3.5-344.1.i586.rpm php5-ldap-5.3.5-344.1.i586.rpm php5-ldap-debuginfo-5.3.5-344.1.i586.rpm php5-mbstring-5.3.5-344.1.i586.rpm php5-mbstring-debuginfo-5.3.5-344.1.i586.rpm php5-mcrypt-5.3.5-344.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-344.1.i586.rpm php5-mysql-5.3.5-344.1.i586.rpm php5-mysql-debuginfo-5.3.5-344.1.i586.rpm php5-odbc-5.3.5-344.1.i586.rpm php5-odbc-debuginfo-5.3.5-344.1.i586.rpm php5-openssl-5.3.5-344.1.i586.rpm php5-openssl-debuginfo-5.3.5-344.1.i586.rpm php5-pcntl-5.3.5-344.1.i586.rpm php5-pcntl-debuginfo-5.3.5-344.1.i586.rpm php5-pdo-5.3.5-344.1.i586.rpm php5-pdo-debuginfo-5.3.5-344.1.i586.rpm php5-pear-5.3.5-344.1.noarch.rpm php5-pgsql-5.3.5-344.1.i586.rpm php5-pgsql-debuginfo-5.3.5-344.1.i586.rpm php5-phar-5.3.5-344.1.i586.rpm php5-phar-debuginfo-5.3.5-344.1.i586.rpm php5-posix-5.3.5-344.1.i586.rpm php5-posix-debuginfo-5.3.5-344.1.i586.rpm php5-pspell-5.3.5-344.1.i586.rpm php5-pspell-debuginfo-5.3.5-344.1.i586.rpm php5-readline-5.3.5-344.1.i586.rpm php5-readline-debuginfo-5.3.5-344.1.i586.rpm php5-shmop-5.3.5-344.1.i586.rpm php5-shmop-debuginfo-5.3.5-344.1.i586.rpm php5-snmp-5.3.5-344.1.i586.rpm php5-snmp-debuginfo-5.3.5-344.1.i586.rpm php5-soap-5.3.5-344.1.i586.rpm php5-soap-debuginfo-5.3.5-344.1.i586.rpm php5-sockets-5.3.5-344.1.i586.rpm php5-sockets-debuginfo-5.3.5-344.1.i586.rpm php5-sqlite-5.3.5-344.1.i586.rpm php5-sqlite-debuginfo-5.3.5-344.1.i586.rpm php5-suhosin-5.3.5-344.1.i586.rpm php5-suhosin-debuginfo-5.3.5-344.1.i586.rpm php5-sysvmsg-5.3.5-344.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-344.1.i586.rpm php5-sysvsem-5.3.5-344.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-344.1.i586.rpm php5-sysvshm-5.3.5-344.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-344.1.i586.rpm php5-tidy-5.3.5-344.1.i586.rpm php5-tidy-debuginfo-5.3.5-344.1.i586.rpm php5-tokenizer-5.3.5-344.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-344.1.i586.rpm php5-wddx-5.3.5-344.1.i586.rpm php5-wddx-debuginfo-5.3.5-344.1.i586.rpm php5-xmlreader-5.3.5-344.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-344.1.i586.rpm php5-xmlrpc-5.3.5-344.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-344.1.i586.rpm php5-xmlwriter-5.3.5-344.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-344.1.i586.rpm php5-xsl-5.3.5-344.1.i586.rpm php5-xsl-debuginfo-5.3.5-344.1.i586.rpm php5-zip-5.3.5-344.1.i586.rpm php5-zip-debuginfo-5.3.5-344.1.i586.rpm php5-zlib-5.3.5-344.1.i586.rpm php5-zlib-debuginfo-5.3.5-344.1.i586.rpm apache2-mod_php5-5.3.5-344.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-344.1.x86_64.rpm php5-5.3.5-344.1.x86_64.rpm php5-bcmath-5.3.5-344.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-344.1.x86_64.rpm php5-bz2-5.3.5-344.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-344.1.x86_64.rpm php5-calendar-5.3.5-344.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-344.1.x86_64.rpm php5-ctype-5.3.5-344.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-344.1.x86_64.rpm php5-curl-5.3.5-344.1.x86_64.rpm php5-curl-debuginfo-5.3.5-344.1.x86_64.rpm php5-dba-5.3.5-344.1.x86_64.rpm php5-dba-debuginfo-5.3.5-344.1.x86_64.rpm php5-debuginfo-5.3.5-344.1.x86_64.rpm php5-debugsource-5.3.5-344.1.x86_64.rpm php5-devel-5.3.5-344.1.x86_64.rpm php5-dom-5.3.5-344.1.x86_64.rpm php5-dom-debuginfo-5.3.5-344.1.x86_64.rpm php5-enchant-5.3.5-344.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-344.1.x86_64.rpm php5-exif-5.3.5-344.1.x86_64.rpm php5-exif-debuginfo-5.3.5-344.1.x86_64.rpm php5-fastcgi-5.3.5-344.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-344.1.x86_64.rpm php5-fileinfo-5.3.5-344.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-344.1.x86_64.rpm php5-fpm-5.3.5-344.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-344.1.x86_64.rpm php5-ftp-5.3.5-344.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-344.1.x86_64.rpm php5-gd-5.3.5-344.1.x86_64.rpm php5-gd-debuginfo-5.3.5-344.1.x86_64.rpm php5-gettext-5.3.5-344.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-344.1.x86_64.rpm php5-gmp-5.3.5-344.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-344.1.x86_64.rpm php5-hash-5.3.5-344.1.x86_64.rpm php5-hash-debuginfo-5.3.5-344.1.x86_64.rpm php5-iconv-5.3.5-344.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-344.1.x86_64.rpm php5-imap-5.3.5-344.1.x86_64.rpm php5-imap-debuginfo-5.3.5-344.1.x86_64.rpm php5-intl-5.3.5-344.1.x86_64.rpm php5-intl-debuginfo-5.3.5-344.1.x86_64.rpm php5-json-5.3.5-344.1.x86_64.rpm php5-json-debuginfo-5.3.5-344.1.x86_64.rpm php5-ldap-5.3.5-344.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-344.1.x86_64.rpm php5-mbstring-5.3.5-344.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-344.1.x86_64.rpm php5-mcrypt-5.3.5-344.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-344.1.x86_64.rpm php5-mysql-5.3.5-344.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-344.1.x86_64.rpm php5-odbc-5.3.5-344.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-344.1.x86_64.rpm php5-openssl-5.3.5-344.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-344.1.x86_64.rpm php5-pcntl-5.3.5-344.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-344.1.x86_64.rpm php5-pdo-5.3.5-344.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-344.1.x86_64.rpm php5-pgsql-5.3.5-344.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-344.1.x86_64.rpm php5-phar-5.3.5-344.1.x86_64.rpm php5-phar-debuginfo-5.3.5-344.1.x86_64.rpm php5-posix-5.3.5-344.1.x86_64.rpm php5-posix-debuginfo-5.3.5-344.1.x86_64.rpm php5-pspell-5.3.5-344.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-344.1.x86_64.rpm php5-readline-5.3.5-344.1.x86_64.rpm php5-readline-debuginfo-5.3.5-344.1.x86_64.rpm php5-shmop-5.3.5-344.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-344.1.x86_64.rpm php5-snmp-5.3.5-344.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-344.1.x86_64.rpm php5-soap-5.3.5-344.1.x86_64.rpm php5-soap-debuginfo-5.3.5-344.1.x86_64.rpm php5-sockets-5.3.5-344.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-344.1.x86_64.rpm php5-sqlite-5.3.5-344.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-344.1.x86_64.rpm php5-suhosin-5.3.5-344.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-344.1.x86_64.rpm php5-sysvmsg-5.3.5-344.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-344.1.x86_64.rpm php5-sysvsem-5.3.5-344.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-344.1.x86_64.rpm php5-sysvshm-5.3.5-344.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-344.1.x86_64.rpm php5-tidy-5.3.5-344.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-344.1.x86_64.rpm php5-tokenizer-5.3.5-344.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-344.1.x86_64.rpm php5-wddx-5.3.5-344.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-344.1.x86_64.rpm php5-xmlreader-5.3.5-344.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-344.1.x86_64.rpm php5-xmlrpc-5.3.5-344.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-344.1.x86_64.rpm php5-xmlwriter-5.3.5-344.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-344.1.x86_64.rpm php5-xsl-5.3.5-344.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-344.1.x86_64.rpm php5-zip-5.3.5-344.1.x86_64.rpm php5-zip-debuginfo-5.3.5-344.1.x86_64.rpm php5-zlib-5.3.5-344.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-344.1.x86_64.rpm openSUSE-2012-515 important openSUSE 11.4 Update Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements Address bar inline auto-completion no longer prefers shortest domain Corrected an error that could occur after removing the plugin wrapper Resolved an issue where favicons were squeezed too much when many tabs were open Display and Scripting Resolved an error with XHR transfers where content-type was incorrectly determined Improved handling of object literals with numeric duplicate properties Changed behavior of nested/chained comma expressions: now expressing and compiling them as a list rather than a tree Aligned behavior of the #caller property on function code objects in ECMAScript 5 strict mode with the specification Fixed an issue where input type=month would return an incorrect value in its valueAsDate property Resolved an issue with JSON.stringify() that could occur on cached number conversion Fixed a problem with redefining special properties using Object.defineProperty() Network and Site-Specific Fixed an issue where loading would stop at "Document 100%" but the page would still be loading tuenti.com: Corrected behavior when long content was displayed https://twitter.com: Fixed an issue with secure transaction errors Fixed an issue with Google Maps Labs that occured when compiling top-level loops inside strict evals Corrected a problem that could occur with DISQUS Fixed a crash occurring on Lenovo's "Shop now" page Corrected issues when calling window.console.log via a variable at watch4you Resolved an issue with Yahoo! chat Mail, News, Chat Resolved an issue where under certain conditions the mail panel would continuously scroll up Fixed a crash occurring when loading mail databases on startup Security Re-fixed an issue where certain URL constructs could allow arbitrary code execution, as reported by Andrey Stroganov; see our advisory Fixed an issue where certain characters in HTML could incorrectly be ignored, which could facilitate XSS attacks; see our advisory Fixed another issue where small windows could be used to trick users into executing downloads as reported by Jordi Chancel; see our advisory Fixed an issue where an element's HTML content could be incorrectly returned without escaping, bypassing some HTML sanitizers; see our advisory Fixed a low severity issue, details will be disclosed at a later date Advisory links from above: http://www.opera.com/support/kb/view/1016/ http://www.opera.com/support/kb/view/1026/ http://www.opera.com/support/kb/view/1027/ http://www.opera.com/support/kb/view/1025/ opera-12.01-25.1.i586.rpm opera-12.01-25.1.nosrc.rpm opera-gtk-12.01-25.1.i586.rpm opera-kde4-12.01-25.1.i586.rpm opera-12.01-25.1.x86_64.rpm opera-gtk-12.01-25.1.x86_64.rpm opera-kde4-12.01-25.1.x86_64.rpm openSUSE-2012-522 moderate openSUSE 11.4 Update This update of dhcp fixed multiple security vulnerabilities (memory leak, Denial of Service). dhcp-4.2.4.P1-0.27.1.i586.rpm dhcp-4.2.4.P1-0.27.1.src.rpm dhcp-client-4.2.4.P1-0.27.1.i586.rpm dhcp-client-debuginfo-4.2.4.P1-0.27.1.i586.rpm dhcp-debuginfo-4.2.4.P1-0.27.1.i586.rpm dhcp-debugsource-4.2.4.P1-0.27.1.i586.rpm dhcp-devel-4.2.4.P1-0.27.1.i586.rpm dhcp-doc-4.2.4.P1-0.27.1.i586.rpm dhcp-relay-4.2.4.P1-0.27.1.i586.rpm dhcp-relay-debuginfo-4.2.4.P1-0.27.1.i586.rpm dhcp-server-4.2.4.P1-0.27.1.i586.rpm dhcp-server-debuginfo-4.2.4.P1-0.27.1.i586.rpm dhcp-4.2.4.P1-0.27.1.x86_64.rpm dhcp-client-4.2.4.P1-0.27.1.x86_64.rpm dhcp-client-debuginfo-4.2.4.P1-0.27.1.x86_64.rpm dhcp-debuginfo-4.2.4.P1-0.27.1.x86_64.rpm dhcp-debugsource-4.2.4.P1-0.27.1.x86_64.rpm dhcp-devel-4.2.4.P1-0.27.1.x86_64.rpm dhcp-doc-4.2.4.P1-0.27.1.x86_64.rpm dhcp-relay-4.2.4.P1-0.27.1.x86_64.rpm dhcp-relay-debuginfo-4.2.4.P1-0.27.1.x86_64.rpm dhcp-server-4.2.4.P1-0.27.1.x86_64.rpm dhcp-server-debuginfo-4.2.4.P1-0.27.1.x86_64.rpm openSUSE-2012-513 important openSUSE 11.4 Update This update of icedtea-web fixed multiple hewap buffer overflows. icedtea-web-1.2.1-0.17.1.i586.rpm icedtea-web-1.2.1-0.17.1.src.rpm icedtea-web-debuginfo-1.2.1-0.17.1.i586.rpm icedtea-web-debugsource-1.2.1-0.17.1.i586.rpm icedtea-web-javadoc-1.2.1-0.17.1.noarch.rpm icedtea-web-1.2.1-0.17.1.x86_64.rpm icedtea-web-debuginfo-1.2.1-0.17.1.x86_64.rpm icedtea-web-debugsource-1.2.1-0.17.1.x86_64.rpm openSUSE-2012-520 moderate openSUSE 11.4 Update Various updates to MozillaFirefox-branding-openSUSE: - move Firefox specific prefs to defaults/preferences (bnc#774914) - update susefox to snapshot 20120626 * add window controls for Gnome 3 (bnc#768942) - bumped version to 6.0 - support firefox-esr RPM packages - removed MozillaFirefox build dependency and PreReq * everything controlled by Supplements and Requirements from base package - make openSUSE software search version specific (bnc#737709) MozillaFirefox-branding-openSUSE-6.1-13.1.i586.rpm MozillaFirefox-branding-openSUSE-6.1-13.1.src.rpm MozillaFirefox-branding-openSUSE-6.1-13.1.x86_64.rpm openSUSE-2012-518 critical openSUSE 11.4 Update Adobe Flash Player was updated to 11.2.202.238 fixing various bugs and security issues. flash-player-11.2.202.238-20.1.i586.rpm flash-player-11.2.202.238-20.1.nosrc.rpm flash-player-gnome-11.2.202.238-20.1.i586.rpm flash-player-kde4-11.2.202.238-20.1.i586.rpm flash-player-11.2.202.238-20.1.x86_64.rpm flash-player-gnome-11.2.202.238-20.1.x86_64.rpm flash-player-kde4-11.2.202.238-20.1.x86_64.rpm openSUSE-2012-526 moderate openSUSE 11.4 Update wireshark was updated to 1.4.15 * The DCP ETSI dissector could trigger a zero division. (wnpa-sec-2012-13 CVE-2012-4285) * The XTP dissector could go into an infinite loop. (wnpa-sec-2012-15 CVE-2012-4288) * The AFP dissector could go into a large loop. (wnpa-sec-2012-17 CVE-2012-4289) * The RTPS2 dissector could overflow a buffer. (wnpa-sec-2012-18 CVE-2012-4296) * The CIP dissector could exhaust system memory. (wnpa-sec-2012-20 CVE-2012-4291) * The STUN dissector could crash. (wnpa-sec-2012-21 CVE-2012-4292) * The EtherCAT Mailbox dissector could abort. (wnpa-sec-2012-22 CVE-2012-4293) * The CTDB dissector could go into a large loop. (wnpa-sec-2012-23 CVE-2012-4290) Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html wireshark-1.4.15-0.22.1.i586.rpm wireshark-1.4.15-0.22.1.src.rpm wireshark-debuginfo-1.4.15-0.22.1.i586.rpm wireshark-debugsource-1.4.15-0.22.1.i586.rpm wireshark-devel-1.4.15-0.22.1.i586.rpm wireshark-1.4.15-0.22.1.x86_64.rpm wireshark-debuginfo-1.4.15-0.22.1.x86_64.rpm wireshark-debugsource-1.4.15-0.22.1.x86_64.rpm wireshark-devel-1.4.15-0.22.1.x86_64.rpm openSUSE-2012-539 low openSUSE 11.4 Update The nut upsd is prone to multiple flaws that allow remote attackers to cause a denial of service (application crash) by sending unexpected data. libupsclient1-2.6.0-4.11.1.i586.rpm libupsclient1-debuginfo-2.6.0-4.11.1.i586.rpm nut-2.6.0-4.11.1.i586.rpm nut-2.6.0-4.11.1.src.rpm nut-cgi-2.6.0-4.11.1.i586.rpm nut-cgi-debuginfo-2.6.0-4.11.1.i586.rpm nut-classic-2.6.0-4.11.1.i586.rpm nut-classic-debuginfo-2.6.0-4.11.1.i586.rpm nut-debuginfo-2.6.0-4.11.1.i586.rpm nut-debugsource-2.6.0-4.11.1.i586.rpm nut-devel-2.6.0-4.11.1.i586.rpm nut-drivers-net-2.6.0-4.11.1.i586.rpm nut-drivers-net-debuginfo-2.6.0-4.11.1.i586.rpm nut-hal-2.6.0-4.11.1.i586.rpm nut-hal-debuginfo-2.6.0-4.11.1.i586.rpm libupsclient1-2.6.0-4.11.1.x86_64.rpm libupsclient1-debuginfo-2.6.0-4.11.1.x86_64.rpm nut-2.6.0-4.11.1.x86_64.rpm nut-cgi-2.6.0-4.11.1.x86_64.rpm nut-cgi-debuginfo-2.6.0-4.11.1.x86_64.rpm nut-classic-2.6.0-4.11.1.x86_64.rpm nut-classic-debuginfo-2.6.0-4.11.1.x86_64.rpm nut-debuginfo-2.6.0-4.11.1.x86_64.rpm nut-debugsource-2.6.0-4.11.1.x86_64.rpm nut-devel-2.6.0-4.11.1.x86_64.rpm nut-drivers-net-2.6.0-4.11.1.x86_64.rpm nut-drivers-net-debuginfo-2.6.0-4.11.1.x86_64.rpm nut-hal-2.6.0-4.11.1.x86_64.rpm nut-hal-debuginfo-2.6.0-4.11.1.x86_64.rpm openSUSE-2012-524 low openSUSE 11.4 Update This update fixes the permissions of gnome-java-bridge.jar, which was only readable for root. java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.14.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.3-0.14.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.3-0.14.1.x86_64.rpm openSUSE-2012-531 low openSUSE 11.4 Update This update resolves the following issues: * Do not mask the failure to unmount busy volumes (bnc#733479) * Fix umount recovery of busy direct mounts (bnc#734924) * Fix remount deadlock that can happen on a restart when there are nested direct mounts busy (bnc#733479) * Duplicate parent options for included maps (bnc#753693) * Fix segmentation fault in get_query_dn() (bnc#752044) * Fix segmentation fault in do_remount_indirect() when scandir() fails (bnc#748588). autofs-5.0.5-14.27.1.i586.rpm autofs-5.0.5-14.27.1.src.rpm autofs-debuginfo-5.0.5-14.27.1.i586.rpm autofs-debugsource-5.0.5-14.27.1.i586.rpm autofs-5.0.5-14.27.1.x86_64.rpm autofs-debuginfo-5.0.5-14.27.1.x86_64.rpm autofs-debugsource-5.0.5-14.27.1.x86_64.rpm openSUSE-2012-542 low openSUSE 11.4 Update - Update to pcp-3.6.5. + Fixes for security advisory CVE-2012-3418; (bnc#775009). + Workaround for security advisory CVE-2012-3419; (bnc#775010). + Fixes for security advisory CVE-2012-3420; (bnc#775011). + Fixes for security advisory CVE-2012-3421; (bnc#775013). libpcp-devel-3.6.5-140.1.i586.rpm libpcp-devel-debuginfo-3.6.5-140.1.i586.rpm libpcp3-3.6.5-140.1.i586.rpm libpcp3-debuginfo-3.6.5-140.1.i586.rpm pcp-3.6.5-140.1.i586.rpm pcp-3.6.5-140.1.src.rpm pcp-debuginfo-3.6.5-140.1.i586.rpm pcp-debugsource-3.6.5-140.1.i586.rpm pcp-import-iostat2pcp-3.6.5-140.1.i586.rpm pcp-import-mrtg2pcp-3.6.5-140.1.i586.rpm pcp-import-sar2pcp-3.6.5-140.1.i586.rpm pcp-import-sheet2pcp-3.6.5-140.1.i586.rpm perl-PCP-LogImport-3.6.5-140.1.i586.rpm perl-PCP-LogImport-debuginfo-3.6.5-140.1.i586.rpm perl-PCP-LogSummary-3.6.5-140.1.i586.rpm perl-PCP-MMV-3.6.5-140.1.i586.rpm perl-PCP-MMV-debuginfo-3.6.5-140.1.i586.rpm perl-PCP-PMDA-3.6.5-140.1.i586.rpm perl-PCP-PMDA-debuginfo-3.6.5-140.1.i586.rpm libpcp-devel-3.6.5-140.1.x86_64.rpm libpcp-devel-debuginfo-3.6.5-140.1.x86_64.rpm libpcp3-3.6.5-140.1.x86_64.rpm libpcp3-debuginfo-3.6.5-140.1.x86_64.rpm pcp-3.6.5-140.1.x86_64.rpm pcp-debuginfo-3.6.5-140.1.x86_64.rpm pcp-debugsource-3.6.5-140.1.x86_64.rpm pcp-import-iostat2pcp-3.6.5-140.1.x86_64.rpm pcp-import-mrtg2pcp-3.6.5-140.1.x86_64.rpm pcp-import-sar2pcp-3.6.5-140.1.x86_64.rpm pcp-import-sheet2pcp-3.6.5-140.1.x86_64.rpm perl-PCP-LogImport-3.6.5-140.1.x86_64.rpm perl-PCP-LogImport-debuginfo-3.6.5-140.1.x86_64.rpm perl-PCP-LogSummary-3.6.5-140.1.x86_64.rpm perl-PCP-MMV-3.6.5-140.1.x86_64.rpm perl-PCP-MMV-debuginfo-3.6.5-140.1.x86_64.rpm perl-PCP-PMDA-3.6.5-140.1.x86_64.rpm perl-PCP-PMDA-debuginfo-3.6.5-140.1.x86_64.rpm openSUSE-2012-543 important openSUSE 11.4 Update Multiple integer overflows in various decoder plug-ins of GIMP have been fixed. gimp-2.6.11-13.58.1.i586.rpm gimp-2.6.11-13.58.1.src.rpm gimp-branding-upstream-2.6.11-13.58.1.i586.rpm gimp-debuginfo-2.6.11-13.58.1.i586.rpm gimp-debugsource-2.6.11-13.58.1.i586.rpm gimp-devel-2.6.11-13.58.1.i586.rpm gimp-devel-debuginfo-2.6.11-13.58.1.i586.rpm gimp-help-browser-2.6.11-13.58.1.i586.rpm gimp-help-browser-debuginfo-2.6.11-13.58.1.i586.rpm gimp-lang-2.6.11-13.58.1.noarch.rpm gimp-module-hal-2.6.11-13.58.1.i586.rpm gimp-module-hal-debuginfo-2.6.11-13.58.1.i586.rpm gimp-plugins-python-2.6.11-13.58.1.i586.rpm gimp-plugins-python-debuginfo-2.6.11-13.58.1.i586.rpm libgimp-2_0-0-2.6.11-13.58.1.i586.rpm libgimp-2_0-0-32bit-2.6.11-13.58.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.58.1.i586.rpm libgimp-2_0-0-debuginfo-32bit-2.6.11-13.58.1.x86_64.rpm libgimp-2_0-0-debuginfo-x86-2.6.11-13.58.1.ia64.rpm libgimp-2_0-0-x86-2.6.11-13.58.1.ia64.rpm libgimpui-2_0-0-2.6.11-13.58.1.i586.rpm libgimpui-2_0-0-32bit-2.6.11-13.58.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.58.1.i586.rpm libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.58.1.x86_64.rpm libgimpui-2_0-0-debuginfo-x86-2.6.11-13.58.1.ia64.rpm libgimpui-2_0-0-x86-2.6.11-13.58.1.ia64.rpm gimp-2.6.11-13.58.1.x86_64.rpm gimp-branding-upstream-2.6.11-13.58.1.x86_64.rpm gimp-debuginfo-2.6.11-13.58.1.x86_64.rpm gimp-debugsource-2.6.11-13.58.1.x86_64.rpm gimp-devel-2.6.11-13.58.1.x86_64.rpm gimp-devel-debuginfo-2.6.11-13.58.1.x86_64.rpm gimp-help-browser-2.6.11-13.58.1.x86_64.rpm gimp-help-browser-debuginfo-2.6.11-13.58.1.x86_64.rpm gimp-module-hal-2.6.11-13.58.1.x86_64.rpm gimp-module-hal-debuginfo-2.6.11-13.58.1.x86_64.rpm gimp-plugins-python-2.6.11-13.58.1.x86_64.rpm gimp-plugins-python-debuginfo-2.6.11-13.58.1.x86_64.rpm libgimp-2_0-0-2.6.11-13.58.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.58.1.x86_64.rpm libgimpui-2_0-0-2.6.11-13.58.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.58.1.x86_64.rpm openSUSE-2012-564 moderate openSUSE 11.4 Update A security issue in otrs was fixed: * OSA-2012-1, http://otrs.org/advisory/ otrs-2.4.13-10.1.noarch.rpm otrs-2.4.13-10.1.src.rpm otrs-doc-2.4.13-10.1.noarch.rpm otrs-itsm-2.1.5-10.1.noarch.rpm openSUSE-2012-534 critical openSUSE 11.4 Update Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update (bnc#777588) * MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 Use-after-free issues found using Address Sanitizer * MFSA 2012-59/CVE-2012-1956 (bmo#756719) Location object can be shadowed using Object.defineProperty * MFSA 2012-60/CVE-2012-3965 (bmo#769108) Escalation of privilege through about:newtab * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) Memory corruption with bitmap format images with negative height * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 WebGL use-after-free and memory corruption * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 SVG buffer overflow and use-after-free issues * MFSA 2012-64/CVE-2012-3971 Graphite 2 memory corruption * MFSA 2012-65/CVE-2012-3972 (bmo#746855) Out-of-bounds read in format-number in XSLT * MFSA 2012-66/CVE-2012-3973 (bmo#757128) HTTPMonitor extension allows for remote debugging without explicit activation * MFSA 2012-68/CVE-2012-3975 (bmo#770684) DOMParser loads linked resources in extensions when parsing text/html * MFSA 2012-69/CVE-2012-3976 (bmo#768568) Incorrect site SSL certificate data display * MFSA 2012-70/CVE-2012-3978 (bmo#770429) Location object security checks bypassed by chrome code * MFSA 2012-72/CVE-2012-3980 (bmo#771859) Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) - GStreamer is only used for MP4 (no WebM, OGG) - updated filelist - moved browser specific preferences to correct location MozillaFirefox-15.0-31.1.i586.rpm MozillaFirefox-15.0-31.1.src.rpm MozillaFirefox-branding-upstream-15.0-31.1.i586.rpm MozillaFirefox-buildsymbols-15.0-31.1.i586.rpm MozillaFirefox-debuginfo-15.0-31.1.i586.rpm MozillaFirefox-debugsource-15.0-31.1.i586.rpm MozillaFirefox-devel-15.0-31.1.i586.rpm MozillaFirefox-translations-common-15.0-31.1.i586.rpm MozillaFirefox-translations-other-15.0-31.1.i586.rpm MozillaThunderbird-15.0-27.1.i586.rpm MozillaThunderbird-15.0-27.1.src.rpm MozillaThunderbird-buildsymbols-15.0-27.1.i586.rpm MozillaThunderbird-debuginfo-15.0-27.1.i586.rpm MozillaThunderbird-debugsource-15.0-27.1.i586.rpm MozillaThunderbird-devel-15.0-27.1.i586.rpm MozillaThunderbird-devel-debuginfo-15.0-27.1.i586.rpm MozillaThunderbird-translations-common-15.0-27.1.i586.rpm MozillaThunderbird-translations-other-15.0-27.1.i586.rpm enigmail-1.4.4+15.0-27.1.i586.rpm enigmail-debuginfo-1.4.4+15.0-27.1.i586.rpm mozilla-nspr-32bit-4.9.2-16.1.x86_64.rpm mozilla-nspr-4.9.2-16.1.i586.rpm mozilla-nspr-4.9.2-16.1.src.rpm mozilla-nspr-debuginfo-32bit-4.9.2-16.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.2-16.1.i586.rpm mozilla-nspr-debuginfo-x86-4.9.2-16.1.ia64.rpm mozilla-nspr-debugsource-4.9.2-16.1.i586.rpm mozilla-nspr-devel-4.9.2-16.1.i586.rpm mozilla-nspr-x86-4.9.2-16.1.ia64.rpm libfreebl3-3.13.6-47.1.i586.rpm libfreebl3-32bit-3.13.6-47.1.x86_64.rpm libfreebl3-debuginfo-3.13.6-47.1.i586.rpm libfreebl3-debuginfo-32bit-3.13.6-47.1.x86_64.rpm libfreebl3-debuginfo-x86-3.13.6-47.1.ia64.rpm libfreebl3-x86-3.13.6-47.1.ia64.rpm libsoftokn3-3.13.6-47.1.i586.rpm libsoftokn3-32bit-3.13.6-47.1.x86_64.rpm libsoftokn3-debuginfo-3.13.6-47.1.i586.rpm libsoftokn3-debuginfo-32bit-3.13.6-47.1.x86_64.rpm libsoftokn3-debuginfo-x86-3.13.6-47.1.ia64.rpm libsoftokn3-x86-3.13.6-47.1.ia64.rpm mozilla-nss-3.13.6-47.1.i586.rpm mozilla-nss-3.13.6-47.1.src.rpm mozilla-nss-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-certs-3.13.6-47.1.i586.rpm mozilla-nss-certs-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.6-47.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-certs-debuginfo-x86-3.13.6-47.1.ia64.rpm mozilla-nss-certs-x86-3.13.6-47.1.ia64.rpm mozilla-nss-debuginfo-3.13.6-47.1.i586.rpm mozilla-nss-debuginfo-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-debuginfo-x86-3.13.6-47.1.ia64.rpm mozilla-nss-debugsource-3.13.6-47.1.i586.rpm mozilla-nss-devel-3.13.6-47.1.i586.rpm mozilla-nss-sysinit-3.13.6-47.1.i586.rpm mozilla-nss-sysinit-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.6-47.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.13.6-47.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-x86-3.13.6-47.1.ia64.rpm mozilla-nss-sysinit-x86-3.13.6-47.1.ia64.rpm mozilla-nss-tools-3.13.6-47.1.i586.rpm mozilla-nss-tools-debuginfo-3.13.6-47.1.i586.rpm mozilla-nss-x86-3.13.6-47.1.ia64.rpm seamonkey-2.12-27.1.i586.rpm seamonkey-2.12-27.1.src.rpm seamonkey-debuginfo-2.12-27.1.i586.rpm seamonkey-debugsource-2.12-27.1.i586.rpm seamonkey-dom-inspector-2.12-27.1.i586.rpm seamonkey-irc-2.12-27.1.i586.rpm seamonkey-translations-common-2.12-27.1.i586.rpm seamonkey-translations-other-2.12-27.1.i586.rpm seamonkey-venkman-2.12-27.1.i586.rpm MozillaFirefox-15.0-31.1.x86_64.rpm MozillaFirefox-branding-upstream-15.0-31.1.x86_64.rpm MozillaFirefox-buildsymbols-15.0-31.1.x86_64.rpm MozillaFirefox-debuginfo-15.0-31.1.x86_64.rpm MozillaFirefox-debugsource-15.0-31.1.x86_64.rpm MozillaFirefox-devel-15.0-31.1.x86_64.rpm MozillaFirefox-translations-common-15.0-31.1.x86_64.rpm MozillaFirefox-translations-other-15.0-31.1.x86_64.rpm MozillaThunderbird-15.0-27.1.x86_64.rpm MozillaThunderbird-buildsymbols-15.0-27.1.x86_64.rpm MozillaThunderbird-debuginfo-15.0-27.1.x86_64.rpm MozillaThunderbird-debugsource-15.0-27.1.x86_64.rpm MozillaThunderbird-devel-15.0-27.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-15.0-27.1.x86_64.rpm MozillaThunderbird-translations-common-15.0-27.1.x86_64.rpm MozillaThunderbird-translations-other-15.0-27.1.x86_64.rpm enigmail-1.4.4+15.0-27.1.x86_64.rpm enigmail-debuginfo-1.4.4+15.0-27.1.x86_64.rpm mozilla-nspr-4.9.2-16.1.x86_64.rpm mozilla-nspr-debuginfo-4.9.2-16.1.x86_64.rpm mozilla-nspr-debugsource-4.9.2-16.1.x86_64.rpm mozilla-nspr-devel-4.9.2-16.1.x86_64.rpm libfreebl3-3.13.6-47.1.x86_64.rpm libfreebl3-debuginfo-3.13.6-47.1.x86_64.rpm libsoftokn3-3.13.6-47.1.x86_64.rpm libsoftokn3-debuginfo-3.13.6-47.1.x86_64.rpm mozilla-nss-3.13.6-47.1.x86_64.rpm mozilla-nss-certs-3.13.6-47.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.6-47.1.x86_64.rpm mozilla-nss-debuginfo-3.13.6-47.1.x86_64.rpm mozilla-nss-debugsource-3.13.6-47.1.x86_64.rpm mozilla-nss-devel-3.13.6-47.1.x86_64.rpm mozilla-nss-sysinit-3.13.6-47.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.6-47.1.x86_64.rpm mozilla-nss-tools-3.13.6-47.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.13.6-47.1.x86_64.rpm seamonkey-2.12-27.1.x86_64.rpm seamonkey-debuginfo-2.12-27.1.x86_64.rpm seamonkey-debugsource-2.12-27.1.x86_64.rpm seamonkey-dom-inspector-2.12-27.1.x86_64.rpm seamonkey-irc-2.12-27.1.x86_64.rpm seamonkey-translations-common-2.12-27.1.x86_64.rpm seamonkey-translations-other-2.12-27.1.x86_64.rpm seamonkey-venkman-2.12-27.1.x86_64.rpm openSUSE-2012-602 moderate openSUSE 11.4 Update php5 was updated to fix two security issues: - use FilesMatch with 'SetHandler' rather than 'AddHandler' [bnc#775852] Since this update just hardens a configuration to protect weakly designed web applications, there was no CVE assigned. - A HTTP header Carriage-Return injection flaw was fixed (CVE-2011-1398 and CVE-2011-4388 [bnc#778003]) apache2-mod_php5-5.3.5-351.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-351.1.i586.rpm php5-5.3.5-351.1.i586.rpm php5-5.3.5-351.1.src.rpm php5-bcmath-5.3.5-351.1.i586.rpm php5-bcmath-debuginfo-5.3.5-351.1.i586.rpm php5-bz2-5.3.5-351.1.i586.rpm php5-bz2-debuginfo-5.3.5-351.1.i586.rpm php5-calendar-5.3.5-351.1.i586.rpm php5-calendar-debuginfo-5.3.5-351.1.i586.rpm php5-ctype-5.3.5-351.1.i586.rpm php5-ctype-debuginfo-5.3.5-351.1.i586.rpm php5-curl-5.3.5-351.1.i586.rpm php5-curl-debuginfo-5.3.5-351.1.i586.rpm php5-dba-5.3.5-351.1.i586.rpm php5-dba-debuginfo-5.3.5-351.1.i586.rpm php5-debuginfo-5.3.5-351.1.i586.rpm php5-debugsource-5.3.5-351.1.i586.rpm php5-devel-5.3.5-351.1.i586.rpm php5-dom-5.3.5-351.1.i586.rpm php5-dom-debuginfo-5.3.5-351.1.i586.rpm php5-enchant-5.3.5-351.1.i586.rpm php5-enchant-debuginfo-5.3.5-351.1.i586.rpm php5-exif-5.3.5-351.1.i586.rpm php5-exif-debuginfo-5.3.5-351.1.i586.rpm php5-fastcgi-5.3.5-351.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-351.1.i586.rpm php5-fileinfo-5.3.5-351.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-351.1.i586.rpm php5-fpm-5.3.5-351.1.i586.rpm php5-fpm-debuginfo-5.3.5-351.1.i586.rpm php5-ftp-5.3.5-351.1.i586.rpm php5-ftp-debuginfo-5.3.5-351.1.i586.rpm php5-gd-5.3.5-351.1.i586.rpm php5-gd-debuginfo-5.3.5-351.1.i586.rpm php5-gettext-5.3.5-351.1.i586.rpm php5-gettext-debuginfo-5.3.5-351.1.i586.rpm php5-gmp-5.3.5-351.1.i586.rpm php5-gmp-debuginfo-5.3.5-351.1.i586.rpm php5-hash-5.3.5-351.1.i586.rpm php5-hash-debuginfo-5.3.5-351.1.i586.rpm php5-iconv-5.3.5-351.1.i586.rpm php5-iconv-debuginfo-5.3.5-351.1.i586.rpm php5-imap-5.3.5-351.1.i586.rpm php5-imap-debuginfo-5.3.5-351.1.i586.rpm php5-intl-5.3.5-351.1.i586.rpm php5-intl-debuginfo-5.3.5-351.1.i586.rpm php5-json-5.3.5-351.1.i586.rpm php5-json-debuginfo-5.3.5-351.1.i586.rpm php5-ldap-5.3.5-351.1.i586.rpm php5-ldap-debuginfo-5.3.5-351.1.i586.rpm php5-mbstring-5.3.5-351.1.i586.rpm php5-mbstring-debuginfo-5.3.5-351.1.i586.rpm php5-mcrypt-5.3.5-351.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-351.1.i586.rpm php5-mysql-5.3.5-351.1.i586.rpm php5-mysql-debuginfo-5.3.5-351.1.i586.rpm php5-odbc-5.3.5-351.1.i586.rpm php5-odbc-debuginfo-5.3.5-351.1.i586.rpm php5-openssl-5.3.5-351.1.i586.rpm php5-openssl-debuginfo-5.3.5-351.1.i586.rpm php5-pcntl-5.3.5-351.1.i586.rpm php5-pcntl-debuginfo-5.3.5-351.1.i586.rpm php5-pdo-5.3.5-351.1.i586.rpm php5-pdo-debuginfo-5.3.5-351.1.i586.rpm php5-pear-5.3.5-351.1.noarch.rpm php5-pgsql-5.3.5-351.1.i586.rpm php5-pgsql-debuginfo-5.3.5-351.1.i586.rpm php5-phar-5.3.5-351.1.i586.rpm php5-phar-debuginfo-5.3.5-351.1.i586.rpm php5-posix-5.3.5-351.1.i586.rpm php5-posix-debuginfo-5.3.5-351.1.i586.rpm php5-pspell-5.3.5-351.1.i586.rpm php5-pspell-debuginfo-5.3.5-351.1.i586.rpm php5-readline-5.3.5-351.1.i586.rpm php5-readline-debuginfo-5.3.5-351.1.i586.rpm php5-shmop-5.3.5-351.1.i586.rpm php5-shmop-debuginfo-5.3.5-351.1.i586.rpm php5-snmp-5.3.5-351.1.i586.rpm php5-snmp-debuginfo-5.3.5-351.1.i586.rpm php5-soap-5.3.5-351.1.i586.rpm php5-soap-debuginfo-5.3.5-351.1.i586.rpm php5-sockets-5.3.5-351.1.i586.rpm php5-sockets-debuginfo-5.3.5-351.1.i586.rpm php5-sqlite-5.3.5-351.1.i586.rpm php5-sqlite-debuginfo-5.3.5-351.1.i586.rpm php5-suhosin-5.3.5-351.1.i586.rpm php5-suhosin-debuginfo-5.3.5-351.1.i586.rpm php5-sysvmsg-5.3.5-351.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-351.1.i586.rpm php5-sysvsem-5.3.5-351.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-351.1.i586.rpm php5-sysvshm-5.3.5-351.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-351.1.i586.rpm php5-tidy-5.3.5-351.1.i586.rpm php5-tidy-debuginfo-5.3.5-351.1.i586.rpm php5-tokenizer-5.3.5-351.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-351.1.i586.rpm php5-wddx-5.3.5-351.1.i586.rpm php5-wddx-debuginfo-5.3.5-351.1.i586.rpm php5-xmlreader-5.3.5-351.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-351.1.i586.rpm php5-xmlrpc-5.3.5-351.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-351.1.i586.rpm php5-xmlwriter-5.3.5-351.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-351.1.i586.rpm php5-xsl-5.3.5-351.1.i586.rpm php5-xsl-debuginfo-5.3.5-351.1.i586.rpm php5-zip-5.3.5-351.1.i586.rpm php5-zip-debuginfo-5.3.5-351.1.i586.rpm php5-zlib-5.3.5-351.1.i586.rpm php5-zlib-debuginfo-5.3.5-351.1.i586.rpm apache2-mod_php5-5.3.5-351.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-351.1.x86_64.rpm php5-5.3.5-351.1.x86_64.rpm php5-bcmath-5.3.5-351.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-351.1.x86_64.rpm php5-bz2-5.3.5-351.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-351.1.x86_64.rpm php5-calendar-5.3.5-351.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-351.1.x86_64.rpm php5-ctype-5.3.5-351.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-351.1.x86_64.rpm php5-curl-5.3.5-351.1.x86_64.rpm php5-curl-debuginfo-5.3.5-351.1.x86_64.rpm php5-dba-5.3.5-351.1.x86_64.rpm php5-dba-debuginfo-5.3.5-351.1.x86_64.rpm php5-debuginfo-5.3.5-351.1.x86_64.rpm php5-debugsource-5.3.5-351.1.x86_64.rpm php5-devel-5.3.5-351.1.x86_64.rpm php5-dom-5.3.5-351.1.x86_64.rpm php5-dom-debuginfo-5.3.5-351.1.x86_64.rpm php5-enchant-5.3.5-351.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-351.1.x86_64.rpm php5-exif-5.3.5-351.1.x86_64.rpm php5-exif-debuginfo-5.3.5-351.1.x86_64.rpm php5-fastcgi-5.3.5-351.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-351.1.x86_64.rpm php5-fileinfo-5.3.5-351.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-351.1.x86_64.rpm php5-fpm-5.3.5-351.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-351.1.x86_64.rpm php5-ftp-5.3.5-351.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-351.1.x86_64.rpm php5-gd-5.3.5-351.1.x86_64.rpm php5-gd-debuginfo-5.3.5-351.1.x86_64.rpm php5-gettext-5.3.5-351.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-351.1.x86_64.rpm php5-gmp-5.3.5-351.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-351.1.x86_64.rpm php5-hash-5.3.5-351.1.x86_64.rpm php5-hash-debuginfo-5.3.5-351.1.x86_64.rpm php5-iconv-5.3.5-351.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-351.1.x86_64.rpm php5-imap-5.3.5-351.1.x86_64.rpm php5-imap-debuginfo-5.3.5-351.1.x86_64.rpm php5-intl-5.3.5-351.1.x86_64.rpm php5-intl-debuginfo-5.3.5-351.1.x86_64.rpm php5-json-5.3.5-351.1.x86_64.rpm php5-json-debuginfo-5.3.5-351.1.x86_64.rpm php5-ldap-5.3.5-351.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-351.1.x86_64.rpm php5-mbstring-5.3.5-351.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-351.1.x86_64.rpm php5-mcrypt-5.3.5-351.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-351.1.x86_64.rpm php5-mysql-5.3.5-351.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-351.1.x86_64.rpm php5-odbc-5.3.5-351.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-351.1.x86_64.rpm php5-openssl-5.3.5-351.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-351.1.x86_64.rpm php5-pcntl-5.3.5-351.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-351.1.x86_64.rpm php5-pdo-5.3.5-351.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-351.1.x86_64.rpm php5-pgsql-5.3.5-351.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-351.1.x86_64.rpm php5-phar-5.3.5-351.1.x86_64.rpm php5-phar-debuginfo-5.3.5-351.1.x86_64.rpm php5-posix-5.3.5-351.1.x86_64.rpm php5-posix-debuginfo-5.3.5-351.1.x86_64.rpm php5-pspell-5.3.5-351.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-351.1.x86_64.rpm php5-readline-5.3.5-351.1.x86_64.rpm php5-readline-debuginfo-5.3.5-351.1.x86_64.rpm php5-shmop-5.3.5-351.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-351.1.x86_64.rpm php5-snmp-5.3.5-351.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-351.1.x86_64.rpm php5-soap-5.3.5-351.1.x86_64.rpm php5-soap-debuginfo-5.3.5-351.1.x86_64.rpm php5-sockets-5.3.5-351.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-351.1.x86_64.rpm php5-sqlite-5.3.5-351.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-351.1.x86_64.rpm php5-suhosin-5.3.5-351.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-351.1.x86_64.rpm php5-sysvmsg-5.3.5-351.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-351.1.x86_64.rpm php5-sysvsem-5.3.5-351.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-351.1.x86_64.rpm php5-sysvshm-5.3.5-351.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-351.1.x86_64.rpm php5-tidy-5.3.5-351.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-351.1.x86_64.rpm php5-tokenizer-5.3.5-351.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-351.1.x86_64.rpm php5-wddx-5.3.5-351.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-351.1.x86_64.rpm php5-xmlreader-5.3.5-351.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-351.1.x86_64.rpm php5-xmlrpc-5.3.5-351.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-351.1.x86_64.rpm php5-xmlwriter-5.3.5-351.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-351.1.x86_64.rpm php5-xsl-5.3.5-351.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-351.1.x86_64.rpm php5-zip-5.3.5-351.1.x86_64.rpm php5-zip-debuginfo-5.3.5-351.1.x86_64.rpm php5-zlib-5.3.5-351.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-351.1.x86_64.rpm openSUSE-2012-578 moderate openSUSE 11.4 Update Opera was updated to 12.02 *Fixed an issue where truncated dialogs may be used to trick users * full changelog available at: http://www.opera.com/docs/changelogs/unix/1202/ - fixes [bnc#778087] opera-12.02-28.1.i586.rpm opera-12.02-28.1.nosrc.rpm opera-gtk-12.02-28.1.i586.rpm opera-kde4-12.02-28.1.i586.rpm opera-12.02-28.1.x86_64.rpm opera-gtk-12.02-28.1.x86_64.rpm opera-kde4-12.02-28.1.x86_64.rpm openSUSE-2012-601 critical openSUSE 11.4 Update The icedtea-web Java plugin was updated to 1.11.4 to fix critical security issues: * Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references * OpenJDK - S7182135: Impossible to use some editors directly - S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE java-1_6_0-openjdk-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.4-0.17.1.src.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.4-0.17.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.4-0.17.1.x86_64.rpm openSUSE-2012-600 moderate openSUSE 11.4 Update - fix starttls command injection issue (CVE-2012-3523), [bnc#776967] - handle /var/run on tmpfs. [bnc#778439] inn-2.5.2-9.1.i586.rpm inn-2.5.2-9.1.src.rpm inn-debuginfo-2.5.2-9.1.i586.rpm inn-debugsource-2.5.2-9.1.i586.rpm inn-devel-2.5.2-9.1.i586.rpm mininews-2.5.2-9.1.i586.rpm mininews-debuginfo-2.5.2-9.1.i586.rpm inn-2.5.2-9.1.x86_64.rpm inn-debuginfo-2.5.2-9.1.x86_64.rpm inn-debugsource-2.5.2-9.1.x86_64.rpm inn-devel-2.5.2-9.1.x86_64.rpm mininews-2.5.2-9.1.x86_64.rpm mininews-debuginfo-2.5.2-9.1.x86_64.rpm openSUSE-2012-591 moderate openSUSE 11.4 Update - Fix VT100 emulation vulnerability (bnc#777084) (CVE-2012-3515) kvm-0.14.0.0-23.1.i586.rpm kvm-0.14.0.0-23.1.src.rpm kvm-debuginfo-0.14.0.0-23.1.i586.rpm kvm-debugsource-0.14.0.0-23.1.i586.rpm kvm-0.14.0.0-23.1.x86_64.rpm kvm-debuginfo-0.14.0.0-23.1.x86_64.rpm kvm-debugsource-0.14.0.0-23.1.x86_64.rpm openSUSE-2012-596 important openSUSE 11.4 Update Security Update for Xen Following fixes were done: - bnc#776995 - attaching scsi control luns with pvscsi - xend/pvscsi: fix passing of SCSI control LUNs xen-bug776995-pvscsi-no-devname.patch - xend/pvscsi: fix usage of persistant device names for SCSI devices xen-bug776995-pvscsi-persistent-names.patch - xend/pvscsi: update sysfs parser for Linux 3.0 xen-bug776995-pvscsi-sysfs-parser.patch - bnc#777090 - VUL-0: CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12) CVE-2012-3494-xsa12.patch - bnc#777091 - VUL-0: CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability (XSA-14) CVE-2012-3496-xsa14.patch - bnc#777084 - VUL-0: CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17) CVE-2012-3515-xsa17.patch - bnc#744771 - VM with passed through PCI card fails to reboot under dom0 load 24888-pci-release-devices.patch - Upstream patches from Jan 25431-x86-EDD-MBR-sig-check.patch 25459-page-list-splice.patch 25478-x86-unknown-NMI-deadlock.patch 25480-x86_64-sysret-canonical.patch 25481-x86_64-AMD-erratum-121.patch 25485-x86_64-canonical-checks.patch 25587-param-parse-limit.patch 25617-vtd-qinval-addr.patch 25688-x86-nr_irqs_gsi.patch - bnc#773393 - VUL-0: CVE-2012-3433: xen: HVM guest destroy p2m teardown host DoS vulnerability CVE-2012-3433-xsa11.patch - bnc#773401 - VUL-1: CVE-2012-3432: xen: HVM guest user mode MMIO emulation DoS 25682-x86-inconsistent-io-state.patch - bnc#762484 - VUL-1: CVE-2012-2625: xen: pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service 25589-pygrub-size-limits.patch xen-4.0.3_04-45.1.i586.rpm True xen-4.0.3_04-45.1.src.rpm True xen-debugsource-4.0.3_04-45.1.i586.rpm True xen-devel-4.0.3_04-45.1.i586.rpm True xen-doc-html-4.0.3_04-45.1.i586.rpm True xen-doc-pdf-4.0.3_04-45.1.i586.rpm True xen-kmp-default-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-kmp-default-debuginfo-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-kmp-desktop-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-kmp-desktop-debuginfo-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-kmp-pae-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-kmp-pae-debuginfo-4.0.3_04_k2.6.37.6_0.20-45.1.i586.rpm True xen-libs-4.0.3_04-45.1.i586.rpm True xen-libs-debuginfo-4.0.3_04-45.1.i586.rpm True xen-tools-4.0.3_04-45.1.i586.rpm True xen-tools-debuginfo-4.0.3_04-45.1.i586.rpm True xen-tools-domU-4.0.3_04-45.1.i586.rpm True xen-tools-domU-debuginfo-4.0.3_04-45.1.i586.rpm True xen-4.0.3_04-45.1.x86_64.rpm True xen-debugsource-4.0.3_04-45.1.x86_64.rpm True xen-devel-4.0.3_04-45.1.x86_64.rpm True xen-doc-html-4.0.3_04-45.1.x86_64.rpm True xen-doc-pdf-4.0.3_04-45.1.x86_64.rpm True xen-kmp-default-4.0.3_04_k2.6.37.6_0.20-45.1.x86_64.rpm True xen-kmp-default-debuginfo-4.0.3_04_k2.6.37.6_0.20-45.1.x86_64.rpm True xen-kmp-desktop-4.0.3_04_k2.6.37.6_0.20-45.1.x86_64.rpm True xen-kmp-desktop-debuginfo-4.0.3_04_k2.6.37.6_0.20-45.1.x86_64.rpm True xen-libs-4.0.3_04-45.1.x86_64.rpm True xen-libs-debuginfo-4.0.3_04-45.1.x86_64.rpm True xen-tools-4.0.3_04-45.1.x86_64.rpm True xen-tools-debuginfo-4.0.3_04-45.1.x86_64.rpm True xen-tools-domU-4.0.3_04-45.1.x86_64.rpm True xen-tools-domU-debuginfo-4.0.3_04-45.1.x86_64.rpm True openSUSE-2012-599 important openSUSE 11.4 Update qemu was fixed to add bounds checking for VT100 escape code parsing and cursor placement. Also qemu was updated on 12.2 and 11.4 to the latest stable release (v1.1.1 and v0.14.1 respectively). qemu-0.14.1-1.10.1.i586.rpm qemu-0.14.1-1.10.1.src.rpm qemu-debuginfo-0.14.1-1.10.1.i586.rpm qemu-debugsource-0.14.1-1.10.1.i586.rpm qemu-0.14.1-1.10.1.x86_64.rpm qemu-debuginfo-0.14.1-1.10.1.x86_64.rpm qemu-debugsource-0.14.1-1.10.1.x86_64.rpm openSUSE-2012-593 moderate openSUSE 11.4 Update Strongswan was updated to fix a charon keying daemon start failure with openssl (bnc#779038). strongswan-4.5.0-6.48.1.i586.rpm strongswan-4.5.0-6.48.1.src.rpm strongswan-debugsource-4.5.0-6.48.1.i586.rpm strongswan-doc-4.5.0-6.48.1.i586.rpm strongswan-ikev1-4.5.0-6.48.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-ikev2-4.5.0-6.48.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-ipsec-4.5.0-6.48.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-libs0-4.5.0-6.48.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-mysql-4.5.0-6.48.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-nm-4.5.0-6.48.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-sqlite-4.5.0-6.48.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.48.1.i586.rpm strongswan-4.5.0-6.48.1.x86_64.rpm strongswan-debugsource-4.5.0-6.48.1.x86_64.rpm strongswan-doc-4.5.0-6.48.1.x86_64.rpm strongswan-ikev1-4.5.0-6.48.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-ikev2-4.5.0-6.48.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-ipsec-4.5.0-6.48.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-libs0-4.5.0-6.48.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-mysql-4.5.0-6.48.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-nm-4.5.0-6.48.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.48.1.x86_64.rpm strongswan-sqlite-4.5.0-6.48.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.48.1.x86_64.rpm openSUSE-2012-624 moderate openSUSE 11.4 Update - added 3-0-escape_html-activesupport.patch: (bnc#775653) Also encode single quote (CVE-2012-3464) - added 3-0-strip_tags.patch: (bnc#775649) Do not mark strip_tags result as html_safe CVE-2012-3465 rubygem-actionpack-2_3-2.3.14-0.19.2.i586.rpm rubygem-actionpack-2_3-2.3.14-0.19.2.src.rpm rubygem-actionpack-2_3-doc-2.3.14-0.19.2.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.19.2.i586.rpm rubygem-activesupport-2_3-2.3.14-0.12.1.i586.rpm rubygem-activesupport-2_3-2.3.14-0.12.1.src.rpm rubygem-activesupport-2_3-doc-2.3.14-0.12.1.i586.rpm rubygem-actionpack-2_3-2.3.14-0.19.2.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.14-0.19.2.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.19.2.x86_64.rpm rubygem-activesupport-2_3-2.3.14-0.12.1.x86_64.rpm rubygem-activesupport-2_3-doc-2.3.14-0.12.1.x86_64.rpm openSUSE-2012-612 low openSUSE 11.4 Update This updates icedtea-web to version 1.3: - bnc#779001: update to 1.3 - New features: * Web Start launch errors are now printed to give proper indication as to the cause * Significant performance improvement when loading applets that refer to missing classes * Support for latest versions of Chromium * Security warning dialog improvements to better clarify security request * Support build with GTK2 and GTK3 * Cookie write support (i.e set cookies in browser via Java/Applet) - Common: * Applet window icon improved - Plug-in: * PR975: Ignore classpaths specified in jar manifests when using jnlp_href * PR1011: Treat folders as such when specified in archive tags * PR855: AppletStub getDocumentBase() now returns full URL * PR722: Unsigned META-INF entries are ignored * PR861: Jars can now load from non codebase hosts * PR1106: Icedtea 1.2.1 crashes Firefox 14 - Web Start: * PR898: Large signed JNLP files now supported * PR811: URLs with spaces now handled correctly icedtea-web-1.3-0.20.1.i586.rpm icedtea-web-1.3-0.20.1.src.rpm icedtea-web-debuginfo-1.3-0.20.1.i586.rpm icedtea-web-debugsource-1.3-0.20.1.i586.rpm icedtea-web-javadoc-1.3-0.20.1.noarch.rpm icedtea-web-1.3-0.20.1.x86_64.rpm icedtea-web-debuginfo-1.3-0.20.1.x86_64.rpm icedtea-web-debugsource-1.3-0.20.1.x86_64.rpm openSUSE-2012-616 important openSUSE 11.4 Update This update of freeradius fixes a stack overflow in TLS handling, which can be exploited by remote attackers able to access Radius to execute code. freeradius-server-2.1.10-8.1.i586.rpm freeradius-server-2.1.10-8.1.src.rpm freeradius-server-debuginfo-2.1.10-8.1.i586.rpm freeradius-server-debugsource-2.1.10-8.1.i586.rpm freeradius-server-devel-2.1.10-8.1.i586.rpm freeradius-server-dialupadmin-2.1.10-8.1.i586.rpm freeradius-server-doc-2.1.10-8.1.i586.rpm freeradius-server-libs-2.1.10-8.1.i586.rpm freeradius-server-libs-debuginfo-2.1.10-8.1.i586.rpm freeradius-server-utils-2.1.10-8.1.i586.rpm freeradius-server-utils-debuginfo-2.1.10-8.1.i586.rpm freeradius-server-2.1.10-8.1.x86_64.rpm freeradius-server-debuginfo-2.1.10-8.1.x86_64.rpm freeradius-server-debugsource-2.1.10-8.1.x86_64.rpm freeradius-server-devel-2.1.10-8.1.x86_64.rpm freeradius-server-dialupadmin-2.1.10-8.1.x86_64.rpm freeradius-server-doc-2.1.10-8.1.x86_64.rpm freeradius-server-libs-2.1.10-8.1.x86_64.rpm freeradius-server-libs-debuginfo-2.1.10-8.1.x86_64.rpm freeradius-server-utils-2.1.10-8.1.x86_64.rpm freeradius-server-utils-debuginfo-2.1.10-8.1.x86_64.rpm openSUSE-2012-620 moderate openSUSE 11.4 Update - fix a XSS vulnerability: bnc#778655 (CVE-2012-4600) - update to 2.4.14 (openSUSE 11.4) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. - update to 3.0.16 (openSUSE 12.1) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. * Bug#8611 - Ticket count is wrong in QueueView. - update to 3.1.10 (openSUSE 12.2) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. * Bug#8611 - Ticket count is wrong in QueueView. * Bug#8698 - Layout.pm only looks at first entry from HTTP_ACCEPT_LANGUAGE to determine language. * Bug#8731 - LDAP group check returns wrong error. otrs-2.4.14-14.1.noarch.rpm otrs-2.4.14-14.1.src.rpm otrs-doc-2.4.14-14.1.noarch.rpm otrs-itsm-2.1.5-14.1.noarch.rpm openSUSE-2012-626 moderate openSUSE 11.4 Update Mozilla Firefox was updated to 15.0.1 (bnc#779936) * Sites visited while in Private Browsing mode could be found through manual browser cache inspection (bmo#787743) MozillaFirefox-15.0.1-35.1.i586.rpm MozillaFirefox-15.0.1-35.1.src.rpm MozillaFirefox-branding-upstream-15.0.1-35.1.i586.rpm MozillaFirefox-buildsymbols-15.0.1-35.1.i586.rpm MozillaFirefox-debuginfo-15.0.1-35.1.i586.rpm MozillaFirefox-debugsource-15.0.1-35.1.i586.rpm MozillaFirefox-devel-15.0.1-35.1.i586.rpm MozillaFirefox-translations-common-15.0.1-35.1.i586.rpm MozillaFirefox-translations-other-15.0.1-35.1.i586.rpm seamonkey-2.12.1-31.1.i586.rpm seamonkey-2.12.1-31.1.src.rpm seamonkey-debuginfo-2.12.1-31.1.i586.rpm seamonkey-debugsource-2.12.1-31.1.i586.rpm seamonkey-dom-inspector-2.12.1-31.1.i586.rpm seamonkey-irc-2.12.1-31.1.i586.rpm seamonkey-translations-common-2.12.1-31.1.i586.rpm seamonkey-translations-other-2.12.1-31.1.i586.rpm seamonkey-venkman-2.12.1-31.1.i586.rpm MozillaFirefox-15.0.1-35.1.x86_64.rpm MozillaFirefox-branding-upstream-15.0.1-35.1.x86_64.rpm MozillaFirefox-buildsymbols-15.0.1-35.1.x86_64.rpm MozillaFirefox-debuginfo-15.0.1-35.1.x86_64.rpm MozillaFirefox-debugsource-15.0.1-35.1.x86_64.rpm MozillaFirefox-devel-15.0.1-35.1.x86_64.rpm MozillaFirefox-translations-common-15.0.1-35.1.x86_64.rpm MozillaFirefox-translations-other-15.0.1-35.1.x86_64.rpm seamonkey-2.12.1-31.1.x86_64.rpm seamonkey-debuginfo-2.12.1-31.1.x86_64.rpm seamonkey-debugsource-2.12.1-31.1.x86_64.rpm seamonkey-dom-inspector-2.12.1-31.1.x86_64.rpm seamonkey-irc-2.12.1-31.1.x86_64.rpm seamonkey-translations-common-2.12.1-31.1.x86_64.rpm seamonkey-translations-other-2.12.1-31.1.x86_64.rpm seamonkey-venkman-2.12.1-31.1.x86_64.rpm openSUSE-2012-668 important openSUSE 11.4 Update The following security issue was fixed in ghostscript: Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. ghostscript-devel-9.00-4.48.1.i586.rpm ghostscript-fonts-other-9.00-4.48.1.noarch.rpm ghostscript-fonts-rus-9.00-4.48.1.noarch.rpm ghostscript-fonts-std-9.00-4.48.1.noarch.rpm ghostscript-ijs-devel-9.00-4.48.1.i586.rpm ghostscript-library-9.00-4.48.1.i586.rpm ghostscript-library-9.00-4.48.1.src.rpm ghostscript-library-debuginfo-9.00-4.48.1.i586.rpm ghostscript-library-debugsource-9.00-4.48.1.i586.rpm ghostscript-x11-9.00-4.48.1.i586.rpm ghostscript-x11-debuginfo-9.00-4.48.1.i586.rpm libgimpprint-4.2.7-334.48.1.i586.rpm libgimpprint-debuginfo-4.2.7-334.48.1.i586.rpm libgimpprint-devel-4.2.7-334.48.1.i586.rpm ghostscript-devel-9.00-4.48.1.x86_64.rpm ghostscript-ijs-devel-9.00-4.48.1.x86_64.rpm ghostscript-library-9.00-4.48.1.x86_64.rpm ghostscript-library-debuginfo-9.00-4.48.1.x86_64.rpm ghostscript-library-debugsource-9.00-4.48.1.x86_64.rpm ghostscript-x11-9.00-4.48.1.x86_64.rpm ghostscript-x11-debuginfo-9.00-4.48.1.x86_64.rpm libgimpprint-4.2.7-334.48.1.x86_64.rpm libgimpprint-debuginfo-4.2.7-334.48.1.x86_64.rpm libgimpprint-devel-4.2.7-334.48.1.x86_64.rpm openSUSE-2012-615 critical openSUSE 11.4 Update A remote denial of service attack was fixed in the BIND DNS nameserver, which could be caused by attackers providing a specifically prepared zone file for recursive transfer. (CVE-2012-4244) bind-9.7.6P3-0.37.1.i586.rpm bind-9.7.6P3-0.37.1.src.rpm bind-chrootenv-9.7.6P3-0.37.1.i586.rpm bind-debuginfo-9.7.6P3-0.37.1.i586.rpm bind-debugsource-9.7.6P3-0.37.1.i586.rpm bind-devel-9.7.6P3-0.37.1.i586.rpm bind-doc-9.7.6P3-0.37.1.noarch.rpm bind-libs-32bit-9.7.6P3-0.37.1.x86_64.rpm bind-libs-9.7.6P3-0.37.1.i586.rpm bind-libs-debuginfo-32bit-9.7.6P3-0.37.1.x86_64.rpm bind-libs-debuginfo-9.7.6P3-0.37.1.i586.rpm bind-libs-debuginfo-x86-9.7.6P3-0.37.1.ia64.rpm bind-libs-x86-9.7.6P3-0.37.1.ia64.rpm bind-lwresd-9.7.6P3-0.37.1.i586.rpm bind-lwresd-debuginfo-9.7.6P3-0.37.1.i586.rpm bind-utils-9.7.6P3-0.37.1.i586.rpm bind-utils-debuginfo-9.7.6P3-0.37.1.i586.rpm bind-9.7.6P3-0.37.1.x86_64.rpm bind-chrootenv-9.7.6P3-0.37.1.x86_64.rpm bind-debuginfo-9.7.6P3-0.37.1.x86_64.rpm bind-debugsource-9.7.6P3-0.37.1.x86_64.rpm bind-devel-9.7.6P3-0.37.1.x86_64.rpm bind-libs-9.7.6P3-0.37.1.x86_64.rpm bind-libs-debuginfo-9.7.6P3-0.37.1.x86_64.rpm bind-lwresd-9.7.6P3-0.37.1.x86_64.rpm bind-lwresd-debuginfo-9.7.6P3-0.37.1.x86_64.rpm bind-utils-9.7.6P3-0.37.1.x86_64.rpm bind-utils-debuginfo-9.7.6P3-0.37.1.x86_64.rpm openSUSE-2012-713 low openSUSE 11.4 Update A buffer overflow in the mcrypt commandlinetool was fixed, when the user could be tricked into a prepared file. mcrypt-2.6.8-19.1.i586.rpm mcrypt-2.6.8-19.1.src.rpm mcrypt-debuginfo-2.6.8-19.1.i586.rpm mcrypt-debugsource-2.6.8-19.1.i586.rpm mcrypt-2.6.8-19.1.x86_64.rpm mcrypt-debuginfo-2.6.8-19.1.x86_64.rpm mcrypt-debugsource-2.6.8-19.1.x86_64.rpm openSUSE-2012-757 moderate openSUSE 11.4 Update - Fix tmp issues in annotate-output (bnc#778291, CVE-2012-3500) deb-1.15.6.1-10.1.i586.rpm deb-1.15.6.1-10.1.src.rpm deb-debuginfo-1.15.6.1-10.1.i586.rpm deb-debugsource-1.15.6.1-10.1.i586.rpm deb-devel-1.15.6.1-10.1.i586.rpm deb-lang-1.15.6.1-10.1.noarch.rpm deb-1.15.6.1-10.1.x86_64.rpm deb-debuginfo-1.15.6.1-10.1.x86_64.rpm deb-debugsource-1.15.6.1-10.1.x86_64.rpm deb-devel-1.15.6.1-10.1.x86_64.rpm openSUSE-2012-642 moderate openSUSE 11.4 Update - Update to ISC dhcp-4.2.4-P2 release, providing a security fix for an issue with the use of lease times was found and fixed. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. ([ISC-Bugs #30281], CVE: CVE-2012-3955, bnc#780167) dhcp-4.2.4.P2-0.30.1.i586.rpm dhcp-4.2.4.P2-0.30.1.src.rpm dhcp-client-4.2.4.P2-0.30.1.i586.rpm dhcp-client-debuginfo-4.2.4.P2-0.30.1.i586.rpm dhcp-debuginfo-4.2.4.P2-0.30.1.i586.rpm dhcp-debugsource-4.2.4.P2-0.30.1.i586.rpm dhcp-devel-4.2.4.P2-0.30.1.i586.rpm dhcp-doc-4.2.4.P2-0.30.1.i586.rpm dhcp-relay-4.2.4.P2-0.30.1.i586.rpm dhcp-relay-debuginfo-4.2.4.P2-0.30.1.i586.rpm dhcp-server-4.2.4.P2-0.30.1.i586.rpm dhcp-server-debuginfo-4.2.4.P2-0.30.1.i586.rpm dhcp-4.2.4.P2-0.30.1.x86_64.rpm dhcp-client-4.2.4.P2-0.30.1.x86_64.rpm dhcp-client-debuginfo-4.2.4.P2-0.30.1.x86_64.rpm dhcp-debuginfo-4.2.4.P2-0.30.1.x86_64.rpm dhcp-debugsource-4.2.4.P2-0.30.1.x86_64.rpm dhcp-devel-4.2.4.P2-0.30.1.x86_64.rpm dhcp-doc-4.2.4.P2-0.30.1.x86_64.rpm dhcp-relay-4.2.4.P2-0.30.1.x86_64.rpm dhcp-relay-debuginfo-4.2.4.P2-0.30.1.x86_64.rpm dhcp-server-4.2.4.P2-0.30.1.x86_64.rpm dhcp-server-debuginfo-4.2.4.P2-0.30.1.x86_64.rpm openSUSE-2012-634 low openSUSE 11.4 Update This update fixes the following issues for xfce4-panel-plugin-weather - update to version 0.8.2 (bnc#735590) - Migrate to libxfce4ui. - Better handling of vertical and deskbar modes. - Fix adjusting label text size to panel size. - Fix scrollbox scroll direction in vertical mode. - Major rewrite: Migrate to yr.no API instead of weather.com. The plugin now uses data from the Norwegian Meteorological Institute, which is a bit different and forced a redesign of the summary window and more logic for computing the values. This rewrite means the hassle with the expiring license keys is finally gone, and the plugin shouldn't stop working suddenly, as API changes are announced quite some time before they become active. Forecasts for up to 10 days are provided, depending on the location. The location is defined by latitude and longitude, the actual name is only used for presentation. - Switch to the new GeoIP service at geoip.xfce.org, the old one has stopped working correctly quite some time ago. - Automatically set system of measurement depending on the GeoIP country code. - Fix wrong location search results - Enlarge the search dialog. It's now capable of showing 10 or more results instead of only 2 or 3. - Nice error message in summary window when no location was set or when there's no data available. - Make left click toggle the forecast window. - Optimized update intervals (downloading data and presentation). This should also fix update issues after suspend/resume. - Add move label up/down buttons to config dialog. - Add shortcuts to the widgets in the config dialog. - Add shortcuts for accessing the notebook pages in the forecast window. - Fix compilation warnings, possible null pointer errors, memory leaks, hardcoded values, make more strings translatable. - show more information in panel plugin tooltip - tooltip for location name in config dialog now shows latitude and longitude, or clearer instructions what to do - fetch sunrise/sunset times via met.no webservice; this way we get moon phase, moonrise and moonset for free - better handling of sanitizing location name - correct texts in search dialog - set text color on alternate cells in forecast table - bump minimum requirements to Xfce 4.6 - build the plugin as a module - fix many smaller bugs like uninitialized, unused variables etc - reformat and cleanup source code, improve code quality - translation updates - lots of translations updates - update liquid icon set to be complete - improve sleet icons - improve rain icons for darker panels - correct symbol descriptions and add comments with explanations - correct and improve liquid icons - updated README with documentation from Xfce Goodies homepage - add debugging code and instructions on how to debug in README - add section about theming and icon sets in README - remove code for now unsupported GTK/GLIB versions - bump minimum requirements to match Xfce-4.8 (yes, they were needed before) and drop some legacy code - fix ugly GDK_WINDOW assertion when opening the summary window - clear scrollbox labels before updating conditions - correct "Astrological data" to "Astronomical data" - variable name fix for Solaris - fix crash in summary window when something weird happens - some more code refactoring, clean up and minor fixes - updated description - add dependency on exo-tools since exo-open is used - specfile cleanup - correct dependencies - split off -lang subpackage xfce4-panel-plugin-battery-1.0.0-2.134.1.i586.rpm xfce4-panel-plugin-battery-debuginfo-1.0.0-2.134.1.i586.rpm xfce4-panel-plugin-cddrive-0.0.1-19.134.1.i586.rpm xfce4-panel-plugin-cddrive-debuginfo-0.0.1-19.134.1.i586.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.134.1.i586.rpm xfce4-panel-plugin-cellmodem-debuginfo-0.0.5-24.134.1.i586.rpm xfce4-panel-plugin-clipman-1.1.3-18.134.1.i586.rpm xfce4-panel-plugin-clipman-debuginfo-1.1.3-18.134.1.i586.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.134.1.i586.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.134.1.i586.rpm xfce4-panel-plugin-cpufreq-debuginfo-1.0.0-3.134.1.i586.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.134.1.i586.rpm xfce4-panel-plugin-cpugraph-debuginfo-1.0.1-6.134.1.i586.rpm xfce4-panel-plugin-datetime-0.6.1-18.134.1.i586.rpm xfce4-panel-plugin-datetime-debuginfo-0.6.1-18.134.1.i586.rpm xfce4-panel-plugin-diskperf-2.3.0-3.134.1.i586.rpm xfce4-panel-plugin-diskperf-debuginfo-2.3.0-3.134.1.i586.rpm xfce4-panel-plugin-eyes-4.4.1-2.134.1.i586.rpm xfce4-panel-plugin-eyes-debuginfo-4.4.1-2.134.1.i586.rpm xfce4-panel-plugin-fsguard-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-fsguard-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-genmon-3.2-24.134.1.i586.rpm xfce4-panel-plugin-genmon-debuginfo-3.2-24.134.1.i586.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.134.1.i586.rpm xfce4-panel-plugin-mailwatch-debuginfo-1.1.0-6.134.1.i586.rpm xfce4-panel-plugin-mount-0.5.5-18.134.1.i586.rpm xfce4-panel-plugin-mount-debuginfo-0.5.5-18.134.1.i586.rpm xfce4-panel-plugin-mpc-0.3.6-3.134.1.i586.rpm xfce4-panel-plugin-mpc-debuginfo-0.3.6-3.134.1.i586.rpm xfce4-panel-plugin-netload-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-netload-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-notes-1.7.7-6.134.1.i586.rpm xfce4-panel-plugin-notes-debuginfo-1.7.7-6.134.1.i586.rpm xfce4-panel-plugin-places-1.2.0-17.134.1.i586.rpm xfce4-panel-plugin-places-debuginfo-1.2.0-17.134.1.i586.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.134.1.i586.rpm xfce4-panel-plugin-quicklauncher-debuginfo-1.9.4-24.134.1.i586.rpm xfce4-panel-plugin-radio-0.4.4-6.134.1.i586.rpm xfce4-panel-plugin-radio-debuginfo-0.4.4-6.134.1.i586.rpm xfce4-panel-plugin-sensors-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-sensors-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.134.1.i586.rpm xfce4-panel-plugin-smartbookmark-debuginfo-0.4.2-24.134.1.i586.rpm xfce4-panel-plugin-systemload-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-systemload-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-timeout-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-timeout-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-timer-0.6.1-18.134.1.i586.rpm xfce4-panel-plugin-timer-debuginfo-0.6.1-18.134.1.i586.rpm xfce4-panel-plugin-verve-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-verve-debuginfo-1.0.0-4.134.1.i586.rpm xfce4-panel-plugin-wavelan-0.5.6-6.134.1.i586.rpm xfce4-panel-plugin-wavelan-debuginfo-0.5.6-6.134.1.i586.rpm xfce4-panel-plugin-weather-0.8.2-3.134.1.i586.rpm xfce4-panel-plugin-weather-debuginfo-0.8.2-3.134.1.i586.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.134.1.i586.rpm xfce4-panel-plugin-xfapplet-debuginfo-0.1.0-24.134.1.i586.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.134.1.i586.rpm xfce4-panel-plugin-xkb-debuginfo-0.5.4.2-0.134.1.i586.rpm xfce4-panel-plugin-xmms-0.5.3-3.134.1.i586.rpm xfce4-panel-plugin-xmms-debuginfo-0.5.3-3.134.1.i586.rpm xfce4-panel-plugins-4.8.0-3.134.1.src.rpm xfce4-panel-plugins-debugsource-4.8.0-3.134.1.i586.rpm xfce4-panel-plugin-battery-1.0.0-2.134.1.x86_64.rpm xfce4-panel-plugin-battery-debuginfo-1.0.0-2.134.1.x86_64.rpm xfce4-panel-plugin-cddrive-0.0.1-19.134.1.x86_64.rpm xfce4-panel-plugin-cddrive-debuginfo-0.0.1-19.134.1.x86_64.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.134.1.x86_64.rpm xfce4-panel-plugin-cellmodem-debuginfo-0.0.5-24.134.1.x86_64.rpm xfce4-panel-plugin-clipman-1.1.3-18.134.1.x86_64.rpm xfce4-panel-plugin-clipman-debuginfo-1.1.3-18.134.1.x86_64.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.134.1.x86_64.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.134.1.x86_64.rpm xfce4-panel-plugin-cpufreq-debuginfo-1.0.0-3.134.1.x86_64.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.134.1.x86_64.rpm xfce4-panel-plugin-cpugraph-debuginfo-1.0.1-6.134.1.x86_64.rpm xfce4-panel-plugin-datetime-0.6.1-18.134.1.x86_64.rpm xfce4-panel-plugin-datetime-debuginfo-0.6.1-18.134.1.x86_64.rpm xfce4-panel-plugin-diskperf-2.3.0-3.134.1.x86_64.rpm xfce4-panel-plugin-diskperf-debuginfo-2.3.0-3.134.1.x86_64.rpm xfce4-panel-plugin-eyes-4.4.1-2.134.1.x86_64.rpm xfce4-panel-plugin-eyes-debuginfo-4.4.1-2.134.1.x86_64.rpm xfce4-panel-plugin-fsguard-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-fsguard-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-genmon-3.2-24.134.1.x86_64.rpm xfce4-panel-plugin-genmon-debuginfo-3.2-24.134.1.x86_64.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.134.1.x86_64.rpm xfce4-panel-plugin-mailwatch-debuginfo-1.1.0-6.134.1.x86_64.rpm xfce4-panel-plugin-mount-0.5.5-18.134.1.x86_64.rpm xfce4-panel-plugin-mount-debuginfo-0.5.5-18.134.1.x86_64.rpm xfce4-panel-plugin-mpc-0.3.6-3.134.1.x86_64.rpm xfce4-panel-plugin-mpc-debuginfo-0.3.6-3.134.1.x86_64.rpm xfce4-panel-plugin-netload-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-netload-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-notes-1.7.7-6.134.1.x86_64.rpm xfce4-panel-plugin-notes-debuginfo-1.7.7-6.134.1.x86_64.rpm xfce4-panel-plugin-places-1.2.0-17.134.1.x86_64.rpm xfce4-panel-plugin-places-debuginfo-1.2.0-17.134.1.x86_64.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.134.1.x86_64.rpm xfce4-panel-plugin-quicklauncher-debuginfo-1.9.4-24.134.1.x86_64.rpm xfce4-panel-plugin-radio-0.4.4-6.134.1.x86_64.rpm xfce4-panel-plugin-radio-debuginfo-0.4.4-6.134.1.x86_64.rpm xfce4-panel-plugin-sensors-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-sensors-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.134.1.x86_64.rpm xfce4-panel-plugin-smartbookmark-debuginfo-0.4.2-24.134.1.x86_64.rpm xfce4-panel-plugin-systemload-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-systemload-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-timeout-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-timeout-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-timer-0.6.1-18.134.1.x86_64.rpm xfce4-panel-plugin-timer-debuginfo-0.6.1-18.134.1.x86_64.rpm xfce4-panel-plugin-verve-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-verve-debuginfo-1.0.0-4.134.1.x86_64.rpm xfce4-panel-plugin-wavelan-0.5.6-6.134.1.x86_64.rpm xfce4-panel-plugin-wavelan-debuginfo-0.5.6-6.134.1.x86_64.rpm xfce4-panel-plugin-weather-0.8.2-3.134.1.x86_64.rpm xfce4-panel-plugin-weather-debuginfo-0.8.2-3.134.1.x86_64.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.134.1.x86_64.rpm xfce4-panel-plugin-xfapplet-debuginfo-0.1.0-24.134.1.x86_64.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.134.1.x86_64.rpm xfce4-panel-plugin-xkb-debuginfo-0.5.4.2-0.134.1.x86_64.rpm xfce4-panel-plugin-xmms-0.5.3-3.134.1.x86_64.rpm xfce4-panel-plugin-xmms-debuginfo-0.5.3-3.134.1.x86_64.rpm xfce4-panel-plugins-debugsource-4.8.0-3.134.1.x86_64.rpm openSUSE-2012-673 low openSUSE 11.4 Update This update fixes the following issues for argus-client: - Changed the licence in specfile to GPL-2.0+ and GPL-2.0, since there are no other licences in 3.0.6. - update to 3.0.6 - bnc#739260 - Multiple licensing problems with argus-client 3.0.0 - remove obsolete argus-clients-3.0.0-leak-fix.patch. argus-client-3.0.6-17.1.i586.rpm argus-client-3.0.6-17.1.src.rpm argus-client-debuginfo-3.0.6-17.1.i586.rpm argus-client-debugsource-3.0.6-17.1.i586.rpm argus-client-3.0.6-17.1.x86_64.rpm argus-client-debuginfo-3.0.6-17.1.x86_64.rpm argus-client-debugsource-3.0.6-17.1.x86_64.rpm openSUSE-2012-670 important openSUSE 11.4 Update This update fixed CVE-2012-3524 (getenv() vulnerability), which can be used by local attackers to escalate privileges to root. dbus-1-1.4.1-7.27.1.i586.rpm True dbus-1-1.4.1-7.27.1.src.rpm True dbus-1-32bit-1.4.1-7.27.1.x86_64.rpm True dbus-1-debuginfo-1.4.1-7.27.1.i586.rpm True dbus-1-debuginfo-32bit-1.4.1-7.27.1.x86_64.rpm True dbus-1-debuginfo-x86-1.4.1-7.27.1.ia64.rpm True dbus-1-debugsource-1.4.1-7.27.1.i586.rpm True dbus-1-devel-1.4.1-7.27.1.i586.rpm True dbus-1-devel-32bit-1.4.1-7.27.1.x86_64.rpm True dbus-1-devel-doc-1.4.1-7.27.1.noarch.rpm True dbus-1-x86-1.4.1-7.27.1.ia64.rpm True dbus-1-1.4.1-7.27.1.x86_64.rpm True dbus-1-debuginfo-1.4.1-7.27.1.x86_64.rpm True dbus-1-debugsource-1.4.1-7.27.1.x86_64.rpm True dbus-1-devel-1.4.1-7.27.1.x86_64.rpm True openSUSE-2012-654 low openSUSE 11.4 Update This update fixes the following issues for subversion: - update to 1.6.19 (bnc#780848) - Client-side bugfixes: * handle missing svn:date reported by svnserve gracefully - Server-side bugfixes: * fix possible server hang if a hook script fails to start * fix write-through proxy commit regression introduced in 1.6.17 * partial sync drops properties when converting to adds - Developer-visible changes: * fix the testsuite to avoid FAILs on APR hash order libsvn_auth_gnome_keyring-1-0-1.6.19-1.43.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.19-1.43.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.19-1.43.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.19-1.43.1.i586.rpm subversion-1.6.19-1.43.1.i586.rpm subversion-1.6.19-1.43.1.src.rpm subversion-debuginfo-1.6.19-1.43.1.i586.rpm subversion-debugsource-1.6.19-1.43.1.i586.rpm subversion-devel-1.6.19-1.43.1.i586.rpm subversion-perl-1.6.19-1.43.1.i586.rpm subversion-perl-debuginfo-1.6.19-1.43.1.i586.rpm subversion-python-1.6.19-1.43.1.i586.rpm subversion-python-debuginfo-1.6.19-1.43.1.i586.rpm subversion-ruby-1.6.19-1.43.1.i586.rpm subversion-ruby-debuginfo-1.6.19-1.43.1.i586.rpm subversion-server-1.6.19-1.43.1.i586.rpm subversion-server-debuginfo-1.6.19-1.43.1.i586.rpm subversion-tools-1.6.19-1.43.1.i586.rpm subversion-tools-debuginfo-1.6.19-1.43.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.19-1.43.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.19-1.43.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.19-1.43.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-1.6.19-1.43.1.x86_64.rpm subversion-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-debugsource-1.6.19-1.43.1.x86_64.rpm subversion-devel-1.6.19-1.43.1.x86_64.rpm subversion-perl-1.6.19-1.43.1.x86_64.rpm subversion-perl-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-python-1.6.19-1.43.1.x86_64.rpm subversion-python-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-ruby-1.6.19-1.43.1.x86_64.rpm subversion-ruby-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-server-1.6.19-1.43.1.x86_64.rpm subversion-server-debuginfo-1.6.19-1.43.1.x86_64.rpm subversion-tools-1.6.19-1.43.1.x86_64.rpm subversion-tools-debuginfo-1.6.19-1.43.1.x86_64.rpm openSUSE-2012-655 low openSUSE 11.4 Update This udate fixes the following issues for clamav: - update to 0.97.6 * libclamav: bb#5751 - cl_scansis() may return a file descriptor instead of a valid return code clamav-0.97.6-13.1.i586.rpm clamav-0.97.6-13.1.src.rpm clamav-db-0.97.6-13.1.noarch.rpm clamav-debuginfo-0.97.6-13.1.i586.rpm clamav-debugsource-0.97.6-13.1.i586.rpm clamav-0.97.6-13.1.x86_64.rpm clamav-debuginfo-0.97.6-13.1.x86_64.rpm clamav-debugsource-0.97.6-13.1.x86_64.rpm openSUSE-2012-675 moderate openSUSE 11.4 Update This version upgrade of PostgreSQL fixes following issues: - Bugfix release 9.0.10: * Fix planner's assignment of executor parameters, and fix executor's rescan logic for CTE plan nodes. * Improve page-splitting decisions in GiST indexes. * Fix cascading privilege revoke to stop if privileges are still held. * Improve error messages for Hot Standby misconfiguration errors. * Fix handling of SIGFPE when PL/Perl is in use. * Prevent PL/Perl from crashing if a recursive PL/Perl function is redefined while being executed. * Work around possible misoptimization in PL/Perl. - See also: http://www.postgresql.org/docs/9.0/static/release.html - Security and bugfix release 9.0.9: * Prevent access to external files/URLs via contrib/xml2 (CVE-2012-3488, bnc#776523). * Prevent access to external files/URLs via XML entity references (CVE-2012-3489, bnc#776524). * Fix incorrect password transformation in contrib/pgcrypto (CVE-2012-2143, bnc#766799). * Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655, bnc#765069). - See also: http://www.postgresql.org/docs/9.0/static/release.html - Rename postgresql-mkspecfiles to pre_checkin.sh libecpg6-9.0.10-17.1.i586.rpm libecpg6-debuginfo-9.0.10-17.1.i586.rpm libpq5-32bit-9.0.10-17.1.x86_64.rpm libpq5-9.0.10-17.1.i586.rpm libpq5-debuginfo-32bit-9.0.10-17.1.x86_64.rpm libpq5-debuginfo-9.0.10-17.1.i586.rpm libpq5-debuginfo-x86-9.0.10-17.1.ia64.rpm libpq5-x86-9.0.10-17.1.ia64.rpm postgresql-devel-9.0.10-17.1.i586.rpm postgresql-devel-debuginfo-9.0.10-17.1.i586.rpm postgresql-libs-9.0.10-17.1.src.rpm postgresql-libs-debugsource-9.0.10-17.1.i586.rpm postgresql-9.0.10-17.1.i586.rpm postgresql-9.0.10-17.1.src.rpm postgresql-contrib-9.0.10-17.1.i586.rpm postgresql-contrib-debuginfo-9.0.10-17.1.i586.rpm postgresql-debuginfo-9.0.10-17.1.i586.rpm postgresql-debugsource-9.0.10-17.1.i586.rpm postgresql-docs-9.0.10-17.1.noarch.rpm postgresql-plperl-9.0.10-17.1.i586.rpm postgresql-plperl-debuginfo-9.0.10-17.1.i586.rpm postgresql-plpython-9.0.10-17.1.i586.rpm postgresql-plpython-debuginfo-9.0.10-17.1.i586.rpm postgresql-pltcl-9.0.10-17.1.i586.rpm postgresql-pltcl-debuginfo-9.0.10-17.1.i586.rpm postgresql-server-9.0.10-17.1.i586.rpm postgresql-server-debuginfo-9.0.10-17.1.i586.rpm libecpg6-9.0.10-17.1.x86_64.rpm libecpg6-debuginfo-9.0.10-17.1.x86_64.rpm libpq5-9.0.10-17.1.x86_64.rpm libpq5-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-devel-9.0.10-17.1.x86_64.rpm postgresql-devel-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-libs-debugsource-9.0.10-17.1.x86_64.rpm postgresql-9.0.10-17.1.x86_64.rpm postgresql-contrib-9.0.10-17.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-debugsource-9.0.10-17.1.x86_64.rpm postgresql-plperl-9.0.10-17.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-plpython-9.0.10-17.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-pltcl-9.0.10-17.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.10-17.1.x86_64.rpm postgresql-server-9.0.10-17.1.x86_64.rpm postgresql-server-debuginfo-9.0.10-17.1.x86_64.rpm openSUSE-2012-659 moderate openSUSE 11.4 Update timezone was updated to 2012f level, including this change: Fiji DST was changed to Oct 21st - Jan 20th Also some packaging bugfixes were done. timezone-2012f-6.1.i586.rpm timezone-2012f-6.1.src.rpm timezone-debuginfo-2012f-6.1.i586.rpm timezone-debugsource-2012f-6.1.i586.rpm timezone-2012f-6.1.x86_64.rpm timezone-debuginfo-2012f-6.1.x86_64.rpm timezone-debugsource-2012f-6.1.x86_64.rpm openSUSE-2012-662 low openSUSE 11.4 Update GNU sort(1) on SUSE defaults sort to one thread instead of multithreaded sort. This is a work-around for hard to reproduce multithreaded sort issues that have been reported in the past. Up to now, users on SUSE had to use the command line option --parallel to get multi-threaded sort. The environment variable OMP_NUM_THREADS was wrongly ignored by sort(1) on SUSE. This fix now re-enables OMP_NUM_THREADS. For OMP_NUM_THREADS=n, sort(1) will now use n threads, as described in the info manual. If OMP_NUM_THREADS is unset (the default), sort(1) on SUSE continues to be single-threaded. coreutils-8.9-19.1.i586.rpm coreutils-8.9-19.1.src.rpm coreutils-debuginfo-8.9-19.1.i586.rpm coreutils-debuginfo-x86-8.9-19.1.ia64.rpm coreutils-debugsource-8.9-19.1.i586.rpm coreutils-lang-8.9-19.1.noarch.rpm coreutils-x86-8.9-19.1.ia64.rpm coreutils-8.9-19.1.x86_64.rpm coreutils-debuginfo-8.9-19.1.x86_64.rpm coreutils-debugsource-8.9-19.1.x86_64.rpm openSUSE-2012-696 low openSUSE 11.4 Update VirtualBox was updated to 4.1.22 stable release, bringing lots of security and also bugfixes. The 4.1.22 release is brought to all openSUSE distributions to align their versions. changes in virtualbox 4.1.22 (maintenance release) * VMM: fixed a potential host crash triggered by shutting down a VM when another VM was running * VMM: fixed a potential host crash under a high guest memory pressure (seen with Windows 8 guests) * VMM: respect RAM preallocation while restoring saved state. * VMM: fixed handling of task gates if VT-x/AMD-V is disabled * Storage: fixed audio CD passthrough for certain media players * USB: don't crash if a USB device is plugged or unplugged when saving or loading the VM state (SMP guests only) * RTC: fixed a potential corruption of CMOS bank 1 * Mac OS X hosts: installer fixes for Leopard (4.1.20 regression) * Windows Additions: fixed memory leak in VBoxTray (bug #10808) - changes in virtualbox 4.1.20 (maintenance release) * VMM: fixed a crash under rare circumstances for VMs running without hardware virtualization * VMM: fixed a code analysis bug for certain displacement instructions for VMs running without hardware virtualization * VMM: fixed an interpretion bug for TPR read instructions under rare conditions (AMD-V only) * Snapshots: fixed a crash when restoring an old snapshot when powering off a VM (bugs #9604, #10491) * VBoxSVC: be more tolerant against environment variables with strange encodings (bug #8780) * VGA: fixed wrong access check which might cause a crash under certain conditions * NAT: final fix for crashes under rare conditions (bug #10513) * Virtio-net: fixed the problem with receiving of GSO packets in Windows XP guests causing packet loss in host-to-VM transfers * HPET: several fixes (bugs #10170, #10306) * Clipboard: disable the clipboard by default for new VMs * BIOS: the PCI BIOS was not properly detected with the chipset type set to ICH9 (bugs #9301, #10327) * Mac OS X hosts: adaptions to Mountain Lion * Linux Installer: fixes for Gentoo Linux (bug #10642) * Linux guests: fixed mouse integration on Fedora 17 guests (bug #2306) * Linux Additions: compile fixes for RHEL/CentOS 6.3 (bug #10756) * Linux Additions: compile fixes for Linux 3.5-rc1 and Linux 3.6-rc1 (bug #10709) * Solaris host: fixed a guru meditation while allocating large pages (bug #10600) * Solaris host: fixed possible kernel panics while freeing memory * Solaris Installer: fixed missing icon for menu and desktop shortcuts python-virtualbox-4.0.12-0.48.1.i586.rpm python-virtualbox-debuginfo-4.0.12-0.48.1.i586.rpm virtualbox-4.0.12-0.48.1.i586.rpm virtualbox-4.0.12-0.48.1.src.rpm virtualbox-debuginfo-4.0.12-0.48.1.i586.rpm virtualbox-debugsource-4.0.12-0.48.1.i586.rpm virtualbox-devel-4.0.12-0.48.1.i586.rpm virtualbox-guest-kmp-default-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-kmp-desktop-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-kmp-pae-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-kmp-pae-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-guest-tools-4.0.12-0.48.1.i586.rpm virtualbox-guest-tools-debuginfo-4.0.12-0.48.1.i586.rpm virtualbox-guest-x11-4.0.12-0.48.1.i586.rpm virtualbox-guest-x11-debuginfo-4.0.12-0.48.1.i586.rpm virtualbox-host-kmp-default-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-host-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-host-kmp-desktop-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-host-kmp-pae-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-host-kmp-pae-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.i586.rpm virtualbox-qt-4.0.12-0.48.1.i586.rpm virtualbox-qt-debuginfo-4.0.12-0.48.1.i586.rpm python-virtualbox-4.0.12-0.48.1.x86_64.rpm python-virtualbox-debuginfo-4.0.12-0.48.1.x86_64.rpm virtualbox-4.0.12-0.48.1.x86_64.rpm virtualbox-debuginfo-4.0.12-0.48.1.x86_64.rpm virtualbox-debugsource-4.0.12-0.48.1.x86_64.rpm virtualbox-devel-4.0.12-0.48.1.x86_64.rpm virtualbox-guest-kmp-default-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-guest-kmp-desktop-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-guest-tools-4.0.12-0.48.1.x86_64.rpm virtualbox-guest-tools-debuginfo-4.0.12-0.48.1.x86_64.rpm virtualbox-guest-x11-4.0.12-0.48.1.x86_64.rpm virtualbox-guest-x11-debuginfo-4.0.12-0.48.1.x86_64.rpm virtualbox-host-kmp-default-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-host-kmp-desktop-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.20-0.48.1.x86_64.rpm virtualbox-qt-4.0.12-0.48.1.x86_64.rpm virtualbox-qt-debuginfo-4.0.12-0.48.1.x86_64.rpm openSUSE-2012-684 moderate openSUSE 11.4 Update Multiple bugs were addressed (RPM MD5 checking, lsof output parsing, lastlog workarounded) and improvements were done (tmp handling). seccheck-2.0-677.1.noarch.rpm seccheck-2.0-677.1.src.rpm openSUSE-2012-691 moderate openSUSE 11.4 Update freeradius-server contains the /etc /raddb/sites-available file which was erroneously marked. freeradius-server-2.1.10-12.1.i586.rpm freeradius-server-2.1.10-12.1.src.rpm freeradius-server-debuginfo-2.1.10-12.1.i586.rpm freeradius-server-debugsource-2.1.10-12.1.i586.rpm freeradius-server-devel-2.1.10-12.1.i586.rpm freeradius-server-dialupadmin-2.1.10-12.1.i586.rpm freeradius-server-doc-2.1.10-12.1.i586.rpm freeradius-server-libs-2.1.10-12.1.i586.rpm freeradius-server-libs-debuginfo-2.1.10-12.1.i586.rpm freeradius-server-utils-2.1.10-12.1.i586.rpm freeradius-server-utils-debuginfo-2.1.10-12.1.i586.rpm freeradius-server-2.1.10-12.1.x86_64.rpm freeradius-server-debuginfo-2.1.10-12.1.x86_64.rpm freeradius-server-debugsource-2.1.10-12.1.x86_64.rpm freeradius-server-devel-2.1.10-12.1.x86_64.rpm freeradius-server-dialupadmin-2.1.10-12.1.x86_64.rpm freeradius-server-doc-2.1.10-12.1.x86_64.rpm freeradius-server-libs-2.1.10-12.1.x86_64.rpm freeradius-server-libs-debuginfo-2.1.10-12.1.x86_64.rpm freeradius-server-utils-2.1.10-12.1.x86_64.rpm freeradius-server-utils-debuginfo-2.1.10-12.1.x86_64.rpm openSUSE-2012-698 moderate openSUSE 11.4 Update wireshark is updated to version 1.8.3 on all openSUSE distributions, bringing bug and security fixes. openSUSE 11.4 and 12.1 received a version upgrade, so also receiving lots of new features. wireshark-1.8.3-29.1.i586.rpm wireshark-1.8.3-29.1.src.rpm wireshark-debuginfo-1.8.3-29.1.i586.rpm wireshark-debugsource-1.8.3-29.1.i586.rpm wireshark-devel-1.8.3-29.1.i586.rpm wireshark-1.8.3-29.1.x86_64.rpm wireshark-debuginfo-1.8.3-29.1.x86_64.rpm wireshark-debugsource-1.8.3-29.1.x86_64.rpm wireshark-devel-1.8.3-29.1.x86_64.rpm openSUSE-2012-697 critical openSUSE 11.4 Update Flash Player was updated to 11.2.202.243 * CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272 flash-player-11.2.202.243-23.1.i586.rpm flash-player-11.2.202.243-23.1.nosrc.rpm flash-player-gnome-11.2.202.243-23.1.i586.rpm flash-player-kde4-11.2.202.243-23.1.i586.rpm flash-player-11.2.202.243-23.1.x86_64.rpm flash-player-gnome-11.2.202.243-23.1.x86_64.rpm flash-player-kde4-11.2.202.243-23.1.x86_64.rpm openSUSE-2012-709 important openSUSE 11.4 Update The Mozilla suite received following security updates (bnc#783533): Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer * MFSA 2012-87/CVE-2012-3990 (bmo#787704) MozillaFirefox-16.0.1-41.1.i586.rpm MozillaFirefox-16.0.1-41.1.src.rpm MozillaFirefox-branding-upstream-16.0.1-41.1.i586.rpm MozillaFirefox-buildsymbols-16.0.1-41.1.i586.rpm MozillaFirefox-debuginfo-16.0.1-41.1.i586.rpm MozillaFirefox-debugsource-16.0.1-41.1.i586.rpm MozillaFirefox-devel-16.0.1-41.1.i586.rpm MozillaFirefox-translations-common-16.0.1-41.1.i586.rpm MozillaFirefox-translations-other-16.0.1-41.1.i586.rpm MozillaThunderbird-16.0.1-33.1.i586.rpm MozillaThunderbird-16.0.1-33.1.src.rpm MozillaThunderbird-buildsymbols-16.0.1-33.1.i586.rpm MozillaThunderbird-debuginfo-16.0.1-33.1.i586.rpm MozillaThunderbird-debugsource-16.0.1-33.1.i586.rpm MozillaThunderbird-devel-16.0.1-33.1.i586.rpm MozillaThunderbird-devel-debuginfo-16.0.1-33.1.i586.rpm MozillaThunderbird-translations-common-16.0.1-33.1.i586.rpm MozillaThunderbird-translations-other-16.0.1-33.1.i586.rpm enigmail-1.4.5.+16.0.1-33.1.i586.rpm enigmail-debuginfo-1.4.5.+16.0.1-33.1.i586.rpm mozilla-kde4-integration-0.6.4-6.1.i586.rpm mozilla-kde4-integration-0.6.4-6.1.src.rpm mozilla-kde4-integration-debuginfo-0.6.4-6.1.i586.rpm mozilla-kde4-integration-debugsource-0.6.4-6.1.i586.rpm seamonkey-2.13.1-37.1.i586.rpm seamonkey-2.13.1-37.1.src.rpm seamonkey-debuginfo-2.13.1-37.1.i586.rpm seamonkey-debugsource-2.13.1-37.1.i586.rpm seamonkey-dom-inspector-2.13.1-37.1.i586.rpm seamonkey-irc-2.13.1-37.1.i586.rpm seamonkey-translations-common-2.13.1-37.1.i586.rpm seamonkey-translations-other-2.13.1-37.1.i586.rpm seamonkey-venkman-2.13.1-37.1.i586.rpm MozillaFirefox-16.0.1-41.1.x86_64.rpm MozillaFirefox-branding-upstream-16.0.1-41.1.x86_64.rpm MozillaFirefox-buildsymbols-16.0.1-41.1.x86_64.rpm MozillaFirefox-debuginfo-16.0.1-41.1.x86_64.rpm MozillaFirefox-debugsource-16.0.1-41.1.x86_64.rpm MozillaFirefox-devel-16.0.1-41.1.x86_64.rpm MozillaFirefox-translations-common-16.0.1-41.1.x86_64.rpm MozillaFirefox-translations-other-16.0.1-41.1.x86_64.rpm MozillaThunderbird-16.0.1-33.1.x86_64.rpm MozillaThunderbird-buildsymbols-16.0.1-33.1.x86_64.rpm MozillaThunderbird-debuginfo-16.0.1-33.1.x86_64.rpm MozillaThunderbird-debugsource-16.0.1-33.1.x86_64.rpm MozillaThunderbird-devel-16.0.1-33.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-16.0.1-33.1.x86_64.rpm MozillaThunderbird-translations-common-16.0.1-33.1.x86_64.rpm MozillaThunderbird-translations-other-16.0.1-33.1.x86_64.rpm enigmail-1.4.5.+16.0.1-33.1.x86_64.rpm enigmail-debuginfo-1.4.5.+16.0.1-33.1.x86_64.rpm mozilla-kde4-integration-0.6.4-6.1.x86_64.rpm mozilla-kde4-integration-debuginfo-0.6.4-6.1.x86_64.rpm mozilla-kde4-integration-debugsource-0.6.4-6.1.x86_64.rpm seamonkey-2.13.1-37.1.x86_64.rpm seamonkey-debuginfo-2.13.1-37.1.x86_64.rpm seamonkey-debugsource-2.13.1-37.1.x86_64.rpm seamonkey-dom-inspector-2.13.1-37.1.x86_64.rpm seamonkey-irc-2.13.1-37.1.x86_64.rpm seamonkey-translations-common-2.13.1-37.1.x86_64.rpm seamonkey-translations-other-2.13.1-37.1.x86_64.rpm seamonkey-venkman-2.13.1-37.1.x86_64.rpm openSUSE-2012-718 low openSUSE 11.4 Update This patch validated the message length of EAP-TLS to avoid the potential DoS attack hostapd-0.6.10-9.1.i586.rpm hostapd-0.6.10-9.1.src.rpm hostapd-debuginfo-0.6.10-9.1.i586.rpm hostapd-debugsource-0.6.10-9.1.i586.rpm hostapd-0.6.10-9.1.x86_64.rpm hostapd-debuginfo-0.6.10-9.1.x86_64.rpm hostapd-debugsource-0.6.10-9.1.x86_64.rpm openSUSE-2012-716 important openSUSE 11.4 Update The bind nameserver was updated to fix specially crafted DNS data can cause a lockup in named. bind-9.7.6P4-0.41.1.i586.rpm bind-9.7.6P4-0.41.1.src.rpm bind-chrootenv-9.7.6P4-0.41.1.i586.rpm bind-debuginfo-9.7.6P4-0.41.1.i586.rpm bind-debugsource-9.7.6P4-0.41.1.i586.rpm bind-devel-9.7.6P4-0.41.1.i586.rpm bind-doc-9.7.6P4-0.41.1.noarch.rpm bind-libs-32bit-9.7.6P4-0.41.1.x86_64.rpm bind-libs-9.7.6P4-0.41.1.i586.rpm bind-libs-debuginfo-32bit-9.7.6P4-0.41.1.x86_64.rpm bind-libs-debuginfo-9.7.6P4-0.41.1.i586.rpm bind-libs-debuginfo-x86-9.7.6P4-0.41.1.ia64.rpm bind-libs-x86-9.7.6P4-0.41.1.ia64.rpm bind-lwresd-9.7.6P4-0.41.1.i586.rpm bind-lwresd-debuginfo-9.7.6P4-0.41.1.i586.rpm bind-utils-9.7.6P4-0.41.1.i586.rpm bind-utils-debuginfo-9.7.6P4-0.41.1.i586.rpm bind-9.7.6P4-0.41.1.x86_64.rpm bind-chrootenv-9.7.6P4-0.41.1.x86_64.rpm bind-debuginfo-9.7.6P4-0.41.1.x86_64.rpm bind-debugsource-9.7.6P4-0.41.1.x86_64.rpm bind-devel-9.7.6P4-0.41.1.x86_64.rpm bind-libs-9.7.6P4-0.41.1.x86_64.rpm bind-libs-debuginfo-9.7.6P4-0.41.1.x86_64.rpm bind-lwresd-9.7.6P4-0.41.1.x86_64.rpm bind-lwresd-debuginfo-9.7.6P4-0.41.1.x86_64.rpm bind-utils-9.7.6P4-0.41.1.x86_64.rpm bind-utils-debuginfo-9.7.6P4-0.41.1.x86_64.rpm openSUSE-2012-720 moderate openSUSE 11.4 Update This update of libproxy fixed a buffer overflow flaw. libproxy-plugins-0.4.7-6.28.1.src.rpm libproxy-plugins-debugsource-0.4.7-6.28.1.i586.rpm libproxy1-config-gnome-0.4.7-6.28.1.i586.rpm libproxy1-config-gnome-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-config-gnome-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-config-gnome-debuginfo-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-config-gnome-debuginfo-x86-0.4.7-6.28.1.ia64.rpm libproxy1-config-gnome-x86-0.4.7-6.28.1.ia64.rpm libproxy1-config-kde4-0.4.7-6.28.1.i586.rpm libproxy1-config-kde4-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-networkmanager-0.4.7-6.28.1.i586.rpm libproxy1-networkmanager-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-networkmanager-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-networkmanager-debuginfo-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-networkmanager-debuginfo-x86-0.4.7-6.28.1.ia64.rpm libproxy1-networkmanager-x86-0.4.7-6.28.1.ia64.rpm libproxy1-pacrunner-mozjs-0.4.7-6.28.1.i586.rpm libproxy1-pacrunner-mozjs-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-mozjs-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-pacrunner-mozjs-debuginfo-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-mozjs-debuginfo-x86-0.4.7-6.28.1.ia64.rpm libproxy1-pacrunner-mozjs-x86-0.4.7-6.28.1.ia64.rpm libproxy1-pacrunner-webkit-0.4.7-6.28.1.i586.rpm libproxy1-pacrunner-webkit-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-webkit-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-pacrunner-webkit-debuginfo-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-webkit-debuginfo-x86-0.4.7-6.28.1.ia64.rpm libproxy1-pacrunner-webkit-x86-0.4.7-6.28.1.ia64.rpm libproxy-0.4.7-6.28.1.src.rpm libproxy-debugsource-0.4.7-6.28.1.i586.rpm libproxy-devel-0.4.7-6.28.1.i586.rpm libproxy-sharp-0.4.7-6.28.1.i586.rpm libproxy-tools-0.4.7-6.28.1.i586.rpm libproxy-tools-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-0.4.7-6.28.1.i586.rpm libproxy1-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-debuginfo-0.4.7-6.28.1.i586.rpm libproxy1-debuginfo-32bit-0.4.7-6.28.1.x86_64.rpm libproxy1-debuginfo-x86-0.4.7-6.28.1.ia64.rpm libproxy1-x86-0.4.7-6.28.1.ia64.rpm perl-Net-Libproxy-0.4.7-6.28.1.i586.rpm perl-Net-Libproxy-debuginfo-0.4.7-6.28.1.i586.rpm python-libproxy-0.4.7-6.28.1.noarch.rpm libproxy-plugins-debugsource-0.4.7-6.28.1.x86_64.rpm libproxy1-config-gnome-0.4.7-6.28.1.x86_64.rpm libproxy1-config-gnome-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy1-config-kde4-0.4.7-6.28.1.x86_64.rpm libproxy1-config-kde4-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy1-networkmanager-0.4.7-6.28.1.x86_64.rpm libproxy1-networkmanager-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-mozjs-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-mozjs-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-webkit-0.4.7-6.28.1.x86_64.rpm libproxy1-pacrunner-webkit-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy-debugsource-0.4.7-6.28.1.x86_64.rpm libproxy-devel-0.4.7-6.28.1.x86_64.rpm libproxy-sharp-0.4.7-6.28.1.x86_64.rpm libproxy-tools-0.4.7-6.28.1.x86_64.rpm libproxy-tools-debuginfo-0.4.7-6.28.1.x86_64.rpm libproxy1-0.4.7-6.28.1.x86_64.rpm libproxy1-debuginfo-0.4.7-6.28.1.x86_64.rpm perl-Net-Libproxy-0.4.7-6.28.1.x86_64.rpm perl-Net-Libproxy-debuginfo-0.4.7-6.28.1.x86_64.rpm flash-player openSUSE 11.4 This patch adds an openSUSE maintained Adobe Flash Player to openSUSE 11.4. flash-player-10.2.152.26-3.2.1.i586.rpm pullin-flash-player openSUSE 11.4 Installing this update will pull in the openSUSE Maintained Adobe Flash Player plugin. pullin-flash-player-11.4.1-0.3.1.i586.rpm pullin-flash-player-11.4.1-0.3.1.x86_64.rpm apache2-mod_python openSUSE 11.4 python segfaults on openSUSE 11.4 when used with mod_python. Fixed by this update. apache2-mod_python-3.3.1-161.3.1.i586.rpm apache2-mod_python-3.3.1-161.3.1.x86_64.rpm apache2-mod_python-debuginfo-3.3.1-161.3.1.i586.rpm apache2-mod_python-debuginfo-3.3.1-161.3.1.x86_64.rpm apache2-mod_python-debugsource-3.3.1-161.3.1.i586.rpm apache2-mod_python-debugsource-3.3.1-161.3.1.x86_64.rpm openldap2 openSUSE 11.4 Master/slave configurations with enabled "ppolicy_forward_updates" option potentially allowed users to log in with an invalid password (CVE-2011-1024). unauthenticated users could crash the ldap server (CVE-2011-1081). openldap2-2.4.23-11.3.1.i586.rpm openldap2-2.4.23-11.3.1.x86_64.rpm openldap2-back-meta-2.4.23-11.3.1.i586.rpm openldap2-back-meta-2.4.23-11.3.1.x86_64.rpm openldap2-back-perl-2.4.23-11.3.1.i586.rpm openldap2-back-perl-2.4.23-11.3.1.x86_64.rpm openldap2-back-sql-2.4.23-11.3.1.i586.rpm openldap2-back-sql-2.4.23-11.3.1.x86_64.rpm openldap2-doc-2.4.23-11.3.1.noarch.rpm openldap2-back-meta-debuginfo-2.4.23-11.3.1.i586.rpm openldap2-back-meta-debuginfo-2.4.23-11.3.1.x86_64.rpm openldap2-back-perl-debuginfo-2.4.23-11.3.1.i586.rpm openldap2-back-perl-debuginfo-2.4.23-11.3.1.x86_64.rpm openldap2-back-sql-debuginfo-2.4.23-11.3.1.i586.rpm openldap2-back-sql-debuginfo-2.4.23-11.3.1.x86_64.rpm openldap2-debuginfo-2.4.23-11.3.1.i586.rpm openldap2-debuginfo-2.4.23-11.3.1.x86_64.rpm openldap2-debugsource-2.4.23-11.3.1.i586.rpm openldap2-debugsource-2.4.23-11.3.1.x86_64.rpm mozilla-js192 openSUSE 11.4 MozillaFirefox was updated to version 1.9.2.15, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0053) Igor Bukanov and Gary Kwong reported memory safety problems that affected Firefox 3.6 only. (CVE-2011-0062) MFSA 2011-02 / CVE-2011-0051: Security researcher Zach Hoffman reported that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. Any dialog box opened in this state is displayed without text and with non-functioning buttons. Closing the window causes the dialog to evaluate to true. An attacker could use this issue to force a user into accepting any dialog, such as one granting elevated privileges to the page presenting the dialog. MFSA 2011-03 / CVE-2011-0055: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a method used by JSON.stringify contained a use-after-free error in which a currently in-use pointer was freed and subsequently dereferenced. This could lead to arbitrary code execution if an attacker was able to store malicious code in the freed section of memory. Mozilla developer Igor Bukanov also independently discovered and reported this issue two weeks after the initial report was received. MFSA 2011-04 / CVE-2011-0054: Security researcher Christian Holler reported that the JavaScript engine's internal memory mapping of non-local JS variables contained a buffer overflow which could potentially be used by an attacker to run arbitrary code on a victim's computer. MFSA 2011-05 / CVE-2011-0056: Security researcher Christian Holler reported that the JavaScript engine's internal mapping of string values contained an error in cases where the number of values being stored was above 64K. In such cases an offset pointer was manually moved forwards and backwards to access the larger address space. If an exception was thrown between the time that the offset pointer was moved forward and the time it was reset, then the exception object would be read from an invalid memory address, potentially executing attacker-controlled memory. MFSA 2011-06 / CVE-2011-0057: Daniel Kozlowski reported that a JavaScript Worker could be used to keep a reference to an object that could be freed during garbage collection. Subsequent calls through this deleted reference could cause attacker-controlled memory to be executed on a victim's computer. MFSA 2011-07 / CVE-2011-0058: Alex Miller reported that when very long strings were constructed and inserted into an HTML document, the browser would incorrectly construct the layout objects used to display the text. Under such conditions an incorrect length would be calculated for a text run resulting in too small of a memory buffer being allocated to store the text. This issue could be used by an attacker to write data past the end of the buffer and execute malicious code on a victim's computer. This issue affects only Mozilla browsers on Windows. MFSA 2011-08 / CVE-2010-1585: Mozilla security developer Roberto Suggi Liverani reported that ParanoidFragmentSink, a class used to sanitize potentially unsafe HTML for display, allows javascript: URLs and other inline JavaScript when the embedding document is a chrome document. While there are no unsafe uses of this class in any released products, extension code could have potentially used it in an unsafe manner. MFSA 2011-09 / CVE-2011-0061: Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim's computer. MFSA 2011-10 / CVE-2011-0059: Adobe security researcher Peleus Uhley reported that when plugin-initiated requests receive a 307 redirect response, the plugin is not notified and the request is forwarded to the new location. This is true even for cross-site redirects, so any custom headers that were added as part of the initial request would be forwarded intact across origins. This poses a CSRF risk for web applications that rely on custom headers only being present in requests from their own origin. mozilla-js192-1.9.2.15-0.3.1.i586.rpm mozilla-js192-1.9.2.15-0.3.1.x86_64.rpm mozilla-js192-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.15-0.3.1.i586.rpm mozilla-js192-debuginfo-1.9.2.15-0.3.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.15-0.3.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.15-0.3.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.15-0.3.1.x86_64.rpm seamonkey openSUSE 11.4 Mozilla Seamonkey was updated to version 2.0.12, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0053) Igor Bukanov and Gary Kwong reported memory safety problems that affected Firefox 3.6 only. (CVE-2011-0062) MFSA 2011-02 / CVE-2011-0051: Security researcher Zach Hoffman reported that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. Any dialog box opened in this state is displayed without text and with non-functioning buttons. Closing the window causes the dialog to evaluate to true. An attacker could use this issue to force a user into accepting any dialog, such as one granting elevated privileges to the page presenting the dialog. MFSA 2011-03 / CVE-2011-0055: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a method used by JSON.stringify contained a use-after-free error in which a currently in-use pointer was freed and subsequently dereferenced. This could lead to arbitrary code execution if an attacker was able to store malicious code in the freed section of memory. Mozilla developer Igor Bukanov also independently discovered and reported this issue two weeks after the initial report was received. MFSA 2011-04 / CVE-2011-0054: Security researcher Christian Holler reported that the JavaScript engine's internal memory mapping of non-local JS variables contained a buffer overflow which could potentially be used by an attacker to run arbitrary code on a victim's computer. MFSA 2011-05 / CVE-2011-0056: Security researcher Christian Holler reported that the JavaScript engine's internal mapping of string values contained an error in cases where the number of values being stored was above 64K. In such cases an offset pointer was manually moved forwards and backwards to access the larger address space. If an exception was thrown between the time that the offset pointer was moved forward and the time it was reset, then the exception object would be read from an invalid memory address, potentially executing attacker-controlled memory. MFSA 2011-06 / CVE-2011-0057: Daniel Kozlowski reported that a JavaScript Worker could be used to keep a reference to an object that could be freed during garbage collection. Subsequent calls through this deleted reference could cause attacker-controlled memory to be executed on a victim's computer. MFSA 2011-07 / CVE-2011-0058: Alex Miller reported that when very long strings were constructed and inserted into an HTML document, the browser would incorrectly construct the layout objects used to display the text. Under such conditions an incorrect length would be calculated for a text run resulting in too small of a memory buffer being allocated to store the text. This issue could be used by an attacker to write data past the end of the buffer and execute malicious code on a victim's computer. This issue affects only Mozilla browsers on Windows. MFSA 2011-08 / CVE-2010-1585: Mozilla security developer Roberto Suggi Liverani reported that ParanoidFragmentSink, a class used to sanitize potentially unsafe HTML for display, allows javascript: URLs and other inline JavaScript when the embedding document is a chrome document. While there are no unsafe uses of this class in any released products, extension code could have potentially used it in an unsafe manner. MFSA 2011-09 / CVE-2011-0061: Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim's computer. MFSA 2011-10 / CVE-2011-0059: Adobe security researcher Peleus Uhley reported that when plugin-initiated requests receive a 307 redirect response, the plugin is not notified and the request is forwarded to the new location. This is true even for cross-site redirects, so any custom headers that were added as part of the initial request would be forwarded intact across origins. This poses a CSRF risk for web applications that rely on custom headers only being present in requests from their own origin. seamonkey-2.0.12-0.3.1.i586.rpm seamonkey-2.0.12-0.3.1.x86_64.rpm seamonkey-dom-inspector-2.0.12-0.3.1.i586.rpm seamonkey-dom-inspector-2.0.12-0.3.1.x86_64.rpm seamonkey-irc-2.0.12-0.3.1.i586.rpm seamonkey-irc-2.0.12-0.3.1.x86_64.rpm seamonkey-translations-common-2.0.12-0.3.1.i586.rpm seamonkey-translations-common-2.0.12-0.3.1.x86_64.rpm seamonkey-translations-other-2.0.12-0.3.1.i586.rpm seamonkey-translations-other-2.0.12-0.3.1.x86_64.rpm seamonkey-venkman-2.0.12-0.3.1.i586.rpm seamonkey-venkman-2.0.12-0.3.1.x86_64.rpm seamonkey-debuginfo-2.0.12-0.3.1.i586.rpm seamonkey-debuginfo-2.0.12-0.3.1.x86_64.rpm seamonkey-debugsource-2.0.12-0.3.1.i586.rpm seamonkey-debugsource-2.0.12-0.3.1.x86_64.rpm vsftpd openSUSE 11.4 Certain file patterns could cause vsftpd to consume excessive CPU resulting in denial of service (CVE-2011-0762). vsftpd-2.3.2-3.3.1.i586.rpm vsftpd-2.3.2-3.3.1.x86_64.rpm vsftpd-debuginfo-2.3.2-3.3.1.i586.rpm vsftpd-debuginfo-2.3.2-3.3.1.x86_64.rpm vsftpd-debugsource-2.3.2-3.3.1.i586.rpm vsftpd-debugsource-2.3.2-3.3.1.x86_64.rpm ndesk-dbus-glib openSUSE 11.4 ndesk-dbus-glib has an incorrect obsoletes to dbus-sharp-glib. This is removed by this update. ndesk-dbus-glib-0.4.1-44.3.1.noarch.rpm ndesk-dbus-glib-devel-0.4.1-44.3.1.noarch.rpm fetchmsttfonts openSUSE 11.4 This update contains a downloader and installer of the Core TrueType fonts to your system. For legal reasons we can't include the Microsoft(R) TrueType Core Fonts in our product. This patch downloads these fonts and installs them on your system. Please note that about 4 MByte data are downloaded additionality to this patch. The License for the fonts will be installed as /usr/share/doc/corefonts/EULA.html To install the fonts, install the fetchmsttfonts package explicitly. fetchmsttfonts-11.4-1.2.1.noarch.rpm gjs openSUSE 11.4 This updated of gjs fixes: - #676079: gnome-shell segfaults when starting gjs-0.7.11-1.3.1.i586.rpm gjs-0.7.11-1.3.1.x86_64.rpm libgjs-devel-0.7.11-1.3.1.i586.rpm libgjs-devel-0.7.11-1.3.1.x86_64.rpm libgjs0-0.7.11-1.3.1.i586.rpm libgjs0-0.7.11-1.3.1.x86_64.rpm gjs-debuginfo-0.7.11-1.3.1.i586.rpm gjs-debuginfo-0.7.11-1.3.1.x86_64.rpm gjs-debugsource-0.7.11-1.3.1.i586.rpm gjs-debugsource-0.7.11-1.3.1.x86_64.rpm libgjs0-debuginfo-0.7.11-1.3.1.i586.rpm libgjs0-debuginfo-0.7.11-1.3.1.x86_64.rpm libpcsclite1 openSUSE 11.4 The smartcard tools daemon pcscd was incorrectly requested to run in runlevel 4, which caused init script dependency failures. This patch fixes this. - #678230: service syslog is missed in the runlevels 4 to use service pcscd libpcsclite1-1.6.6-4.3.1.i586.rpm libpcsclite1-1.6.6-4.3.1.x86_64.rpm libpcsclite1-32bit-1.6.6-4.3.1.x86_64.rpm pcsc-lite-1.6.6-4.3.1.i586.rpm pcsc-lite-1.6.6-4.3.1.x86_64.rpm pcsc-lite-devel-1.6.6-4.3.1.i586.rpm pcsc-lite-devel-1.6.6-4.3.1.x86_64.rpm libpcsclite1-debuginfo-1.6.6-4.3.1.i586.rpm libpcsclite1-debuginfo-1.6.6-4.3.1.x86_64.rpm libpcsclite1-debuginfo-32bit-1.6.6-4.3.1.x86_64.rpm pcsc-lite-debuginfo-1.6.6-4.3.1.i586.rpm pcsc-lite-debuginfo-1.6.6-4.3.1.x86_64.rpm pcsc-lite-debugsource-1.6.6-4.3.1.i586.rpm pcsc-lite-debugsource-1.6.6-4.3.1.x86_64.rpm timezone-2011c openSUSE 11.4 The Olson timezone database has been updated to version 2011c: This package update contains the following DST-related changes: dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Pacific/Fiji will end DST 3 weeks earlier than expected - on March 6, 2011, not March 27, 2011. dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Pacific/Apia will switch from WSDT to WST on Apr 3; however, the precise time of the switch has been incorrect in previous version. dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Chile (America/Santiago, Pacific/Easter) will postpone the end of DST by a month again, this time to help dealing with the water shortage; the DST will end on April 3, 2011, not March 13, 2011. These new zones have been introduced: dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Mercer County, North Dakota (America/North_Dakota/Beulah) switched from the mountain time zone to the central time zone at the last transition from daylight-saving to standard time (on Nov. 7, 2010). dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Detailed information on time changes in some Indian reservations in Alaska has been discovered, leading to split of new timezones America/Sitka and America/Metlakatla off America/Juneau. Historical time information has been adjusted for these zones: dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 America/Juneau has been adjusted in accordance with the discovered information on Alaska time history. dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Asia/Hong_Kong declared that daylight saving was used in year 1977, while in fact it was not. dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 South Australia (Australia/Adelaide, Australia/Broken_Hill) definitions have been cleaned up; the zone binary data changed but not the interpretation. dbg114-timezone-2011c-4140 new_updateinfo timezone-2011c-4140 Pacific/Honolulu has been corrected to correctly define abandonment of local mean time as of 1896 and DST usage between 1942 and 1945. timezone-2011c-0.3.1.i586.rpm timezone-2011c-0.3.1.x86_64.rpm timezone-java-2011c-0.3.1.noarch.rpm timezone-debuginfo-2011c-0.3.1.i586.rpm timezone-debuginfo-2011c-0.3.1.x86_64.rpm timezone-debugsource-2011c-0.3.1.i586.rpm timezone-debugsource-2011c-0.3.1.x86_64.rpm tk openSUSE 11.4 This update fixes that Tk is built without nice fontrendering support. tk-8.5.9-3.3.1.i586.rpm tk-8.5.9-3.3.1.x86_64.rpm tk-32bit-8.5.9-3.3.1.x86_64.rpm tk-devel-8.5.9-3.3.1.i586.rpm tk-devel-8.5.9-3.3.1.x86_64.rpm tk-debuginfo-8.5.9-3.3.1.i586.rpm tk-debuginfo-8.5.9-3.3.1.x86_64.rpm tk-debuginfo-32bit-8.5.9-3.3.1.x86_64.rpm tk-debugsource-8.5.9-3.3.1.i586.rpm tk-debugsource-8.5.9-3.3.1.x86_64.rpm libtiff-devel openSUSE 11.4 specially crafted tiff images could cause buffer overflows in libtiff (CVE-2011-0191, CVE-2011-0192). libtiff-devel-3.9.4-3.3.1.i586.rpm libtiff-devel-3.9.4-3.3.1.x86_64.rpm libtiff-devel-32bit-3.9.4-3.3.1.x86_64.rpm libtiff3-3.9.4-3.3.1.i586.rpm libtiff3-3.9.4-3.3.1.x86_64.rpm libtiff3-32bit-3.9.4-3.3.1.x86_64.rpm tiff-3.9.4-3.3.1.i586.rpm tiff-3.9.4-3.3.1.x86_64.rpm libtiff3-debuginfo-3.9.4-3.3.1.i586.rpm libtiff3-debuginfo-3.9.4-3.3.1.x86_64.rpm libtiff3-debuginfo-32bit-3.9.4-3.3.1.x86_64.rpm tiff-debuginfo-3.9.4-3.3.1.i586.rpm tiff-debuginfo-3.9.4-3.3.1.x86_64.rpm tiff-debugsource-3.9.4-3.3.1.i586.rpm tiff-debugsource-3.9.4-3.3.1.x86_64.rpm java-1_6_0-sun openSUSE 11.4 Sun Java 1.6 was updated to Update 24 fixing various bugs and security issues. The update is rated critical by Sun. Following CVEs were addressed: CVE-2010-4452 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4467 CVE-2010-4469 CVE-2010-4473 CVE-2010-4422 CVE-2010-4451 CVE-2010-4466 CVE-2010-4470 CVE-2010-4471 CVE-2010-4476 CVE-2010-4447 CVE-2010-4475 CVE-2010-4468 CVE-2010-4450 CVE-2010-4448 CVE-2010-4472 CVE-2010-4474 java-1_6_0-sun-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-alsa-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-alsa-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-demo-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-demo-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-devel-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-devel-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-jdbc-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-jdbc-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-plugin-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-plugin-1.6.0.u24-1.2.1.x86_64.rpm java-1_6_0-sun-src-1.6.0.u24-1.2.1.i586.rpm java-1_6_0-sun-src-1.6.0.u24-1.2.1.x86_64.rpm libcgroup-devel openSUSE 11.4 Two security bugfixes in libcgroup1 were done: libcgroup suffered from a heap based buffer overflow (CVE-2011-1006). The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events (CVE-2011-1022). libcgroup-devel-0.36.2-6.3.1.i586.rpm libcgroup-devel-0.36.2-6.3.1.x86_64.rpm libcgroup1-0.36.2-6.3.1.i586.rpm libcgroup1-0.36.2-6.3.1.x86_64.rpm libcgroup1-32bit-0.36.2-6.3.1.x86_64.rpm libcgroup1-debuginfo-0.36.2-6.3.1.i586.rpm libcgroup1-debuginfo-0.36.2-6.3.1.x86_64.rpm libcgroup1-debuginfo-32bit-0.36.2-6.3.1.x86_64.rpm libcgroup1-debugsource-0.36.2-6.3.1.i586.rpm libcgroup1-debugsource-0.36.2-6.3.1.x86_64.rpm MozillaThunderbird openSUSE 11.4 MozillaThunderbird was updated to version 3.1.8, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0053) Igor Bukanov and Gary Kwong reported memory safety problems that affected Firefox 3.6 only. (CVE-2011-0062) MFSA 2011-08 / CVE-2010-1585: Mozilla security developer Roberto Suggi Liverani reported that ParanoidFragmentSink, a class used to sanitize potentially unsafe HTML for display, allows javascript: URLs and other inline JavaScript when the embedding document is a chrome document. While there are no unsafe uses of this class in any released products, extension code could have potentially used it in an unsafe manner. MFSA 2011-09 / CVE-2011-0061: Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim's computer. MozillaThunderbird-3.1.8-0.3.1.i586.rpm MozillaThunderbird-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.8-0.3.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-devel-3.1.8-0.3.1.i586.rpm MozillaThunderbird-devel-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.8-0.3.1.i586.rpm MozillaThunderbird-translations-common-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.8-0.3.1.i586.rpm MozillaThunderbird-translations-other-3.1.8-0.3.1.x86_64.rpm enigmail-1.1.2-9.3.1.i586.rpm enigmail-1.1.2-9.3.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.8-0.3.1.i586.rpm MozillaThunderbird-debuginfo-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.8-0.3.1.i586.rpm MozillaThunderbird-debugsource-3.1.8-0.3.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.8-0.3.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.8-0.3.1.x86_64.rpm enigmail-debuginfo-1.1.2-9.3.1.i586.rpm enigmail-debuginfo-1.1.2-9.3.1.x86_64.rpm at openSUSE 11.4 This patch fixes that the AT Daemon failed to start jobs. - #672586: Atd fails to start jobs at-3.1.8-1094.3.1.i586.rpm at-3.1.8-1094.3.1.x86_64.rpm at-debuginfo-3.1.8-1094.3.1.i586.rpm at-debuginfo-3.1.8-1094.3.1.x86_64.rpm at-debugsource-3.1.8-1094.3.1.i586.rpm at-debugsource-3.1.8-1094.3.1.x86_64.rpm immgtk2fixes openSUSE 11.4 This patch fixes the rpm post scriptlets in packages providing gtk2 IM modules to create the gtk2 immodule cache properly after installation / uninstallation. ibus-1.3.8-4.3.1.i586.rpm ibus-1.3.8-4.3.1.x86_64.rpm ibus-devel-1.3.8-4.3.1.i586.rpm ibus-devel-1.3.8-4.3.1.x86_64.rpm ibus-gtk-1.3.8-4.3.1.i586.rpm ibus-gtk-1.3.8-4.3.1.x86_64.rpm imhangul-0.9.14-12.3.1.i586.rpm imhangul-0.9.14-12.3.1.x86_64.rpm imhangul-32bit-0.9.14-12.3.1.x86_64.rpm libibus2-1.3.8-4.3.1.i586.rpm libibus2-1.3.8-4.3.1.x86_64.rpm scim-1.4.7-180.3.1.i586.rpm scim-1.4.7-180.3.1.x86_64.rpm scim-32bit-1.4.7-180.3.1.x86_64.rpm scim-bridge-0.4.15-125.3.1.i586.rpm scim-bridge-0.4.15-125.3.1.x86_64.rpm scim-bridge-gtk-0.4.15-125.3.1.i586.rpm scim-bridge-gtk-0.4.15-125.3.1.x86_64.rpm scim-bridge-gtk-32bit-0.4.15-125.3.1.x86_64.rpm scim-bridge-qt-0.4.15-125.3.1.i586.rpm scim-bridge-qt-0.4.15-125.3.1.x86_64.rpm scim-bridge-qt-32bit-0.4.15-125.3.1.x86_64.rpm scim-devel-1.4.7-180.3.1.i586.rpm scim-devel-1.4.7-180.3.1.x86_64.rpm tamil-gtk2im-2.2-286.3.1.i586.rpm tamil-gtk2im-2.2-286.3.1.x86_64.rpm tamil-gtk2im-32bit-2.2-286.3.1.x86_64.rpm uim-1.5.6-13.3.2.i586.rpm uim-1.5.6-13.3.2.x86_64.rpm uim-32bit-1.5.6-13.3.2.x86_64.rpm uim-devel-1.5.6-13.3.2.i586.rpm uim-devel-1.5.6-13.3.2.x86_64.rpm uim-gtk2-1.5.6-13.3.2.i586.rpm uim-gtk2-1.5.6-13.3.2.x86_64.rpm uim-gtk2-32bit-1.5.6-13.3.2.x86_64.rpm uim-qt-1.5.6-13.3.2.i586.rpm uim-qt-1.5.6-13.3.2.x86_64.rpm uim-qt-32bit-1.5.6-13.3.2.x86_64.rpm uim-qt4-1.5.6-13.3.2.i586.rpm uim-qt4-1.5.6-13.3.2.x86_64.rpm ibus-debuginfo-1.3.8-4.3.1.i586.rpm ibus-debuginfo-1.3.8-4.3.1.x86_64.rpm ibus-debugsource-1.3.8-4.3.1.i586.rpm ibus-debugsource-1.3.8-4.3.1.x86_64.rpm ibus-gtk-debuginfo-1.3.8-4.3.1.i586.rpm ibus-gtk-debuginfo-1.3.8-4.3.1.x86_64.rpm imhangul-debuginfo-0.9.14-12.3.1.i586.rpm imhangul-debuginfo-0.9.14-12.3.1.x86_64.rpm imhangul-debuginfo-32bit-0.9.14-12.3.1.x86_64.rpm imhangul-debugsource-0.9.14-12.3.1.i586.rpm imhangul-debugsource-0.9.14-12.3.1.x86_64.rpm libibus2-debuginfo-1.3.8-4.3.1.i586.rpm libibus2-debuginfo-1.3.8-4.3.1.x86_64.rpm scim-bridge-debuginfo-0.4.15-125.3.1.i586.rpm scim-bridge-debuginfo-0.4.15-125.3.1.x86_64.rpm scim-bridge-debugsource-0.4.15-125.3.1.i586.rpm scim-bridge-debugsource-0.4.15-125.3.1.x86_64.rpm scim-bridge-gtk-debuginfo-0.4.15-125.3.1.i586.rpm scim-bridge-gtk-debuginfo-0.4.15-125.3.1.x86_64.rpm scim-bridge-gtk-debuginfo-32bit-0.4.15-125.3.1.x86_64.rpm scim-bridge-qt-debuginfo-0.4.15-125.3.1.i586.rpm scim-bridge-qt-debuginfo-0.4.15-125.3.1.x86_64.rpm scim-bridge-qt-debuginfo-32bit-0.4.15-125.3.1.x86_64.rpm scim-debuginfo-1.4.7-180.3.1.i586.rpm scim-debuginfo-1.4.7-180.3.1.x86_64.rpm scim-debuginfo-32bit-1.4.7-180.3.1.x86_64.rpm scim-debugsource-1.4.7-180.3.1.i586.rpm scim-debugsource-1.4.7-180.3.1.x86_64.rpm tamil-gtk2im-debuginfo-2.2-286.3.1.i586.rpm tamil-gtk2im-debuginfo-2.2-286.3.1.x86_64.rpm tamil-gtk2im-debuginfo-32bit-2.2-286.3.1.x86_64.rpm tamil-gtk2im-debugsource-2.2-286.3.1.i586.rpm tamil-gtk2im-debugsource-2.2-286.3.1.x86_64.rpm uim-debuginfo-1.5.6-13.3.2.i586.rpm uim-debuginfo-1.5.6-13.3.2.x86_64.rpm uim-debuginfo-32bit-1.5.6-13.3.2.x86_64.rpm uim-debugsource-1.5.6-13.3.2.i586.rpm uim-debugsource-1.5.6-13.3.2.x86_64.rpm uim-gtk2-debuginfo-1.5.6-13.3.2.i586.rpm uim-gtk2-debuginfo-1.5.6-13.3.2.x86_64.rpm uim-gtk2-debuginfo-32bit-1.5.6-13.3.2.x86_64.rpm uim-qt-debuginfo-1.5.6-13.3.2.i586.rpm uim-qt-debuginfo-1.5.6-13.3.2.x86_64.rpm uim-qt-debuginfo-32bit-1.5.6-13.3.2.x86_64.rpm sysvinit openSUSE 11.4 The sysvinit helper binaries were updated to fix two bugs: - #664941: pam_ssh does not add the key to ssh-agent - #672450: sysvinit+systemd: too many repeated messages on ttyS0 console sysvinit-2.88-37.43.1.i586.rpm sysvinit-2.88-37.43.1.x86_64.rpm sysvinit-tools-2.88-37.43.1.i586.rpm sysvinit-tools-2.88-37.43.1.x86_64.rpm sysvinit-debuginfo-2.88-37.43.1.i586.rpm sysvinit-debuginfo-2.88-37.43.1.x86_64.rpm sysvinit-debugsource-2.88-37.43.1.i586.rpm sysvinit-debugsource-2.88-37.43.1.x86_64.rpm sysvinit-tools-debuginfo-2.88-37.43.1.i586.rpm sysvinit-tools-debuginfo-2.88-37.43.1.x86_64.rpm dosfstools openSUSE 11.4 This update fixes the following bug: A buffer overflow can happen when creating an entry of vfat filesystem trough alloc_rootdir_entry(). This function is used when fsck.vfat -f is called. dosfstools-3.0.10-12.3.1.i586.rpm dosfstools-3.0.10-12.3.1.x86_64.rpm dosfstools-debuginfo-3.0.10-12.3.1.i586.rpm dosfstools-debuginfo-3.0.10-12.3.1.x86_64.rpm dosfstools-debugsource-3.0.10-12.3.1.i586.rpm dosfstools-debugsource-3.0.10-12.3.1.x86_64.rpm evolution-data-server openSUSE 11.4 This update provides a solution for non-RFC conform working NNTP servers. After the update, evolution will check the servers capabilities before using OVER command so the connection is no longer reset by the remote server. evolution-data-server-2.32.1-4.3.1.i586.rpm evolution-data-server-2.32.1-4.3.1.x86_64.rpm evolution-data-server-devel-2.32.1-4.3.1.i586.rpm evolution-data-server-devel-2.32.1-4.3.1.x86_64.rpm evolution-data-server-doc-2.32.1-4.3.1.i586.rpm evolution-data-server-doc-2.32.1-4.3.1.x86_64.rpm evolution-data-server-lang-2.32.1-4.3.1.noarch.rpm libcamel-1_2-19-2.32.1-4.3.1.i586.rpm libcamel-1_2-19-2.32.1-4.3.1.x86_64.rpm libcamel-1_2-19-32bit-2.32.1-4.3.1.x86_64.rpm libebackend-1_2-0-2.32.1-4.3.1.i586.rpm libebackend-1_2-0-2.32.1-4.3.1.x86_64.rpm libebackend-1_2-0-32bit-2.32.1-4.3.1.x86_64.rpm libebook-1_2-10-2.32.1-4.3.1.i586.rpm libebook-1_2-10-2.32.1-4.3.1.x86_64.rpm libebook-1_2-10-32bit-2.32.1-4.3.1.x86_64.rpm libecal-1_2-8-2.32.1-4.3.1.i586.rpm libecal-1_2-8-2.32.1-4.3.1.x86_64.rpm libecal-1_2-8-32bit-2.32.1-4.3.1.x86_64.rpm libedata-book-1_2-8-2.32.1-4.3.1.i586.rpm libedata-book-1_2-8-2.32.1-4.3.1.x86_64.rpm libedata-book-1_2-8-32bit-2.32.1-4.3.1.x86_64.rpm libedata-cal-1_2-10-2.32.1-4.3.1.i586.rpm libedata-cal-1_2-10-2.32.1-4.3.1.x86_64.rpm libedata-cal-1_2-10-32bit-2.32.1-4.3.1.x86_64.rpm libedataserver-1_2-14-2.32.1-4.3.1.i586.rpm libedataserver-1_2-14-2.32.1-4.3.1.x86_64.rpm libedataserver-1_2-14-32bit-2.32.1-4.3.1.x86_64.rpm libedataserverui-1_2-11-2.32.1-4.3.1.i586.rpm libedataserverui-1_2-11-2.32.1-4.3.1.x86_64.rpm libedataserverui-1_2-11-32bit-2.32.1-4.3.1.x86_64.rpm libegroupwise-1_2-13-2.32.1-4.3.1.i586.rpm libegroupwise-1_2-13-2.32.1-4.3.1.x86_64.rpm libegroupwise-1_2-13-32bit-2.32.1-4.3.1.x86_64.rpm evolution-data-server-debuginfo-2.32.1-4.3.1.i586.rpm evolution-data-server-debuginfo-2.32.1-4.3.1.x86_64.rpm evolution-data-server-debugsource-2.32.1-4.3.1.i586.rpm evolution-data-server-debugsource-2.32.1-4.3.1.x86_64.rpm libcamel-1_2-19-debuginfo-2.32.1-4.3.1.i586.rpm libcamel-1_2-19-debuginfo-2.32.1-4.3.1.x86_64.rpm libcamel-1_2-19-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libebackend-1_2-0-debuginfo-2.32.1-4.3.1.i586.rpm libebackend-1_2-0-debuginfo-2.32.1-4.3.1.x86_64.rpm libebackend-1_2-0-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libebook-1_2-10-debuginfo-2.32.1-4.3.1.i586.rpm libebook-1_2-10-debuginfo-2.32.1-4.3.1.x86_64.rpm libebook-1_2-10-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libecal-1_2-8-debuginfo-2.32.1-4.3.1.i586.rpm libecal-1_2-8-debuginfo-2.32.1-4.3.1.x86_64.rpm libecal-1_2-8-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libedata-book-1_2-8-debuginfo-2.32.1-4.3.1.i586.rpm libedata-book-1_2-8-debuginfo-2.32.1-4.3.1.x86_64.rpm libedata-book-1_2-8-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libedata-cal-1_2-10-debuginfo-2.32.1-4.3.1.i586.rpm libedata-cal-1_2-10-debuginfo-2.32.1-4.3.1.x86_64.rpm libedata-cal-1_2-10-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libedataserver-1_2-14-debuginfo-2.32.1-4.3.1.i586.rpm libedataserver-1_2-14-debuginfo-2.32.1-4.3.1.x86_64.rpm libedataserver-1_2-14-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libedataserverui-1_2-11-debuginfo-2.32.1-4.3.1.i586.rpm libedataserverui-1_2-11-debuginfo-2.32.1-4.3.1.x86_64.rpm libedataserverui-1_2-11-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm libegroupwise-1_2-13-debuginfo-2.32.1-4.3.1.i586.rpm libegroupwise-1_2-13-debuginfo-2.32.1-4.3.1.x86_64.rpm libegroupwise-1_2-13-debuginfo-32bit-2.32.1-4.3.1.x86_64.rpm gnome-nettool openSUSE 11.4 This update fixes the broken ping test functionality. gnome-nettool-2.32.0-9.3.1.i586.rpm gnome-nettool-2.32.0-9.3.1.x86_64.rpm gnome-nettool-lang-2.32.0-9.3.1.noarch.rpm gnome-nettool-debuginfo-2.32.0-9.3.1.i586.rpm gnome-nettool-debuginfo-2.32.0-9.3.1.x86_64.rpm gnome-nettool-debugsource-2.32.0-9.3.1.i586.rpm gnome-nettool-debugsource-2.32.0-9.3.1.x86_64.rpm kdebase4-openSUSE openSUSE 11.4 The kio sysinfo:/ background was missing the new artwork, this is fixed by this update. kdebase4-openSUSE-11.4-33.40.1.i586.rpm kdebase4-openSUSE-11.4-33.40.1.x86_64.rpm kdebase4-openSUSE-lang-11.4-33.40.1.noarch.rpm kdebase4-runtime-branding-openSUSE-11.4-33.40.1.i586.rpm kdebase4-runtime-branding-openSUSE-11.4-33.40.1.x86_64.rpm kdebase4-workspace-branding-openSUSE-11.4-33.40.1.i586.rpm kdebase4-workspace-branding-openSUSE-11.4-33.40.1.x86_64.rpm kdelibs4-branding-openSUSE-11.4-33.40.1.i586.rpm kdelibs4-branding-openSUSE-11.4-33.40.1.x86_64.rpm kdm-branding-openSUSE-11.4-33.40.1.i586.rpm kdm-branding-openSUSE-11.4-33.40.1.x86_64.rpm kio_sysinfo-11.4-33.40.1.i586.rpm kio_sysinfo-11.4-33.40.1.x86_64.rpm kio_sysinfo-branding-openSUSE-11.4-33.40.1.i586.rpm kio_sysinfo-branding-openSUSE-11.4-33.40.1.x86_64.rpm kdebase4-openSUSE-debuginfo-11.4-33.40.1.i586.rpm kdebase4-openSUSE-debuginfo-11.4-33.40.1.x86_64.rpm kdebase4-openSUSE-debugsource-11.4-33.40.1.i586.rpm kdebase4-openSUSE-debugsource-11.4-33.40.1.x86_64.rpm kdebase4-workspace-branding-openSUSE-debuginfo-11.4-33.40.1.i586.rpm kdebase4-workspace-branding-openSUSE-debuginfo-11.4-33.40.1.x86_64.rpm kio_sysinfo-debuginfo-11.4-33.40.1.i586.rpm kio_sysinfo-debuginfo-11.4-33.40.1.x86_64.rpm krb5 openSUSE 11.4 A double-free issue in kdc when PKINIT is enabled allowed remote attackers to crash the daemon or potentially execute arbitrary code (CVE-2011-0284). krb5-1.8.3-16.3.1.i586.rpm krb5-1.8.3-16.3.1.x86_64.rpm krb5-32bit-1.8.3-16.3.1.x86_64.rpm krb5-client-1.8.3-16.3.1.i586.rpm krb5-client-1.8.3-16.3.1.x86_64.rpm krb5-devel-1.8.3-16.3.1.i586.rpm krb5-devel-1.8.3-16.3.1.x86_64.rpm krb5-devel-32bit-1.8.3-16.3.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-16.3.1.i586.rpm krb5-plugin-kdb-ldap-1.8.3-16.3.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-16.3.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-16.3.1.x86_64.rpm krb5-server-1.8.3-16.3.1.i586.rpm krb5-server-1.8.3-16.3.1.x86_64.rpm krb5-client-debuginfo-1.8.3-16.3.1.i586.rpm krb5-client-debuginfo-1.8.3-16.3.1.x86_64.rpm krb5-debuginfo-1.8.3-16.3.1.i586.rpm krb5-debuginfo-1.8.3-16.3.1.x86_64.rpm krb5-debuginfo-32bit-1.8.3-16.3.1.x86_64.rpm krb5-debugsource-1.8.3-16.3.1.i586.rpm krb5-debugsource-1.8.3-16.3.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.3.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.3.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.3.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.3.1.x86_64.rpm krb5-server-debuginfo-1.8.3-16.3.1.i586.rpm krb5-server-debuginfo-1.8.3-16.3.1.x86_64.rpm libvirt openSUSE 11.4 several API calls did not honor the read-only flag connections. Attackers could exploit that to modify the state of the system or potentially execute code (CVE-2011-1146). libvirt-0.8.8-0.6.1.i586.rpm libvirt-0.8.8-0.6.1.x86_64.rpm libvirt-client-0.8.8-0.6.1.i586.rpm libvirt-client-0.8.8-0.6.1.x86_64.rpm libvirt-devel-0.8.8-0.6.1.i586.rpm libvirt-devel-0.8.8-0.6.1.x86_64.rpm libvirt-doc-0.8.8-0.6.1.i586.rpm libvirt-doc-0.8.8-0.6.1.x86_64.rpm libvirt-python-0.8.8-0.6.1.i586.rpm libvirt-python-0.8.8-0.6.1.x86_64.rpm libvirt-client-debuginfo-0.8.8-0.6.1.i586.rpm libvirt-client-debuginfo-0.8.8-0.6.1.x86_64.rpm libvirt-debuginfo-0.8.8-0.6.1.i586.rpm libvirt-debuginfo-0.8.8-0.6.1.x86_64.rpm libvirt-debugsource-0.8.8-0.6.1.i586.rpm libvirt-debugsource-0.8.8-0.6.1.x86_64.rpm libvirt-python-debuginfo-0.8.8-0.6.1.i586.rpm libvirt-python-debuginfo-0.8.8-0.6.1.x86_64.rpm mingetty openSUSE 11.4 mingetty prints "Hint:". This is logically faulty. Fixed by this update. mingetty-1.0.8s-6.3.1.i586.rpm mingetty-1.0.8s-6.3.1.x86_64.rpm mingetty-debuginfo-1.0.8s-6.3.1.i586.rpm mingetty-debuginfo-1.0.8s-6.3.1.x86_64.rpm mingetty-debugsource-1.0.8s-6.3.1.i586.rpm mingetty-debugsource-1.0.8s-6.3.1.x86_64.rpm permissions openSUSE 11.4 This update sets a setuid bit on VBoxNetDHCP in level 'easy'. permissions-2011.03.07.1608-1.3.1.i586.rpm permissions-2011.03.07.1608-1.3.1.x86_64.rpm permissions-debuginfo-2011.03.07.1608-1.3.1.i586.rpm permissions-debuginfo-2011.03.07.1608-1.3.1.x86_64.rpm permissions-debugsource-2011.03.07.1608-1.3.1.i586.rpm permissions-debugsource-2011.03.07.1608-1.3.1.x86_64.rpm smolt openSUSE 11.4 The installed smolt implicitly required "hal", which is obsolete in 11.4. This update brings smolt to 1.4.3, which replaced the hal part by udev. smolt-1.4.3-1.6.1.noarch.rpm smolt-gui-1.4.3-1.6.1.noarch.rpm valgrind openSUSE 11.4 This updates valgrind to 3.6.1, which adds support for some SSE4 instructions that were omitted in 3.6.0 due to lack of time. Initial support for glibc-2.13 has been added. A number of bugs causing crashing or assertion failures have been fixed. valgrind-3.6.1-1.3.1.i586.rpm valgrind-3.6.1-1.3.1.x86_64.rpm valgrind-devel-3.6.1-1.3.1.i586.rpm valgrind-devel-3.6.1-1.3.1.x86_64.rpm valgrind-debuginfo-3.6.1-1.3.1.i586.rpm valgrind-debuginfo-3.6.1-1.3.1.x86_64.rpm valgrind-debugsource-3.6.1-1.3.1.i586.rpm valgrind-debugsource-3.6.1-1.3.1.x86_64.rpm aaa_base openSUSE 11.4 shell meta characters in file names could cause interactive shells to execute arbitrary commands when performing tab expansion (CVE-2011-0468). aaa_base-11.4-54.62.1.i586.rpm aaa_base-11.4-54.62.1.x86_64.rpm aaa_base-extras-11.4-54.62.1.i586.rpm aaa_base-extras-11.4-54.62.1.x86_64.rpm aaa_base-debuginfo-11.4-54.62.1.i586.rpm aaa_base-debuginfo-11.4-54.62.1.x86_64.rpm aaa_base-debugsource-11.4-54.62.1.i586.rpm aaa_base-debugsource-11.4-54.62.1.x86_64.rpm bootsplash openSUSE 11.4 This update fixes the following bug: - #669474: bootsplash background looks a broken display bootsplash-3.3-167.168.1.i586.rpm bootsplash-3.3-167.168.1.x86_64.rpm bootsplash-branding-openSUSE-3.1-64.66.1.noarch.rpm bootsplash-branding-upstream-3.1-64.66.1.noarch.rpm bootsplash-debuginfo-3.3-167.168.1.i586.rpm bootsplash-debuginfo-3.3-167.168.1.x86_64.rpm bootsplash-debugsource-3.3-167.168.1.i586.rpm bootsplash-debugsource-3.3-167.168.1.x86_64.rpm btrfsprogs openSUSE 11.4 This updates btrfsprogs to a new snapshot that provides btrfsprogs-4186 dbg114-btrfsprogs-4186 new_updateinfo Add new util: 'btrfs' btrfsprogs-4186 dbg114-btrfsprogs-4186 new_updateinfo multidevice support for check_mounted btrfsprogs-4186 dbg114-btrfsprogs-4186 new_updateinfo check slash in deleting subvolumes btrfsprogs-4186 dbg114-btrfsprogs-4186 new_updateinfo Add btrfsck option to select the super block copy in addition, a symlink to avoid a boot failure with btrfs root was added (bnc#665899) btrfsprogs-0.19-17.18.1.i586.rpm btrfsprogs-0.19-17.18.1.x86_64.rpm btrfsprogs-debuginfo-0.19-17.18.1.i586.rpm btrfsprogs-debuginfo-0.19-17.18.1.x86_64.rpm btrfsprogs-debugsource-0.19-17.18.1.i586.rpm btrfsprogs-debugsource-0.19-17.18.1.x86_64.rpm flash-player openSUSE 11.4 The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. flash-player-10.2.153.1-0.2.1.i586.rpm libzip-devel openSUSE 11.4 empty zip archives could crash programs using libzip (CVE-2011-0421). libzip-devel-0.9-30.31.1.i586.rpm libzip-devel-0.9-30.31.1.x86_64.rpm libzip-util-0.9-30.31.1.i586.rpm libzip-util-0.9-30.31.1.x86_64.rpm libzip1-0.9-30.31.1.i586.rpm libzip1-0.9-30.31.1.x86_64.rpm libzip-util-debuginfo-0.9-30.31.1.i586.rpm libzip-util-debuginfo-0.9-30.31.1.x86_64.rpm libzip1-debuginfo-0.9-30.31.1.i586.rpm libzip1-debuginfo-0.9-30.31.1.x86_64.rpm libzip1-debugsource-0.9-30.31.1.i586.rpm libzip1-debugsource-0.9-30.31.1.x86_64.rpm MozillaFirefox openSUSE 11.4 Mozilla Firefox is updated to the final 4.0 release by this update. MozillaFirefox-4.0.0-0.3.1.i586.rpm MozillaFirefox-4.0.0-0.3.1.x86_64.rpm MozillaFirefox-branding-upstream-4.0.0-0.3.1.i586.rpm MozillaFirefox-branding-upstream-4.0.0-0.3.1.x86_64.rpm MozillaFirefox-devel-4.0.0-0.3.1.i586.rpm MozillaFirefox-devel-4.0.0-0.3.1.x86_64.rpm MozillaFirefox-translations-common-4.0.0-0.3.1.i586.rpm MozillaFirefox-translations-common-4.0.0-0.3.1.x86_64.rpm MozillaFirefox-translations-other-4.0.0-0.3.1.i586.rpm MozillaFirefox-translations-other-4.0.0-0.3.1.x86_64.rpm mozilla-js20-2.0.0-0.3.1.i586.rpm mozilla-js20-2.0.0-0.3.1.x86_64.rpm mozilla-js20-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-buildsymbols-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-buildsymbols-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-devel-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-devel-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-gnome-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-gnome-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-gnome-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-translations-common-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-translations-common-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-translations-common-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-translations-other-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-translations-other-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-translations-other-32bit-2.0.0-0.3.1.x86_64.rpm MozillaFirefox-debuginfo-4.0.0-0.3.1.i586.rpm MozillaFirefox-debuginfo-4.0.0-0.3.1.x86_64.rpm MozillaFirefox-debugsource-4.0.0-0.3.1.i586.rpm MozillaFirefox-debugsource-4.0.0-0.3.1.x86_64.rpm mozilla-js20-debuginfo-2.0.0-0.3.1.i586.rpm mozilla-js20-debuginfo-2.0.0-0.3.1.x86_64.rpm mozilla-js20-debuginfo-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-debuginfo-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-debuginfo-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-debuginfo-32bit-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-debugsource-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-debugsource-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-devel-debuginfo-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-devel-debuginfo-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-gnome-debuginfo-2.0.0-0.3.1.i586.rpm mozilla-xulrunner20-gnome-debuginfo-2.0.0-0.3.1.x86_64.rpm mozilla-xulrunner20-gnome-debuginfo-32bit-2.0.0-0.3.1.x86_64.rpm openvpn openSUSE 11.4 openvpn doesn't work with kvpnc, because kvpnc is unable to parse the openvpn version. Fixed by this update. openvpn-2.1.4-11.16.1.i586.rpm openvpn-2.1.4-11.16.1.x86_64.rpm openvpn-auth-pam-plugin-2.1.4-11.16.1.i586.rpm openvpn-auth-pam-plugin-2.1.4-11.16.1.x86_64.rpm openvpn-down-root-plugin-2.1.4-11.16.1.i586.rpm openvpn-down-root-plugin-2.1.4-11.16.1.x86_64.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.16.1.i586.rpm openvpn-auth-pam-plugin-debuginfo-2.1.4-11.16.1.x86_64.rpm openvpn-debuginfo-2.1.4-11.16.1.i586.rpm openvpn-debuginfo-2.1.4-11.16.1.x86_64.rpm openvpn-debugsource-2.1.4-11.16.1.i586.rpm openvpn-debugsource-2.1.4-11.16.1.x86_64.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.16.1.i586.rpm openvpn-down-root-plugin-debuginfo-2.1.4-11.16.1.x86_64.rpm yast2-control-center openSUSE 11.4 The search results in YAST Control Center are not displayed correctly. Fixed by this update. yast2-control-center-2.20.2-1.3.1.i586.rpm yast2-control-center-2.20.2-1.3.1.x86_64.rpm yast2-control-center-qt-2.20.2-1.3.1.i586.rpm yast2-control-center-qt-2.20.2-1.3.1.x86_64.rpm yast2-control-center-debugsource-2.20.2-1.3.1.i586.rpm yast2-control-center-debugsource-2.20.2-1.3.1.x86_64.rpm yast2-control-center-qt-debuginfo-2.20.2-1.3.1.i586.rpm yast2-control-center-qt-debuginfo-2.20.2-1.3.1.x86_64.rpm mozilla-js192 openSUSE 11.4 Mozilla XULRunner 1.9.2 was updated to version 1.9.2.16 to fix the following security issue: MFSA 2011-11 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. mozilla-js192-1.9.2.16-0.2.1.i586.rpm mozilla-js192-1.9.2.16-0.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.16-0.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.16-0.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.16-0.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.16-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.16-0.2.1.x86_64.rpm seamonkey openSUSE 11.4 Mozilla Seamonkey was updated to version 2.0.13 to fix the following security issue: MFSA 2011-11 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. seamonkey-2.0.13-0.2.1.i586.rpm seamonkey-2.0.13-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.0.13-0.2.1.i586.rpm seamonkey-dom-inspector-2.0.13-0.2.1.x86_64.rpm seamonkey-irc-2.0.13-0.2.1.i586.rpm seamonkey-irc-2.0.13-0.2.1.x86_64.rpm seamonkey-translations-common-2.0.13-0.2.1.i586.rpm seamonkey-translations-common-2.0.13-0.2.1.x86_64.rpm seamonkey-translations-other-2.0.13-0.2.1.i586.rpm seamonkey-translations-other-2.0.13-0.2.1.x86_64.rpm seamonkey-venkman-2.0.13-0.2.1.i586.rpm seamonkey-venkman-2.0.13-0.2.1.x86_64.rpm seamonkey-debuginfo-2.0.13-0.2.1.i586.rpm seamonkey-debuginfo-2.0.13-0.2.1.x86_64.rpm seamonkey-debugsource-2.0.13-0.2.1.i586.rpm seamonkey-debugsource-2.0.13-0.2.1.x86_64.rpm zfs-fuse openSUSE 11.4 Destructive inplace snapshot operations (including, but possibly not limited to rollback) can potentially lead to inconsistent page caching and thus corruption. This update contains a fix which avoids the issue by using drop_caches to clear the page cache. zfs-fuse-0.6.9_git20110322-0.3.1.i586.rpm 1 zfs-fuse-0.6.9_git20110322-0.3.1.x86_64.rpm 1 zfs-fuse-debuginfo-0.6.9_git20110322-0.3.1.i586.rpm 1 zfs-fuse-debuginfo-0.6.9_git20110322-0.3.1.x86_64.rpm 1 zfs-fuse-debugsource-0.6.9_git20110322-0.3.1.i586.rpm 1 zfs-fuse-debugsource-0.6.9_git20110322-0.3.1.x86_64.rpm 1 gstreamer-0_10-plugin-hal openSUSE 11.4 Fixex Amarok (and possible other applications) crashes during disconnects or standbys while playing streams (bnc#673914) gstreamer-0_10-plugin-hal-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugin-hal-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-doc-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-doc-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-extra-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-extra-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-lang-0.10.27-4.5.1.noarch.rpm gstreamer-0_10-plugin-hal-debuginfo-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugin-hal-debuginfo-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-debuginfo-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-debuginfo-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-debugsource-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-debugsource-0.10.27-4.5.1.x86_64.rpm gstreamer-0_10-plugins-good-extra-debuginfo-0.10.27-4.5.1.i586.rpm gstreamer-0_10-plugins-good-extra-debuginfo-0.10.27-4.5.1.x86_64.rpm python-virtualbox openSUSE 11.4 This update fixes a missing permissions handling of VBoxNetDHCP. python-virtualbox-4.0.4-1.6.1.i586.rpm python-virtualbox-4.0.4-1.6.1.x86_64.rpm virtualbox-4.0.4-1.6.1.i586.rpm virtualbox-4.0.4-1.6.1.x86_64.rpm virtualbox-devel-4.0.4-1.6.1.i586.rpm virtualbox-devel-4.0.4-1.6.1.x86_64.rpm virtualbox-guest-kmp-default-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-kmp-default-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-guest-kmp-desktop-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-kmp-desktop-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-guest-kmp-pae-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-tools-4.0.4-1.6.1.i586.rpm virtualbox-guest-tools-4.0.4-1.6.1.x86_64.rpm virtualbox-guest-x11-4.0.4-1.6.1.i586.rpm virtualbox-guest-x11-4.0.4-1.6.1.x86_64.rpm virtualbox-host-kmp-default-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-host-kmp-default-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-host-kmp-desktop-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-host-kmp-desktop-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-host-kmp-pae-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-qt-4.0.4-1.6.1.i586.rpm virtualbox-qt-4.0.4-1.6.1.x86_64.rpm python-virtualbox-debuginfo-4.0.4-1.6.1.i586.rpm python-virtualbox-debuginfo-4.0.4-1.6.1.x86_64.rpm virtualbox-debuginfo-4.0.4-1.6.1.i586.rpm virtualbox-debuginfo-4.0.4-1.6.1.x86_64.rpm virtualbox-debugsource-4.0.4-1.6.1.i586.rpm virtualbox-debugsource-4.0.4-1.6.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-kmp-default-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-guest-kmp-pae-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-guest-tools-debuginfo-4.0.4-1.6.1.i586.rpm virtualbox-guest-tools-debuginfo-4.0.4-1.6.1.x86_64.rpm virtualbox-guest-x11-debuginfo-4.0.4-1.6.1.i586.rpm virtualbox-guest-x11-debuginfo-4.0.4-1.6.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-host-kmp-default-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.x86_64.rpm virtualbox-host-kmp-pae-debuginfo-4.0.4_k2.6.37.1_1.2-1.6.1.i586.rpm virtualbox-qt-debuginfo-4.0.4-1.6.1.i586.rpm virtualbox-qt-debuginfo-4.0.4-1.6.1.x86_64.rpm timezone-2011d openSUSE 11.4 This update provides latest timezone information, taken from Olson database 2011d: dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 Pacific/Apia: Move DST from April 3rd to April 2nd dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 Europe/Istanbul: Move DST from March 27th to 28th dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 America/Cuba: DST starts on March 20th dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 Samoa DST will occur a day earlier, on April 11th, 2011. dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 America/Cuba Daylight Saving Time will occur on March 20th, 2011. dbg114-timezone-2011d-4222 new_updateinfo timezone-2011d-4222 Europe/Istanbul Daylight Saving Time will occur on March 28th, 2011,because of a nationwide exam scheduled to take place on Sunday, March 27. timezone-2011d-0.2.1.i586.rpm timezone-2011d-0.2.1.x86_64.rpm timezone-java-2011d-0.2.1.noarch.rpm timezone-debuginfo-2011d-0.2.1.i586.rpm timezone-debuginfo-2011d-0.2.1.x86_64.rpm timezone-debugsource-2011d-0.2.1.i586.rpm timezone-debugsource-2011d-0.2.1.x86_64.rpm kdelibs4 openSUSE 11.4 KSSL did not properly verify the host name of a certificate if the certificate was issued for an IP address (CVE-2011-1094). kdelibs4-4.6.0-6.13.1.i586.rpm kdelibs4-4.6.0-6.13.1.x86_64.rpm kdelibs4-branding-upstream-4.6.0-6.13.1.i586.rpm kdelibs4-branding-upstream-4.6.0-6.13.1.x86_64.rpm kdelibs4-core-4.6.0-6.13.1.i586.rpm kdelibs4-core-4.6.0-6.13.1.x86_64.rpm kdelibs4-doc-4.6.0-6.13.1.i586.rpm kdelibs4-doc-4.6.0-6.13.1.x86_64.rpm libkde4-4.6.0-6.13.1.i586.rpm libkde4-4.6.0-6.13.1.x86_64.rpm libkde4-32bit-4.6.0-6.13.1.x86_64.rpm libkde4-devel-4.6.0-6.13.1.i586.rpm libkde4-devel-4.6.0-6.13.1.x86_64.rpm libkdecore4-4.6.0-6.13.1.i586.rpm libkdecore4-4.6.0-6.13.1.x86_64.rpm libkdecore4-32bit-4.6.0-6.13.1.x86_64.rpm libkdecore4-devel-4.6.0-6.13.1.i586.rpm libkdecore4-devel-4.6.0-6.13.1.x86_64.rpm libksuseinstall-devel-4.6.0-6.13.1.i586.rpm libksuseinstall-devel-4.6.0-6.13.1.x86_64.rpm libksuseinstall1-4.6.0-6.13.1.i586.rpm libksuseinstall1-4.6.0-6.13.1.x86_64.rpm libksuseinstall1-32bit-4.6.0-6.13.1.x86_64.rpm kdelibs4-core-debuginfo-4.6.0-6.13.1.i586.rpm kdelibs4-core-debuginfo-4.6.0-6.13.1.x86_64.rpm kdelibs4-debuginfo-4.6.0-6.13.1.i586.rpm kdelibs4-debuginfo-4.6.0-6.13.1.x86_64.rpm kdelibs4-debugsource-4.6.0-6.13.1.i586.rpm kdelibs4-debugsource-4.6.0-6.13.1.x86_64.rpm kdelibs4-doc-debuginfo-4.6.0-6.13.1.i586.rpm kdelibs4-doc-debuginfo-4.6.0-6.13.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.13.1.i586.rpm libkde4-debuginfo-4.6.0-6.13.1.x86_64.rpm libkde4-debuginfo-32bit-4.6.0-6.13.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.13.1.i586.rpm libkdecore4-debuginfo-4.6.0-6.13.1.x86_64.rpm libkdecore4-debuginfo-32bit-4.6.0-6.13.1.x86_64.rpm libkdecore4-devel-debuginfo-4.6.0-6.13.1.i586.rpm libkdecore4-devel-debuginfo-4.6.0-6.13.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.13.1.i586.rpm libksuseinstall1-debuginfo-4.6.0-6.13.1.x86_64.rpm libksuseinstall1-debuginfo-32bit-4.6.0-6.13.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0 openSUSE 11.4 Remote attackers could crash an svn server by causing a NULL deref (CVE-2011-0715). libsvn_auth_gnome_keyring-1-0-1.6.16-1.3.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.16-1.3.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.16-1.3.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.16-1.3.1.x86_64.rpm subversion-1.6.16-1.3.1.i586.rpm subversion-1.6.16-1.3.1.x86_64.rpm subversion-devel-1.6.16-1.3.1.i586.rpm subversion-devel-1.6.16-1.3.1.x86_64.rpm subversion-perl-1.6.16-1.3.1.i586.rpm subversion-perl-1.6.16-1.3.1.x86_64.rpm subversion-python-1.6.16-1.3.1.i586.rpm subversion-python-1.6.16-1.3.1.x86_64.rpm subversion-ruby-1.6.16-1.3.1.i586.rpm subversion-ruby-1.6.16-1.3.1.x86_64.rpm subversion-server-1.6.16-1.3.1.i586.rpm subversion-server-1.6.16-1.3.1.x86_64.rpm subversion-tools-1.6.16-1.3.1.i586.rpm subversion-tools-1.6.16-1.3.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.16-1.3.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.16-1.3.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.16-1.3.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-debuginfo-1.6.16-1.3.1.i586.rpm subversion-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-debugsource-1.6.16-1.3.1.i586.rpm subversion-debugsource-1.6.16-1.3.1.x86_64.rpm subversion-perl-debuginfo-1.6.16-1.3.1.i586.rpm subversion-perl-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-python-debuginfo-1.6.16-1.3.1.i586.rpm subversion-python-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-ruby-debuginfo-1.6.16-1.3.1.i586.rpm subversion-ruby-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-server-debuginfo-1.6.16-1.3.1.i586.rpm subversion-server-debuginfo-1.6.16-1.3.1.x86_64.rpm subversion-tools-debuginfo-1.6.16-1.3.1.i586.rpm subversion-tools-debuginfo-1.6.16-1.3.1.x86_64.rpm perl-MIME-tools openSUSE 11.4 openSUSE 11.4 contains the buggy version 5.500, which use is deprecated by the developers. This update provides the latest stable and recommended version. perl-MIME-tools-5.502-1.3.1.i586.rpm perl-MIME-tools-5.502-1.3.1.x86_64.rpm compcache openSUSE 11.4 This update fixes the init script of compcache package to run with the default empty $COMPCACHE_SIZE_KB value. compcache-0.6.2-4.5.2.noarch.rpm strongswan openSUSE 11.4 This update applies a patch correcting the memory handling in virtual IP DHCP transaction offer that causes the IKEv2 daemon charon to kill itself because of a SEGV in a thread and triggered a restart by IPSEC starter. strongswan-4.5.0-6.7.1.i586.rpm strongswan-4.5.0-6.7.1.x86_64.rpm strongswan-doc-4.5.0-6.7.1.i586.rpm strongswan-doc-4.5.0-6.7.1.x86_64.rpm strongswan-ikev1-4.5.0-6.7.1.i586.rpm strongswan-ikev1-4.5.0-6.7.1.x86_64.rpm strongswan-ikev2-4.5.0-6.7.1.i586.rpm strongswan-ikev2-4.5.0-6.7.1.x86_64.rpm strongswan-ipsec-4.5.0-6.7.1.i586.rpm strongswan-ipsec-4.5.0-6.7.1.x86_64.rpm strongswan-libs0-4.5.0-6.7.1.i586.rpm strongswan-libs0-4.5.0-6.7.1.x86_64.rpm strongswan-mysql-4.5.0-6.7.1.i586.rpm strongswan-mysql-4.5.0-6.7.1.x86_64.rpm strongswan-nm-4.5.0-6.7.1.i586.rpm strongswan-nm-4.5.0-6.7.1.x86_64.rpm strongswan-sqlite-4.5.0-6.7.1.i586.rpm strongswan-sqlite-4.5.0-6.7.1.x86_64.rpm strongswan-debugsource-4.5.0-6.7.1.i586.rpm strongswan-debugsource-4.5.0-6.7.1.x86_64.rpm strongswan-ikev1-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-ikev1-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-ikev2-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-ikev2-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-ipsec-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-ipsec-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-libs0-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-libs0-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-mysql-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-mysql-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-nm-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-nm-debuginfo-4.5.0-6.7.1.x86_64.rpm strongswan-sqlite-debuginfo-4.5.0-6.7.1.i586.rpm strongswan-sqlite-debuginfo-4.5.0-6.7.1.x86_64.rpm espeak openSUSE 11.4 This update fixes the bug, that espeak resets the volume to full forcibly when used with PulseAudio. It happens with StarDict or other speech program using espeak as a backend. espeak-1.43.03-5.6.1.i586.rpm espeak-1.43.03-5.6.1.x86_64.rpm espeak-devel-1.43.03-5.6.1.i586.rpm espeak-devel-1.43.03-5.6.1.x86_64.rpm espeak-debuginfo-1.43.03-5.6.1.i586.rpm espeak-debuginfo-1.43.03-5.6.1.x86_64.rpm flash-player openSUSE 11.4 The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. flash-player-10.2.153.1-0.4.1.i586.rpm tar openSUSE 11.4 tar-1.25 has a serious bug with --one-file-system and --listed-incremental options, which makes amanda backup system unusable. This is fixed by this version upgrade to 1.26. tar-1.26-1.3.1.i586.rpm tar-1.26-1.3.1.x86_64.rpm tar-backup-scripts-1.26-1.3.1.i586.rpm tar-backup-scripts-1.26-1.3.1.x86_64.rpm tar-lang-1.26-1.3.1.noarch.rpm tar-debuginfo-1.26-1.3.1.i586.rpm tar-debuginfo-1.26-1.3.1.x86_64.rpm tar-debugsource-1.26-1.3.1.i586.rpm tar-debugsource-1.26-1.3.1.x86_64.rpm alsa openSUSE 11.4 This update provides a few fixes for ALSA: - Fix alsasound init script to set up the sound system properly even when the module isn't loaded beforehand - Fix the path of asound.state for openSUSE-11.4; now it's /var/lib/asound.state - Backport the recent updates/fixes for hdspmixer in alsa-tools to fix segfaults alsa-1.0.24.1-4.5.1.i586.rpm alsa-1.0.24.1-4.5.1.x86_64.rpm alsa-devel-1.0.24.1-4.5.1.i586.rpm alsa-devel-1.0.24.1-4.5.1.x86_64.rpm alsa-docs-1.0.24.1-4.5.1.noarch.rpm alsa-tools-1.0.24.1-4.5.1.i586.rpm alsa-tools-1.0.24.1-4.5.1.x86_64.rpm alsa-tools-devel-1.0.24.1-4.5.1.i586.rpm alsa-tools-devel-1.0.24.1-4.5.1.x86_64.rpm alsa-tools-gui-1.0.24.1-4.5.1.i586.rpm alsa-tools-gui-1.0.24.1-4.5.1.x86_64.rpm libasound2-1.0.24.1-4.5.1.i586.rpm libasound2-1.0.24.1-4.5.1.x86_64.rpm libasound2-32bit-1.0.24.1-4.5.1.x86_64.rpm alsa-debugsource-1.0.24.1-4.5.1.i586.rpm alsa-debugsource-1.0.24.1-4.5.1.x86_64.rpm alsa-tools-debuginfo-1.0.24.1-4.5.1.i586.rpm alsa-tools-debuginfo-1.0.24.1-4.5.1.x86_64.rpm alsa-tools-debugsource-1.0.24.1-4.5.1.i586.rpm alsa-tools-debugsource-1.0.24.1-4.5.1.x86_64.rpm alsa-tools-gui-debuginfo-1.0.24.1-4.5.1.i586.rpm alsa-tools-gui-debuginfo-1.0.24.1-4.5.1.x86_64.rpm libasound2-debuginfo-1.0.24.1-4.5.1.i586.rpm libasound2-debuginfo-1.0.24.1-4.5.1.x86_64.rpm libasound2-debuginfo-32bit-1.0.24.1-4.5.1.x86_64.rpm kile openSUSE 11.4 This update fixes black icons in the toolbar of kile due to a packaging error (bnc#676046). kile-2.0.99beta5-6.11.1.i586.rpm kile-2.0.99beta5-6.11.1.x86_64.rpm kile-lang-2.0.99beta5-6.11.1.noarch.rpm kile-debuginfo-2.0.99beta5-6.11.1.i586.rpm kile-debuginfo-2.0.99beta5-6.11.1.x86_64.rpm kile-debugsource-2.0.99beta5-6.11.1.i586.rpm kile-debugsource-2.0.99beta5-6.11.1.x86_64.rpm qt-creator openSUSE 11.4 This update provides the final version of qt-creator 2.1.0 with various urgent bug fixes. For the complete release announcement, please refer to this changelog: http://labs.qt.nokia.com/2011/03/01/qt-creator-2-1-0-release d/ qt-creator-2.1.0-1.3.1.i586.rpm qt-creator-2.1.0-1.3.1.x86_64.rpm qt-creator-debuginfo-2.1.0-1.3.1.i586.rpm qt-creator-debuginfo-2.1.0-1.3.1.x86_64.rpm qt-creator-debugsource-2.1.0-1.3.1.i586.rpm qt-creator-debugsource-2.1.0-1.3.1.x86_64.rpm build openSUSE 11.4 The configuration file for openSUSE 11.4 was missing from the package "build. This update adds the missing config file. build-2011.01.20-1.4.1.noarch.rpm build-mkbaselibs-2011.01.20-1.4.1.noarch.rpm build-mkdrpms-2011.01.20-1.4.1.noarch.rpm cairo openSUSE 11.4 The oxygen-gtk theme displayed a white rectangle when used with the nvidia proprietary driver. The issue is fixed by this update cairo-devel-1.10.2-6.11.1.i586.rpm cairo-devel-1.10.2-6.11.1.x86_64.rpm cairo-tools-1.10.2-6.11.1.i586.rpm cairo-tools-1.10.2-6.11.1.x86_64.rpm libcairo-gobject2-1.10.2-6.11.1.i586.rpm libcairo-gobject2-1.10.2-6.11.1.x86_64.rpm libcairo-gobject2-32bit-1.10.2-6.11.1.x86_64.rpm libcairo-script-interpreter2-1.10.2-6.11.1.i586.rpm libcairo-script-interpreter2-1.10.2-6.11.1.x86_64.rpm libcairo-script-interpreter2-32bit-1.10.2-6.11.1.x86_64.rpm libcairo2-1.10.2-6.11.1.i586.rpm libcairo2-1.10.2-6.11.1.x86_64.rpm libcairo2-32bit-1.10.2-6.11.1.x86_64.rpm cairo-debugsource-1.10.2-6.11.1.i586.rpm cairo-debugsource-1.10.2-6.11.1.x86_64.rpm cairo-tools-debuginfo-1.10.2-6.11.1.i586.rpm cairo-tools-debuginfo-1.10.2-6.11.1.x86_64.rpm libcairo-gobject2-debuginfo-1.10.2-6.11.1.i586.rpm libcairo-gobject2-debuginfo-1.10.2-6.11.1.x86_64.rpm libcairo-gobject2-debuginfo-32bit-1.10.2-6.11.1.x86_64.rpm libcairo-script-interpreter2-debuginfo-1.10.2-6.11.1.i586.rpm libcairo-script-interpreter2-debuginfo-1.10.2-6.11.1.x86_64.rpm libcairo-script-interpreter2-debuginfo-32bit-1.10.2-6.11.1.x86_64.rpm libcairo2-debuginfo-1.10.2-6.11.1.i586.rpm libcairo2-debuginfo-1.10.2-6.11.1.x86_64.rpm libcairo2-debuginfo-32bit-1.10.2-6.11.1.x86_64.rpm gdm openSUSE 11.4 Local users could trick gdm into changing ownership of arbitrary files by placing symlinks in the user session cache (CVE-2011-0727). gdm-2.32.0-9.14.1.i586.rpm gdm-2.32.0-9.14.1.x86_64.rpm gdm-branding-upstream-2.32.0-9.14.1.i586.rpm gdm-branding-upstream-2.32.0-9.14.1.x86_64.rpm gdm-lang-2.32.0-9.14.1.noarch.rpm gnome-applets-gdm-2.32.0-9.14.1.i586.rpm gnome-applets-gdm-2.32.0-9.14.1.x86_64.rpm gdm-debuginfo-2.32.0-9.14.1.i586.rpm gdm-debuginfo-2.32.0-9.14.1.x86_64.rpm gdm-debugsource-2.32.0-9.14.1.i586.rpm gdm-debugsource-2.32.0-9.14.1.x86_64.rpm gnome-applets-gdm-debuginfo-2.32.0-9.14.1.i586.rpm gnome-applets-gdm-debuginfo-2.32.0-9.14.1.x86_64.rpm postfix openSUSE 11.4 postfix did not clear the receive buffer after the STARTTLS command. A man-in-the middle could therefore inject commands in the unencrypted stream that get interpreted in the encrypted phase after STARTTLS (CVE-2011-0411). postfix-2.7.2-13.14.1.i586.rpm postfix-2.7.2-13.14.1.x86_64.rpm postfix-devel-2.7.2-13.14.1.i586.rpm postfix-devel-2.7.2-13.14.1.x86_64.rpm postfix-doc-2.7.2-13.14.1.noarch.rpm postfix-mysql-2.7.2-13.14.1.i586.rpm postfix-mysql-2.7.2-13.14.1.x86_64.rpm postfix-postgresql-2.7.2-13.14.1.i586.rpm postfix-postgresql-2.7.2-13.14.1.x86_64.rpm postfix-debuginfo-2.7.2-13.14.1.i586.rpm postfix-debuginfo-2.7.2-13.14.1.x86_64.rpm postfix-debugsource-2.7.2-13.14.1.i586.rpm postfix-debugsource-2.7.2-13.14.1.x86_64.rpm postfix-mysql-debuginfo-2.7.2-13.14.1.i586.rpm postfix-mysql-debuginfo-2.7.2-13.14.1.x86_64.rpm postfix-postgresql-debuginfo-2.7.2-13.14.1.i586.rpm postfix-postgresql-debuginfo-2.7.2-13.14.1.x86_64.rpm insserv openSUSE 11.4 insserv was updated to be less strict on checking, to fix the bug: - #682861: insserv does not work for unclean boot scripts like smpppd insserv-1.14.0-20.24.1.i586.rpm insserv-1.14.0-20.24.1.x86_64.rpm insserv-debuginfo-1.14.0-20.24.1.i586.rpm insserv-debuginfo-1.14.0-20.24.1.x86_64.rpm insserv-debugsource-1.14.0-20.24.1.i586.rpm insserv-debugsource-1.14.0-20.24.1.x86_64.rpm yast2-bootloader openSUSE 11.4 This update fixes a bug in the GRUB bootloader generation: - #675224: GRUB does not put other openSUSE installations into the menu yast2-bootloader-2.20.2-0.3.1.i586.rpm yast2-bootloader-2.20.2-0.3.1.x86_64.rpm gtg openSUSE 11.4 This update fixes the Getting thins done (GTG) Hamster plugin (bnc#683748). gtg-0.2.4-5.6.1.noarch.rpm gtg-lang-0.2.4-5.6.1.noarch.rpm cobbler openSUSE 11.4 /var/log/cobbler/ directory was owned by the web service user. Access to this account could potentially be abused to corrupt files during root filesystem operations by the Cobbler daemon (CVE-2011-1551). cobbler-2.0.10-15.22.1.i586.rpm cobbler-2.0.10-15.22.1.x86_64.rpm cobbler-web-2.0.10-15.22.1.i586.rpm cobbler-web-2.0.10-15.22.1.x86_64.rpm koan-2.0.10-15.22.1.i586.rpm koan-2.0.10-15.22.1.x86_64.rpm quagga openSUSE 11.4 This security update of quagga fixes: - CVE-2010-1674: Direct BGP peers can send malformed extended communities which lead to a NULL pointer dereference. - CVE-2010-1675: A malformed AS_PATHLIMIT path attribute will cause a session reset in Quagga. This malformed package is forwarded by other routers and can be used to take "all" Quagga routers off the Internet with one single announcement. quagga-0.99.17-4.5.1.i586.rpm quagga-0.99.17-4.5.1.x86_64.rpm quagga-devel-0.99.17-4.5.1.i586.rpm quagga-devel-0.99.17-4.5.1.x86_64.rpm quagga-debuginfo-0.99.17-4.5.1.i586.rpm quagga-debuginfo-0.99.17-4.5.1.x86_64.rpm quagga-debugsource-0.99.17-4.5.1.i586.rpm quagga-debugsource-0.99.17-4.5.1.x86_64.rpm rsync openSUSE 11.4 Specially crafted requests could cause a memory corruption on the receiving side of an rsync transfer (client side or server that allows to push) (CVE-2011-1097). rsync-3.0.7-8.9.1.i586.rpm rsync-3.0.7-8.9.1.x86_64.rpm rsync-debuginfo-3.0.7-8.9.1.i586.rpm rsync-debuginfo-3.0.7-8.9.1.x86_64.rpm rsync-debugsource-3.0.7-8.9.1.i586.rpm rsync-debugsource-3.0.7-8.9.1.x86_64.rpm translation-update openSUSE 11.4 Collective update for the openSUSE translations. desktop-translations-11.4-8.15.1.noarch.rpm translation-update-11.4-0.2.1.noarch.rpm translation-update-cs-11.4-0.2.1.noarch.rpm translation-update-da-11.4-0.2.1.noarch.rpm translation-update-de-11.4-0.2.1.noarch.rpm translation-update-es-11.4-0.2.1.noarch.rpm translation-update-fi-11.4-0.2.1.noarch.rpm translation-update-fr-11.4-0.2.1.noarch.rpm translation-update-gl-11.4-0.2.1.noarch.rpm translation-update-hr-11.4-0.2.1.noarch.rpm translation-update-hu-11.4-0.2.1.noarch.rpm translation-update-it-11.4-0.2.1.noarch.rpm translation-update-ja-11.4-0.2.1.noarch.rpm translation-update-ka-11.4-0.2.1.noarch.rpm translation-update-km-11.4-0.2.1.noarch.rpm translation-update-ko-11.4-0.2.1.noarch.rpm translation-update-nb-11.4-0.2.1.noarch.rpm translation-update-nl-11.4-0.2.1.noarch.rpm translation-update-pa-11.4-0.2.1.noarch.rpm translation-update-pl-11.4-0.2.1.noarch.rpm translation-update-pt-11.4-0.2.1.noarch.rpm translation-update-pt_BR-11.4-0.2.1.noarch.rpm translation-update-ro-11.4-0.2.1.noarch.rpm translation-update-ru-11.4-0.2.1.noarch.rpm translation-update-sk-11.4-0.2.1.noarch.rpm translation-update-uk-11.4-0.2.1.noarch.rpm translation-update-wa-11.4-0.2.1.noarch.rpm yast2-trans-2.19.0-31.36.1.noarch.rpm yast2-trans-af-2.19.0-31.36.1.noarch.rpm yast2-trans-ar-2.19.0-31.36.1.noarch.rpm yast2-trans-ast-2.19.0-31.36.1.noarch.rpm yast2-trans-bg-2.19.0-31.36.1.noarch.rpm yast2-trans-bn-2.19.0-31.36.1.noarch.rpm yast2-trans-bs-2.19.0-31.36.1.noarch.rpm yast2-trans-ca-2.19.0-31.36.1.noarch.rpm yast2-trans-cs-2.19.0-31.36.1.noarch.rpm yast2-trans-cy-2.19.0-31.36.1.noarch.rpm yast2-trans-da-2.19.0-31.36.1.noarch.rpm yast2-trans-de-2.19.0-31.36.1.noarch.rpm yast2-trans-el-2.19.0-31.36.1.noarch.rpm yast2-trans-en_GB-2.19.0-31.36.1.noarch.rpm yast2-trans-en_US-2.19.0-31.36.1.noarch.rpm yast2-trans-es-2.19.0-31.36.1.noarch.rpm yast2-trans-et-2.19.0-31.36.1.noarch.rpm yast2-trans-fa-2.19.0-31.36.1.noarch.rpm yast2-trans-fi-2.19.0-31.36.1.noarch.rpm yast2-trans-fr-2.19.0-31.36.1.noarch.rpm yast2-trans-gl-2.19.0-31.36.1.noarch.rpm yast2-trans-gu-2.19.0-31.36.1.noarch.rpm yast2-trans-hi-2.19.0-31.36.1.noarch.rpm yast2-trans-hr-2.19.0-31.36.1.noarch.rpm yast2-trans-hu-2.19.0-31.36.1.noarch.rpm yast2-trans-id-2.19.0-31.36.1.noarch.rpm yast2-trans-it-2.19.0-31.36.1.noarch.rpm yast2-trans-ja-2.19.0-31.36.1.noarch.rpm yast2-trans-jv-2.19.0-31.36.1.noarch.rpm yast2-trans-ka-2.19.0-31.36.1.noarch.rpm yast2-trans-km-2.19.0-31.36.1.noarch.rpm yast2-trans-kn-2.19.0-31.36.1.noarch.rpm yast2-trans-ko-2.19.0-31.36.1.noarch.rpm yast2-trans-ku-2.19.0-31.36.1.noarch.rpm yast2-trans-lo-2.19.0-31.36.1.noarch.rpm yast2-trans-lt-2.19.0-31.36.1.noarch.rpm yast2-trans-mk-2.19.0-31.36.1.noarch.rpm yast2-trans-mr-2.19.0-31.36.1.noarch.rpm yast2-trans-nb-2.19.0-31.36.1.noarch.rpm yast2-trans-nds-2.19.0-31.36.1.noarch.rpm yast2-trans-nl-2.19.0-31.36.1.noarch.rpm yast2-trans-pa-2.19.0-31.36.1.noarch.rpm yast2-trans-pl-2.19.0-31.36.1.noarch.rpm yast2-trans-pt-2.19.0-31.36.1.noarch.rpm yast2-trans-pt_BR-2.19.0-31.36.1.noarch.rpm yast2-trans-ro-2.19.0-31.36.1.noarch.rpm yast2-trans-ru-2.19.0-31.36.1.noarch.rpm yast2-trans-si-2.19.0-31.36.1.noarch.rpm yast2-trans-sk-2.19.0-31.36.1.noarch.rpm yast2-trans-sl-2.19.0-31.36.1.noarch.rpm yast2-trans-sr-2.19.0-31.36.1.noarch.rpm yast2-trans-sv-2.19.0-31.36.1.noarch.rpm yast2-trans-sw-2.19.0-31.36.1.noarch.rpm yast2-trans-ta-2.19.0-31.36.1.noarch.rpm yast2-trans-tg-2.19.0-31.36.1.noarch.rpm yast2-trans-th-2.19.0-31.36.1.noarch.rpm yast2-trans-tr-2.19.0-31.36.1.noarch.rpm yast2-trans-uk-2.19.0-31.36.1.noarch.rpm yast2-trans-vi-2.19.0-31.36.1.noarch.rpm yast2-trans-wa-2.19.0-31.36.1.noarch.rpm yast2-trans-xh-2.19.0-31.36.1.noarch.rpm yast2-trans-zh_CN-2.19.0-31.36.1.noarch.rpm yast2-trans-zh_TW-2.19.0-31.36.1.noarch.rpm yast2-trans-zu-2.19.0-31.36.1.noarch.rpm nbd openSUSE 11.4 Nbd was updated to fix a buffer overflow in the mainloop() function of nbd-server.c. This vulnerability can be exploited by remote attackers via long requests to execute arbitrary code. (CVE-2011-0530: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119)) nbd-2.9.20-1.4.1.i586.rpm nbd-2.9.20-1.4.1.x86_64.rpm nbd-doc-2.9.20-1.4.1.i586.rpm nbd-doc-2.9.20-1.4.1.x86_64.rpm nbd-debuginfo-2.9.20-1.4.1.i586.rpm nbd-debuginfo-2.9.20-1.4.1.x86_64.rpm nbd-debugsource-2.9.20-1.4.1.i586.rpm nbd-debugsource-2.9.20-1.4.1.x86_64.rpm xorg-x11 openSUSE 11.4 Remote attackers could execute arbitrary commands as root by assigning specially crafted hostnames to X11 clients via XDMCP (CVE-2011-0465). xorg-x11-7.6-43.44.1.i586.rpm xorg-x11-7.6-43.44.1.x86_64.rpm xorg-x11-xauth-7.6-43.44.1.i586.rpm xorg-x11-xauth-7.6-43.44.1.x86_64.rpm xorg-x11-debuginfo-7.6-43.44.1.i586.rpm xorg-x11-debuginfo-7.6-43.44.1.x86_64.rpm xorg-x11-debugsource-7.6-43.44.1.i586.rpm xorg-x11-debugsource-7.6-43.44.1.x86_64.rpm xorg-x11-xauth-debuginfo-7.6-43.44.1.i586.rpm xorg-x11-xauth-debuginfo-7.6-43.44.1.x86_64.rpm sane-backends openSUSE 11.4 Fixed udev rules for SCSI scanners in /etc/udev/rules.d/55-libsane.rules (for SCSI scanners using "ATTRS" is mandatory therein) so that normal users who are logged in directly at the local machine can access SCSI scanners (see openSUSE Bugzilla bnc#681146). sane-backends-1.0.22-1.5.1.i586.rpm sane-backends-1.0.22-1.5.1.x86_64.rpm sane-backends-32bit-1.0.22-1.5.1.x86_64.rpm sane-backends-autoconfig-1.0.22-1.5.1.i586.rpm sane-backends-autoconfig-1.0.22-1.5.1.x86_64.rpm sane-backends-devel-1.0.22-1.5.1.i586.rpm sane-backends-devel-1.0.22-1.5.1.x86_64.rpm sane-backends-debuginfo-1.0.22-1.5.1.i586.rpm sane-backends-debuginfo-1.0.22-1.5.1.x86_64.rpm sane-backends-debuginfo-32bit-1.0.22-1.5.1.x86_64.rpm sane-backends-debugsource-1.0.22-1.5.1.i586.rpm sane-backends-debugsource-1.0.22-1.5.1.x86_64.rpm sysvinit openSUSE 11.4 - 642289: Make system boot correctly with blogd from sysvinit-tools sysvinit-2.88-37.45.1.i586.rpm sysvinit-2.88-37.45.1.x86_64.rpm sysvinit-tools-2.88-37.45.1.i586.rpm sysvinit-tools-2.88-37.45.1.x86_64.rpm sysvinit-debuginfo-2.88-37.45.1.i586.rpm sysvinit-debuginfo-2.88-37.45.1.x86_64.rpm sysvinit-debugsource-2.88-37.45.1.i586.rpm sysvinit-debugsource-2.88-37.45.1.x86_64.rpm sysvinit-tools-debuginfo-2.88-37.45.1.i586.rpm sysvinit-tools-debuginfo-2.88-37.45.1.x86_64.rpm libwx_base-2_8-0-compat-lib-wxcontainer openSUSE 11.4 wxWidgets creates specific requirement symbols for wxWidgets libraries. The rule was too relaxed and mangled several third party packages symbols, which rendered these packages uninstallable. libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_baseu-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.5.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-devel-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-devel-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.9.1.x86_64.rpm wxWidgets-compat-lib-config-2.8.11-4.5.1.i586.rpm wxWidgets-compat-lib-config-2.8.11-4.9.1.x86_64.rpm wxWidgets-devel-2.8.11-4.5.1.i586.rpm wxWidgets-devel-2.8.11-4.9.1.x86_64.rpm wxWidgets-lang-2.8.11-4.5.1.noarch.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.5.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.9.1.x86_64.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.9.1.x86_64.rpm wxWidgets-wxcontainer-devel-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-devel-2.8.11-3.9.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.9.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.5.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-debugsource-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-debugsource-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.9.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm wxWidgets-debugsource-2.8.11-4.5.1.i586.rpm wxWidgets-debugsource-2.8.11-4.9.1.x86_64.rpm wxWidgets-devel-debuginfo-2.8.11-4.5.1.i586.rpm wxWidgets-devel-debuginfo-2.8.11-4.9.1.x86_64.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.5.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.9.1.x86_64.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.9.1.x86_64.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.9.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.9.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.9.1.x86_64.rpm dhcp openSUSE 11.4 A rogue dhcp server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the dhcp client needs to sanitize the host name offered by the server (CVE-2011-0997). dhcp-4.2.1-0.5.1.i586.rpm dhcp-4.2.1-0.5.1.x86_64.rpm dhcp-client-4.2.1-0.5.1.i586.rpm dhcp-client-4.2.1-0.5.1.x86_64.rpm dhcp-devel-4.2.1-0.5.1.i586.rpm dhcp-devel-4.2.1-0.5.1.x86_64.rpm dhcp-doc-4.2.1-0.5.1.i586.rpm dhcp-doc-4.2.1-0.5.1.x86_64.rpm dhcp-relay-4.2.1-0.5.1.i586.rpm dhcp-relay-4.2.1-0.5.1.x86_64.rpm dhcp-server-4.2.1-0.5.1.i586.rpm dhcp-server-4.2.1-0.5.1.x86_64.rpm dhcp-client-debuginfo-4.2.1-0.5.1.i586.rpm dhcp-client-debuginfo-4.2.1-0.5.1.x86_64.rpm dhcp-debuginfo-4.2.1-0.5.1.i586.rpm dhcp-debuginfo-4.2.1-0.5.1.x86_64.rpm dhcp-debugsource-4.2.1-0.5.1.i586.rpm dhcp-debugsource-4.2.1-0.5.1.x86_64.rpm dhcp-relay-debuginfo-4.2.1-0.5.1.i586.rpm dhcp-relay-debuginfo-4.2.1-0.5.1.x86_64.rpm dhcp-server-debuginfo-4.2.1-0.5.1.i586.rpm dhcp-server-debuginfo-4.2.1-0.5.1.x86_64.rpm libmoon-devel openSUSE 11.4 Moonlight was prone to several security problems: CVE-2011-0989: modification of read-only values via RuntimeHelpers.InitializeArray CVE-2011-0990: buffer overflow due to race condition in in Array.FastCopy CVE-2011-0991: use-after-free due to DynamicMethod resurrection CVE-2011-0992: information leak due to improper thread finalization libmoon-devel-2.4.1-0.3.1.i586.rpm libmoon-devel-2.4.1-0.3.1.x86_64.rpm libmoon0-2.4.1-0.3.1.i586.rpm libmoon0-2.4.1-0.3.1.x86_64.rpm moonlight-desktop-2.4.1-0.3.1.i586.rpm moonlight-desktop-2.4.1-0.3.1.x86_64.rpm moonlight-desktop-devel-2.4.1-0.3.1.i586.rpm moonlight-desktop-devel-2.4.1-0.3.1.x86_64.rpm moonlight-plugin-2.4.1-0.3.1.i586.rpm moonlight-plugin-2.4.1-0.3.1.x86_64.rpm moonlight-tools-2.4.1-0.3.1.i586.rpm moonlight-tools-2.4.1-0.3.1.x86_64.rpm moonlight-web-devel-2.4.1-0.3.1.i586.rpm moonlight-web-devel-2.4.1-0.3.1.x86_64.rpm libmoon0-debuginfo-2.4.1-0.3.1.i586.rpm libmoon0-debuginfo-2.4.1-0.3.1.x86_64.rpm moonlight-debugsource-2.4.1-0.3.1.i586.rpm moonlight-debugsource-2.4.1-0.3.1.x86_64.rpm moonlight-plugin-debuginfo-2.4.1-0.3.1.i586.rpm moonlight-plugin-debuginfo-2.4.1-0.3.1.x86_64.rpm python-feedparser openSUSE 11.4 Various issues in python-feedparser have been fixed, including fixes for crashes due to missing input sanitizaion and a XSS vulnerability. CVE-2011-1156, CVE-2011-1157, CVE-2011-1158 and CVE-2009-5065 have been assigned to these issues. python-feedparser-4.1-9.10.1.noarch.rpm libvirt openSUSE 11.4 libvirtd could mix errors from several threads leading to a crash (CVE-2011-1486). libvirt-0.8.8-0.8.1.i586.rpm libvirt-0.8.8-0.8.1.x86_64.rpm libvirt-client-0.8.8-0.8.1.i586.rpm libvirt-client-0.8.8-0.8.1.x86_64.rpm libvirt-devel-0.8.8-0.8.1.i586.rpm libvirt-devel-0.8.8-0.8.1.x86_64.rpm libvirt-doc-0.8.8-0.8.1.i586.rpm libvirt-doc-0.8.8-0.8.1.x86_64.rpm libvirt-python-0.8.8-0.8.1.i586.rpm libvirt-python-0.8.8-0.8.1.x86_64.rpm libvirt-client-debuginfo-0.8.8-0.8.1.i586.rpm libvirt-client-debuginfo-0.8.8-0.8.1.x86_64.rpm libvirt-debuginfo-0.8.8-0.8.1.i586.rpm libvirt-debuginfo-0.8.8-0.8.1.x86_64.rpm libvirt-debugsource-0.8.8-0.8.1.i586.rpm libvirt-debugsource-0.8.8-0.8.1.x86_64.rpm libvirt-python-debuginfo-0.8.8-0.8.1.i586.rpm libvirt-python-debuginfo-0.8.8-0.8.1.x86_64.rpm rsyslog openSUSE 11.4 rsyslog was updated to version 5.6.5 to fix a number of memory leaks that could crash the syslog daemon (CVE-2011-1488, CVE-2011-1489, CVE-2011-1490). rsyslog-5.6.5-1.3.1.i586.rpm rsyslog-5.6.5-1.3.1.x86_64.rpm rsyslog-diag-tools-5.6.5-1.3.1.i586.rpm rsyslog-diag-tools-5.6.5-1.3.1.x86_64.rpm rsyslog-doc-5.6.5-1.3.1.i586.rpm rsyslog-doc-5.6.5-1.3.1.x86_64.rpm rsyslog-module-dbi-5.6.5-1.3.1.i586.rpm rsyslog-module-dbi-5.6.5-1.3.1.x86_64.rpm rsyslog-module-gssapi-5.6.5-1.3.1.i586.rpm rsyslog-module-gssapi-5.6.5-1.3.1.x86_64.rpm rsyslog-module-gtls-5.6.5-1.3.1.i586.rpm rsyslog-module-gtls-5.6.5-1.3.1.x86_64.rpm rsyslog-module-mysql-5.6.5-1.3.1.i586.rpm rsyslog-module-mysql-5.6.5-1.3.1.x86_64.rpm rsyslog-module-pgsql-5.6.5-1.3.1.i586.rpm rsyslog-module-pgsql-5.6.5-1.3.1.x86_64.rpm rsyslog-module-relp-5.6.5-1.3.1.i586.rpm rsyslog-module-relp-5.6.5-1.3.1.x86_64.rpm rsyslog-module-snmp-5.6.5-1.3.1.i586.rpm rsyslog-module-snmp-5.6.5-1.3.1.x86_64.rpm rsyslog-module-udpspoof-5.6.5-1.3.1.i586.rpm rsyslog-module-udpspoof-5.6.5-1.3.1.x86_64.rpm rsyslog-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-debugsource-5.6.5-1.3.1.i586.rpm rsyslog-debugsource-5.6.5-1.3.1.x86_64.rpm rsyslog-diag-tools-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-diag-tools-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-dbi-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-dbi-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-gssapi-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-gssapi-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-gtls-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-gtls-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-mysql-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-mysql-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-pgsql-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-pgsql-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-relp-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-relp-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-snmp-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-snmp-debuginfo-5.6.5-1.3.1.x86_64.rpm rsyslog-module-udpspoof-debuginfo-5.6.5-1.3.1.i586.rpm rsyslog-module-udpspoof-debuginfo-5.6.5-1.3.1.x86_64.rpm alsa openSUSE 11.4 This update fixes a typo in the previous update; the correct path is /var/lib/alsa/asound.state alsa-1.0.24.1-4.7.1.i586.rpm alsa-1.0.24.1-4.7.1.x86_64.rpm alsa-devel-1.0.24.1-4.7.1.i586.rpm alsa-devel-1.0.24.1-4.7.1.x86_64.rpm alsa-docs-1.0.24.1-4.7.1.noarch.rpm libasound2-1.0.24.1-4.7.1.i586.rpm libasound2-1.0.24.1-4.7.1.x86_64.rpm libasound2-32bit-1.0.24.1-4.7.1.x86_64.rpm alsa-debugsource-1.0.24.1-4.7.1.i586.rpm alsa-debugsource-1.0.24.1-4.7.1.x86_64.rpm libasound2-debuginfo-1.0.24.1-4.7.1.i586.rpm libasound2-debuginfo-1.0.24.1-4.7.1.x86_64.rpm libasound2-debuginfo-32bit-1.0.24.1-4.7.1.x86_64.rpm imagewriter openSUSE 11.4 Imagewriter still requires HAL. This update removes the dependency on HAL for openSUSE 11.4 and later builds and uses udisks instead. imagewriter-1.9-2.3.1.i586.rpm imagewriter-1.9-2.3.1.x86_64.rpm imagewriter-debuginfo-1.9-2.3.1.i586.rpm imagewriter-debuginfo-1.9-2.3.1.x86_64.rpm mtools openSUSE 11.4 This update fixes a crash caused by accessing an invalid memory. mtools-4.0.15-5.6.1.i586.rpm mtools-4.0.15-5.6.1.x86_64.rpm mtools-doc-4.0.15-5.6.1.i586.rpm mtools-doc-4.0.15-5.6.1.x86_64.rpm mtools-floppyd-4.0.15-5.6.1.i586.rpm mtools-floppyd-4.0.15-5.6.1.x86_64.rpm mtools-debuginfo-4.0.15-5.6.1.i586.rpm mtools-debuginfo-4.0.15-5.6.1.x86_64.rpm mtools-debugsource-4.0.15-5.6.1.i586.rpm mtools-debugsource-4.0.15-5.6.1.x86_64.rpm mtools-floppyd-debuginfo-4.0.15-5.6.1.i586.rpm mtools-floppyd-debuginfo-4.0.15-5.6.1.x86_64.rpm iproxy openSUSE 11.4 This update fixes an issue which prevented some Apple devices from being automatically detected by the computer. It also upgrades the software to the latest version which enables connecting to the iPad 2 and optimized energy saving for the computer. iproxy-1.0.7-3.3.1.i586.rpm iproxy-1.0.7-3.3.1.x86_64.rpm libusbmuxd-devel-1.0.7-3.3.1.i586.rpm libusbmuxd-devel-1.0.7-3.3.1.x86_64.rpm libusbmuxd1-1.0.7-3.3.1.i586.rpm libusbmuxd1-1.0.7-3.3.1.x86_64.rpm usbmuxd-1.0.7-3.3.1.i586.rpm usbmuxd-1.0.7-3.3.1.x86_64.rpm iproxy-debuginfo-1.0.7-3.3.1.i586.rpm iproxy-debuginfo-1.0.7-3.3.1.x86_64.rpm libusbmuxd1-debuginfo-1.0.7-3.3.1.i586.rpm libusbmuxd1-debuginfo-1.0.7-3.3.1.x86_64.rpm usbmuxd-debuginfo-1.0.7-3.3.1.i586.rpm usbmuxd-debuginfo-1.0.7-3.3.1.x86_64.rpm usbmuxd-debugsource-1.0.7-3.3.1.i586.rpm usbmuxd-debugsource-1.0.7-3.3.1.x86_64.rpm SuSEfirewall2 openSUSE 11.4 The SuSEfirewall does not produce the reverse ESTABLISHED,RELATED rule for network forwards. Fixed by this update. SuSEfirewall2-3.6.261-3.4.1.noarch.rpm gtk2 openSUSE 11.4 this update adds a SuSEconfig script to update icon cache upon install/removal of packages. gtk2-branding-upstream-2.22.1-13.15.1.i586.rpm gtk2-branding-upstream-2.22.1-13.15.1.x86_64.rpm gtk2-data-2.22.1-13.15.1.noarch.rpm gtk2-devel-2.22.1-13.15.1.i586.rpm gtk2-devel-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-amharic-2.22.1-13.15.1.i586.rpm gtk2-immodule-amharic-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-amharic-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-inuktitut-2.22.1-13.15.1.i586.rpm gtk2-immodule-inuktitut-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-inuktitut-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-multipress-2.22.1-13.15.1.i586.rpm gtk2-immodule-multipress-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-multipress-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-thai-2.22.1-13.15.1.i586.rpm gtk2-immodule-thai-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-thai-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-vietnamese-2.22.1-13.15.1.i586.rpm gtk2-immodule-vietnamese-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-vietnamese-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-xim-2.22.1-13.15.1.i586.rpm gtk2-immodule-xim-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-xim-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodules-tigrigna-2.22.1-13.15.1.i586.rpm gtk2-immodules-tigrigna-2.22.1-13.15.1.x86_64.rpm gtk2-immodules-tigrigna-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-lang-2.22.1-13.15.1.noarch.rpm gtk2-tools-2.22.1-13.15.1.i586.rpm gtk2-tools-2.22.1-13.15.1.x86_64.rpm gtk2-tools-32bit-2.22.1-13.15.1.x86_64.rpm libgtk-2_0-0-2.22.1-13.15.1.i586.rpm libgtk-2_0-0-2.22.1-13.15.1.x86_64.rpm libgtk-2_0-0-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-debugsource-2.22.1-13.15.1.i586.rpm gtk2-debugsource-2.22.1-13.15.1.x86_64.rpm gtk2-devel-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-devel-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-amharic-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-amharic-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-amharic-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-inuktitut-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-inuktitut-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-inuktitut-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-multipress-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-multipress-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-multipress-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-thai-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-thai-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-thai-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-vietnamese-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-vietnamese-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-vietnamese-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-xim-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodule-xim-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodule-xim-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-immodules-tigrigna-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-immodules-tigrigna-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-immodules-tigrigna-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm gtk2-tools-debuginfo-2.22.1-13.15.1.i586.rpm gtk2-tools-debuginfo-2.22.1-13.15.1.x86_64.rpm gtk2-tools-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm libgtk-2_0-0-debuginfo-2.22.1-13.15.1.i586.rpm libgtk-2_0-0-debuginfo-2.22.1-13.15.1.x86_64.rpm libgtk-2_0-0-debuginfo-32bit-2.22.1-13.15.1.x86_64.rpm banshee-1 openSUSE 11.4 Banshee was updated to the final 2.0.0 release. - bnc#685002: Update Banshee to 2.0.0 - bug fixes only banshee-1-2.0.0-0.3.2.i586.rpm banshee-1-2.0.0-0.3.2.x86_64.rpm banshee-1-backend-engine-gstreamer-2.0.0-0.3.2.i586.rpm banshee-1-backend-engine-gstreamer-2.0.0-0.3.2.x86_64.rpm banshee-1-backend-io-gio-2.0.0-0.3.2.i586.rpm banshee-1-backend-io-gio-2.0.0-0.3.2.x86_64.rpm banshee-1-backend-platform-gnome-2.0.0-0.3.2.i586.rpm banshee-1-backend-platform-gnome-2.0.0-0.3.2.x86_64.rpm banshee-1-backend-platform-unix-2.0.0-0.3.2.i586.rpm banshee-1-backend-platform-unix-2.0.0-0.3.2.x86_64.rpm banshee-1-client-classic-2.0.0-0.3.2.i586.rpm banshee-1-client-classic-2.0.0-0.3.2.x86_64.rpm banshee-1-client-muinshee-2.0.0-0.3.2.i586.rpm banshee-1-client-muinshee-2.0.0-0.3.2.x86_64.rpm banshee-1-core-2.0.0-0.3.2.i586.rpm banshee-1-core-2.0.0-0.3.2.x86_64.rpm banshee-1-devel-2.0.0-0.3.2.i586.rpm banshee-1-devel-2.0.0-0.3.2.x86_64.rpm banshee-1-dmp-2.0.0-0.3.2.i586.rpm banshee-1-dmp-2.0.0-0.3.2.x86_64.rpm banshee-1-dmp-apple-devices-2.0.0-0.3.2.i586.rpm banshee-1-dmp-apple-devices-2.0.0-0.3.2.x86_64.rpm banshee-1-dmp-mtp-2.0.0-0.3.2.i586.rpm banshee-1-dmp-mtp-2.0.0-0.3.2.x86_64.rpm banshee-1-extensions-boo-2.0.0-0.3.2.i586.rpm banshee-1-extensions-boo-2.0.0-0.3.2.x86_64.rpm banshee-1-extensions-default-2.0.0-0.3.2.i586.rpm banshee-1-extensions-default-2.0.0-0.3.2.x86_64.rpm banshee-1-lang-2.0.0-0.3.2.noarch.rpm gio-sharp-2.22.3-0.3.1.i586.rpm gio-sharp-2.22.3-0.3.1.x86_64.rpm gio-sharp-devel-2.22.3-0.3.1.i586.rpm gio-sharp-devel-2.22.3-0.3.1.x86_64.rpm libgpod-devel-0.8.0-5.6.1.i586.rpm libgpod-devel-0.8.0-5.6.1.x86_64.rpm libgpod-doc-0.8.0-5.6.1.i586.rpm libgpod-doc-0.8.0-5.6.1.x86_64.rpm libgpod-lang-0.8.0-5.6.1.noarch.rpm libgpod-sharp-0.8.0-5.6.1.i586.rpm libgpod-sharp-0.8.0-5.6.1.x86_64.rpm libgpod-tools-0.8.0-5.6.1.i586.rpm libgpod-tools-0.8.0-5.6.1.x86_64.rpm libgpod4-0.8.0-5.6.1.i586.rpm libgpod4-0.8.0-5.6.1.x86_64.rpm python-gpod-0.8.0-5.6.1.i586.rpm python-gpod-0.8.0-5.6.1.x86_64.rpm banshee-1-backend-engine-gstreamer-debuginfo-2.0.0-0.3.2.i586.rpm banshee-1-backend-engine-gstreamer-debuginfo-2.0.0-0.3.2.x86_64.rpm banshee-1-backend-platform-gnome-debuginfo-2.0.0-0.3.2.i586.rpm banshee-1-backend-platform-gnome-debuginfo-2.0.0-0.3.2.x86_64.rpm banshee-1-debugsource-2.0.0-0.3.2.i586.rpm banshee-1-debugsource-2.0.0-0.3.2.x86_64.rpm banshee-1-extensions-default-debuginfo-2.0.0-0.3.2.i586.rpm banshee-1-extensions-default-debuginfo-2.0.0-0.3.2.x86_64.rpm libgpod-debugsource-0.8.0-5.6.1.i586.rpm libgpod-debugsource-0.8.0-5.6.1.x86_64.rpm libgpod-tools-debuginfo-0.8.0-5.6.1.i586.rpm libgpod-tools-debuginfo-0.8.0-5.6.1.x86_64.rpm libgpod4-debuginfo-0.8.0-5.6.1.i586.rpm libgpod4-debuginfo-0.8.0-5.6.1.x86_64.rpm python-gpod-debuginfo-0.8.0-5.6.1.i586.rpm python-gpod-debuginfo-0.8.0-5.6.1.x86_64.rpm gnome-screensaver openSUSE 11.4 This update fixes the deadlock in the password dialog after password input timed out. gnome-screensaver-2.30.2-13.14.1.i586.rpm gnome-screensaver-2.30.2-13.14.1.x86_64.rpm gnome-screensaver-extra-2.30.2-13.14.1.noarch.rpm gnome-screensaver-lang-2.30.2-13.14.1.noarch.rpm gnome-screensaver-debuginfo-2.30.2-13.14.1.i586.rpm gnome-screensaver-debuginfo-2.30.2-13.14.1.x86_64.rpm gnome-screensaver-debugsource-2.30.2-13.14.1.i586.rpm gnome-screensaver-debugsource-2.30.2-13.14.1.x86_64.rpm libpulse-browse0 openSUSE 11.4 This update corrects the handling of /etc/mplayer/mplayer.conf in setup-pulseaudio libpulse-browse0-0.9.22-6.11.1.i586.rpm libpulse-browse0-0.9.22-6.11.1.x86_64.rpm libpulse-devel-0.9.22-6.11.1.i586.rpm libpulse-devel-0.9.22-6.11.1.x86_64.rpm libpulse-mainloop-glib0-0.9.22-6.11.1.i586.rpm libpulse-mainloop-glib0-0.9.22-6.11.1.x86_64.rpm libpulse-mainloop-glib0-32bit-0.9.22-6.11.1.x86_64.rpm libpulse0-0.9.22-6.11.1.i586.rpm libpulse0-0.9.22-6.11.1.x86_64.rpm libpulse0-32bit-0.9.22-6.11.1.x86_64.rpm pulseaudio-0.9.22-6.11.1.i586.rpm pulseaudio-0.9.22-6.11.1.x86_64.rpm pulseaudio-esound-compat-0.9.22-6.11.1.i586.rpm pulseaudio-esound-compat-0.9.22-6.11.1.x86_64.rpm pulseaudio-gdm-hooks-0.9.22-6.11.1.i586.rpm pulseaudio-gdm-hooks-0.9.22-6.11.1.x86_64.rpm pulseaudio-lang-0.9.22-6.11.1.noarch.rpm pulseaudio-module-bluetooth-0.9.22-6.11.1.i586.rpm pulseaudio-module-bluetooth-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-gconf-0.9.22-6.11.1.i586.rpm pulseaudio-module-gconf-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-jack-0.9.22-6.11.1.i586.rpm pulseaudio-module-jack-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-lirc-0.9.22-6.11.1.i586.rpm pulseaudio-module-lirc-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-x11-0.9.22-6.11.1.i586.rpm pulseaudio-module-x11-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-zeroconf-0.9.22-6.11.1.i586.rpm pulseaudio-module-zeroconf-0.9.22-6.11.1.x86_64.rpm pulseaudio-utils-0.9.22-6.11.1.i586.rpm pulseaudio-utils-0.9.22-6.11.1.x86_64.rpm libpulse-browse0-debuginfo-0.9.22-6.11.1.i586.rpm libpulse-browse0-debuginfo-0.9.22-6.11.1.x86_64.rpm libpulse-mainloop-glib0-debuginfo-0.9.22-6.11.1.i586.rpm libpulse-mainloop-glib0-debuginfo-0.9.22-6.11.1.x86_64.rpm libpulse-mainloop-glib0-debuginfo-32bit-0.9.22-6.11.1.x86_64.rpm libpulse0-debuginfo-0.9.22-6.11.1.i586.rpm libpulse0-debuginfo-0.9.22-6.11.1.x86_64.rpm libpulse0-debuginfo-32bit-0.9.22-6.11.1.x86_64.rpm pulseaudio-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-debugsource-0.9.22-6.11.1.i586.rpm pulseaudio-debugsource-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-bluetooth-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-bluetooth-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-gconf-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-gconf-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-jack-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-jack-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-lirc-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-lirc-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-x11-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-x11-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-module-zeroconf-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-module-zeroconf-debuginfo-0.9.22-6.11.1.x86_64.rpm pulseaudio-utils-debuginfo-0.9.22-6.11.1.i586.rpm pulseaudio-utils-debuginfo-0.9.22-6.11.1.x86_64.rpm python-nautilus openSUSE 11.4 This update bring python-nautilus to version 0.7.2. Containing also a fix for: - error from python if it is imported to nautilus python-nautilus-0.7.2-0.3.1.i586.rpm python-nautilus-0.7.2-0.3.1.x86_64.rpm python-nautilus-devel-0.7.2-0.3.1.i586.rpm python-nautilus-devel-0.7.2-0.3.1.x86_64.rpm python-nautilus-debuginfo-0.7.2-0.3.1.i586.rpm python-nautilus-debuginfo-0.7.2-0.3.1.x86_64.rpm python-nautilus-debugsource-0.7.2-0.3.1.i586.rpm python-nautilus-debugsource-0.7.2-0.3.1.x86_64.rpm wireshark openSUSE 11.4 Wireshark was updated to version 1.4.4 to fix several security issues (CVE-2011-1138, CVE-2011-1139, CVE-2011-1140 CVE-2011-1143). wireshark-1.4.4-0.3.1.i586.rpm wireshark-1.4.4-0.3.1.x86_64.rpm wireshark-devel-1.4.4-0.3.1.i586.rpm wireshark-devel-1.4.4-0.3.1.x86_64.rpm wireshark-debuginfo-1.4.4-0.3.1.i586.rpm wireshark-debuginfo-1.4.4-0.3.1.x86_64.rpm wireshark-debugsource-1.4.4-0.3.1.i586.rpm wireshark-debugsource-1.4.4-0.3.1.x86_64.rpm libmodplug openSUSE 11.4 Libmodplug is vulnerable to a stack based buffer overflow when handling malicious S3M media files. CVE-2011-1574 has been assigned to this issue. libmodplug-devel-0.8.7-10.11.1.i586.rpm libmodplug-devel-0.8.7-10.11.1.x86_64.rpm libmodplug0-0.8.7-10.11.1.i586.rpm libmodplug0-0.8.7-10.11.1.x86_64.rpm libmodplug0-32bit-0.8.7-10.11.1.x86_64.rpm libmodplug-debugsource-0.8.7-10.11.1.i586.rpm libmodplug-debugsource-0.8.7-10.11.1.x86_64.rpm libmodplug0-debuginfo-0.8.7-10.11.1.i586.rpm libmodplug0-debuginfo-0.8.7-10.11.1.x86_64.rpm libmodplug0-debuginfo-32bit-0.8.7-10.11.1.x86_64.rpm pure-ftpd openSUSE 11.4 Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. pure-ftpd-1.0.29-8.9.1.i586.rpm pure-ftpd-1.0.29-8.9.1.x86_64.rpm pure-ftpd-debuginfo-1.0.29-8.9.1.i586.rpm pure-ftpd-debuginfo-1.0.29-8.9.1.x86_64.rpm pure-ftpd-debugsource-1.0.29-8.9.1.i586.rpm pure-ftpd-debugsource-1.0.29-8.9.1.x86_64.rpm ktorrent openSUSE 11.4 KTorrent was updated from a release candidate to the 4.1.0 final release. - #685133: openSUSE 11.4 ships a non-final version of KTorrent ktorrent-4.1.0-1.5.1.i586.rpm ktorrent-4.1.0-1.5.1.x86_64.rpm ktorrent-lang-4.1.0-1.5.1.noarch.rpm libktorrent-devel-1.1.0-1.3.1.i586.rpm libktorrent-devel-1.1.0-1.3.1.x86_64.rpm libktorrent3-1.1.0-1.3.1.i586.rpm libktorrent3-1.1.0-1.3.1.x86_64.rpm libktorrent3-lang-1.1.0-1.3.1.noarch.rpm ktorrent-debuginfo-4.1.0-1.5.1.i586.rpm ktorrent-debuginfo-4.1.0-1.5.1.x86_64.rpm ktorrent-debugsource-4.1.0-1.5.1.i586.rpm ktorrent-debugsource-4.1.0-1.5.1.x86_64.rpm libktorrent-debugsource-1.1.0-1.3.1.i586.rpm libktorrent-debugsource-1.1.0-1.3.1.x86_64.rpm libktorrent3-debuginfo-1.1.0-1.3.1.i586.rpm libktorrent3-debuginfo-1.1.0-1.3.1.x86_64.rpm dhcpcd openSUSE 11.4 A rogue dhcp server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the dhcp client needs to sanitize the host name offered by the server (CVE-2011-0996). This update also fixes packet handling with xen partial UDP checksums. dhcpcd-3.2.3-66.67.1.i586.rpm dhcpcd-3.2.3-66.67.1.x86_64.rpm dhcpcd-debuginfo-3.2.3-66.67.1.i586.rpm dhcpcd-debuginfo-3.2.3-66.67.1.x86_64.rpm dhcpcd-debugsource-3.2.3-66.67.1.i586.rpm dhcpcd-debugsource-3.2.3-66.67.1.x86_64.rpm yast2-gtk openSUSE 11.4 The gtk interface of YaST was crashing with a segmentation fault when using the firewall module and selecting "Internal Zone" from the Allowed Services. Fixed by this update. yast2-gtk-2.21.93-1.3.1.i586.rpm yast2-gtk-2.21.93-1.3.1.x86_64.rpm yast2-gtk-debuginfo-2.21.93-1.3.1.i586.rpm yast2-gtk-debuginfo-2.21.93-1.3.1.x86_64.rpm yast2-gtk-debugsource-2.21.93-1.3.1.i586.rpm yast2-gtk-debugsource-2.21.93-1.3.1.x86_64.rpm krb5 openSUSE 11.4 A remote attacker may be able to make kadmind free an invalid pointer, leading to a crash of the service (CVE-2011-0285). krb5-1.8.3-16.17.1.i586.rpm krb5-1.8.3-16.17.1.x86_64.rpm krb5-32bit-1.8.3-16.17.1.x86_64.rpm krb5-client-1.8.3-16.17.1.i586.rpm krb5-client-1.8.3-16.17.1.x86_64.rpm krb5-devel-1.8.3-16.17.1.i586.rpm krb5-devel-1.8.3-16.17.1.x86_64.rpm krb5-devel-32bit-1.8.3-16.17.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-16.17.1.i586.rpm krb5-plugin-kdb-ldap-1.8.3-16.17.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-16.17.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-16.17.1.x86_64.rpm krb5-server-1.8.3-16.17.1.i586.rpm krb5-server-1.8.3-16.17.1.x86_64.rpm krb5-client-debuginfo-1.8.3-16.17.1.i586.rpm krb5-client-debuginfo-1.8.3-16.17.1.x86_64.rpm krb5-debuginfo-1.8.3-16.17.1.i586.rpm krb5-debuginfo-1.8.3-16.17.1.x86_64.rpm krb5-debuginfo-32bit-1.8.3-16.17.1.x86_64.rpm krb5-debugsource-1.8.3-16.17.1.i586.rpm krb5-debugsource-1.8.3-16.17.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.17.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.17.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.17.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.17.1.x86_64.rpm krb5-server-debuginfo-1.8.3-16.17.1.i586.rpm krb5-server-debuginfo-1.8.3-16.17.1.x86_64.rpm libtiff-devel openSUSE 11.4 Specially crafted tiff files could cause a heap-based buffer overflow in the thunder- and ojpeg-decoders (CVE-2011-1167, CVE-2009-5022). Directories with a large number of files could cause an integer overflow in the tiffdump tool (CVE-2010-4665) libtiff-devel-3.9.4-3.7.1.i586.rpm libtiff-devel-3.9.4-3.7.1.x86_64.rpm libtiff-devel-32bit-3.9.4-3.7.1.x86_64.rpm libtiff3-3.9.4-3.7.1.i586.rpm libtiff3-3.9.4-3.7.1.x86_64.rpm libtiff3-32bit-3.9.4-3.7.1.x86_64.rpm tiff-3.9.4-3.7.1.i586.rpm tiff-3.9.4-3.7.1.x86_64.rpm libtiff3-debuginfo-3.9.4-3.7.1.i586.rpm libtiff3-debuginfo-3.9.4-3.7.1.x86_64.rpm libtiff3-debuginfo-32bit-3.9.4-3.7.1.x86_64.rpm tiff-debuginfo-3.9.4-3.7.1.i586.rpm tiff-debuginfo-3.9.4-3.7.1.x86_64.rpm tiff-debugsource-3.9.4-3.7.1.i586.rpm tiff-debugsource-3.9.4-3.7.1.x86_64.rpm yast2-kerberos-server openSUSE 11.4 This update fix the following issue: * LDAP based Kerberos Server configuration fails with TLS error * Use input field widget for date and time if specialized widgets do not exist. yast2-kerberos-server-2.20.0-0.3.1.noarch.rpm flash-player openSUSE 11.4 Specially crafted Flash files could be exploited to execute arbitrary code (CVE-2011-0611). flash-player-10.2.159.1-0.2.1.i586.rpm kdelibs4 openSUSE 11.4 A XSS vulnerability in the way KHTML handles error pages has been fixed. CVE-2011-1168 has been assigned to this issue. kdelibs4-4.6.0-6.15.1.i586.rpm kdelibs4-4.6.0-6.15.1.x86_64.rpm kdelibs4-branding-upstream-4.6.0-6.15.1.i586.rpm kdelibs4-branding-upstream-4.6.0-6.15.1.x86_64.rpm kdelibs4-core-4.6.0-6.15.1.i586.rpm kdelibs4-core-4.6.0-6.15.1.x86_64.rpm kdelibs4-doc-4.6.0-6.15.1.i586.rpm kdelibs4-doc-4.6.0-6.15.1.x86_64.rpm libkde4-4.6.0-6.15.1.i586.rpm libkde4-4.6.0-6.15.1.x86_64.rpm libkde4-32bit-4.6.0-6.15.1.x86_64.rpm libkde4-devel-4.6.0-6.15.1.i586.rpm libkde4-devel-4.6.0-6.15.1.x86_64.rpm libkdecore4-4.6.0-6.15.1.i586.rpm libkdecore4-4.6.0-6.15.1.x86_64.rpm libkdecore4-32bit-4.6.0-6.15.1.x86_64.rpm libkdecore4-devel-4.6.0-6.15.1.i586.rpm libkdecore4-devel-4.6.0-6.15.1.x86_64.rpm libksuseinstall-devel-4.6.0-6.15.1.i586.rpm libksuseinstall-devel-4.6.0-6.15.1.x86_64.rpm libksuseinstall1-4.6.0-6.15.1.i586.rpm libksuseinstall1-4.6.0-6.15.1.x86_64.rpm libksuseinstall1-32bit-4.6.0-6.15.1.x86_64.rpm kdelibs4-core-debuginfo-4.6.0-6.15.1.i586.rpm kdelibs4-core-debuginfo-4.6.0-6.15.1.x86_64.rpm kdelibs4-debuginfo-4.6.0-6.15.1.i586.rpm kdelibs4-debuginfo-4.6.0-6.15.1.x86_64.rpm kdelibs4-debugsource-4.6.0-6.15.1.i586.rpm kdelibs4-debugsource-4.6.0-6.15.1.x86_64.rpm kdelibs4-doc-debuginfo-4.6.0-6.15.1.i586.rpm kdelibs4-doc-debuginfo-4.6.0-6.15.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.15.1.i586.rpm libkde4-debuginfo-4.6.0-6.15.1.x86_64.rpm libkde4-debuginfo-32bit-4.6.0-6.15.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.15.1.i586.rpm libkdecore4-debuginfo-4.6.0-6.15.1.x86_64.rpm libkdecore4-debuginfo-32bit-4.6.0-6.15.1.x86_64.rpm libkdecore4-devel-debuginfo-4.6.0-6.15.1.i586.rpm libkdecore4-devel-debuginfo-4.6.0-6.15.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.15.1.i586.rpm libksuseinstall1-debuginfo-4.6.0-6.15.1.x86_64.rpm libksuseinstall1-debuginfo-32bit-4.6.0-6.15.1.x86_64.rpm xorg-x11-driver-video openSUSE 11.4 - #666704: intel: KDE effects make text editing worse (was: emacs cursor does not work right with desktop effects enabled) Enabling compositing on intel graphics chips causes problems for emacs and other various programs because window damage is not correctly restored. This results in a missing cursor for emacs and apparent random greeking of text in other applications - bnc #680921: fixes partial screen distortion on Sandybridge visible in KDE (bfo#35808) xorg-x11-driver-video-7.6-53.56.1.i586.rpm xorg-x11-driver-video-7.6-53.56.1.x86_64.rpm xorg-x11-driver-video-32bit-7.6-53.56.1.x86_64.rpm xorg-x11-driver-video-debuginfo-7.6-53.56.1.i586.rpm xorg-x11-driver-video-debuginfo-7.6-53.56.1.x86_64.rpm xorg-x11-driver-video-debuginfo-32bit-7.6-53.56.1.x86_64.rpm xorg-x11-driver-video-debugsource-7.6-53.56.1.i586.rpm xorg-x11-driver-video-debugsource-7.6-53.56.1.x86_64.rpm dhcpcd openSUSE 11.4 A rogue dhcp server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the dhcp client needs to sanitize the host name offered by the server (CVE-2011-0996). Note this update is actually just a re-release of the previous one. The security fix made dhcpcd crash if the DHCP server sent a SIP option that was not decodable. dhcpcd-3.2.3-66.69.1.i586.rpm dhcpcd-3.2.3-66.69.1.x86_64.rpm dhcpcd-debuginfo-3.2.3-66.69.1.i586.rpm dhcpcd-debuginfo-3.2.3-66.69.1.x86_64.rpm dhcpcd-debugsource-3.2.3-66.69.1.i586.rpm dhcpcd-debugsource-3.2.3-66.69.1.x86_64.rpm NetworkManager-gnome openSUSE 11.4 NetworkManager-gnome's applet doesn't seem to depend on crucial icons. This update adds a working default icon. NetworkManager-gnome-0.8.2-9.10.1.i586.rpm NetworkManager-gnome-0.8.2-9.10.1.x86_64.rpm NetworkManager-gnome-lang-0.8.2-9.10.1.noarch.rpm NetworkManager-gnome-debuginfo-0.8.2-9.10.1.i586.rpm NetworkManager-gnome-debuginfo-0.8.2-9.10.1.x86_64.rpm NetworkManager-gnome-debugsource-0.8.2-9.10.1.i586.rpm NetworkManager-gnome-debugsource-0.8.2-9.10.1.x86_64.rpm mutt openSUSE 11.4 This update fixes a crash that occurs when the mbox file is bigger than 2GB on a 32bit architecture. mutt-1.5.21-14.15.1.i586.rpm mutt-1.5.21-14.15.1.x86_64.rpm mutt-debuginfo-1.5.21-14.15.1.i586.rpm mutt-debuginfo-1.5.21-14.15.1.x86_64.rpm mutt-debugsource-1.5.21-14.15.1.i586.rpm mutt-debugsource-1.5.21-14.15.1.x86_64.rpm pam_ssh openSUSE 11.4 This update fixes a double-free in pam_ssh. pam_ssh-1.97-11.12.1.i586.rpm pam_ssh-1.97-11.12.1.x86_64.rpm pam_ssh-32bit-1.97-11.12.1.x86_64.rpm pam_ssh-debuginfo-1.97-11.12.1.i586.rpm pam_ssh-debuginfo-1.97-11.12.1.x86_64.rpm pam_ssh-debuginfo-32bit-1.97-11.12.1.x86_64.rpm pam_ssh-debugsource-1.97-11.12.1.i586.rpm pam_ssh-debugsource-1.97-11.12.1.x86_64.rpm yast2-ldap-client openSUSE 11.4 The following bugs are fixed by this update: #680184: yast2 ldap does not save sssd settings #680848: command line support for sssd #681818: ldap entries not removed from nsswitch when sssd turned on yast2-ldap-client-2.20.14.1-0.3.1.noarch.rpm libreoffice-languagetool openSUSE 11.4 This update is necessary if you want to write with input methods in LibreOffice and KDE4 (bnc#665112). It also fixes the installation of the LibreOffice LanguageTool extension to work on both 32-bit and 64-bit systems (bnc#677354). libreoffice-languagetool-1.2-6.7.2.noarch.rpm libreoffice-languagetool-ca-1.2-6.7.2.noarch.rpm libreoffice-languagetool-de-1.2-6.7.2.noarch.rpm libreoffice-languagetool-en-1.2-6.7.2.noarch.rpm libreoffice-languagetool-es-1.2-6.7.2.noarch.rpm libreoffice-languagetool-fr-1.2-6.7.2.noarch.rpm libreoffice-languagetool-gl-1.2-6.7.2.noarch.rpm libreoffice-languagetool-it-1.2-6.7.2.noarch.rpm libreoffice-languagetool-nl-1.2-6.7.2.noarch.rpm libreoffice-languagetool-pl-1.2-6.7.2.noarch.rpm libreoffice-languagetool-ro-1.2-6.7.2.noarch.rpm libreoffice-languagetool-ru-1.2-6.7.2.noarch.rpm libreoffice-languagetool-sk-1.2-6.7.2.noarch.rpm libreoffice-languagetool-sv-1.2-6.7.2.noarch.rpm libreoffice-libs-gui-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-3.3.1.2-1.4.1.x86_64.rpm libreoffice-libs-gui-devel-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-devel-3.3.1.2-1.4.1.x86_64.rpm libreoffice-libs-gui-l10n-prebuilt-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-l10n-prebuilt-3.3.1.2-1.4.1.x86_64.rpm libreoffice-libs-gui-debuginfo-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-debuginfo-3.3.1.2-1.4.1.x86_64.rpm libreoffice-libs-gui-debugsource-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-debugsource-3.3.1.2-1.4.1.x86_64.rpm libreoffice-libs-gui-devel-debuginfo-3.3.1.2-1.4.1.i586.rpm libreoffice-libs-gui-devel-debuginfo-3.3.1.2-1.4.1.x86_64.rpm kernel openSUSE 11.4 The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-1493: In the rose networking stack, when parsing the FAC_NATIONAL_DIGIS facilities field, it was possible for a remote host to provide more digipeaters than expected, resulting in heap corruption. Check against ROSE_MAX_DIGIS to prevent overflows, and abort facilities parsing on failure. CVE-2011-1182: Local attackers could send signals to their programs that looked like coming from the kernel, potentially gaining privileges in the context of setuid programs. CVE-2011-1478: An issue in the core GRO code where an skb belonging to an unknown VLAN is reused could result in a NULL pointer dereference. CVE-2011-1476: Specially crafted requests may be written to /dev/sequencer resulting in an underflow when calculating a size for a copy_from_user() operation in the driver for MIDI interfaces. On x86, this just returns an error, but it could have caused memory corruption on other architectures. Other malformed requests could have resulted in the use of uninitialized variables. CVE-2011-1477: Due to a failure to validate user-supplied indexes in the driver for Yamaha YM3812 and OPL-3 chips, a specially crafted ioctl request could have been sent to /dev/sequencer, resulting in reading and writing beyond the bounds of heap buffers, and potentially allowing privilege escalation. CVE-2011-0191: A information leak in the XFS geometry calls could be used by local attackers to gain access to kernel information. CVE-2011-0711: A stack memory information leak in the xfs FSGEOMETRY_V1 ioctl was fixed. CVE-2011-0521: The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel did not check the sign of a certain integer field, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. CVE-2011-1010: The code for evaluating Mac partitions (in fs/partitions/mac.c) contained a bug that could crash the kernel for certain corrupted Mac partitions. CVE-2011-0712: Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel might have allowed attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c. CVE-2011-1013: A signedness issue in the drm ioctl handling could be used by local attackers to potentially overflow kernel buffers and execute code. CVE-2011-1082: The epoll subsystem in Linux did not prevent users from creating circular epoll file structures, potentially leading to a denial of service (kernel deadlock). CVE-2010-4650: A kernel buffer overflow in the cuse server module was fixed, which might have allowed local privilege escalation. However only CUSE servers could exploit it and /dev/cuse is normally restricted to root. CVE-2011-1093: A bug was fixed in the DCCP networking stack where the order of dccp_rcv_state_process() still permitted reception even after closing the socket. A Reset after close thus causes a NULL pointer dereference by not preventing operations on an already torn-down socket. CVE-2011-1163: The code for evaluating OSF partitions (in fs/partitions/osf.c) contained a bug that leaks data from kernel heap memory to userspace for certain corrupted OSF partitions. CVE-2011-1012: The code for evaluating LDM partitions (in fs/partitions/ldm.c) contained a bug that could crash the kernel for certain corrupted LDM partitions. CVE-2011-1581: Doing bridging with devices with more than 16 receive queues could crash the kernel. CVE-2011-1160: Kernel information via the TPM devices could by used by local attackers to read kernel memory. CVE-2011-1577: The Linux kernel automatically evaluated partition tables of storage devices. The code for evaluating EFI GUID partitions (in fs/partitions/efi.c) contained a bug that causes a kernel oops on certain corrupted GUID partition tables, which might be used by local attackers to crash the kernel or potentially execute code. CVE-2011-1180: In the IrDA module, length fields provided by a peer for names and attributes may be longer than the destination array sizes and were not checked, this allowed local attackers (close to the irda port) to potentially corrupt memory. CVE-2011-1016: The Radeon GPU drivers in the Linux kernel did not properly validate data related to the AA resolve registers, which allowed local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values. kernel-debug-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-debug-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-debug-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-devel-2.6.37.6-0.5.1.noarch.rpm 1 kernel-docs-2.6.37.6-0.5.1.noarch.rpm 1 kernel-ec2-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-extra-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-extra-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-pae-2.6.37.6-0.5.1.i586.rpm 1 kernel-pae-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-pae-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-source-2.6.37.6-0.5.1.noarch.rpm 1 kernel-source-vanilla-2.6.37.6-0.5.1.noarch.rpm 1 kernel-syms-2.6.37.6-0.5.1.i586.rpm 1 kernel-syms-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-devel-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vmi-2.6.37.6-0.5.1.i586.rpm 1 kernel-vmi-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-vmi-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-xen-base-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-base-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-xen-devel-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-devel-2.6.37.6-0.5.1.x86_64.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.5-6.7.3.i586.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.5-6.7.3.x86_64.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.5-6.7.3.i586.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.5-6.7.3.x86_64.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-debug-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-pae-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-pae-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-pae-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-pae-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-vmi-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-vmi-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-vmi-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-vmi-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-xen-debugsource-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-debugsource-2.6.37.6-0.5.1.x86_64.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.5.1.i586.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.5.1.x86_64.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.5-6.7.3.i586.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.5-6.7.3.x86_64.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.5-6.7.3.i586.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.5-6.7.3.x86_64.rpm 1 libpolkit0 openSUSE 11.4 A race condition exists in pkexec while trying to determine its caller which could lead to privilege escalation. CVE-2011-1485 has been assigned to this issue. libpolkit0-0.99-5.6.1.i586.rpm libpolkit0-0.99-5.6.1.x86_64.rpm libpolkit0-32bit-0.99-5.6.1.x86_64.rpm polkit-0.99-5.6.1.i586.rpm polkit-0.99-5.6.1.x86_64.rpm polkit-devel-0.99-5.6.1.i586.rpm polkit-devel-0.99-5.6.1.x86_64.rpm polkit-doc-0.99-5.6.1.noarch.rpm libpolkit0-debuginfo-0.99-5.6.1.i586.rpm libpolkit0-debuginfo-0.99-5.6.1.x86_64.rpm libpolkit0-debuginfo-32bit-0.99-5.6.1.x86_64.rpm polkit-debuginfo-0.99-5.6.1.i586.rpm polkit-debuginfo-0.99-5.6.1.x86_64.rpm polkit-debugsource-0.99-5.6.1.i586.rpm polkit-debugsource-0.99-5.6.1.x86_64.rpm polkit-devel-debuginfo-0.99-5.6.1.i586.rpm polkit-devel-debuginfo-0.99-5.6.1.x86_64.rpm udisks openSUSE 11.4 This update of udisks improves input validation. Before it was possible to load arbitrary LKMs. (CVE-2010-4661: CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P): unknown (unknown) ) udisks-1.0.2-3.4.1.i586.rpm udisks-1.0.2-3.4.1.x86_64.rpm udisks-devel-1.0.2-3.4.1.i586.rpm udisks-devel-1.0.2-3.4.1.x86_64.rpm udisks-debuginfo-1.0.2-3.4.1.i586.rpm udisks-debuginfo-1.0.2-3.4.1.x86_64.rpm udisks-debugsource-1.0.2-3.4.1.i586.rpm udisks-debugsource-1.0.2-3.4.1.x86_64.rpm python-feedparser openSUSE 11.4 This update fixes a crash in python-feedparser when it is parsing some feeds. python-feedparser-4.1-9.12.1.noarch.rpm libvarnish1 openSUSE 11.4 This update contains fixes for the following problems: - Fix security-problematic ownership of /etc/varnish files (bnc#678811) - Run spec-beautifier over it - Replace default shipped vcl.conf by a working one - Run as varnish user - Start varnishlog together with varnishd - Properly use PID files in init script - Create and package /var/log/varnish libvarnish1-2.1.3-3.4.1.i586.rpm libvarnish1-2.1.3-3.4.1.x86_64.rpm varnish-2.1.3-3.4.1.i586.rpm varnish-2.1.3-3.4.1.x86_64.rpm varnish-devel-2.1.3-3.4.1.i586.rpm varnish-devel-2.1.3-3.4.1.x86_64.rpm libvarnish1-debuginfo-2.1.3-3.4.1.i586.rpm libvarnish1-debuginfo-2.1.3-3.4.1.x86_64.rpm varnish-debuginfo-2.1.3-3.4.1.i586.rpm varnish-debuginfo-2.1.3-3.4.1.x86_64.rpm varnish-debugsource-2.1.3-3.4.1.i586.rpm varnish-debugsource-2.1.3-3.4.1.x86_64.rpm xorg-x11-Xvnc openSUSE 11.4 Enable the use of all local keyboard layouts, independent of remotely set layout. Also improve support when switching the remote layout by enabling layouts that use AltGr for certain characters. xorg-x11-Xvnc-7.6_1.9.3-15.20.1.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.20.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.20.1.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.20.1.x86_64.rpm release-notes-openSUSE openSUSE 11.4 This release note updates contains fixes for the following bugs: * New entries: Intel SSD Drives Causing System Hangs (bnc#678743), * Removing the Xorg setUID Bit (bnc#632737) * Default download mode needs More Space (bnc#684104) * minimum server software selection pattern is broken (bnc#686397) * Update translations > 50% (da es fi fr gl hu it ja km lt nb nl pt_BR ru); remove less translated languages release-notes-openSUSE-11.4.4-0.3.1.noarch.rpm ModemManager openSUSE 11.4 - 674331: ModemManager spams dmesg ModemManager-0.4-8.9.1.i586.rpm ModemManager-0.4-8.9.1.x86_64.rpm ModemManager-debuginfo-0.4-8.9.1.i586.rpm ModemManager-debuginfo-0.4-8.9.1.x86_64.rpm ModemManager-debugsource-0.4-8.9.1.i586.rpm ModemManager-debugsource-0.4-8.9.1.x86_64.rpm NetworkManager openSUSE 11.4 This update fixes 2 NetworkManager problems: - #687001: NetworkManager 0.8.2 fills up /var/log/warn with user_proxy_init() errors - #681072: NetworkManager floods /var/log/messages with useless messages NetworkManager-0.8.2-15.22.1.i586.rpm NetworkManager-0.8.2-15.22.1.x86_64.rpm NetworkManager-devel-0.8.2-15.22.1.i586.rpm NetworkManager-devel-0.8.2-15.22.1.x86_64.rpm NetworkManager-doc-0.8.2-15.22.1.i586.rpm NetworkManager-doc-0.8.2-15.22.1.x86_64.rpm NetworkManager-glib-0.8.2-15.22.1.i586.rpm NetworkManager-glib-0.8.2-15.22.1.x86_64.rpm NetworkManager-lang-0.8.2-15.22.1.noarch.rpm NetworkManager-debuginfo-0.8.2-15.22.1.i586.rpm NetworkManager-debuginfo-0.8.2-15.22.1.x86_64.rpm NetworkManager-debugsource-0.8.2-15.22.1.i586.rpm NetworkManager-debugsource-0.8.2-15.22.1.x86_64.rpm NetworkManager-glib-debuginfo-0.8.2-15.22.1.i586.rpm NetworkManager-glib-debuginfo-0.8.2-15.22.1.x86_64.rpm cups openSUSE 11.4 The CUPS upstream default "RIPCache 8m" is too small for nowadays higher resolution printing and can cause various kind of printout failures (see CUPS STR 3535 at http://www.cups.org/str.php?L3535 and the openSUSE Bugzilla bug 628233 and http://en.opensuse.org/Portal:Printing). Such issues are avoided with a default "RIPCache 128m" setting. If needed a higher value can be explicitly specified in /etc/cups/cupsd.conf via a line like "RIPCache 256m" (sometimes up to "RIPCache 1024m" is needed - provided there is at least 2GB main memory in the computer). cups-1.4.6-7.8.1.i586.rpm cups-1.4.6-7.8.1.x86_64.rpm cups-client-1.4.6-7.8.1.i586.rpm cups-client-1.4.6-7.8.1.x86_64.rpm cups-ddk-1.4.6-7.8.1.i586.rpm cups-ddk-1.4.6-7.8.1.x86_64.rpm cups-devel-1.4.6-7.8.1.i586.rpm cups-devel-1.4.6-7.8.1.x86_64.rpm cups-libs-1.4.6-7.8.1.i586.rpm cups-libs-1.4.6-7.8.1.x86_64.rpm cups-libs-32bit-1.4.6-7.8.1.x86_64.rpm cups-client-debuginfo-1.4.6-7.8.1.i586.rpm cups-client-debuginfo-1.4.6-7.8.1.x86_64.rpm cups-ddk-debuginfo-1.4.6-7.8.1.i586.rpm cups-ddk-debuginfo-1.4.6-7.8.1.x86_64.rpm cups-debuginfo-1.4.6-7.8.1.i586.rpm cups-debuginfo-1.4.6-7.8.1.x86_64.rpm cups-debugsource-1.4.6-7.8.1.i586.rpm cups-debugsource-1.4.6-7.8.1.x86_64.rpm cups-libs-debuginfo-1.4.6-7.8.1.i586.rpm cups-libs-debuginfo-1.4.6-7.8.1.x86_64.rpm cups-libs-debuginfo-32bit-1.4.6-7.8.1.x86_64.rpm MozillaFirefox openSUSE 11.4 Mozilla Firefox was updated to the 4.0.1 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits Mozilla developers Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, Nils, Scoobidiver, and Ted Mielczarek reported memory safety issues which affected Firefox 4. (CVE-2011-0079) Mozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081) Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070) MFSA 2011-17 / CVE-2011-0068: Two crashes that could potentially be exploited to run malicious code were found in the WebGL feature and fixed in Firefox 4.0.1. In addition the WebGLES libraries could potentially be used to bypass a security feature of recent Windows versions. The WebGL feature was introduced in Firefox 4; older versions are not affected by these issues. Nils reported that the WebGLES libraries in the Windows version of Firefox were compiled without ASLR protection. An attacker who found an exploitable memory corruption flaw could then use these libraries to bypass ASLR on Windows Vista and Windows 7, making the flaw as exploitable on those platforms as it would be on Windows XP or other platforms. Mozilla researcher Christoph Diehl reported a potentially exploitable buffer overflow in the WebGLES library Yuri Ko reported a potentially exploitable overwrite in the WebGLES library to the Chrome Secuity Team. We thank them for coordinating with us on this fix. MFSA 2011-18 / CVE-2011-1202: Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. MozillaFirefox-4.0.1-0.2.2.i586.rpm MozillaFirefox-4.0.1-0.2.2.x86_64.rpm MozillaFirefox-branding-upstream-4.0.1-0.2.2.i586.rpm MozillaFirefox-branding-upstream-4.0.1-0.2.2.x86_64.rpm MozillaFirefox-devel-4.0.1-0.2.2.i586.rpm MozillaFirefox-devel-4.0.1-0.2.2.x86_64.rpm MozillaFirefox-translations-common-4.0.1-0.2.2.i586.rpm MozillaFirefox-translations-common-4.0.1-0.2.2.x86_64.rpm MozillaFirefox-translations-other-4.0.1-0.2.2.i586.rpm MozillaFirefox-translations-other-4.0.1-0.2.2.x86_64.rpm mozilla-js20-2.0.1-0.2.2.i586.rpm mozilla-js20-2.0.1-0.2.2.x86_64.rpm mozilla-js20-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-buildsymbols-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-buildsymbols-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-devel-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-devel-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-gnome-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-gnome-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-gnome-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-translations-common-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-translations-common-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-translations-common-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-translations-other-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-translations-other-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-translations-other-32bit-2.0.1-0.2.2.x86_64.rpm MozillaFirefox-debuginfo-4.0.1-0.2.2.i586.rpm MozillaFirefox-debuginfo-4.0.1-0.2.2.x86_64.rpm MozillaFirefox-debugsource-4.0.1-0.2.2.i586.rpm MozillaFirefox-debugsource-4.0.1-0.2.2.x86_64.rpm mozilla-js20-debuginfo-2.0.1-0.2.2.i586.rpm mozilla-js20-debuginfo-2.0.1-0.2.2.x86_64.rpm mozilla-js20-debuginfo-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-debuginfo-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-debuginfo-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-debuginfo-32bit-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-debugsource-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-debugsource-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-devel-debuginfo-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-devel-debuginfo-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-gnome-debuginfo-2.0.1-0.2.2.i586.rpm mozilla-xulrunner20-gnome-debuginfo-2.0.1-0.2.2.x86_64.rpm mozilla-xulrunner20-gnome-debuginfo-32bit-2.0.1-0.2.2.x86_64.rpm MozillaThunderbird openSUSE 11.4 Mozilla Thunderbird was updated to the 3.1.10 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits Mozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081) The web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069) Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070) Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080) Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075) Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078) Martin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072) MozillaThunderbird-3.1.10-0.5.1.i586.rpm MozillaThunderbird-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.10-0.5.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-devel-3.1.10-0.5.1.i586.rpm MozillaThunderbird-devel-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.10-0.5.1.i586.rpm MozillaThunderbird-translations-common-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.10-0.5.1.i586.rpm MozillaThunderbird-translations-other-3.1.10-0.5.1.x86_64.rpm enigmail-1.1.2-9.5.1.i586.rpm enigmail-1.1.2-9.5.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.10-0.5.1.i586.rpm MozillaThunderbird-debuginfo-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.10-0.5.1.i586.rpm MozillaThunderbird-debugsource-3.1.10-0.5.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.10-0.5.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.10-0.5.1.x86_64.rpm enigmail-debuginfo-1.1.2-9.5.1.i586.rpm enigmail-debuginfo-1.1.2-9.5.1.x86_64.rpm mozilla-js192 openSUSE 11.4 Mozilla XULRunner 1.9.2 was updated to the 1.9.2.17 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits Mozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081) The web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069) Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070) Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080) Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075) Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078) Martin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072) MFSA 2011-13 / CVE-2011-0065 / CVE-2011-0066 / CVE-2011-0073: Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative. MFSA 2011-14 / CVE-2011-0067: Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history. MFSA 2011-15 / CVE-2011-0076: David Remahl of Apple Product Security reported that the Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox could be exploited to obtain elevated access to resources on a user's system. MFSA 2011-16 / CVE-2011-0071: Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed. MFSA 2011-18 / CVE-2011-1202: Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. mozilla-js192-1.9.2.17-0.2.2.i586.rpm mozilla-js192-1.9.2.17-0.2.2.x86_64.rpm mozilla-js192-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-devel-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-gnome-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-js192-debuginfo-1.9.2.17-0.2.2.i586.rpm mozilla-js192-debuginfo-1.9.2.17-0.2.2.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.17-0.2.2.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.17-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.17-0.2.2.x86_64.rpm seamonkey openSUSE 11.4 Mozilla Seamonkey was updated to the 2.0.14 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits Mozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081) The web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069) Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070) Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080) Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075) Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078) Martin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072) MFSA 2011-13 / CVE-2011-0065 / CVE-2011-0066 / CVE-2011-0073: Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative. MFSA 2011-14 / CVE-2011-0067: Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history. seamonkey-2.0.14-0.2.1.i586.rpm seamonkey-2.0.14-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.0.14-0.2.1.i586.rpm seamonkey-dom-inspector-2.0.14-0.2.1.x86_64.rpm seamonkey-irc-2.0.14-0.2.1.i586.rpm seamonkey-irc-2.0.14-0.2.1.x86_64.rpm seamonkey-translations-common-2.0.14-0.2.1.i586.rpm seamonkey-translations-common-2.0.14-0.2.1.x86_64.rpm seamonkey-translations-other-2.0.14-0.2.1.i586.rpm seamonkey-translations-other-2.0.14-0.2.1.x86_64.rpm seamonkey-venkman-2.0.14-0.2.1.i586.rpm seamonkey-venkman-2.0.14-0.2.1.x86_64.rpm seamonkey-debuginfo-2.0.14-0.2.1.i586.rpm seamonkey-debuginfo-2.0.14-0.2.1.x86_64.rpm seamonkey-debugsource-2.0.14-0.2.1.i586.rpm seamonkey-debugsource-2.0.14-0.2.1.x86_64.rpm aaa_base openSUSE 11.4 - #642289: System does not boot correctly with sysvinit-tools-2.88-15.1.x86_64.rpm or newer (blogd issue) - #674192: Avoid waiting on bind mounts in boot.localfs - Be aware in refresh_initrd that modules used in initrd may use options in the /etc/modprobe.d/ files aaa_base-11.4-54.64.1.i586.rpm aaa_base-11.4-54.64.1.x86_64.rpm aaa_base-extras-11.4-54.64.1.i586.rpm aaa_base-extras-11.4-54.64.1.x86_64.rpm aaa_base-debuginfo-11.4-54.64.1.i586.rpm aaa_base-debuginfo-11.4-54.64.1.x86_64.rpm aaa_base-debugsource-11.4-54.64.1.i586.rpm aaa_base-debugsource-11.4-54.64.1.x86_64.rpm timezone-2011g openSUSE 11.4 This update provides 2011g which provides the following important changes: dbg114-timezone-2011g-4474 new_updateinfo timezone-2011g-4474 Remove Daylight savings time observation for Egypt dbg114-timezone-2011g-4474 new_updateinfo timezone-2011g-4474 Falkland islands on a trial basis do not observe DST anymore dbg114-timezone-2011g-4474 new_updateinfo timezone-2011g-4474 Southamerica/Chile: Delay DST until May 7th dbg114-timezone-2011g-4474 new_updateinfo timezone-2011g-4474 Southafrica/Morocco: Updates timezone-2011g-0.2.1.i586.rpm timezone-2011g-0.2.1.x86_64.rpm timezone-java-2011g-0.2.1.noarch.rpm timezone-debuginfo-2011g-0.2.1.i586.rpm timezone-debuginfo-2011g-0.2.1.x86_64.rpm timezone-debugsource-2011g-0.2.1.i586.rpm timezone-debugsource-2011g-0.2.1.x86_64.rpm perl-GDGraph openSUSE 11.4 A missing dependency is fixed by this update. perl-GDGraph-1.44-186.187.1.noarch.rpm perl-GDGraph-1.44-186.187.1.noarch.rpm gnome-control-center openSUSE 11.4 The "back" arrow for the slideshow item in the appearance applet was incorrectly replaced by a "forward" arrow. gnome-control-center-2.32.1-7.12.1.i586.rpm gnome-control-center-2.32.1-7.12.1.x86_64.rpm gnome-control-center-devel-2.32.1-7.12.1.i586.rpm gnome-control-center-devel-2.32.1-7.12.1.x86_64.rpm gnome-control-center-lang-2.32.1-7.12.1.noarch.rpm libgnome-window-settings-devel-2.32.1-7.12.1.i586.rpm libgnome-window-settings-devel-2.32.1-7.12.1.x86_64.rpm libgnome-window-settings1-2.32.1-7.12.1.i586.rpm libgnome-window-settings1-2.32.1-7.12.1.x86_64.rpm gnome-control-center-debuginfo-2.32.1-7.12.1.i586.rpm gnome-control-center-debuginfo-2.32.1-7.12.1.x86_64.rpm gnome-control-center-debugsource-2.32.1-7.12.1.i586.rpm gnome-control-center-debugsource-2.32.1-7.12.1.x86_64.rpm libgnome-window-settings1-debuginfo-2.32.1-7.12.1.i586.rpm libgnome-window-settings1-debuginfo-2.32.1-7.12.1.x86_64.rpm java-1_6_0-sun openSUSE 11.4 Oracle Java SE 6 update 25 has been released. This release brings: * New generation of Java HotSpot VM 20 with experimental tiered compilation in Server VM reduces a start time * Support for various software including Firefox 4, Chrome 10 and VirtualBox 4 * Improved BigDecimal performance up to 30% * Olson Data 2011b includes recent North Dakota changes This update does not provide any documented security enhancements. java-1_6_0-sun-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-alsa-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-alsa-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-demo-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-demo-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-devel-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-devel-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-jdbc-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-jdbc-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-plugin-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-plugin-1.6.0.u25-0.3.1.x86_64.rpm java-1_6_0-sun-src-1.6.0.u25-0.3.1.i586.rpm java-1_6_0-sun-src-1.6.0.u25-0.3.1.x86_64.rpm cron openSUSE 11.4 Cronie does not drop all privileges before calling sendmail. cron-4.2-9.19.1.i586.rpm cron-4.2-9.19.1.x86_64.rpm cronie-1.4.7-9.19.1.i586.rpm cronie-1.4.7-9.19.1.x86_64.rpm cronie-anacron-1.4.7-9.19.1.i586.rpm cronie-anacron-1.4.7-9.19.1.x86_64.rpm cronie-anacron-debuginfo-1.4.7-9.19.1.i586.rpm cronie-anacron-debuginfo-1.4.7-9.19.1.x86_64.rpm cronie-debuginfo-1.4.7-9.19.1.i586.rpm cronie-debuginfo-1.4.7-9.19.1.x86_64.rpm cronie-debugsource-1.4.7-9.19.1.i586.rpm cronie-debugsource-1.4.7-9.19.1.x86_64.rpm gstreamer-0_10-plugin-hal openSUSE 11.4 - 674287: Gstreamer fails to use v4l2 webcam - 684781: Patch gst-plugins-good to prevent crashes on low-end machines gstreamer-0_10-plugin-hal-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugin-hal-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-doc-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-doc-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-extra-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-extra-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-lang-0.10.28-1.2.1.noarch.rpm gstreamer-0_10-plugin-hal-debuginfo-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugin-hal-debuginfo-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-debuginfo-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-debuginfo-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-debugsource-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-debugsource-0.10.28-1.2.1.x86_64.rpm gstreamer-0_10-plugins-good-extra-debuginfo-0.10.28-1.2.1.i586.rpm gstreamer-0_10-plugins-good-extra-debuginfo-0.10.28-1.2.1.x86_64.rpm perl openSUSE 11.4 This update fixes a bug in perl that makes spamassassin crash and does not allow bypassing taint mode by using lc() or uc() anymore. - CVE-2010-4777: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) - CVE-2011-1487: CVSS v2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N): Permissions, Privileges, and Access Control (CWE-264) perl-5.12.3-11.16.1.i586.rpm perl-5.12.3-11.16.1.x86_64.rpm perl-32bit-5.12.3-11.16.1.x86_64.rpm perl-base-5.12.3-11.16.1.i586.rpm perl-base-5.12.3-11.16.1.x86_64.rpm perl-base-32bit-5.12.3-11.16.1.x86_64.rpm perl-doc-5.12.3-11.16.1.noarch.rpm perl-base-debuginfo-5.12.3-11.16.1.i586.rpm perl-base-debuginfo-5.12.3-11.16.1.x86_64.rpm perl-base-debuginfo-32bit-5.12.3-11.16.1.x86_64.rpm perl-debuginfo-5.12.3-11.16.1.i586.rpm perl-debuginfo-5.12.3-11.16.1.x86_64.rpm perl-debuginfo-32bit-5.12.3-11.16.1.x86_64.rpm perl-debugsource-5.12.3-11.16.1.i586.rpm perl-debugsource-5.12.3-11.16.1.x86_64.rpm krb5-appl openSUSE 11.4 Kerberos telnetd terminate with "All terminal ports in use." This update fixes this issue. krb5-appl-clients-1.0-7.8.1.i586.rpm krb5-appl-clients-1.0-7.8.1.x86_64.rpm krb5-appl-servers-1.0-7.8.1.i586.rpm krb5-appl-servers-1.0-7.8.1.x86_64.rpm krb5-appl-clients-debuginfo-1.0-7.8.1.i586.rpm krb5-appl-clients-debuginfo-1.0-7.8.1.x86_64.rpm krb5-appl-debugsource-1.0-7.8.1.i586.rpm krb5-appl-debugsource-1.0-7.8.1.x86_64.rpm krb5-appl-servers-debuginfo-1.0-7.8.1.i586.rpm krb5-appl-servers-debuginfo-1.0-7.8.1.x86_64.rpm exim openSUSE 11.4 This exim security update fixes importer string handling in DKIM signatures. (CVE-2011-1764) exim-4.74-6.7.1.i586.rpm exim-4.74-6.7.1.x86_64.rpm eximon-4.74-6.7.1.i586.rpm eximon-4.74-6.7.1.x86_64.rpm eximstats-html-4.74-6.7.1.i586.rpm eximstats-html-4.74-6.7.1.x86_64.rpm exim-debuginfo-4.74-6.7.1.i586.rpm exim-debuginfo-4.74-6.7.1.x86_64.rpm exim-debugsource-4.74-6.7.1.i586.rpm exim-debugsource-4.74-6.7.1.x86_64.rpm eximon-debuginfo-4.74-6.7.1.i586.rpm eximon-debuginfo-4.74-6.7.1.x86_64.rpm libpython2_6-1_0 openSUSE 11.4 This update of python fixes a possible denial of service bug or information leakage vulnerability while using user-crafted ftp:// or file:// URLs with urllib(2). CVE-2011-1521: CVSS v2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) libpython2_7-1_0-2.7-8.10.2.i586.rpm libpython2_7-1_0-2.7-8.10.2.x86_64.rpm libpython2_7-1_0-32bit-2.7-8.10.2.x86_64.rpm python-2.7-9.10.2.i586.rpm python-2.7-9.10.2.x86_64.rpm python-32bit-2.7-9.10.2.x86_64.rpm python-base-2.7-8.10.2.i586.rpm python-base-2.7-8.10.2.x86_64.rpm python-base-32bit-2.7-8.10.2.x86_64.rpm python-curses-2.7-9.10.2.i586.rpm python-curses-2.7-9.10.2.x86_64.rpm python-demo-2.7-9.10.2.i586.rpm python-demo-2.7-9.10.2.x86_64.rpm python-devel-2.7-8.10.2.i586.rpm python-devel-2.7-8.10.2.x86_64.rpm python-gdbm-2.7-9.10.2.i586.rpm python-gdbm-2.7-9.10.2.x86_64.rpm python-idle-2.7-9.10.2.i586.rpm python-idle-2.7-9.10.2.x86_64.rpm python-tk-2.7-9.10.2.i586.rpm python-tk-2.7-9.10.2.x86_64.rpm python-xml-2.7-8.10.2.i586.rpm python-xml-2.7-8.10.2.x86_64.rpm libpython2_7-1_0-debuginfo-2.7-8.10.2.i586.rpm libpython2_7-1_0-debuginfo-2.7-8.10.2.x86_64.rpm libpython2_7-1_0-debuginfo-32bit-2.7-8.10.2.x86_64.rpm python-base-debuginfo-2.7-8.10.2.i586.rpm python-base-debuginfo-2.7-8.10.2.x86_64.rpm python-base-debuginfo-32bit-2.7-8.10.2.x86_64.rpm python-base-debugsource-2.7-8.10.2.i586.rpm python-base-debugsource-2.7-8.10.2.x86_64.rpm python-curses-debuginfo-2.7-9.10.2.i586.rpm python-curses-debuginfo-2.7-9.10.2.x86_64.rpm python-debuginfo-2.7-9.10.2.i586.rpm python-debuginfo-2.7-9.10.2.x86_64.rpm python-debuginfo-32bit-2.7-9.10.2.x86_64.rpm python-debugsource-2.7-9.10.2.i586.rpm python-debugsource-2.7-9.10.2.x86_64.rpm python-gdbm-debuginfo-2.7-9.10.2.i586.rpm python-gdbm-debuginfo-2.7-9.10.2.x86_64.rpm python-tk-debuginfo-2.7-9.10.2.i586.rpm python-tk-debuginfo-2.7-9.10.2.x86_64.rpm python-xml-debuginfo-2.7-8.10.2.i586.rpm python-xml-debuginfo-2.7-8.10.2.x86_64.rpm otrs openSUSE 11.4 This updated fixes a cross site scripting (XSS) issue in otrs. (CVE-2011-1518) Upstream advisory: http://otrs.org/advisory/OSA-2011-01-en/ otrs-2.4.9-3.3.2.noarch.rpm otrs-doc-2.4.9-3.3.2.noarch.rpm otrs-itsm-2.1.1-1.3.2.noarch.rpm vino openSUSE 11.4 Two out of bounds memory access vulnerabilities in vinos' libvncserver have been fixed. CVE-2011-0904 and CVE-2011-0905 have been assigned. vino-2.32.1-6.7.1.i586.rpm vino-2.32.1-6.7.1.x86_64.rpm vino-lang-2.32.1-6.7.1.noarch.rpm vino-debuginfo-2.32.1-6.7.1.i586.rpm vino-debuginfo-2.32.1-6.7.1.x86_64.rpm vino-debugsource-2.32.1-6.7.1.i586.rpm vino-debugsource-2.32.1-6.7.1.x86_64.rpm postfix openSUSE 11.4 Remote attackers could potentially exploit a memory corruption issue in postfix' SASL implementation to execute arbitrary code (CVE-2011-1720). postfix-2.7.2-13.16.1.i586.rpm postfix-2.7.2-13.16.1.x86_64.rpm postfix-devel-2.7.2-13.16.1.i586.rpm postfix-devel-2.7.2-13.16.1.x86_64.rpm postfix-doc-2.7.2-13.16.1.noarch.rpm postfix-mysql-2.7.2-13.16.1.i586.rpm postfix-mysql-2.7.2-13.16.1.x86_64.rpm postfix-postgresql-2.7.2-13.16.1.i586.rpm postfix-postgresql-2.7.2-13.16.1.x86_64.rpm postfix-debuginfo-2.7.2-13.16.1.i586.rpm postfix-debuginfo-2.7.2-13.16.1.x86_64.rpm postfix-debugsource-2.7.2-13.16.1.i586.rpm postfix-debugsource-2.7.2-13.16.1.x86_64.rpm postfix-mysql-debuginfo-2.7.2-13.16.1.i586.rpm postfix-mysql-debuginfo-2.7.2-13.16.1.x86_64.rpm postfix-postgresql-debuginfo-2.7.2-13.16.1.i586.rpm postfix-postgresql-debuginfo-2.7.2-13.16.1.x86_64.rpm aaa_base openSUSE 11.4 This update contains fixes for the following bugs: - #671292: init scripts complains about missing bootsplash binary, when bootsplash isn't installed - #681687: incorrect tab completion for variables (bash) - #691883: bash completion for 'cd ~/DIR' fails to provide trailing '/' aaa_base-11.4-54.66.1.i586.rpm aaa_base-11.4-54.66.1.x86_64.rpm aaa_base-extras-11.4-54.66.1.i586.rpm aaa_base-extras-11.4-54.66.1.x86_64.rpm aaa_base-debuginfo-11.4-54.66.1.i586.rpm aaa_base-debuginfo-11.4-54.66.1.x86_64.rpm aaa_base-debugsource-11.4-54.66.1.i586.rpm aaa_base-debugsource-11.4-54.66.1.x86_64.rpm cpufrequtils openSUSE 11.4 This update adds an additional devel package to provide development header and libraries. cpufrequtils-008-6.7.1.i586.rpm cpufrequtils-008-6.7.1.x86_64.rpm cpufrequtils-32bit-008-6.7.1.x86_64.rpm cpufrequtils-bench-008-6.7.1.i586.rpm cpufrequtils-bench-008-6.7.1.x86_64.rpm cpufrequtils-devel-008-6.7.1.i586.rpm cpufrequtils-devel-008-6.7.1.x86_64.rpm cpufrequtils-bench-debuginfo-008-6.7.1.i586.rpm cpufrequtils-bench-debuginfo-008-6.7.1.x86_64.rpm cpufrequtils-debuginfo-008-6.7.1.i586.rpm cpufrequtils-debuginfo-008-6.7.1.x86_64.rpm cpufrequtils-debuginfo-32bit-008-6.7.1.x86_64.rpm cpufrequtils-debugsource-008-6.7.1.i586.rpm cpufrequtils-debugsource-008-6.7.1.x86_64.rpm culmus openSUSE 11.4 This update adds the missing TTF fonts from the culmus package. culmus-0.120-4.5.1.noarch.rpm hylafax openSUSE 11.4 Hylafax failed to start with the message " No support for old protocol" because the init script passed a parameter that wasn't supported anymore. Fixed by this update. hylafax-6.0.4-7.8.3.i586.rpm hylafax-6.0.4-7.8.3.x86_64.rpm hylafax-client-6.0.4-7.8.3.i586.rpm hylafax-client-6.0.4-7.8.3.x86_64.rpm hylafax-client-debuginfo-6.0.4-7.8.3.i586.rpm hylafax-client-debuginfo-6.0.4-7.8.3.x86_64.rpm hylafax-debuginfo-6.0.4-7.8.3.i586.rpm hylafax-debuginfo-6.0.4-7.8.3.x86_64.rpm hylafax-debugsource-6.0.4-7.8.3.i586.rpm hylafax-debugsource-6.0.4-7.8.3.x86_64.rpm libsvn_auth_gnome_keyring-1-0 openSUSE 11.4 The following bug is fixed by this update: - #688968: /etc/init.d/svnserve erroneously uses id(1) to check SVNSERVE_GROUPID=users libsvn_auth_gnome_keyring-1-0-1.6.16-1.5.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.16-1.5.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.16-1.5.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.16-1.5.1.x86_64.rpm subversion-1.6.16-1.5.1.i586.rpm subversion-1.6.16-1.5.1.x86_64.rpm subversion-devel-1.6.16-1.5.1.i586.rpm subversion-devel-1.6.16-1.5.1.x86_64.rpm subversion-perl-1.6.16-1.5.1.i586.rpm subversion-perl-1.6.16-1.5.1.x86_64.rpm subversion-python-1.6.16-1.5.1.i586.rpm subversion-python-1.6.16-1.5.1.x86_64.rpm subversion-ruby-1.6.16-1.5.1.i586.rpm subversion-ruby-1.6.16-1.5.1.x86_64.rpm subversion-server-1.6.16-1.5.1.i586.rpm subversion-server-1.6.16-1.5.1.x86_64.rpm subversion-tools-1.6.16-1.5.1.i586.rpm subversion-tools-1.6.16-1.5.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.16-1.5.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.16-1.5.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.16-1.5.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-debuginfo-1.6.16-1.5.1.i586.rpm subversion-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-debugsource-1.6.16-1.5.1.i586.rpm subversion-debugsource-1.6.16-1.5.1.x86_64.rpm subversion-perl-debuginfo-1.6.16-1.5.1.i586.rpm subversion-perl-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-python-debuginfo-1.6.16-1.5.1.i586.rpm subversion-python-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-ruby-debuginfo-1.6.16-1.5.1.i586.rpm subversion-ruby-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-server-debuginfo-1.6.16-1.5.1.i586.rpm subversion-server-debuginfo-1.6.16-1.5.1.x86_64.rpm subversion-tools-debuginfo-1.6.16-1.5.1.i586.rpm subversion-tools-debuginfo-1.6.16-1.5.1.x86_64.rpm yelp openSUSE 11.4 yelp is not longer working after the last firefox update. Fixed by this update. yelp-2.30.2-9.14.1.i586.rpm yelp-2.30.2-9.14.1.x86_64.rpm yelp-lang-2.30.2-9.14.1.noarch.rpm yelp-debuginfo-2.30.2-9.14.1.i586.rpm yelp-debuginfo-2.30.2-9.14.1.x86_64.rpm yelp-debugsource-2.30.2-9.14.1.i586.rpm yelp-debugsource-2.30.2-9.14.1.x86_64.rpm xen-201105 openSUSE 11.4 Collective May/2011 update for Xen Xen: - 675363 - Random lockups with kernel-xen. Possibly graphics related. - 679344 - Xen: multi-vCPU pv guest may crash host - 681044 - update xenpaging.autostart.patch - 681302 - xm create -x <guest> returns "ImportError: No module named ext" - 688473 - potential buffer overflow in tools - 691738 - Xen does not find device create with npiv block vm-install: - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN - kernel panic - 678152 - Xen: virt-manager: harmless block device admin actions on FV guests mess up network (VIF) device type ==> network lost. - 631680 - OpenSUSE 11.3 KVM install of windows xp fails on first reboot during installation. vm-install-0.4.30-0.3.1.i586.rpm vm-install-0.4.30-0.3.1.x86_64.rpm xen-4.0.2_02-4.9.2.i586.rpm xen-4.0.2_02-4.9.2.x86_64.rpm xen-devel-4.0.2_02-4.9.2.i586.rpm xen-devel-4.0.2_02-4.9.2.x86_64.rpm xen-doc-html-4.0.2_02-4.9.2.i586.rpm xen-doc-html-4.0.2_02-4.9.2.x86_64.rpm xen-doc-pdf-4.0.2_02-4.9.2.i586.rpm xen-doc-pdf-4.0.2_02-4.9.2.x86_64.rpm xen-kmp-default-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-kmp-default-4.0.2_02_k2.6.37.6_0.5-4.9.2.x86_64.rpm xen-kmp-desktop-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-kmp-desktop-4.0.2_02_k2.6.37.6_0.5-4.9.2.x86_64.rpm xen-kmp-pae-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-libs-4.0.2_02-4.9.2.i586.rpm xen-libs-4.0.2_02-4.9.2.x86_64.rpm xen-tools-4.0.2_02-4.9.2.i586.rpm xen-tools-4.0.2_02-4.9.2.x86_64.rpm xen-tools-domU-4.0.2_02-4.9.2.i586.rpm xen-tools-domU-4.0.2_02-4.9.2.x86_64.rpm xen-debugsource-4.0.2_02-4.9.2.i586.rpm xen-debugsource-4.0.2_02-4.9.2.x86_64.rpm xen-kmp-default-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-kmp-default-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2.x86_64.rpm xen-kmp-desktop-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-kmp-desktop-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2.x86_64.rpm xen-kmp-pae-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2.i586.rpm xen-libs-debuginfo-4.0.2_02-4.9.2.i586.rpm xen-libs-debuginfo-4.0.2_02-4.9.2.x86_64.rpm xen-tools-debuginfo-4.0.2_02-4.9.2.i586.rpm xen-tools-debuginfo-4.0.2_02-4.9.2.x86_64.rpm xen-tools-domU-debuginfo-4.0.2_02-4.9.2.i586.rpm xen-tools-domU-debuginfo-4.0.2_02-4.9.2.x86_64.rpm ghostscript-devel openSUSE 11.4 Some printer drivers use the cups device in Ghostscript. This device results wrong (usually somehow inverted) colors in particular for embedded images in PDFs depending on which color space is used. For example it fails for the CMY color space but works for the RGB and CMYK color spaces. The openSUSE bug is bnc#681071 and the matching Ghostscript upstream bug is http://bugs.ghostscript.com/show_bug.cgi?id=691760 Fixed by this update. ghostscript-devel-9.00-4.10.1.i586.rpm ghostscript-devel-9.00-4.10.1.x86_64.rpm ghostscript-fonts-other-9.00-4.10.1.noarch.rpm ghostscript-fonts-rus-9.00-4.10.1.noarch.rpm ghostscript-fonts-std-9.00-4.10.1.noarch.rpm ghostscript-ijs-devel-9.00-4.10.1.i586.rpm ghostscript-ijs-devel-9.00-4.10.1.x86_64.rpm ghostscript-library-9.00-4.10.1.i586.rpm ghostscript-library-9.00-4.10.1.x86_64.rpm ghostscript-x11-9.00-4.10.1.i586.rpm ghostscript-x11-9.00-4.10.1.x86_64.rpm libgimpprint-4.2.7-334.10.1.i586.rpm libgimpprint-4.2.7-334.10.1.x86_64.rpm libgimpprint-devel-4.2.7-334.10.1.i586.rpm libgimpprint-devel-4.2.7-334.10.1.x86_64.rpm ghostscript-library-debuginfo-9.00-4.10.1.i586.rpm ghostscript-library-debuginfo-9.00-4.10.1.x86_64.rpm ghostscript-library-debugsource-9.00-4.10.1.i586.rpm ghostscript-library-debugsource-9.00-4.10.1.x86_64.rpm ghostscript-x11-debuginfo-9.00-4.10.1.i586.rpm ghostscript-x11-debuginfo-9.00-4.10.1.x86_64.rpm libgimpprint-debuginfo-4.2.7-334.10.1.i586.rpm libgimpprint-debuginfo-4.2.7-334.10.1.x86_64.rpm wireshark openSUSE 11.4 This wireshark update fixes: - Use of un-initialized variables (CVE-2011-1590) - Buffer overflow in DECT dissector (CVE-2011-1591) - Crash in NFS dissector on Windows (CVE-2011-1592) wireshark-1.4.4-0.5.1.i586.rpm wireshark-1.4.4-0.5.1.x86_64.rpm wireshark-devel-1.4.4-0.5.1.i586.rpm wireshark-devel-1.4.4-0.5.1.x86_64.rpm wireshark-debuginfo-1.4.4-0.5.1.i586.rpm wireshark-debuginfo-1.4.4-0.5.1.x86_64.rpm wireshark-debugsource-1.4.4-0.5.1.i586.rpm wireshark-debugsource-1.4.4-0.5.1.x86_64.rpm rdesktop openSUSE 11.4 A malicious server could access any file on clients connecting to it if the client shared some ressource (CVE-2011-1595). rdesktop-1.6.0-46.47.1.i586.rpm rdesktop-1.6.0-46.47.1.x86_64.rpm rdesktop-debuginfo-1.6.0-46.47.1.i586.rpm rdesktop-debuginfo-1.6.0-46.47.1.x86_64.rpm rdesktop-debugsource-1.6.0-46.47.1.i586.rpm rdesktop-debugsource-1.6.0-46.47.1.x86_64.rpm Mesa openSUSE 11.4 This update fixes a xserver crash with radeon/radeonhd UMS and screen distortion on R3xx-R5xx radeon graphics cards. Mesa-7.10.2-7.3.1.i586.rpm Mesa-7.10.2-7.3.1.x86_64.rpm Mesa-32bit-7.10.2-7.3.1.x86_64.rpm Mesa-devel-7.10.2-7.3.1.i586.rpm Mesa-devel-7.10.2-7.3.1.x86_64.rpm Mesa-devel-32bit-7.10.2-7.3.1.x86_64.rpm Mesa-nouveau3d-7.10.2-7.3.1.i586.rpm Mesa-nouveau3d-7.10.2-7.3.1.x86_64.rpm Mesa-nouveau3d-32bit-7.10.2-7.3.1.x86_64.rpm xorg-x11-Xvnc-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.22.2.x86_64.rpm Mesa-debuginfo-7.10.2-7.3.1.i586.rpm Mesa-debuginfo-7.10.2-7.3.1.x86_64.rpm Mesa-debuginfo-32bit-7.10.2-7.3.1.x86_64.rpm Mesa-debugsource-7.10.2-7.3.1.i586.rpm Mesa-debugsource-7.10.2-7.3.1.x86_64.rpm Mesa-nouveau3d-debuginfo-7.10.2-7.3.1.i586.rpm Mesa-nouveau3d-debuginfo-7.10.2-7.3.1.x86_64.rpm Mesa-nouveau3d-debuginfo-32bit-7.10.2-7.3.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.22.2.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.22.2.x86_64.rpm xorg-x11-driver-video openSUSE 11.4 Intel [946GZ/GL] GPU has been driven as 915 GPU, whereas it belongs to the 965 GPU family. Fixed by this update. xorg-x11-driver-video-7.6-53.58.1.i586.rpm xorg-x11-driver-video-7.6-53.58.1.x86_64.rpm xorg-x11-driver-video-32bit-7.6-53.58.1.x86_64.rpm xorg-x11-driver-video-debuginfo-7.6-53.58.1.i586.rpm xorg-x11-driver-video-debuginfo-7.6-53.58.1.x86_64.rpm xorg-x11-driver-video-debuginfo-32bit-7.6-53.58.1.x86_64.rpm xorg-x11-driver-video-debugsource-7.6-53.58.1.i586.rpm xorg-x11-driver-video-debugsource-7.6-53.58.1.x86_64.rpm flash-player openSUSE 11.4 Flash Player has been updated to version 10.3, fixing bugs and security issues. More information can be found on: http://www.adobe.com/support/security/bulletins/apsb11-12.ht ml flash-player-10.3.181.14-0.2.1.i586.rpm dhcp openSUSE 11.4 - Fixed dhclient-script typo causing ISC DHCPv6 client to execute ifup pre-down scripts also while renew, when the ipv6 address did not changed (bnc#690859). dhcp-4.2.1-0.7.1.i586.rpm dhcp-4.2.1-0.7.1.x86_64.rpm dhcp-client-4.2.1-0.7.1.i586.rpm dhcp-client-4.2.1-0.7.1.x86_64.rpm dhcp-devel-4.2.1-0.7.1.i586.rpm dhcp-devel-4.2.1-0.7.1.x86_64.rpm dhcp-doc-4.2.1-0.7.1.i586.rpm dhcp-doc-4.2.1-0.7.1.x86_64.rpm dhcp-relay-4.2.1-0.7.1.i586.rpm dhcp-relay-4.2.1-0.7.1.x86_64.rpm dhcp-server-4.2.1-0.7.1.i586.rpm dhcp-server-4.2.1-0.7.1.x86_64.rpm dhcp-client-debuginfo-4.2.1-0.7.1.i586.rpm dhcp-client-debuginfo-4.2.1-0.7.1.x86_64.rpm dhcp-debuginfo-4.2.1-0.7.1.i586.rpm dhcp-debuginfo-4.2.1-0.7.1.x86_64.rpm dhcp-debugsource-4.2.1-0.7.1.i586.rpm dhcp-debugsource-4.2.1-0.7.1.x86_64.rpm dhcp-relay-debuginfo-4.2.1-0.7.1.i586.rpm dhcp-relay-debuginfo-4.2.1-0.7.1.x86_64.rpm dhcp-server-debuginfo-4.2.1-0.7.1.i586.rpm dhcp-server-debuginfo-4.2.1-0.7.1.x86_64.rpm scim-bridge openSUSE 11.4 scim-bridge is not usable in firefox. Fixed by this update scim-bridge-0.4.15-125.126.1.i586.rpm scim-bridge-0.4.15-125.126.1.x86_64.rpm scim-bridge-gtk-0.4.15-125.126.1.i586.rpm scim-bridge-gtk-0.4.15-125.126.1.x86_64.rpm scim-bridge-gtk-32bit-0.4.15-125.126.1.x86_64.rpm scim-bridge-qt-0.4.15-125.126.1.i586.rpm scim-bridge-qt-0.4.15-125.126.1.x86_64.rpm scim-bridge-qt-32bit-0.4.15-125.126.1.x86_64.rpm scim-bridge-debuginfo-0.4.15-125.126.1.i586.rpm scim-bridge-debuginfo-0.4.15-125.126.1.x86_64.rpm scim-bridge-debugsource-0.4.15-125.126.1.i586.rpm scim-bridge-debugsource-0.4.15-125.126.1.x86_64.rpm scim-bridge-gtk-debuginfo-0.4.15-125.126.1.i586.rpm scim-bridge-gtk-debuginfo-0.4.15-125.126.1.x86_64.rpm scim-bridge-gtk-debuginfo-32bit-0.4.15-125.126.1.x86_64.rpm scim-bridge-qt-debuginfo-0.4.15-125.126.1.i586.rpm scim-bridge-qt-debuginfo-0.4.15-125.126.1.x86_64.rpm scim-bridge-qt-debuginfo-32bit-0.4.15-125.126.1.x86_64.rpm cron openSUSE 11.4 The following bug is fixed by this update: - #692871: Cron doesn't write job output to syslog correctly cron-4.2-9.21.1.i586.rpm cron-4.2-9.21.1.x86_64.rpm cronie-1.4.7-9.21.1.i586.rpm cronie-1.4.7-9.21.1.x86_64.rpm cronie-anacron-1.4.7-9.21.1.i586.rpm cronie-anacron-1.4.7-9.21.1.x86_64.rpm cronie-anacron-debuginfo-1.4.7-9.21.1.i586.rpm cronie-anacron-debuginfo-1.4.7-9.21.1.x86_64.rpm cronie-debuginfo-1.4.7-9.21.1.i586.rpm cronie-debuginfo-1.4.7-9.21.1.x86_64.rpm cronie-debugsource-1.4.7-9.21.1.i586.rpm cronie-debugsource-1.4.7-9.21.1.x86_64.rpm lua-rrdtool openSUSE 11.4 The following bug is fixed by this update: - #693085: rrdtool's Tcl binding rejects the Tcl version it was compiled against lua-rrdtool-1.4.5-4.5.1.i586.rpm lua-rrdtool-1.4.5-4.5.1.x86_64.rpm python-rrdtool-1.4.5-4.5.1.i586.rpm python-rrdtool-1.4.5-4.5.1.x86_64.rpm rrdtool-1.4.5-4.5.1.i586.rpm rrdtool-1.4.5-4.5.1.x86_64.rpm rrdtool-devel-1.4.5-4.5.1.i586.rpm rrdtool-devel-1.4.5-4.5.1.x86_64.rpm lua-rrdtool-debuginfo-1.4.5-4.5.1.i586.rpm lua-rrdtool-debuginfo-1.4.5-4.5.1.x86_64.rpm python-rrdtool-debuginfo-1.4.5-4.5.1.i586.rpm python-rrdtool-debuginfo-1.4.5-4.5.1.x86_64.rpm rrdtool-debuginfo-1.4.5-4.5.1.i586.rpm rrdtool-debuginfo-1.4.5-4.5.1.x86_64.rpm rrdtool-debugsource-1.4.5-4.5.1.i586.rpm rrdtool-debugsource-1.4.5-4.5.1.x86_64.rpm bpython openSUSE 11.4 bpython needs python-curses but did not require it. So a freshly installed bpython would fail to run. Fixed by this update. bpython-0.9.7.1-4.5.1.noarch.rpm logrotate openSUSE 11.4 This update for logrotate provides the following fixes: dbg114-logrotate-4580 logrotate-4580 new_updateinfo The shred_file function in logrotate might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name (CVE-2011-1154) (bnc#679661) dbg114-logrotate-4580 logrotate-4580 new_updateinfo Race condition in the createOutputFile function in logrotate allows local users to read log data by opening a file before the intended permissions are in place (CVE-2011-1098) (bnc#677336) dbg114-logrotate-4580 logrotate-4580 new_updateinfo The writeState function in logrotate might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) n (newline) or (2) (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name (CVE-2011-1155) (bnc#679662) logrotate-3.7.9-6.7.1.i586.rpm logrotate-3.7.9-6.7.1.x86_64.rpm logrotate-debuginfo-3.7.9-6.7.1.i586.rpm logrotate-debuginfo-3.7.9-6.7.1.x86_64.rpm logrotate-debugsource-3.7.9-6.7.1.i586.rpm logrotate-debugsource-3.7.9-6.7.1.x86_64.rpm kvm openSUSE 11.4 By causing a hot-unplug of the pci-isa bridge from within guests the qemu process could access already freed memory. A privileged user inside the guest could exploit that to crash the guest instance or potentially execute arbitrary code on the host (CVE-2011-1751). The virtio-blk driver did not properly validate read and write request. A privileged user inside the guest could exploit that to cause a heap corruption and crash the guest instance or potentially execute arbitrary code on the host (CVE-2011-1750). kvm-0.14.0.0-1.6.1.i586.rpm kvm-0.14.0.0-1.6.1.x86_64.rpm kvm-debuginfo-0.14.0.0-1.6.1.i586.rpm kvm-debuginfo-0.14.0.0-1.6.1.x86_64.rpm kvm-debugsource-0.14.0.0-1.6.1.i586.rpm kvm-debugsource-0.14.0.0-1.6.1.x86_64.rpm ruby openSUSE 11.4 A memory corruption in the BigDecimal class potentially allowed attackers to execute arbitrary code (CVE-2011-0188). Affects 64bit platforms only. ruby-1.8.7.p334-1.4.1.i586.rpm ruby-1.8.7.p334-1.4.1.x86_64.rpm ruby-devel-1.8.7.p334-1.4.1.i586.rpm ruby-devel-1.8.7.p334-1.4.1.x86_64.rpm ruby-doc-html-1.8.7.p334-1.4.1.noarch.rpm ruby-doc-ri-1.8.7.p334-1.4.1.noarch.rpm ruby-examples-1.8.7.p334-1.4.1.i586.rpm ruby-examples-1.8.7.p334-1.4.1.x86_64.rpm ruby-test-suite-1.8.7.p334-1.4.1.i586.rpm ruby-test-suite-1.8.7.p334-1.4.1.x86_64.rpm ruby-tk-1.8.7.p334-1.4.1.i586.rpm ruby-tk-1.8.7.p334-1.4.1.x86_64.rpm ruby-debuginfo-1.8.7.p334-1.4.1.i586.rpm ruby-debuginfo-1.8.7.p334-1.4.1.x86_64.rpm ruby-debugsource-1.8.7.p334-1.4.1.i586.rpm ruby-debugsource-1.8.7.p334-1.4.1.x86_64.rpm ruby-tk-debuginfo-1.8.7.p334-1.4.1.i586.rpm ruby-tk-debuginfo-1.8.7.p334-1.4.1.x86_64.rpm opera openSUSE 11.4 opera 11.11 fixes a security vulnerability. Citing http://www.opera.com/support/kb/view/992/: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption. To inject code, additional techniques will have to be employed. opera-11.11-1.2.1.i586.rpm opera-11.11-1.2.1.x86_64.rpm opera-gtk-11.11-1.2.1.i586.rpm opera-gtk-11.11-1.2.1.x86_64.rpm opera-kde4-11.11-1.2.1.i586.rpm opera-kde4-11.11-1.2.1.x86_64.rpm perl-libwww-perl openSUSE 11.4 perl-libwww-perl did not verify enable host name checking of SSL certificates by default (CVE-2011-0633). perl-libwww-perl-5.837-5.7.1.noarch.rpm libthunarx-2-0 openSUSE 11.4 Due to a format string error thunar could crash when copy&pasting a file name with format characters (CVE-2011-1588). libthunarx-2-0-1.3.0-1.4.1.i586.rpm libthunarx-2-0-1.3.0-1.4.1.x86_64.rpm thunar-1.3.0-1.4.1.i586.rpm thunar-1.3.0-1.4.1.x86_64.rpm thunar-devel-1.3.0-1.4.1.i586.rpm thunar-devel-1.3.0-1.4.1.x86_64.rpm thunar-devel-doc-1.3.0-1.4.1.noarch.rpm thunar-doc-1.3.0-1.4.1.noarch.rpm thunar-lang-1.3.0-1.4.1.noarch.rpm libthunarx-2-0-debuginfo-1.3.0-1.4.1.i586.rpm libthunarx-2-0-debuginfo-1.3.0-1.4.1.x86_64.rpm thunar-debuginfo-1.3.0-1.4.1.i586.rpm thunar-debuginfo-1.3.0-1.4.1.x86_64.rpm thunar-debugsource-1.3.0-1.4.1.i586.rpm thunar-debugsource-1.3.0-1.4.1.x86_64.rpm viewvc openSUSE 11.4 cvsdb.py in viewvc did not honor an admin defined row limit which could cause high load on the database server. viewvc was updated to version 1.1.11 which fixes the issue (CVE-2009-5024). viewvc-1.1.11-1.3.1.noarch.rpm aaa_base openSUSE 11.4 The following bugs are fixed by this update: - The aaa_base package could not be installed in lxc containers, because it tries to install block devices. - boot.localfs took a long time waiting for bind mounts. - The boot.proc script runs late, delaying boot.sysctl. aaa_base-11.4-54.68.1.i586.rpm aaa_base-11.4-54.68.1.x86_64.rpm aaa_base-extras-11.4-54.68.1.i586.rpm aaa_base-extras-11.4-54.68.1.x86_64.rpm aaa_base-debuginfo-11.4-54.68.1.i586.rpm aaa_base-debuginfo-11.4-54.68.1.x86_64.rpm aaa_base-debugsource-11.4-54.68.1.i586.rpm aaa_base-debugsource-11.4-54.68.1.x86_64.rpm yast2-qt openSUSE 11.4 YaST Tree widget does no longer work in QT GUI since openSUSE 11.4. Fixed by this update. yast2-qt-2.20.5-0.3.1.i586.rpm yast2-qt-2.20.5-0.3.1.x86_64.rpm yast2-qt-devel-2.20.5-0.3.1.i586.rpm yast2-qt-devel-2.20.5-0.3.1.x86_64.rpm yast2-qt-debuginfo-2.20.5-0.3.1.i586.rpm yast2-qt-debuginfo-2.20.5-0.3.1.x86_64.rpm yast2-qt-debugsource-2.20.5-0.3.1.i586.rpm yast2-qt-debugsource-2.20.5-0.3.1.x86_64.rpm exim openSUSE 11.4 This update fixes a security issues: - exim remote code exection (CVE-2011-1407) also some safety improvements regarding STARTTLS. exim-4.74-6.9.1.i586.rpm exim-4.74-6.9.1.x86_64.rpm eximon-4.74-6.9.1.i586.rpm eximon-4.74-6.9.1.x86_64.rpm eximstats-html-4.74-6.9.1.i586.rpm eximstats-html-4.74-6.9.1.x86_64.rpm exim-debuginfo-4.74-6.9.1.i586.rpm exim-debuginfo-4.74-6.9.1.x86_64.rpm exim-debugsource-4.74-6.9.1.i586.rpm exim-debugsource-4.74-6.9.1.x86_64.rpm eximon-debuginfo-4.74-6.9.1.i586.rpm eximon-debuginfo-4.74-6.9.1.x86_64.rpm puppet openSUSE 11.4 There is an incorrect firewall rule in the puppet package. Fixed by this update. puppet-2.6.4-4.5.1.i586.rpm puppet-2.6.4-4.5.1.x86_64.rpm puppet-server-2.6.4-4.5.1.i586.rpm puppet-server-2.6.4-4.5.1.x86_64.rpm libwx_base-2_8-0-compat-lib-wxcontainer openSUSE 11.4 The update fixes an incorrect linking of third level libraries/binaries based on wxWidgets and using libtool for linking (#690952). If third level objects were linked with libtool, they were not able to find wxWidgets libraries. Application rebuild after this update fixes these runtime failures. libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_baseu-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-devel-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-devel-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.11.1.x86_64.rpm wxWidgets-compat-lib-config-2.8.11-4.11.1.i586.rpm wxWidgets-compat-lib-config-2.8.11-4.11.1.x86_64.rpm wxWidgets-devel-2.8.11-4.11.1.i586.rpm wxWidgets-devel-2.8.11-4.11.1.x86_64.rpm wxWidgets-lang-2.8.11-4.11.1.noarch.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.11.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.11.1.x86_64.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.11.1.x86_64.rpm wxWidgets-wxcontainer-devel-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-devel-2.8.11-3.11.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.11.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-debugsource-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-debugsource-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.11.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm wxWidgets-debugsource-2.8.11-4.11.1.i586.rpm wxWidgets-debugsource-2.8.11-4.11.1.x86_64.rpm wxWidgets-devel-debuginfo-2.8.11-4.11.1.i586.rpm wxWidgets-devel-debuginfo-2.8.11-4.11.1.x86_64.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.11.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.11.1.x86_64.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.11.1.x86_64.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.11.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.11.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.11.1.x86_64.rpm softwaremgmt-201105 openSUSE 11.4 This patch upgrades PackageKit to the latest stable version (0.6.14) and fixes a crash in PackageKit which prevented the update viewer to get the list of pending updates. Additionally it fixes a bug where the updates service (PackageKit) would not tell the update viewer application about the current download speed. It should also resolve issues with lost package locks (bnc#690038) and improve the issue with packagekitd blocking zypper. (bnc#689627) Detailed changelog: - Allows zypper to shutdown the updates service (packagekitd) (bnc#689627) Full logfile: - Update to version 0.6.14: + Lots of nice bugfixes in this release, along with slight changes to the SetProxy() and DownloadPackages() D-Bus API. If you're using either packagekit-glib or packagekit-qt then there's no change required as the libraries have symbol fallbacks. + The packageKit-qt2 library has been committed. It is eventually aiming to replace packagekit-qt. + New Features: - Add a 'store_in_cache' attribute to the DownloadPackages method - Automatically cancel running background transactions if a foreground transaction is committed - Cancel any background transactions when we get SuggestDaemonQuit - Introduce other attributes in the SetProxy() method + Libraries (glib): - Add GIR annotations to make PK GIR usable - Add header name to GIR and set export package + Libraries (qt): - Add storeInCache parameter to downloadPackages to cover new API - Fix typo in SearchGroups + Libraries (qt2): - New library. + Bugfixes: - Fix precedence when assigning strings to a *GStrv - Create transaction db properly if it's not exist - Do not abort in pk_catalog_init() if PackageKit is not available. Fixes rh#688280 - Do not allow backends to output duplicate older packages when searching with newest - Fix a crash where the error code was pointing to freed memory. Fixes rh#684464 - Fix a typo in pk_transaction_db_get_proxy - Get more proxy info after the new proxy parameters was introduced - Honour ACLOCAL_FLAGS in Makefile.am. Fixes fd#35237 - browser-plugin: Remove deprecated symbols - pkcon: add missing {} around if - pk-debuginfo-install: fix typo of using PK_FILTER - Use the new threadsafe signal handling support in GLib - Various docs updates. + Zypp Backend: - Check repo file before using it - Consider only_trusted option while installing packages - Fix memory leak in pk_backend_transaction_start - Patch::Content is returned by value. Fixes crash on get-updates (bnc#685831) - Reload RpmDB before removing packages - Report download speed (bnc#663069) - Reset packages status in repo while removing packages - Set locale info at the begin of transaction - Support proxy_https,proxy_socks,no_proxy - Use namespace once to remove the namespace noise. - Use output parameters (references) for containers + Non-zypp backends updates (including removal of pacman backend). - Drop PackageKit-fix-endless-recursion.patch: fixed upstream. - Drop PackageKit-fix-build.patch: fixed upstream. - Change Requires of "Packagekit = %{version} to Recommends for libpackagekit-glib2-14 and libpackagekit-qt14: a strict Requires like this goes against the goal of the shared library packaging policy. Also, the users of those libraries should gracefully handle the case where the PackageKit daemon is not running or doesn't understand the D-Bus requests. - Create libpackagekit-qt2-0 and libpackagekit-qt2-devel subpackage for the new libpackagekit-qt2 library. - Remove explicit Requires for packages from various devel subpackages as they will automatically be added the pkgconfig() way: + PackageKit-devel: glib2-devel, NetworkManager-devel, sqlite3-devel + libpackagekit-glib2-devel: glib2-devel, NetworkManager-devel, sqlite3-devel (as well as PackageKit itself) + libpackagekit-qt-devel: libqt4-devel (as well as PackageKit itself) - Mark branding-upstream subpackage as noarch. - Set BUILD_CNF to 1 as the file search works again. This means the pk-command-not-found utility will be built again. - Add PackageKit-fix-build.patch to fix build: do not use some deprecated symbol. Taken from git. - Report the download speed (bnc#663069) - Fix for crash on get-updates (bnc#685831) - Add opensuse-codecs-installer Provides/Obsoletes to gstreamer-plugin subpackage, as it replaces it. - Add gtk3-devel BuildRequires. - Create gtk3-module subpackage. - Update to version 0.6.13 + Libraries: - Allow pk_client_download_packages_async() to be called with no target directory - Port away from PolkitBackendActionLookup to support new versions of PolicyKit + ZYpp Backend: - remove check online in refresh cache - uses the standard system update algorithm from ZYpp. Fixes bnc#637764 (as patch in 0.6.12 package) + Non-zypp backends updates. + Bugfixes: - Add missing python(gio) requirement - Check for polkit_authority_get_sync symbol - Change the connman DBus name - Update for NetworkManager 0.9 snapshots PackageKit-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-branding-openSUSE-11.4-3.10.1.noarch.rpm 1 1 PackageKit-branding-upstream-0.6.14-0.2.1.noarch.rpm 1 1 PackageKit-branding-upstream-0.6.14-0.2.1.noarch.rpm 1 1 PackageKit-browser-plugin-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-browser-plugin-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-devel-0.6.14-0.2.1.noarch.rpm 1 1 PackageKit-doc-0.6.14-0.2.1.noarch.rpm 1 1 PackageKit-gstreamer-plugin-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-gstreamer-plugin-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-gtk-module-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-gtk-module-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-lang-0.6.14-0.2.1.noarch.rpm 1 1 libpackagekit-glib2-14-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-glib2-14-0.6.14-0.2.1.x86_64.rpm 1 1 libpackagekit-glib2-devel-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-glib2-devel-0.6.14-0.2.1.x86_64.rpm 1 1 libpackagekit-qt-devel-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-qt-devel-0.6.14-0.2.1.x86_64.rpm 1 1 libpackagekit-qt14-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-qt14-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-browser-plugin-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-browser-plugin-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-debugsource-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-debugsource-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-gstreamer-plugin-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-gstreamer-plugin-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 PackageKit-gtk-module-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 PackageKit-gtk-module-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 libpackagekit-glib2-14-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-glib2-14-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 libpackagekit-qt14-debuginfo-0.6.14-0.2.1.i586.rpm 1 1 libpackagekit-qt14-debuginfo-0.6.14-0.2.1.x86_64.rpm 1 1 dovecot12 openSUSE 11.4 dovecot crash when parsing mail headers that contain NUL characters (CVE-2011-1929) dovecot12-1.2.17-2.3.1.i586.rpm dovecot12-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-mysql-1.2.17-2.3.1.i586.rpm dovecot12-backend-mysql-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-pgsql-1.2.17-2.3.1.i586.rpm dovecot12-backend-pgsql-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-sqlite-1.2.17-2.3.1.i586.rpm dovecot12-backend-sqlite-1.2.17-2.3.1.x86_64.rpm dovecot12-devel-1.2.17-2.3.1.i586.rpm dovecot12-devel-1.2.17-2.3.1.x86_64.rpm dovecot12-fts-lucene-1.2.17-2.3.1.i586.rpm dovecot12-fts-lucene-1.2.17-2.3.1.x86_64.rpm dovecot12-fts-solr-1.2.17-2.3.1.i586.rpm dovecot12-fts-solr-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-mysql-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-backend-mysql-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-pgsql-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-backend-pgsql-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot12-backend-sqlite-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-backend-sqlite-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot12-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot12-debugsource-1.2.17-2.3.1.i586.rpm dovecot12-debugsource-1.2.17-2.3.1.x86_64.rpm dovecot12-fts-lucene-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-fts-lucene-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot12-fts-solr-debuginfo-1.2.17-2.3.1.i586.rpm dovecot12-fts-solr-debuginfo-1.2.17-2.3.1.x86_64.rpm dovecot20 openSUSE 11.4 dovecot crash when parsing mail headers that contain NUL characters (CVE-2011-1929) dovecot20-2.0.13-0.3.1.i586.rpm dovecot20-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-mysql-2.0.13-0.3.1.i586.rpm dovecot20-backend-mysql-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-pgsql-2.0.13-0.3.1.i586.rpm dovecot20-backend-pgsql-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-sqlite-2.0.13-0.3.1.i586.rpm dovecot20-backend-sqlite-2.0.13-0.3.1.x86_64.rpm dovecot20-devel-2.0.13-0.3.1.i586.rpm dovecot20-devel-2.0.13-0.3.1.x86_64.rpm dovecot20-fts-solr-2.0.13-0.3.1.i586.rpm dovecot20-fts-solr-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-mysql-debuginfo-2.0.13-0.3.1.i586.rpm dovecot20-backend-mysql-debuginfo-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-pgsql-debuginfo-2.0.13-0.3.1.i586.rpm dovecot20-backend-pgsql-debuginfo-2.0.13-0.3.1.x86_64.rpm dovecot20-backend-sqlite-debuginfo-2.0.13-0.3.1.i586.rpm dovecot20-backend-sqlite-debuginfo-2.0.13-0.3.1.x86_64.rpm dovecot20-debuginfo-2.0.13-0.3.1.i586.rpm dovecot20-debuginfo-2.0.13-0.3.1.x86_64.rpm dovecot20-debugsource-2.0.13-0.3.1.i586.rpm dovecot20-debugsource-2.0.13-0.3.1.x86_64.rpm dovecot20-fts-solr-debuginfo-2.0.13-0.3.1.i586.rpm dovecot20-fts-solr-debuginfo-2.0.13-0.3.1.x86_64.rpm libmodplug openSUSE 11.4 specially crafted files could cause a stack overflow in libmodplug (CVE-2011-1761). libmodplug version 0.8.8.3 fixes the problem. libmodplug-devel-0.8.8.3-2.12.1.i586.rpm libmodplug-devel-0.8.8.3-2.12.1.x86_64.rpm libmodplug0-0.8.8.3-2.12.1.i586.rpm libmodplug0-0.8.8.3-2.12.1.x86_64.rpm libmodplug0-32bit-0.8.8.3-2.12.1.x86_64.rpm libmodplug-debugsource-0.8.8.3-2.12.1.i586.rpm libmodplug-debugsource-0.8.8.3-2.12.1.x86_64.rpm libmodplug0-debuginfo-0.8.8.3-2.12.1.i586.rpm libmodplug0-debuginfo-0.8.8.3-2.12.1.x86_64.rpm libmodplug0-debuginfo-32bit-0.8.8.3-2.12.1.x86_64.rpm libpcsclite1 openSUSE 11.4 Two bugs were fixed for pcsc-lite: - #686674: pcscd don't startup - #693324: moneyplex does not work with pcscd in daemon mode libpcsclite1-1.7.2-5.5.1.i586.rpm libpcsclite1-1.7.2-5.5.1.x86_64.rpm libpcsclite1-32bit-1.7.2-5.5.1.x86_64.rpm pcsc-lite-1.7.2-5.5.1.i586.rpm pcsc-lite-1.7.2-5.5.1.x86_64.rpm pcsc-lite-devel-1.7.2-5.5.1.i586.rpm pcsc-lite-devel-1.7.2-5.5.1.x86_64.rpm libpcsclite1-debuginfo-1.7.2-5.5.1.i586.rpm libpcsclite1-debuginfo-1.7.2-5.5.1.x86_64.rpm libpcsclite1-debuginfo-32bit-1.7.2-5.5.1.x86_64.rpm pcsc-lite-debuginfo-1.7.2-5.5.1.i586.rpm pcsc-lite-debuginfo-1.7.2-5.5.1.x86_64.rpm pcsc-lite-debugsource-1.7.2-5.5.1.i586.rpm pcsc-lite-debugsource-1.7.2-5.5.1.x86_64.rpm squid3 openSUSE 11.4 This update of squid3 fixes: - #694120: Squid 3.1.11 NONE/400 (null) under heavy load squid3-3.1.11-4.5.2.i586.rpm squid3-3.1.11-4.5.2.x86_64.rpm squid3-debuginfo-3.1.11-4.5.2.i586.rpm squid3-debuginfo-3.1.11-4.5.2.x86_64.rpm squid3-debugsource-3.1.11-4.5.2.i586.rpm squid3-debugsource-3.1.11-4.5.2.x86_64.rpm python-feedparser openSUSE 11.4 Feeds with embedded html style attributes were parsed incorrectly, which resulted in missing feed data. Fixed by this update. python-feedparser-4.1-9.14.1.noarch.rpm NetworkManager openSUSE 11.4 The following bug is fixed by this update: - #557720: NetworkManager doesn't registers host in the network via DHCP NetworkManager-0.8.2-15.24.1.i586.rpm NetworkManager-0.8.2-15.24.1.x86_64.rpm NetworkManager-devel-0.8.2-15.24.1.i586.rpm NetworkManager-devel-0.8.2-15.24.1.x86_64.rpm NetworkManager-doc-0.8.2-15.24.1.i586.rpm NetworkManager-doc-0.8.2-15.24.1.x86_64.rpm NetworkManager-glib-0.8.2-15.24.1.i586.rpm NetworkManager-glib-0.8.2-15.24.1.x86_64.rpm NetworkManager-lang-0.8.2-15.24.1.noarch.rpm NetworkManager-debuginfo-0.8.2-15.24.1.i586.rpm NetworkManager-debuginfo-0.8.2-15.24.1.x86_64.rpm NetworkManager-debugsource-0.8.2-15.24.1.i586.rpm NetworkManager-debugsource-0.8.2-15.24.1.x86_64.rpm NetworkManager-glib-debuginfo-0.8.2-15.24.1.i586.rpm NetworkManager-glib-debuginfo-0.8.2-15.24.1.x86_64.rpm bind openSUSE 11.4 This update provides bind 9.7.3P1 which fixes a denial of service issue in RRsig RRSET handling. (CVE-2011-1910) bind-9.7.3P1-0.3.1.i586.rpm bind-9.7.3P1-0.3.1.x86_64.rpm bind-chrootenv-9.7.3P1-0.3.1.i586.rpm bind-chrootenv-9.7.3P1-0.3.1.x86_64.rpm bind-devel-9.7.3P1-0.3.1.i586.rpm bind-devel-9.7.3P1-0.3.1.x86_64.rpm bind-doc-9.7.3P1-0.3.1.noarch.rpm bind-libs-9.7.3P1-0.3.1.i586.rpm bind-libs-9.7.3P1-0.3.1.x86_64.rpm bind-libs-32bit-9.7.3P1-0.3.1.x86_64.rpm bind-utils-9.7.3P1-0.3.1.i586.rpm bind-utils-9.7.3P1-0.3.1.x86_64.rpm bind-debuginfo-9.7.3P1-0.3.1.i586.rpm bind-debuginfo-9.7.3P1-0.3.1.x86_64.rpm bind-debugsource-9.7.3P1-0.3.1.i586.rpm bind-debugsource-9.7.3P1-0.3.1.x86_64.rpm bind-libs-debuginfo-9.7.3P1-0.3.1.i586.rpm bind-libs-debuginfo-9.7.3P1-0.3.1.x86_64.rpm bind-libs-debuginfo-32bit-9.7.3P1-0.3.1.x86_64.rpm bind-utils-debuginfo-9.7.3P1-0.3.1.i586.rpm bind-utils-debuginfo-9.7.3P1-0.3.1.x86_64.rpm gdm openSUSE 11.4 This gdm update starts firefox not as user "gdm" anymore. gdm-2.32.0-9.16.1.i586.rpm gdm-2.32.0-9.16.1.x86_64.rpm gdm-branding-upstream-2.32.0-9.16.1.i586.rpm gdm-branding-upstream-2.32.0-9.16.1.x86_64.rpm gdm-lang-2.32.0-9.16.1.noarch.rpm gnome-applets-gdm-2.32.0-9.16.1.i586.rpm gnome-applets-gdm-2.32.0-9.16.1.x86_64.rpm gdm-debuginfo-2.32.0-9.16.1.i586.rpm gdm-debuginfo-2.32.0-9.16.1.x86_64.rpm gdm-debugsource-2.32.0-9.16.1.i586.rpm gdm-debugsource-2.32.0-9.16.1.x86_64.rpm gnome-applets-gdm-debuginfo-2.32.0-9.16.1.i586.rpm gnome-applets-gdm-debuginfo-2.32.0-9.16.1.x86_64.rpm gimp openSUSE 11.4 This update fixes various overflows: + CVE-2011-1178: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVE-2011-1782: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) gimp-2.6.11-13.14.1.i586.rpm gimp-2.6.11-13.14.1.x86_64.rpm gimp-branding-upstream-2.6.11-13.14.1.i586.rpm gimp-branding-upstream-2.6.11-13.14.1.x86_64.rpm gimp-devel-2.6.11-13.14.1.i586.rpm gimp-devel-2.6.11-13.14.1.x86_64.rpm gimp-help-browser-2.6.11-13.14.1.i586.rpm gimp-help-browser-2.6.11-13.14.1.x86_64.rpm gimp-lang-2.6.11-13.14.1.noarch.rpm gimp-module-hal-2.6.11-13.14.1.i586.rpm gimp-module-hal-2.6.11-13.14.1.x86_64.rpm gimp-plugins-python-2.6.11-13.14.1.i586.rpm gimp-plugins-python-2.6.11-13.14.1.x86_64.rpm libgimp-2_0-0-2.6.11-13.14.1.i586.rpm libgimp-2_0-0-2.6.11-13.14.1.x86_64.rpm libgimp-2_0-0-32bit-2.6.11-13.14.1.x86_64.rpm libgimpui-2_0-0-2.6.11-13.14.1.i586.rpm libgimpui-2_0-0-2.6.11-13.14.1.x86_64.rpm libgimpui-2_0-0-32bit-2.6.11-13.14.1.x86_64.rpm gimp-debuginfo-2.6.11-13.14.1.i586.rpm gimp-debuginfo-2.6.11-13.14.1.x86_64.rpm gimp-debugsource-2.6.11-13.14.1.i586.rpm gimp-debugsource-2.6.11-13.14.1.x86_64.rpm gimp-devel-debuginfo-2.6.11-13.14.1.i586.rpm gimp-devel-debuginfo-2.6.11-13.14.1.x86_64.rpm gimp-help-browser-debuginfo-2.6.11-13.14.1.i586.rpm gimp-help-browser-debuginfo-2.6.11-13.14.1.x86_64.rpm gimp-module-hal-debuginfo-2.6.11-13.14.1.i586.rpm gimp-module-hal-debuginfo-2.6.11-13.14.1.x86_64.rpm gimp-plugins-python-debuginfo-2.6.11-13.14.1.i586.rpm gimp-plugins-python-debuginfo-2.6.11-13.14.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.14.1.i586.rpm libgimp-2_0-0-debuginfo-2.6.11-13.14.1.x86_64.rpm libgimp-2_0-0-debuginfo-32bit-2.6.11-13.14.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.14.1.i586.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.14.1.x86_64.rpm libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.14.1.x86_64.rpm hplip openSUSE 11.4 In HPLIP version prior to 3.11.5 colors are printed wrong for the HPCUPS driver (the HPIJS driver works) when Ghostscript 9.00 is used (it works with Ghostscript 8.x). Together with our Ghostscript update packages (see Novell/openSUSE Bugzilla bnc#681071) this HPLIP version upgrade to 3.11.5 fixes the wrong colors (Novell/openSUSE Bugzilla bnc#692905) for the HPCUPS driver. hplip-3.11.5-1.3.1.i586.rpm hplip-3.11.5-1.3.1.x86_64.rpm hplip-hpijs-3.11.5-1.3.1.i586.rpm hplip-hpijs-3.11.5-1.3.1.x86_64.rpm hplip-debuginfo-3.11.5-1.3.1.i586.rpm hplip-debuginfo-3.11.5-1.3.1.x86_64.rpm hplip-debugsource-3.11.5-1.3.1.i586.rpm hplip-debugsource-3.11.5-1.3.1.x86_64.rpm hplip-hpijs-debuginfo-3.11.5-1.3.1.i586.rpm hplip-hpijs-debuginfo-3.11.5-1.3.1.x86_64.rpm kvm openSUSE 11.4 This updates brings the BIOS ROM to seabios version 0.6.2, which fixes a regression introduced by the previous update. kvm-0.14.0.0-1.8.1.i586.rpm kvm-0.14.0.0-1.8.1.x86_64.rpm kvm-debuginfo-0.14.0.0-1.8.1.i586.rpm kvm-debuginfo-0.14.0.0-1.8.1.x86_64.rpm kvm-debugsource-0.14.0.0-1.8.1.i586.rpm kvm-debugsource-0.14.0.0-1.8.1.x86_64.rpm pan openSUSE 11.4 This update fixes two problems of pan: - pan cannot display multipart images (jpg,yenc) in body pane (#683008) - broken saving articles from nzb files (#685759) pan-0.134-3.3.1.i586.rpm pan-0.134-3.3.1.x86_64.rpm pan-lang-0.134-3.3.1.noarch.rpm pan-debuginfo-0.134-3.3.1.i586.rpm pan-debuginfo-0.134-3.3.1.x86_64.rpm pan-debugsource-0.134-3.3.1.i586.rpm pan-debugsource-0.134-3.3.1.x86_64.rpm apache2-mod_php5 openSUSE 11.4 This php5 update fixes: - CVE-2011-0421: CVSS v2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) - CVE-2011-1092: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Numeric Errors (CWE-189) - CVE-2011-1148: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Resource Management Errors (CWE-399) - CVE-2011-1464: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) - CVE-2011-1467: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) - CVE-2011-1468: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Resource Management Errors (CWE-399) - CVE-2011-1469: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P) - CVE-2011-1470: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) - CVE-2011-1471: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189) - CVE-2011-1938: CVSS v2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P) apache2-mod_php5-5.3.5-5.14.1.i586.rpm apache2-mod_php5-5.3.5-5.14.1.x86_64.rpm php5-5.3.5-5.14.1.i586.rpm php5-5.3.5-5.14.1.x86_64.rpm php5-bcmath-5.3.5-5.14.1.i586.rpm php5-bcmath-5.3.5-5.14.1.x86_64.rpm php5-bz2-5.3.5-5.14.1.i586.rpm php5-bz2-5.3.5-5.14.1.x86_64.rpm php5-calendar-5.3.5-5.14.1.i586.rpm php5-calendar-5.3.5-5.14.1.x86_64.rpm php5-ctype-5.3.5-5.14.1.i586.rpm php5-ctype-5.3.5-5.14.1.x86_64.rpm php5-curl-5.3.5-5.14.1.i586.rpm php5-curl-5.3.5-5.14.1.x86_64.rpm php5-dba-5.3.5-5.14.1.i586.rpm php5-dba-5.3.5-5.14.1.x86_64.rpm php5-devel-5.3.5-5.14.1.i586.rpm php5-devel-5.3.5-5.14.1.x86_64.rpm php5-dom-5.3.5-5.14.1.i586.rpm php5-dom-5.3.5-5.14.1.x86_64.rpm php5-enchant-5.3.5-5.14.1.i586.rpm php5-enchant-5.3.5-5.14.1.x86_64.rpm php5-exif-5.3.5-5.14.1.i586.rpm php5-exif-5.3.5-5.14.1.x86_64.rpm php5-fastcgi-5.3.5-5.14.1.i586.rpm php5-fastcgi-5.3.5-5.14.1.x86_64.rpm php5-fileinfo-5.3.5-5.14.1.i586.rpm php5-fileinfo-5.3.5-5.14.1.x86_64.rpm php5-fpm-5.3.5-5.14.1.i586.rpm php5-fpm-5.3.5-5.14.1.x86_64.rpm php5-ftp-5.3.5-5.14.1.i586.rpm php5-ftp-5.3.5-5.14.1.x86_64.rpm php5-gd-5.3.5-5.14.1.i586.rpm php5-gd-5.3.5-5.14.1.x86_64.rpm php5-gettext-5.3.5-5.14.1.i586.rpm php5-gettext-5.3.5-5.14.1.x86_64.rpm php5-gmp-5.3.5-5.14.1.i586.rpm php5-gmp-5.3.5-5.14.1.x86_64.rpm php5-hash-5.3.5-5.14.1.i586.rpm php5-hash-5.3.5-5.14.1.x86_64.rpm php5-iconv-5.3.5-5.14.1.i586.rpm php5-iconv-5.3.5-5.14.1.x86_64.rpm php5-imap-5.3.5-5.14.1.i586.rpm php5-imap-5.3.5-5.14.1.x86_64.rpm php5-intl-5.3.5-5.14.1.i586.rpm php5-intl-5.3.5-5.14.1.x86_64.rpm php5-json-5.3.5-5.14.1.i586.rpm php5-json-5.3.5-5.14.1.x86_64.rpm php5-ldap-5.3.5-5.14.1.i586.rpm php5-ldap-5.3.5-5.14.1.x86_64.rpm php5-mbstring-5.3.5-5.14.1.i586.rpm php5-mbstring-5.3.5-5.14.1.x86_64.rpm php5-mcrypt-5.3.5-5.14.1.i586.rpm php5-mcrypt-5.3.5-5.14.1.x86_64.rpm php5-mysql-5.3.5-5.14.1.i586.rpm php5-mysql-5.3.5-5.14.1.x86_64.rpm php5-odbc-5.3.5-5.14.1.i586.rpm php5-odbc-5.3.5-5.14.1.x86_64.rpm php5-openssl-5.3.5-5.14.1.i586.rpm php5-openssl-5.3.5-5.14.1.x86_64.rpm php5-pcntl-5.3.5-5.14.1.i586.rpm php5-pcntl-5.3.5-5.14.1.x86_64.rpm php5-pdo-5.3.5-5.14.1.i586.rpm php5-pdo-5.3.5-5.14.1.x86_64.rpm php5-pear-5.3.5-5.14.1.noarch.rpm php5-pgsql-5.3.5-5.14.1.i586.rpm php5-pgsql-5.3.5-5.14.1.x86_64.rpm php5-phar-5.3.5-5.14.1.i586.rpm php5-phar-5.3.5-5.14.1.x86_64.rpm php5-posix-5.3.5-5.14.1.i586.rpm php5-posix-5.3.5-5.14.1.x86_64.rpm php5-pspell-5.3.5-5.14.1.i586.rpm php5-pspell-5.3.5-5.14.1.x86_64.rpm php5-readline-5.3.5-5.14.1.i586.rpm php5-readline-5.3.5-5.14.1.x86_64.rpm php5-shmop-5.3.5-5.14.1.i586.rpm php5-shmop-5.3.5-5.14.1.x86_64.rpm php5-snmp-5.3.5-5.14.1.i586.rpm php5-snmp-5.3.5-5.14.1.x86_64.rpm php5-soap-5.3.5-5.14.1.i586.rpm php5-soap-5.3.5-5.14.1.x86_64.rpm php5-sockets-5.3.5-5.14.1.i586.rpm php5-sockets-5.3.5-5.14.1.x86_64.rpm php5-sqlite-5.3.5-5.14.1.i586.rpm php5-sqlite-5.3.5-5.14.1.x86_64.rpm php5-suhosin-5.3.5-5.14.1.i586.rpm php5-suhosin-5.3.5-5.14.1.x86_64.rpm php5-sysvmsg-5.3.5-5.14.1.i586.rpm php5-sysvmsg-5.3.5-5.14.1.x86_64.rpm php5-sysvsem-5.3.5-5.14.1.i586.rpm php5-sysvsem-5.3.5-5.14.1.x86_64.rpm php5-sysvshm-5.3.5-5.14.1.i586.rpm php5-sysvshm-5.3.5-5.14.1.x86_64.rpm php5-tidy-5.3.5-5.14.1.i586.rpm php5-tidy-5.3.5-5.14.1.x86_64.rpm php5-tokenizer-5.3.5-5.14.1.i586.rpm php5-tokenizer-5.3.5-5.14.1.x86_64.rpm php5-wddx-5.3.5-5.14.1.i586.rpm php5-wddx-5.3.5-5.14.1.x86_64.rpm php5-xmlreader-5.3.5-5.14.1.i586.rpm php5-xmlreader-5.3.5-5.14.1.x86_64.rpm php5-xmlrpc-5.3.5-5.14.1.i586.rpm php5-xmlrpc-5.3.5-5.14.1.x86_64.rpm php5-xmlwriter-5.3.5-5.14.1.i586.rpm php5-xmlwriter-5.3.5-5.14.1.x86_64.rpm php5-xsl-5.3.5-5.14.1.i586.rpm php5-xsl-5.3.5-5.14.1.x86_64.rpm php5-zip-5.3.5-5.14.1.i586.rpm php5-zip-5.3.5-5.14.1.x86_64.rpm php5-zlib-5.3.5-5.14.1.i586.rpm php5-zlib-5.3.5-5.14.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-5.14.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-5.14.1.i586.rpm php5-bcmath-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-5.14.1.i586.rpm php5-bz2-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-5.14.1.i586.rpm php5-calendar-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-5.14.1.i586.rpm php5-ctype-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-curl-debuginfo-5.3.5-5.14.1.i586.rpm php5-curl-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-dba-debuginfo-5.3.5-5.14.1.i586.rpm php5-dba-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-debuginfo-5.3.5-5.14.1.i586.rpm php5-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-debugsource-5.3.5-5.14.1.i586.rpm php5-debugsource-5.3.5-5.14.1.x86_64.rpm php5-dom-debuginfo-5.3.5-5.14.1.i586.rpm php5-dom-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-5.14.1.i586.rpm php5-enchant-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-exif-debuginfo-5.3.5-5.14.1.i586.rpm php5-exif-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-5.14.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-5.14.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-5.14.1.i586.rpm php5-fpm-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-5.14.1.i586.rpm php5-ftp-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-gd-debuginfo-5.3.5-5.14.1.i586.rpm php5-gd-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-5.14.1.i586.rpm php5-gettext-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-5.14.1.i586.rpm php5-gmp-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-hash-debuginfo-5.3.5-5.14.1.i586.rpm php5-hash-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-5.14.1.i586.rpm php5-iconv-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-imap-debuginfo-5.3.5-5.14.1.i586.rpm php5-imap-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-intl-debuginfo-5.3.5-5.14.1.i586.rpm php5-intl-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-json-debuginfo-5.3.5-5.14.1.i586.rpm php5-json-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-5.14.1.i586.rpm php5-ldap-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-5.14.1.i586.rpm php5-mbstring-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-5.14.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-5.14.1.i586.rpm php5-mysql-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-5.14.1.i586.rpm php5-odbc-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-5.14.1.i586.rpm php5-openssl-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-5.14.1.i586.rpm php5-pcntl-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-5.14.1.i586.rpm php5-pdo-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-5.14.1.i586.rpm php5-pgsql-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-phar-debuginfo-5.3.5-5.14.1.i586.rpm php5-phar-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-posix-debuginfo-5.3.5-5.14.1.i586.rpm php5-posix-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-5.14.1.i586.rpm php5-pspell-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-readline-debuginfo-5.3.5-5.14.1.i586.rpm php5-readline-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-5.14.1.i586.rpm php5-shmop-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-5.14.1.i586.rpm php5-snmp-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-soap-debuginfo-5.3.5-5.14.1.i586.rpm php5-soap-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-5.14.1.i586.rpm php5-sockets-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-5.14.1.i586.rpm php5-sqlite-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-5.14.1.i586.rpm php5-suhosin-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-5.14.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-5.14.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-5.14.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-5.14.1.i586.rpm php5-tidy-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-5.14.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-5.14.1.i586.rpm php5-wddx-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-5.14.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-5.14.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-5.14.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-5.14.1.i586.rpm php5-xsl-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-zip-debuginfo-5.3.5-5.14.1.i586.rpm php5-zip-debuginfo-5.3.5-5.14.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-5.14.1.i586.rpm php5-zlib-debuginfo-5.3.5-5.14.1.x86_64.rpm libgudev-1_0-0 openSUSE 11.4 run ata_id only on SPC-3 or later optical drives (bnc#679277) libgudev-1_0-0-166-6.7.1.i586.rpm libgudev-1_0-0-166-6.7.1.x86_64.rpm libgudev-1_0-0-32bit-166-6.7.1.x86_64.rpm libgudev-1_0-devel-166-6.7.1.i586.rpm libgudev-1_0-devel-166-6.7.1.x86_64.rpm libudev-devel-166-6.7.1.i586.rpm libudev-devel-166-6.7.1.x86_64.rpm libudev0-166-6.7.1.i586.rpm libudev0-166-6.7.1.x86_64.rpm libudev0-32bit-166-6.7.1.x86_64.rpm udev-166-6.7.1.i586.rpm udev-166-6.7.1.x86_64.rpm libgudev-1_0-0-debuginfo-166-6.7.1.i586.rpm libgudev-1_0-0-debuginfo-166-6.7.1.x86_64.rpm libgudev-1_0-0-debuginfo-32bit-166-6.7.1.x86_64.rpm libudev0-debuginfo-166-6.7.1.i586.rpm libudev0-debuginfo-166-6.7.1.x86_64.rpm libudev0-debuginfo-32bit-166-6.7.1.x86_64.rpm udev-debuginfo-166-6.7.1.i586.rpm udev-debuginfo-166-6.7.1.x86_64.rpm udev-debugsource-166-6.7.1.i586.rpm udev-debugsource-166-6.7.1.x86_64.rpm zlib openSUSE 11.4 zlib-1.2.5 segfaults when passing NULL in path argument to gzopen. As the previous version returns NULL in such case and there is software expecting it (most notable example is KDE3), this update return the older behavior back. This update fixes bug#679345. zlib-1.2.5-9.10.1.i586.rpm zlib-1.2.5-9.10.1.x86_64.rpm zlib-32bit-1.2.5-9.10.1.x86_64.rpm zlib-devel-1.2.5-9.10.1.i586.rpm zlib-devel-1.2.5-9.10.1.x86_64.rpm zlib-devel-32bit-1.2.5-9.10.1.x86_64.rpm zlib-devel-static-1.2.5-9.10.1.i586.rpm zlib-devel-static-1.2.5-9.10.1.x86_64.rpm zlib-debuginfo-1.2.5-9.10.1.i586.rpm zlib-debuginfo-1.2.5-9.10.1.x86_64.rpm zlib-debuginfo-32bit-1.2.5-9.10.1.x86_64.rpm zlib-debugsource-1.2.5-9.10.1.i586.rpm zlib-debugsource-1.2.5-9.10.1.x86_64.rpm flash-player openSUSE 11.4 This update fixes a cross-site scripting vulnerability. CVE-2011-2107: CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N) flash-player-10.3.181.22-0.2.1.i586.rpm libopenssl-devel openSUSE 11.4 This update of openssl fixes a timing attack. This attack can be used to obtain the private key of a TLS server whenever ECDSA signatures are used. CVE-2011-1945: CVSS v2 Base Score: 4.3 (important) (AV:N/AC:M/Au:N/C:P/I:N/A:N): Cryptographic Issues (CWE-310) libopenssl-devel-1.0.0c-18.19.2.i586.rpm libopenssl-devel-1.0.0c-18.19.2.x86_64.rpm libopenssl1_0_0-1.0.0c-18.19.2.i586.rpm libopenssl1_0_0-1.0.0c-18.19.2.x86_64.rpm libopenssl1_0_0-32bit-1.0.0c-18.19.2.x86_64.rpm openssl-1.0.0c-18.19.2.i586.rpm openssl-1.0.0c-18.19.2.x86_64.rpm openssl-doc-1.0.0c-18.19.2.noarch.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.19.2.i586.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.19.2.x86_64.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.19.2.x86_64.rpm openssl-debuginfo-1.0.0c-18.19.2.i586.rpm openssl-debuginfo-1.0.0c-18.19.2.x86_64.rpm openssl-debugsource-1.0.0c-18.19.2.i586.rpm openssl-debugsource-1.0.0c-18.19.2.x86_64.rpm gnome-bluetooth openSUSE 11.4 Sending files over Bluetooth using OBEX in GNOME was not working properly. This updates fixes the issue by using the right package dependencies. gnome-bluetooth-2.32.0-5.6.1.i586.rpm gnome-bluetooth-2.32.0-5.6.1.x86_64.rpm gnome-bluetooth-devel-2.32.0-5.6.1.i586.rpm gnome-bluetooth-devel-2.32.0-5.6.1.x86_64.rpm gnome-bluetooth-lang-2.32.0-5.6.1.noarch.rpm gnome-bluetooth-plugins-geoclue-2.32.0-5.6.1.i586.rpm gnome-bluetooth-plugins-geoclue-2.32.0-5.6.1.x86_64.rpm libgnome-bluetooth8-2.32.0-5.6.1.i586.rpm libgnome-bluetooth8-2.32.0-5.6.1.x86_64.rpm nautilus-sendto-plugin-bluetooth-2.32.0-5.6.1.i586.rpm nautilus-sendto-plugin-bluetooth-2.32.0-5.6.1.x86_64.rpm obexd-client-0.39-4.5.1.i586.rpm obexd-client-0.39-4.5.1.x86_64.rpm gnome-bluetooth-debuginfo-2.32.0-5.6.1.i586.rpm gnome-bluetooth-debuginfo-2.32.0-5.6.1.x86_64.rpm gnome-bluetooth-debugsource-2.32.0-5.6.1.i586.rpm gnome-bluetooth-debugsource-2.32.0-5.6.1.x86_64.rpm gnome-bluetooth-plugins-geoclue-debuginfo-2.32.0-5.6.1.i586.rpm gnome-bluetooth-plugins-geoclue-debuginfo-2.32.0-5.6.1.x86_64.rpm libgnome-bluetooth8-debuginfo-2.32.0-5.6.1.i586.rpm libgnome-bluetooth8-debuginfo-2.32.0-5.6.1.x86_64.rpm nautilus-sendto-plugin-bluetooth-debuginfo-2.32.0-5.6.1.i586.rpm nautilus-sendto-plugin-bluetooth-debuginfo-2.32.0-5.6.1.x86_64.rpm obexd-client-debuginfo-0.39-4.5.1.i586.rpm obexd-client-debuginfo-0.39-4.5.1.x86_64.rpm libpcap openSUSE 11.4 tcpdump/libpcap does not use snaplen correctly and sometimes captures less bytes then requested. This update also fixes captures on bonding interfaces. libpcap-devel-1.1.1-5.6.1.i586.rpm libpcap-devel-1.1.1-5.6.1.x86_64.rpm libpcap1-1.1.1-5.6.1.i586.rpm libpcap1-1.1.1-5.6.1.x86_64.rpm libpcap1-32bit-1.1.1-5.6.1.x86_64.rpm libpcap-debugsource-1.1.1-5.6.1.i586.rpm libpcap-debugsource-1.1.1-5.6.1.x86_64.rpm libpcap1-debuginfo-1.1.1-5.6.1.i586.rpm libpcap1-debuginfo-1.1.1-5.6.1.x86_64.rpm libpcap1-debuginfo-32bit-1.1.1-5.6.1.x86_64.rpm libslab openSUSE 11.4 This update fixes a yast2 segfault when starting yast2 in the locales cs_CZ, hu_HU and tr_TR (bnc#650196) libslab-devel-2.30.0-12.3.1.i586.rpm libslab-devel-2.30.0-12.3.1.x86_64.rpm libslab-lang-2.30.0-12.3.1.noarch.rpm libslab0-2.30.0-12.3.1.i586.rpm libslab0-2.30.0-12.3.1.x86_64.rpm libslab-debugsource-2.30.0-12.3.1.i586.rpm libslab-debugsource-2.30.0-12.3.1.x86_64.rpm libslab0-debuginfo-2.30.0-12.3.1.i586.rpm libslab0-debuginfo-2.30.0-12.3.1.x86_64.rpm libmysqlclient-devel Moderate openSUSE 11.4 This mysql update fixes the following security issues - CVE-2010-3833: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors (CWE-399) - CVE-2010-3834: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Insufficient Information (CWE-noinfo) - CVE-2010-3835: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Numeric Errors (CWE-189) - CVE-2010-3836: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors (CWE-399) - CVE-2010-3837: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors (CWE-399) - CVE-2010-3838: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other) - CVE-2010-3839: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2010-3840: CVSS v2 Base Score: 4.0 (moderate) (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other) libmysqlclient-devel-5.1.57-0.3.1.i586.rpm libmysqlclient-devel-5.1.57-0.3.1.x86_64.rpm libmysqlclient16-5.1.57-0.3.1.i586.rpm libmysqlclient16-5.1.57-0.3.1.x86_64.rpm libmysqlclient16-32bit-5.1.57-0.3.1.x86_64.rpm libmysqlclient_r16-5.1.57-0.3.1.i586.rpm libmysqlclient_r16-5.1.57-0.3.1.x86_64.rpm libmysqlclient_r16-32bit-5.1.57-0.3.1.x86_64.rpm libmysqld-devel-5.1.57-0.3.1.i586.rpm libmysqld-devel-5.1.57-0.3.1.x86_64.rpm libmysqld0-5.1.57-0.3.1.i586.rpm libmysqld0-5.1.57-0.3.1.x86_64.rpm mysql-community-server-5.1.57-0.3.1.i586.rpm mysql-community-server-5.1.57-0.3.1.x86_64.rpm mysql-community-server-bench-5.1.57-0.3.1.i586.rpm mysql-community-server-bench-5.1.57-0.3.1.x86_64.rpm mysql-community-server-client-5.1.57-0.3.1.i586.rpm mysql-community-server-client-5.1.57-0.3.1.x86_64.rpm mysql-community-server-debug-5.1.57-0.3.1.i586.rpm mysql-community-server-debug-5.1.57-0.3.1.x86_64.rpm mysql-community-server-test-5.1.57-0.3.1.i586.rpm mysql-community-server-test-5.1.57-0.3.1.x86_64.rpm mysql-community-server-tools-5.1.57-0.3.1.i586.rpm mysql-community-server-tools-5.1.57-0.3.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.57-0.3.1.i586.rpm libmysqlclient16-debuginfo-5.1.57-0.3.1.x86_64.rpm libmysqlclient16-debuginfo-32bit-5.1.57-0.3.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.57-0.3.1.i586.rpm libmysqlclient_r16-debuginfo-5.1.57-0.3.1.x86_64.rpm libmysqlclient_r16-debuginfo-32bit-5.1.57-0.3.1.x86_64.rpm libmysqld0-debuginfo-5.1.57-0.3.1.i586.rpm libmysqld0-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-bench-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-client-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-client-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-debug-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-debug-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-debugsource-5.1.57-0.3.1.i586.rpm mysql-community-server-debugsource-5.1.57-0.3.1.x86_64.rpm mysql-community-server-test-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-test-debuginfo-5.1.57-0.3.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.1.57-0.3.1.i586.rpm mysql-community-server-tools-debuginfo-5.1.57-0.3.1.x86_64.rpm ntp openSUSE 11.4 The following bugs are fixed by this update: - Because of a deprecated convert script the post install script has always removed the file /etc/sysconfig/ntp. - "rcntp ntptimeset" could not parse servers from ntp.conf when IP proto was specified (server [-4|-6] hostname) - "rcntp ntptimeset" is now using IP proto parameter (-4|-6) if it's set in NTPD_OPTIONS and skip servers where the opposite proto is defined - "Started sntp" in /var/log/messages ntp-4.2.6p3-6.11.1.i586.rpm ntp-4.2.6p3-6.11.1.x86_64.rpm ntp-doc-4.2.6p3-6.11.1.i586.rpm ntp-doc-4.2.6p3-6.11.1.x86_64.rpm ntp-debuginfo-4.2.6p3-6.11.1.i586.rpm ntp-debuginfo-4.2.6p3-6.11.1.x86_64.rpm ntp-debugsource-4.2.6p3-6.11.1.i586.rpm ntp-debugsource-4.2.6p3-6.11.1.x86_64.rpm g3utils openSUSE 11.4 The following bug is fixed by this update: faxspool does not work any more with pdf files (package mgetty+sendfax). After the update gs is used directly, without acroreader. g3utils-1.1.36-35.36.1.i586.rpm g3utils-1.1.36-35.36.1.x86_64.rpm mgetty-1.1.36-35.36.1.i586.rpm mgetty-1.1.36-35.36.1.x86_64.rpm sendfax-1.1.36-35.36.1.i586.rpm sendfax-1.1.36-35.36.1.x86_64.rpm g3utils-debuginfo-1.1.36-35.36.1.i586.rpm g3utils-debuginfo-1.1.36-35.36.1.x86_64.rpm mgetty-debuginfo-1.1.36-35.36.1.i586.rpm mgetty-debuginfo-1.1.36-35.36.1.x86_64.rpm mgetty-debugsource-1.1.36-35.36.1.i586.rpm mgetty-debugsource-1.1.36-35.36.1.x86_64.rpm sendfax-debuginfo-1.1.36-35.36.1.i586.rpm sendfax-debuginfo-1.1.36-35.36.1.x86_64.rpm xorg-x11-Xvnc openSUSE 11.4 This update contains fixes for the following bugs: - #400520: Keyboard handling was not XKB aware, which leads to a multitude of issues (e.g. no umlauts, Shift-PgUp not detected, etc.) - A *major* memory leak was introduced by original xserver 1.9 enabling patch xorg-x11-Xvnc-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.24.2.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.24.2.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.24.2.x86_64.rpm desktop-data-openSUSE openSUSE 11.4 The following bug is fixed by this update: - #686786: desktop-data-openSUSE makes KDE3's kcontrol empty on 11.4 desktop-data-openSUSE-11.4-13.18.1.noarch.rpm desktop-data-openSUSE-extra-11.4-13.18.1.noarch.rpm libsvn_auth_gnome_keyring-1-0 openSUSE 11.4 Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users. libsvn_auth_gnome_keyring-1-0-1.6.17-1.2.1.i586.rpm libsvn_auth_gnome_keyring-1-0-1.6.17-1.2.1.x86_64.rpm libsvn_auth_kwallet-1-0-1.6.17-1.2.1.i586.rpm libsvn_auth_kwallet-1-0-1.6.17-1.2.1.x86_64.rpm subversion-1.6.17-1.2.1.i586.rpm subversion-1.6.17-1.2.1.x86_64.rpm subversion-devel-1.6.17-1.2.1.i586.rpm subversion-devel-1.6.17-1.2.1.x86_64.rpm subversion-perl-1.6.17-1.2.1.i586.rpm subversion-perl-1.6.17-1.2.1.x86_64.rpm subversion-python-1.6.17-1.2.1.i586.rpm subversion-python-1.6.17-1.2.1.x86_64.rpm subversion-ruby-1.6.17-1.2.1.i586.rpm subversion-ruby-1.6.17-1.2.1.x86_64.rpm subversion-server-1.6.17-1.2.1.i586.rpm subversion-server-1.6.17-1.2.1.x86_64.rpm subversion-tools-1.6.17-1.2.1.i586.rpm subversion-tools-1.6.17-1.2.1.x86_64.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.17-1.2.1.i586.rpm libsvn_auth_gnome_keyring-1-0-debuginfo-1.6.17-1.2.1.x86_64.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.17-1.2.1.i586.rpm libsvn_auth_kwallet-1-0-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-debuginfo-1.6.17-1.2.1.i586.rpm subversion-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-debugsource-1.6.17-1.2.1.i586.rpm subversion-debugsource-1.6.17-1.2.1.x86_64.rpm subversion-perl-debuginfo-1.6.17-1.2.1.i586.rpm subversion-perl-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-python-debuginfo-1.6.17-1.2.1.i586.rpm subversion-python-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-ruby-debuginfo-1.6.17-1.2.1.i586.rpm subversion-ruby-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-server-debuginfo-1.6.17-1.2.1.i586.rpm subversion-server-debuginfo-1.6.17-1.2.1.x86_64.rpm subversion-tools-debuginfo-1.6.17-1.2.1.i586.rpm subversion-tools-debuginfo-1.6.17-1.2.1.x86_64.rpm libvmtools-devel openSUSE 11.4 This update of open-vm-tools fixes the following vulnerabilities which allowed an attacker to gain root privileges within the guest system: - CVE-2011-1681 - CVE-2011-2146 - CVE-2011-1787 - CVE-2011-2145 libvmtools-devel-2011.05.27-0.3.3.i586.rpm libvmtools-devel-2011.05.27-0.3.3.x86_64.rpm libvmtools0-2011.05.27-0.3.3.i586.rpm libvmtools0-2011.05.27-0.3.3.x86_64.rpm open-vm-tools-2011.05.27-0.3.3.i586.rpm open-vm-tools-2011.05.27-0.3.3.x86_64.rpm open-vm-tools-gui-2011.05.27-0.3.3.i586.rpm open-vm-tools-gui-2011.05.27-0.3.3.x86_64.rpm vmware-guest-kmp-default-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm vmware-guest-kmp-default-2011.05.27_k2.6.37.6_0.5-0.3.3.x86_64.rpm vmware-guest-kmp-desktop-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm vmware-guest-kmp-desktop-2011.05.27_k2.6.37.6_0.5-0.3.3.x86_64.rpm vmware-guest-kmp-pae-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm libvmtools0-debuginfo-2011.05.27-0.3.3.i586.rpm libvmtools0-debuginfo-2011.05.27-0.3.3.x86_64.rpm open-vm-tools-debuginfo-2011.05.27-0.3.3.i586.rpm open-vm-tools-debuginfo-2011.05.27-0.3.3.x86_64.rpm open-vm-tools-debugsource-2011.05.27-0.3.3.i586.rpm open-vm-tools-debugsource-2011.05.27-0.3.3.x86_64.rpm open-vm-tools-gui-debuginfo-2011.05.27-0.3.3.i586.rpm open-vm-tools-gui-debuginfo-2011.05.27-0.3.3.x86_64.rpm vmware-guest-kmp-default-debuginfo-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm vmware-guest-kmp-default-debuginfo-2011.05.27_k2.6.37.6_0.5-0.3.3.x86_64.rpm vmware-guest-kmp-desktop-debuginfo-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm vmware-guest-kmp-desktop-debuginfo-2011.05.27_k2.6.37.6_0.5-0.3.3.x86_64.rpm vmware-guest-kmp-pae-debuginfo-2011.05.27_k2.6.37.6_0.5-0.3.3.i586.rpm java-1_6_0-sun openSUSE 11.4 Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html (CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0786, CVE-2011-0788, CVE-2011-0866, CVE-2011-0868, CVE-2011-0872, CVE-2011-0867, CVE-2011-0869, CVE-2011-0865) java-1_6_0-sun-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-alsa-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-alsa-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-demo-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-demo-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-devel-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-devel-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-jdbc-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-jdbc-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-plugin-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-plugin-1.6.0.u26-0.2.1.x86_64.rpm java-1_6_0-sun-src-1.6.0.u26-0.2.1.i586.rpm java-1_6_0-sun-src-1.6.0.u26-0.2.1.x86_64.rpm yast2-trans openSUSE 11.4 Collective software translation update. yast2-trans-2.19.0-31.38.1.noarch.rpm yast2-trans-af-2.19.0-31.38.1.noarch.rpm yast2-trans-ar-2.19.0-31.38.1.noarch.rpm yast2-trans-ast-2.19.0-31.38.1.noarch.rpm yast2-trans-bg-2.19.0-31.38.1.noarch.rpm yast2-trans-bn-2.19.0-31.38.1.noarch.rpm yast2-trans-bs-2.19.0-31.38.1.noarch.rpm yast2-trans-ca-2.19.0-31.38.1.noarch.rpm yast2-trans-cs-2.19.0-31.38.1.noarch.rpm yast2-trans-cy-2.19.0-31.38.1.noarch.rpm yast2-trans-da-2.19.0-31.38.1.noarch.rpm yast2-trans-de-2.19.0-31.38.1.noarch.rpm yast2-trans-el-2.19.0-31.38.1.noarch.rpm yast2-trans-en_GB-2.19.0-31.38.1.noarch.rpm yast2-trans-en_US-2.19.0-31.38.1.noarch.rpm yast2-trans-es-2.19.0-31.38.1.noarch.rpm yast2-trans-et-2.19.0-31.38.1.noarch.rpm yast2-trans-fa-2.19.0-31.38.1.noarch.rpm yast2-trans-fi-2.19.0-31.38.1.noarch.rpm yast2-trans-fr-2.19.0-31.38.1.noarch.rpm yast2-trans-gl-2.19.0-31.38.1.noarch.rpm yast2-trans-gu-2.19.0-31.38.1.noarch.rpm yast2-trans-hi-2.19.0-31.38.1.noarch.rpm yast2-trans-hr-2.19.0-31.38.1.noarch.rpm yast2-trans-hu-2.19.0-31.38.1.noarch.rpm yast2-trans-id-2.19.0-31.38.1.noarch.rpm yast2-trans-it-2.19.0-31.38.1.noarch.rpm yast2-trans-ja-2.19.0-31.38.1.noarch.rpm yast2-trans-jv-2.19.0-31.38.1.noarch.rpm yast2-trans-ka-2.19.0-31.38.1.noarch.rpm yast2-trans-km-2.19.0-31.38.1.noarch.rpm yast2-trans-kn-2.19.0-31.38.1.noarch.rpm yast2-trans-ko-2.19.0-31.38.1.noarch.rpm yast2-trans-ku-2.19.0-31.38.1.noarch.rpm yast2-trans-lo-2.19.0-31.38.1.noarch.rpm yast2-trans-lt-2.19.0-31.38.1.noarch.rpm yast2-trans-mk-2.19.0-31.38.1.noarch.rpm yast2-trans-mr-2.19.0-31.38.1.noarch.rpm yast2-trans-nb-2.19.0-31.38.1.noarch.rpm yast2-trans-nds-2.19.0-31.38.1.noarch.rpm yast2-trans-nl-2.19.0-31.38.1.noarch.rpm yast2-trans-pa-2.19.0-31.38.1.noarch.rpm yast2-trans-pl-2.19.0-31.38.1.noarch.rpm yast2-trans-pt-2.19.0-31.38.1.noarch.rpm yast2-trans-pt_BR-2.19.0-31.38.1.noarch.rpm yast2-trans-ro-2.19.0-31.38.1.noarch.rpm yast2-trans-ru-2.19.0-31.38.1.noarch.rpm yast2-trans-si-2.19.0-31.38.1.noarch.rpm yast2-trans-sk-2.19.0-31.38.1.noarch.rpm yast2-trans-sl-2.19.0-31.38.1.noarch.rpm yast2-trans-sr-2.19.0-31.38.1.noarch.rpm yast2-trans-sv-2.19.0-31.38.1.noarch.rpm yast2-trans-sw-2.19.0-31.38.1.noarch.rpm yast2-trans-ta-2.19.0-31.38.1.noarch.rpm yast2-trans-tg-2.19.0-31.38.1.noarch.rpm yast2-trans-th-2.19.0-31.38.1.noarch.rpm yast2-trans-tr-2.19.0-31.38.1.noarch.rpm yast2-trans-uk-2.19.0-31.38.1.noarch.rpm yast2-trans-vi-2.19.0-31.38.1.noarch.rpm yast2-trans-wa-2.19.0-31.38.1.noarch.rpm yast2-trans-xh-2.19.0-31.38.1.noarch.rpm yast2-trans-zh_CN-2.19.0-31.38.1.noarch.rpm yast2-trans-zh_TW-2.19.0-31.38.1.noarch.rpm yast2-trans-zu-2.19.0-31.38.1.noarch.rpm desktop-translations openSUSE 11.4 This update adds the "nn" translations desktop-translations-11.4-8.17.1.noarch.rpm translation-update openSUSE 11.4 Collective translation update. translation-update-11.4-0.4.1.noarch.rpm translation-update-cs-11.4-0.4.1.noarch.rpm translation-update-da-11.4-0.4.1.noarch.rpm translation-update-de-11.4-0.4.1.noarch.rpm translation-update-es-11.4-0.4.1.noarch.rpm translation-update-fi-11.4-0.4.1.noarch.rpm translation-update-fr-11.4-0.4.1.noarch.rpm translation-update-gl-11.4-0.4.1.noarch.rpm translation-update-hr-11.4-0.4.1.noarch.rpm translation-update-hu-11.4-0.4.1.noarch.rpm translation-update-it-11.4-0.4.1.noarch.rpm translation-update-ja-11.4-0.4.1.noarch.rpm translation-update-ka-11.4-0.4.1.noarch.rpm translation-update-km-11.4-0.4.1.noarch.rpm translation-update-ko-11.4-0.4.1.noarch.rpm translation-update-nb-11.4-0.4.1.noarch.rpm translation-update-nl-11.4-0.4.1.noarch.rpm translation-update-pa-11.4-0.4.1.noarch.rpm translation-update-pl-11.4-0.4.1.noarch.rpm translation-update-pt-11.4-0.4.1.noarch.rpm translation-update-pt_BR-11.4-0.4.1.noarch.rpm translation-update-ro-11.4-0.4.1.noarch.rpm translation-update-ru-11.4-0.4.1.noarch.rpm translation-update-sk-11.4-0.4.1.noarch.rpm translation-update-uk-11.4-0.4.1.noarch.rpm translation-update-wa-11.4-0.4.1.noarch.rpm clamav openSUSE 11.4 This update provides ClamAV 0.97.1: clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/mew.c: harden boundary check on e8/e9 fixup clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/matcher-hash.c: in hm_sort don't swap an item with itself (bb#2818) clamav-4705 dbg114-clamav-4705 new_updateinfo freshclam/manager.c: fix return code of Rfc2822DateTime() (bb#2809) clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/pdf.c: better detection for encrypted PDFs (bb #2448) clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/c++: add support for building with external LLVM 2.9, and drop external 2.8 support clamav-4705 dbg114-clamav-4705 new_updateinfo clamd: log request ip address for instream scans #bb2592 clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/c++/llvm/lib/Target/X86/X86InstrInfo.td: bb #2763 don't assert on AVX chips (Intel Core i5 and i7) clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool: properly normalize html files (bb#2764) clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool/sigtool.c: fix formatting of hash dbs (bb#2765) clamav-4705 dbg114-clamav-4705 new_updateinfo freshclam: add mirror statistics mechanism clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/pe_icons.c: don't sigbus on sparc (bb#2695) clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/pe.c: reset corrupted status before bytecode hooks (bb#2544) clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool, freshclam: put .info on top of container to speed up loading clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool: fix --verify-cdiff clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool: allow arbitrary names for --build clamav-4705 dbg114-clamav-4705 new_updateinfo clamdscan: fix file exclusion (bb#2579) clamav-4705 dbg114-clamav-4705 new_updateinfo clamd: add new option ClamukoExcludeUID (bb#2260) clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/elf.c: fix incorrect detection of Broken.Executable (bb#2580) clamav-4705 dbg114-clamav-4705 new_updateinfo shared/output.c: fix empty lines in syslog (bb#2578) clamav-4705 dbg114-clamav-4705 new_updateinfo clamd: update description of ReadTimeout (bb#2565) clamav-4705 dbg114-clamav-4705 new_updateinfo clamd: add new config option BytecodeUnsigned (bb#2537); drop "None" from BytecodeSecurity clamav-4705 dbg114-clamav-4705 new_updateinfo clamscan: add new switch --bytecode-unsigned and drop --bytecode-trust-all clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool/sigtool.c: improve handling of bytecode.info (bb#2292) clamav-4705 dbg114-clamav-4705 new_updateinfo libclamav/others.c: make sure TLS key is initializer (bb #2588). clamav-4705 dbg114-clamav-4705 new_updateinfo configure: check for enable_extended_FILE_stdio (bb #2542) clamav-4705 dbg114-clamav-4705 new_updateinfo sigtool/sigtool.c: handle all signature formats with --(list|find)-sigs (bb#2534) clamav-0.97.1-1.3.1.i586.rpm clamav-0.97.1-1.3.1.x86_64.rpm clamav-db-0.97.1-1.3.1.noarch.rpm clamav-debuginfo-0.97.1-1.3.1.i586.rpm clamav-debuginfo-0.97.1-1.3.1.x86_64.rpm clamav-debugsource-0.97.1-1.3.1.i586.rpm clamav-debugsource-0.97.1-1.3.1.x86_64.rpm groff openSUSE 11.4 groff created temporary files in an insecure way. Local attackers could potentially exploit that to overwrite files of other users. groff-1.20.1-3.4.1.i586.rpm groff-1.20.1-3.4.1.x86_64.rpm groff-doc-1.20.1-3.4.1.i586.rpm groff-doc-1.20.1-3.4.1.x86_64.rpm groff-debuginfo-1.20.1-3.4.1.i586.rpm groff-debuginfo-1.20.1-3.4.1.x86_64.rpm libvirt openSUSE 11.4 A regression re-introduced automatic disk probing again which potentially allowed to uses to access arbitrary files (CVE-2011-2178). libvirt-0.8.8-0.10.1.i586.rpm libvirt-0.8.8-0.10.1.x86_64.rpm libvirt-client-0.8.8-0.10.1.i586.rpm libvirt-client-0.8.8-0.10.1.x86_64.rpm libvirt-devel-0.8.8-0.10.1.i586.rpm libvirt-devel-0.8.8-0.10.1.x86_64.rpm libvirt-doc-0.8.8-0.10.1.i586.rpm libvirt-doc-0.8.8-0.10.1.x86_64.rpm libvirt-python-0.8.8-0.10.1.i586.rpm libvirt-python-0.8.8-0.10.1.x86_64.rpm libvirt-client-debuginfo-0.8.8-0.10.1.i586.rpm libvirt-client-debuginfo-0.8.8-0.10.1.x86_64.rpm libvirt-debuginfo-0.8.8-0.10.1.i586.rpm libvirt-debuginfo-0.8.8-0.10.1.x86_64.rpm libvirt-debugsource-0.8.8-0.10.1.i586.rpm libvirt-debugsource-0.8.8-0.10.1.x86_64.rpm libvirt-python-debuginfo-0.8.8-0.10.1.i586.rpm libvirt-python-debuginfo-0.8.8-0.10.1.x86_64.rpm unixODBC openSUSE 11.4 Specially crafted reply of a malicious server could overflow a buffer in unixODBC (CVE-2011-1145). unixODBC-2.2.12-207.208.1.i586.rpm unixODBC-2.2.12-207.208.1.x86_64.rpm unixODBC-32bit-2.2.12-207.208.1.x86_64.rpm unixODBC-devel-2.2.12-207.208.1.i586.rpm unixODBC-devel-2.2.12-207.208.1.x86_64.rpm unixODBC-devel-32bit-2.2.12-207.208.1.x86_64.rpm unixODBC-debuginfo-2.2.12-207.208.1.i586.rpm unixODBC-debuginfo-2.2.12-207.208.1.x86_64.rpm unixODBC-debuginfo-32bit-2.2.12-207.208.1.x86_64.rpm unixODBC-debugsource-2.2.12-207.208.1.i586.rpm unixODBC-debugsource-2.2.12-207.208.1.x86_64.rpm flash-player openSUSE 11.4 A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages. flash-player-10.3.181.26-0.2.1.i586.rpm groff-devx openSUSE 11.4 This update fixes the following issues: dbg114-groff-devx-4718 groff-devx-4718 new_updateinfo 668254: "xditview does not show the tilde character" dbg114-groff-devx-4718 groff-devx-4718 new_updateinfo 682913: "groff: device X100 is missing" gxditview-1.20.1-4.4.1.i586.rpm gxditview-1.20.1-4.4.1.x86_64.rpm gxditview-debuginfo-1.20.1-4.4.1.i586.rpm gxditview-debuginfo-1.20.1-4.4.1.x86_64.rpm gxditview-debugsource-1.20.1-4.4.1.i586.rpm gxditview-debugsource-1.20.1-4.4.1.x86_64.rpm gdk-pixbuf-loader-libopenraw openSUSE 11.4 The following bugs are fixed by this update: - bnc#561232: Fix nautilus crash when browsing the folder contains Olympus raw (.orf) files - bnc#699678: Load and decompress Olympus raw files to generate thumbnails gdk-pixbuf-loader-libopenraw-0.0.8-11.12.1.i586.rpm gdk-pixbuf-loader-libopenraw-0.0.8-11.12.1.x86_64.rpm gdk-pixbuf-loader-libopenraw-32bit-0.0.8-11.12.1.x86_64.rpm libopenraw-devel-0.0.8-11.12.1.i586.rpm libopenraw-devel-0.0.8-11.12.1.x86_64.rpm libopenraw1-0.0.8-11.12.1.i586.rpm libopenraw1-0.0.8-11.12.1.x86_64.rpm libopenraw1-32bit-0.0.8-11.12.1.x86_64.rpm gdk-pixbuf-loader-libopenraw-debuginfo-0.0.8-11.12.1.i586.rpm gdk-pixbuf-loader-libopenraw-debuginfo-0.0.8-11.12.1.x86_64.rpm gdk-pixbuf-loader-libopenraw-debuginfo-32bit-0.0.8-11.12.1.x86_64.rpm libopenraw-debugsource-0.0.8-11.12.1.i586.rpm libopenraw-debugsource-0.0.8-11.12.1.x86_64.rpm libopenraw1-debuginfo-0.0.8-11.12.1.i586.rpm libopenraw1-debuginfo-0.0.8-11.12.1.x86_64.rpm libopenraw1-debuginfo-32bit-0.0.8-11.12.1.x86_64.rpm release-notes-openSUSE openSUSE 11.4 openSUSE Release Notes Update: - Bug 694784 - NFS shares not mounted at boot in openSUSE 11.4. - Translation update. release-notes-openSUSE-11.4.5-0.2.1.noarch.rpm xfig openSUSE 11.4 xfig fails to load the second eps file. Fixed by this update. xfig-3.2.5b-14.15.1.i586.rpm xfig-3.2.5b-14.15.1.x86_64.rpm xfig-debuginfo-3.2.5b-14.15.1.i586.rpm xfig-debuginfo-3.2.5b-14.15.1.x86_64.rpm xfig-debugsource-3.2.5b-14.15.1.i586.rpm xfig-debugsource-3.2.5b-14.15.1.x86_64.rpm libgnomesu openSUSE 11.4 The libgnomesu pam backend did not check the return value of the setuid() functions. Local users could exploit that to gain root privileges (CVE-2011-1946). libgnomesu-1.0.0-329.334.1.i586.rpm libgnomesu-1.0.0-329.334.1.x86_64.rpm libgnomesu-devel-1.0.0-329.334.1.i586.rpm libgnomesu-devel-1.0.0-329.334.1.x86_64.rpm libgnomesu-lang-1.0.0-329.334.1.noarch.rpm libgnomesu0-1.0.0-329.334.1.i586.rpm libgnomesu0-1.0.0-329.334.1.x86_64.rpm libgnomesu-debuginfo-1.0.0-329.334.1.i586.rpm libgnomesu-debuginfo-1.0.0-329.334.1.x86_64.rpm libgnomesu-debugsource-1.0.0-329.334.1.i586.rpm libgnomesu-debugsource-1.0.0-329.334.1.x86_64.rpm libgnomesu0-debuginfo-1.0.0-329.334.1.i586.rpm libgnomesu0-debuginfo-1.0.0-329.334.1.x86_64.rpm cyrus-imapd openSUSE 11.4 cyrus-imapd recognized commands before switching to an encrypted channel via STARTTLS. Attackers could potentially exploit that to inject plain text commands (CVE-2011-1926). cyrus-imapd-2.3.16-16.17.1.i586.rpm cyrus-imapd-2.3.16-16.17.1.x86_64.rpm cyrus-imapd-devel-2.3.16-16.17.1.i586.rpm cyrus-imapd-devel-2.3.16-16.17.1.x86_64.rpm perl-Cyrus-IMAP-2.3.16-16.17.1.i586.rpm perl-Cyrus-IMAP-2.3.16-16.17.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.17.1.i586.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.17.1.x86_64.rpm cyrus-imapd-debuginfo-2.3.16-16.17.1.i586.rpm cyrus-imapd-debuginfo-2.3.16-16.17.1.x86_64.rpm cyrus-imapd-debugsource-2.3.16-16.17.1.i586.rpm cyrus-imapd-debugsource-2.3.16-16.17.1.x86_64.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.17.1.i586.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.17.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.17.1.i586.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.17.1.x86_64.rpm nut-classic openSUSE 11.4 The following bug is fixed by this update: Command order in /usr/lib/pm-utils/sleep.d/99nut is wrong, which may let system off when power is back or cause nut failures after resume. nut-classic-2.6.0-4.5.1.i586.rpm nut-classic-2.6.0-4.5.1.x86_64.rpm nut-classic-debuginfo-2.6.0-4.5.1.i586.rpm nut-classic-debuginfo-2.6.0-4.5.1.x86_64.rpm git-web openSUSE 11.4 Users with commit access to repos served by git-web could cause cross site scripting (XSS) issues with XML files (CVE-2011-2186). Due to a differently formatted /etc/mime.types openSUSE is not affected by default. This update nevertheless turns on git-web's XSS protection mechanism to avoid similar problems in the future. To turn XSS protection off again put the following line in /etc/gitweb.conf: $prevent_xss = 0; git-web-1.7.3.4-4.5.1.i586.rpm git-web-1.7.3.4-4.5.1.x86_64.rpm mdadm openSUSE 11.4 The following bugs are fixed by this update: - #684291: Partitions of raid arrays are not handled correctly. - #699667: Incorrect error message on big-endian machines. mdadm-3.1.4-13.19.1.i586.rpm mdadm-3.1.4-13.19.1.x86_64.rpm mdadm-debuginfo-3.1.4-13.19.1.i586.rpm mdadm-debuginfo-3.1.4-13.19.1.x86_64.rpm mdadm-debugsource-3.1.4-13.19.1.i586.rpm mdadm-debugsource-3.1.4-13.19.1.x86_64.rpm lensfun openSUSE 11.4 lensfun 0.2.5 was crashing on some hardware, when lens correction are being applied on photo taken with a lens in lensfun camera database (when using either ufraw, darktable or digikam). It could also crash when incorrect lens database was used. This update fixes this issue. lensfun-0.2.5-8.9.1.i586.rpm lensfun-0.2.5-8.9.1.x86_64.rpm lensfun-devel-0.2.5-8.9.1.i586.rpm lensfun-devel-0.2.5-8.9.1.x86_64.rpm lensfun-doc-0.2.5-8.9.1.i586.rpm lensfun-doc-0.2.5-8.9.1.x86_64.rpm liblensfun0-0.2.5-8.9.1.i586.rpm liblensfun0-0.2.5-8.9.1.x86_64.rpm mozilla-js192 openSUSE 11.4 mozilla-xulrunner192 was updated to the 1.9.2.18 security release. dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error mozilla-js192-1.9.2.18-1.2.1.i586.rpm mozilla-js192-1.9.2.18-1.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.18-1.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.18-1.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.18-1.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.18-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.18-1.2.1.x86_64.rpm yast2-network openSUSE 11.4 The DSL module wrongly required linux-atm-lib after the package had been renamed to libatm1.rpm (bnc#668586). WebYaST: also update /etc/hosts, for hostname -f (bnc#694283#c8). AutoYaST: networking/start_immediately was ignored (bnc#655571, bnc#675844). yast2-network-2.20.12-0.3.1.i586.rpm yast2-network-2.20.12-0.3.1.x86_64.rpm yast2-network-devel-doc-2.20.12-0.3.1.i586.rpm yast2-network-devel-doc-2.20.12-0.3.1.x86_64.rpm coreutils openSUSE 11.4 cp -a --link would not create a hardlink to a symlink, instead copying the symlink and then not preserving its timestamp. Bug introduced in coreutils-8.0. Fixed by this update. coreutils-8.9-7.1.i586.rpm coreutils-8.9-7.1.x86_64.rpm coreutils-lang-8.9-7.1.noarch.rpm coreutils-debuginfo-8.9-7.1.i586.rpm coreutils-debuginfo-8.9-7.1.x86_64.rpm coreutils-debugsource-8.9-7.1.i586.rpm coreutils-debugsource-8.9-7.1.x86_64.rpm tftp openSUSE 11.4 Malicious clients could overflow a buffer in tftpd by specifying a large value for the utimeout option (CVE-2011-2199). tftp-5.0-113.114.1.i586.rpm tftp-5.0-113.114.1.x86_64.rpm tftp-debuginfo-5.0-113.114.1.i586.rpm tftp-debuginfo-5.0-113.114.1.x86_64.rpm tftp-debugsource-5.0-113.114.1.i586.rpm tftp-debugsource-5.0-113.114.1.x86_64.rpm xtables-addons openSUSE 11.4 xtables-addon was updated to release 1.37, making it work with the 11.4 included kernel. - update to new upstream release 1.37 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_SYSRQ: make IPv6 trigger work again dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_SYSRQ: improve security: include host address in digest dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_TARPIT: fix a kernel oops in --reset mode - update to new upstream release 1.36 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 update to ipset 6.7 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_TARPIT has gained the "honeypot" and "reset" modes - Update to new upstream release 1.35 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 update to ipset 6.3 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 ipset-genl: handle EAGAIN return value emitted from autoloader dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 ipset-genl: resolve nfgenmsg remains and fix spurious protocol abort - Update to new upstream release 1.34 dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_pknock: avoid crash when hash TFM could not be allocated dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_pknock: avoid inversion of rule lookup that led to warnings dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_DNETMAP: add missing module alias dbg114-xtables-addons-4784 new_updateinfo xtables-addons-4784 xt_DNETMAP: support for kernels below 2.6.34 - Add kmp preamble file and to fix specifically: - #690922: ipset error Cannot open session to kernel xtables-addons-1.37-0.3.1.i586.rpm xtables-addons-1.37-0.3.1.x86_64.rpm xtables-addons-kmp-default-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-default-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm xtables-addons-kmp-desktop-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-desktop-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm xtables-addons-kmp-pae-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-xen-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-xen-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm xtables-addons-debuginfo-1.37-0.3.1.i586.rpm xtables-addons-debuginfo-1.37-0.3.1.x86_64.rpm xtables-addons-debugsource-1.37-0.3.1.i586.rpm xtables-addons-debugsource-1.37-0.3.1.x86_64.rpm xtables-addons-kmp-default-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-default-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm xtables-addons-kmp-desktop-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-desktop-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm xtables-addons-kmp-pae-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-xen-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.i586.rpm xtables-addons-kmp-xen-debuginfo-1.37_k2.6.37.6_0.5-0.3.1.x86_64.rpm icedtea-web openSUSE 11.4 Icedtea as included in java-1_6_0-openjdk was updated to fix several security issues: dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S6618658, CVE-2011-0865: Vulnerability in deserialization dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7013971, CVE-2011-0869: Vulnerability in SAAJ dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7016340, CVE-2011-0870: Vulnerability in SAAJ dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7020198, CVE-2011-0871: ImageIcon creates Component with null acc dbg114-icedtea-web-4788 icedtea-web-4788 new_updateinfo S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size icedtea-web-1.1-0.2.1.i586.rpm icedtea-web-1.1-0.2.1.x86_64.rpm icedtea-web-javadoc-1.1-0.2.1.noarch.rpm icedtea-web-javadoc-1.1-0.2.1.noarch.rpm java-1_6_0-openjdk-1.6.0.0_b22.1.10.2-4.3.1.i586.rpm java-1_6_0-openjdk-1.6.0.0_b22.1.10.2-4.3.1.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.2-4.3.1.noarch.rpm java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.2-4.3.1.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.2-4.3.1.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b22.1.10.2-4.3.1.noarch.rpm java-1_6_0-openjdk-src-1.6.0.0_b22.1.10.2-4.3.1.noarch.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b22.1.10.2-4.3.1.i586.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b22.1.10.2-4.3.1.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b22.1.10.2-4.3.1.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b22.1.10.2-4.3.1.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b22.1.10.2-4.3.1.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b22.1.10.2-4.3.1.x86_64.rpm MozillaThunderbird openSUSE 11.4 Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error MozillaThunderbird-3.1.11-0.7.1.i586.rpm MozillaThunderbird-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.11-0.7.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-devel-3.1.11-0.7.1.i586.rpm MozillaThunderbird-devel-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.11-0.7.1.i586.rpm MozillaThunderbird-translations-common-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.11-0.7.1.i586.rpm MozillaThunderbird-translations-other-3.1.11-0.7.1.x86_64.rpm enigmail-1.1.2-9.7.1.i586.rpm enigmail-1.1.2-9.7.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.11-0.7.1.i586.rpm MozillaThunderbird-debuginfo-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.11-0.7.1.i586.rpm MozillaThunderbird-debugsource-3.1.11-0.7.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.11-0.7.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.11-0.7.1.x86_64.rpm enigmail-debuginfo-1.1.2-9.7.1.i586.rpm enigmail-debuginfo-1.1.2-9.7.1.x86_64.rpm pure-ftpd openSUSE 11.4 This update adds the missing CAP_AUDIT_WRITE capability needed for the successful pam authentication on openSUSE. pure-ftpd-1.0.29-8.11.1.i586.rpm pure-ftpd-1.0.29-8.11.1.x86_64.rpm pure-ftpd-debuginfo-1.0.29-8.11.1.i586.rpm pure-ftpd-debuginfo-1.0.29-8.11.1.x86_64.rpm pure-ftpd-debugsource-1.0.29-8.11.1.i586.rpm pure-ftpd-debugsource-1.0.29-8.11.1.x86_64.rpm libxml2 openSUSE 11.4 Specially crafted xml files could crash applications using libxml2 (CVE-2011-1944). libxml2-2.7.8-16.17.1.i586.rpm libxml2-2.7.8-16.17.1.x86_64.rpm libxml2-32bit-2.7.8-16.17.1.x86_64.rpm libxml2-devel-2.7.8-16.17.1.i586.rpm libxml2-devel-2.7.8-16.17.1.x86_64.rpm libxml2-devel-32bit-2.7.8-16.17.1.x86_64.rpm libxml2-doc-2.7.8-16.17.1.noarch.rpm libxml2-debuginfo-2.7.8-16.17.1.i586.rpm libxml2-debuginfo-2.7.8-16.17.1.x86_64.rpm libxml2-debuginfo-32bit-2.7.8-16.17.1.x86_64.rpm libxml2-debugsource-2.7.8-16.17.1.i586.rpm libxml2-debugsource-2.7.8-16.17.1.x86_64.rpm opie Moderate openSUSE 11.4 This update fixes off-by-one errors in opiesu (CVE-2011-2489) and missing setuid() return value checks in opielogin (CVE-2011-2490). This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local: /usr/bin/opiesu root:root 4755 opie-2.4-711.714.1.i586.rpm opie-2.4-711.714.1.x86_64.rpm opie-32bit-2.4-711.714.1.x86_64.rpm permissions-2011.03.07.1608-1.5.1.i586.rpm permissions-2011.03.07.1608-1.5.1.x86_64.rpm opie-debuginfo-2.4-711.714.1.i586.rpm opie-debuginfo-2.4-711.714.1.x86_64.rpm opie-debuginfo-32bit-2.4-711.714.1.x86_64.rpm opie-debugsource-2.4-711.714.1.i586.rpm opie-debugsource-2.4-711.714.1.x86_64.rpm permissions-debuginfo-2011.03.07.1608-1.5.1.i586.rpm permissions-debuginfo-2011.03.07.1608-1.5.1.x86_64.rpm permissions-debugsource-2011.03.07.1608-1.5.1.i586.rpm permissions-debugsource-2011.03.07.1608-1.5.1.x86_64.rpm apache2-mod_apparmor openSUSE 11.4 The apparmor userspace code and profiles is updated to fix various issues: - Fixed building of pam_apparmor to properly link libpam (bnc#696553). - Fixed building of apache2-mod_apparmor to properly link (bnc#701821). - Added perl-File-Tail dependency for aa-eventd (bnc#666450). - Add raw network access to traceroute profile (bnc#685674). - Updated dovecot profile (bnc#681267). - Changed apparmor-docs and apparmor-profiles back to noarch (bnc#682909 bnc#682912). - Add config files to samba profiles (bnc#666450 bnc#679182). - Added /etc/ethers and /var/run/dnsmasq-forwarders to usr.sbin.dnsmasq (bnc#678749) apache2-mod_apparmor-2.5.1.r1445-52.59.1.i586.rpm apache2-mod_apparmor-2.5.1.r1445-52.59.1.x86_64.rpm apparmor-docs-2.5.1.r1445-52.59.1.noarch.rpm apparmor-docs-2.5.1.r1445-52.59.1.noarch.rpm apparmor-parser-2.5.1.r1445-52.59.1.i586.rpm apparmor-parser-2.5.1.r1445-52.59.1.x86_64.rpm apparmor-profiles-2.5.1.r1445-52.59.1.noarch.rpm apparmor-profiles-2.5.1.r1445-52.59.1.noarch.rpm apparmor-utils-2.5.1.r1445-52.59.1.noarch.rpm libapparmor-devel-2.5.1.r1445-52.59.1.i586.rpm libapparmor-devel-2.5.1.r1445-52.59.1.x86_64.rpm libapparmor1-2.5.1.r1445-52.59.1.i586.rpm libapparmor1-2.5.1.r1445-52.59.1.x86_64.rpm libapparmor1-32bit-2.5.1.r1445-52.59.1.x86_64.rpm pam_apparmor-2.5.1.r1445-52.59.1.i586.rpm pam_apparmor-2.5.1.r1445-52.59.1.x86_64.rpm pam_apparmor-32bit-2.5.1.r1445-52.59.1.x86_64.rpm perl-apparmor-2.5.1.r1445-52.59.1.i586.rpm perl-apparmor-2.5.1.r1445-52.59.1.x86_64.rpm tomcat_apparmor-2.5.1.r1445-52.59.1.i586.rpm tomcat_apparmor-2.5.1.r1445-52.59.1.x86_64.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.59.1.i586.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.59.1.x86_64.rpm libapparmor1-debuginfo-2.5.1.r1445-52.59.1.i586.rpm libapparmor1-debuginfo-2.5.1.r1445-52.59.1.x86_64.rpm libapparmor1-debuginfo-32bit-2.5.1.r1445-52.59.1.x86_64.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.59.1.i586.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.59.1.x86_64.rpm pam_apparmor-debuginfo-32bit-2.5.1.r1445-52.59.1.x86_64.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.59.1.i586.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.59.1.x86_64.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.59.1.i586.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.59.1.x86_64.rpm mlterm openSUSE 11.4 The following bug is fixed by this update: - #702512: Key combinations with Ctrl, Shift or Alt doesn't work with numlock switched on mlterm-3.0.1-14.15.1.i586.rpm mlterm-3.0.1-14.15.1.x86_64.rpm mlterm-m17n-3.0.1-14.15.1.i586.rpm mlterm-m17n-3.0.1-14.15.1.x86_64.rpm mlterm-scim-3.0.1-14.15.1.i586.rpm mlterm-scim-3.0.1-14.15.1.x86_64.rpm mlterm-uim-3.0.1-14.15.1.i586.rpm mlterm-uim-3.0.1-14.15.1.x86_64.rpm mlterm-debuginfo-3.0.1-14.15.1.i586.rpm mlterm-debuginfo-3.0.1-14.15.1.x86_64.rpm mlterm-debugsource-3.0.1-14.15.1.i586.rpm mlterm-debugsource-3.0.1-14.15.1.x86_64.rpm mlterm-m17n-debuginfo-3.0.1-14.15.1.i586.rpm mlterm-m17n-debuginfo-3.0.1-14.15.1.x86_64.rpm mlterm-scim-debuginfo-3.0.1-14.15.1.i586.rpm mlterm-scim-debuginfo-3.0.1-14.15.1.x86_64.rpm mlterm-uim-debuginfo-3.0.1-14.15.1.i586.rpm mlterm-uim-debuginfo-3.0.1-14.15.1.x86_64.rpm sysconfig openSUSE 11.4 This collective update for sysconfig provides the following fixes: - Added WIRELESS_AUTH_MODE='no-encryption' option handling to ifup-wireless, because YaST sets it (bnc#648830). - Fixed get_depending_ifaces to not return bonding slaves by default as it is not required to stop the slaves before the bonding master goes down and in fact it may cause a system hang, when the slaves are infiniband child interfaces, that are deleted while ifdown (bnc#698478). - Fixed to use 600 mode in spec attr for ifcfg-lo to avoid that rpm -V report it as modified because of the chmod added to the post-install script in bnc#670871. sysconfig-0.74.5-6.7.1.i586.rpm sysconfig-0.74.5-6.7.1.x86_64.rpm sysconfig-debuginfo-0.74.5-6.7.1.i586.rpm sysconfig-debuginfo-0.74.5-6.7.1.x86_64.rpm sysconfig-debugsource-0.74.5-6.7.1.i586.rpm sysconfig-debugsource-0.74.5-6.7.1.x86_64.rpm coreutils Moderate openSUSE 11.4 This update fixes the following security issue: - 697897: coreutils: when running "su -c" to execute commands as different user the target user could inject command back into the calling user's terminal via the TIOCSTI ioctl. coreutils-8.9-9.1.i586.rpm coreutils-8.9-9.1.x86_64.rpm coreutils-lang-8.9-9.1.noarch.rpm coreutils-debuginfo-8.9-9.1.i586.rpm coreutils-debuginfo-8.9-9.1.x86_64.rpm coreutils-debugsource-8.9-9.1.i586.rpm coreutils-debugsource-8.9-9.1.x86_64.rpm libmariadbclient16 openSUSE 11.4 MariaDB was updated to version 5.1.55 to fix numerous bugs and security issues. libmariadbclient16-5.1.55-0.3.1.i586.rpm libmariadbclient16-5.1.55-0.3.1.x86_64.rpm libmariadbclient_r16-5.1.55-0.3.1.i586.rpm libmariadbclient_r16-5.1.55-0.3.1.x86_64.rpm mariadb-5.1.55-0.3.1.i586.rpm mariadb-5.1.55-0.3.1.x86_64.rpm mariadb-bench-5.1.55-0.3.1.i586.rpm mariadb-bench-5.1.55-0.3.1.x86_64.rpm mariadb-client-5.1.55-0.3.1.i586.rpm mariadb-client-5.1.55-0.3.1.x86_64.rpm mariadb-debug-5.1.55-0.3.1.i586.rpm mariadb-debug-5.1.55-0.3.1.x86_64.rpm mariadb-test-5.1.55-0.3.1.i586.rpm mariadb-test-5.1.55-0.3.1.x86_64.rpm mariadb-tools-5.1.55-0.3.1.i586.rpm mariadb-tools-5.1.55-0.3.1.x86_64.rpm libmariadbclient16-debuginfo-5.1.55-0.3.1.i586.rpm libmariadbclient16-debuginfo-5.1.55-0.3.1.x86_64.rpm libmariadbclient_r16-debuginfo-5.1.55-0.3.1.i586.rpm libmariadbclient_r16-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-bench-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-bench-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-client-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-client-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-debug-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-debug-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-debugsource-5.1.55-0.3.1.i586.rpm mariadb-debugsource-5.1.55-0.3.1.x86_64.rpm mariadb-test-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-test-debuginfo-5.1.55-0.3.1.x86_64.rpm mariadb-tools-debuginfo-5.1.55-0.3.1.i586.rpm mariadb-tools-debuginfo-5.1.55-0.3.1.x86_64.rpm nfs-client openSUSE 11.4 This update fixes the following security issues: When using wildcards in /etc/exports an attacker could gain unauthorized access to an nfs exported filesystem by creating a DNS record that resolves to the attacker's IP as well as to a trusted IP (CVE-2011-2500). mount.nfs could corrupt /etc/mtab (CVE-2011-1749). nfs-client-1.2.3-11.16.1.i586.rpm nfs-client-1.2.3-11.16.1.x86_64.rpm nfs-doc-1.2.3-11.16.1.i586.rpm nfs-doc-1.2.3-11.16.1.x86_64.rpm nfs-kernel-server-1.2.3-11.16.1.i586.rpm nfs-kernel-server-1.2.3-11.16.1.x86_64.rpm nfs-client-debuginfo-1.2.3-11.16.1.i586.rpm nfs-client-debuginfo-1.2.3-11.16.1.x86_64.rpm icedtea-web openSUSE 11.4 Fix symbol clash with moonlight (bnc#702825) icedtea-web-1.1-0.4.2.i586.rpm icedtea-web-1.1-0.4.2.x86_64.rpm icedtea-web-javadoc-1.1-0.4.2.noarch.rpm firefox50-upgrade openSUSE 11.4 The Firefox 5.0 update for openSUSE 11.4 was missing the branding-upstream package, making seamless upgrade harder: bnc#703401: Can't upgrade to Firefox 5.0 MozillaFirefox-5.0-0.4.1.i586.rpm MozillaFirefox-5.0-0.4.1.x86_64.rpm MozillaFirefox-branding-openSUSE-5.0-2.3.1.i586.rpm MozillaFirefox-branding-openSUSE-5.0-2.3.1.x86_64.rpm MozillaFirefox-branding-upstream-5.0-0.4.1.i586.rpm MozillaFirefox-branding-upstream-5.0-0.4.1.x86_64.rpm MozillaFirefox-buildsymbols-5.0-0.4.1.i586.rpm MozillaFirefox-buildsymbols-5.0-0.4.1.x86_64.rpm MozillaFirefox-devel-5.0-0.4.1.i586.rpm MozillaFirefox-devel-5.0-0.4.1.x86_64.rpm MozillaFirefox-translations-common-5.0-0.4.1.i586.rpm MozillaFirefox-translations-common-5.0-0.4.1.x86_64.rpm MozillaFirefox-translations-other-5.0-0.4.1.i586.rpm MozillaFirefox-translations-other-5.0-0.4.1.x86_64.rpm MozillaFirefox-debuginfo-5.0-0.4.1.i586.rpm MozillaFirefox-debuginfo-5.0-0.4.1.x86_64.rpm MozillaFirefox-debugsource-5.0-0.4.1.i586.rpm MozillaFirefox-debugsource-5.0-0.4.1.x86_64.rpm flash-player openSUSE 11.4 Adobe Flash Player 10.3.181.34 addresses compatibility issues with some content using cross-domain policy files. flash-player-10.3.181.34-1.2.1.i586.rpm gnome-panel openSUSE 11.4 Evolution appointments are not shown in the clock applet (bgo633566 also bnc648940). gnome-panel-2.32.1-7.12.1.i586.rpm gnome-panel-2.32.1-7.12.1.x86_64.rpm gnome-panel-bonobo-support-2.32.1-7.12.1.i586.rpm gnome-panel-bonobo-support-2.32.1-7.12.1.x86_64.rpm gnome-panel-devel-2.32.1-7.12.1.i586.rpm gnome-panel-devel-2.32.1-7.12.1.x86_64.rpm gnome-panel-doc-2.32.1-7.12.1.i586.rpm gnome-panel-doc-2.32.1-7.12.1.x86_64.rpm gnome-panel-extras-2.32.1-7.12.1.i586.rpm gnome-panel-extras-2.32.1-7.12.1.x86_64.rpm gnome-panel-lang-2.32.1-7.12.1.noarch.rpm libpanel-applet-2-0-2.32.1-7.12.1.i586.rpm libpanel-applet-2-0-2.32.1-7.12.1.x86_64.rpm libpanel-applet-2-0-32bit-2.32.1-7.12.1.x86_64.rpm libpanel-applet-3-0-2.32.1-7.12.1.i586.rpm libpanel-applet-3-0-2.32.1-7.12.1.x86_64.rpm libpanel-applet-3-0-32bit-2.32.1-7.12.1.x86_64.rpm gnome-panel-bonobo-support-debuginfo-2.32.1-7.12.1.i586.rpm gnome-panel-bonobo-support-debuginfo-2.32.1-7.12.1.x86_64.rpm gnome-panel-debuginfo-2.32.1-7.12.1.i586.rpm gnome-panel-debuginfo-2.32.1-7.12.1.x86_64.rpm gnome-panel-debugsource-2.32.1-7.12.1.i586.rpm gnome-panel-debugsource-2.32.1-7.12.1.x86_64.rpm gnome-panel-devel-debuginfo-2.32.1-7.12.1.i586.rpm gnome-panel-devel-debuginfo-2.32.1-7.12.1.x86_64.rpm gnome-panel-extras-debuginfo-2.32.1-7.12.1.i586.rpm gnome-panel-extras-debuginfo-2.32.1-7.12.1.x86_64.rpm libpanel-applet-2-0-debuginfo-2.32.1-7.12.1.i586.rpm libpanel-applet-2-0-debuginfo-2.32.1-7.12.1.x86_64.rpm libpanel-applet-2-0-debuginfo-32bit-2.32.1-7.12.1.x86_64.rpm libpanel-applet-3-0-debuginfo-2.32.1-7.12.1.i586.rpm libpanel-applet-3-0-debuginfo-2.32.1-7.12.1.x86_64.rpm libpanel-applet-3-0-debuginfo-32bit-2.32.1-7.12.1.x86_64.rpm libvirt Moderate openSUSE 11.4 libvirtd could crash if bogus parameters where passed to the VirDomainGetVcpus call (CVE-2011-2511). libvirt-0.8.8-0.12.1.i586.rpm libvirt-0.8.8-0.12.1.x86_64.rpm libvirt-client-0.8.8-0.12.1.i586.rpm libvirt-client-0.8.8-0.12.1.x86_64.rpm libvirt-devel-0.8.8-0.12.1.i586.rpm libvirt-devel-0.8.8-0.12.1.x86_64.rpm libvirt-doc-0.8.8-0.12.1.i586.rpm libvirt-doc-0.8.8-0.12.1.x86_64.rpm libvirt-python-0.8.8-0.12.1.i586.rpm libvirt-python-0.8.8-0.12.1.x86_64.rpm libvirt-client-debuginfo-0.8.8-0.12.1.i586.rpm libvirt-client-debuginfo-0.8.8-0.12.1.x86_64.rpm libvirt-debuginfo-0.8.8-0.12.1.i586.rpm libvirt-debuginfo-0.8.8-0.12.1.x86_64.rpm libvirt-debugsource-0.8.8-0.12.1.i586.rpm libvirt-debugsource-0.8.8-0.12.1.x86_64.rpm libvirt-python-debuginfo-0.8.8-0.12.1.i586.rpm libvirt-python-debuginfo-0.8.8-0.12.1.x86_64.rpm libmysqlclusterclient16 openSUSE 11.4 This update fixes the following security issue: - 676974: mysql-cluster: security issues fixed in MySQL 5.1.51 libmysqlclusterclient16-7.1.14-0.3.1.i586.rpm libmysqlclusterclient16-7.1.14-0.3.1.x86_64.rpm libmysqlclusterclient_r16-7.1.14-0.3.1.i586.rpm libmysqlclusterclient_r16-7.1.14-0.3.1.x86_64.rpm mysql-cluster-7.1.14-0.3.1.i586.rpm mysql-cluster-7.1.14-0.3.1.x86_64.rpm mysql-cluster-bench-7.1.14-0.3.1.i586.rpm mysql-cluster-bench-7.1.14-0.3.1.x86_64.rpm mysql-cluster-client-7.1.14-0.3.1.i586.rpm mysql-cluster-client-7.1.14-0.3.1.x86_64.rpm mysql-cluster-debug-7.1.14-0.3.1.i586.rpm mysql-cluster-debug-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-extra-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-extra-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-management-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-management-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-storage-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-storage-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-tools-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-tools-7.1.14-0.3.1.x86_64.rpm mysql-cluster-test-7.1.14-0.3.1.i586.rpm mysql-cluster-test-7.1.14-0.3.1.x86_64.rpm mysql-cluster-tools-7.1.14-0.3.1.i586.rpm mysql-cluster-tools-7.1.14-0.3.1.x86_64.rpm libmysqlclusterclient16-debuginfo-7.1.14-0.3.1.i586.rpm libmysqlclusterclient16-debuginfo-7.1.14-0.3.1.x86_64.rpm libmysqlclusterclient_r16-debuginfo-7.1.14-0.3.1.i586.rpm libmysqlclusterclient_r16-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-bench-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-bench-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-client-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-client-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-debug-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-debug-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-debugsource-7.1.14-0.3.1.i586.rpm mysql-cluster-debugsource-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-extra-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-extra-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-management-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-management-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-storage-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-storage-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-ndb-tools-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-ndb-tools-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-test-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-test-debuginfo-7.1.14-0.3.1.x86_64.rpm mysql-cluster-tools-debuginfo-7.1.14-0.3.1.i586.rpm mysql-cluster-tools-debuginfo-7.1.14-0.3.1.x86_64.rpm nagios openSUSE 11.4 statusmap.cgi and config.cgi were prone to cross-site scripting (XSS) vulnerabilities (CVE-2011-1523, CVE-2011-2179). nagios-3.2.3-3.4.1.i586.rpm nagios-3.2.3-3.4.1.x86_64.rpm nagios-devel-3.2.3-3.4.1.i586.rpm nagios-devel-3.2.3-3.4.1.x86_64.rpm nagios-www-3.2.3-3.4.1.i586.rpm nagios-www-3.2.3-3.4.1.x86_64.rpm nagios-debuginfo-3.2.3-3.4.1.i586.rpm nagios-debuginfo-3.2.3-3.4.1.x86_64.rpm nagios-debugsource-3.2.3-3.4.1.i586.rpm nagios-debugsource-3.2.3-3.4.1.x86_64.rpm libsnmp25 openSUSE 11.4 Update for the net-snmp package to fix the following bug(s): - net-snmp ignores XFS and JFS partitions (bnc#687327, bnc#702640) libsnmp25-5.6.1-4.5.1.i586.rpm libsnmp25-5.6.1-4.5.1.x86_64.rpm libsnmp25-32bit-5.6.1-4.5.1.x86_64.rpm net-snmp-5.6.1-4.5.1.i586.rpm net-snmp-5.6.1-4.5.1.x86_64.rpm net-snmp-devel-5.6.1-4.5.1.i586.rpm net-snmp-devel-5.6.1-4.5.1.x86_64.rpm perl-SNMP-5.6.1-4.5.1.i586.rpm perl-SNMP-5.6.1-4.5.1.x86_64.rpm snmp-mibs-5.6.1-4.5.1.i586.rpm snmp-mibs-5.6.1-4.5.1.x86_64.rpm libsnmp25-debuginfo-5.6.1-4.5.1.i586.rpm libsnmp25-debuginfo-5.6.1-4.5.1.x86_64.rpm libsnmp25-debuginfo-32bit-5.6.1-4.5.1.x86_64.rpm net-snmp-debuginfo-5.6.1-4.5.1.i586.rpm net-snmp-debuginfo-5.6.1-4.5.1.x86_64.rpm net-snmp-debugsource-5.6.1-4.5.1.i586.rpm net-snmp-debugsource-5.6.1-4.5.1.x86_64.rpm perl-SNMP-debuginfo-5.6.1-4.5.1.i586.rpm perl-SNMP-debuginfo-5.6.1-4.5.1.x86_64.rpm sysvinit openSUSE 11.4 The following bug is fixed by this update: - #700342: NFS-Server is not started at boot time. It is also not possible to start it manually. sysvinit-2.88-37.47.1.i586.rpm sysvinit-2.88-37.47.1.x86_64.rpm sysvinit-tools-2.88-37.47.1.i586.rpm sysvinit-tools-2.88-37.47.1.x86_64.rpm sysvinit-debuginfo-2.88-37.47.1.i586.rpm sysvinit-debuginfo-2.88-37.47.1.x86_64.rpm sysvinit-debugsource-2.88-37.47.1.i586.rpm sysvinit-debugsource-2.88-37.47.1.x86_64.rpm sysvinit-tools-debuginfo-2.88-37.47.1.i586.rpm sysvinit-tools-debuginfo-2.88-37.47.1.x86_64.rpm bind openSUSE 11.4 A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 has been assigned to this issue. bind-9.7.3P3-0.2.1.i586.rpm bind-9.7.3P3-0.2.1.x86_64.rpm bind-chrootenv-9.7.3P3-0.2.1.i586.rpm bind-chrootenv-9.7.3P3-0.2.1.x86_64.rpm bind-devel-9.7.3P3-0.2.1.i586.rpm bind-devel-9.7.3P3-0.2.1.x86_64.rpm bind-doc-9.7.3P3-0.2.1.noarch.rpm bind-libs-9.7.3P3-0.2.1.i586.rpm bind-libs-9.7.3P3-0.2.1.x86_64.rpm bind-libs-32bit-9.7.3P3-0.2.1.x86_64.rpm bind-utils-9.7.3P3-0.2.1.i586.rpm bind-utils-9.7.3P3-0.2.1.x86_64.rpm bind-debuginfo-9.7.3P3-0.2.1.i586.rpm bind-debuginfo-9.7.3P3-0.2.1.x86_64.rpm bind-debugsource-9.7.3P3-0.2.1.i586.rpm bind-debugsource-9.7.3P3-0.2.1.x86_64.rpm bind-libs-debuginfo-9.7.3P3-0.2.1.i586.rpm bind-libs-debuginfo-9.7.3P3-0.2.1.x86_64.rpm bind-libs-debuginfo-32bit-9.7.3P3-0.2.1.x86_64.rpm bind-utils-debuginfo-9.7.3P3-0.2.1.i586.rpm bind-utils-debuginfo-9.7.3P3-0.2.1.x86_64.rpm opera openSUSE 11.4 opera 11.50 fixes several security vulnerabilities. The full changelog is available at http://www.opera.com/docs/changelogs/unix/1150/ opera-11.50-0.3.1.i586.rpm opera-11.50-0.3.1.x86_64.rpm opera-gtk-11.50-0.3.1.i586.rpm opera-gtk-11.50-0.3.1.x86_64.rpm opera-kde4-11.50-0.3.1.i586.rpm opera-kde4-11.50-0.3.1.x86_64.rpm gnome-packagekit openSUSE 11.4 The following bug is fixed by this update. - Pack the package lists in the dependency dialog into tabs to fit any size of the screen. (bnc#699181) gnome-packagekit-2.32.0-7.8.1.i586.rpm gnome-packagekit-2.32.0-7.8.1.x86_64.rpm gnome-packagekit-extras-2.32.0-7.8.1.i586.rpm gnome-packagekit-extras-2.32.0-7.8.1.x86_64.rpm gnome-packagekit-lang-2.32.0-7.8.1.noarch.rpm gnome-packagekit-debuginfo-2.32.0-7.8.1.i586.rpm gnome-packagekit-debuginfo-2.32.0-7.8.1.x86_64.rpm gnome-packagekit-debugsource-2.32.0-7.8.1.i586.rpm gnome-packagekit-debugsource-2.32.0-7.8.1.x86_64.rpm gnome-packagekit-extras-debuginfo-2.32.0-7.8.1.i586.rpm gnome-packagekit-extras-debuginfo-2.32.0-7.8.1.x86_64.rpm open-iscsi openSUSE 11.4 The following bug is fixed by this update: On restarting iscsid after mounting the root over iSCSI device, it tried to use CHAP authentication even when not auth was required. This was caused by treating "(null)", returned by sysfs for null strings, as a valid password. This terminated the iSCSI connection, thereby rendering the system unusable. open-iscsi-2.0.870-37.38.1.i586.rpm open-iscsi-2.0.870-37.38.1.x86_64.rpm open-iscsi-debuginfo-2.0.870-37.38.1.i586.rpm open-iscsi-debuginfo-2.0.870-37.38.1.x86_64.rpm open-iscsi-debugsource-2.0.870-37.38.1.i586.rpm open-iscsi-debugsource-2.0.870-37.38.1.x86_64.rpm quagga openSUSE 11.4 zebro and ripd did not start due to an init script bug. quagga-0.99.17-4.9.1.i586.rpm quagga-0.99.17-4.9.1.x86_64.rpm quagga-devel-0.99.17-4.9.1.i586.rpm quagga-devel-0.99.17-4.9.1.x86_64.rpm quagga-debuginfo-0.99.17-4.9.1.i586.rpm quagga-debuginfo-0.99.17-4.9.1.x86_64.rpm quagga-debugsource-0.99.17-4.9.1.i586.rpm quagga-debugsource-0.99.17-4.9.1.x86_64.rpm kvm openSUSE 11.4 A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host (CVE-2011-2212, CVE-2011-2512). kvm-0.14.0.0-1.10.1.i586.rpm kvm-0.14.0.0-1.10.1.x86_64.rpm kvm-debuginfo-0.14.0.0-1.10.1.i586.rpm kvm-debuginfo-0.14.0.0-1.10.1.x86_64.rpm kvm-debugsource-0.14.0.0-1.10.1.i586.rpm kvm-debugsource-0.14.0.0-1.10.1.x86_64.rpm libmariadbclient16 openSUSE 11.4 The last security version upgrade of MariaDB (a MySQL fork) removed innodb support, breaking old databases. This update fixes this problem. - #704811: mariadb "security update" breaks database libmariadbclient16-5.1.55-0.5.1.i586.rpm libmariadbclient16-5.1.55-0.5.1.x86_64.rpm libmariadbclient_r16-5.1.55-0.5.1.i586.rpm libmariadbclient_r16-5.1.55-0.5.1.x86_64.rpm mariadb-5.1.55-0.5.1.i586.rpm mariadb-5.1.55-0.5.1.x86_64.rpm mariadb-bench-5.1.55-0.5.1.i586.rpm mariadb-bench-5.1.55-0.5.1.x86_64.rpm mariadb-client-5.1.55-0.5.1.i586.rpm mariadb-client-5.1.55-0.5.1.x86_64.rpm mariadb-debug-5.1.55-0.5.1.i586.rpm mariadb-debug-5.1.55-0.5.1.x86_64.rpm mariadb-test-5.1.55-0.5.1.i586.rpm mariadb-test-5.1.55-0.5.1.x86_64.rpm mariadb-tools-5.1.55-0.5.1.i586.rpm mariadb-tools-5.1.55-0.5.1.x86_64.rpm libmariadbclient16-debuginfo-5.1.55-0.5.1.i586.rpm libmariadbclient16-debuginfo-5.1.55-0.5.1.x86_64.rpm libmariadbclient_r16-debuginfo-5.1.55-0.5.1.i586.rpm libmariadbclient_r16-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-bench-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-bench-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-client-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-client-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-debug-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-debug-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-debugsource-5.1.55-0.5.1.i586.rpm mariadb-debugsource-5.1.55-0.5.1.x86_64.rpm mariadb-test-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-test-debuginfo-5.1.55-0.5.1.x86_64.rpm mariadb-tools-debuginfo-5.1.55-0.5.1.i586.rpm mariadb-tools-debuginfo-5.1.55-0.5.1.x86_64.rpm xv openSUSE 11.4 The following bug is fixed by this update: - #704230: xv aborts if a given file name has more than 119 characters xv-3.10a-1276.1277.1.i586.rpm xv-3.10a-1276.1277.1.x86_64.rpm udisks openSUSE 11.4 This patch fixes a "ntfs" support issue in udisks. - #691077: udisks: 'ntfs' needed in /etc/filesystems because it's not properly white-listed internally udisks-1.0.2-3.6.1.i586.rpm udisks-1.0.2-3.6.1.x86_64.rpm udisks-devel-1.0.2-3.6.1.i586.rpm udisks-devel-1.0.2-3.6.1.x86_64.rpm udisks-debuginfo-1.0.2-3.6.1.i586.rpm udisks-debuginfo-1.0.2-3.6.1.x86_64.rpm udisks-debugsource-1.0.2-3.6.1.i586.rpm udisks-debugsource-1.0.2-3.6.1.x86_64.rpm obstools-201107 Low openSUSE 11.4 This update brings OBS Maintenance Support and other new osc features for Factory Submissions in a roll up update. It contains new OBS service file drivers: - format_spec_file: format a spec file according to openSUSE rules - source_validator: source and patch and spec validation before check-in build-2011.07.01-2.2.1.noarch.rpm build-mkbaselibs-2011.07.01-2.2.1.noarch.rpm build-mkdrpms-2011.07.01-2.2.1.noarch.rpm obs-service-download_files-0.1-4.2.1.noarch.rpm obs-service-format_spec_file-0.1-8.8.1.noarch.rpm obs-service-source_validator-0.1-2.2.1.noarch.rpm osc-0.132.5-1.3.1.noarch.rpm osc-source_validator-0.1-4.5.1.noarch.rpm apcupsd openSUSE 11.4 The following bug is fixed by this update: - #703592: "/etc/init.d/apcupsd powerdown" doesn't work due a path/test issue apcupsd-3.14.6-13.14.1.i586.rpm apcupsd-3.14.6-13.14.1.x86_64.rpm apcupsd-gui-3.14.6-13.14.1.i586.rpm apcupsd-gui-3.14.6-13.14.1.x86_64.rpm apcupsd-debuginfo-3.14.6-13.14.1.i586.rpm apcupsd-debuginfo-3.14.6-13.14.1.x86_64.rpm apcupsd-debugsource-3.14.6-13.14.1.i586.rpm apcupsd-debugsource-3.14.6-13.14.1.x86_64.rpm apcupsd-gui-debuginfo-3.14.6-13.14.1.i586.rpm apcupsd-gui-debuginfo-3.14.6-13.14.1.x86_64.rpm alsa openSUSE 11.4 This update fixes the alsasound init script in case /var is stored on a separated partition. alsa-1.0.24.1-4.9.1.i586.rpm alsa-1.0.24.1-4.9.1.x86_64.rpm alsa-devel-1.0.24.1-4.9.1.i586.rpm alsa-devel-1.0.24.1-4.9.1.x86_64.rpm alsa-docs-1.0.24.1-4.9.1.noarch.rpm libasound2-1.0.24.1-4.9.1.i586.rpm libasound2-1.0.24.1-4.9.1.x86_64.rpm libasound2-32bit-1.0.24.1-4.9.1.x86_64.rpm alsa-debugsource-1.0.24.1-4.9.1.i586.rpm alsa-debugsource-1.0.24.1-4.9.1.x86_64.rpm libasound2-debuginfo-1.0.24.1-4.9.1.i586.rpm libasound2-debuginfo-1.0.24.1-4.9.1.x86_64.rpm libasound2-debuginfo-32bit-1.0.24.1-4.9.1.x86_64.rpm telnet openSUSE 11.4 This update fixes a telnet crashes or hang if using "-b" option with invalid value (bnc#700229). telnet-1.2-150.153.1.i586.rpm telnet-1.2-150.153.1.x86_64.rpm telnet-server-1.2-150.153.1.i586.rpm telnet-server-1.2-150.153.1.x86_64.rpm telnet-debuginfo-1.2-150.153.1.i586.rpm telnet-debuginfo-1.2-150.153.1.x86_64.rpm telnet-debugsource-1.2-150.153.1.i586.rpm telnet-debugsource-1.2-150.153.1.x86_64.rpm telnet-server-debuginfo-1.2-150.153.1.i586.rpm telnet-server-debuginfo-1.2-150.153.1.x86_64.rpm libsndfile Moderate openSUSE 11.4 An integer overflow in libsndfile while processing certain PAF files has been fixed. CVE-2011-2696 has been assigned to this issue. libsndfile-1.0.23-3.4.1.i586.rpm libsndfile-1.0.23-3.4.1.x86_64.rpm libsndfile-32bit-1.0.23-3.4.1.x86_64.rpm libsndfile-devel-1.0.23-3.4.1.i586.rpm libsndfile-devel-1.0.23-3.4.1.x86_64.rpm libsndfile-debuginfo-1.0.23-3.4.1.i586.rpm libsndfile-debuginfo-1.0.23-3.4.1.x86_64.rpm libsndfile-debuginfo-32bit-1.0.23-3.4.1.x86_64.rpm libsndfile-debugsource-1.0.23-3.4.1.i586.rpm libsndfile-debugsource-1.0.23-3.4.1.x86_64.rpm cron openSUSE 11.4 run-parts was used instead of run-crons in cronie-anacron. Fixed by this update. cron-4.2-9.23.1.i586.rpm cron-4.2-9.23.1.x86_64.rpm cronie-1.4.7-9.23.1.i586.rpm cronie-1.4.7-9.23.1.x86_64.rpm cronie-anacron-1.4.7-9.23.1.i586.rpm cronie-anacron-1.4.7-9.23.1.x86_64.rpm cronie-anacron-debuginfo-1.4.7-9.23.1.i586.rpm cronie-anacron-debuginfo-1.4.7-9.23.1.x86_64.rpm cronie-debuginfo-1.4.7-9.23.1.i586.rpm cronie-debuginfo-1.4.7-9.23.1.x86_64.rpm cronie-debugsource-1.4.7-9.23.1.i586.rpm cronie-debugsource-1.4.7-9.23.1.x86_64.rpm compat-openssl097g Important openSUSE 11.4 This update adds openssl patches since 2007 for: - CVE-2008-5077 - CVE-2009-0590 - CVE-2009-0789 - CVE-2009-3555 - CVE-2010-4180 compat-openssl097g-0.9.7g-158.159.1.i586.rpm compat-openssl097g-0.9.7g-158.159.1.x86_64.rpm compat-openssl097g-32bit-0.9.7g-158.159.1.x86_64.rpm compat-openssl097g-debuginfo-0.9.7g-158.159.1.i586.rpm compat-openssl097g-debuginfo-0.9.7g-158.159.1.x86_64.rpm compat-openssl097g-debuginfo-32bit-0.9.7g-158.159.1.x86_64.rpm compat-openssl097g-debugsource-0.9.7g-158.159.1.i586.rpm compat-openssl097g-debugsource-0.9.7g-158.159.1.x86_64.rpm icedtea-web openSUSE 11.4 This update of icedtea/icedtea-web fixes two issues: - CVE-2011-2513: CVSS v2 Base Score: 4.3: An information leak allows unsigned Web Start applications to determine the path to the cache directory used to store downloaded class and jar files. - CVE-2011-2514: CVSS v2 Base Score: 5.1 An unsigned Web Start application could manipulate content of the security warning dialog message to show different file name in prompts. icedtea-web-1.1-0.6.1.i586.rpm icedtea-web-1.1-0.6.1.x86_64.rpm icedtea-web-javadoc-1.1-0.6.1.noarch.rpm freetype2 Important openSUSE 11.4 This freetype2 update fixes sign extension problems and missing length checks. This issue was used in one of the last jailbreakme exploits for Apple iPhone/iPad products. (CVE-2011-0226) freetype2-devel-2.4.4-7.8.1.i586.rpm freetype2-devel-2.4.4-7.8.1.x86_64.rpm freetype2-devel-32bit-2.4.4-7.8.1.x86_64.rpm libfreetype6-2.4.4-7.8.1.i586.rpm libfreetype6-2.4.4-7.8.1.x86_64.rpm libfreetype6-32bit-2.4.4-7.8.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.8.1.i586.rpm libfreetype6-debuginfo-2.4.4-7.8.1.x86_64.rpm libfreetype6-debuginfo-32bit-2.4.4-7.8.1.x86_64.rpm iproute2 Low openSUSE 11.4 The following bug is fixed by this update: 681952: "ip addr add" returns a different error codes than before iproute2-2.6.37-4.5.1.i586.rpm iproute2-2.6.37-4.5.1.x86_64.rpm iproute2-doc-2.6.37-4.5.1.noarch.rpm libnetlink-devel-2.6.37-4.5.1.i586.rpm libnetlink-devel-2.6.37-4.5.1.x86_64.rpm iproute2-debuginfo-2.6.37-4.5.1.i586.rpm iproute2-debuginfo-2.6.37-4.5.1.x86_64.rpm iproute2-debugsource-2.6.37-4.5.1.i586.rpm iproute2-debugsource-2.6.37-4.5.1.x86_64.rpm lxde-common Low openSUSE 11.4 This update fix the incomplete lxde branding and common settings in openSUSE 11.4 (bnc#681995) lxde-common-0.5.0-19.20.1.noarch.rpm lxde-common-branding-openSUSE-11.4-16.3.1.noarch.rpm lxde-common-branding-upstream-0.5.0-19.20.1.noarch.rpm apache2 Moderate openSUSE 11.4 This update fixes: - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion when processing patterns - CVE-2010-1623: a remote DoS (memory leak) in APR's reqtimeout_filter function apache2-2.2.17-4.5.1.i586.rpm apache2-2.2.17-4.5.1.x86_64.rpm apache2-devel-2.2.17-4.5.1.i586.rpm apache2-devel-2.2.17-4.5.1.x86_64.rpm apache2-doc-2.2.17-4.5.1.noarch.rpm apache2-example-certificates-2.2.17-4.5.1.i586.rpm apache2-example-certificates-2.2.17-4.5.1.x86_64.rpm apache2-example-pages-2.2.17-4.5.1.i586.rpm apache2-example-pages-2.2.17-4.5.1.x86_64.rpm apache2-itk-2.2.17-4.5.1.i586.rpm apache2-itk-2.2.17-4.5.1.x86_64.rpm apache2-prefork-2.2.17-4.5.1.i586.rpm apache2-prefork-2.2.17-4.5.1.x86_64.rpm apache2-utils-2.2.17-4.5.1.i586.rpm apache2-utils-2.2.17-4.5.1.x86_64.rpm apache2-worker-2.2.17-4.5.1.i586.rpm apache2-worker-2.2.17-4.5.1.x86_64.rpm libapr-util1-1.3.9-10.11.1.i586.rpm libapr-util1-1.3.9-10.11.1.x86_64.rpm libapr-util1-dbd-mysql-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-mysql-1.3.9-10.11.1.x86_64.rpm libapr-util1-dbd-pgsql-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-pgsql-1.3.9-10.11.1.x86_64.rpm libapr-util1-dbd-sqlite3-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-sqlite3-1.3.9-10.11.1.x86_64.rpm libapr-util1-devel-1.3.9-10.11.1.i586.rpm libapr-util1-devel-1.3.9-10.11.1.x86_64.rpm libapr1-1.4.2-4.5.1.i586.rpm libapr1-1.4.2-4.5.1.x86_64.rpm libapr1-devel-1.4.2-4.5.1.i586.rpm libapr1-devel-1.4.2-4.5.1.x86_64.rpm apache2-debuginfo-2.2.17-4.5.1.i586.rpm apache2-debuginfo-2.2.17-4.5.1.x86_64.rpm apache2-debugsource-2.2.17-4.5.1.i586.rpm apache2-debugsource-2.2.17-4.5.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.5.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.5.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.5.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.5.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.5.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.5.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.5.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.5.1.x86_64.rpm libapr-util1-dbd-mysql-debuginfo-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-mysql-debuginfo-1.3.9-10.11.1.x86_64.rpm libapr-util1-dbd-pgsql-debuginfo-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-pgsql-debuginfo-1.3.9-10.11.1.x86_64.rpm libapr-util1-dbd-sqlite3-debuginfo-1.3.9-10.11.1.i586.rpm libapr-util1-dbd-sqlite3-debuginfo-1.3.9-10.11.1.x86_64.rpm libapr-util1-debuginfo-1.3.9-10.11.1.i586.rpm libapr-util1-debuginfo-1.3.9-10.11.1.x86_64.rpm libapr-util1-debugsource-1.3.9-10.11.1.i586.rpm libapr-util1-debugsource-1.3.9-10.11.1.x86_64.rpm libapr1-debuginfo-1.4.2-4.5.1.i586.rpm libapr1-debuginfo-1.4.2-4.5.1.x86_64.rpm libapr1-debugsource-1.4.2-4.5.1.i586.rpm libapr1-debugsource-1.4.2-4.5.1.x86_64.rpm gimp Low openSUSE 11.4 The cellspacing in pyslice plugin is broken. Fixed by this update. gimp-2.6.11-13.16.1.i586.rpm gimp-2.6.11-13.16.1.x86_64.rpm gimp-branding-upstream-2.6.11-13.16.1.i586.rpm gimp-branding-upstream-2.6.11-13.16.1.x86_64.rpm gimp-devel-2.6.11-13.16.1.i586.rpm gimp-devel-2.6.11-13.16.1.x86_64.rpm gimp-help-browser-2.6.11-13.16.1.i586.rpm gimp-help-browser-2.6.11-13.16.1.x86_64.rpm gimp-lang-2.6.11-13.16.1.noarch.rpm gimp-module-hal-2.6.11-13.16.1.i586.rpm gimp-module-hal-2.6.11-13.16.1.x86_64.rpm gimp-plugins-python-2.6.11-13.16.1.i586.rpm gimp-plugins-python-2.6.11-13.16.1.x86_64.rpm libgimp-2_0-0-2.6.11-13.16.1.i586.rpm libgimp-2_0-0-2.6.11-13.16.1.x86_64.rpm libgimp-2_0-0-32bit-2.6.11-13.16.1.x86_64.rpm libgimpui-2_0-0-2.6.11-13.16.1.i586.rpm libgimpui-2_0-0-2.6.11-13.16.1.x86_64.rpm libgimpui-2_0-0-32bit-2.6.11-13.16.1.x86_64.rpm gimp-debuginfo-2.6.11-13.16.1.i586.rpm gimp-debuginfo-2.6.11-13.16.1.x86_64.rpm gimp-debugsource-2.6.11-13.16.1.i586.rpm gimp-debugsource-2.6.11-13.16.1.x86_64.rpm gimp-devel-debuginfo-2.6.11-13.16.1.i586.rpm gimp-devel-debuginfo-2.6.11-13.16.1.x86_64.rpm gimp-help-browser-debuginfo-2.6.11-13.16.1.i586.rpm gimp-help-browser-debuginfo-2.6.11-13.16.1.x86_64.rpm gimp-module-hal-debuginfo-2.6.11-13.16.1.i586.rpm gimp-module-hal-debuginfo-2.6.11-13.16.1.x86_64.rpm gimp-plugins-python-debuginfo-2.6.11-13.16.1.i586.rpm gimp-plugins-python-debuginfo-2.6.11-13.16.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.16.1.i586.rpm libgimp-2_0-0-debuginfo-2.6.11-13.16.1.x86_64.rpm libgimp-2_0-0-debuginfo-32bit-2.6.11-13.16.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.16.1.i586.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.16.1.x86_64.rpm libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.16.1.x86_64.rpm minicom Low openSUSE 11.4 The following bug is fixed with this update: - #707860: Static buffers used for storing configuration for minicom are too small; stripping everything after the 64th character minicom-2.5-5.6.1.i586.rpm minicom-2.5-5.6.1.x86_64.rpm minicom-debuginfo-2.5-5.6.1.i586.rpm minicom-debuginfo-2.5-5.6.1.x86_64.rpm minicom-debugsource-2.5-5.6.1.i586.rpm minicom-debugsource-2.5-5.6.1.x86_64.rpm xen-201107 Important openSUSE 11.4 Security / Collective Update for Xen Xen: - bnc#702025 - VUL-0: xen: VT-d (PCI passthrough) MSI trap injection (CVE-2011-1898) - bnc#703924 - update block-npiv scripts to support BFA HBA - bnc#689954 - L3: Live migrations fail when guest crashes: domain_crash_sync called from entry.S - bnc#693472 - Bridge hangs cause redundant ring failures in SLE 11 SP1 HAE + XEN - bnc#582265 - xen-scsi.ko not supported - bnc#670465 - When connecting to Xen guest through vncviewer mouse tracking is off. - bnc#684305 - on_crash is being ignored with kdump now working in HVM vm-install: - bnc#692625 - virt-manager has problems to install guest from multiple CD vm-install-0.4.31-0.4.1.i586.rpm vm-install-0.4.31-0.4.1.x86_64.rpm xen-4.0.2_52-0.2.1.i586.rpm xen-4.0.2_52-0.2.1.x86_64.rpm xen-devel-4.0.2_52-0.2.1.i586.rpm xen-devel-4.0.2_52-0.2.1.x86_64.rpm xen-doc-html-4.0.2_52-0.2.1.i586.rpm xen-doc-html-4.0.2_52-0.2.1.x86_64.rpm xen-doc-pdf-4.0.2_52-0.2.1.i586.rpm xen-doc-pdf-4.0.2_52-0.2.1.x86_64.rpm xen-kmp-default-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-kmp-default-4.0.2_52_k2.6.37.6_0.7-0.2.1.x86_64.rpm xen-kmp-desktop-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-kmp-desktop-4.0.2_52_k2.6.37.6_0.7-0.2.1.x86_64.rpm xen-kmp-pae-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-libs-4.0.2_52-0.2.1.i586.rpm xen-libs-4.0.2_52-0.2.1.x86_64.rpm xen-tools-4.0.2_52-0.2.1.i586.rpm xen-tools-4.0.2_52-0.2.1.x86_64.rpm xen-tools-domU-4.0.2_52-0.2.1.i586.rpm xen-tools-domU-4.0.2_52-0.2.1.x86_64.rpm xen-debugsource-4.0.2_52-0.2.1.i586.rpm xen-debugsource-4.0.2_52-0.2.1.x86_64.rpm xen-kmp-default-debuginfo-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-kmp-default-debuginfo-4.0.2_52_k2.6.37.6_0.7-0.2.1.x86_64.rpm xen-kmp-desktop-debuginfo-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-kmp-desktop-debuginfo-4.0.2_52_k2.6.37.6_0.7-0.2.1.x86_64.rpm xen-kmp-pae-debuginfo-4.0.2_52_k2.6.37.6_0.7-0.2.1.i586.rpm xen-libs-debuginfo-4.0.2_52-0.2.1.i586.rpm xen-libs-debuginfo-4.0.2_52-0.2.1.x86_64.rpm xen-tools-debuginfo-4.0.2_52-0.2.1.i586.rpm xen-tools-debuginfo-4.0.2_52-0.2.1.x86_64.rpm xen-tools-domU-debuginfo-4.0.2_52-0.2.1.i586.rpm xen-tools-domU-debuginfo-4.0.2_52-0.2.1.x86_64.rpm kernel Moderate openSUSE 11.4 The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or similar. CVE-2011-2484: The add_del_listener function in kernel/taskstats.c in the Linux kernel did not prevent multiple registrations of exit handlers, which allowed local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. CVE-2011-2022: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 did not validate a certain start parameter, which allowed local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. CVE-2011-1745: Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. CVE-2011-2493: A denial of service on mounting invalid ext4 filesystems was fixed. CVE-2011-2491: A local unprivileged user able to access a NFS filesystem could use file locking to deadlock parts of an nfs server under some circumstance. CVE-2011-2498: Also account PTE pages when calculating OOM scoring, which could have lead to a denial of service. CVE-2011-2496: The normal mmap paths all avoid creating a mapping where the pgoff inside the mapping could wrap around due to overflow. However, an expanding mremap() can take such a non-wrapping mapping and make it bigger and cause a wrapping condition. CVE-2011-1017,CVE-2011-2182: The code for evaluating LDM partitions (in fs/partitions/ldm.c) contained bugs that could crash the kernel for certain corrupted LDM partitions. CVE-2011-1479: A regression in inotify fix for a memory leak could lead to a double free corruption which could crash the system. CVE-2011-1927: A missing route validation issue in ip_expire() could be used by remote attackers to trigger a NULL ptr dereference, crashing parts of the kernel. CVE-2011-1593: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel allowed local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. CVE-2011-1020: The proc filesystem implementation in the Linux kernel did not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allowed local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. kernel-debug-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-debug-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-debug-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-devel-2.6.37.6-0.7.1.noarch.rpm 1 kernel-docs-2.6.37.6-0.7.1.noarch.rpm 1 kernel-ec2-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-extra-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-extra-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-pae-2.6.37.6-0.7.1.i586.rpm 1 kernel-pae-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-pae-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-source-2.6.37.6-0.7.1.noarch.rpm 1 kernel-source-vanilla-2.6.37.6-0.7.1.noarch.rpm 1 kernel-syms-2.6.37.6-0.7.1.i586.rpm 1 kernel-syms-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-devel-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vmi-2.6.37.6-0.7.1.i586.rpm 1 kernel-vmi-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-vmi-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-xen-base-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-base-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-xen-devel-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-devel-2.6.37.6-0.7.1.x86_64.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.7-6.7.12.i586.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.7-6.7.12.x86_64.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.7-6.7.12.i586.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.7-6.7.12.x86_64.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-debug-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-pae-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-pae-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-pae-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-pae-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-vmi-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-vmi-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-vmi-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-vmi-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-xen-debugsource-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-debugsource-2.6.37.6-0.7.1.x86_64.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.7.1.i586.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.7.1.x86_64.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.7-6.7.12.i586.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.7-6.7.12.x86_64.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.7-6.7.12.i586.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.7-6.7.12.x86_64.rpm 1 softwaremgmt-201107 Low openSUSE 11.4 This update for the update stack provides the following fixes: zypper: - 539159: zypper al ignores --root parameter - 687529: zypper xml output incomplete and/or missing XML-format - 693576: zypper in -C <capability> needs fixing. libzypp: - 596089: download.max_concurrent_connections sets wrong aria option - 649925: Zypper Update repeatedly gives wrong check sum error when updating behind a firewall. - 684466: zypper ps doesn't complain if lsof isn't installed - 694427: zypper should require lsof libsatsolver: - 666422: Ponderosa:- Pre-Alpha5- OES services pattern Description is not displayed correctly in yast2. - 686261: Resolution process for an update try takes too long. - 707839: zypper dup dumps core libsatsolver-demo-0.16.3-0.2.1.i586.rpm 1 libsatsolver-demo-0.16.3-0.2.1.x86_64.rpm 1 libsatsolver-devel-0.16.3-0.2.1.i586.rpm 1 libsatsolver-devel-0.16.3-0.2.1.x86_64.rpm 1 libzypp-8.12.6-0.2.1.i586.rpm 1 libzypp-8.12.6-0.2.1.x86_64.rpm 1 libzypp-devel-8.12.6-0.2.1.i586.rpm 1 libzypp-devel-8.12.6-0.2.1.x86_64.rpm 1 perl-satsolver-0.16.3-0.2.1.i586.rpm 1 perl-satsolver-0.16.3-0.2.1.x86_64.rpm 1 python-satsolver-0.16.3-0.2.1.i586.rpm 1 python-satsolver-0.16.3-0.2.1.x86_64.rpm 1 ruby-satsolver-0.16.3-0.2.1.i586.rpm 1 ruby-satsolver-0.16.3-0.2.1.x86_64.rpm 1 satsolver-tools-0.16.3-0.2.1.i586.rpm 1 satsolver-tools-0.16.3-0.2.1.x86_64.rpm 1 zypper-1.5.7-0.4.3.i586.rpm 1 zypper-1.5.7-0.4.3.x86_64.rpm 1 libsatsolver-debugsource-0.16.3-0.2.1.i586.rpm 1 libsatsolver-debugsource-0.16.3-0.2.1.x86_64.rpm 1 libsatsolver-demo-debuginfo-0.16.3-0.2.1.i586.rpm 1 libsatsolver-demo-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 libsatsolver-devel-debuginfo-0.16.3-0.2.1.i586.rpm 1 libsatsolver-devel-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 libzypp-debuginfo-8.12.6-0.2.1.i586.rpm 1 libzypp-debuginfo-8.12.6-0.2.1.x86_64.rpm 1 libzypp-debugsource-8.12.6-0.2.1.i586.rpm 1 libzypp-debugsource-8.12.6-0.2.1.x86_64.rpm 1 perl-satsolver-debuginfo-0.16.3-0.2.1.i586.rpm 1 perl-satsolver-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 python-satsolver-debuginfo-0.16.3-0.2.1.i586.rpm 1 python-satsolver-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 ruby-satsolver-debuginfo-0.16.3-0.2.1.i586.rpm 1 ruby-satsolver-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 satsolver-tools-debuginfo-0.16.3-0.2.1.i586.rpm 1 satsolver-tools-debuginfo-0.16.3-0.2.1.x86_64.rpm 1 zypper-debuginfo-1.5.7-0.4.3.i586.rpm 1 zypper-debuginfo-1.5.7-0.4.3.x86_64.rpm 1 zypper-debugsource-1.5.7-0.4.3.i586.rpm 1 zypper-debugsource-1.5.7-0.4.3.x86_64.rpm 1 ldapsmb Moderate openSUSE 11.4 A Cross-Site Request Forgery (CSRF) and a Cross Site Scripting vulnerability have been fixed in samba's SWAT. CVE-2011-2522 and CVE-2011-2694 have been assigned. ldapsmb-1.34b-300.5.1.i586.rpm ldapsmb-1.34b-300.5.1.x86_64.rpm libldb-devel-0.9.7-3.5.1.i586.rpm libldb-devel-0.9.7-3.5.1.x86_64.rpm libldb0-0.9.7-3.5.1.i586.rpm libldb0-0.9.7-3.5.1.x86_64.rpm libnetapi-devel-3.5.7-3.5.1.i586.rpm libnetapi-devel-3.5.7-3.5.1.x86_64.rpm libnetapi0-3.5.7-3.5.1.i586.rpm libnetapi0-3.5.7-3.5.1.x86_64.rpm libsmbclient-devel-3.5.7-3.5.1.i586.rpm libsmbclient-devel-3.5.7-3.5.1.x86_64.rpm libsmbclient0-3.5.7-3.5.1.i586.rpm libsmbclient0-3.5.7-3.5.1.x86_64.rpm libsmbclient0-32bit-3.5.7-3.5.1.x86_64.rpm libsmbsharemodes-devel-3.5.7-3.5.1.i586.rpm libsmbsharemodes-devel-3.5.7-3.5.1.x86_64.rpm libsmbsharemodes0-3.5.7-3.5.1.i586.rpm libsmbsharemodes0-3.5.7-3.5.1.x86_64.rpm libtalloc-devel-2.0.1-3.5.1.i586.rpm libtalloc-devel-2.0.1-3.5.1.x86_64.rpm libtalloc2-2.0.1-3.5.1.i586.rpm libtalloc2-2.0.1-3.5.1.x86_64.rpm libtalloc2-32bit-2.0.1-3.5.1.x86_64.rpm libtdb-devel-1.2.1-3.5.1.i586.rpm libtdb-devel-1.2.1-3.5.1.x86_64.rpm libtdb1-1.2.1-3.5.1.i586.rpm libtdb1-1.2.1-3.5.1.x86_64.rpm libtdb1-32bit-1.2.1-3.5.1.x86_64.rpm libtevent-devel-0.9.8-3.5.1.i586.rpm libtevent-devel-0.9.8-3.5.1.x86_64.rpm libtevent0-0.9.8-3.5.1.i586.rpm libtevent0-0.9.8-3.5.1.x86_64.rpm libwbclient-devel-3.5.7-3.5.1.i586.rpm libwbclient-devel-3.5.7-3.5.1.x86_64.rpm libwbclient0-3.5.7-3.5.1.i586.rpm libwbclient0-3.5.7-3.5.1.x86_64.rpm libwbclient0-32bit-3.5.7-3.5.1.x86_64.rpm samba-3.5.7-3.5.1.i586.rpm samba-3.5.7-3.5.1.x86_64.rpm samba-32bit-3.5.7-3.5.1.x86_64.rpm samba-client-3.5.7-3.5.1.i586.rpm samba-client-3.5.7-3.5.1.x86_64.rpm samba-client-32bit-3.5.7-3.5.1.x86_64.rpm samba-devel-3.5.7-3.5.1.i586.rpm samba-devel-3.5.7-3.5.1.x86_64.rpm samba-doc-3.5.7-3.5.1.noarch.rpm samba-krb-printing-3.5.7-3.5.1.i586.rpm samba-krb-printing-3.5.7-3.5.1.x86_64.rpm samba-winbind-3.5.7-3.5.1.i586.rpm samba-winbind-3.5.7-3.5.1.x86_64.rpm samba-winbind-32bit-3.5.7-3.5.1.x86_64.rpm libldb0-debuginfo-0.9.7-3.5.1.i586.rpm libldb0-debuginfo-0.9.7-3.5.1.x86_64.rpm libnetapi0-debuginfo-3.5.7-3.5.1.i586.rpm libnetapi0-debuginfo-3.5.7-3.5.1.x86_64.rpm libsmbclient0-debuginfo-3.5.7-3.5.1.i586.rpm libsmbclient0-debuginfo-3.5.7-3.5.1.x86_64.rpm libsmbclient0-debuginfo-32bit-3.5.7-3.5.1.x86_64.rpm libsmbsharemodes0-debuginfo-3.5.7-3.5.1.i586.rpm libsmbsharemodes0-debuginfo-3.5.7-3.5.1.x86_64.rpm libtalloc2-debuginfo-2.0.1-3.5.1.i586.rpm libtalloc2-debuginfo-2.0.1-3.5.1.x86_64.rpm libtalloc2-debuginfo-32bit-2.0.1-3.5.1.x86_64.rpm libtdb1-debuginfo-1.2.1-3.5.1.i586.rpm libtdb1-debuginfo-1.2.1-3.5.1.x86_64.rpm libtdb1-debuginfo-32bit-1.2.1-3.5.1.x86_64.rpm libtevent0-debuginfo-0.9.8-3.5.1.i586.rpm libtevent0-debuginfo-0.9.8-3.5.1.x86_64.rpm libwbclient0-debuginfo-3.5.7-3.5.1.i586.rpm libwbclient0-debuginfo-3.5.7-3.5.1.x86_64.rpm libwbclient0-debuginfo-32bit-3.5.7-3.5.1.x86_64.rpm samba-client-debuginfo-3.5.7-3.5.1.i586.rpm samba-client-debuginfo-3.5.7-3.5.1.x86_64.rpm samba-client-debuginfo-32bit-3.5.7-3.5.1.x86_64.rpm samba-debuginfo-3.5.7-3.5.1.i586.rpm samba-debuginfo-3.5.7-3.5.1.x86_64.rpm samba-debuginfo-32bit-3.5.7-3.5.1.x86_64.rpm samba-debugsource-3.5.7-3.5.1.i586.rpm samba-debugsource-3.5.7-3.5.1.x86_64.rpm samba-krb-printing-debuginfo-3.5.7-3.5.1.i586.rpm samba-krb-printing-debuginfo-3.5.7-3.5.1.x86_64.rpm samba-winbind-debuginfo-3.5.7-3.5.1.i586.rpm samba-winbind-debuginfo-3.5.7-3.5.1.x86_64.rpm samba-winbind-debuginfo-32bit-3.5.7-3.5.1.x86_64.rpm clamav Moderate openSUSE 11.4 New clamav packages fix an off-by-one vulnerability which could lead to a DoS condition. CVE-2011-2721 has been assigned to this issue. clamav-0.97.2-1.2.1.i586.rpm clamav-0.97.2-1.2.1.x86_64.rpm clamav-db-0.97.2-1.2.1.noarch.rpm clamav-debuginfo-0.97.2-1.2.1.i586.rpm clamav-debuginfo-0.97.2-1.2.1.x86_64.rpm clamav-debugsource-0.97.2-1.2.1.i586.rpm clamav-debugsource-0.97.2-1.2.1.x86_64.rpm libsoup-2_4-1 Moderate openSUSE 11.4 This update of libsoup fixes a directory traversal attack that affect application using the library. CVE-2011-2524: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) libsoup-2_4-1-2.32.2-3.4.1.i586.rpm libsoup-2_4-1-2.32.2-3.4.1.x86_64.rpm libsoup-2_4-1-32bit-2.32.2-3.4.1.x86_64.rpm libsoup-2_4-1-debuginfo-2.32.2-3.4.1.i586.rpm libsoup-2_4-1-debuginfo-2.32.2-3.4.1.x86_64.rpm libsoup-2_4-1-debuginfo-32bit-2.32.2-3.4.1.x86_64.rpm glibc Moderate openSUSE 11.4 The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts). Affected passwords are potentially faster to crack via brute force methods (CVE-2011-2483). SUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method. This update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out. New passwords hashes are created with the id "$2y" to unambiguously identify them as generated with the correct implementation. Note: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update. Services that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm. FAQ: Q: I only use ASCII characters in passwords, am I a affected in any way? A: No. Q: What's the meaning of the ids before and after the update? A: Before the update: $2a -> buggy algorithm After the update: $2x -> buggy algorithm $2a -> correct algorithm $2y -> correct algorithm System logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm Q: How do I require users to change their password on next login? A: Run the following command as root for each user: chage -d 0 <username> Q: I run an application that has $2a hashes in it's password database. Some users complain that they can not log in anymore. A: Edit the password database and change the "$2a" prefix of the affected users' hashes to "$2x". They will be able to log in again but should change their password ASAP. Q: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd glibc-2.11.3-12.17.1.i586.rpm glibc-2.11.3-12.17.1.i686.rpm glibc-2.11.3-12.17.1.x86_64.rpm glibc-32bit-2.11.3-12.17.1.x86_64.rpm glibc-devel-2.11.3-12.17.1.i586.rpm glibc-devel-2.11.3-12.17.1.i686.rpm glibc-devel-2.11.3-12.17.1.x86_64.rpm glibc-devel-32bit-2.11.3-12.17.1.x86_64.rpm glibc-html-2.11.3-12.17.1.i586.rpm glibc-html-2.11.3-12.17.1.x86_64.rpm glibc-i18ndata-2.11.3-12.17.1.i586.rpm glibc-i18ndata-2.11.3-12.17.1.x86_64.rpm glibc-info-2.11.3-12.17.1.i586.rpm glibc-info-2.11.3-12.17.1.x86_64.rpm glibc-locale-2.11.3-12.17.1.i586.rpm glibc-locale-2.11.3-12.17.1.x86_64.rpm glibc-locale-32bit-2.11.3-12.17.1.x86_64.rpm glibc-obsolete-2.11.3-12.17.1.i586.rpm glibc-obsolete-2.11.3-12.17.1.x86_64.rpm glibc-profile-2.11.3-12.17.1.i586.rpm glibc-profile-2.11.3-12.17.1.x86_64.rpm glibc-profile-32bit-2.11.3-12.17.1.x86_64.rpm libxcrypt-3.0.3-9.10.1.i586.rpm libxcrypt-3.0.3-9.10.1.x86_64.rpm libxcrypt-32bit-3.0.3-9.10.1.x86_64.rpm libxcrypt-devel-3.0.3-9.10.1.i586.rpm libxcrypt-devel-3.0.3-9.10.1.x86_64.rpm nscd-2.11.3-12.17.1.i586.rpm nscd-2.11.3-12.17.1.x86_64.rpm pam-modules-11.4-3.4.1.i586.rpm pam-modules-11.4-3.4.1.x86_64.rpm pam-modules-32bit-11.4-3.4.1.x86_64.rpm pwdutils-3.2.14-4.5.1.i586.rpm pwdutils-3.2.14-4.5.1.x86_64.rpm pwdutils-plugin-audit-3.2.14-4.5.1.i586.rpm pwdutils-plugin-audit-3.2.14-4.5.1.x86_64.rpm pwdutils-rpasswd-3.2.14-4.5.1.i586.rpm pwdutils-rpasswd-3.2.14-4.5.1.x86_64.rpm pwdutils-rpasswd-32bit-3.2.14-4.5.1.x86_64.rpm glibc-debuginfo-2.11.3-12.17.1.i586.rpm glibc-debuginfo-2.11.3-12.17.1.i686.rpm glibc-debuginfo-2.11.3-12.17.1.x86_64.rpm glibc-debuginfo-32bit-2.11.3-12.17.1.x86_64.rpm glibc-debugsource-2.11.3-12.17.1.i586.rpm glibc-debugsource-2.11.3-12.17.1.i686.rpm glibc-debugsource-2.11.3-12.17.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.17.1.i586.rpm glibc-devel-debuginfo-2.11.3-12.17.1.i686.rpm glibc-devel-debuginfo-2.11.3-12.17.1.x86_64.rpm glibc-devel-debuginfo-32bit-2.11.3-12.17.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.17.1.i586.rpm glibc-locale-debuginfo-2.11.3-12.17.1.x86_64.rpm glibc-locale-debuginfo-32bit-2.11.3-12.17.1.x86_64.rpm glibc-obsolete-debuginfo-2.11.3-12.17.1.i586.rpm libxcrypt-debuginfo-3.0.3-9.10.1.i586.rpm libxcrypt-debuginfo-3.0.3-9.10.1.x86_64.rpm libxcrypt-debuginfo-32bit-3.0.3-9.10.1.x86_64.rpm libxcrypt-debugsource-3.0.3-9.10.1.i586.rpm libxcrypt-debugsource-3.0.3-9.10.1.x86_64.rpm nscd-debuginfo-2.11.3-12.17.1.i586.rpm nscd-debuginfo-2.11.3-12.17.1.x86_64.rpm pam-modules-debuginfo-11.4-3.4.1.i586.rpm pam-modules-debuginfo-11.4-3.4.1.x86_64.rpm pam-modules-debuginfo-32bit-11.4-3.4.1.x86_64.rpm pam-modules-debugsource-11.4-3.4.1.i586.rpm pam-modules-debugsource-11.4-3.4.1.x86_64.rpm pwdutils-debuginfo-3.2.14-4.5.1.i586.rpm pwdutils-debuginfo-3.2.14-4.5.1.x86_64.rpm pwdutils-debugsource-3.2.14-4.5.1.i586.rpm pwdutils-debugsource-3.2.14-4.5.1.x86_64.rpm pwdutils-plugin-audit-debuginfo-3.2.14-4.5.1.i586.rpm pwdutils-plugin-audit-debuginfo-3.2.14-4.5.1.x86_64.rpm pwdutils-rpasswd-debuginfo-3.2.14-4.5.1.i586.rpm pwdutils-rpasswd-debuginfo-3.2.14-4.5.1.x86_64.rpm pwdutils-rpasswd-debuginfo-32bit-3.2.14-4.5.1.x86_64.rpm libpng12 Moderate openSUSE 11.4 This update of libpng12-0 fixes: - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) libpng12-0-1.2.46-7.3.1.i586.rpm libpng12-0-1.2.46-7.3.1.x86_64.rpm libpng12-0-32bit-1.2.46-7.3.1.x86_64.rpm libpng12-compat-devel-1.2.46-7.3.1.i586.rpm libpng12-compat-devel-1.2.46-7.3.1.x86_64.rpm libpng12-compat-devel-32bit-1.2.46-7.3.1.x86_64.rpm libpng12-devel-1.2.46-7.3.1.i586.rpm libpng12-devel-1.2.46-7.3.1.x86_64.rpm libpng12-devel-32bit-1.2.46-7.3.1.x86_64.rpm libpng12-0-debuginfo-1.2.46-7.3.1.i586.rpm libpng12-0-debuginfo-1.2.46-7.3.1.x86_64.rpm libpng12-0-debuginfo-32bit-1.2.46-7.3.1.x86_64.rpm libpng12-debugsource-1.2.46-7.3.1.i586.rpm libpng12-debugsource-1.2.46-7.3.1.x86_64.rpm libpng14 Moderate openSUSE 11.4 This update of libpng14-14 fixes: - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) libpng14-14-1.4.4-3.4.1.i586.rpm libpng14-14-1.4.4-3.4.1.x86_64.rpm libpng14-14-32bit-1.4.4-3.4.1.x86_64.rpm libpng14-compat-devel-1.4.4-3.4.1.i586.rpm libpng14-compat-devel-1.4.4-3.4.1.x86_64.rpm libpng14-compat-devel-32bit-1.4.4-3.4.1.x86_64.rpm libpng14-devel-1.4.4-3.4.1.i586.rpm libpng14-devel-1.4.4-3.4.1.x86_64.rpm libpng14-devel-32bit-1.4.4-3.4.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-3.4.1.i586.rpm libpng14-14-debuginfo-1.4.4-3.4.1.x86_64.rpm libpng14-14-debuginfo-32bit-1.4.4-3.4.1.x86_64.rpm libpng14-debugsource-1.4.4-3.4.1.i586.rpm libpng14-debugsource-1.4.4-3.4.1.x86_64.rpm python-virtualbox Moderate openSUSE 11.4 Two privilege escalation vulnerabilities in VirtualBox have been fixed. - CVE-2011-2300: CVSS v2 Base Score: 3.7 (AV:L/AC:H/Au:N/C:P/I:P/A:P) - CVE-2011-2305: CVSS v2 Base Score: 6.2 (AV:L/AC:H/Au:N/C:C/I:C/A:C) python-virtualbox-4.0.12-0.2.1.i586.rpm python-virtualbox-4.0.12-0.2.1.x86_64.rpm virtualbox-4.0.12-0.2.1.i586.rpm virtualbox-4.0.12-0.2.1.x86_64.rpm virtualbox-devel-4.0.12-0.2.1.i586.rpm virtualbox-devel-4.0.12-0.2.1.x86_64.rpm virtualbox-guest-kmp-default-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-kmp-default-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-guest-kmp-desktop-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-kmp-desktop-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-guest-kmp-pae-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-tools-4.0.12-0.2.1.i586.rpm virtualbox-guest-tools-4.0.12-0.2.1.x86_64.rpm virtualbox-guest-x11-4.0.12-0.2.1.i586.rpm virtualbox-guest-x11-4.0.12-0.2.1.x86_64.rpm virtualbox-host-kmp-default-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-host-kmp-default-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-host-kmp-desktop-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-host-kmp-desktop-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-host-kmp-pae-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-qt-4.0.12-0.2.1.i586.rpm virtualbox-qt-4.0.12-0.2.1.x86_64.rpm python-virtualbox-debuginfo-4.0.12-0.2.1.i586.rpm python-virtualbox-debuginfo-4.0.12-0.2.1.x86_64.rpm virtualbox-debuginfo-4.0.12-0.2.1.i586.rpm virtualbox-debuginfo-4.0.12-0.2.1.x86_64.rpm virtualbox-debugsource-4.0.12-0.2.1.i586.rpm virtualbox-debugsource-4.0.12-0.2.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-guest-kmp-pae-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-guest-tools-debuginfo-4.0.12-0.2.1.i586.rpm virtualbox-guest-tools-debuginfo-4.0.12-0.2.1.x86_64.rpm virtualbox-guest-x11-debuginfo-4.0.12-0.2.1.i586.rpm virtualbox-guest-x11-debuginfo-4.0.12-0.2.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-host-kmp-default-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-host-kmp-desktop-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.x86_64.rpm virtualbox-host-kmp-pae-debuginfo-4.0.12_k2.6.37.6_0.7-0.2.1.i586.rpm virtualbox-qt-debuginfo-4.0.12-0.2.1.i586.rpm virtualbox-qt-debuginfo-4.0.12-0.2.1.x86_64.rpm apcupsd Moderate openSUSE 11.4 This update improves the last update for apcupsd. It fixes the init check to succeed with unmounted /usr. apcupsd-3.14.6-13.16.1.i586.rpm apcupsd-3.14.6-13.16.1.x86_64.rpm apcupsd-gui-3.14.6-13.16.1.i586.rpm apcupsd-gui-3.14.6-13.16.1.x86_64.rpm apcupsd-debuginfo-3.14.6-13.16.1.i586.rpm apcupsd-debuginfo-3.14.6-13.16.1.x86_64.rpm apcupsd-debugsource-3.14.6-13.16.1.i586.rpm apcupsd-debugsource-3.14.6-13.16.1.x86_64.rpm apcupsd-gui-debuginfo-3.14.6-13.16.1.i586.rpm apcupsd-gui-debuginfo-3.14.6-13.16.1.x86_64.rpm dovecot20 Low openSUSE 11.4 This update removes references to non-existent ssl_cert and ssl_key in Dovecot configuration. (bnc#696919) dovecot20-2.0.13-0.5.1.i586.rpm dovecot20-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-mysql-2.0.13-0.5.1.i586.rpm dovecot20-backend-mysql-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-pgsql-2.0.13-0.5.1.i586.rpm dovecot20-backend-pgsql-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-sqlite-2.0.13-0.5.1.i586.rpm dovecot20-backend-sqlite-2.0.13-0.5.1.x86_64.rpm dovecot20-devel-2.0.13-0.5.1.i586.rpm dovecot20-devel-2.0.13-0.5.1.x86_64.rpm dovecot20-fts-solr-2.0.13-0.5.1.i586.rpm dovecot20-fts-solr-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-mysql-debuginfo-2.0.13-0.5.1.i586.rpm dovecot20-backend-mysql-debuginfo-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-pgsql-debuginfo-2.0.13-0.5.1.i586.rpm dovecot20-backend-pgsql-debuginfo-2.0.13-0.5.1.x86_64.rpm dovecot20-backend-sqlite-debuginfo-2.0.13-0.5.1.i586.rpm dovecot20-backend-sqlite-debuginfo-2.0.13-0.5.1.x86_64.rpm dovecot20-debuginfo-2.0.13-0.5.1.i586.rpm dovecot20-debuginfo-2.0.13-0.5.1.x86_64.rpm dovecot20-debugsource-2.0.13-0.5.1.i586.rpm dovecot20-debugsource-2.0.13-0.5.1.x86_64.rpm dovecot20-fts-solr-debuginfo-2.0.13-0.5.1.i586.rpm dovecot20-fts-solr-debuginfo-2.0.13-0.5.1.x86_64.rpm dbus-1 Moderate openSUSE 11.4 local users could disconnect system daemons from the bus by sending specially crafted messages (CVE-2011-2200). dbus-1-1.4.1-7.8.1.i586.rpm dbus-1-1.4.1-7.8.1.x86_64.rpm dbus-1-32bit-1.4.1-7.8.1.x86_64.rpm dbus-1-devel-1.4.1-7.8.1.i586.rpm dbus-1-devel-1.4.1-7.8.1.x86_64.rpm dbus-1-devel-32bit-1.4.1-7.8.1.x86_64.rpm dbus-1-devel-doc-1.4.1-7.8.1.noarch.rpm dbus-1-debuginfo-1.4.1-7.8.1.i586.rpm dbus-1-debuginfo-1.4.1-7.8.1.x86_64.rpm dbus-1-debuginfo-32bit-1.4.1-7.8.1.x86_64.rpm dbus-1-debugsource-1.4.1-7.8.1.i586.rpm dbus-1-debugsource-1.4.1-7.8.1.x86_64.rpm aisleriot Low openSUSE 11.4 This update fixes glchess (gnome-games) crash in 3D mode (#709856). aisleriot-2.32.1-11.12.1.i586.rpm aisleriot-2.32.1-11.12.1.x86_64.rpm aisleriot-lang-2.32.1-11.12.1.noarch.rpm glchess-2.32.1-11.12.1.i586.rpm glchess-2.32.1-11.12.1.x86_64.rpm glchess-lang-2.32.1-11.12.1.noarch.rpm glines-2.32.1-11.12.1.i586.rpm glines-2.32.1-11.12.1.x86_64.rpm glines-lang-2.32.1-11.12.1.noarch.rpm gnect-2.32.1-11.12.1.i586.rpm gnect-2.32.1-11.12.1.x86_64.rpm gnect-lang-2.32.1-11.12.1.noarch.rpm gnibbles-2.32.1-11.12.1.i586.rpm gnibbles-2.32.1-11.12.1.x86_64.rpm gnibbles-lang-2.32.1-11.12.1.noarch.rpm gnobots2-2.32.1-11.12.1.i586.rpm gnobots2-2.32.1-11.12.1.x86_64.rpm gnobots2-lang-2.32.1-11.12.1.noarch.rpm gnome-games-2.32.1-11.12.1.i586.rpm gnome-games-2.32.1-11.12.1.x86_64.rpm gnome-games-recommended-2.32.1-11.12.1.i586.rpm gnome-games-recommended-2.32.1-11.12.1.x86_64.rpm gnome-games-support-2.32.1-11.12.1.i586.rpm gnome-games-support-2.32.1-11.12.1.x86_64.rpm gnome-games-support-lang-2.32.1-11.12.1.noarch.rpm gnome-sudoku-2.32.1-11.12.1.i586.rpm gnome-sudoku-2.32.1-11.12.1.x86_64.rpm gnome-sudoku-lang-2.32.1-11.12.1.noarch.rpm gnomine-2.32.1-11.12.1.i586.rpm gnomine-2.32.1-11.12.1.x86_64.rpm gnomine-lang-2.32.1-11.12.1.noarch.rpm gnotravex-2.32.1-11.12.1.i586.rpm gnotravex-2.32.1-11.12.1.x86_64.rpm gnotravex-lang-2.32.1-11.12.1.noarch.rpm gnotski-2.32.1-11.12.1.i586.rpm gnotski-2.32.1-11.12.1.x86_64.rpm gnotski-lang-2.32.1-11.12.1.noarch.rpm gtali-2.32.1-11.12.1.i586.rpm gtali-2.32.1-11.12.1.x86_64.rpm gtali-lang-2.32.1-11.12.1.noarch.rpm iagno-2.32.1-11.12.1.i586.rpm iagno-2.32.1-11.12.1.x86_64.rpm iagno-lang-2.32.1-11.12.1.noarch.rpm lightsoff-2.32.1-11.12.1.i586.rpm lightsoff-2.32.1-11.12.1.x86_64.rpm lightsoff-lang-2.32.1-11.12.1.noarch.rpm mahjongg-2.32.1-11.12.1.i586.rpm mahjongg-2.32.1-11.12.1.x86_64.rpm mahjongg-lang-2.32.1-11.12.1.noarch.rpm quadrapassel-2.32.1-11.12.1.i586.rpm quadrapassel-2.32.1-11.12.1.x86_64.rpm quadrapassel-lang-2.32.1-11.12.1.noarch.rpm swell-foop-2.32.1-11.12.1.i586.rpm swell-foop-2.32.1-11.12.1.x86_64.rpm swell-foop-lang-2.32.1-11.12.1.noarch.rpm aisleriot-debuginfo-2.32.1-11.12.1.i586.rpm aisleriot-debuginfo-2.32.1-11.12.1.x86_64.rpm glines-debuginfo-2.32.1-11.12.1.i586.rpm glines-debuginfo-2.32.1-11.12.1.x86_64.rpm gnect-debuginfo-2.32.1-11.12.1.i586.rpm gnect-debuginfo-2.32.1-11.12.1.x86_64.rpm gnibbles-debuginfo-2.32.1-11.12.1.i586.rpm gnibbles-debuginfo-2.32.1-11.12.1.x86_64.rpm gnobots2-debuginfo-2.32.1-11.12.1.i586.rpm gnobots2-debuginfo-2.32.1-11.12.1.x86_64.rpm gnome-games-debugsource-2.32.1-11.12.1.i586.rpm gnome-games-debugsource-2.32.1-11.12.1.x86_64.rpm gnome-games-support-debuginfo-2.32.1-11.12.1.i586.rpm gnome-games-support-debuginfo-2.32.1-11.12.1.x86_64.rpm gnomine-debuginfo-2.32.1-11.12.1.i586.rpm gnomine-debuginfo-2.32.1-11.12.1.x86_64.rpm gnotravex-debuginfo-2.32.1-11.12.1.i586.rpm gnotravex-debuginfo-2.32.1-11.12.1.x86_64.rpm gnotski-debuginfo-2.32.1-11.12.1.i586.rpm gnotski-debuginfo-2.32.1-11.12.1.x86_64.rpm gtali-debuginfo-2.32.1-11.12.1.i586.rpm gtali-debuginfo-2.32.1-11.12.1.x86_64.rpm iagno-debuginfo-2.32.1-11.12.1.i586.rpm iagno-debuginfo-2.32.1-11.12.1.x86_64.rpm mahjongg-debuginfo-2.32.1-11.12.1.i586.rpm mahjongg-debuginfo-2.32.1-11.12.1.x86_64.rpm quadrapassel-debuginfo-2.32.1-11.12.1.i586.rpm quadrapassel-debuginfo-2.32.1-11.12.1.x86_64.rpm libltdl7 Low openSUSE 11.4 Because the C++ compiler was missing when building libtool the installed libtool will not call any compiler other than the C one. This version of libtool is configured with compilers for C++, Fortran and Objective C present at build time. libltdl7-2.2.6b-13.18.1.i586.rpm libltdl7-2.2.6b-13.18.1.x86_64.rpm libltdl7-32bit-2.2.6b-13.18.1.x86_64.rpm libtool-2.2.6b-13.18.1.i586.rpm libtool-2.2.6b-13.18.1.x86_64.rpm libtool-32bit-2.2.6b-13.18.1.x86_64.rpm libltdl7-debuginfo-2.2.6b-13.18.1.i586.rpm libltdl7-debuginfo-2.2.6b-13.18.1.x86_64.rpm libltdl7-debuginfo-32bit-2.2.6b-13.18.1.x86_64.rpm libtool-debugsource-2.2.6b-13.18.1.i586.rpm libtool-debugsource-2.2.6b-13.18.1.x86_64.rpm selinux-policy Low openSUSE 11.4 The following bug is fixed by this update: - #635304: /dev files under SELinux don't to have the right security context selinux-policy-2.20081210-12.13.1.noarch.rpm selinux-policy-refpolicy-mcs-2.20081210-12.13.1.noarch.rpm selinux-policy-refpolicy-mls-2.20081210-12.13.1.noarch.rpm selinux-policy-refpolicy-standard-2.20081210-12.13.1.noarch.rpm libwx_base-2_8-0-compat-lib-wxcontainer Low openSUSE 11.4 This update fixes a crash at drag and drop operations, at least in Filezilla, but possibly in other applications, too. (#708402) libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_baseu-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_baseu-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu_net-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_baseu_net-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu_xml-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_baseu_xml-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_core-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_fl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_html-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_media-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_ogl-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-compat-lib-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-compat-lib-config-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-devel-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-devel-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-2.8.11-3.13.1.x86_64.rpm wxWidgets-compat-lib-config-2.8.11-4.13.1.i586.rpm wxWidgets-compat-lib-config-2.8.11-4.13.1.x86_64.rpm wxWidgets-devel-2.8.11-4.13.1.i586.rpm wxWidgets-devel-2.8.11-4.13.1.x86_64.rpm wxWidgets-lang-2.8.11-4.13.1.noarch.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.13.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-2.8.11-4.13.1.x86_64.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-compat-lib-config-2.8.11-3.13.1.x86_64.rpm wxWidgets-wxcontainer-devel-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-devel-2.8.11-3.13.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-2.8.11-3.13.1.x86_64.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_base-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_base_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_base_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_baseu-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_baseu-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_baseu_net-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_baseu_net-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_baseu_xml-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_baseu_xml-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_adv-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_aui-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_core-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_core-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_fl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gizmos_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_gl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_html-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_html-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_media-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_media-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_mmedia-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_ogl-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_plot-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_qa-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_richtext-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_stc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_svg-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm libwx_gtk2u_xrc-2_8-0-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-debugsource-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-debugsource-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-devel-debuginfo-2.8.11-3.13.1.x86_64.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm wxWidgets-ansi-plugin-sound_sdl-2_8-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm wxWidgets-debugsource-2.8.11-4.13.1.i586.rpm wxWidgets-debugsource-2.8.11-4.13.1.x86_64.rpm wxWidgets-devel-debuginfo-2.8.11-4.13.1.i586.rpm wxWidgets-devel-debuginfo-2.8.11-4.13.1.x86_64.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.13.1.i586.rpm wxWidgets-plugin-sound_sdlu-2_8-stl-debuginfo-2.8.11-4.13.1.x86_64.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-debugsource-2.8.11-3.13.1.x86_64.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-devel-debuginfo-2.8.11-3.13.1.x86_64.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.13.1.i586.rpm wxWidgets-wxcontainer-plugin-sound_sdlu-2_8-wxcontainer-debuginfo-2.8.11-3.13.1.x86_64.rpm glib2 Low openSUSE 11.4 When DBUS_SESSION_BUS_ADDRESS is set to the valid socket of another user glib aborts due to an assertion failure if more than one connection attempt via gdbus is made, leading to Glib-Gio error messages. Fixed by this update. glib2-branding-upstream-2.28.0-3.8.1.i586.rpm glib2-branding-upstream-2.28.0-3.8.1.x86_64.rpm glib2-devel-2.28.0-3.8.1.i586.rpm glib2-devel-2.28.0-3.8.1.x86_64.rpm glib2-devel-static-2.28.0-3.8.1.i586.rpm glib2-devel-static-2.28.0-3.8.1.x86_64.rpm glib2-lang-2.28.0-3.8.1.noarch.rpm glib2-tools-2.28.0-3.8.1.i586.rpm glib2-tools-2.28.0-3.8.1.x86_64.rpm glib2-tools-32bit-2.28.0-3.8.1.x86_64.rpm libgio-2_0-0-2.28.0-3.8.1.i586.rpm libgio-2_0-0-2.28.0-3.8.1.x86_64.rpm libgio-2_0-0-32bit-2.28.0-3.8.1.x86_64.rpm libgio-fam-2.28.0-3.8.1.i586.rpm libgio-fam-2.28.0-3.8.1.x86_64.rpm libgio-fam-32bit-2.28.0-3.8.1.x86_64.rpm libglib-2_0-0-2.28.0-3.8.1.i586.rpm libglib-2_0-0-2.28.0-3.8.1.x86_64.rpm libglib-2_0-0-32bit-2.28.0-3.8.1.x86_64.rpm libgmodule-2_0-0-2.28.0-3.8.1.i586.rpm libgmodule-2_0-0-2.28.0-3.8.1.x86_64.rpm libgmodule-2_0-0-32bit-2.28.0-3.8.1.x86_64.rpm libgobject-2_0-0-2.28.0-3.8.1.i586.rpm libgobject-2_0-0-2.28.0-3.8.1.x86_64.rpm libgobject-2_0-0-32bit-2.28.0-3.8.1.x86_64.rpm libgthread-2_0-0-2.28.0-3.8.1.i586.rpm libgthread-2_0-0-2.28.0-3.8.1.x86_64.rpm libgthread-2_0-0-32bit-2.28.0-3.8.1.x86_64.rpm glib2-debugsource-2.28.0-3.8.1.i586.rpm glib2-debugsource-2.28.0-3.8.1.x86_64.rpm glib2-devel-debuginfo-2.28.0-3.8.1.i586.rpm glib2-devel-debuginfo-2.28.0-3.8.1.x86_64.rpm glib2-tools-debuginfo-2.28.0-3.8.1.i586.rpm glib2-tools-debuginfo-2.28.0-3.8.1.x86_64.rpm glib2-tools-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libgio-2_0-0-debuginfo-2.28.0-3.8.1.i586.rpm libgio-2_0-0-debuginfo-2.28.0-3.8.1.x86_64.rpm libgio-2_0-0-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libgio-fam-debuginfo-2.28.0-3.8.1.i586.rpm libgio-fam-debuginfo-2.28.0-3.8.1.x86_64.rpm libgio-fam-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libglib-2_0-0-debuginfo-2.28.0-3.8.1.i586.rpm libglib-2_0-0-debuginfo-2.28.0-3.8.1.x86_64.rpm libglib-2_0-0-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libgmodule-2_0-0-debuginfo-2.28.0-3.8.1.i586.rpm libgmodule-2_0-0-debuginfo-2.28.0-3.8.1.x86_64.rpm libgmodule-2_0-0-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libgobject-2_0-0-debuginfo-2.28.0-3.8.1.i586.rpm libgobject-2_0-0-debuginfo-2.28.0-3.8.1.x86_64.rpm libgobject-2_0-0-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm libgthread-2_0-0-debuginfo-2.28.0-3.8.1.i586.rpm libgthread-2_0-0-debuginfo-2.28.0-3.8.1.x86_64.rpm libgthread-2_0-0-debuginfo-32bit-2.28.0-3.8.1.x86_64.rpm cgit Moderate openSUSE 11.4 This update of cgit fixes a XSS vulnerability. CVE-2011-2711: CVSS v2 Base Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) cgit-0.8.3.3-5.7.1.i586.rpm cgit-0.8.3.3-5.7.1.x86_64.rpm cgit-debuginfo-0.8.3.3-5.7.1.i586.rpm cgit-debuginfo-0.8.3.3-5.7.1.x86_64.rpm cgit-debugsource-0.8.3.3-5.7.1.i586.rpm cgit-debugsource-0.8.3.3-5.7.1.x86_64.rpm flash-player Critical openSUSE 11.4 The update to Flash-Player 10.3.188.5 fixes various security issues: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2130). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2134). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2135). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2136). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2137). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2138). This update resolves a cross-site information disclosure vulnerability that could lead to code execution (CVE-2011-2139). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2140). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2414). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2415). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2416). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2417). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2425). flash-player-10.3.183.5-0.2.1.i586.rpm foomatic-filters Moderate openSUSE 11.4 The foomatic print filters of the hplip package contained a remote code execution vulnerability. Remote users, if allowed to access a print server such as CUPS, could execute arbitrary commands as lp system user. CVE-2011-2964: CVSS v2 Base Score: 6.8 (moderate) (AV:N/AC:M/Au:N/C:P/I:P/A:P): Code Injection (CWE-94) foomatic-filters-4.0.6-7.8.1.i586.rpm foomatic-filters-4.0.6-7.8.1.x86_64.rpm foomatic-filters-debuginfo-4.0.6-7.8.1.i586.rpm foomatic-filters-debuginfo-4.0.6-7.8.1.x86_64.rpm foomatic-filters-debugsource-4.0.6-7.8.1.i586.rpm foomatic-filters-debugsource-4.0.6-7.8.1.x86_64.rpm apache2-mod_apparmor Low openSUSE 11.4 This profile update fixes access to the /var/mail symlink which points to /var/spool/mail apache2-mod_apparmor-2.5.1.r1445-52.61.1.i586.rpm apache2-mod_apparmor-2.5.1.r1445-52.61.1.x86_64.rpm apparmor-docs-2.5.1.r1445-52.63.1.noarch.rpm apparmor-parser-2.5.1.r1445-52.63.1.i586.rpm apparmor-parser-2.5.1.r1445-52.63.1.x86_64.rpm apparmor-parser-lang-2.5.1.r1445-52.63.1.noarch.rpm apparmor-profiles-2.5.1.r1445-52.63.1.noarch.rpm apparmor-utils-2.5.1.r1445-52.63.1.noarch.rpm apparmor-utils-lang-2.5.1.r1445-52.63.1.noarch.rpm libapparmor-devel-2.5.1.r1445-52.61.1.i586.rpm libapparmor-devel-2.5.1.r1445-52.61.1.x86_64.rpm libapparmor1-2.5.1.r1445-52.61.1.i586.rpm libapparmor1-2.5.1.r1445-52.61.1.x86_64.rpm libapparmor1-32bit-2.5.1.r1445-52.61.1.x86_64.rpm pam_apparmor-2.5.1.r1445-52.61.1.i586.rpm pam_apparmor-2.5.1.r1445-52.61.1.x86_64.rpm pam_apparmor-32bit-2.5.1.r1445-52.61.1.x86_64.rpm perl-apparmor-2.5.1.r1445-52.61.1.i586.rpm perl-apparmor-2.5.1.r1445-52.61.1.x86_64.rpm tomcat_apparmor-2.5.1.r1445-52.61.1.i586.rpm tomcat_apparmor-2.5.1.r1445-52.61.1.x86_64.rpm apparmor-debugsource-2.5.1.r1445-52.63.1.i586.rpm apparmor-debugsource-2.5.1.r1445-52.63.1.x86_64.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.63.1.i586.rpm apparmor-parser-debuginfo-2.5.1.r1445-52.63.1.x86_64.rpm libapparmor1-debuginfo-2.5.1.r1445-52.61.1.i586.rpm libapparmor1-debuginfo-2.5.1.r1445-52.61.1.x86_64.rpm libapparmor1-debuginfo-32bit-2.5.1.r1445-52.61.1.x86_64.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.61.1.i586.rpm pam_apparmor-debuginfo-2.5.1.r1445-52.61.1.x86_64.rpm pam_apparmor-debuginfo-32bit-2.5.1.r1445-52.61.1.x86_64.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.61.1.i586.rpm perl-apparmor-debuginfo-2.5.1.r1445-52.61.1.x86_64.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.61.1.i586.rpm tomcat_apparmor-debuginfo-2.5.1.r1445-52.61.1.x86_64.rpm ecryptfs-utils Important openSUSE 11.4 This update of ecryptfs-utils fixes several security problems: - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 - Improper mtab handling allowing corruption due to resource limits, signals, etc. - CVE-2011-1835 - Key poisoning in ecryptfs-setup-private due to insecure temp directory. - CVE-2011-1837 - Predictable lock counter name and associated races. ecryptfs-utils-83-6.7.1.i586.rpm ecryptfs-utils-83-6.7.1.x86_64.rpm ecryptfs-utils-32bit-83-6.7.1.x86_64.rpm ecryptfs-utils-debuginfo-83-6.7.1.i586.rpm ecryptfs-utils-debuginfo-83-6.7.1.x86_64.rpm ecryptfs-utils-debuginfo-32bit-83-6.7.1.x86_64.rpm ecryptfs-utils-debugsource-83-6.7.1.i586.rpm ecryptfs-utils-debugsource-83-6.7.1.x86_64.rpm hplip Moderate openSUSE 11.4 This update of hplip fixes: - CVE-2004-0801: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P): This patch originally affected foomatic-rip in CUPS but was found to be in foomatic-rip-hplip too. hplip-3.11.5-1.5.1.i586.rpm hplip-3.11.5-1.5.1.x86_64.rpm hplip-hpijs-3.11.5-1.5.1.i586.rpm hplip-hpijs-3.11.5-1.5.1.x86_64.rpm hplip-debuginfo-3.11.5-1.5.1.i586.rpm hplip-debuginfo-3.11.5-1.5.1.x86_64.rpm hplip-debugsource-3.11.5-1.5.1.i586.rpm hplip-debugsource-3.11.5-1.5.1.x86_64.rpm hplip-hpijs-debuginfo-3.11.5-1.5.1.i586.rpm hplip-hpijs-debuginfo-3.11.5-1.5.1.x86_64.rpm libfm Important openSUSE 11.4 This update brings pcmanfm and libfm to rc3, fixing several bugs in both components like: - Fix bnc#710881 - "pcmanfm cut and paste a folder to a destination folder without write permission causes data loss" - Fix sf#3308324 - "~ in location bar cause pcmanfm crash" - Fix sf#3286157 - "Entering path with two initial slashes // crashes" - Fix sf#3284001 - "Crash when entering path with trailing slash" This is related to GTK+ bug #650114, which is already fixed. libfm-0.1.16_rc3-0.3.1.i586.rpm libfm-0.1.16_rc3-0.3.1.x86_64.rpm libfm-devel-0.1.16_rc3-0.3.1.i586.rpm libfm-devel-0.1.16_rc3-0.3.1.x86_64.rpm libfm-doc-0.1.16_rc3-0.3.1.i586.rpm libfm-doc-0.1.16_rc3-0.3.1.x86_64.rpm libfm-gtk1-0.1.16_rc3-0.3.1.i586.rpm libfm-gtk1-0.1.16_rc3-0.3.1.x86_64.rpm libfm1-0.1.16_rc3-0.3.1.i586.rpm libfm1-0.1.16_rc3-0.3.1.x86_64.rpm pcmanfm-0.9.9_rc3-0.3.1.i586.rpm pcmanfm-0.9.9_rc3-0.3.1.x86_64.rpm pcmanfm-lang-0.9.9_rc3-0.3.1.noarch.rpm libfm-debugsource-0.1.16_rc3-0.3.1.i586.rpm libfm-debugsource-0.1.16_rc3-0.3.1.x86_64.rpm libfm-gtk1-debuginfo-0.1.16_rc3-0.3.1.i586.rpm libfm-gtk1-debuginfo-0.1.16_rc3-0.3.1.x86_64.rpm libfm1-debuginfo-0.1.16_rc3-0.3.1.i586.rpm libfm1-debuginfo-0.1.16_rc3-0.3.1.x86_64.rpm pcmanfm-debuginfo-0.9.9_rc3-0.3.1.i586.rpm pcmanfm-debuginfo-0.9.9_rc3-0.3.1.x86_64.rpm pcmanfm-debugsource-0.9.9_rc3-0.3.1.i586.rpm pcmanfm-debugsource-0.9.9_rc3-0.3.1.x86_64.rpm blinken Low openSUSE 11.4 This update fixes a crash when zooming in marble (bnc#695213) blinken-4.6.0-4.5.1.i586.rpm blinken-4.6.0-4.5.1.x86_64.rpm cantor-4.6.0-4.5.1.i586.rpm cantor-4.6.0-4.5.1.x86_64.rpm kalgebra-4.6.0-4.5.1.i586.rpm kalgebra-4.6.0-4.5.1.x86_64.rpm kalzium-4.6.0-4.5.1.i586.rpm kalzium-4.6.0-4.5.1.x86_64.rpm kanagram-4.6.0-4.5.1.i586.rpm kanagram-4.6.0-4.5.1.x86_64.rpm kbruch-4.6.0-4.5.1.i586.rpm kbruch-4.6.0-4.5.1.x86_64.rpm kdeedu4-4.6.0-4.5.1.i586.rpm kdeedu4-4.6.0-4.5.1.x86_64.rpm kgeography-4.6.0-4.5.1.i586.rpm kgeography-4.6.0-4.5.1.x86_64.rpm khangman-4.6.0-4.5.1.i586.rpm khangman-4.6.0-4.5.1.x86_64.rpm kig-4.6.0-4.5.1.i586.rpm kig-4.6.0-4.5.1.x86_64.rpm kiten-4.6.0-4.5.1.i586.rpm kiten-4.6.0-4.5.1.x86_64.rpm klettres-4.6.0-4.5.1.i586.rpm klettres-4.6.0-4.5.1.x86_64.rpm kmplot-4.6.0-4.5.1.i586.rpm kmplot-4.6.0-4.5.1.x86_64.rpm kstars-4.6.0-4.5.1.i586.rpm kstars-4.6.0-4.5.1.x86_64.rpm ktouch-4.6.0-4.5.1.i586.rpm ktouch-4.6.0-4.5.1.x86_64.rpm kturtle-4.6.0-4.5.1.i586.rpm kturtle-4.6.0-4.5.1.x86_64.rpm kwordquiz-4.6.0-4.5.1.i586.rpm kwordquiz-4.6.0-4.5.1.x86_64.rpm libSatLib4-4.6.0-4.5.1.i586.rpm libSatLib4-4.6.0-4.5.1.x86_64.rpm libkdeedu4-4.6.0-4.5.1.i586.rpm libkdeedu4-4.6.0-4.5.1.x86_64.rpm libkdeedu4-devel-4.6.0-4.5.1.i586.rpm libkdeedu4-devel-4.6.0-4.5.1.x86_64.rpm marble-4.6.0-4.5.1.i586.rpm marble-4.6.0-4.5.1.x86_64.rpm marble-devel-4.6.0-4.5.1.i586.rpm marble-devel-4.6.0-4.5.1.x86_64.rpm parley-4.6.0-4.5.1.i586.rpm parley-4.6.0-4.5.1.x86_64.rpm rocs-4.6.0-4.5.1.i586.rpm rocs-4.6.0-4.5.1.x86_64.rpm rocs-devel-4.6.0-4.5.1.i586.rpm rocs-devel-4.6.0-4.5.1.x86_64.rpm step-4.6.0-4.5.1.i586.rpm step-4.6.0-4.5.1.x86_64.rpm blinken-debuginfo-4.6.0-4.5.1.i586.rpm blinken-debuginfo-4.6.0-4.5.1.x86_64.rpm cantor-debuginfo-4.6.0-4.5.1.i586.rpm cantor-debuginfo-4.6.0-4.5.1.x86_64.rpm kalgebra-debuginfo-4.6.0-4.5.1.i586.rpm kalgebra-debuginfo-4.6.0-4.5.1.x86_64.rpm kalzium-debuginfo-4.6.0-4.5.1.i586.rpm kalzium-debuginfo-4.6.0-4.5.1.x86_64.rpm kanagram-debuginfo-4.6.0-4.5.1.i586.rpm kanagram-debuginfo-4.6.0-4.5.1.x86_64.rpm kbruch-debuginfo-4.6.0-4.5.1.i586.rpm kbruch-debuginfo-4.6.0-4.5.1.x86_64.rpm kdeedu4-debugsource-4.6.0-4.5.1.i586.rpm kdeedu4-debugsource-4.6.0-4.5.1.x86_64.rpm kgeography-debuginfo-4.6.0-4.5.1.i586.rpm kgeography-debuginfo-4.6.0-4.5.1.x86_64.rpm khangman-debuginfo-4.6.0-4.5.1.i586.rpm khangman-debuginfo-4.6.0-4.5.1.x86_64.rpm kig-debuginfo-4.6.0-4.5.1.i586.rpm kig-debuginfo-4.6.0-4.5.1.x86_64.rpm kiten-debuginfo-4.6.0-4.5.1.i586.rpm kiten-debuginfo-4.6.0-4.5.1.x86_64.rpm klettres-debuginfo-4.6.0-4.5.1.i586.rpm klettres-debuginfo-4.6.0-4.5.1.x86_64.rpm kmplot-debuginfo-4.6.0-4.5.1.i586.rpm kmplot-debuginfo-4.6.0-4.5.1.x86_64.rpm kstars-debuginfo-4.6.0-4.5.1.i586.rpm kstars-debuginfo-4.6.0-4.5.1.x86_64.rpm ktouch-debuginfo-4.6.0-4.5.1.i586.rpm ktouch-debuginfo-4.6.0-4.5.1.x86_64.rpm kturtle-debuginfo-4.6.0-4.5.1.i586.rpm kturtle-debuginfo-4.6.0-4.5.1.x86_64.rpm kwordquiz-debuginfo-4.6.0-4.5.1.i586.rpm kwordquiz-debuginfo-4.6.0-4.5.1.x86_64.rpm libSatLib4-debuginfo-4.6.0-4.5.1.i586.rpm libSatLib4-debuginfo-4.6.0-4.5.1.x86_64.rpm libkdeedu4-debuginfo-4.6.0-4.5.1.i586.rpm libkdeedu4-debuginfo-4.6.0-4.5.1.x86_64.rpm marble-debuginfo-4.6.0-4.5.1.i586.rpm marble-debuginfo-4.6.0-4.5.1.x86_64.rpm parley-debuginfo-4.6.0-4.5.1.i586.rpm parley-debuginfo-4.6.0-4.5.1.x86_64.rpm rocs-debuginfo-4.6.0-4.5.1.i586.rpm rocs-debuginfo-4.6.0-4.5.1.x86_64.rpm step-debuginfo-4.6.0-4.5.1.i586.rpm step-debuginfo-4.6.0-4.5.1.x86_64.rpm tomcat6 Moderate openSUSE 11.4 The following security issues were fixed in tomcat: - Fixed a tomcat user password information leak (CVE-2011-2204) - Fixed atomcat information leak and DoS (CVE-2011-2526) Also one bug was fixed: - fix bnc#702289 - suse manager pam ldap authentication fails * source CATALINA_HOME/bin/setenv.sh if exists tomcat6-6.0.32-7.8.1.noarch.rpm tomcat6-admin-webapps-6.0.32-7.8.1.noarch.rpm tomcat6-docs-webapp-6.0.32-7.8.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-7.8.1.noarch.rpm tomcat6-javadoc-6.0.32-7.8.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-7.8.1.noarch.rpm tomcat6-lib-6.0.32-7.8.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-7.8.1.noarch.rpm tomcat6-webapps-6.0.32-7.8.1.noarch.rpm libmodplug Important openSUSE 11.4 This update of libmodplug0 fixes the following issues: 1) An integer overflow error exists within the "CSoundFile::ReadWav()" function (src/load_wav.cpp) when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WAV file. (CVE-2011-2911) 2) Boundary errors within the "CSoundFile::ReadS3M()" function (src/load_s3m.cpp) when processing S3M files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted S3M file. (CVE-2011-2912) 3) An off-by-one error within the "CSoundFile::ReadAMS()" function (src/load_ams.cpp) can be exploited to cause a stack corruption by tricking a user into opening a specially crafted AMS file. (CVE-2011-2913) 4) An off-by-one error within the "CSoundFile::ReadDSM()" function (src/load_dms.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted DSM file. (CVE-2011-2914) 5) An off-by-one error within the "CSoundFile::ReadAMS2()" function (src/load_ams.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted AMS file. (CVE-2011-2915) Also an overflow in the ABC loader was fixed. (CVE-2011-1761) libmodplug-devel-0.8.8.4-2.2.1.i586.rpm libmodplug-devel-0.8.8.4-2.2.1.x86_64.rpm libmodplug0-0.8.8.4-2.2.1.i586.rpm libmodplug0-0.8.8.4-2.2.1.x86_64.rpm libmodplug0-32bit-0.8.8.4-2.2.1.x86_64.rpm libmodplug-debugsource-0.8.8.4-2.2.1.i586.rpm libmodplug-debugsource-0.8.8.4-2.2.1.x86_64.rpm libmodplug0-debuginfo-0.8.8.4-2.2.1.i586.rpm libmodplug0-debuginfo-0.8.8.4-2.2.1.x86_64.rpm libmodplug0-debuginfo-32bit-0.8.8.4-2.2.1.x86_64.rpm mozilla-js192 Important openSUSE 11.4 Mozilla XULRunner was updated to version 1.9.2.20. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-30.ht ml Mozilla Foundation Security Advisory 2011-30 (MFSA 2011-30) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Miscellaneous memory safety hazards Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Gary Kwong, Igor Bukanov, Nils and Bob Clary reported memory safety issues which affected Firefox 3.6. (CVE-2011-2982) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Crash in SVGTextElement.getCharNumAtPosition() Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability. (CVE-2011-0084) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Privilege escalation using event handlers Mozilla security researcher moz_bug_r_a_4 reported a vulnerability in event management code that would permit JavaScript to be run in the wrong context, including that of a different website or potentially in a chrome-privileged context. (CVE-2011-2981) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Dangling pointer vulnerability in appendChild Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that appendChild did not correctly account for DOM objects it operated upon and could be exploited to dereference an invalid pointer. (CVE-2011-2378) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Privilege escalation dropping a tab element in content area Mozilla security researcher moz_bug_r_a4 reported that web content could receive chrome privileges if it registered for drop events and a browser tab element was dropped into the content area. (CVE-2011-2984) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Binary planting vulnerability in ThinkPadSensor::Startup Security researcher Mitja Kolsek of Acros Security reported that ThinkPadSensor::Startup could potentially be exploited to load a malicious DLL into the running process. (CVE-2011-2980) (This issue is likely Windows only) dbg114-mozilla-js192-5010 mozilla-js192-5010 new_updateinfo Private data leakage using RegExp.input Security researcher shutdown reported that data from other domains could be read when RegExp.input was set. (CVE-2011-2983) mozilla-js192-1.9.2.20-1.2.1.i586.rpm mozilla-js192-1.9.2.20-1.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.20-1.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.20-1.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.20-1.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.20-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.20-1.2.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 Mozilla Firefox was updated to version 6. It brings new features, fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-29.ht ml Mozilla Foundation Security Advisory 2011-29 (MFSA 2011-29) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Miscellaneous memory safety hazards: Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Aral Yaman reported a WebGL crash which affected Firefox 4 and Firefox 5. (CVE-2011-2989) Vivekanand Bolajwar reported a JavaScript crash which affected Firefox 4 and Firefox 5. (CVE-2011-2991) Bert Hubert and Theo Snelleman of Fox-IT reported a crash in the Ogg reader which affected Firefox 4 and Firefox 5. (CVE-2011-2992) Mozilla developers and community members Robert Kaiser, Jesse Ruderman, moz_bug_r_a4, Mardeg, Gary Kwong, Christoph Diehl, Martijn Wargers, Travis Emmitt, Bob Clary and Jonathan Watt reported memory safety issues which affected Firefox 4 and Firefox 5. (CVE-2011-2985) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Unsigned scripts can call script inside signed JAR Rafael Gieschke reported that unsigned JavaScript could call into script inside a signed JAR thereby inheriting the identity of the site that signed the JAR as well as any permissions that a user had granted the signed JAR. (CVE-2011-2993) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo String crash using WebGL shaders Michael Jordon of Context IS reported that an overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code. (CVE-2011-2988) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Heap overflow in ANGLE library Michael Jordon of Context IS reported a potentially exploitable heap overflow in the ANGLE library used by Mozilla's WebGL implementation. (CVE-2011-2987) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Crash in SVGTextElement.getCharNumAtPosition() Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability. (CVE-2011-0084) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Credential leakage using Content Security Policy reports Mike Cardwell reported that Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Daniel Veditz reported that redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy. (CVE-2011-2990) dbg114-MozillaFirefox-5020 MozillaFirefox-5020 new_updateinfo Cross-origin data theft using canvas and Windows D2D nasalislarvatus3000 reported that when using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain. (CVE-2011-2986) MozillaFirefox-6.0-2.2.1.i586.rpm MozillaFirefox-6.0-2.2.1.x86_64.rpm MozillaFirefox-branding-upstream-6.0-2.2.1.i586.rpm MozillaFirefox-branding-upstream-6.0-2.2.1.x86_64.rpm MozillaFirefox-buildsymbols-6.0-2.2.1.i586.rpm MozillaFirefox-buildsymbols-6.0-2.2.1.x86_64.rpm MozillaFirefox-devel-6.0-2.2.1.i586.rpm MozillaFirefox-devel-6.0-2.2.1.x86_64.rpm MozillaFirefox-translations-common-6.0-2.2.1.i586.rpm MozillaFirefox-translations-common-6.0-2.2.1.x86_64.rpm MozillaFirefox-translations-other-6.0-2.2.1.i586.rpm MozillaFirefox-translations-other-6.0-2.2.1.x86_64.rpm MozillaFirefox-debuginfo-6.0-2.2.1.i586.rpm MozillaFirefox-debuginfo-6.0-2.2.1.x86_64.rpm MozillaFirefox-debugsource-6.0-2.2.1.i586.rpm MozillaFirefox-debugsource-6.0-2.2.1.x86_64.rpm libproxy Low openSUSE 11.4 This update fixes the following issues: - #149: always test for the right python noarch module path - #155: Cannot compile with Firefox 4 - #156: libproxy should build against webkitgtk-3.0 - #158: Won't compile w/ xulrunner 2.0 final - #159: libproxy fails with autoconfiguration "http://proxy.domain.com" - #131: GSettings-based GNOME plugin - #150: SUSE sysconfig/proxy config support libproxy-devel-0.4.7-6.3.1.i586.rpm libproxy-devel-0.4.7-6.3.1.x86_64.rpm libproxy-sharp-0.4.7-6.3.1.i586.rpm libproxy-sharp-0.4.7-6.3.1.x86_64.rpm libproxy-tools-0.4.7-6.3.1.i586.rpm libproxy-tools-0.4.7-6.3.1.x86_64.rpm libproxy1-0.4.7-6.3.1.i586.rpm libproxy1-0.4.7-6.3.1.x86_64.rpm libproxy1-32bit-0.4.7-6.3.1.x86_64.rpm libproxy1-config-gnome-0.4.7-3.3.1.i586.rpm libproxy1-config-gnome-0.4.7-3.3.1.x86_64.rpm libproxy1-config-gnome-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-config-kde4-0.4.7-3.3.1.i586.rpm libproxy1-config-kde4-0.4.7-3.3.1.x86_64.rpm libproxy1-networkmanager-0.4.7-3.3.1.i586.rpm libproxy1-networkmanager-0.4.7-3.3.1.x86_64.rpm libproxy1-networkmanager-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-mozjs-0.4.7-3.3.1.i586.rpm libproxy1-pacrunner-mozjs-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-mozjs-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-webkit-0.4.7-3.3.1.i586.rpm libproxy1-pacrunner-webkit-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-webkit-32bit-0.4.7-3.3.1.x86_64.rpm perl-Net-Libproxy-0.4.7-6.3.1.i586.rpm perl-Net-Libproxy-0.4.7-6.3.1.x86_64.rpm python-libproxy-0.4.7-6.3.1.noarch.rpm libproxy-debugsource-0.4.7-6.3.1.i586.rpm libproxy-debugsource-0.4.7-6.3.1.x86_64.rpm libproxy-plugins-debugsource-0.4.7-3.3.1.i586.rpm libproxy-plugins-debugsource-0.4.7-3.3.1.x86_64.rpm libproxy-tools-debuginfo-0.4.7-6.3.1.i586.rpm libproxy-tools-debuginfo-0.4.7-6.3.1.x86_64.rpm libproxy1-config-gnome-debuginfo-0.4.7-3.3.1.i586.rpm libproxy1-config-gnome-debuginfo-0.4.7-3.3.1.x86_64.rpm libproxy1-config-gnome-debuginfo-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-config-kde4-debuginfo-0.4.7-3.3.1.i586.rpm libproxy1-config-kde4-debuginfo-0.4.7-3.3.1.x86_64.rpm libproxy1-debuginfo-0.4.7-6.3.1.i586.rpm libproxy1-debuginfo-0.4.7-6.3.1.x86_64.rpm libproxy1-debuginfo-32bit-0.4.7-6.3.1.x86_64.rpm libproxy1-networkmanager-debuginfo-0.4.7-3.3.1.i586.rpm libproxy1-networkmanager-debuginfo-0.4.7-3.3.1.x86_64.rpm libproxy1-networkmanager-debuginfo-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-mozjs-debuginfo-0.4.7-3.3.1.i586.rpm libproxy1-pacrunner-mozjs-debuginfo-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-mozjs-debuginfo-32bit-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-webkit-debuginfo-0.4.7-3.3.1.i586.rpm libproxy1-pacrunner-webkit-debuginfo-0.4.7-3.3.1.x86_64.rpm libproxy1-pacrunner-webkit-debuginfo-32bit-0.4.7-3.3.1.x86_64.rpm perl-Net-Libproxy-debuginfo-0.4.7-6.3.1.i586.rpm perl-Net-Libproxy-debuginfo-0.4.7-6.3.1.x86_64.rpm mozilla-nspr Important openSUSE 11.4 The mozilla NSPR libraries were updated to 4.8.9 to align with newer Mozilla seamonkey and Firefox releases. Interesting changes are: dbg114-mozilla-nspr-5022 mozilla-nspr-5022 new_updateinfo lots of bugfixes dbg114-mozilla-nspr-5022 mozilla-nspr-5022 new_updateinfo use AI_ADDRCONFIG for loopback hostnames (bmo#614526) dbg114-mozilla-nspr-5022 mozilla-nspr-5022 new_updateinfo support SDP sockets (bmo#518078) mozilla-nspr-4.8.9-1.3.1.i586.rpm mozilla-nspr-4.8.9-1.3.1.x86_64.rpm mozilla-nspr-32bit-4.8.9-1.3.1.x86_64.rpm mozilla-nspr-devel-4.8.9-1.3.1.i586.rpm mozilla-nspr-devel-4.8.9-1.3.1.x86_64.rpm mozilla-nspr-debuginfo-4.8.9-1.3.1.i586.rpm mozilla-nspr-debuginfo-4.8.9-1.3.1.x86_64.rpm mozilla-nspr-debuginfo-32bit-4.8.9-1.3.1.x86_64.rpm mozilla-nspr-debugsource-4.8.9-1.3.1.i586.rpm mozilla-nspr-debugsource-4.8.9-1.3.1.x86_64.rpm libfreebl3 Important openSUSE 11.4 The mozilla NSS libraries were updated to 3.12.11 to align with newer Mozilla seamonkey and Firefox releases. Interesting changes are: - blacklisting malicious root certificates - several bugfixes libfreebl3-3.12.11-1.3.1.i586.rpm libfreebl3-3.12.11-1.3.1.x86_64.rpm libfreebl3-32bit-3.12.11-1.3.1.x86_64.rpm libsoftokn3-3.12.11-1.3.1.i586.rpm libsoftokn3-3.12.11-1.3.1.x86_64.rpm libsoftokn3-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-3.12.11-1.3.1.i586.rpm mozilla-nss-3.12.11-1.3.1.x86_64.rpm mozilla-nss-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-certs-3.12.11-1.3.1.i586.rpm mozilla-nss-certs-3.12.11-1.3.1.x86_64.rpm mozilla-nss-certs-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-devel-3.12.11-1.3.1.i586.rpm mozilla-nss-devel-3.12.11-1.3.1.x86_64.rpm mozilla-nss-sysinit-3.12.11-1.3.1.i586.rpm mozilla-nss-sysinit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-sysinit-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-tools-3.12.11-1.3.1.i586.rpm mozilla-nss-tools-3.12.11-1.3.1.x86_64.rpm libfreebl3-debuginfo-3.12.11-1.3.1.i586.rpm libfreebl3-debuginfo-3.12.11-1.3.1.x86_64.rpm libfreebl3-debuginfo-32bit-3.12.11-1.3.1.x86_64.rpm libsoftokn3-debuginfo-3.12.11-1.3.1.i586.rpm libsoftokn3-debuginfo-3.12.11-1.3.1.x86_64.rpm libsoftokn3-debuginfo-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.12.11-1.3.1.i586.rpm mozilla-nss-certs-debuginfo-3.12.11-1.3.1.x86_64.rpm mozilla-nss-certs-debuginfo-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-debuginfo-3.12.11-1.3.1.i586.rpm mozilla-nss-debuginfo-3.12.11-1.3.1.x86_64.rpm mozilla-nss-debuginfo-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-debugsource-3.12.11-1.3.1.i586.rpm mozilla-nss-debugsource-3.12.11-1.3.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.3.1.i586.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.3.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-32bit-3.12.11-1.3.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.12.11-1.3.1.i586.rpm mozilla-nss-tools-debuginfo-3.12.11-1.3.1.x86_64.rpm seamonkey Important openSUSE 11.4 Mozilla Seamonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.ht ml Mozilla Foundation Security Advisory 2011-33 (MFSA 2011-33) Mozilla Foundation Security Advisory 2011-33 dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Miscellaneous memory safety hazards (rv:4.0) Mozilla identified and fixed several memory safety bugs in the browser engine used in SeaMonkey 2.2 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Aral Yaman reported a WebGL crash which affected SeaMonkey 2.2. (CVE-2011-2989) Vivekanand Bolajwar reported a JavaScript crash which affected SeaMonkey 2.2. (CVE-2011-2991) Bert Hubert and Theo Snelleman of Fox-IT reported a crash in the Ogg reader which affected SeaMonkey 2.2. (CVE-2011-2992) Mozilla developers and community members Robert Kaiser, Jesse Ruderman, moz_bug_r_a4, Mardeg, Gary Kwong, Christoph Diehl, Martijn Wargers, Travis Emmitt, Bob Clary and Jonathan Watt reported memory safety issues which affected SeaMonkey 2.2. (CVE-2011-2985) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Unsigned scripts can call script inside signed JAR Rafael Gieschke reported that unsigned JavaScript could call into script inside a signed JAR thereby inheriting the identity of the site that signed the JAR as well as any permissions that a user had granted the signed JAR. (CVE-2011-2993) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 String crash using WebGL shaders Michael Jordon of Context IS reported that an overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code. (CVE-2011-2988) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Heap overflow in ANGLE library Michael Jordon of Context IS reported a potentially exploitable heap overflow in the ANGLE library used by Mozilla's WebGL implementation. (CVE-2011-2987) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Crash in SVGTextElement.getCharNumAtPosition() Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability. (CVE-2011-0084) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Credential leakage using Content Security Policy reports Mike Cardwell reported that Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Daniel Veditz reported that redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy. (CVE-2011-2990) dbg114-seamonkey-5024 new_updateinfo seamonkey-5024 Cross-origin data theft using canvas and Windows D2D nasalislarvatus3000 reported that when using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain. (CVE-2011-2986) seamonkey-2.3-2.2.1.i586.rpm seamonkey-2.3-2.2.1.x86_64.rpm seamonkey-dom-inspector-2.3-2.2.1.i586.rpm seamonkey-dom-inspector-2.3-2.2.1.x86_64.rpm seamonkey-irc-2.3-2.2.1.i586.rpm seamonkey-irc-2.3-2.2.1.x86_64.rpm seamonkey-translations-common-2.3-2.2.1.i586.rpm seamonkey-translations-common-2.3-2.2.1.x86_64.rpm seamonkey-translations-other-2.3-2.2.1.i586.rpm seamonkey-translations-other-2.3-2.2.1.x86_64.rpm seamonkey-venkman-2.3-2.2.1.i586.rpm seamonkey-venkman-2.3-2.2.1.x86_64.rpm seamonkey-debuginfo-2.3-2.2.1.i586.rpm seamonkey-debuginfo-2.3-2.2.1.x86_64.rpm seamonkey-debugsource-2.3-2.2.1.i586.rpm seamonkey-debugsource-2.3-2.2.1.x86_64.rpm yast2-core Moderate openSUSE 11.4 This update contains yast2 core changes to change the hash generation of new passwords to the new secure style. Please read the general notes below: The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts). Affected passwords are potentially faster to crack via brute force methods (CVE-2011-2483). SUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method. This update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out. New passwords hashes are created with the id "$2y" to unambiguously identify them as generated with the correct implementation. Note: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update. Services that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm. FAQ: Q: I only use ASCII characters in passwords, am I a affected in any way? A: No. Q: What's the meaning of the ids before and after the update? A: Before the update: $2a -> buggy algorithm After the update: $2x -> buggy algorithm $2a -> correct algorithm $2y -> correct algorithm System logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm Q: How do I require users to change their password on next login? A: Run the following command as root for each user: chage -d 0 <username> Q: I run an application that has $2a hashes in it's password database. Some users complain that they can not log in anymore. A: Edit the password database and change the "$2a" prefix of the affected users' hashes to "$2x". They will be able to log in again but should change their password ASAP. Q: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd yast2-core-2.20.1-0.3.1.i586.rpm yast2-core-2.20.1-0.3.1.x86_64.rpm yast2-core-devel-2.20.1-0.3.1.i586.rpm yast2-core-devel-2.20.1-0.3.1.x86_64.rpm yast2-core-debuginfo-2.20.1-0.3.1.i586.rpm yast2-core-debuginfo-2.20.1-0.3.1.x86_64.rpm yast2-core-debugsource-2.20.1-0.3.1.i586.rpm yast2-core-debugsource-2.20.1-0.3.1.x86_64.rpm man-pages Moderate openSUSE 11.4 The crypt(3) manpage was updated to also list the 2y prefix. man-pages-3.32-4.5.1.noarch.rpm kdebase4-openSUSE Low openSUSE 11.4 This update fixes the build service search provider to search for openSUSE 11.4 packages by default (#695417) kdebase4-openSUSE-11.4-33.42.1.i586.rpm kdebase4-openSUSE-11.4-33.42.1.x86_64.rpm kdebase4-openSUSE-lang-11.4-33.42.1.noarch.rpm kdebase4-runtime-branding-openSUSE-11.4-33.42.1.i586.rpm kdebase4-runtime-branding-openSUSE-11.4-33.42.1.x86_64.rpm kdebase4-workspace-branding-openSUSE-11.4-33.42.1.i586.rpm kdebase4-workspace-branding-openSUSE-11.4-33.42.1.x86_64.rpm kdelibs4-branding-openSUSE-11.4-33.42.1.i586.rpm kdelibs4-branding-openSUSE-11.4-33.42.1.x86_64.rpm kdm-branding-openSUSE-11.4-33.42.1.i586.rpm kdm-branding-openSUSE-11.4-33.42.1.x86_64.rpm kio_sysinfo-11.4-33.42.1.i586.rpm kio_sysinfo-11.4-33.42.1.x86_64.rpm kio_sysinfo-branding-openSUSE-11.4-33.42.1.i586.rpm kio_sysinfo-branding-openSUSE-11.4-33.42.1.x86_64.rpm kdebase4-openSUSE-debuginfo-11.4-33.42.1.i586.rpm kdebase4-openSUSE-debuginfo-11.4-33.42.1.x86_64.rpm kdebase4-openSUSE-debugsource-11.4-33.42.1.i586.rpm kdebase4-openSUSE-debugsource-11.4-33.42.1.x86_64.rpm kdebase4-workspace-branding-openSUSE-debuginfo-11.4-33.42.1.i586.rpm kdebase4-workspace-branding-openSUSE-debuginfo-11.4-33.42.1.x86_64.rpm kio_sysinfo-debuginfo-11.4-33.42.1.i586.rpm kio_sysinfo-debuginfo-11.4-33.42.1.x86_64.rpm libxcrypt Moderate openSUSE 11.4 The security update for CVE-2011-2483 broke changing blowfish passwords if compat mode was turned on (default). This update fixes the regression. libxcrypt-3.0.3-9.12.1.i586.rpm libxcrypt-3.0.3-9.12.1.x86_64.rpm libxcrypt-32bit-3.0.3-9.12.1.x86_64.rpm libxcrypt-devel-3.0.3-9.12.1.i586.rpm libxcrypt-devel-3.0.3-9.12.1.x86_64.rpm libxcrypt-debuginfo-3.0.3-9.12.1.i586.rpm libxcrypt-debuginfo-3.0.3-9.12.1.x86_64.rpm libxcrypt-debuginfo-32bit-3.0.3-9.12.1.x86_64.rpm libxcrypt-debugsource-3.0.3-9.12.1.i586.rpm libxcrypt-debugsource-3.0.3-9.12.1.x86_64.rpm MozillaThunderbird Important openSUSE 11.4 Mozilla Thunderbird was updated to 3.1.12 fixing various bugs and security issues: Mozilla Foundation Security Advisory 2011-32 (MFSA 2011-32) http://www.mozilla.org/security/announce/2011/mfsa2011-32.ht ml Many of the issues listed below are not exploitable through mail since JavaScript is disabled by default in Thunderbird. These particular issues may be triggered while viewing RSS feeds and displaying full remote content rather than the feed summary. Addons that expose browser functionality may also enable such issues to be exploited. dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Miscellaneous memory safety hazards (rv:1.9.2.20) Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Thunderbird 3.1 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Gary Kwong, Igor Bukanov, Nils and Bob Clary reported memory safety issues which affected Thunderbird 3.1. (CVE-2011-2982) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Crash in SVGTextElement.getCharNumAtPosition() Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability. (CVE-2011-0084) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Privilege escalation using event handlers Mozilla security researcher moz_bug_r_a_4 reported a vulnerability in event management code that would permit JavaScript to be run in the wrong context, including that of a different website or potentially in a chrome-privileged context. (CVE-2011-2981) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Dangling pointer vulnerability in appendChild Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that appendChild did not correctly account for DOM objects it operated upon and could be exploited to dereference an invalid pointer. (CVE-2011-2378) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Privilege escalation dropping a tab element in content area Mozilla security researcher moz_bug_r_a4 reported that web content could receive chrome privileges if it registered for drop events and a browser tab element was dropped into the content area. (CVE-2011-2984) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Binary planting vulnerability in ThinkPadSensor::Startup Security researcher Mitja Kolsek of Acros Security reported that ThinkPadSensor::Startup could potentially be exploited to load a malicious DLL into the running process. (CVE-2011-2980) dbg114-MozillaThunderbird-5050 MozillaThunderbird-5050 new_updateinfo Private data leakage using RegExp.input Security researcher shutdown reported that data from other domains could be read when RegExp.input was set. (CVE-2011-2983) MozillaThunderbird-3.1.12-0.11.1.i586.rpm MozillaThunderbird-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.12-0.11.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-devel-3.1.12-0.11.1.i586.rpm MozillaThunderbird-devel-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.12-0.11.1.i586.rpm MozillaThunderbird-translations-common-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.12-0.11.1.i586.rpm MozillaThunderbird-translations-other-3.1.12-0.11.1.x86_64.rpm enigmail-1.1.2+3.1.12-0.11.1.i586.rpm enigmail-1.1.2+3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.12-0.11.1.i586.rpm MozillaThunderbird-debuginfo-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.12-0.11.1.i586.rpm MozillaThunderbird-debugsource-3.1.12-0.11.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.12-0.11.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.12-0.11.1.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.12-0.11.1.i586.rpm enigmail-debuginfo-1.1.2+3.1.12-0.11.1.x86_64.rpm ncpfs Moderate openSUSE 11.4 Following issues are fixed by this update: The ncpfs mount and umount programs were affected by the /etc/mtab truncation problems on RLIMIT_FSIZE. (CVE-2011-1679) Also on errors, the mtab lock was not removed, blocking other applications from modifying /etc/mtab. (CVE-2011-1680) ncpfs-2.2.6-169.170.1.i586.rpm ncpfs-2.2.6-169.170.1.x86_64.rpm ncpfs-32bit-2.2.6-169.170.1.x86_64.rpm ncpfs-devel-2.2.6-169.170.1.i586.rpm ncpfs-devel-2.2.6-169.170.1.x86_64.rpm ncpfs-debuginfo-2.2.6-169.170.1.i586.rpm ncpfs-debuginfo-2.2.6-169.170.1.x86_64.rpm ncpfs-debuginfo-32bit-2.2.6-169.170.1.x86_64.rpm ncpfs-debugsource-2.2.6-169.170.1.i586.rpm ncpfs-debugsource-2.2.6-169.170.1.x86_64.rpm valgrind Low openSUSE 11.4 This update adds back the 32bit helpers for debugging 32bit applications on x86_64 (bnc#705405) valgrind-3.6.1-1.12.1.i586.rpm valgrind-3.6.1-1.12.1.x86_64.rpm valgrind-devel-3.6.1-1.12.1.i586.rpm valgrind-devel-3.6.1-1.12.1.x86_64.rpm valgrind-debuginfo-3.6.1-1.12.1.i586.rpm valgrind-debuginfo-3.6.1-1.12.1.x86_64.rpm valgrind-debugsource-3.6.1-1.12.1.i586.rpm valgrind-debugsource-3.6.1-1.12.1.x86_64.rpm flash-player Important openSUSE 11.4 This update provides Flash Player 10.3.183.7: * Shared library/gotoAndPlay() or gotoAndStop() bug * Textfields are displaying text vertically in 10.3.183.5 release * Massive Animation Slowdown following install of FP 0.3.183.5 * Flash player 10.3 displays a black screen (2943064) * Sound repeating and building up bug (2941616) * Flash applications at certain websites (http://www.justin.tv, http://heylenmichel.de) now load correctly (2939645, 944081) flash-player-10.3.183.7-0.2.1.i586.rpm minicom Moderate openSUSE 11.4 This update fixes a regression introduced by the SUSE included lockdev patch which broke interoperability of minicom and mgetty. minicom-2.5-5.8.1.i586.rpm minicom-2.5-5.8.1.x86_64.rpm minicom-debuginfo-2.5-5.8.1.i586.rpm minicom-debuginfo-2.5-5.8.1.x86_64.rpm minicom-debugsource-2.5-5.8.1.i586.rpm minicom-debugsource-2.5-5.8.1.x86_64.rpm autofs Low openSUSE 11.4 This update fixes the following issues for AutoFS: - 696596: fix null cache deadlock - 667967: fix out of order locking in readmap - 677143, 698589: add upstream fixes for the "non-expiring mounts" problem - 682268: replace GPLv3 code - 684997: init script: use misc device (/dev/autofs) by default, unless it is explicitly disabled in sysconfig autofs-5.0.5-14.19.1.i586.rpm autofs-5.0.5-14.19.1.x86_64.rpm autofs-debuginfo-5.0.5-14.19.1.i586.rpm autofs-debuginfo-5.0.5-14.19.1.x86_64.rpm autofs-debugsource-5.0.5-14.19.1.i586.rpm autofs-debugsource-5.0.5-14.19.1.x86_64.rpm mcelog Low openSUSE 11.4 This update removes a left over debugging mail target that might have sent emails to the SUSE packager of mcelog: - #713562: mcelog should NOT email trenn@suse.de by default mcelog-1.0pre3.6363f5b719e9-4.5.1.x86_64.rpm mcelog-debuginfo-1.0pre3.6363f5b719e9-4.5.1.x86_64.rpm mcelog-debugsource-1.0pre3.6363f5b719e9-4.5.1.x86_64.rpm dhcp Moderate openSUSE 11.4 This update of dhcp fixes two Denial of Service (CVE-2011-2748, CVE-2011-2749) vulnerabilities caused by specially crafted BOOTP packets. Also following bugs were fixed: - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp. - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). dhcp-4.2.1-0.9.1.i586.rpm dhcp-4.2.1-0.9.1.x86_64.rpm dhcp-client-4.2.1-0.9.1.i586.rpm dhcp-client-4.2.1-0.9.1.x86_64.rpm dhcp-devel-4.2.1-0.9.1.i586.rpm dhcp-devel-4.2.1-0.9.1.x86_64.rpm dhcp-doc-4.2.1-0.9.1.i586.rpm dhcp-doc-4.2.1-0.9.1.x86_64.rpm dhcp-relay-4.2.1-0.9.1.i586.rpm dhcp-relay-4.2.1-0.9.1.x86_64.rpm dhcp-server-4.2.1-0.9.1.i586.rpm dhcp-server-4.2.1-0.9.1.x86_64.rpm dhcp-client-debuginfo-4.2.1-0.9.1.i586.rpm dhcp-client-debuginfo-4.2.1-0.9.1.x86_64.rpm dhcp-debuginfo-4.2.1-0.9.1.i586.rpm dhcp-debuginfo-4.2.1-0.9.1.x86_64.rpm dhcp-debugsource-4.2.1-0.9.1.i586.rpm dhcp-debugsource-4.2.1-0.9.1.x86_64.rpm dhcp-relay-debuginfo-4.2.1-0.9.1.i586.rpm dhcp-relay-debuginfo-4.2.1-0.9.1.x86_64.rpm dhcp-server-debuginfo-4.2.1-0.9.1.i586.rpm dhcp-server-debuginfo-4.2.1-0.9.1.x86_64.rpm ca-certificates-mozilla Important openSUSE 11.4 This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA. ca-certificates-mozilla-1.76-1.3.1.noarch.rpm libHX Low openSUSE 11.4 This update of libHX and pam_mount fixes: - #671276: pam_mount leaves stuff in /dev/mapper and does not unmount encrypted partitions libHX-devel-3.11-4.3.1.i586.rpm libHX-devel-3.11-4.3.1.x86_64.rpm libHX27-3.11-4.3.1.i586.rpm libHX27-3.11-4.3.1.x86_64.rpm libHX27-32bit-3.11-4.3.1.x86_64.rpm pam_mount-2.11-2.5.1.i586.rpm pam_mount-2.11-2.5.1.x86_64.rpm pam_mount-32bit-2.11-2.5.1.x86_64.rpm libHX-debugsource-3.11-4.3.1.i586.rpm libHX-debugsource-3.11-4.3.1.x86_64.rpm libHX-devel-debuginfo-3.11-4.3.1.i586.rpm libHX-devel-debuginfo-3.11-4.3.1.x86_64.rpm libHX27-debuginfo-3.11-4.3.1.i586.rpm libHX27-debuginfo-3.11-4.3.1.x86_64.rpm libHX27-debuginfo-32bit-3.11-4.3.1.x86_64.rpm pam_mount-debuginfo-2.11-2.5.1.i586.rpm pam_mount-debuginfo-2.11-2.5.1.x86_64.rpm pam_mount-debuginfo-32bit-2.11-2.5.1.x86_64.rpm pam_mount-debugsource-2.11-2.5.1.i586.rpm pam_mount-debugsource-2.11-2.5.1.x86_64.rpm unzip Low openSUSE 11.4 This update fixes the following issue for unzip: - 620483: Unzip didn't print multibyte characters in file and directory names because it used the isprint(3) function without a correctly set locale. With this update it uses a different way to determine whether a character is printable. unzip-6.00-6.7.1.i586.rpm unzip-6.00-6.7.1.x86_64.rpm unzip-debuginfo-6.00-6.7.1.i586.rpm unzip-debuginfo-6.00-6.7.1.x86_64.rpm unzip-debugsource-6.00-6.7.1.i586.rpm unzip-debugsource-6.00-6.7.1.x86_64.rpm apache2 Important openSUSE 11.4 This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . (CVE-2011-3192) apache2-2.2.17-4.7.1.i586.rpm apache2-2.2.17-4.7.1.x86_64.rpm apache2-devel-2.2.17-4.7.1.i586.rpm apache2-devel-2.2.17-4.7.1.x86_64.rpm apache2-doc-2.2.17-4.7.1.noarch.rpm apache2-example-certificates-2.2.17-4.7.1.i586.rpm apache2-example-certificates-2.2.17-4.7.1.x86_64.rpm apache2-example-pages-2.2.17-4.7.1.i586.rpm apache2-example-pages-2.2.17-4.7.1.x86_64.rpm apache2-itk-2.2.17-4.7.1.i586.rpm apache2-itk-2.2.17-4.7.1.x86_64.rpm apache2-prefork-2.2.17-4.7.1.i586.rpm apache2-prefork-2.2.17-4.7.1.x86_64.rpm apache2-utils-2.2.17-4.7.1.i586.rpm apache2-utils-2.2.17-4.7.1.x86_64.rpm apache2-worker-2.2.17-4.7.1.i586.rpm apache2-worker-2.2.17-4.7.1.x86_64.rpm apache2-debuginfo-2.2.17-4.7.1.i586.rpm apache2-debuginfo-2.2.17-4.7.1.x86_64.rpm apache2-debugsource-2.2.17-4.7.1.i586.rpm apache2-debugsource-2.2.17-4.7.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.7.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.7.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.7.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.7.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.7.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.7.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.7.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.7.1.x86_64.rpm gwenview Moderate openSUSE 11.4 - #688262: okular segfaults on computer that boots with "nomodeset" gwenview-4.6.0-6.11.1.i586.rpm gwenview-4.6.0-6.11.1.x86_64.rpm kcolorchooser-4.6.0-6.11.1.i586.rpm kcolorchooser-4.6.0-6.11.1.x86_64.rpm kdegraphics4-4.6.0-6.11.1.i586.rpm kdegraphics4-4.6.0-6.11.1.x86_64.rpm kgamma-4.6.0-6.11.1.i586.rpm kgamma-4.6.0-6.11.1.x86_64.rpm kio_kamera-4.6.0-6.11.1.i586.rpm kio_kamera-4.6.0-6.11.1.x86_64.rpm kolourpaint-4.6.0-6.11.1.i586.rpm kolourpaint-4.6.0-6.11.1.x86_64.rpm kruler-4.6.0-6.11.1.i586.rpm kruler-4.6.0-6.11.1.x86_64.rpm ksnapshot-4.6.0-6.11.1.i586.rpm ksnapshot-4.6.0-6.11.1.x86_64.rpm libkdcraw-devel-4.6.0-6.11.1.i586.rpm libkdcraw-devel-4.6.0-6.11.1.x86_64.rpm libkdcraw9-4.6.0-6.11.1.i586.rpm libkdcraw9-4.6.0-6.11.1.x86_64.rpm libkexiv2-9-4.6.0-6.11.1.i586.rpm libkexiv2-9-4.6.0-6.11.1.x86_64.rpm libkexiv2-devel-4.6.0-6.11.1.i586.rpm libkexiv2-devel-4.6.0-6.11.1.x86_64.rpm libkipi-devel-4.6.0-6.11.1.i586.rpm libkipi-devel-4.6.0-6.11.1.x86_64.rpm libkipi8-4.6.0-6.11.1.i586.rpm libkipi8-4.6.0-6.11.1.x86_64.rpm libksane-devel-4.6.0-6.11.1.i586.rpm libksane-devel-4.6.0-6.11.1.x86_64.rpm libksane0-4.6.0-6.11.1.i586.rpm libksane0-4.6.0-6.11.1.x86_64.rpm okular-4.6.0-6.11.1.i586.rpm okular-4.6.0-6.11.1.x86_64.rpm okular-devel-4.6.0-6.11.1.i586.rpm okular-devel-4.6.0-6.11.1.x86_64.rpm gwenview-debuginfo-4.6.0-6.11.1.i586.rpm gwenview-debuginfo-4.6.0-6.11.1.x86_64.rpm kcolorchooser-debuginfo-4.6.0-6.11.1.i586.rpm kcolorchooser-debuginfo-4.6.0-6.11.1.x86_64.rpm kdegraphics4-debuginfo-4.6.0-6.11.1.i586.rpm kdegraphics4-debuginfo-4.6.0-6.11.1.x86_64.rpm kdegraphics4-debugsource-4.6.0-6.11.1.i586.rpm kdegraphics4-debugsource-4.6.0-6.11.1.x86_64.rpm kgamma-debuginfo-4.6.0-6.11.1.i586.rpm kgamma-debuginfo-4.6.0-6.11.1.x86_64.rpm kio_kamera-debuginfo-4.6.0-6.11.1.i586.rpm kio_kamera-debuginfo-4.6.0-6.11.1.x86_64.rpm kolourpaint-debuginfo-4.6.0-6.11.1.i586.rpm kolourpaint-debuginfo-4.6.0-6.11.1.x86_64.rpm kruler-debuginfo-4.6.0-6.11.1.i586.rpm kruler-debuginfo-4.6.0-6.11.1.x86_64.rpm ksnapshot-debuginfo-4.6.0-6.11.1.i586.rpm ksnapshot-debuginfo-4.6.0-6.11.1.x86_64.rpm libkdcraw9-debuginfo-4.6.0-6.11.1.i586.rpm libkdcraw9-debuginfo-4.6.0-6.11.1.x86_64.rpm libkexiv2-9-debuginfo-4.6.0-6.11.1.i586.rpm libkexiv2-9-debuginfo-4.6.0-6.11.1.x86_64.rpm libkipi8-debuginfo-4.6.0-6.11.1.i586.rpm libkipi8-debuginfo-4.6.0-6.11.1.x86_64.rpm libksane0-debuginfo-4.6.0-6.11.1.i586.rpm libksane0-debuginfo-4.6.0-6.11.1.x86_64.rpm okular-debuginfo-4.6.0-6.11.1.i586.rpm okular-debuginfo-4.6.0-6.11.1.x86_64.rpm squid3 Important openSUSE 11.4 This update of squid3 fixes a buffer overflow vulnerability in the Gopher reply parser code (CVE-2011-3205). squid3-3.1.11-4.7.1.i586.rpm squid3-3.1.11-4.7.1.x86_64.rpm squid3-debuginfo-3.1.11-4.7.1.i586.rpm squid3-debuginfo-3.1.11-4.7.1.x86_64.rpm squid3-debugsource-3.1.11-4.7.1.i586.rpm squid3-debugsource-3.1.11-4.7.1.x86_64.rpm libfreebl3 Important openSUSE 11.4 This update updates mozilla nss to 3.12.11. It blacklists the lately compromised DigiNotar Certificate Authority. libfreebl3-3.12.11-1.5.1.i586.rpm libfreebl3-3.12.11-1.5.1.x86_64.rpm libfreebl3-32bit-3.12.11-1.5.1.x86_64.rpm libsoftokn3-3.12.11-1.5.1.i586.rpm libsoftokn3-3.12.11-1.5.1.x86_64.rpm libsoftokn3-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-3.12.11-1.5.1.i586.rpm mozilla-nss-3.12.11-1.5.1.x86_64.rpm mozilla-nss-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-certs-3.12.11-1.5.1.i586.rpm mozilla-nss-certs-3.12.11-1.5.1.x86_64.rpm mozilla-nss-certs-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-devel-3.12.11-1.5.1.i586.rpm mozilla-nss-devel-3.12.11-1.5.1.x86_64.rpm mozilla-nss-sysinit-3.12.11-1.5.1.i586.rpm mozilla-nss-sysinit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-sysinit-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-tools-3.12.11-1.5.1.i586.rpm mozilla-nss-tools-3.12.11-1.5.1.x86_64.rpm libfreebl3-debuginfo-3.12.11-1.5.1.i586.rpm libfreebl3-debuginfo-3.12.11-1.5.1.x86_64.rpm libfreebl3-debuginfo-32bit-3.12.11-1.5.1.x86_64.rpm libsoftokn3-debuginfo-3.12.11-1.5.1.i586.rpm libsoftokn3-debuginfo-3.12.11-1.5.1.x86_64.rpm libsoftokn3-debuginfo-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.12.11-1.5.1.i586.rpm mozilla-nss-certs-debuginfo-3.12.11-1.5.1.x86_64.rpm mozilla-nss-certs-debuginfo-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-debuginfo-3.12.11-1.5.1.i586.rpm mozilla-nss-debuginfo-3.12.11-1.5.1.x86_64.rpm mozilla-nss-debuginfo-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-debugsource-3.12.11-1.5.1.i586.rpm mozilla-nss-debugsource-3.12.11-1.5.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.5.1.i586.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.5.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-32bit-3.12.11-1.5.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.12.11-1.5.1.i586.rpm mozilla-nss-tools-debuginfo-3.12.11-1.5.1.x86_64.rpm otrs Moderate openSUSE 11.4 OTRS administrators may read arbitrary local files (CVE-2011-2746). OTRS was updated to version 2.4.11 which fixes the issue. otrs-2.4.11-0.7.1.noarch.rpm otrs-doc-2.4.11-0.7.1.noarch.rpm otrs-itsm-2.1.4-0.7.1.noarch.rpm rsyslog Moderate openSUSE 11.4 Specially crafted log messages could crash rsyslogd (CVE-2011-3200). rsyslog-5.6.5-1.5.1.i586.rpm rsyslog-5.6.5-1.5.1.x86_64.rpm rsyslog-diag-tools-5.6.5-1.5.1.i586.rpm rsyslog-diag-tools-5.6.5-1.5.1.x86_64.rpm rsyslog-doc-5.6.5-1.5.1.i586.rpm rsyslog-doc-5.6.5-1.5.1.x86_64.rpm rsyslog-module-dbi-5.6.5-1.5.1.i586.rpm rsyslog-module-dbi-5.6.5-1.5.1.x86_64.rpm rsyslog-module-gssapi-5.6.5-1.5.1.i586.rpm rsyslog-module-gssapi-5.6.5-1.5.1.x86_64.rpm rsyslog-module-gtls-5.6.5-1.5.1.i586.rpm rsyslog-module-gtls-5.6.5-1.5.1.x86_64.rpm rsyslog-module-mysql-5.6.5-1.5.1.i586.rpm rsyslog-module-mysql-5.6.5-1.5.1.x86_64.rpm rsyslog-module-pgsql-5.6.5-1.5.1.i586.rpm rsyslog-module-pgsql-5.6.5-1.5.1.x86_64.rpm rsyslog-module-relp-5.6.5-1.5.1.i586.rpm rsyslog-module-relp-5.6.5-1.5.1.x86_64.rpm rsyslog-module-snmp-5.6.5-1.5.1.i586.rpm rsyslog-module-snmp-5.6.5-1.5.1.x86_64.rpm rsyslog-module-udpspoof-5.6.5-1.5.1.i586.rpm rsyslog-module-udpspoof-5.6.5-1.5.1.x86_64.rpm rsyslog-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-debugsource-5.6.5-1.5.1.i586.rpm rsyslog-debugsource-5.6.5-1.5.1.x86_64.rpm rsyslog-diag-tools-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-diag-tools-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-dbi-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-dbi-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-gssapi-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-gssapi-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-gtls-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-gtls-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-mysql-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-mysql-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-pgsql-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-pgsql-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-relp-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-relp-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-snmp-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-snmp-debuginfo-5.6.5-1.5.1.x86_64.rpm rsyslog-module-udpspoof-debuginfo-5.6.5-1.5.1.i586.rpm rsyslog-module-udpspoof-debuginfo-5.6.5-1.5.1.x86_64.rpm libpciaccess0 Important openSUSE 11.4 Specially crafted font files could cause a buffer overflow in applications that use libXfont to load such files (CVE-2011-2895). libpciaccess0-7.6-17.18.1.i586.rpm libpciaccess0-7.6-17.18.1.x86_64.rpm libpciaccess0-32bit-7.6-17.18.1.x86_64.rpm libpciaccess0-devel-7.6-17.18.1.i586.rpm libpciaccess0-devel-7.6-17.18.1.x86_64.rpm xorg-x11-devel-7.6-17.18.1.i586.rpm xorg-x11-devel-7.6-17.18.1.x86_64.rpm xorg-x11-devel-32bit-7.6-17.18.1.x86_64.rpm xorg-x11-libs-7.6-17.18.1.i586.rpm xorg-x11-libs-7.6-17.18.1.x86_64.rpm xorg-x11-libs-32bit-7.6-17.18.1.x86_64.rpm libpciaccess0-debuginfo-7.6-17.18.1.i586.rpm libpciaccess0-debuginfo-7.6-17.18.1.x86_64.rpm libpciaccess0-debuginfo-32bit-7.6-17.18.1.x86_64.rpm xorg-x11-libs-debuginfo-7.6-17.18.1.i586.rpm xorg-x11-libs-debuginfo-7.6-17.18.1.x86_64.rpm xorg-x11-libs-debuginfo-32bit-7.6-17.18.1.x86_64.rpm xorg-x11-libs-debugsource-7.6-17.18.1.i586.rpm xorg-x11-libs-debugsource-7.6-17.18.1.x86_64.rpm timezone-2011i Moderate openSUSE 11.4 This update provides 2011i which provides the following important changes: dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 Russia is abolishing daylight saving time. dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 iso3166 code for America/Curacao changed from AN to CW dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 Add Africa/Juba (South Sudan) zone dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 Use KALT as abbreviation for Europe/Kalinigrad from spring 2011 forward dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 Newfoundland changes time of day for DST start and end to 2:00 a.m. starting fall 2011 and forward dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 Change America/Resolute use of EST to 2006-2007 only dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 iso3166.tab Add SS (South Sudan) entry. dbg114-timezone-2011i-5108 new_updateinfo timezone-2011i-5108 zone.tab Change America/Resolute entry to Central Standard Time. timezone-2011i-2.2.1.i586.rpm timezone-2011i-2.2.1.x86_64.rpm timezone-java-2011i-1.2.1.noarch.rpm timezone-debuginfo-2011i-2.2.1.i586.rpm timezone-debuginfo-2011i-2.2.1.x86_64.rpm timezone-debugsource-2011i-2.2.1.i586.rpm timezone-debugsource-2011i-2.2.1.x86_64.rpm apache2-mod_php5 Moderate openSUSE 11.4 The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash (CVE-2011-2483). After this update existing hashes with id "$2a$" for passwords that contain 8-bit characters will no longer be compatible with newly generated hashes. Affected users will either have to change their password to store a new hash or the id of the existing hash has to be manually changed to "$2x$" in order to activate a compat mode. Please see the description of the CVE-2011-2483 glibc update for details. File uploads could potentially overwrite files owned by the user running php (CVE-2011-2202). A long salt argument to the crypt function could cause a buffer overflow (CVE-2011-3268) Incorrect implementation of the error_log function could crash php (CVE-2011-3267) apache2-mod_php5-5.3.5-5.16.1.i586.rpm apache2-mod_php5-5.3.5-5.16.1.x86_64.rpm php5-5.3.5-5.16.1.i586.rpm php5-5.3.5-5.16.1.x86_64.rpm php5-bcmath-5.3.5-5.16.1.i586.rpm php5-bcmath-5.3.5-5.16.1.x86_64.rpm php5-bz2-5.3.5-5.16.1.i586.rpm php5-bz2-5.3.5-5.16.1.x86_64.rpm php5-calendar-5.3.5-5.16.1.i586.rpm php5-calendar-5.3.5-5.16.1.x86_64.rpm php5-ctype-5.3.5-5.16.1.i586.rpm php5-ctype-5.3.5-5.16.1.x86_64.rpm php5-curl-5.3.5-5.16.1.i586.rpm php5-curl-5.3.5-5.16.1.x86_64.rpm php5-dba-5.3.5-5.16.1.i586.rpm php5-dba-5.3.5-5.16.1.x86_64.rpm php5-devel-5.3.5-5.16.1.i586.rpm php5-devel-5.3.5-5.16.1.x86_64.rpm php5-dom-5.3.5-5.16.1.i586.rpm php5-dom-5.3.5-5.16.1.x86_64.rpm php5-enchant-5.3.5-5.16.1.i586.rpm php5-enchant-5.3.5-5.16.1.x86_64.rpm php5-exif-5.3.5-5.16.1.i586.rpm php5-exif-5.3.5-5.16.1.x86_64.rpm php5-fastcgi-5.3.5-5.16.1.i586.rpm php5-fastcgi-5.3.5-5.16.1.x86_64.rpm php5-fileinfo-5.3.5-5.16.1.i586.rpm php5-fileinfo-5.3.5-5.16.1.x86_64.rpm php5-fpm-5.3.5-5.16.1.i586.rpm php5-fpm-5.3.5-5.16.1.x86_64.rpm php5-ftp-5.3.5-5.16.1.i586.rpm php5-ftp-5.3.5-5.16.1.x86_64.rpm php5-gd-5.3.5-5.16.1.i586.rpm php5-gd-5.3.5-5.16.1.x86_64.rpm php5-gettext-5.3.5-5.16.1.i586.rpm php5-gettext-5.3.5-5.16.1.x86_64.rpm php5-gmp-5.3.5-5.16.1.i586.rpm php5-gmp-5.3.5-5.16.1.x86_64.rpm php5-hash-5.3.5-5.16.1.i586.rpm php5-hash-5.3.5-5.16.1.x86_64.rpm php5-iconv-5.3.5-5.16.1.i586.rpm php5-iconv-5.3.5-5.16.1.x86_64.rpm php5-imap-5.3.5-5.16.1.i586.rpm php5-imap-5.3.5-5.16.1.x86_64.rpm php5-intl-5.3.5-5.16.1.i586.rpm php5-intl-5.3.5-5.16.1.x86_64.rpm php5-json-5.3.5-5.16.1.i586.rpm php5-json-5.3.5-5.16.1.x86_64.rpm php5-ldap-5.3.5-5.16.1.i586.rpm php5-ldap-5.3.5-5.16.1.x86_64.rpm php5-mbstring-5.3.5-5.16.1.i586.rpm php5-mbstring-5.3.5-5.16.1.x86_64.rpm php5-mcrypt-5.3.5-5.16.1.i586.rpm php5-mcrypt-5.3.5-5.16.1.x86_64.rpm php5-mysql-5.3.5-5.16.1.i586.rpm php5-mysql-5.3.5-5.16.1.x86_64.rpm php5-odbc-5.3.5-5.16.1.i586.rpm php5-odbc-5.3.5-5.16.1.x86_64.rpm php5-openssl-5.3.5-5.16.1.i586.rpm php5-openssl-5.3.5-5.16.1.x86_64.rpm php5-pcntl-5.3.5-5.16.1.i586.rpm php5-pcntl-5.3.5-5.16.1.x86_64.rpm php5-pdo-5.3.5-5.16.1.i586.rpm php5-pdo-5.3.5-5.16.1.x86_64.rpm php5-pear-5.3.5-5.16.1.noarch.rpm php5-pgsql-5.3.5-5.16.1.i586.rpm php5-pgsql-5.3.5-5.16.1.x86_64.rpm php5-phar-5.3.5-5.16.1.i586.rpm php5-phar-5.3.5-5.16.1.x86_64.rpm php5-posix-5.3.5-5.16.1.i586.rpm php5-posix-5.3.5-5.16.1.x86_64.rpm php5-pspell-5.3.5-5.16.1.i586.rpm php5-pspell-5.3.5-5.16.1.x86_64.rpm php5-readline-5.3.5-5.16.1.i586.rpm php5-readline-5.3.5-5.16.1.x86_64.rpm php5-shmop-5.3.5-5.16.1.i586.rpm php5-shmop-5.3.5-5.16.1.x86_64.rpm php5-snmp-5.3.5-5.16.1.i586.rpm php5-snmp-5.3.5-5.16.1.x86_64.rpm php5-soap-5.3.5-5.16.1.i586.rpm php5-soap-5.3.5-5.16.1.x86_64.rpm php5-sockets-5.3.5-5.16.1.i586.rpm php5-sockets-5.3.5-5.16.1.x86_64.rpm php5-sqlite-5.3.5-5.16.1.i586.rpm php5-sqlite-5.3.5-5.16.1.x86_64.rpm php5-suhosin-5.3.5-5.16.1.i586.rpm php5-suhosin-5.3.5-5.16.1.x86_64.rpm php5-sysvmsg-5.3.5-5.16.1.i586.rpm php5-sysvmsg-5.3.5-5.16.1.x86_64.rpm php5-sysvsem-5.3.5-5.16.1.i586.rpm php5-sysvsem-5.3.5-5.16.1.x86_64.rpm php5-sysvshm-5.3.5-5.16.1.i586.rpm php5-sysvshm-5.3.5-5.16.1.x86_64.rpm php5-tidy-5.3.5-5.16.1.i586.rpm php5-tidy-5.3.5-5.16.1.x86_64.rpm php5-tokenizer-5.3.5-5.16.1.i586.rpm php5-tokenizer-5.3.5-5.16.1.x86_64.rpm php5-wddx-5.3.5-5.16.1.i586.rpm php5-wddx-5.3.5-5.16.1.x86_64.rpm php5-xmlreader-5.3.5-5.16.1.i586.rpm php5-xmlreader-5.3.5-5.16.1.x86_64.rpm php5-xmlrpc-5.3.5-5.16.1.i586.rpm php5-xmlrpc-5.3.5-5.16.1.x86_64.rpm php5-xmlwriter-5.3.5-5.16.1.i586.rpm php5-xmlwriter-5.3.5-5.16.1.x86_64.rpm php5-xsl-5.3.5-5.16.1.i586.rpm php5-xsl-5.3.5-5.16.1.x86_64.rpm php5-zip-5.3.5-5.16.1.i586.rpm php5-zip-5.3.5-5.16.1.x86_64.rpm php5-zlib-5.3.5-5.16.1.i586.rpm php5-zlib-5.3.5-5.16.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-5.16.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-5.16.1.i586.rpm php5-bcmath-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-5.16.1.i586.rpm php5-bz2-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-5.16.1.i586.rpm php5-calendar-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-5.16.1.i586.rpm php5-ctype-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-curl-debuginfo-5.3.5-5.16.1.i586.rpm php5-curl-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-dba-debuginfo-5.3.5-5.16.1.i586.rpm php5-dba-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-debuginfo-5.3.5-5.16.1.i586.rpm php5-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-debugsource-5.3.5-5.16.1.i586.rpm php5-debugsource-5.3.5-5.16.1.x86_64.rpm php5-dom-debuginfo-5.3.5-5.16.1.i586.rpm php5-dom-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-5.16.1.i586.rpm php5-enchant-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-exif-debuginfo-5.3.5-5.16.1.i586.rpm php5-exif-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-5.16.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-5.16.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-5.16.1.i586.rpm php5-fpm-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-5.16.1.i586.rpm php5-ftp-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-gd-debuginfo-5.3.5-5.16.1.i586.rpm php5-gd-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-5.16.1.i586.rpm php5-gettext-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-5.16.1.i586.rpm php5-gmp-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-hash-debuginfo-5.3.5-5.16.1.i586.rpm php5-hash-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-5.16.1.i586.rpm php5-iconv-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-imap-debuginfo-5.3.5-5.16.1.i586.rpm php5-imap-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-intl-debuginfo-5.3.5-5.16.1.i586.rpm php5-intl-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-json-debuginfo-5.3.5-5.16.1.i586.rpm php5-json-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-5.16.1.i586.rpm php5-ldap-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-5.16.1.i586.rpm php5-mbstring-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-5.16.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-5.16.1.i586.rpm php5-mysql-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-5.16.1.i586.rpm php5-odbc-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-5.16.1.i586.rpm php5-openssl-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-5.16.1.i586.rpm php5-pcntl-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-5.16.1.i586.rpm php5-pdo-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-5.16.1.i586.rpm php5-pgsql-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-phar-debuginfo-5.3.5-5.16.1.i586.rpm php5-phar-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-posix-debuginfo-5.3.5-5.16.1.i586.rpm php5-posix-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-5.16.1.i586.rpm php5-pspell-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-readline-debuginfo-5.3.5-5.16.1.i586.rpm php5-readline-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-5.16.1.i586.rpm php5-shmop-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-5.16.1.i586.rpm php5-snmp-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-soap-debuginfo-5.3.5-5.16.1.i586.rpm php5-soap-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-5.16.1.i586.rpm php5-sockets-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-5.16.1.i586.rpm php5-sqlite-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-5.16.1.i586.rpm php5-suhosin-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-5.16.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-5.16.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-5.16.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-5.16.1.i586.rpm php5-tidy-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-5.16.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-5.16.1.i586.rpm php5-wddx-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-5.16.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-5.16.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-5.16.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-5.16.1.i586.rpm php5-xsl-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-zip-debuginfo-5.3.5-5.16.1.i586.rpm php5-zip-debuginfo-5.3.5-5.16.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-5.16.1.i586.rpm php5-zlib-debuginfo-5.3.5-5.16.1.x86_64.rpm sudo Low openSUSE 11.4 Update sudo to version 1.7.6p2 and package missing LDAP sudo.schema file. See /usr/share/doc/packages/sudo/NEWS for further details. sudo-1.7.6p2-0.3.1.i586.rpm sudo-1.7.6p2-0.3.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.3.1.i586.rpm sudo-debuginfo-1.7.6p2-0.3.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.3.1.i586.rpm sudo-debugsource-1.7.6p2-0.3.1.x86_64.rpm opera Moderate openSUSE 11.4 The Opera browser received a security and bugfix update to 11.51. More information can be found here: http://www.opera.com/docs/changelogs/unix/1151/ CVE-2011-3388 - incorrect security information display CVE-2011-3389 - unspecified "low severity issue, as reported by Thai Duong and Juliano Rizzo." opera-11.51-0.2.1.i586.rpm opera-11.51-0.2.1.x86_64.rpm opera-gtk-11.51-0.2.1.i586.rpm opera-gtk-11.51-0.2.1.x86_64.rpm opera-kde4-11.51-0.2.1.i586.rpm opera-kde4-11.51-0.2.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 This update brings Mozilla Firefox to 6.0.2. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml MozillaFirefox-6.0.2-0.2.1.i586.rpm MozillaFirefox-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-6.0.2-0.2.1.i586.rpm MozillaFirefox-branding-upstream-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-6.0.2-0.2.1.i586.rpm MozillaFirefox-buildsymbols-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-devel-6.0.2-0.2.1.i586.rpm MozillaFirefox-devel-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-translations-common-6.0.2-0.2.1.i586.rpm MozillaFirefox-translations-common-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-translations-other-6.0.2-0.2.1.i586.rpm MozillaFirefox-translations-other-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-6.0.2-0.2.1.i586.rpm MozillaFirefox-debuginfo-6.0.2-0.2.1.x86_64.rpm MozillaFirefox-debugsource-6.0.2-0.2.1.i586.rpm MozillaFirefox-debugsource-6.0.2-0.2.1.x86_64.rpm MozillaThunderbird Important openSUSE 11.4 This update brings Mozilla Thunderbird to 3.1.13. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml MozillaThunderbird-3.1.14-0.15.1.i586.rpm MozillaThunderbird-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.14-0.15.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-devel-3.1.14-0.15.1.i586.rpm MozillaThunderbird-devel-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.14-0.15.1.i586.rpm MozillaThunderbird-translations-common-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.14-0.15.1.i586.rpm MozillaThunderbird-translations-other-3.1.14-0.15.1.x86_64.rpm enigmail-1.1.2+3.1.14-0.15.1.i586.rpm enigmail-1.1.2+3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.14-0.15.1.i586.rpm MozillaThunderbird-debuginfo-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.14-0.15.1.i586.rpm MozillaThunderbird-debugsource-3.1.14-0.15.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.14-0.15.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.14-0.15.1.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.14-0.15.1.i586.rpm enigmail-debuginfo-1.1.2+3.1.14-0.15.1.x86_64.rpm seamonkey Important openSUSE 11.4 This update brings Mozilla Seamonkey to 2.3.3. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml seamonkey-2.3.3-0.2.1.i586.rpm seamonkey-2.3.3-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.3.3-0.2.1.i586.rpm seamonkey-dom-inspector-2.3.3-0.2.1.x86_64.rpm seamonkey-irc-2.3.3-0.2.1.i586.rpm seamonkey-irc-2.3.3-0.2.1.x86_64.rpm seamonkey-translations-common-2.3.3-0.2.1.i586.rpm seamonkey-translations-common-2.3.3-0.2.1.x86_64.rpm seamonkey-translations-other-2.3.3-0.2.1.i586.rpm seamonkey-translations-other-2.3.3-0.2.1.x86_64.rpm seamonkey-venkman-2.3.3-0.2.1.i586.rpm seamonkey-venkman-2.3.3-0.2.1.x86_64.rpm seamonkey-debuginfo-2.3.3-0.2.1.i586.rpm seamonkey-debuginfo-2.3.3-0.2.1.x86_64.rpm seamonkey-debugsource-2.3.3-0.2.1.i586.rpm seamonkey-debugsource-2.3.3-0.2.1.x86_64.rpm mozilla-js192 Important openSUSE 11.4 This update brings Mozilla XULRunner to 1.9.2.22 The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml mozilla-js192-1.9.2.22-0.2.1.i586.rpm mozilla-js192-1.9.2.22-0.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.22-0.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.22-0.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.22-0.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.22-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.22-0.2.1.x86_64.rpm libQtWebKit-devel Low openSUSE 11.4 Specially crafted font files could cause a single byte heap based buffer overflow (CVE-2011-3193). Specially crafted grey scale images could cause a heap based buffer overflow (CVE-2011-3194). libQtWebKit-devel-4.7.1-8.15.1.i586.rpm libQtWebKit-devel-4.7.1-8.15.1.x86_64.rpm libQtWebKit4-4.7.1-8.15.1.i586.rpm libQtWebKit4-4.7.1-8.15.1.x86_64.rpm libQtWebKit4-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-4.7.1-8.15.1.i586.rpm libqt4-4.7.1-8.15.1.x86_64.rpm libqt4-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-devel-4.7.1-8.15.1.i586.rpm libqt4-devel-4.7.1-8.15.1.x86_64.rpm libqt4-devel-doc-4.7.1-8.15.1.i586.rpm libqt4-devel-doc-4.7.1-8.15.1.x86_64.rpm libqt4-devel-doc-data-4.7.1-8.15.1.noarch.rpm libqt4-qt3support-4.7.1-8.15.1.i586.rpm libqt4-qt3support-4.7.1-8.15.1.x86_64.rpm libqt4-qt3support-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-4.7.1-8.15.1.i586.rpm libqt4-sql-4.7.1-8.15.1.x86_64.rpm libqt4-sql-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-mysql-4.7.1-8.15.1.i586.rpm libqt4-sql-mysql-4.7.1-8.15.1.x86_64.rpm libqt4-sql-mysql-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-postgresql-4.7.1-8.15.1.i586.rpm libqt4-sql-postgresql-4.7.1-8.15.1.x86_64.rpm libqt4-sql-postgresql-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.15.1.i586.rpm libqt4-sql-sqlite-4.7.1-8.15.1.x86_64.rpm libqt4-sql-sqlite-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-unixODBC-4.7.1-8.15.1.i586.rpm libqt4-sql-unixODBC-4.7.1-8.15.1.x86_64.rpm libqt4-sql-unixODBC-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-x11-4.7.1-8.15.1.i586.rpm libqt4-x11-4.7.1-8.15.1.x86_64.rpm libqt4-x11-32bit-4.7.1-8.15.1.x86_64.rpm qt4-x11-tools-4.7.1-8.15.1.i586.rpm qt4-x11-tools-4.7.1-8.15.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.15.1.i586.rpm libQtWebKit4-debuginfo-4.7.1-8.15.1.x86_64.rpm libQtWebKit4-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-debugsource-4.7.1-8.15.1.i586.rpm libqt4-debugsource-4.7.1-8.15.1.x86_64.rpm libqt4-devel-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-devel-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-devel-doc-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-devel-doc-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-devel-doc-debugsource-4.7.1-8.15.1.i586.rpm libqt4-devel-doc-debugsource-4.7.1-8.15.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-qt3support-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-qt3support-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-sql-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-sql-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-mysql-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-sql-mysql-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-sql-mysql-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-plugins-debugsource-4.7.1-8.15.1.i586.rpm libqt4-sql-plugins-debugsource-4.7.1-8.15.1.x86_64.rpm libqt4-sql-postgresql-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-sql-postgresql-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-sql-postgresql-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-sql-unixODBC-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-sql-unixODBC-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-sql-unixODBC-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.15.1.i586.rpm libqt4-x11-debuginfo-4.7.1-8.15.1.x86_64.rpm libqt4-x11-debuginfo-32bit-4.7.1-8.15.1.x86_64.rpm qt4-x11-tools-debuginfo-4.7.1-8.15.1.i586.rpm qt4-x11-tools-debuginfo-4.7.1-8.15.1.x86_64.rpm dirmngr Low openSUSE 11.4 This update fixes the following issue for dirmngr: - 700091: fixed that dirmngr blocks on certain operations. dirmngr-1.1.0-5.6.1.i586.rpm dirmngr-1.1.0-5.6.1.x86_64.rpm dirmngr-debuginfo-1.1.0-5.6.1.i586.rpm dirmngr-debuginfo-1.1.0-5.6.1.x86_64.rpm dirmngr-debugsource-1.1.0-5.6.1.i586.rpm dirmngr-debugsource-1.1.0-5.6.1.x86_64.rpm ImageMagick Low openSUSE 11.4 This update fixes the following issue for ImageMagick: -673303: fix error message, when gaining informations from strerror_r. ImageMagick-6.6.5.8-8.9.1.i586.rpm ImageMagick-6.6.5.8-8.9.1.x86_64.rpm ImageMagick-devel-6.6.5.8-8.9.1.i586.rpm ImageMagick-devel-6.6.5.8-8.9.1.x86_64.rpm ImageMagick-doc-6.6.5.8-8.9.1.noarch.rpm ImageMagick-extra-6.6.5.8-8.9.1.i586.rpm ImageMagick-extra-6.6.5.8-8.9.1.x86_64.rpm libMagick++-devel-6.6.5.8-8.9.1.i586.rpm libMagick++-devel-6.6.5.8-8.9.1.x86_64.rpm libMagick++4-6.6.5.8-8.9.1.i586.rpm libMagick++4-6.6.5.8-8.9.1.x86_64.rpm libMagickCore4-6.6.5.8-8.9.1.i586.rpm libMagickCore4-6.6.5.8-8.9.1.x86_64.rpm libMagickCore4-32bit-6.6.5.8-8.9.1.x86_64.rpm libMagickWand4-6.6.5.8-8.9.1.i586.rpm libMagickWand4-6.6.5.8-8.9.1.x86_64.rpm libMagickWand4-32bit-6.6.5.8-8.9.1.x86_64.rpm perl-PerlMagick-6.6.5.8-8.9.1.i586.rpm perl-PerlMagick-6.6.5.8-8.9.1.x86_64.rpm ImageMagick-debuginfo-6.6.5.8-8.9.1.i586.rpm ImageMagick-debuginfo-6.6.5.8-8.9.1.x86_64.rpm ImageMagick-debugsource-6.6.5.8-8.9.1.i586.rpm ImageMagick-debugsource-6.6.5.8-8.9.1.x86_64.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.9.1.i586.rpm ImageMagick-extra-debuginfo-6.6.5.8-8.9.1.x86_64.rpm libMagick++4-debuginfo-6.6.5.8-8.9.1.i586.rpm libMagick++4-debuginfo-6.6.5.8-8.9.1.x86_64.rpm libMagickCore4-debuginfo-6.6.5.8-8.9.1.i586.rpm libMagickCore4-debuginfo-6.6.5.8-8.9.1.x86_64.rpm libMagickCore4-debuginfo-32bit-6.6.5.8-8.9.1.x86_64.rpm libMagickWand4-debuginfo-6.6.5.8-8.9.1.i586.rpm libMagickWand4-debuginfo-6.6.5.8-8.9.1.x86_64.rpm libMagickWand4-debuginfo-32bit-6.6.5.8-8.9.1.x86_64.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.9.1.i586.rpm perl-PerlMagick-debuginfo-6.6.5.8-8.9.1.x86_64.rpm cyrus-imapd Moderate openSUSE 11.4 This update of cyrus-imapd fixes a buffer overflow that could potentially be exploited by remote attackers to cause a crash or run arbitrary code (CVE-2011-3208). cyrus-imapd-2.3.16-16.19.1.i586.rpm cyrus-imapd-2.3.16-16.19.1.x86_64.rpm cyrus-imapd-devel-2.3.16-16.19.1.i586.rpm cyrus-imapd-devel-2.3.16-16.19.1.x86_64.rpm perl-Cyrus-IMAP-2.3.16-16.19.1.i586.rpm perl-Cyrus-IMAP-2.3.16-16.19.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.19.1.i586.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.19.1.x86_64.rpm cyrus-imapd-debuginfo-2.3.16-16.19.1.i586.rpm cyrus-imapd-debuginfo-2.3.16-16.19.1.x86_64.rpm cyrus-imapd-debugsource-2.3.16-16.19.1.i586.rpm cyrus-imapd-debugsource-2.3.16-16.19.1.x86_64.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.19.1.i586.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.19.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.19.1.i586.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.19.1.x86_64.rpm atftp Low openSUSE 11.4 This update fixes: - #683140: package atftp was missing PreReq: pwdutils. Thus pwdutils could not be present at the time of install, so no proper user/group could get created. atftp-0.7.0-143.144.1.i586.rpm atftp-0.7.0-143.144.1.x86_64.rpm atftp-debuginfo-0.7.0-143.144.1.i586.rpm atftp-debuginfo-0.7.0-143.144.1.x86_64.rpm atftp-debugsource-0.7.0-143.144.1.i586.rpm atftp-debugsource-0.7.0-143.144.1.x86_64.rpm majordomo Important openSUSE 11.4 This update fixes mail sent to lists being thrown away silently without obvious clue in the logs (bnc#716393) majordomo-1.94.5-464.465.1.i586.rpm majordomo-1.94.5-464.465.1.x86_64.rpm majordomo-debuginfo-1.94.5-464.465.1.i586.rpm majordomo-debuginfo-1.94.5-464.465.1.x86_64.rpm tomcat6 Moderate openSUSE 11.4 Specially crafted AJP messages could be used bypass authentication (CVE-2011-3190). tomcat6-6.0.32-7.10.1.noarch.rpm tomcat6-admin-webapps-6.0.32-7.10.1.noarch.rpm tomcat6-docs-webapp-6.0.32-7.10.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-7.10.1.noarch.rpm tomcat6-javadoc-6.0.32-7.10.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-7.10.1.noarch.rpm tomcat6-lib-6.0.32-7.10.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-7.10.1.noarch.rpm tomcat6-webapps-6.0.32-7.10.1.noarch.rpm gimp Moderate openSUSE 11.4 specially crafted gif files could cause an infinite loop or a heap-based buffer overflow in the gif decoder (CVE-2011-2896). gimp-2.6.11-13.18.1.i586.rpm gimp-2.6.11-13.18.1.x86_64.rpm gimp-branding-upstream-2.6.11-13.18.1.i586.rpm gimp-branding-upstream-2.6.11-13.18.1.x86_64.rpm gimp-devel-2.6.11-13.18.1.i586.rpm gimp-devel-2.6.11-13.18.1.x86_64.rpm gimp-help-browser-2.6.11-13.18.1.i586.rpm gimp-help-browser-2.6.11-13.18.1.x86_64.rpm gimp-lang-2.6.11-13.18.1.noarch.rpm gimp-module-hal-2.6.11-13.18.1.i586.rpm gimp-module-hal-2.6.11-13.18.1.x86_64.rpm gimp-plugins-python-2.6.11-13.18.1.i586.rpm gimp-plugins-python-2.6.11-13.18.1.x86_64.rpm libgimp-2_0-0-2.6.11-13.18.1.i586.rpm libgimp-2_0-0-2.6.11-13.18.1.x86_64.rpm libgimp-2_0-0-32bit-2.6.11-13.18.1.x86_64.rpm libgimpui-2_0-0-2.6.11-13.18.1.i586.rpm libgimpui-2_0-0-2.6.11-13.18.1.x86_64.rpm libgimpui-2_0-0-32bit-2.6.11-13.18.1.x86_64.rpm gimp-debuginfo-2.6.11-13.18.1.i586.rpm gimp-debuginfo-2.6.11-13.18.1.x86_64.rpm gimp-debugsource-2.6.11-13.18.1.i586.rpm gimp-debugsource-2.6.11-13.18.1.x86_64.rpm gimp-devel-debuginfo-2.6.11-13.18.1.i586.rpm gimp-devel-debuginfo-2.6.11-13.18.1.x86_64.rpm gimp-help-browser-debuginfo-2.6.11-13.18.1.i586.rpm gimp-help-browser-debuginfo-2.6.11-13.18.1.x86_64.rpm gimp-module-hal-debuginfo-2.6.11-13.18.1.i586.rpm gimp-module-hal-debuginfo-2.6.11-13.18.1.x86_64.rpm gimp-plugins-python-debuginfo-2.6.11-13.18.1.i586.rpm gimp-plugins-python-debuginfo-2.6.11-13.18.1.x86_64.rpm libgimp-2_0-0-debuginfo-2.6.11-13.18.1.i586.rpm libgimp-2_0-0-debuginfo-2.6.11-13.18.1.x86_64.rpm libgimp-2_0-0-debuginfo-32bit-2.6.11-13.18.1.x86_64.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.18.1.i586.rpm libgimpui-2_0-0-debuginfo-2.6.11-13.18.1.x86_64.rpm libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.18.1.x86_64.rpm timezone-2011j Moderate openSUSE 11.4 This update provides 2011j which provides the following important changes: dbg114-timezone-2011j-5153 new_updateinfo timezone-2011j-5153 Fix past timezones for Kenya, Uganda, and Tanzani dbg114-timezone-2011j-5153 new_updateinfo timezone-2011j-5153 Samoa uses DST in 2011-2012 starting on September 24th 3am timezone-2011j-1.2.1.i586.rpm timezone-2011j-1.2.1.x86_64.rpm timezone-java-2011j-1.2.1.noarch.rpm timezone-debuginfo-2011j-1.2.1.i586.rpm timezone-debuginfo-2011j-1.2.1.x86_64.rpm timezone-debugsource-2011j-1.2.1.i586.rpm timezone-debugsource-2011j-1.2.1.x86_64.rpm jakarta-commons-daemon Important openSUSE 11.4 jsvc did not properly drop capabilities, therefore allowing applications to access files owned by the super user (CVE-2011-2729). jakarta-commons-daemon-1.0.5-4.5.1.i586.rpm jakarta-commons-daemon-1.0.5-4.5.1.x86_64.rpm jakarta-commons-daemon-java-1.0.5-4.5.1.noarch.rpm jakarta-commons-daemon-javadoc-1.0.5-4.5.1.noarch.rpm jakarta-commons-daemon-debuginfo-1.0.5-4.5.1.i586.rpm jakarta-commons-daemon-debuginfo-1.0.5-4.5.1.x86_64.rpm jakarta-commons-daemon-debugsource-1.0.5-4.5.1.i586.rpm jakarta-commons-daemon-debugsource-1.0.5-4.5.1.x86_64.rpm glibc Low openSUSE 11.4 This update fixes an issue where valgrind aborts when running under a i586 CPU. (bnc#681398) glibc-2.11.3-12.19.1.i586.rpm glibc-2.11.3-12.19.1.i686.rpm glibc-2.11.3-12.19.1.x86_64.rpm glibc-32bit-2.11.3-12.19.1.x86_64.rpm glibc-devel-2.11.3-12.19.1.i586.rpm glibc-devel-2.11.3-12.19.1.i686.rpm glibc-devel-2.11.3-12.19.1.x86_64.rpm glibc-devel-32bit-2.11.3-12.19.1.x86_64.rpm glibc-html-2.11.3-12.19.1.i586.rpm glibc-html-2.11.3-12.19.1.x86_64.rpm glibc-i18ndata-2.11.3-12.19.1.i586.rpm glibc-i18ndata-2.11.3-12.19.1.x86_64.rpm glibc-info-2.11.3-12.19.1.i586.rpm glibc-info-2.11.3-12.19.1.x86_64.rpm glibc-locale-2.11.3-12.19.1.i586.rpm glibc-locale-2.11.3-12.19.1.x86_64.rpm glibc-locale-32bit-2.11.3-12.19.1.x86_64.rpm glibc-obsolete-2.11.3-12.19.1.i586.rpm glibc-obsolete-2.11.3-12.19.1.x86_64.rpm glibc-profile-2.11.3-12.19.1.i586.rpm glibc-profile-2.11.3-12.19.1.x86_64.rpm glibc-profile-32bit-2.11.3-12.19.1.x86_64.rpm nscd-2.11.3-12.19.1.i586.rpm nscd-2.11.3-12.19.1.x86_64.rpm glibc-debuginfo-2.11.3-12.19.1.i586.rpm glibc-debuginfo-2.11.3-12.19.1.i686.rpm glibc-debuginfo-2.11.3-12.19.1.x86_64.rpm glibc-debuginfo-32bit-2.11.3-12.19.1.x86_64.rpm glibc-debugsource-2.11.3-12.19.1.i586.rpm glibc-debugsource-2.11.3-12.19.1.i686.rpm glibc-debugsource-2.11.3-12.19.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.19.1.i586.rpm glibc-devel-debuginfo-2.11.3-12.19.1.i686.rpm glibc-devel-debuginfo-2.11.3-12.19.1.x86_64.rpm glibc-devel-debuginfo-32bit-2.11.3-12.19.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.19.1.i586.rpm glibc-locale-debuginfo-2.11.3-12.19.1.x86_64.rpm glibc-locale-debuginfo-32bit-2.11.3-12.19.1.x86_64.rpm glibc-obsolete-debuginfo-2.11.3-12.19.1.i586.rpm nscd-debuginfo-2.11.3-12.19.1.i586.rpm nscd-debuginfo-2.11.3-12.19.1.x86_64.rpm gdk-pixbuf-loader-rsvg Moderate openSUSE 11.4 Specially crafted SVG files could make librsvg dereference a function pointer which potentially allows to execute arbitrary code (CVE-2011-3146). gdk-pixbuf-loader-rsvg-2.32.1-3.4.1.i586.rpm gdk-pixbuf-loader-rsvg-2.32.1-3.4.1.x86_64.rpm gdk-pixbuf-loader-rsvg-32bit-2.32.1-3.4.1.x86_64.rpm gtk2-engine-svg-2.32.1-3.4.1.i586.rpm gtk2-engine-svg-2.32.1-3.4.1.x86_64.rpm gtk2-engine-svg-32bit-2.32.1-3.4.1.x86_64.rpm librsvg-2-2-2.32.1-3.4.1.i586.rpm librsvg-2-2-2.32.1-3.4.1.x86_64.rpm librsvg-2-2-32bit-2.32.1-3.4.1.x86_64.rpm librsvg-devel-2.32.1-3.4.1.i586.rpm librsvg-devel-2.32.1-3.4.1.x86_64.rpm rsvg-view-2.32.1-3.4.1.i586.rpm rsvg-view-2.32.1-3.4.1.x86_64.rpm gdk-pixbuf-loader-rsvg-debuginfo-2.32.1-3.4.1.i586.rpm gdk-pixbuf-loader-rsvg-debuginfo-2.32.1-3.4.1.x86_64.rpm gdk-pixbuf-loader-rsvg-debuginfo-32bit-2.32.1-3.4.1.x86_64.rpm gtk2-engine-svg-debuginfo-2.32.1-3.4.1.i586.rpm gtk2-engine-svg-debuginfo-2.32.1-3.4.1.x86_64.rpm gtk2-engine-svg-debuginfo-32bit-2.32.1-3.4.1.x86_64.rpm librsvg-2-2-debuginfo-2.32.1-3.4.1.i586.rpm librsvg-2-2-debuginfo-2.32.1-3.4.1.x86_64.rpm librsvg-2-2-debuginfo-32bit-2.32.1-3.4.1.x86_64.rpm librsvg-debugsource-2.32.1-3.4.1.i586.rpm librsvg-debugsource-2.32.1-3.4.1.x86_64.rpm rsvg-view-debuginfo-2.32.1-3.4.1.i586.rpm rsvg-view-debuginfo-2.32.1-3.4.1.x86_64.rpm coreutils Low openSUSE 11.4 The following bug is fixed by this update: /usr/bin/cut ignores --output-delimiter when used in conjunction with -c. coreutils-8.9-11.1.i586.rpm coreutils-8.9-11.1.x86_64.rpm coreutils-lang-8.9-11.1.noarch.rpm coreutils-debuginfo-8.9-11.1.i586.rpm coreutils-debuginfo-8.9-11.1.x86_64.rpm coreutils-debugsource-8.9-11.1.i586.rpm coreutils-debugsource-8.9-11.1.x86_64.rpm librcc-devel Low openSUSE 11.4 This change will trigger the installation of librcc0 if unzip and aspell are to be installed, i.e. when correct handling of foreign charsets is most likely needed. librcc-devel-0.2.9-6.7.1.i586.rpm librcc-devel-0.2.9-6.7.1.x86_64.rpm librcc0-0.2.9-6.7.1.i586.rpm librcc0-0.2.9-6.7.1.x86_64.rpm rcc-runtime-0.2.9-6.7.1.i586.rpm rcc-runtime-0.2.9-6.7.1.x86_64.rpm librcc0-debuginfo-0.2.9-6.7.1.i586.rpm librcc0-debuginfo-0.2.9-6.7.1.x86_64.rpm librcc0-debugsource-0.2.9-6.7.1.i586.rpm librcc0-debugsource-0.2.9-6.7.1.x86_64.rpm rcc-runtime-debuginfo-0.2.9-6.7.1.i586.rpm rcc-runtime-debuginfo-0.2.9-6.7.1.x86_64.rpm libopenssl-devel Moderate openSUSE 11.4 OpenSSL's internal certificate verification routines could incorrectly accept a CRL whose nextUpdate field is in the past (CVE-2011-3207). Server code for ECDH could crash if it received a specially crafted handshake message (CVE-2011-3210). libopenssl-devel-1.0.0c-18.21.1.i586.rpm libopenssl-devel-1.0.0c-18.21.1.x86_64.rpm libopenssl0_9_8-0.9.8m-6.7.1.i586.rpm libopenssl0_9_8-0.9.8m-6.7.1.x86_64.rpm libopenssl0_9_8-32bit-0.9.8m-6.7.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.21.1.i586.rpm libopenssl1_0_0-1.0.0c-18.21.1.x86_64.rpm libopenssl1_0_0-32bit-1.0.0c-18.21.1.x86_64.rpm openssl-1.0.0c-18.21.1.i586.rpm openssl-1.0.0c-18.21.1.x86_64.rpm openssl-doc-1.0.0c-18.21.1.noarch.rpm libopenssl0_9_8-debuginfo-0.9.8m-6.7.1.i586.rpm libopenssl0_9_8-debuginfo-0.9.8m-6.7.1.x86_64.rpm libopenssl0_9_8-debuginfo-32bit-0.9.8m-6.7.1.x86_64.rpm libopenssl0_9_8-debugsource-0.9.8m-6.7.1.i586.rpm libopenssl0_9_8-debugsource-0.9.8m-6.7.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.21.1.i586.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.21.1.x86_64.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.21.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.21.1.i586.rpm openssl-debuginfo-1.0.0c-18.21.1.x86_64.rpm openssl-debugsource-1.0.0c-18.21.1.i586.rpm openssl-debugsource-1.0.0c-18.21.1.x86_64.rpm flash-player openSUSE 11.4 This update resolves a universal cross-site scripting issue that could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website (CVE-2011-2444). Note: There are reports that this issue is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This update resolves an AVM stack overflow issue that may allow for remote code execution. (CVE-2011-2426). This update resolves an AVM stack overflow issue that may lead to denial of service and code execution. (CVE-2011-2427). This update resolves a logic error issue which causes a browser crash and may lead to code execution. (CVE-2011- 2428). This update resolves a Flash Player security control bypass which could allow information disclosure. (CVE-2011-2429). This update resolves a streaming media logic error vulnerability which could lead to code execution. (CVE-2011-2430). flash-player-10.3.183.10-0.2.1.i586.rpm opensuse-kvm_en-pdf Low openSUSE 11.4 This update fixes a missing picture in the documentation. opensuse-kvm_en-pdf-11.4-6.12.1.noarch.rpm opensuse-manuals_en-11.4-6.12.1.noarch.rpm opensuse-reference_en-pdf-11.4-6.12.1.noarch.rpm opensuse-security_en-pdf-11.4-6.12.1.noarch.rpm opensuse-startup_en-pdf-11.4-6.12.1.noarch.rpm opensuse-tuning_en-pdf-11.4-6.12.1.noarch.rpm iftop Low openSUSE 11.4 This update fixes a drawing issue in UTF-8 mode due to wrong locale initialisation and ncurses usage (bnc#718922) iftop-0.17-137.138.1.i586.rpm iftop-0.17-137.138.1.x86_64.rpm iftop-debuginfo-0.17-137.138.1.i586.rpm iftop-debuginfo-0.17-137.138.1.x86_64.rpm iftop-debugsource-0.17-137.138.1.i586.rpm iftop-debugsource-0.17-137.138.1.x86_64.rpm MozillaThunderbird Important openSUSE 11.4 Mozilla Thunderbird was updated to version 3.1.14, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported memory safety problems that affected Firefox 3.6 and Firefox 6. (CVE-2011-2995) Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous reported memory safety problems that affected Firefox 6, fixed in Firefox 7. (CVE-2011-2997) MFSA 2011-38: Mozilla developer Boris Zbarsky reported that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. Because some plugins use the value of window.location to determine the page origin this could fool the plugin into granting the plugin content access to another site or the local file system in violation of the Same Origin Policy. This flaw allows circumvention of the fix added for MFSA 2010-10. (CVE-2011-2999) MFSA 2011-39: Ian Graham of Citrix Online reported that when multiple Location headers were present in a redirect response Mozilla behavior differed from other browsers: Mozilla would use the second Location header while Chrome and Internet Explorer would use the first. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Most commonly it is the Location header itself that is vulnerable to the response splitting and therefore the copy preferred by Mozilla is more likely to be the malicious one. It is possible, however, that the first copy was the injected one depending on the nature of the server vulnerability. The Mozilla browser engine has been changed to treat two copies of this header with different values as an error condition. The same has been done with the headers Content-Length and Content-Disposition. (CVE-2011-3000) MFSA 2011-40: Mariusz Mlynski reported that if you could convince a user to hold down the Enter key--as part of a game or test, perhaps--a malicious page could pop up a download dialog where the held key would then activate the default Open action. For some file types this would be merely annoying (the equivalent of a pop-up) but other file types have powerful scripting capabilities. And this would provide an avenue for an attacker to exploit a vulnerability in applications not normally exposed to potentially hostile internet content. Mariusz also reported a similar flaw with manual plugin installation using the PLUGINSPAGE attribute. It was possible to create an internal error that suppressed a confirmation dialog, such that holding enter would lead to the installation of an arbitrary add-on. (This variant did not affect Firefox 3.6) Holding enter allows arbitrary code execution due to Download Manager (CVE-2011-2372) Holding enter allows arbitrary extension installation (CVE-2011-3001) MFSA 2011-42: Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript. (CVE-2011-3232) MFSA 2011-44: sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware. (CVE-2011-3005) This vulnerability does not affect Firefox 3.6 or earlier. MozillaThunderbird-3.1.15-0.17.1.i586.rpm MozillaThunderbird-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.15-0.17.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-devel-3.1.15-0.17.1.i586.rpm MozillaThunderbird-devel-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.15-0.17.1.i586.rpm MozillaThunderbird-translations-common-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.15-0.17.1.i586.rpm MozillaThunderbird-translations-other-3.1.15-0.17.1.x86_64.rpm enigmail-1.1.2+3.1.15-0.17.1.i586.rpm enigmail-1.1.2+3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.15-0.17.1.i586.rpm MozillaThunderbird-debuginfo-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.15-0.17.1.i586.rpm MozillaThunderbird-debugsource-3.1.15-0.17.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.15-0.17.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.15-0.17.1.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.15-0.17.1.i586.rpm enigmail-debuginfo-1.1.2+3.1.15-0.17.1.x86_64.rpm mozilla-js192 Important openSUSE 11.4 Mozilla XULRunner was updated to version 1.9.2.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled,, but are potentially a risk in browser or browser-like contexts in those products. Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported memory safety problems that affected Firefox 3.6 and Firefox 6. (CVE-2011-2995) Josh Aas reported a potential crash in the plugin API that affected Firefox 3.6 only. (CVE-2011-2996) MFSA 2011-37: Mark Kaplan reported a potentially exploitable crash due to integer underflow when using a large JavaScript RegExp expression. We would also like to thank Mark for contributing the fix for this problem. (no CVE yet) MFSA 2011-38: Mozilla developer Boris Zbarsky reported that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. Because some plugins use the value of window.location to determine the page origin this could fool the plugin into granting the plugin content access to another site or the local file system in violation of the Same Origin Policy. This flaw allows circumvention of the fix added for MFSA 2010-10. (CVE-2011-2999) MFSA 2011-39: Ian Graham of Citrix Online reported that when multiple Location headers were present in a redirect response Mozilla behavior differed from other browsers: Mozilla would use the second Location header while Chrome and Internet Explorer would use the first. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Most commonly it is the Location header itself that is vulnerable to the response splitting and therefore the copy preferred by Mozilla is more likely to be the malicious one. It is possible, however, that the first copy was the injected one depending on the nature of the server vulnerability. The Mozilla browser engine has been changed to treat two copies of this header with different values as an error condition. The same has been done with the headers Content-Length and Content-Disposition. (CVE-2011-3000) MFSA 2011-40: Mariusz Mlynski reported that if you could convince a user to hold down the Enter key--as part of a game or test, perhaps--a malicious page could pop up a download dialog where the held key would then activate the default Open action. For some file types this would be merely annoying (the equivalent of a pop-up) but other file types have powerful scripting capabilities. And this would provide an avenue for an attacker to exploit a vulnerability in applications not normally exposed to potentially hostile internet content. Holding enter allows arbitrary code execution due to Download Manager (CVE-2011-2372) mozilla-js192-1.9.2.23-1.2.1.i586.rpm mozilla-js192-1.9.2.23-1.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.23-1.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.23-1.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.23-1.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.23-1.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.23-1.2.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 Mozilla Firefox was updated to version 7. dbg114-MozillaFirefox-5208 MozillaFirefox-5208 new_updateinfo Improve Responsiveness with Memory Reductions dbg114-MozillaFirefox-5208 MozillaFirefox-5208 new_updateinfo Instant Sync dbg114-MozillaFirefox-5208 MozillaFirefox-5208 new_updateinfo WebSocket protocol 8 MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled,, but are potentially a risk in browser or browser-like contexts in those products. Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported memory safety problems that affected Firefox 3.6 and Firefox 6. (CVE-2011-2995) Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous reported memory safety problems that affected Firefox 6, fixed in Firefox 7. (CVE-2011-2997) MFSA 2011-38: Mozilla developer Boris Zbarsky reported that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. Because some plugins use the value of window.location to determine the page origin this could fool the plugin into granting the plugin content access to another site or the local file system in violation of the Same Origin Policy. This flaw allows circumvention of the fix added for MFSA 2010-10. (CVE-2011-2999) MFSA 2011-39: Ian Graham of Citrix Online reported that when multiple Location headers were present in a redirect response Mozilla behavior differed from other browsers: Mozilla would use the second Location header while Chrome and Internet Explorer would use the first. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Most commonly it is the Location header itself that is vulnerable to the response splitting and therefore the copy preferred by Mozilla is more likely to be the malicious one. It is possible, however, that the first copy was the injected one depending on the nature of the server vulnerability. The Mozilla browser engine has been changed to treat two copies of this header with different values as an error condition. The same has been done with the headers Content-Length and Content-Disposition. (CVE-2011-3000) MFSA 2011-40: Mariusz Mlynski reported that if you could convince a user to hold down the Enter key--as part of a game or test, perhaps--a malicious page could pop up a download dialog where the held key would then activate the default Open action. For some file types this would be merely annoying (the equivalent of a pop-up) but other file types have powerful scripting capabilities. And this would provide an avenue for an attacker to exploit a vulnerability in applications not normally exposed to potentially hostile internet content. Mariusz also reported a similar flaw with manual plugin installation using the PLUGINSPAGE attribute. It was possible to create an internal error that suppressed a confirmation dialog, such that holding enter would lead to the installation of an arbitrary add-on. (This variant did not affect Firefox 3.6) Holding enter allows arbitrary code execution due to Download Manager (CVE-2011-2372) Holding enter allows arbitrary extension installation (CVE-2011-3001) MFSA 2011-41: Michael Jordon of Context IS reported that in the ANGLE library used by WebGL the return value from GrowAtomTable() was not checked for errors. If an attacker could cause requests that exceeded the available memeory those would fail and potentially lead to a buffer overrun as subsequent code wrote into the non-allocated space. (CVE-2011-3002) Ben Hawkes of the Google Security Team reported a WebGL test case that demonstrated an out of bounds write after an allocation failed. (CVE-2011-3003) MFSA 2011-42: Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript. (CVE-2011-3232) MFSA 2011-43: David Rees reported that the JSSubScriptLoader (a feature used by some add-ons) was "unwrapping" XPCNativeWrappers when they were used as the scope parameter to loadSubScript(). Without the protection of the wrappers the add-on could be vulnerable to privilege escalation attacks from malicious web content. Whether any given add-on were vulnerable would depend on how the add-on used the feature and whether it interacted directly with web content, but we did find at least one vulnerable add-on and presumer there are more. (CVE-2011-3004) MFSA 2011-44: sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware. (CVE-2011-3005) MFSA 2011-45: University of California, Davis researchers Liang Cai and Hao Chen presented a paper at the 2011 USENIX HotSec workshop on inferring keystrokes from device motion data on mobile devices. Web pages can now receive data similar to the apps studied in that paper and likely present a similar risk. We have decided to limit motion data events to the currently-active tab to prevent the possibility of background tabs attempting to decipher keystrokes the user is entering into the foreground tab. MozillaFirefox-7.0-1.2.1.i586.rpm MozillaFirefox-7.0-1.2.1.x86_64.rpm MozillaFirefox-branding-upstream-7.0-1.2.1.i586.rpm MozillaFirefox-branding-upstream-7.0-1.2.1.x86_64.rpm MozillaFirefox-buildsymbols-7.0-1.2.1.i586.rpm MozillaFirefox-buildsymbols-7.0-1.2.1.x86_64.rpm MozillaFirefox-devel-7.0-1.2.1.i586.rpm MozillaFirefox-devel-7.0-1.2.1.x86_64.rpm MozillaFirefox-translations-common-7.0-1.2.1.i586.rpm MozillaFirefox-translations-common-7.0-1.2.1.x86_64.rpm MozillaFirefox-translations-other-7.0-1.2.1.i586.rpm MozillaFirefox-translations-other-7.0-1.2.1.x86_64.rpm MozillaFirefox-debuginfo-7.0-1.2.1.i586.rpm MozillaFirefox-debuginfo-7.0-1.2.1.x86_64.rpm MozillaFirefox-debugsource-7.0-1.2.1.i586.rpm MozillaFirefox-debugsource-7.0-1.2.1.x86_64.rpm seamonkey Important openSUSE 11.4 Mozilla Seamonkey was updated to version 2.4, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported memory safety problems that affected Firefox 3.6 and Firefox 6. (CVE-2011-2995) Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous reported memory safety problems that affected Firefox 6, fixed in Firefox 7. (CVE-2011-2997) MFSA 2011-38: Mozilla developer Boris Zbarsky reported that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. Because some plugins use the value of window.location to determine the page origin this could fool the plugin into granting the plugin content access to another site or the local file system in violation of the Same Origin Policy. This flaw allows circumvention of the fix added for MFSA 2010-10. (CVE-2011-2999) MFSA 2011-39: Ian Graham of Citrix Online reported that when multiple Location headers were present in a redirect response Mozilla behavior differed from other browsers: Mozilla would use the second Location header while Chrome and Internet Explorer would use the first. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Most commonly it is the Location header itself that is vulnerable to the response splitting and therefore the copy preferred by Mozilla is more likely to be the malicious one. It is possible, however, that the first copy was the injected one depending on the nature of the server vulnerability. The Mozilla browser engine has been changed to treat two copies of this header with different values as an error condition. The same has been done with the headers Content-Length and Content-Disposition. (CVE-2011-3000) MFSA 2011-40: Mariusz Mlynski reported that if you could convince a user to hold down the Enter key--as part of a game or test, perhaps--a malicious page could pop up a download dialog where the held key would then activate the default Open action. For some file types this would be merely annoying (the equivalent of a pop-up) but other file types have powerful scripting capabilities. And this would provide an avenue for an attacker to exploit a vulnerability in applications not normally exposed to potentially hostile internet content. Mariusz also reported a similar flaw with manual plugin installation using the PLUGINSPAGE attribute. It was possible to create an internal error that suppressed a confirmation dialog, such that holding enter would lead to the installation of an arbitrary add-on. (This variant did not affect Firefox 3.6) Holding enter allows arbitrary code execution due to Download Manager (CVE-2011-2372) Holding enter allows arbitrary extension installation (CVE-2011-3001) MFSA 2011-41: Michael Jordon of Context IS reported that in the ANGLE library used by WebGL the return value from GrowAtomTable() was not checked for errors. If an attacker could cause requests that exceeded the available memeory those would fail and potentially lead to a buffer overrun as subsequent code wrote into the non-allocated space. (CVE-2011-3002) Ben Hawkes of the Google Security Team reported a WebGL test case that demonstrated an out of bounds write after an allocation failed. (CVE-2011-3003) MFSA 2011-42: Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript. (CVE-2011-3232) MFSA 2011-43: David Rees reported that the JSSubScriptLoader (a feature used by some add-ons) was "unwrapping" XPCNativeWrappers when they were used as the scope parameter to loadSubScript(). Without the protection of the wrappers the add-on could be vulnerable to privilege escalation attacks from malicious web content. Whether any given add-on were vulnerable would depend on how the add-on used the feature and whether it interacted directly with web content, but we did find at least one vulnerable add-on and presumer there are more. (CVE-2011-3004) The unwrapping behavior was a change introduced during Firefox 4 development. Firefox 3.6 and earlier versions are not affected. MFSA 2011-44: sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware. (CVE-2011-3005) This vulnerability does not affect Firefox 3.6 or earlier. MFSA 2011-45: University of California, Davis researchers Liang Cai and Hao Chen presented a paper at the 2011 USENIX HotSec workshop on inferring keystrokes from device motion data on mobile devices. Web pages can now receive data similar to the apps studied in that paper and likely present a similar risk. We have decided to limit motion data events to the currently-active tab to prevent the possibility of background tabs attempting to decipher keystrokes the user is entering into the foreground tab. seamonkey-2.4-1.2.1.i586.rpm seamonkey-2.4-1.2.1.x86_64.rpm seamonkey-dom-inspector-2.4-1.2.1.i586.rpm seamonkey-dom-inspector-2.4-1.2.1.x86_64.rpm seamonkey-irc-2.4-1.2.1.i586.rpm seamonkey-irc-2.4-1.2.1.x86_64.rpm seamonkey-translations-common-2.4-1.2.1.i586.rpm seamonkey-translations-common-2.4-1.2.1.x86_64.rpm seamonkey-translations-other-2.4-1.2.1.i586.rpm seamonkey-translations-other-2.4-1.2.1.x86_64.rpm seamonkey-venkman-2.4-1.2.1.i586.rpm seamonkey-venkman-2.4-1.2.1.x86_64.rpm seamonkey-debuginfo-2.4-1.2.1.i586.rpm seamonkey-debuginfo-2.4-1.2.1.x86_64.rpm seamonkey-debugsource-2.4-1.2.1.i586.rpm seamonkey-debugsource-2.4-1.2.1.x86_64.rpm metacity Low openSUSE 11.4 This update adds support of alt-tab during drag and drop operation (bnc#720212). metacity-2.30.3-7.8.1.i586.rpm metacity-2.30.3-7.8.1.x86_64.rpm metacity-devel-2.30.3-7.8.1.i586.rpm metacity-devel-2.30.3-7.8.1.x86_64.rpm metacity-lang-2.30.3-7.8.1.noarch.rpm metacity-debuginfo-2.30.3-7.8.1.i586.rpm metacity-debuginfo-2.30.3-7.8.1.x86_64.rpm metacity-debugsource-2.30.3-7.8.1.i586.rpm metacity-debugsource-2.30.3-7.8.1.x86_64.rpm dolphin Low openSUSE 11.4 This update of kdebase4 fixes: - bnc#701517: KDE with double click show incorrect mouse cursor if hover the object dolphin-4.6.0-6.8.1.i586.rpm dolphin-4.6.0-6.8.1.x86_64.rpm kdebase4-4.6.0-6.8.1.i586.rpm kdebase4-4.6.0-6.8.1.x86_64.rpm kdebase4-libkonq-4.6.0-6.8.1.i586.rpm kdebase4-libkonq-4.6.0-6.8.1.x86_64.rpm kdebase4-nsplugin-4.6.0-6.8.1.i586.rpm kdebase4-nsplugin-4.6.0-6.8.1.x86_64.rpm kdepasswd-4.6.0-6.8.1.i586.rpm kdepasswd-4.6.0-6.8.1.x86_64.rpm kdialog-4.6.0-6.8.1.i586.rpm kdialog-4.6.0-6.8.1.x86_64.rpm keditbookmarks-4.6.0-6.8.1.i586.rpm keditbookmarks-4.6.0-6.8.1.x86_64.rpm kfind-4.6.0-6.8.1.i586.rpm kfind-4.6.0-6.8.1.x86_64.rpm konqueror-4.6.0-6.8.1.i586.rpm konqueror-4.6.0-6.8.1.x86_64.rpm konsole-4.6.0-6.8.1.i586.rpm konsole-4.6.0-6.8.1.x86_64.rpm kwrite-4.6.0-6.8.1.i586.rpm kwrite-4.6.0-6.8.1.x86_64.rpm libkonq-devel-4.6.0-6.8.1.i586.rpm libkonq-devel-4.6.0-6.8.1.x86_64.rpm libkonq5-4.6.0-6.8.1.i586.rpm libkonq5-4.6.0-6.8.1.x86_64.rpm libkonq5-32bit-4.6.0-6.8.1.x86_64.rpm dolphin-debuginfo-4.6.0-6.8.1.i586.rpm dolphin-debuginfo-4.6.0-6.8.1.x86_64.rpm kdebase4-debuginfo-4.6.0-6.8.1.i586.rpm kdebase4-debuginfo-4.6.0-6.8.1.x86_64.rpm kdebase4-debugsource-4.6.0-6.8.1.i586.rpm kdebase4-debugsource-4.6.0-6.8.1.x86_64.rpm kdebase4-libkonq-debuginfo-4.6.0-6.8.1.i586.rpm kdebase4-libkonq-debuginfo-4.6.0-6.8.1.x86_64.rpm kdebase4-nsplugin-debuginfo-4.6.0-6.8.1.i586.rpm kdebase4-nsplugin-debuginfo-4.6.0-6.8.1.x86_64.rpm kdepasswd-debuginfo-4.6.0-6.8.1.i586.rpm kdepasswd-debuginfo-4.6.0-6.8.1.x86_64.rpm kdialog-debuginfo-4.6.0-6.8.1.i586.rpm kdialog-debuginfo-4.6.0-6.8.1.x86_64.rpm keditbookmarks-debuginfo-4.6.0-6.8.1.i586.rpm keditbookmarks-debuginfo-4.6.0-6.8.1.x86_64.rpm kfind-debuginfo-4.6.0-6.8.1.i586.rpm kfind-debuginfo-4.6.0-6.8.1.x86_64.rpm konqueror-debuginfo-4.6.0-6.8.1.i586.rpm konqueror-debuginfo-4.6.0-6.8.1.x86_64.rpm konsole-debuginfo-4.6.0-6.8.1.i586.rpm konsole-debuginfo-4.6.0-6.8.1.x86_64.rpm kwrite-debuginfo-4.6.0-6.8.1.i586.rpm kwrite-debuginfo-4.6.0-6.8.1.x86_64.rpm libkonq5-debuginfo-4.6.0-6.8.1.i586.rpm libkonq5-debuginfo-4.6.0-6.8.1.x86_64.rpm libkonq5-debuginfo-32bit-4.6.0-6.8.1.x86_64.rpm flash-player Low openSUSE 11.4 This update provides Flash Player 11.0.1.152, which includes new features as well as enhancements and bug fixes related to security, stability, performance and device compatibility. Please read http://kb2.adobe.com/cps/919/cpsid_91932.html for details. flash-player-11.0.1.152-0.2.1.i586.rpm flash-player-11.0.1.152-0.2.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 Mozilla Firefox was updated to version 7.0.1, which fixes some regressions found in the 7.0 release. MozillaFirefox-7.0.1-0.2.1.i586.rpm MozillaFirefox-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-7.0.1-0.2.1.i586.rpm MozillaFirefox-branding-upstream-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-7.0.1-0.2.1.i586.rpm MozillaFirefox-buildsymbols-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-devel-7.0.1-0.2.1.i586.rpm MozillaFirefox-devel-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-translations-common-7.0.1-0.2.1.i586.rpm MozillaFirefox-translations-common-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-translations-other-7.0.1-0.2.1.i586.rpm MozillaFirefox-translations-other-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-7.0.1-0.2.1.i586.rpm MozillaFirefox-debuginfo-7.0.1-0.2.1.x86_64.rpm MozillaFirefox-debugsource-7.0.1-0.2.1.i586.rpm MozillaFirefox-debugsource-7.0.1-0.2.1.x86_64.rpm cyrus-imapd Moderate openSUSE 11.4 An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. cyrus-imapd-2.3.16-16.21.1.i586.rpm cyrus-imapd-2.3.16-16.21.1.x86_64.rpm cyrus-imapd-devel-2.3.16-16.21.1.i586.rpm cyrus-imapd-devel-2.3.16-16.21.1.x86_64.rpm perl-Cyrus-IMAP-2.3.16-16.21.1.i586.rpm perl-Cyrus-IMAP-2.3.16-16.21.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.21.1.i586.rpm perl-Cyrus-SIEVE-managesieve-2.3.16-16.21.1.x86_64.rpm cyrus-imapd-debuginfo-2.3.16-16.21.1.i586.rpm cyrus-imapd-debuginfo-2.3.16-16.21.1.x86_64.rpm cyrus-imapd-debugsource-2.3.16-16.21.1.i586.rpm cyrus-imapd-debugsource-2.3.16-16.21.1.x86_64.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.21.1.i586.rpm perl-Cyrus-IMAP-debuginfo-2.3.16-16.21.1.x86_64.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.21.1.i586.rpm perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.21.1.x86_64.rpm libneon-devel Low openSUSE 11.4 This update provides the following fix for neon: - 721661: Neon supports SNI libneon-devel-0.29.4-0.3.1.i586.rpm libneon-devel-0.29.4-0.3.1.x86_64.rpm libneon27-0.29.4-0.3.1.i586.rpm libneon27-0.29.4-0.3.1.x86_64.rpm libneon27-32bit-0.29.4-0.3.1.x86_64.rpm libneon27-debuginfo-0.29.4-0.3.1.i586.rpm libneon27-debuginfo-0.29.4-0.3.1.x86_64.rpm libneon27-debuginfo-32bit-0.29.4-0.3.1.x86_64.rpm neon-debugsource-0.29.4-0.3.1.i586.rpm neon-debugsource-0.29.4-0.3.1.x86_64.rpm puppet Moderate openSUSE 11.4 A directory traversal vulnerability in puppet allowed unauthenticated remote attackers to upload x.509 certificate signing requests to arbitrary locations (CVE-2011-3848) puppet-2.6.4-4.7.1.i586.rpm puppet-2.6.4-4.7.1.x86_64.rpm puppet-server-2.6.4-4.7.1.i586.rpm puppet-server-2.6.4-4.7.1.x86_64.rpm seamonkey Important openSUSE 11.4 Mozilla Seamonkey was updated to version 2.4.1, which fixes some regressions found in the 2.4 release. seamonkey-2.4.1-0.2.1.i586.rpm seamonkey-2.4.1-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.4.1-0.2.1.i586.rpm seamonkey-dom-inspector-2.4.1-0.2.1.x86_64.rpm seamonkey-irc-2.4.1-0.2.1.i586.rpm seamonkey-irc-2.4.1-0.2.1.x86_64.rpm seamonkey-translations-common-2.4.1-0.2.1.i586.rpm seamonkey-translations-common-2.4.1-0.2.1.x86_64.rpm seamonkey-translations-other-2.4.1-0.2.1.i586.rpm seamonkey-translations-other-2.4.1-0.2.1.x86_64.rpm seamonkey-venkman-2.4.1-0.2.1.i586.rpm seamonkey-venkman-2.4.1-0.2.1.x86_64.rpm seamonkey-debuginfo-2.4.1-0.2.1.i586.rpm seamonkey-debuginfo-2.4.1-0.2.1.x86_64.rpm seamonkey-debugsource-2.4.1-0.2.1.i586.rpm seamonkey-debugsource-2.4.1-0.2.1.x86_64.rpm libdc1394 Low openSUSE 11.4 This update fixes digiKam crashing on picture import. libdc1394-2.1.3-21.22.1.i586.rpm libdc1394-2.1.3-21.22.1.x86_64.rpm libdc1394-22-2.1.3-21.22.1.i586.rpm libdc1394-22-2.1.3-21.22.1.x86_64.rpm libdc1394-devel-2.1.3-21.22.1.i586.rpm libdc1394-devel-2.1.3-21.22.1.x86_64.rpm libdc1394-22-debuginfo-2.1.3-21.22.1.i586.rpm libdc1394-22-debuginfo-2.1.3-21.22.1.x86_64.rpm libdc1394-debuginfo-2.1.3-21.22.1.i586.rpm libdc1394-debuginfo-2.1.3-21.22.1.x86_64.rpm libdc1394-debugsource-2.1.3-21.22.1.i586.rpm libdc1394-debugsource-2.1.3-21.22.1.x86_64.rpm libreoffice-34 Moderate openSUSE 11.4 LibreOffice 3.4 includes new interesting features and fixes, see http://www.libreoffice.org/download/3-4-new-features-and-fix es/ The update fixes the following security issue: - 704311: libreoffice Lotus Word Pro filter multiple vulnerabilities (CVE-2011-2685) - 722075: LibreOffice: Out-of-bounds read in DOC sprm (CVE-2011-2713) This update also fixes the following non-security issues: - 647959: LibO has a regression problem to show emf charts properly. - 650049: pptx presentation has text in boxes and circles. Only text is displayed. - 651250: Video and Audio does not play in slide show mode of LibO Impress. - 652562: LibreOffice crashes on start on 11.4-MS3 NET/DVD install - 653662: libreoffice build calls mkbundle2 (deprecated) instead of mkbundle - 663622: Writer crash during document save - 665112: could not type or edit office document - 675868: eliminate wording of ooconvert existed in loconvert --help - 675961: Libreoffice Copy paste of formula in Writer tables does not work as expected - 676858: Document with full page graphic in header will not allow click-drag or right-click. - 678998: Libre Office 3.3.1 does not detect KDE3 - 680272: Deleting multiple sheets results in run-time error/crash - 681738: DDE link is lost when .xls file is opened/saved in Calc. - 683578: Large xlsx file takes extremely long to open with Libreoffice calc - 684784: Microsoft Office spreadsheet does not display anything - 693238: Column format in docx file is not displayed correctly. - 693477: Format of Word .doc file from HP is bad. - 694119: Using File-->Send-->Document as E-mail will crash Impress - 694344: 3rd level bulleted items are not displayed properly. - 695479: L3: RTF file is not displayed correctly by Writer. - 696630: DDE link from Calc to Excel needs Excel open to update link in Calc. - 702506: Writer crashes when opening docx files. - 704639: HTML document appearance changes when opened in open office vs LibreOffice - 704642: 16 digit numbers change in LibreOffice when opening a file created in MS Excel - 705949: Information missing from MS Word document when opened in LibreOffice (w:sdt) - 706792: PTF 3.3.1-21 introduced a crash when opening a pptx presentation. - 707486: Macro from excel fails on Selection.Copy when run in Calc. - 707779: Disappearing text - 708137: xls spreadsheet is extremely slow to open and check boxes are broken. - 708518: Bullet symbol is not rendered correctly in a specific slide. - 710061: ODP export to PDF produces broken images - 710920: RPM installation ending with redundant error. - 711977: File association for fod* files are missing. - 712358: Some extensions broken after upgrading. - 715268: Command libreoffice --help does not work when LibreOffice is already started - 715856: LibreOffice:Stable/libreoffice-converter: Bug - 715416: Impress crashes starting Slide show in the context of dual monitors extension mode. - 715931: failed to save an odp file. - 717262: libtool adds /usr/lib64 into rpath libreoffice-3.4.2.6-2.3.1.i586.rpm libreoffice-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-3.4.2.6-2.3.1.i586.rpm libreoffice-base-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-drivers-mysql-3.4.2.6-2.3.1.i586.rpm libreoffice-base-drivers-mysql-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-drivers-postgresql-3.4.2.6-2.3.1.i586.rpm libreoffice-base-drivers-postgresql-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-extensions-3.4.2.6-2.3.1.i586.rpm libreoffice-base-extensions-3.4.2.6-2.3.1.x86_64.rpm libreoffice-branding-upstream-3.4.2.6-2.3.1.noarch.rpm libreoffice-calc-3.4.2.6-2.3.1.i586.rpm libreoffice-calc-3.4.2.6-2.3.1.x86_64.rpm libreoffice-calc-extensions-3.4.2.6-2.3.1.i586.rpm libreoffice-calc-extensions-3.4.2.6-2.3.1.x86_64.rpm libreoffice-converter-3.3-1.4.1.noarch.rpm libreoffice-draw-3.4.2.6-2.3.1.i586.rpm libreoffice-draw-3.4.2.6-2.3.1.x86_64.rpm libreoffice-draw-extensions-3.4.2.6-2.3.1.i586.rpm libreoffice-draw-extensions-3.4.2.6-2.3.1.x86_64.rpm libreoffice-filters-optional-3.4.2.6-2.3.1.i586.rpm libreoffice-filters-optional-3.4.2.6-2.3.1.x86_64.rpm libreoffice-gnome-3.4.2.6-2.3.1.i586.rpm libreoffice-gnome-3.4.2.6-2.3.1.x86_64.rpm libreoffice-help-cs-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-da-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-de-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-en-GB-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-en-US-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-en-ZA-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-es-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-et-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-fr-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-gl-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-gu-IN-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-hi-IN-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-hu-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-it-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-ja-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-km-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-ko-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-nl-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-pl-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-pt-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-pt-BR-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-ru-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-sl-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-sv-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-zh-CN-3.4.2.6-2.3.1.noarch.rpm libreoffice-help-zh-TW-3.4.2.6-2.3.1.noarch.rpm libreoffice-icon-theme-crystal-3.4.2.6-1.3.1.noarch.rpm libreoffice-icon-theme-galaxy-3.4.2.6-1.3.1.noarch.rpm libreoffice-icon-theme-hicontrast-3.4.2.6-1.3.1.noarch.rpm libreoffice-icon-theme-oxygen-3.4.2.6-1.3.1.noarch.rpm libreoffice-icon-theme-tango-3.4.2.6-1.3.1.noarch.rpm libreoffice-icon-themes-prebuilt-3.4.2.6-2.3.1.i586.rpm libreoffice-icon-themes-prebuilt-3.4.2.6-2.3.1.x86_64.rpm libreoffice-impress-3.4.2.6-2.3.1.i586.rpm libreoffice-impress-3.4.2.6-2.3.1.x86_64.rpm libreoffice-impress-extensions-3.4.2.6-2.3.1.i586.rpm libreoffice-impress-extensions-3.4.2.6-2.3.1.x86_64.rpm libreoffice-kde4-3.4.2.6-2.3.1.i586.rpm libreoffice-kde4-3.4.2.6-2.3.1.x86_64.rpm libreoffice-l10n-af-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ar-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-be-BY-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-bg-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-br-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ca-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-cs-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-cy-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-da-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-de-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-el-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-en-GB-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-en-ZA-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-es-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-et-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-fi-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-fr-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ga-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-gl-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-gu-IN-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-he-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-hi-IN-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-hr-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-hu-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-it-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ja-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ka-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-km-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ko-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-lt-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-mk-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-nb-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-nl-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-nn-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-nr-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-pa-IN-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-pl-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-prebuilt-3.4.2.6-2.3.1.i586.rpm libreoffice-l10n-prebuilt-3.4.2.6-2.3.1.x86_64.rpm libreoffice-l10n-pt-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-pt-BR-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ru-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-rw-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-sh-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-sk-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-sl-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-sr-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ss-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-st-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-sv-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-tg-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-th-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-tr-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ts-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-uk-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-ve-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-vi-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-xh-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-zh-CN-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-zh-TW-3.4.2.6-1.3.1.noarch.rpm libreoffice-l10n-zu-3.4.2.6-1.3.1.noarch.rpm libreoffice-languagetool-1.4-2.2.1.noarch.rpm libreoffice-languagetool-ca-1.4-2.2.1.noarch.rpm libreoffice-languagetool-de-1.4-2.2.1.noarch.rpm libreoffice-languagetool-en-1.4-2.2.1.noarch.rpm libreoffice-languagetool-es-1.4-2.2.1.noarch.rpm libreoffice-languagetool-fr-1.4-2.2.1.noarch.rpm libreoffice-languagetool-gl-1.4-2.2.1.noarch.rpm libreoffice-languagetool-it-1.4-2.2.1.noarch.rpm libreoffice-languagetool-nl-1.4-2.2.1.noarch.rpm libreoffice-languagetool-pl-1.4-2.2.1.noarch.rpm libreoffice-languagetool-ro-1.4-2.2.1.noarch.rpm libreoffice-languagetool-ru-1.4-2.2.1.noarch.rpm libreoffice-languagetool-sk-1.4-2.2.1.noarch.rpm libreoffice-languagetool-sv-1.4-2.2.1.noarch.rpm libreoffice-mailmerge-3.4.2.6-2.3.1.i586.rpm libreoffice-mailmerge-3.4.2.6-2.3.1.x86_64.rpm libreoffice-math-3.4.2.6-2.3.1.i586.rpm libreoffice-math-3.4.2.6-2.3.1.x86_64.rpm libreoffice-officebean-3.4.2.6-2.3.1.i586.rpm libreoffice-officebean-3.4.2.6-2.3.1.x86_64.rpm libreoffice-openclipart-3.4-1.3.1.noarch.rpm libreoffice-pyuno-3.4.2.6-2.3.1.i586.rpm libreoffice-pyuno-3.4.2.6-2.3.1.x86_64.rpm libreoffice-testtool-3.4.2.6-2.3.1.i586.rpm libreoffice-testtool-3.4.2.6-2.3.1.x86_64.rpm libreoffice-writer-3.4.2.6-2.3.1.i586.rpm libreoffice-writer-3.4.2.6-2.3.1.x86_64.rpm libreoffice-writer-extensions-3.4.2.6-2.3.1.i586.rpm libreoffice-writer-extensions-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-base-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-drivers-mysql-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-base-drivers-mysql-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-base-drivers-postgresql-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-base-drivers-postgresql-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-calc-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-calc-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-draw-extensions-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-draw-extensions-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-filters-optional-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-filters-optional-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-gnome-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-gnome-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-impress-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-impress-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-impress-extensions-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-impress-extensions-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-kde4-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-kde4-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-math-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-math-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-officebean-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-officebean-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-pyuno-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-pyuno-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-testtool-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-testtool-debuginfo-3.4.2.6-2.3.1.x86_64.rpm libreoffice-writer-debuginfo-3.4.2.6-2.3.1.i586.rpm libreoffice-writer-debuginfo-3.4.2.6-2.3.1.x86_64.rpm pam_mount Low openSUSE 11.4 This update provides the following fix for pam_mount: - 722480: pam_mount: Version-update from 2.11 to 2.12 pam_mount-2.12-0.2.1.i586.rpm pam_mount-2.12-0.2.1.x86_64.rpm pam_mount-32bit-2.12-0.2.1.x86_64.rpm pam_mount-debuginfo-2.12-0.2.1.i586.rpm pam_mount-debuginfo-2.12-0.2.1.x86_64.rpm pam_mount-debuginfo-32bit-2.12-0.2.1.x86_64.rpm pam_mount-debugsource-2.12-0.2.1.i586.rpm pam_mount-debugsource-2.12-0.2.1.x86_64.rpm rpm Important openSUSE 11.4 Specially crafted rpm packages can cause memory corruption in rpm when verifying signatures (CVE-2011-3378). rpm-4.8.0-28.29.1.i586.rpm rpm-4.8.0-28.29.1.x86_64.rpm rpm-32bit-4.8.0-28.29.1.x86_64.rpm rpm-devel-4.8.0-28.29.1.i586.rpm rpm-devel-4.8.0-28.29.1.x86_64.rpm rpm-debuginfo-4.8.0-28.29.1.i586.rpm rpm-debuginfo-4.8.0-28.29.1.x86_64.rpm rpm-debuginfo-32bit-4.8.0-28.29.1.x86_64.rpm rpm-debugsource-4.8.0-28.29.1.i586.rpm rpm-debugsource-4.8.0-28.29.1.x86_64.rpm kdelibs4 Moderate openSUSE 11.4 An input validation flaw when displaying certificates has been fixed in KDE's KSSL (kdelibs4). CVE-2011-3365 has been assigned to this issue. kdelibs4-4.6.0-6.17.1.i586.rpm kdelibs4-4.6.0-6.17.1.x86_64.rpm kdelibs4-branding-upstream-4.6.0-6.17.1.i586.rpm kdelibs4-branding-upstream-4.6.0-6.17.1.x86_64.rpm kdelibs4-core-4.6.0-6.17.1.i586.rpm kdelibs4-core-4.6.0-6.17.1.x86_64.rpm kdelibs4-doc-4.6.0-6.17.1.i586.rpm kdelibs4-doc-4.6.0-6.17.1.x86_64.rpm libkde4-4.6.0-6.17.1.i586.rpm libkde4-4.6.0-6.17.1.x86_64.rpm libkde4-32bit-4.6.0-6.17.1.x86_64.rpm libkde4-devel-4.6.0-6.17.1.i586.rpm libkde4-devel-4.6.0-6.17.1.x86_64.rpm libkdecore4-4.6.0-6.17.1.i586.rpm libkdecore4-4.6.0-6.17.1.x86_64.rpm libkdecore4-32bit-4.6.0-6.17.1.x86_64.rpm libkdecore4-devel-4.6.0-6.17.1.i586.rpm libkdecore4-devel-4.6.0-6.17.1.x86_64.rpm libksuseinstall-devel-4.6.0-6.17.1.i586.rpm libksuseinstall-devel-4.6.0-6.17.1.x86_64.rpm libksuseinstall1-4.6.0-6.17.1.i586.rpm libksuseinstall1-4.6.0-6.17.1.x86_64.rpm libksuseinstall1-32bit-4.6.0-6.17.1.x86_64.rpm kdelibs4-core-debuginfo-4.6.0-6.17.1.i586.rpm kdelibs4-core-debuginfo-4.6.0-6.17.1.x86_64.rpm kdelibs4-debuginfo-4.6.0-6.17.1.i586.rpm kdelibs4-debuginfo-4.6.0-6.17.1.x86_64.rpm kdelibs4-debugsource-4.6.0-6.17.1.i586.rpm kdelibs4-debugsource-4.6.0-6.17.1.x86_64.rpm kdelibs4-doc-debuginfo-4.6.0-6.17.1.i586.rpm kdelibs4-doc-debuginfo-4.6.0-6.17.1.x86_64.rpm libkde4-debuginfo-4.6.0-6.17.1.i586.rpm libkde4-debuginfo-4.6.0-6.17.1.x86_64.rpm libkde4-debuginfo-32bit-4.6.0-6.17.1.x86_64.rpm libkdecore4-debuginfo-4.6.0-6.17.1.i586.rpm libkdecore4-debuginfo-4.6.0-6.17.1.x86_64.rpm libkdecore4-debuginfo-32bit-4.6.0-6.17.1.x86_64.rpm libkdecore4-devel-debuginfo-4.6.0-6.17.1.i586.rpm libkdecore4-devel-debuginfo-4.6.0-6.17.1.x86_64.rpm libksuseinstall1-debuginfo-4.6.0-6.17.1.i586.rpm libksuseinstall1-debuginfo-4.6.0-6.17.1.x86_64.rpm libksuseinstall1-debuginfo-32bit-4.6.0-6.17.1.x86_64.rpm pcmciautils Moderate openSUSE 11.4 This update fixes a segmentation fault in argument handling in pccardctl. pcmciautils-017-113.114.1.i586.rpm pcmciautils-017-113.114.1.x86_64.rpm pcmciautils-debuginfo-017-113.114.1.i586.rpm pcmciautils-debuginfo-017-113.114.1.x86_64.rpm xdelta Low openSUSE 11.4 This update provides multiple fixes for large file support xdelta-1.1.4-189.190.1.i586.rpm xdelta-1.1.4-189.190.1.x86_64.rpm xdelta-devel-1.1.4-189.190.1.i586.rpm xdelta-devel-1.1.4-189.190.1.x86_64.rpm xdelta-debuginfo-1.1.4-189.190.1.i586.rpm xdelta-debuginfo-1.1.4-189.190.1.x86_64.rpm xdelta-debugsource-1.1.4-189.190.1.i586.rpm xdelta-debugsource-1.1.4-189.190.1.x86_64.rpm quagga Important openSUSE 11.4 This update fixes the following security issues: - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa (CVE-2011-3323) - 718058: OSPF6D DoS while decoding Database Description packet (CVE-2011-3324) - 718059: OSPFD DoS while decoding Hello packet (CVE-2011-3325) - 718061: OSPFD DoS while decoding Link State Update (CVE-2011-3326) - 718062: DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP (CVE-2011-3327) quagga-0.99.17-4.11.1.i586.rpm quagga-0.99.17-4.11.1.x86_64.rpm quagga-devel-0.99.17-4.11.1.i586.rpm quagga-devel-0.99.17-4.11.1.x86_64.rpm quagga-debuginfo-0.99.17-4.11.1.i586.rpm quagga-debuginfo-0.99.17-4.11.1.x86_64.rpm quagga-debugsource-0.99.17-4.11.1.i586.rpm quagga-debugsource-0.99.17-4.11.1.x86_64.rpm wireshark Moderate openSUSE 11.4 This update of wireshark fixes the following vulnerabilities: - CVE-2011-3266: Wireshark IKE dissector vulnerability - CVE-2011-3360: Wireshark Lua script execution vulnerability - CVE-2011-3483: Wireshark buffer exception handling vulnerability - CVE-2011-2597: Lucent/Ascend file parser susceptible to infinite loop - CVE-2011-2698: ANSI MAP dissector susceptible to infinite loop - CVE-2011-1957: Large/infinite loop in the DICOM dissector - CVE-2011-1959: A corrupted snoop file could crash Wireshark - CVE-2011-2174: Malformed compressed capture data could crash Wireshark - CVE-2011-2175: A corrupted Visual Networks file could crash Wireshark - CVE-2011-1958: dereferene a NULL pointer if we had a corrupted Diameter dictionary wireshark-1.4.4-0.7.1.i586.rpm wireshark-1.4.4-0.7.1.x86_64.rpm wireshark-devel-1.4.4-0.7.1.i586.rpm wireshark-devel-1.4.4-0.7.1.x86_64.rpm wireshark-debuginfo-1.4.4-0.7.1.i586.rpm wireshark-debuginfo-1.4.4-0.7.1.x86_64.rpm wireshark-debugsource-1.4.4-0.7.1.i586.rpm wireshark-debugsource-1.4.4-0.7.1.x86_64.rpm enchant Low openSUSE 11.4 - 722693: enchant cannot use hunspell because dictionaries are not found enchant-devel-1.6.0-8.9.1.i586.rpm enchant-devel-1.6.0-8.9.1.x86_64.rpm enchant-tools-1.6.0-8.9.1.i586.rpm enchant-tools-1.6.0-8.9.1.x86_64.rpm enchant-voikko-1.6.0-8.9.1.i586.rpm enchant-voikko-1.6.0-8.9.1.x86_64.rpm enchant-voikko-32bit-1.6.0-8.9.1.x86_64.rpm enchant-zemberek-32bit-1.6.0-8.9.1.x86_64.rpm libenchant1-1.6.0-8.9.1.i586.rpm libenchant1-1.6.0-8.9.1.x86_64.rpm libenchant1-32bit-1.6.0-8.9.1.x86_64.rpm enchant-debugsource-1.6.0-8.9.1.i586.rpm enchant-debugsource-1.6.0-8.9.1.x86_64.rpm enchant-tools-debuginfo-1.6.0-8.9.1.i586.rpm enchant-tools-debuginfo-1.6.0-8.9.1.x86_64.rpm enchant-voikko-debuginfo-1.6.0-8.9.1.i586.rpm enchant-voikko-debuginfo-1.6.0-8.9.1.x86_64.rpm enchant-voikko-debuginfo-32bit-1.6.0-8.9.1.x86_64.rpm enchant-zemberek-debuginfo-32bit-1.6.0-8.9.1.x86_64.rpm libenchant1-debuginfo-1.6.0-8.9.1.i586.rpm libenchant1-debuginfo-1.6.0-8.9.1.x86_64.rpm libenchant1-debuginfo-32bit-1.6.0-8.9.1.x86_64.rpm ldns Important openSUSE 11.4 A boundary error in ldns_rr_new_frm_str_internal() could lead to a heap-based buffer overfow when processing RR records (CVE-2011-3581). libldns-devel-1.5.1-10.11.1.i586.rpm libldns-devel-1.5.1-10.11.1.x86_64.rpm libldns1-1.5.1-10.11.1.i586.rpm libldns1-1.5.1-10.11.1.x86_64.rpm ldns-debugsource-1.5.1-10.11.1.i586.rpm ldns-debugsource-1.5.1-10.11.1.x86_64.rpm libldns1-debuginfo-1.5.1-10.11.1.i586.rpm libldns1-debuginfo-1.5.1-10.11.1.x86_64.rpm logwatch Low openSUSE 11.4 logwatch won't start with the service dmeventd because the crontab entry in /etc/cron.d/dmeventd is lacking the user name. logwatch-7.3.6-78.84.1.noarch.rpm ddclient Low openSUSE 11.4 This patch fixes two problems in ddclient: - #723688: not all necessary dependencies are installed with the package - #267306: /etc/init.d/ddclient can't see ddclient running ddclient-3.8.0-13.14.1.i586.rpm ddclient-3.8.0-13.14.1.x86_64.rpm fail2ban Moderate openSUSE 11.4 fail2ban IP used insecure temporary files when unbanning an IP address (CVE-2009-5023). fail2ban-0.8.4-11.12.1.noarch.rpm dolphin Low openSUSE 11.4 This update fixes a bug in Dolphin where it was unable to create new directory in subdirectory from context menu. dolphin-4.6.0-6.10.1.i586.rpm dolphin-4.6.0-6.10.1.x86_64.rpm kdebase4-4.6.0-6.10.1.i586.rpm kdebase4-4.6.0-6.10.1.x86_64.rpm kdebase4-libkonq-4.6.0-6.10.1.i586.rpm kdebase4-libkonq-4.6.0-6.10.1.x86_64.rpm kdebase4-nsplugin-4.6.0-6.10.1.i586.rpm kdebase4-nsplugin-4.6.0-6.10.1.x86_64.rpm kdepasswd-4.6.0-6.10.1.i586.rpm kdepasswd-4.6.0-6.10.1.x86_64.rpm kdialog-4.6.0-6.10.1.i586.rpm kdialog-4.6.0-6.10.1.x86_64.rpm keditbookmarks-4.6.0-6.10.1.i586.rpm keditbookmarks-4.6.0-6.10.1.x86_64.rpm kfind-4.6.0-6.10.1.i586.rpm kfind-4.6.0-6.10.1.x86_64.rpm konqueror-4.6.0-6.10.1.i586.rpm konqueror-4.6.0-6.10.1.x86_64.rpm konsole-4.6.0-6.10.1.i586.rpm konsole-4.6.0-6.10.1.x86_64.rpm kwrite-4.6.0-6.10.1.i586.rpm kwrite-4.6.0-6.10.1.x86_64.rpm libkonq-devel-4.6.0-6.10.1.i586.rpm libkonq-devel-4.6.0-6.10.1.x86_64.rpm libkonq5-4.6.0-6.10.1.i586.rpm libkonq5-4.6.0-6.10.1.x86_64.rpm libkonq5-32bit-4.6.0-6.10.1.x86_64.rpm dolphin-debuginfo-4.6.0-6.10.1.i586.rpm dolphin-debuginfo-4.6.0-6.10.1.x86_64.rpm kdebase4-debuginfo-4.6.0-6.10.1.i586.rpm kdebase4-debuginfo-4.6.0-6.10.1.x86_64.rpm kdebase4-debugsource-4.6.0-6.10.1.i586.rpm kdebase4-debugsource-4.6.0-6.10.1.x86_64.rpm kdebase4-libkonq-debuginfo-4.6.0-6.10.1.i586.rpm kdebase4-libkonq-debuginfo-4.6.0-6.10.1.x86_64.rpm kdebase4-nsplugin-debuginfo-4.6.0-6.10.1.i586.rpm kdebase4-nsplugin-debuginfo-4.6.0-6.10.1.x86_64.rpm kdepasswd-debuginfo-4.6.0-6.10.1.i586.rpm kdepasswd-debuginfo-4.6.0-6.10.1.x86_64.rpm kdialog-debuginfo-4.6.0-6.10.1.i586.rpm kdialog-debuginfo-4.6.0-6.10.1.x86_64.rpm keditbookmarks-debuginfo-4.6.0-6.10.1.i586.rpm keditbookmarks-debuginfo-4.6.0-6.10.1.x86_64.rpm kfind-debuginfo-4.6.0-6.10.1.i586.rpm kfind-debuginfo-4.6.0-6.10.1.x86_64.rpm konqueror-debuginfo-4.6.0-6.10.1.i586.rpm konqueror-debuginfo-4.6.0-6.10.1.x86_64.rpm konsole-debuginfo-4.6.0-6.10.1.i586.rpm konsole-debuginfo-4.6.0-6.10.1.x86_64.rpm kwrite-debuginfo-4.6.0-6.10.1.i586.rpm kwrite-debuginfo-4.6.0-6.10.1.x86_64.rpm libkonq5-debuginfo-4.6.0-6.10.1.i586.rpm libkonq5-debuginfo-4.6.0-6.10.1.x86_64.rpm libkonq5-debuginfo-32bit-4.6.0-6.10.1.x86_64.rpm krb5 Important openSUSE 11.4 The following issues have been fixed: - CVE-2011-1528: In releases krb5-1.8 and later, the KDC can crash due to an assertion failure. - CVE-2011-1529: In releases krb5-1.8 and later, the KDC can crash due to a null pointer dereference. Both bugs could be triggered by unauthenticated remote attackers. Additionally CVE-2011-1526 was fixed that allowed authenticated users to access files via krb5 ftpd they should not have access to. krb5-1.8.3-16.19.1.i586.rpm krb5-1.8.3-16.19.1.x86_64.rpm krb5-32bit-1.8.3-16.19.1.x86_64.rpm krb5-appl-clients-1.0-7.10.1.i586.rpm krb5-appl-clients-1.0-7.10.1.x86_64.rpm krb5-appl-servers-1.0-7.10.1.i586.rpm krb5-appl-servers-1.0-7.10.1.x86_64.rpm krb5-client-1.8.3-16.19.1.i586.rpm krb5-client-1.8.3-16.19.1.x86_64.rpm krb5-devel-1.8.3-16.19.1.i586.rpm krb5-devel-1.8.3-16.19.1.x86_64.rpm krb5-devel-32bit-1.8.3-16.19.1.x86_64.rpm krb5-plugin-kdb-ldap-1.8.3-16.19.1.i586.rpm krb5-plugin-kdb-ldap-1.8.3-16.19.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.8.3-16.19.1.i586.rpm krb5-plugin-preauth-pkinit-1.8.3-16.19.1.x86_64.rpm krb5-server-1.8.3-16.19.1.i586.rpm krb5-server-1.8.3-16.19.1.x86_64.rpm krb5-appl-clients-debuginfo-1.0-7.10.1.i586.rpm krb5-appl-clients-debuginfo-1.0-7.10.1.x86_64.rpm krb5-appl-debugsource-1.0-7.10.1.i586.rpm krb5-appl-debugsource-1.0-7.10.1.x86_64.rpm krb5-appl-servers-debuginfo-1.0-7.10.1.i586.rpm krb5-appl-servers-debuginfo-1.0-7.10.1.x86_64.rpm krb5-client-debuginfo-1.8.3-16.19.1.i586.rpm krb5-client-debuginfo-1.8.3-16.19.1.x86_64.rpm krb5-debuginfo-1.8.3-16.19.1.i586.rpm krb5-debuginfo-1.8.3-16.19.1.x86_64.rpm krb5-debuginfo-32bit-1.8.3-16.19.1.x86_64.rpm krb5-debugsource-1.8.3-16.19.1.i586.rpm krb5-debugsource-1.8.3-16.19.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.19.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.8.3-16.19.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.19.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.8.3-16.19.1.x86_64.rpm krb5-server-debuginfo-1.8.3-16.19.1.i586.rpm krb5-server-debuginfo-1.8.3-16.19.1.x86_64.rpm clamav Moderate openSUSE 11.4 This version update of clamav fixes a recursion level crash. CVE-2011-3627 was assigned to this issue. clamav-0.97.3-0.2.1.i586.rpm clamav-0.97.3-0.2.1.x86_64.rpm clamav-db-0.97.3-0.2.1.noarch.rpm clamav-debuginfo-0.97.3-0.2.1.i586.rpm clamav-debuginfo-0.97.3-0.2.1.x86_64.rpm clamav-debugsource-0.97.3-0.2.1.i586.rpm clamav-debugsource-0.97.3-0.2.1.x86_64.rpm opera Important openSUSE 11.4 This update of Opera fixes a memory flaw in the code that processes SVG content which could be exploited by attackers to execute arbitrary code through specially crafted websites. opera-11.52-0.2.1.i586.rpm opera-11.52-0.2.1.x86_64.rpm opera-gtk-11.52-0.2.1.i586.rpm opera-gtk-11.52-0.2.1.x86_64.rpm opera-kde4-11.52-0.2.1.i586.rpm opera-kde4-11.52-0.2.1.x86_64.rpm radvd Moderate openSUSE 11.4 This update of radvd fixes the following security flaws: - arbitrary file overwrite flaw through unsanitized interface names (CVE-2011-3602), - missing return value checks in privsep_init() which could cause radvd to keep running with root privileges (CVE-2011-3603), - buffer overread flaws in the process_ra() function (CVE-2011-3604), - temporary denial of service flaw triggered with a flood of ND_ROUTER_SOLICIT (CVE-2011-3605) radvd-1.3-9.10.1.i586.rpm radvd-1.3-9.10.1.x86_64.rpm radvd-debuginfo-1.3-9.10.1.i586.rpm radvd-debuginfo-1.3-9.10.1.x86_64.rpm radvd-debugsource-1.3-9.10.1.i586.rpm radvd-debugsource-1.3-9.10.1.x86_64.rpm etherape Moderate openSUSE 11.4 Etherape was updated to 0.9.12 to fix a security issue (CVE-2011-3369) and various bugs. etherape-0.9.12-2.3.1.i586.rpm etherape-0.9.12-2.3.1.x86_64.rpm etherape-debuginfo-0.9.12-2.3.1.i586.rpm etherape-debuginfo-0.9.12-2.3.1.x86_64.rpm etherape-debugsource-0.9.12-2.3.1.i586.rpm etherape-debugsource-0.9.12-2.3.1.x86_64.rpm java-1_6_0-sun Moderate openSUSE 11.4 Oracle/Sun Java 1.6.0 was updated to the u26 release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct 2011-443431.html for more details. java-1_6_0-sun-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-alsa-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-alsa-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-demo-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-demo-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-devel-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-devel-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-jdbc-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-jdbc-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-plugin-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-plugin-1.6.0.u29-0.2.1.x86_64.rpm java-1_6_0-sun-src-1.6.0.u29-0.2.1.i586.rpm java-1_6_0-sun-src-1.6.0.u29-0.2.1.x86_64.rpm timezone-2011m Important openSUSE 11.4 This update provides 2011m which provides the following important changes: dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 All Ukrainian timezones are going back to winter time on Oct 30th, 2011 dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 Adding Tiraspol to the zone.tab dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 America/Bahia switched to DST on Oct 16th, 2011 dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 West Bank ended DST 2011-09-30 already dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 Fiji enters DST on October 23th 2011 dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 Palestine suspends DST during Ramadan in 2011; Gaza and Hebron split in 2011, leading to a new Asia/Hebron zone (thanks to Steffen Thorsen and Alexander Krivenshev). dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 Belarus adopts permanent DST in 2011 (thanks to Yauhen Kharuzhy, Alexander Bokovoy, Alexander Krivenyshev, and Kirill A. Shutemov). dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 "Russia" rules changed to reflect end of use in 2010. dbg114-timezone-2011m-5325 new_updateinfo timezone-2011m-5325 "FET" used as abbreviation for Belarus, Ukraine, and western Russia timezone-2011m-0.2.1.i586.rpm timezone-2011m-0.2.1.x86_64.rpm timezone-java-2011m-0.2.1.noarch.rpm timezone-debuginfo-2011m-0.2.1.i586.rpm timezone-debuginfo-2011m-0.2.1.x86_64.rpm timezone-debugsource-2011m-0.2.1.i586.rpm timezone-debugsource-2011m-0.2.1.x86_64.rpm java-1_6_0-openjdk Moderate openSUSE 11.4 Oracle/Sun OpenJDK 1.6.0 was updated to the 1.10.4release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct 2011-443431.html for more details. java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.3.2.i586.rpm java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.3.2.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.4-0.3.2.noarch.rpm java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.4-0.3.2.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.4-0.3.2.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b22.1.10.4-0.3.2.noarch.rpm java-1_6_0-openjdk-src-1.6.0.0_b22.1.10.4-0.3.2.noarch.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b22.1.10.4-0.3.2.i586.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b22.1.10.4-0.3.2.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b22.1.10.4-0.3.2.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b22.1.10.4-0.3.2.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b22.1.10.4-0.3.2.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b22.1.10.4-0.3.2.x86_64.rpm pam Important openSUSE 11.4 The pam_env module is vulnerable to a stack overflow (CVE-2011-3148) and a DoS condition (CVE-2011-3149) when parsing users .pam_environment files. pam-1.1.3-4.9.1.i586.rpm pam-1.1.3-4.9.1.x86_64.rpm pam-32bit-1.1.3-4.9.1.x86_64.rpm pam-devel-1.1.3-4.9.1.i586.rpm pam-devel-1.1.3-4.9.1.x86_64.rpm pam-devel-32bit-1.1.3-4.9.1.x86_64.rpm pam-doc-1.1.3-4.9.1.i586.rpm pam-doc-1.1.3-4.9.1.x86_64.rpm pam-debuginfo-1.1.3-4.9.1.i586.rpm pam-debuginfo-1.1.3-4.9.1.x86_64.rpm pam-debuginfo-32bit-1.1.3-4.9.1.x86_64.rpm pam-debugsource-1.1.3-4.9.1.i586.rpm pam-debugsource-1.1.3-4.9.1.x86_64.rpm libwebkit Low openSUSE 11.4 This update reduces the initial vm allocation to 32MB and increases it only when overcommit is possible (bnc#710242) libwebkitgtk-1_0-0-1.3.10-6.7.1.i586.rpm libwebkitgtk-1_0-0-1.3.10-6.7.1.x86_64.rpm libwebkitgtk-1_0-0-32bit-1.3.10-6.7.1.x86_64.rpm libwebkitgtk-devel-1.3.10-6.7.1.i586.rpm libwebkitgtk-devel-1.3.10-6.7.1.x86_64.rpm libwebkitgtk2-lang-1.3.10-6.7.1.noarch.rpm webkit-jsc-1.3.10-6.7.1.i586.rpm webkit-jsc-1.3.10-6.7.1.x86_64.rpm libwebkit-debugsource-1.3.10-6.7.1.i586.rpm libwebkit-debugsource-1.3.10-6.7.1.x86_64.rpm libwebkitgtk-1_0-0-debuginfo-1.3.10-6.7.1.i586.rpm libwebkitgtk-1_0-0-debuginfo-1.3.10-6.7.1.x86_64.rpm libwebkitgtk-1_0-0-debuginfo-32bit-1.3.10-6.7.1.x86_64.rpm webkit-jsc-debuginfo-1.3.10-6.7.1.i586.rpm webkit-jsc-debuginfo-1.3.10-6.7.1.x86_64.rpm apache2 Important openSUSE 11.4 This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack (CVE-2011-3192) was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded, the complete content is served. default: 200 0|unlimited: unlimited none: Range headers are ignored. This option is a backport from 2.2.21. Also fixed: CVE-2011-3348: Denial of service in proxy_ajp when using a undefined method. CVE-2011-3368: Exposure of internal servers via reverse proxy methods with mod_proxy enabled and incorrect Rewrite or Proxy Rules. apache2-2.2.17-4.9.1.i586.rpm apache2-2.2.17-4.9.1.x86_64.rpm apache2-devel-2.2.17-4.9.1.i586.rpm apache2-devel-2.2.17-4.9.1.x86_64.rpm apache2-doc-2.2.17-4.9.1.noarch.rpm apache2-example-certificates-2.2.17-4.9.1.i586.rpm apache2-example-certificates-2.2.17-4.9.1.x86_64.rpm apache2-example-pages-2.2.17-4.9.1.i586.rpm apache2-example-pages-2.2.17-4.9.1.x86_64.rpm apache2-itk-2.2.17-4.9.1.i586.rpm apache2-itk-2.2.17-4.9.1.x86_64.rpm apache2-prefork-2.2.17-4.9.1.i586.rpm apache2-prefork-2.2.17-4.9.1.x86_64.rpm apache2-utils-2.2.17-4.9.1.i586.rpm apache2-utils-2.2.17-4.9.1.x86_64.rpm apache2-worker-2.2.17-4.9.1.i586.rpm apache2-worker-2.2.17-4.9.1.x86_64.rpm apache2-debuginfo-2.2.17-4.9.1.i586.rpm apache2-debuginfo-2.2.17-4.9.1.x86_64.rpm apache2-debugsource-2.2.17-4.9.1.i586.rpm apache2-debugsource-2.2.17-4.9.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.9.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.9.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.9.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.9.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.9.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.9.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.9.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.9.1.x86_64.rpm sysstat Moderate openSUSE 11.4 This update fixes the following issue for sysstat: - 668385: daily sysstat statistics in /var/log/sa/sar* do not contain entries after 6pm. sysstat-9.0.6.1-14.15.1.i586.rpm sysstat-9.0.6.1-14.15.1.x86_64.rpm sysstat-isag-9.0.6.1-14.15.1.i586.rpm sysstat-isag-9.0.6.1-14.15.1.x86_64.rpm sysstat-debuginfo-9.0.6.1-14.15.1.i586.rpm sysstat-debuginfo-9.0.6.1-14.15.1.x86_64.rpm sysstat-debugsource-9.0.6.1-14.15.1.i586.rpm sysstat-debugsource-9.0.6.1-14.15.1.x86_64.rpm kernel Moderate openSUSE 11.4 The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-1833: Added a kernel option to ensure ecryptfs is mounting only on paths belonging to the current ui, which would have allowed local attackers to potentially gain privileges via symlink attacks. CVE-2011-2695: Multiple off-by-one errors in the ext4 subsystem in the Linux kernel allowed local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer. CVE-2011-3363: Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. CVE-2011-2918: In the perf framework software event overflows could deadlock or delete an uninitialized timer. CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the length of the write so the message processing could overrun and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local users able to mount FUSE filesystems to crash the system. CVE-2011-2183: Fixed a race between ksmd and other memory management code, which could result in a NULL ptr dereference and kernel crash. CVE-2011-3191: A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies to the host. CVE-2011-1776: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. Following non-security bugs were fixed: - novfs: Unable to change password in the Novell Client for Linux (bnc#713229). - novfs: last modification time not reliable (bnc#642896). - novfs: unlink directory after unmap (bnc#649625). - fs: novfs: Fix exit handlers on local_unlink (bnc#649625). - novfs: "Unable to save Login Script" appears when trying to save a user login script (bnc#638985). - fs: novfs: Limit check for datacopy between user and kernel space. - novfs: Fix checking of login id (bnc#626119). - novfs: Set the sticky bit for the novfs mountpoint (bnc#686412). - ACPICA: Fix issues/fault with automatic "serialized" method support (bnc#678097). - drm/radeon/kms: Fix I2C mask definitions (bnc#712023). - ext4: Fix max file size and logical block counting of extent format file (bnc#706374). - novfs: fix off-by-one allocation error (bnc#669378 bnc#719710). - novfs: fix some kmalloc/kfree issues (bnc#669378 bnc#719710). - novfs: fix some DirCache locking issues (bnc#669378 bnc#719710). - memsw: remove noswapaccount kernel parameter (bnc#719450). - Provide memory controller swap extension. Keep the feature disabled by default. Use swapaccount=1 kernel boot parameter for enabling it. - Config cleanups: CONFIG_OLPC should be enabled only for i386 non PAE - TTY: pty, fix pty counting (bnc#711203). - USB: OHCI: fix another regression for NVIDIA controllers (bnc#682204). - xen/blkfront: avoid NULL de-reference in CDROM ioctl handling. - x86, mtrr: lock stop machine during MTRR rendezvous sequence (bnc#672008). kernel-debug-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-debug-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-debug-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-devel-2.6.37.6-0.9.1.noarch.rpm 1 kernel-docs-2.6.37.6-0.9.1.noarch.rpm 1 kernel-ec2-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-extra-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-extra-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-pae-2.6.37.6-0.9.1.i586.rpm 1 kernel-pae-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-pae-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-source-2.6.37.6-0.9.1.noarch.rpm 1 kernel-source-vanilla-2.6.37.6-0.9.1.noarch.rpm 1 kernel-syms-2.6.37.6-0.9.1.i586.rpm 1 kernel-syms-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-devel-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vmi-2.6.37.6-0.9.1.i586.rpm 1 kernel-vmi-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-vmi-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-xen-base-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-base-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-xen-devel-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-devel-2.6.37.6-0.9.1.x86_64.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.9-6.7.20.i586.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.9-6.7.20.x86_64.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.9-6.7.20.i586.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.9-6.7.20.x86_64.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-debug-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-pae-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-pae-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-pae-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-pae-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-vmi-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-vmi-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-vmi-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-vmi-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-xen-debugsource-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-debugsource-2.6.37.6-0.9.1.x86_64.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.9.1.i586.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.9.1.x86_64.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.9-6.7.20.i586.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.9-6.7.20.x86_64.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.9-6.7.20.i586.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.9-6.7.20.x86_64.rpm 1 libcap Low openSUSE 11.4 capsh did not chdir("/") after callling chroot(). Programs could therefore access the current directory outside of the chroot (CVE-2011-4099). libcap-devel-2.19-9.10.1.i586.rpm libcap-devel-2.19-9.10.1.x86_64.rpm libcap-progs-2.19-9.10.1.i586.rpm libcap-progs-2.19-9.10.1.x86_64.rpm libcap2-2.19-9.10.1.i586.rpm libcap2-2.19-9.10.1.x86_64.rpm libcap2-32bit-2.19-9.10.1.x86_64.rpm libcap-debugsource-2.19-9.10.1.i586.rpm libcap-debugsource-2.19-9.10.1.x86_64.rpm libcap-progs-debuginfo-2.19-9.10.1.i586.rpm libcap-progs-debuginfo-2.19-9.10.1.x86_64.rpm libcap2-debuginfo-2.19-9.10.1.i586.rpm libcap2-debuginfo-2.19-9.10.1.x86_64.rpm libcap2-debuginfo-32bit-2.19-9.10.1.x86_64.rpm NetworkManager Moderate openSUSE 11.4 NetworkManager did not pin a certificate's subject to an ESSID. A rogue access point could therefore be used to conduct MITM attacks by using any other valid certificate issued by same CA as used in the original network (CVE-2006-7246). Please note that existing WPA2 Enterprise connections need to be deleted and re-created to take advantage of the new security checks. NetworkManager did not honor the PolicyKit auth_admin setting when creating Ad-Hoc wireless networks (CVE-2011-2176) NetworkManager-0.8.2-15.28.1.i586.rpm 1 NetworkManager-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-devel-0.8.2-15.28.1.i586.rpm 1 NetworkManager-devel-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-doc-0.8.2-15.28.1.i586.rpm 1 NetworkManager-doc-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-glib-0.8.2-15.28.1.i586.rpm 1 NetworkManager-glib-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-gnome-0.8.2-9.12.1.i586.rpm 1 NetworkManager-gnome-0.8.2-9.12.1.x86_64.rpm 1 NetworkManager-gnome-lang-0.8.2-9.12.1.noarch.rpm 1 NetworkManager-lang-0.8.2-15.28.1.noarch.rpm 1 wpa_supplicant-0.7.3-3.4.1.i586.rpm 1 wpa_supplicant-0.7.3-3.4.1.x86_64.rpm 1 wpa_supplicant-gui-0.7.3-3.4.1.i586.rpm 1 wpa_supplicant-gui-0.7.3-3.4.1.x86_64.rpm 1 NetworkManager-debuginfo-0.8.2-15.28.1.i586.rpm 1 NetworkManager-debuginfo-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-debugsource-0.8.2-15.28.1.i586.rpm 1 NetworkManager-debugsource-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-glib-debuginfo-0.8.2-15.28.1.i586.rpm 1 NetworkManager-glib-debuginfo-0.8.2-15.28.1.x86_64.rpm 1 NetworkManager-gnome-debuginfo-0.8.2-9.12.1.i586.rpm 1 NetworkManager-gnome-debuginfo-0.8.2-9.12.1.x86_64.rpm 1 NetworkManager-gnome-debugsource-0.8.2-9.12.1.i586.rpm 1 NetworkManager-gnome-debugsource-0.8.2-9.12.1.x86_64.rpm 1 wpa_supplicant-debuginfo-0.7.3-3.4.1.i586.rpm 1 wpa_supplicant-debuginfo-0.7.3-3.4.1.x86_64.rpm 1 wpa_supplicant-debugsource-0.7.3-3.4.1.i586.rpm 1 wpa_supplicant-debugsource-0.7.3-3.4.1.x86_64.rpm 1 wpa_supplicant-gui-debuginfo-0.7.3-3.4.1.i586.rpm 1 wpa_supplicant-gui-debuginfo-0.7.3-3.4.1.x86_64.rpm 1 empathy Moderate openSUSE 11.4 Insufficient quoting of nick names allowed attackers to inject arbitrary html (CVE-2011-3635) empathy-2.32.2-7.10.1.i586.rpm empathy-2.32.2-7.10.1.x86_64.rpm empathy-lang-2.32.2-7.10.1.noarch.rpm nautilus-sendto-plugin-empathy-2.32.2-7.10.1.i586.rpm nautilus-sendto-plugin-empathy-2.32.2-7.10.1.x86_64.rpm empathy-debuginfo-2.32.2-7.10.1.i586.rpm empathy-debuginfo-2.32.2-7.10.1.x86_64.rpm empathy-debugsource-2.32.2-7.10.1.i586.rpm empathy-debugsource-2.32.2-7.10.1.x86_64.rpm nautilus-sendto-plugin-empathy-debuginfo-2.32.2-7.10.1.i586.rpm nautilus-sendto-plugin-empathy-debuginfo-2.32.2-7.10.1.x86_64.rpm sysconfig Low openSUSE 11.4 This update fixes the following issue for sysconfig: - 697929: Fixed to wait for the end of ipv6 duplicate address detection, that can cause failures of further services. Added LINK_READY_WAIT and IPV6_DAD_WAIT variables sysconfig-0.74.5-6.9.1.i586.rpm sysconfig-0.74.5-6.9.1.x86_64.rpm sysconfig-debuginfo-0.74.5-6.9.1.i586.rpm sysconfig-debuginfo-0.74.5-6.9.1.x86_64.rpm sysconfig-debugsource-0.74.5-6.9.1.i586.rpm sysconfig-debugsource-0.74.5-6.9.1.x86_64.rpm libfreebl3 Low openSUSE 11.4 This mozilla update fixes the following security issues: - explicitely distrust DigiCert Sdn. Bhd (bnc#728520, bmo#698753) - make sure NSS_NoDB_Init does not try to use wrong certificate databases (CVE-2011-3640, bnc#726096, bmo#641052) libfreebl3-3.12.11-1.7.1.i586.rpm libfreebl3-3.12.11-1.7.1.x86_64.rpm libfreebl3-32bit-3.12.11-1.7.1.x86_64.rpm libsoftokn3-3.12.11-1.7.1.i586.rpm libsoftokn3-3.12.11-1.7.1.x86_64.rpm libsoftokn3-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-3.12.11-1.7.1.i586.rpm mozilla-nss-3.12.11-1.7.1.x86_64.rpm mozilla-nss-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-certs-3.12.11-1.7.1.i586.rpm mozilla-nss-certs-3.12.11-1.7.1.x86_64.rpm mozilla-nss-certs-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-devel-3.12.11-1.7.1.i586.rpm mozilla-nss-devel-3.12.11-1.7.1.x86_64.rpm mozilla-nss-sysinit-3.12.11-1.7.1.i586.rpm mozilla-nss-sysinit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-sysinit-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-tools-3.12.11-1.7.1.i586.rpm mozilla-nss-tools-3.12.11-1.7.1.x86_64.rpm libfreebl3-debuginfo-3.12.11-1.7.1.i586.rpm libfreebl3-debuginfo-3.12.11-1.7.1.x86_64.rpm libfreebl3-debuginfo-32bit-3.12.11-1.7.1.x86_64.rpm libsoftokn3-debuginfo-3.12.11-1.7.1.i586.rpm libsoftokn3-debuginfo-3.12.11-1.7.1.x86_64.rpm libsoftokn3-debuginfo-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.12.11-1.7.1.i586.rpm mozilla-nss-certs-debuginfo-3.12.11-1.7.1.x86_64.rpm mozilla-nss-certs-debuginfo-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-debuginfo-3.12.11-1.7.1.i586.rpm mozilla-nss-debuginfo-3.12.11-1.7.1.x86_64.rpm mozilla-nss-debuginfo-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-debugsource-3.12.11-1.7.1.i586.rpm mozilla-nss-debugsource-3.12.11-1.7.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.7.1.i586.rpm mozilla-nss-sysinit-debuginfo-3.12.11-1.7.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-32bit-3.12.11-1.7.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.12.11-1.7.1.i586.rpm mozilla-nss-tools-debuginfo-3.12.11-1.7.1.x86_64.rpm MozillaFirefox Critical openSUSE 11.4 MozillaFirefox was updated to version 8 (bnc#728520) to fix the following security issues: dbg114-MozillaFirefox-5399 MozillaFirefox-5399 new_updateinfo MFSA 2011-47/CVE-2011-3648 (bmo#690225) Potential XSS against sites using Shift-JIS dbg114-MozillaFirefox-5399 MozillaFirefox-5399 new_updateinfo MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards dbg114-MozillaFirefox-5399 MozillaFirefox-5399 new_updateinfo MFSA 2011-49/CVE-2011-3650 (bmo#674776) Memory corruption while profiling using Firebug dbg114-MozillaFirefox-5399 MozillaFirefox-5399 new_updateinfo MFSA 2011-52/CVE-2011-3655 (bmo#672182) Code execution via NoWaiverWrapper - rebased patches MozillaFirefox-8.0-0.2.2.i586.rpm MozillaFirefox-8.0-0.2.2.x86_64.rpm MozillaFirefox-branding-openSUSE-5.0-2.5.1.i586.rpm MozillaFirefox-branding-openSUSE-5.0-2.5.1.x86_64.rpm MozillaFirefox-branding-upstream-8.0-0.2.2.i586.rpm MozillaFirefox-branding-upstream-8.0-0.2.2.x86_64.rpm MozillaFirefox-buildsymbols-8.0-0.2.2.i586.rpm MozillaFirefox-buildsymbols-8.0-0.2.2.x86_64.rpm MozillaFirefox-devel-8.0-0.2.2.i586.rpm MozillaFirefox-devel-8.0-0.2.2.x86_64.rpm MozillaFirefox-translations-common-8.0-0.2.2.i586.rpm MozillaFirefox-translations-common-8.0-0.2.2.x86_64.rpm MozillaFirefox-translations-other-8.0-0.2.2.i586.rpm MozillaFirefox-translations-other-8.0-0.2.2.x86_64.rpm MozillaThunderbird-3.1.16-0.19.2.i586.rpm MozillaThunderbird-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.16-0.19.2.i586.rpm MozillaThunderbird-buildsymbols-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-devel-3.1.16-0.19.2.i586.rpm MozillaThunderbird-devel-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-translations-common-3.1.16-0.19.2.i586.rpm MozillaThunderbird-translations-common-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-translations-other-3.1.16-0.19.2.i586.rpm MozillaThunderbird-translations-other-3.1.16-0.19.2.x86_64.rpm enigmail-1.1.2+3.1.16-0.19.2.i586.rpm enigmail-1.1.2+3.1.16-0.19.2.x86_64.rpm mozilla-js192-1.9.2.24-0.2.2.i586.rpm mozilla-js192-1.9.2.24-0.2.2.x86_64.rpm mozilla-js192-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-devel-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-gnome-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.24-0.2.2.x86_64.rpm MozillaFirefox-debuginfo-8.0-0.2.2.i586.rpm MozillaFirefox-debuginfo-8.0-0.2.2.x86_64.rpm MozillaFirefox-debugsource-8.0-0.2.2.i586.rpm MozillaFirefox-debugsource-8.0-0.2.2.x86_64.rpm MozillaThunderbird-debuginfo-3.1.16-0.19.2.i586.rpm MozillaThunderbird-debuginfo-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-debugsource-3.1.16-0.19.2.i586.rpm MozillaThunderbird-debugsource-3.1.16-0.19.2.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.16-0.19.2.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.16-0.19.2.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.16-0.19.2.i586.rpm enigmail-debuginfo-1.1.2+3.1.16-0.19.2.x86_64.rpm mozilla-js192-debuginfo-1.9.2.24-0.2.2.i586.rpm mozilla-js192-debuginfo-1.9.2.24-0.2.2.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.24-0.2.2.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.24-0.2.2.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.24-0.2.2.x86_64.rpm puppet Moderate openSUSE 11.4 Puppet's certificate authority issued Puppet agent certificates capable of impersonating the Puppet master. Compromised or rogue puppet agents could therefore use their certificates for MITM attacks (CVE-2011-3872). Note: If you've set the 'certdnsnames' option in your master's puppet.conf file merely installing the updated packages is not sufficient to fix this problem. You need to either pick a new DNS name for the master and reconfigure all agents to use it or re-new certificates on all agents. Please refer to the documentation in /usr/share/doc/packages/puppet/puppetlabs-cve20113872-0.0.5 for detailed instructions and scripts. Puppetlabs' site also provides more information: http://puppetlabs.com/security/cve/cve-2011-3872/faq/ http://puppetlabs.com/blog/important-security-announcement-a ltnames-vulnerability/ -- Directory traversal vulnerability in puppet allowed unauthenticated remote attackers to upload x.509 certificate signing requests to arbitrary locations (CVE-2011-3848) Puppet was prone to several symlink attacks (CVE-2011-3870, CVE-2011-3869, CVE-2011-3871) puppet-2.6.4-4.11.1.i586.rpm puppet-2.6.4-4.11.1.x86_64.rpm puppet-server-2.6.4-4.11.1.i586.rpm puppet-server-2.6.4-4.11.1.x86_64.rpm acroread Critical openSUSE 11.4 acrobat reader was updated to version 9.4.6 to fix several security issues (CVE-2011-1353, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439, CVE-2011-2440, CVE-2011-2441, CVE-2011-2442) acroread-9.4.6-0.5.1.i586.rpm valgrind Low openSUSE 11.4 This update adds missing cases for handling certain variants of Dwarf debug info (bnc#729896) valgrind-3.6.1-1.14.1.i586.rpm valgrind-3.6.1-1.14.1.x86_64.rpm valgrind-devel-3.6.1-1.14.1.i586.rpm valgrind-devel-3.6.1-1.14.1.x86_64.rpm valgrind-debuginfo-3.6.1-1.14.1.i586.rpm valgrind-debuginfo-3.6.1-1.14.1.x86_64.rpm valgrind-debugsource-3.6.1-1.14.1.i586.rpm valgrind-debugsource-3.6.1-1.14.1.x86_64.rpm flash-player Critical openSUSE 11.4 flash-player update to version 11.1.102.55 to fix the following critical security issues: CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460 flash-player-11.1.102.55-0.4.1.i586.rpm flash-player-11.1.102.55-0.4.1.x86_64.rpm icedtea-web Moderate openSUSE 11.4 Update to version 1.1.4 of icedtea-web to fix the following issues: - CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass - PR778: Jar download and server certificate verification deadlock icedtea-web-1.1.4-0.2.1.i586.rpm icedtea-web-1.1.4-0.2.1.x86_64.rpm icedtea-web-javadoc-1.1.4-0.2.1.noarch.rpm wireshark Important openSUSE 11.4 Wireshark version upgrade to 1.4.10 to fix various security flaws and other non-security issues. wireshark-1.4.10-0.8.1.i586.rpm wireshark-1.4.10-0.8.1.x86_64.rpm wireshark-devel-1.4.10-0.8.1.i586.rpm wireshark-devel-1.4.10-0.8.1.x86_64.rpm wireshark-debuginfo-1.4.10-0.8.1.i586.rpm wireshark-debuginfo-1.4.10-0.8.1.x86_64.rpm wireshark-debugsource-1.4.10-0.8.1.i586.rpm wireshark-debugsource-1.4.10-0.8.1.x86_64.rpm flash-player Critical openSUSE 11.4 flash-player update to version 11.1.102.55 to fix the following critical security issues: CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460 flash-player-11.1.102.55-0.6.1.i586.rpm flash-player-11.1.102.55-0.6.1.x86_64.rpm rubygem-actionmailer Moderate openSUSE 11.4 This update of rails fixes the following security issues: CVE-2011-2930 - SQL-injection in quote_table_name function via specially crafted column names (bnc#712062) CVE-2011-2931 - Cross-Site Scripting (XSS) in the strip_tags helper (bnc#712057) CVE-2011-3186 - Response Splitting (bnc#712058) CVE-2010-3933 - Arbitrary modification of records via specially crafted form parameters (bnc#712058) CVE-2011-0446 - Cross-Site Scripting (XSS) in the mail_to helper (bnc#668817) CVE-2011-0447 - Improper validation of 'X-Requested-With' header (bnc#668817) CVE-2011-0448 - SQL-injection caused by improperly sanitized arguments to the limit function (bnc#668817) CVE-2011-0449 - Bypass of access restrictions via specially crafted action names (bnc#668817) rubygem-actionmailer-2.3.14-0.3.1.noarch.rpm rubygem-actionmailer-2_3-2.3.14-0.3.1.i586.rpm rubygem-actionmailer-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-actionmailer-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-actionmailer-2_3-doc-2.3.14-0.3.1.x86_64.rpm rubygem-actionmailer-2_3-testsuite-2.3.14-0.3.1.i586.rpm rubygem-actionmailer-2_3-testsuite-2.3.14-0.3.1.x86_64.rpm rubygem-actionpack-2.3.14-0.3.1.noarch.rpm rubygem-actionpack-2_3-2.3.14-0.3.1.i586.rpm rubygem-actionpack-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-actionpack-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-actionpack-2_3-doc-2.3.14-0.3.1.x86_64.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.3.1.i586.rpm rubygem-actionpack-2_3-testsuite-2.3.14-0.3.1.x86_64.rpm rubygem-activerecord-2.3.14-0.3.1.noarch.rpm rubygem-activerecord-2_3-2.3.14-0.3.1.i586.rpm rubygem-activerecord-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-activerecord-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-activerecord-2_3-doc-2.3.14-0.3.1.x86_64.rpm rubygem-activerecord-2_3-testsuite-2.3.14-0.3.1.i586.rpm rubygem-activerecord-2_3-testsuite-2.3.14-0.3.1.x86_64.rpm rubygem-activeresource-2.3.14-0.3.1.noarch.rpm rubygem-activeresource-2_3-2.3.14-0.3.1.i586.rpm rubygem-activeresource-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-activeresource-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-activeresource-2_3-doc-2.3.14-0.3.1.x86_64.rpm rubygem-activeresource-2_3-testsuite-2.3.14-0.3.1.i586.rpm rubygem-activeresource-2_3-testsuite-2.3.14-0.3.1.x86_64.rpm rubygem-activesupport-2.3.14-0.3.1.noarch.rpm rubygem-activesupport-2_3-2.3.14-0.3.1.i586.rpm rubygem-activesupport-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-activesupport-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-activesupport-2_3-doc-2.3.14-0.3.1.x86_64.rpm rubygem-rack-1.1.2-0.3.1.i586.rpm rubygem-rack-1.1.2-0.3.1.x86_64.rpm rubygem-rails-2.3.14-0.3.1.noarch.rpm rubygem-rails-2_3-2.3.14-0.3.1.i586.rpm rubygem-rails-2_3-2.3.14-0.3.1.x86_64.rpm rubygem-rails-2_3-doc-2.3.14-0.3.1.i586.rpm rubygem-rails-2_3-doc-2.3.14-0.3.1.x86_64.rpm bind Important openSUSE 11.4 specially crafted DNS queries could crash the bind name server (CVE-2011-4313). bind-9.7.4P1-0.2.1.i586.rpm bind-9.7.4P1-0.2.1.x86_64.rpm bind-chrootenv-9.7.4P1-0.2.1.i586.rpm bind-chrootenv-9.7.4P1-0.2.1.x86_64.rpm bind-devel-9.7.4P1-0.2.1.i586.rpm bind-devel-9.7.4P1-0.2.1.x86_64.rpm bind-doc-9.7.4P1-0.2.1.noarch.rpm bind-libs-9.7.4P1-0.2.1.i586.rpm bind-libs-9.7.4P1-0.2.1.x86_64.rpm bind-libs-32bit-9.7.4P1-0.2.1.x86_64.rpm bind-utils-9.7.4P1-0.2.1.i586.rpm bind-utils-9.7.4P1-0.2.1.x86_64.rpm bind-debuginfo-9.7.4P1-0.2.1.i586.rpm bind-debuginfo-9.7.4P1-0.2.1.x86_64.rpm bind-debugsource-9.7.4P1-0.2.1.i586.rpm bind-debugsource-9.7.4P1-0.2.1.x86_64.rpm bind-libs-debuginfo-9.7.4P1-0.2.1.i586.rpm bind-libs-debuginfo-9.7.4P1-0.2.1.x86_64.rpm bind-libs-debuginfo-32bit-9.7.4P1-0.2.1.x86_64.rpm bind-utils-debuginfo-9.7.4P1-0.2.1.i586.rpm bind-utils-debuginfo-9.7.4P1-0.2.1.x86_64.rpm yast2-kerberos-client Low openSUSE 11.4 This update contains the fix for the following issue: - 729174: "yast2 kerberos" and "yast2 ldap" do not generate valid sssd.conf for multiple servers yast2-kerberos-client-2.20.4-0.3.1.noarch.rpm yast2-ldap-client-2.20.14.2-0.2.1.noarch.rpm opensuse-manuals_ru Low openSUSE 11.4 This update provides the complete openSUSE documentation in a Russion translation, provided by openSUSE community members. opensuse-kvm_ru-pdf-11.4-2.2.1.noarch.rpm opensuse-manuals_ru-11.4-2.2.1.noarch.rpm opensuse-reference_ru-pdf-11.4-2.2.1.noarch.rpm opensuse-security_ru-pdf-11.4-2.2.1.noarch.rpm opensuse-startup_ru-pdf-11.4-2.2.1.noarch.rpm opensuse-tuning_ru-pdf-11.4-2.2.1.noarch.rpm libmsn Low openSUSE 11.4 This update fixes the following issue for libmsn: - 729478: Can't connect to MSN libmsn-devel-4.1-6.9.1.i586.rpm libmsn-devel-4.1-6.9.1.x86_64.rpm libmsn0_3-4.1-6.9.1.i586.rpm libmsn0_3-4.1-6.9.1.x86_64.rpm libmsn-debugsource-4.1-6.9.1.i586.rpm libmsn-debugsource-4.1-6.9.1.x86_64.rpm libmsn-devel-debuginfo-4.1-6.9.1.i586.rpm libmsn-devel-debuginfo-4.1-6.9.1.x86_64.rpm libmsn0_3-debuginfo-4.1-6.9.1.i586.rpm libmsn0_3-debuginfo-4.1-6.9.1.x86_64.rpm nginx-0.8 Important openSUSE 11.4 A flaw in the custom DNS resolver of nginx could lead to a heap based buffer overflow which could potentially allow attackers to execute arbitrary code or to cause a Denial of Service (bnc#731084, CVE-2011-4315). nginx-0.8-0.8.53-4.9.1.i586.rpm nginx-0.8-0.8.53-4.9.1.x86_64.rpm nginx-0.8-debuginfo-0.8.53-4.9.1.i586.rpm nginx-0.8-debuginfo-0.8.53-4.9.1.x86_64.rpm nginx-0.8-debugsource-0.8.53-4.9.1.i586.rpm nginx-0.8-debugsource-0.8.53-4.9.1.x86_64.rpm perl Moderate openSUSE 11.4 This update of Perl fixes a heap based buffer overflow in the decode_xs() function (CVE-2011-2939, bnc#728662). perl-5.12.3-11.18.1.i586.rpm perl-5.12.3-11.18.1.x86_64.rpm perl-32bit-5.12.3-11.18.1.x86_64.rpm perl-base-5.12.3-11.18.1.i586.rpm perl-base-5.12.3-11.18.1.x86_64.rpm perl-base-32bit-5.12.3-11.18.1.x86_64.rpm perl-doc-5.12.3-11.18.1.noarch.rpm perl-base-debuginfo-5.12.3-11.18.1.i586.rpm perl-base-debuginfo-5.12.3-11.18.1.x86_64.rpm perl-base-debuginfo-32bit-5.12.3-11.18.1.x86_64.rpm perl-debuginfo-5.12.3-11.18.1.i586.rpm perl-debuginfo-5.12.3-11.18.1.x86_64.rpm perl-debuginfo-32bit-5.12.3-11.18.1.x86_64.rpm perl-debugsource-5.12.3-11.18.1.i586.rpm perl-debugsource-5.12.3-11.18.1.x86_64.rpm atftp Moderate openSUSE 11.4 This update fixes the following issue for atftp: - 727843: provides stability enhancements for tftp usage in packet loss situations ("Sorcerer's Apprentice Syndrome") atftp-0.7.0-143.146.1.i586.rpm atftp-0.7.0-143.146.1.x86_64.rpm atftp-debuginfo-0.7.0-143.146.1.i586.rpm atftp-debuginfo-0.7.0-143.146.1.x86_64.rpm atftp-debugsource-0.7.0-143.146.1.i586.rpm atftp-debugsource-0.7.0-143.146.1.x86_64.rpm finch Moderate openSUSE 11.4 This update fixes the following security issues: - 722199: libpurple vulnerability in SILC protocol handling (CVE-2011-3594) finch-2.7.10-4.5.1.i586.rpm finch-2.7.10-4.5.1.x86_64.rpm finch-devel-2.7.10-4.5.1.i586.rpm finch-devel-2.7.10-4.5.1.x86_64.rpm libpurple-2.7.10-4.5.1.i586.rpm libpurple-2.7.10-4.5.1.x86_64.rpm libpurple-devel-2.7.10-4.5.1.i586.rpm libpurple-devel-2.7.10-4.5.1.x86_64.rpm libpurple-lang-2.7.10-4.5.1.noarch.rpm libpurple-meanwhile-2.7.10-4.5.1.i586.rpm libpurple-meanwhile-2.7.10-4.5.1.x86_64.rpm libpurple-tcl-2.7.10-4.5.1.i586.rpm libpurple-tcl-2.7.10-4.5.1.x86_64.rpm pidgin-2.7.10-4.5.1.i586.rpm pidgin-2.7.10-4.5.1.x86_64.rpm pidgin-devel-2.7.10-4.5.1.i586.rpm pidgin-devel-2.7.10-4.5.1.x86_64.rpm pidgin-evolution-2.7.10-4.5.1.i586.rpm pidgin-evolution-2.7.10-4.5.1.x86_64.rpm finch-debuginfo-2.7.10-4.5.1.i586.rpm finch-debuginfo-2.7.10-4.5.1.x86_64.rpm libpurple-debuginfo-2.7.10-4.5.1.i586.rpm libpurple-debuginfo-2.7.10-4.5.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.7.10-4.5.1.i586.rpm libpurple-meanwhile-debuginfo-2.7.10-4.5.1.x86_64.rpm libpurple-tcl-debuginfo-2.7.10-4.5.1.i586.rpm libpurple-tcl-debuginfo-2.7.10-4.5.1.x86_64.rpm pidgin-debuginfo-2.7.10-4.5.1.i586.rpm pidgin-debuginfo-2.7.10-4.5.1.x86_64.rpm pidgin-debugsource-2.7.10-4.5.1.i586.rpm pidgin-debugsource-2.7.10-4.5.1.x86_64.rpm pidgin-evolution-debuginfo-2.7.10-4.5.1.i586.rpm pidgin-evolution-debuginfo-2.7.10-4.5.1.x86_64.rpm seamonkey Critical openSUSE 11.4 Seamonkey was upgraded to version 2.5 in order to fix the following security problems: dbg114-seamonkey-5487 new_updateinfo seamonkey-5487 MFSA 2011-47/CVE-2011-3648 (bmo#690225) Potential XSS against sites using Shift-JIS dbg114-seamonkey-5487 new_updateinfo seamonkey-5487 MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards dbg114-seamonkey-5487 new_updateinfo seamonkey-5487 MFSA 2011-49/CVE-2011-3650 (bmo#674776) Memory corruption while profiling using Firebug dbg114-seamonkey-5487 new_updateinfo seamonkey-5487 MFSA 2011-52/CVE-2011-3655 (bmo#672182) Code execution via NoWaiverWrapper seamonkey-2.5-0.2.1.i586.rpm seamonkey-2.5-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.5-0.2.1.i586.rpm seamonkey-dom-inspector-2.5-0.2.1.x86_64.rpm seamonkey-irc-2.5-0.2.1.i586.rpm seamonkey-irc-2.5-0.2.1.x86_64.rpm seamonkey-translations-common-2.5-0.2.1.i586.rpm seamonkey-translations-common-2.5-0.2.1.x86_64.rpm seamonkey-translations-other-2.5-0.2.1.i586.rpm seamonkey-translations-other-2.5-0.2.1.x86_64.rpm seamonkey-venkman-2.5-0.2.1.i586.rpm seamonkey-venkman-2.5-0.2.1.x86_64.rpm seamonkey-debuginfo-2.5-0.2.1.i586.rpm seamonkey-debuginfo-2.5-0.2.1.x86_64.rpm seamonkey-debugsource-2.5-0.2.1.i586.rpm seamonkey-debugsource-2.5-0.2.1.x86_64.rpm libxml2 Low openSUSE 11.4 Specially crafted XPath expressions could allow attackers to cause a denial of service or possibly have unspecified other impact (CVE-2011-2821,CVE-2011-2834). libxml2-2.7.8-16.19.1.i586.rpm libxml2-2.7.8-16.19.1.x86_64.rpm libxml2-32bit-2.7.8-16.19.1.x86_64.rpm libxml2-devel-2.7.8-16.19.1.i586.rpm libxml2-devel-2.7.8-16.19.1.x86_64.rpm libxml2-devel-32bit-2.7.8-16.19.1.x86_64.rpm libxml2-doc-2.7.8-16.19.1.noarch.rpm libxml2-debuginfo-2.7.8-16.19.1.i586.rpm libxml2-debuginfo-2.7.8-16.19.1.x86_64.rpm libxml2-debuginfo-32bit-2.7.8-16.19.1.x86_64.rpm libxml2-debugsource-2.7.8-16.19.1.i586.rpm libxml2-debugsource-2.7.8-16.19.1.x86_64.rpm fail2ban Low openSUSE 11.4 This update fixes the following issue for Fail2ban: - Fail2ban doesn't start if fail2ban.sock exists (bnc #730044, bnc #537239). fail2ban-0.8.4-11.14.1.noarch.rpm nspluginwrapper Moderate openSUSE 11.4 This update of nspluginwrapper to version 1.4.4 provides support for private browsing mode in Plugins (bnc#702034, CVE-2011-2486) and many compatibility fixes with various plugins. nspluginwrapper-1.4.4.0.15-0.3.1.i586.rpm nspluginwrapper-1.4.4.0.15-0.3.1.x86_64.rpm nspluginwrapper-debuginfo-1.4.4.0.15-0.3.1.i586.rpm nspluginwrapper-debuginfo-1.4.4.0.15-0.3.1.x86_64.rpm nspluginwrapper-debugsource-1.4.4.0.15-0.3.1.i586.rpm nspluginwrapper-debugsource-1.4.4.0.15-0.3.1.x86_64.rpm MozillaFirefox-branding-openSUSE Important openSUSE 11.4 This update fixes the following issue for MozillaFirefox-branding-openSUSE: - 728520: prevents disabling of extensions MozillaFirefox-branding-openSUSE-5.0-2.7.1.i586.rpm MozillaFirefox-branding-openSUSE-5.0-2.7.1.x86_64.rpm qgit Moderate openSUSE 11.4 This update fixes the following issue for qgit: - 734180: make qgit work with git 1.7.x qgit-2.4-0.3.1.i586.rpm qgit-2.4-0.3.1.x86_64.rpm apache2 Moderate openSUSE 11.4 This update fixes several security issues in the Apache2 webserver. CVE-2011-3368, CVE-2011-4317: This update also includes several fixes for a mod_proxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3607: Integer overflow in ap_pregsub function resulting in a heap based buffer overflow could potentially allow local attackers to gain privileges In addition to that the following changes were made: - new template file: /etc/apache2/vhosts.d/vhost-ssl.template allow TLSv1 only, browser match stuff commented out. - rc script /etc/init.d/apache2: handle reload with deleted binaries by message to stdout only, but refrain from sending signals. apache2-2.2.17-4.11.1.i586.rpm apache2-2.2.17-4.11.1.x86_64.rpm apache2-devel-2.2.17-4.11.1.i586.rpm apache2-devel-2.2.17-4.11.1.x86_64.rpm apache2-doc-2.2.17-4.11.1.noarch.rpm apache2-example-certificates-2.2.17-4.11.1.i586.rpm apache2-example-certificates-2.2.17-4.11.1.x86_64.rpm apache2-example-pages-2.2.17-4.11.1.i586.rpm apache2-example-pages-2.2.17-4.11.1.x86_64.rpm apache2-itk-2.2.17-4.11.1.i586.rpm apache2-itk-2.2.17-4.11.1.x86_64.rpm apache2-prefork-2.2.17-4.11.1.i586.rpm apache2-prefork-2.2.17-4.11.1.x86_64.rpm apache2-utils-2.2.17-4.11.1.i586.rpm apache2-utils-2.2.17-4.11.1.x86_64.rpm apache2-worker-2.2.17-4.11.1.i586.rpm apache2-worker-2.2.17-4.11.1.x86_64.rpm apache2-debuginfo-2.2.17-4.11.1.i586.rpm apache2-debuginfo-2.2.17-4.11.1.x86_64.rpm apache2-debugsource-2.2.17-4.11.1.i586.rpm apache2-debugsource-2.2.17-4.11.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.11.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.11.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.11.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.11.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.11.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.11.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.11.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.11.1.x86_64.rpm softwaremgmt-201112 Low openSUSE 11.4 This update for the update stack provides the following fixes: libzypp: - Allow to turn Resolvers upgrade mode on and off - Fix support for nfs4 when checking mount table PackageKit: - Fix crash when dealing with local rpms with simple names (name.rpm instead of name-x.y.arch.rpm) - Fix Packagekit initializing repos taking a long time PackageKit-0.6.14-0.8.1.i586.rpm 1 PackageKit-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-branding-upstream-0.6.14-0.8.1.noarch.rpm 1 PackageKit-branding-upstream-0.6.14-0.8.1.noarch.rpm 1 PackageKit-browser-plugin-0.6.14-0.8.1.i586.rpm 1 PackageKit-browser-plugin-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-devel-0.6.14-0.8.1.noarch.rpm 1 PackageKit-doc-0.6.14-0.8.1.noarch.rpm 1 PackageKit-gstreamer-plugin-0.6.14-0.8.1.i586.rpm 1 PackageKit-gstreamer-plugin-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-gtk-module-0.6.14-0.8.1.i586.rpm 1 PackageKit-gtk-module-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-lang-0.6.14-0.8.1.noarch.rpm 1 libpackagekit-glib2-14-0.6.14-0.8.1.i586.rpm 1 libpackagekit-glib2-14-0.6.14-0.8.1.x86_64.rpm 1 libpackagekit-glib2-devel-0.6.14-0.8.1.i586.rpm 1 libpackagekit-glib2-devel-0.6.14-0.8.1.x86_64.rpm 1 libpackagekit-qt-devel-0.6.14-0.8.1.i586.rpm 1 libpackagekit-qt-devel-0.6.14-0.8.1.x86_64.rpm 1 libpackagekit-qt14-0.6.14-0.8.1.i586.rpm 1 libpackagekit-qt14-0.6.14-0.8.1.x86_64.rpm 1 libzypp-8.13.1-0.2.3.i586.rpm 1 libzypp-8.13.1-0.2.3.x86_64.rpm 1 libzypp-devel-8.13.1-0.2.3.i586.rpm 1 libzypp-devel-8.13.1-0.2.3.x86_64.rpm 1 PackageKit-browser-plugin-debuginfo-0.6.14-0.8.1.i586.rpm 1 PackageKit-browser-plugin-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-debuginfo-0.6.14-0.8.1.i586.rpm 1 PackageKit-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-debugsource-0.6.14-0.8.1.i586.rpm 1 PackageKit-debugsource-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-gstreamer-plugin-debuginfo-0.6.14-0.8.1.i586.rpm 1 PackageKit-gstreamer-plugin-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 PackageKit-gtk-module-debuginfo-0.6.14-0.8.1.i586.rpm 1 PackageKit-gtk-module-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 libpackagekit-glib2-14-debuginfo-0.6.14-0.8.1.i586.rpm 1 libpackagekit-glib2-14-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 libpackagekit-qt14-debuginfo-0.6.14-0.8.1.i586.rpm 1 libpackagekit-qt14-debuginfo-0.6.14-0.8.1.x86_64.rpm 1 libzypp-debuginfo-8.13.1-0.2.3.i586.rpm 1 libzypp-debuginfo-8.13.1-0.2.3.x86_64.rpm 1 libzypp-debugsource-8.13.1-0.2.3.i586.rpm 1 libzypp-debugsource-8.13.1-0.2.3.x86_64.rpm 1 namazu Moderate openSUSE 11.4 This update fixes the following security issues: - 732323: CVE-2011-4345: namazu: XSS flaw by processing HTTP cookies (CVE-2011-4345) namazu-2.0.20-5.6.1.i586.rpm namazu-2.0.20-5.6.1.x86_64.rpm namazu-cgi-2.0.20-5.6.1.i586.rpm namazu-cgi-2.0.20-5.6.1.x86_64.rpm namazu-devel-2.0.20-5.6.1.i586.rpm namazu-devel-2.0.20-5.6.1.x86_64.rpm namazu-cgi-debuginfo-2.0.20-5.6.1.i586.rpm namazu-cgi-debuginfo-2.0.20-5.6.1.x86_64.rpm namazu-debuginfo-2.0.20-5.6.1.i586.rpm namazu-debuginfo-2.0.20-5.6.1.x86_64.rpm namazu-debugsource-2.0.20-5.6.1.i586.rpm namazu-debugsource-2.0.20-5.6.1.x86_64.rpm opera Moderate openSUSE 11.4 opera was updated to version 11.60 to fix several security issues opera-11.60-0.2.1.i586.rpm opera-11.60-0.2.1.x86_64.rpm opera-gtk-11.60-0.2.1.i586.rpm opera-gtk-11.60-0.2.1.x86_64.rpm opera-kde4-11.60-0.2.1.i586.rpm opera-kde4-11.60-0.2.1.x86_64.rpm python-cupshelpers Moderate openSUSE 11.4 system-config-printer used an unauthenticated connection when downloading printer drivers from openprinting.org (CVE-2011-4405). This update disables the printer driver download feature. system-config-printer did not properly quote shell meta characters in SMB server or workgroup names when passing them to the shell (CVE-2011-2899). python-cupshelpers-1.2.5-5.8.1.i586.rpm python-cupshelpers-1.2.5-5.8.1.x86_64.rpm system-config-printer-1.2.5-5.8.1.i586.rpm system-config-printer-1.2.5-5.8.1.x86_64.rpm system-config-printer-lang-1.2.5-5.8.1.noarch.rpm udev-configure-printer-1.2.5-5.8.1.i586.rpm udev-configure-printer-1.2.5-5.8.1.x86_64.rpm system-config-printer-debugsource-1.2.5-5.8.1.i586.rpm system-config-printer-debugsource-1.2.5-5.8.1.x86_64.rpm udev-configure-printer-debuginfo-1.2.5-5.8.1.i586.rpm udev-configure-printer-debuginfo-1.2.5-5.8.1.x86_64.rpm dhcp Moderate openSUSE 11.4 Specially crafted requests could crash dhcpd if the server used regular expressions for matching (CVE-2011-4539). dhcp-4.2.1-0.11.1.i586.rpm dhcp-4.2.1-0.11.1.x86_64.rpm dhcp-client-4.2.1-0.11.1.i586.rpm dhcp-client-4.2.1-0.11.1.x86_64.rpm dhcp-devel-4.2.1-0.11.1.i586.rpm dhcp-devel-4.2.1-0.11.1.x86_64.rpm dhcp-doc-4.2.1-0.11.1.i586.rpm dhcp-doc-4.2.1-0.11.1.x86_64.rpm dhcp-relay-4.2.1-0.11.1.i586.rpm dhcp-relay-4.2.1-0.11.1.x86_64.rpm dhcp-server-4.2.1-0.11.1.i586.rpm dhcp-server-4.2.1-0.11.1.x86_64.rpm dhcp-client-debuginfo-4.2.1-0.11.1.i586.rpm dhcp-client-debuginfo-4.2.1-0.11.1.x86_64.rpm dhcp-debuginfo-4.2.1-0.11.1.i586.rpm dhcp-debuginfo-4.2.1-0.11.1.x86_64.rpm dhcp-debugsource-4.2.1-0.11.1.i586.rpm dhcp-debugsource-4.2.1-0.11.1.x86_64.rpm dhcp-relay-debuginfo-4.2.1-0.11.1.i586.rpm dhcp-relay-debuginfo-4.2.1-0.11.1.x86_64.rpm dhcp-server-debuginfo-4.2.1-0.11.1.i586.rpm dhcp-server-debuginfo-4.2.1-0.11.1.x86_64.rpm papyon Moderate openSUSE 11.4 This update fixes the following issue for papyon: - 730654: papyon can connect to MSN again papyon-0.5.6-0.3.1.noarch.rpm libpcsclite1 Moderate openSUSE 11.4 This update moves libpscsclite.so to the main package to fix the following issue for pcsc-lite: - 732911: impossible retrieve list of terminals in any popular JVM - other third party packages may be affected as well libpcsclite1-1.7.2-5.7.1.i586.rpm libpcsclite1-1.7.2-5.7.1.x86_64.rpm libpcsclite1-32bit-1.7.2-5.7.1.x86_64.rpm pcsc-lite-1.7.2-5.7.1.i586.rpm pcsc-lite-1.7.2-5.7.1.x86_64.rpm pcsc-lite-devel-1.7.2-5.7.1.i586.rpm pcsc-lite-devel-1.7.2-5.7.1.x86_64.rpm libpcsclite1-debuginfo-1.7.2-5.7.1.i586.rpm libpcsclite1-debuginfo-1.7.2-5.7.1.x86_64.rpm libpcsclite1-debuginfo-32bit-1.7.2-5.7.1.x86_64.rpm pcsc-lite-debuginfo-1.7.2-5.7.1.i586.rpm pcsc-lite-debuginfo-1.7.2-5.7.1.x86_64.rpm pcsc-lite-debugsource-1.7.2-5.7.1.i586.rpm pcsc-lite-debugsource-1.7.2-5.7.1.x86_64.rpm ecryptfs-utils Moderate openSUSE 11.4 mount.ecrpytfs_private did not set correct group ownerships when it modifies mtab (CVE-2011-3145). ecryptfs-utils-83-6.9.1.i586.rpm ecryptfs-utils-83-6.9.1.x86_64.rpm ecryptfs-utils-32bit-83-6.9.1.x86_64.rpm ecryptfs-utils-debuginfo-83-6.9.1.i586.rpm ecryptfs-utils-debuginfo-83-6.9.1.x86_64.rpm ecryptfs-utils-debuginfo-32bit-83-6.9.1.x86_64.rpm ecryptfs-utils-debugsource-83-6.9.1.i586.rpm ecryptfs-utils-debugsource-83-6.9.1.x86_64.rpm eject Moderate openSUSE 11.4 This update fixes the following issue for eject: - 716644: eject SEGFAULT in libc eject-2.1.0-152.153.1.i586.rpm eject-2.1.0-152.153.1.x86_64.rpm eject-debuginfo-2.1.0-152.153.1.i586.rpm eject-debuginfo-2.1.0-152.153.1.x86_64.rpm eject-debugsource-2.1.0-152.153.1.i586.rpm eject-debugsource-2.1.0-152.153.1.x86_64.rpm jasper Important openSUSE 11.4 Specially crafted JPEG2000 files could cause a heap buffer overflow in jasper (CVE-2011-4516, CVE-2011-4517) jasper-1.900.1-146.147.1.i586.rpm jasper-1.900.1-146.147.1.x86_64.rpm libjasper-devel-1.900.1-146.147.1.i586.rpm libjasper-devel-1.900.1-146.147.1.x86_64.rpm libjasper1-1.900.1-146.147.1.i586.rpm libjasper1-1.900.1-146.147.1.x86_64.rpm libjasper1-32bit-1.900.1-146.147.1.x86_64.rpm jasper-debuginfo-1.900.1-146.147.1.i586.rpm jasper-debuginfo-1.900.1-146.147.1.x86_64.rpm jasper-debugsource-1.900.1-146.147.1.i586.rpm jasper-debugsource-1.900.1-146.147.1.x86_64.rpm libjasper1-debuginfo-1.900.1-146.147.1.i586.rpm libjasper1-debuginfo-1.900.1-146.147.1.x86_64.rpm libjasper1-debuginfo-32bit-1.900.1-146.147.1.x86_64.rpm sudo Low openSUSE 11.4 This update fixes the following issue for sudo: - 720181: manpage-fix sudo -i unsets $DISPLAY sudo-1.7.6p2-0.5.1.i586.rpm sudo-1.7.6p2-0.5.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.5.1.i586.rpm sudo-debuginfo-1.7.6p2-0.5.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.5.1.i586.rpm sudo-debugsource-1.7.6p2-0.5.1.x86_64.rpm dovecot20 Moderate openSUSE 11.4 In proxy mode dovecot did not verify that the SSL certificate of the remote actually matched the server name. Dovecot was updated to version 2.0.16 which fixes the problem. dovecot20-2.0.16-0.2.1.i586.rpm dovecot20-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-mysql-2.0.16-0.2.1.i586.rpm dovecot20-backend-mysql-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-pgsql-2.0.16-0.2.1.i586.rpm dovecot20-backend-pgsql-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-sqlite-2.0.16-0.2.1.i586.rpm dovecot20-backend-sqlite-2.0.16-0.2.1.x86_64.rpm dovecot20-devel-2.0.16-0.2.1.i586.rpm dovecot20-devel-2.0.16-0.2.1.x86_64.rpm dovecot20-fts-solr-2.0.16-0.2.1.i586.rpm dovecot20-fts-solr-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-mysql-debuginfo-2.0.16-0.2.1.i586.rpm dovecot20-backend-mysql-debuginfo-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-pgsql-debuginfo-2.0.16-0.2.1.i586.rpm dovecot20-backend-pgsql-debuginfo-2.0.16-0.2.1.x86_64.rpm dovecot20-backend-sqlite-debuginfo-2.0.16-0.2.1.i586.rpm dovecot20-backend-sqlite-debuginfo-2.0.16-0.2.1.x86_64.rpm dovecot20-debuginfo-2.0.16-0.2.1.i586.rpm dovecot20-debuginfo-2.0.16-0.2.1.x86_64.rpm dovecot20-debugsource-2.0.16-0.2.1.i586.rpm dovecot20-debugsource-2.0.16-0.2.1.x86_64.rpm dovecot20-fts-solr-debuginfo-2.0.16-0.2.1.i586.rpm dovecot20-fts-solr-debuginfo-2.0.16-0.2.1.x86_64.rpm freetype2 Important openSUSE 11.4 This update of freetype2 fixes multiple security flaws that could allow attackers to cause a denial of service or to execute arbitrary code via specially crafted fonts (CVE-2011-3256, CVE-2011-3439). freetype2-devel-2.4.4-7.10.1.i586.rpm freetype2-devel-2.4.4-7.10.1.x86_64.rpm freetype2-devel-32bit-2.4.4-7.10.1.x86_64.rpm libfreetype6-2.4.4-7.10.1.i586.rpm libfreetype6-2.4.4-7.10.1.x86_64.rpm libfreetype6-32bit-2.4.4-7.10.1.x86_64.rpm freetype2-debugsource-2.4.4-7.10.1.i586.rpm freetype2-debugsource-2.4.4-7.10.1.x86_64.rpm libfreetype6-debuginfo-2.4.4-7.10.1.i586.rpm libfreetype6-debuginfo-2.4.4-7.10.1.x86_64.rpm libfreetype6-debuginfo-32bit-2.4.4-7.10.1.x86_64.rpm xfce4-panel-plugin-battery Moderate openSUSE 11.4 This update fixes the following issue for xfce4-panel-plugin-xkb: - 734851: fixed major memory leak with version update to 0.5.4.2 xfce4-panel-plugin-battery-1.0.0-2.3.1.i586.rpm xfce4-panel-plugin-battery-1.0.0-2.3.1.x86_64.rpm xfce4-panel-plugin-cddrive-0.0.1-19.3.1.i586.rpm xfce4-panel-plugin-cddrive-0.0.1-19.3.1.x86_64.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.3.1.i586.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.3.1.x86_64.rpm xfce4-panel-plugin-clipman-1.1.3-18.3.1.i586.rpm xfce4-panel-plugin-clipman-1.1.3-18.3.1.x86_64.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.3.1.i586.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.3.1.x86_64.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.3.1.i586.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.3.1.x86_64.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.3.1.i586.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.3.1.x86_64.rpm xfce4-panel-plugin-datetime-0.6.1-18.3.1.i586.rpm xfce4-panel-plugin-datetime-0.6.1-18.3.1.x86_64.rpm xfce4-panel-plugin-diskperf-2.3.0-3.3.1.i586.rpm xfce4-panel-plugin-diskperf-2.3.0-3.3.1.x86_64.rpm xfce4-panel-plugin-eyes-4.4.1-2.3.1.i586.rpm xfce4-panel-plugin-eyes-4.4.1-2.3.1.x86_64.rpm xfce4-panel-plugin-fsguard-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-fsguard-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-genmon-3.2-24.3.1.i586.rpm xfce4-panel-plugin-genmon-3.2-24.3.1.x86_64.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.3.1.i586.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.3.1.x86_64.rpm xfce4-panel-plugin-mount-0.5.5-18.3.1.i586.rpm xfce4-panel-plugin-mount-0.5.5-18.3.1.x86_64.rpm xfce4-panel-plugin-mpc-0.3.6-3.3.1.i586.rpm xfce4-panel-plugin-mpc-0.3.6-3.3.1.x86_64.rpm xfce4-panel-plugin-netload-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-netload-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-notes-1.7.7-6.3.1.i586.rpm xfce4-panel-plugin-notes-1.7.7-6.3.1.x86_64.rpm xfce4-panel-plugin-places-1.2.0-17.3.1.i586.rpm xfce4-panel-plugin-places-1.2.0-17.3.1.x86_64.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.3.1.i586.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.3.1.x86_64.rpm xfce4-panel-plugin-radio-0.4.4-6.3.1.i586.rpm xfce4-panel-plugin-radio-0.4.4-6.3.1.x86_64.rpm xfce4-panel-plugin-screenshooter-1.7.9.99_git20110203-5.10.1.i586.rpm xfce4-panel-plugin-screenshooter-1.7.9.99_git20110203-5.10.1.x86_64.rpm xfce4-panel-plugin-sensors-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-sensors-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.3.1.i586.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.3.1.x86_64.rpm xfce4-panel-plugin-systemload-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-systemload-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-timeout-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-timeout-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-timer-0.6.1-18.3.1.i586.rpm xfce4-panel-plugin-timer-0.6.1-18.3.1.x86_64.rpm xfce4-panel-plugin-verve-1.0.0-4.3.1.i586.rpm xfce4-panel-plugin-verve-1.0.0-4.3.1.x86_64.rpm xfce4-panel-plugin-wavelan-0.5.6-6.3.1.i586.rpm xfce4-panel-plugin-wavelan-0.5.6-6.3.1.x86_64.rpm xfce4-panel-plugin-weather-0.7.4-3.3.1.i586.rpm xfce4-panel-plugin-weather-0.7.4-3.3.1.x86_64.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.3.1.i586.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.3.1.x86_64.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.3.1.i586.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.3.1.x86_64.rpm xfce4-panel-plugin-xmms-0.5.3-3.3.1.i586.rpm xfce4-panel-plugin-xmms-0.5.3-3.3.1.x86_64.rpm xfce4-panel-plugin-screenshooter-debuginfo-1.7.9.99_git20110203-5.10.1.i586.rpm xfce4-panel-plugin-screenshooter-debuginfo-1.7.9.99_git20110203-5.10.1.x86_64.rpm glibc Important openSUSE 11.4 Specially crafted time zone files could cause a heap overflow in glibc (CVE-2009-5029). glibc-2.11.3-12.21.1.i586.rpm glibc-2.11.3-12.21.1.i686.rpm glibc-2.11.3-12.21.1.x86_64.rpm glibc-32bit-2.11.3-12.21.1.x86_64.rpm glibc-devel-2.11.3-12.21.1.i586.rpm glibc-devel-2.11.3-12.21.1.i686.rpm glibc-devel-2.11.3-12.21.1.x86_64.rpm glibc-devel-32bit-2.11.3-12.21.1.x86_64.rpm glibc-html-2.11.3-12.21.1.i586.rpm glibc-html-2.11.3-12.21.1.x86_64.rpm glibc-i18ndata-2.11.3-12.21.1.i586.rpm glibc-i18ndata-2.11.3-12.21.1.x86_64.rpm glibc-info-2.11.3-12.21.1.i586.rpm glibc-info-2.11.3-12.21.1.x86_64.rpm glibc-locale-2.11.3-12.21.1.i586.rpm glibc-locale-2.11.3-12.21.1.x86_64.rpm glibc-locale-32bit-2.11.3-12.21.1.x86_64.rpm glibc-obsolete-2.11.3-12.21.1.i586.rpm glibc-obsolete-2.11.3-12.21.1.x86_64.rpm glibc-profile-2.11.3-12.21.1.i586.rpm glibc-profile-2.11.3-12.21.1.x86_64.rpm glibc-profile-32bit-2.11.3-12.21.1.x86_64.rpm nscd-2.11.3-12.21.1.i586.rpm nscd-2.11.3-12.21.1.x86_64.rpm glibc-debuginfo-2.11.3-12.21.1.i586.rpm glibc-debuginfo-2.11.3-12.21.1.i686.rpm glibc-debuginfo-2.11.3-12.21.1.x86_64.rpm glibc-debuginfo-32bit-2.11.3-12.21.1.x86_64.rpm glibc-debugsource-2.11.3-12.21.1.i586.rpm glibc-debugsource-2.11.3-12.21.1.i686.rpm glibc-debugsource-2.11.3-12.21.1.x86_64.rpm glibc-devel-debuginfo-2.11.3-12.21.1.i586.rpm glibc-devel-debuginfo-2.11.3-12.21.1.i686.rpm glibc-devel-debuginfo-2.11.3-12.21.1.x86_64.rpm glibc-devel-debuginfo-32bit-2.11.3-12.21.1.x86_64.rpm glibc-locale-debuginfo-2.11.3-12.21.1.i586.rpm glibc-locale-debuginfo-2.11.3-12.21.1.x86_64.rpm glibc-locale-debuginfo-32bit-2.11.3-12.21.1.x86_64.rpm glibc-obsolete-debuginfo-2.11.3-12.21.1.i586.rpm nscd-debuginfo-2.11.3-12.21.1.i586.rpm nscd-debuginfo-2.11.3-12.21.1.x86_64.rpm pam-modules Important openSUSE 11.4 The previous pam-modules update introduced a regression that could lead to crashes with pam authentication in multi-threaded programs. - 735220: pam crashes in multi-threaded environment pam-modules-11.4-3.6.1.i586.rpm pam-modules-11.4-3.6.1.x86_64.rpm pam-modules-32bit-11.4-3.6.1.x86_64.rpm pam-modules-debuginfo-11.4-3.6.1.i586.rpm pam-modules-debuginfo-11.4-3.6.1.x86_64.rpm pam-modules-debuginfo-32bit-11.4-3.6.1.x86_64.rpm pam-modules-debugsource-11.4-3.6.1.i586.rpm pam-modules-debugsource-11.4-3.6.1.x86_64.rpm finch Moderate openSUSE 11.4 Remote users could crash pidgin via ICQ, SILC, XMPP and Yahoo protocols (CVE-2011-4601, CVE-2011-4603, CVE-2011-4602, CVE-2011-1091). finch-2.7.10-4.7.1.i586.rpm finch-2.7.10-4.7.1.x86_64.rpm finch-devel-2.7.10-4.7.1.i586.rpm finch-devel-2.7.10-4.7.1.x86_64.rpm libpurple-2.7.10-4.7.1.i586.rpm libpurple-2.7.10-4.7.1.x86_64.rpm libpurple-devel-2.7.10-4.7.1.i586.rpm libpurple-devel-2.7.10-4.7.1.x86_64.rpm libpurple-lang-2.7.10-4.7.1.noarch.rpm libpurple-meanwhile-2.7.10-4.7.1.i586.rpm libpurple-meanwhile-2.7.10-4.7.1.x86_64.rpm libpurple-tcl-2.7.10-4.7.1.i586.rpm libpurple-tcl-2.7.10-4.7.1.x86_64.rpm pidgin-2.7.10-4.7.1.i586.rpm pidgin-2.7.10-4.7.1.x86_64.rpm pidgin-devel-2.7.10-4.7.1.i586.rpm pidgin-devel-2.7.10-4.7.1.x86_64.rpm pidgin-evolution-2.7.10-4.7.1.i586.rpm pidgin-evolution-2.7.10-4.7.1.x86_64.rpm finch-debuginfo-2.7.10-4.7.1.i586.rpm finch-debuginfo-2.7.10-4.7.1.x86_64.rpm libpurple-debuginfo-2.7.10-4.7.1.i586.rpm libpurple-debuginfo-2.7.10-4.7.1.x86_64.rpm libpurple-meanwhile-debuginfo-2.7.10-4.7.1.i586.rpm libpurple-meanwhile-debuginfo-2.7.10-4.7.1.x86_64.rpm libpurple-tcl-debuginfo-2.7.10-4.7.1.i586.rpm libpurple-tcl-debuginfo-2.7.10-4.7.1.x86_64.rpm pidgin-debuginfo-2.7.10-4.7.1.i586.rpm pidgin-debuginfo-2.7.10-4.7.1.x86_64.rpm pidgin-debugsource-2.7.10-4.7.1.i586.rpm pidgin-debugsource-2.7.10-4.7.1.x86_64.rpm pidgin-evolution-debuginfo-2.7.10-4.7.1.i586.rpm pidgin-evolution-debuginfo-2.7.10-4.7.1.x86_64.rpm nss-201112 Moderate openSUSE 11.4 The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems. Following security issues were fixed: dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SSL 2.0 is disabled by default dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it. bnc# dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SHA-224 is supported dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096) (CVE-2011-3640) Also following bugs were fixed: dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 fix spec file syntax for qemu-workaround dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090) dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 better SHA-224 support (bmo#647706) dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SHA-224 is supported dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added NSS_GetVersion to return the NSS version string dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added experimental support of RSA-PSS to the softoken only libfreebl3-3.13.1-0.2.1.i586.rpm libfreebl3-3.13.1-0.2.1.x86_64.rpm libfreebl3-32bit-3.13.1-0.2.1.x86_64.rpm libsoftokn3-3.13.1-0.2.1.i586.rpm libsoftokn3-3.13.1-0.2.1.x86_64.rpm libsoftokn3-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-3.13.1-0.2.1.i586.rpm mozilla-nss-3.13.1-0.2.1.x86_64.rpm mozilla-nss-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-certs-3.13.1-0.2.1.i586.rpm mozilla-nss-certs-3.13.1-0.2.1.x86_64.rpm mozilla-nss-certs-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-devel-3.13.1-0.2.1.i586.rpm mozilla-nss-devel-3.13.1-0.2.1.x86_64.rpm mozilla-nss-sysinit-3.13.1-0.2.1.i586.rpm mozilla-nss-sysinit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-sysinit-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-tools-3.13.1-0.2.1.i586.rpm mozilla-nss-tools-3.13.1-0.2.1.x86_64.rpm libfreebl3-debuginfo-3.13.1-0.2.1.i586.rpm libfreebl3-debuginfo-3.13.1-0.2.1.x86_64.rpm libfreebl3-debuginfo-32bit-3.13.1-0.2.1.x86_64.rpm libsoftokn3-debuginfo-3.13.1-0.2.1.i586.rpm libsoftokn3-debuginfo-3.13.1-0.2.1.x86_64.rpm libsoftokn3-debuginfo-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.13.1-0.2.1.i586.rpm mozilla-nss-certs-debuginfo-3.13.1-0.2.1.x86_64.rpm mozilla-nss-certs-debuginfo-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-debuginfo-3.13.1-0.2.1.i586.rpm mozilla-nss-debuginfo-3.13.1-0.2.1.x86_64.rpm mozilla-nss-debuginfo-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-debugsource-3.13.1-0.2.1.i586.rpm mozilla-nss-debugsource-3.13.1-0.2.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.13.1-0.2.1.i586.rpm mozilla-nss-sysinit-debuginfo-3.13.1-0.2.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-32bit-3.13.1-0.2.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.13.1-0.2.1.i586.rpm mozilla-nss-tools-debuginfo-3.13.1-0.2.1.x86_64.rpm libpolkit-qt-1-1 Low openSUSE 11.4 This update fixes a policykit agent crash at KDE logout. - #736158: PolicyKit crashes at KDE logout libpolkit-qt-1-1-0.99.1-6.7.1.i586.rpm libpolkit-qt-1-1-0.99.1-6.7.1.x86_64.rpm libpolkit-qt-1-devel-0.99.1-6.7.1.i586.rpm libpolkit-qt-1-devel-0.99.1-6.7.1.x86_64.rpm libpolkit-qt-1-1-debuginfo-0.99.1-6.7.1.i586.rpm libpolkit-qt-1-1-debuginfo-0.99.1-6.7.1.x86_64.rpm polkit-qt-1-debugsource-0.99.1-6.7.1.i586.rpm polkit-qt-1-debugsource-0.99.1-6.7.1.x86_64.rpm seamonkey Important openSUSE 11.4 seamonkey version 2.6 fixes several security issues: dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript via SVG animation dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes seamonkey-2.6-0.2.1.i586.rpm seamonkey-2.6-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.6-0.2.1.i586.rpm seamonkey-dom-inspector-2.6-0.2.1.x86_64.rpm seamonkey-irc-2.6-0.2.1.i586.rpm seamonkey-irc-2.6-0.2.1.x86_64.rpm seamonkey-translations-common-2.6-0.2.1.i586.rpm seamonkey-translations-common-2.6-0.2.1.x86_64.rpm seamonkey-translations-other-2.6-0.2.1.i586.rpm seamonkey-translations-other-2.6-0.2.1.x86_64.rpm seamonkey-venkman-2.6-0.2.1.i586.rpm seamonkey-venkman-2.6-0.2.1.x86_64.rpm seamonkey-debuginfo-2.6-0.2.1.i586.rpm seamonkey-debuginfo-2.6-0.2.1.x86_64.rpm seamonkey-debugsource-2.6-0.2.1.i586.rpm seamonkey-debugsource-2.6-0.2.1.x86_64.rpm FastCGI Low openSUSE 11.4 This update fixes the following security issues: - 735882: FastCGI: bypass authentication (CVE-2011-2766) FastCGI-2.4.0-149.150.1.i586.rpm FastCGI-2.4.0-149.150.1.x86_64.rpm FastCGI-devel-2.4.0-149.150.1.i586.rpm FastCGI-devel-2.4.0-149.150.1.x86_64.rpm perl-FastCGI-2.4.0-149.150.1.i586.rpm perl-FastCGI-2.4.0-149.150.1.x86_64.rpm FastCGI-debuginfo-2.4.0-149.150.1.i586.rpm FastCGI-debuginfo-2.4.0-149.150.1.x86_64.rpm FastCGI-debugsource-2.4.0-149.150.1.i586.rpm FastCGI-debugsource-2.4.0-149.150.1.x86_64.rpm perl-FastCGI-debuginfo-2.4.0-149.150.1.i586.rpm perl-FastCGI-debuginfo-2.4.0-149.150.1.x86_64.rpm gvim Low openSUSE 11.4 This update fixes vim aborting when executing python scripts. - #510306: vim crashes with "Vim: caught deadly signal ABRT" if i try to execute a python script gvim-7.3-6.7.1.i586.rpm gvim-7.3-6.7.1.x86_64.rpm vim-7.3-6.7.1.i586.rpm vim-7.3-6.7.1.x86_64.rpm vim-base-7.3-6.7.1.i586.rpm vim-base-7.3-6.7.1.x86_64.rpm vim-data-7.3-6.7.1.noarch.rpm vim-enhanced-7.3-6.7.1.i586.rpm vim-enhanced-7.3-6.7.1.x86_64.rpm gvim-debuginfo-7.3-6.7.1.i586.rpm gvim-debuginfo-7.3-6.7.1.x86_64.rpm vim-base-debuginfo-7.3-6.7.1.i586.rpm vim-base-debuginfo-7.3-6.7.1.x86_64.rpm vim-debuginfo-7.3-6.7.1.i586.rpm vim-debuginfo-7.3-6.7.1.x86_64.rpm vim-debugsource-7.3-6.7.1.i586.rpm vim-debugsource-7.3-6.7.1.x86_64.rpm vim-enhanced-debuginfo-7.3-6.7.1.i586.rpm vim-enhanced-debuginfo-7.3-6.7.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 Mozilla Firefox Version 9 fixes several security issues: dbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards dbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library dbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access dbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript via SVG animation dbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes MozillaFirefox-9.0-0.2.1.i586.rpm MozillaFirefox-9.0-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-9.0-0.2.1.i586.rpm MozillaFirefox-branding-upstream-9.0-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-9.0-0.2.1.i586.rpm MozillaFirefox-buildsymbols-9.0-0.2.1.x86_64.rpm MozillaFirefox-devel-9.0-0.2.1.i586.rpm MozillaFirefox-devel-9.0-0.2.1.x86_64.rpm MozillaFirefox-translations-common-9.0-0.2.1.i586.rpm MozillaFirefox-translations-common-9.0-0.2.1.x86_64.rpm MozillaFirefox-translations-other-9.0-0.2.1.i586.rpm MozillaFirefox-translations-other-9.0-0.2.1.x86_64.rpm mozilla-js192-1.9.2.25-0.2.1.i586.rpm mozilla-js192-1.9.2.25-0.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.25-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-9.0-0.2.1.i586.rpm MozillaFirefox-debuginfo-9.0-0.2.1.x86_64.rpm MozillaFirefox-debugsource-9.0-0.2.1.i586.rpm MozillaFirefox-debugsource-9.0-0.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.25-0.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.25-0.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.25-0.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.25-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.25-0.2.1.x86_64.rpm postfix Low openSUSE 11.4 This update fixes the following issue for postfix: - 728308: warning output after update the postfix package. Since the post installation script of postfix does not execute the SuSEconfig postfix module the postmaps will not be recreated even the new postfix version modifies this. This couses a lot of warnings in the mail log. postfix-2.7.2-13.18.1.i586.rpm postfix-2.7.2-13.18.1.x86_64.rpm postfix-devel-2.7.2-13.18.1.i586.rpm postfix-devel-2.7.2-13.18.1.x86_64.rpm postfix-doc-2.7.2-13.18.1.noarch.rpm postfix-mysql-2.7.2-13.18.1.i586.rpm postfix-mysql-2.7.2-13.18.1.x86_64.rpm postfix-postgresql-2.7.2-13.18.1.i586.rpm postfix-postgresql-2.7.2-13.18.1.x86_64.rpm postfix-debuginfo-2.7.2-13.18.1.i586.rpm postfix-debuginfo-2.7.2-13.18.1.x86_64.rpm postfix-debugsource-2.7.2-13.18.1.i586.rpm postfix-debugsource-2.7.2-13.18.1.x86_64.rpm postfix-mysql-debuginfo-2.7.2-13.18.1.i586.rpm postfix-mysql-debuginfo-2.7.2-13.18.1.x86_64.rpm postfix-postgresql-debuginfo-2.7.2-13.18.1.i586.rpm postfix-postgresql-debuginfo-2.7.2-13.18.1.x86_64.rpm squid Moderate openSUSE 11.4 This update fixes the following security issues: - 587375: NULL deref via HTCP request (CVE-2010-0639) squid-2.7.STABLE6-10.11.1.i586.rpm squid-2.7.STABLE6-10.11.1.x86_64.rpm squid-debuginfo-2.7.STABLE6-10.11.1.i586.rpm squid-debuginfo-2.7.STABLE6-10.11.1.x86_64.rpm squid-debugsource-2.7.STABLE6-10.11.1.i586.rpm squid-debugsource-2.7.STABLE6-10.11.1.x86_64.rpm squid3 Moderate openSUSE 11.4 This update fixes the following security issue: - 727492: Invalid free by processing CNAME (CVE-2011-4096) This update also fixes the following non-security issue: - 737905: installation creates empty spurious file "/1" squid3-3.1.11-4.9.1.i586.rpm squid3-3.1.11-4.9.1.x86_64.rpm squid3-debuginfo-3.1.11-4.9.1.i586.rpm squid3-debuginfo-3.1.11-4.9.1.x86_64.rpm squid3-debugsource-3.1.11-4.9.1.i586.rpm squid3-debugsource-3.1.11-4.9.1.x86_64.rpm net6 Moderate openSUSE 11.4 this update fixes an information disclosure and a connection hijacking vulnerability (CVE-2011-4091, CVE-2011-4093). net6-1.3.14-0.3.1.i586.rpm net6-1.3.14-0.3.1.x86_64.rpm net6-devel-1.3.14-0.3.1.i586.rpm net6-devel-1.3.14-0.3.1.x86_64.rpm net6-lang-1.3.14-0.3.1.noarch.rpm net6-debuginfo-1.3.14-0.3.1.i586.rpm net6-debuginfo-1.3.14-0.3.1.x86_64.rpm net6-debugsource-1.3.14-0.3.1.i586.rpm net6-debugsource-1.3.14-0.3.1.x86_64.rpm iptables Low openSUSE 11.4 This update fixes the following issue for iptables: - 730161: iptables-apply uses unknown command "tempfile" iptables-1.4.10-4.5.1.i586.rpm iptables-1.4.10-4.5.1.x86_64.rpm iptables-devel-1.4.10-4.5.1.i586.rpm iptables-devel-1.4.10-4.5.1.x86_64.rpm iptables-debuginfo-1.4.10-4.5.1.i586.rpm iptables-debuginfo-1.4.10-4.5.1.x86_64.rpm iptables-debugsource-1.4.10-4.5.1.i586.rpm iptables-debugsource-1.4.10-4.5.1.x86_64.rpm krb5-appl Important openSUSE 11.4 This update of krb5 applications fixes two security issues. CVE-2011-4862: A remote code execution in the kerberized telnet daemon was fixed. (This only affects the ktelnetd from the krb5-appl RPM, not the regular telnetd supplied by SUSE.) CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd unauthorized file access problems. krb5-appl-clients-1.0-7.12.1.i586.rpm krb5-appl-clients-1.0-7.12.1.x86_64.rpm krb5-appl-servers-1.0-7.12.1.i586.rpm krb5-appl-servers-1.0-7.12.1.x86_64.rpm krb5-appl-clients-debuginfo-1.0-7.12.1.i586.rpm krb5-appl-clients-debuginfo-1.0-7.12.1.x86_64.rpm krb5-appl-debugsource-1.0-7.12.1.i586.rpm krb5-appl-debugsource-1.0-7.12.1.x86_64.rpm krb5-appl-servers-debuginfo-1.0-7.12.1.i586.rpm krb5-appl-servers-debuginfo-1.0-7.12.1.x86_64.rpm tar Important openSUSE 11.4 The previous update of tar caused accessing files that are offline (where non-blocking read fails with EAGAIN) to be no longer archived. This update reverts the change to non-blocking mode, which avoids this issue. tar-1.26-1.5.1.i586.rpm tar-1.26-1.5.1.x86_64.rpm tar-backup-scripts-1.26-1.5.1.i586.rpm tar-backup-scripts-1.26-1.5.1.x86_64.rpm tar-lang-1.26-1.5.1.noarch.rpm tar-debuginfo-1.26-1.5.1.i586.rpm tar-debuginfo-1.26-1.5.1.x86_64.rpm tar-debugsource-1.26-1.5.1.i586.rpm tar-debugsource-1.26-1.5.1.x86_64.rpm device-mapper Moderate openSUSE 11.4 This update fixes the following issue for device-mapper: - 662053: mkinitrd fails to recognize root on lvm on md device-mapper-1.02.49-19.22.1.i586.rpm device-mapper-1.02.49-19.22.1.x86_64.rpm device-mapper-32bit-1.02.49-19.22.1.x86_64.rpm device-mapper-devel-1.02.49-19.22.1.i586.rpm device-mapper-devel-1.02.49-19.22.1.x86_64.rpm device-mapper-devel-32bit-1.02.49-19.22.1.x86_64.rpm lvm2-2.02.67-18.22.1.i586.rpm lvm2-2.02.67-18.22.1.x86_64.rpm lvm2-clvm-2.02.67-18.22.1.i586.rpm lvm2-clvm-2.02.67-18.22.1.x86_64.rpm device-mapper-debuginfo-1.02.49-19.22.1.i586.rpm device-mapper-debuginfo-1.02.49-19.22.1.x86_64.rpm device-mapper-debuginfo-32bit-1.02.49-19.22.1.x86_64.rpm device-mapper-debugsource-1.02.49-19.22.1.i586.rpm device-mapper-debugsource-1.02.49-19.22.1.x86_64.rpm lvm2-clvm-debuginfo-2.02.67-18.22.1.i586.rpm lvm2-clvm-debuginfo-2.02.67-18.22.1.x86_64.rpm lvm2-clvm-debugsource-2.02.67-18.22.1.i586.rpm lvm2-clvm-debugsource-2.02.67-18.22.1.x86_64.rpm lvm2-debuginfo-2.02.67-18.22.1.i586.rpm lvm2-debuginfo-2.02.67-18.22.1.x86_64.rpm lvm2-debugsource-2.02.67-18.22.1.i586.rpm lvm2-debugsource-2.02.67-18.22.1.x86_64.rpm ntop Moderate openSUSE 11.4 This update fixes the following issue for ntop: - 657615: File /etc/sysconfig/ntop is missing ntop-4.0-7.8.1.i586.rpm ntop-4.0-7.8.1.x86_64.rpm ntop-debuginfo-4.0-7.8.1.i586.rpm ntop-debuginfo-4.0-7.8.1.x86_64.rpm ntop-debugsource-4.0-7.8.1.i586.rpm ntop-debugsource-4.0-7.8.1.x86_64.rpm xorg-x11 Moderate openSUSE 11.4 This update fixes the following issue for xorg-x11: - 728846: NTP service disrupts work of other services when started in the same time as kdm3 xorg-x11-7.6-43.46.1.i586.rpm xorg-x11-7.6-43.46.1.x86_64.rpm xorg-x11-xauth-7.6-43.46.1.i586.rpm xorg-x11-xauth-7.6-43.46.1.x86_64.rpm xorg-x11-debuginfo-7.6-43.46.1.i586.rpm xorg-x11-debuginfo-7.6-43.46.1.x86_64.rpm xorg-x11-debugsource-7.6-43.46.1.i586.rpm xorg-x11-debugsource-7.6-43.46.1.x86_64.rpm xorg-x11-xauth-debuginfo-7.6-43.46.1.i586.rpm xorg-x11-xauth-debuginfo-7.6-43.46.1.x86_64.rpm chasen Moderate openSUSE 11.4 A potential buffer overflow in ChaSen that could possibly allow remote attackers to execute arbitrary code via a specially crafted string was fixed (CVE-2011-4000). chasen-2.4.2-65.66.1.i586.rpm chasen-2.4.2-65.66.1.x86_64.rpm chasen-devel-2.4.2-65.66.1.i586.rpm chasen-devel-2.4.2-65.66.1.x86_64.rpm perl-Text-ChaSen-2.4.2-65.66.1.i586.rpm perl-Text-ChaSen-2.4.2-65.66.1.x86_64.rpm chasen-debuginfo-2.4.2-65.66.1.i586.rpm chasen-debuginfo-2.4.2-65.66.1.x86_64.rpm chasen-debugsource-2.4.2-65.66.1.i586.rpm chasen-debugsource-2.4.2-65.66.1.x86_64.rpm perl-Text-ChaSen-debuginfo-2.4.2-65.66.1.i586.rpm perl-Text-ChaSen-debuginfo-2.4.2-65.66.1.x86_64.rpm python-cupshelpers Moderate openSUSE 11.4 This update fixes a typo from the previous update: system-config-printer used an unauthenticated connection when downloading printer drivers from openprinting.org (CVE-2011-4405). This update disables the printer driver download feature. system-config-printer did not properly quote shell meta characters in SMB server or workgroup names when passing them to the shell (CVE-2011-2899). python-cupshelpers-1.2.5-5.10.1.i586.rpm python-cupshelpers-1.2.5-5.10.1.x86_64.rpm system-config-printer-1.2.5-5.10.1.i586.rpm system-config-printer-1.2.5-5.10.1.x86_64.rpm system-config-printer-lang-1.2.5-5.10.1.noarch.rpm udev-configure-printer-1.2.5-5.10.1.i586.rpm udev-configure-printer-1.2.5-5.10.1.x86_64.rpm system-config-printer-debugsource-1.2.5-5.10.1.i586.rpm system-config-printer-debugsource-1.2.5-5.10.1.x86_64.rpm udev-configure-printer-debuginfo-1.2.5-5.10.1.i586.rpm udev-configure-printer-debuginfo-1.2.5-5.10.1.x86_64.rpm kernel Important openSUSE 11.4 The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read() on a specific socket, it's possible to corrupt (kernel) memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-2699: Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. CVE-2011-1173: A kernel information leak via ip6_tables was fixed. CVE-2011-1172: A kernel information leak via ip6_tables netfilter was fixed. CVE-2011-1171: A kernel information leak via ip_tables was fixed. CVE-2011-1170: A kernel information leak via arp_tables was fixed. CVE-2011-1080: A kernel information leak via netfilter was fixed. CVE-2011-2213: The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel did not properly audit INET_DIAG bytecode, which allowed local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. CVE-2011-2534: Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel might have allowed local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '0' character. CVE-2011-1770: Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel allowed remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggered a buffer over-read. CVE-2011-2723: The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel, when Generic Receive Offload (GRO) is enabled, reset certain fields in incorrect situations, which allowed remote attackers to cause a denial of service (system crash) via crafted network traffic. CVE-2011-2898: A kernel information leak in the AF_PACKET protocol was fixed which might have allowed local attackers to read kernel memory. CVE-2011-4087: A local denial of service when using bridged networking via a flood ping was fixed. CVE-2011-2203: A NULL ptr dereference on mounting corrupt hfs filesystems was fixed which could be used by local attackers to crash the kernel. CVE-2011-4081: Using the crypto interface a local user could Oops the kernel by writing to a AF_ALG socket. kernel-debug-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-debug-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-debug-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-devel-2.6.37.6-0.11.1.noarch.rpm 1 kernel-docs-2.6.37.6-0.11.1.noarch.rpm 1 kernel-ec2-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-extra-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-extra-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-pae-2.6.37.6-0.11.1.i586.rpm 1 kernel-pae-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-pae-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-source-2.6.37.6-0.11.1.noarch.rpm 1 kernel-source-vanilla-2.6.37.6-0.11.1.noarch.rpm 1 kernel-syms-2.6.37.6-0.11.1.i586.rpm 1 kernel-syms-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-devel-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vmi-2.6.37.6-0.11.1.i586.rpm 1 kernel-vmi-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-vmi-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-xen-base-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-base-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-xen-devel-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-devel-2.6.37.6-0.11.1.x86_64.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.11-6.7.28.i586.rpm 1 preload-kmp-default-1.2_k2.6.37.6_0.11-6.7.28.x86_64.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.11-6.7.28.i586.rpm 1 preload-kmp-desktop-1.2_k2.6.37.6_0.11-6.7.28.x86_64.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-debug-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-debug-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-default-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-desktop-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-ec2-extra-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-pae-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-pae-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-pae-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-pae-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-trace-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-vanilla-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-vmi-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-vmi-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-vmi-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-vmi-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-base-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-xen-debugsource-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-debugsource-2.6.37.6-0.11.1.x86_64.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.11.1.i586.rpm 1 kernel-xen-devel-debuginfo-2.6.37.6-0.11.1.x86_64.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.11-6.7.28.i586.rpm 1 preload-kmp-default-debuginfo-1.2_k2.6.37.6_0.11-6.7.28.x86_64.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.11-6.7.28.i586.rpm 1 preload-kmp-desktop-debuginfo-1.2_k2.6.37.6_0.11-6.7.28.x86_64.rpm 1 sudo Low openSUSE 11.4 This update fixes escaping of ldap search string values in sudo (bnc#724490) sudo-1.7.6p2-0.7.1.i586.rpm sudo-1.7.6p2-0.7.1.x86_64.rpm sudo-debuginfo-1.7.6p2-0.7.1.i586.rpm sudo-debuginfo-1.7.6p2-0.7.1.x86_64.rpm sudo-debugsource-1.7.6p2-0.7.1.i586.rpm sudo-debugsource-1.7.6p2-0.7.1.x86_64.rpm tomcat6 Moderate openSUSE 11.4 The apache tomcat was vulnerable to a hash collision attack which allowed remote attackers to mount DoS attacks. CVE-2011-4858 has been assigned to this issue. tomcat6-6.0.32-7.12.1.noarch.rpm tomcat6-admin-webapps-6.0.32-7.12.1.noarch.rpm tomcat6-docs-webapp-6.0.32-7.12.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-7.12.1.noarch.rpm tomcat6-javadoc-6.0.32-7.12.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-7.12.1.noarch.rpm tomcat6-lib-6.0.32-7.12.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-7.12.1.noarch.rpm tomcat6-webapps-6.0.32-7.12.1.noarch.rpm NetworkManager-gnome Moderate openSUSE 11.4 NetworkManager did not pin a certificate's subject to an ESSID. A rogue access point could therefore be used to conduct MITM attacks by using any other valid certificate issued by same CA as used in the original network (CVE-2006-7246). Please note that existing WPA2 Enterprise connections need to be deleted and re-created to take advantage of the new security checks. This is a re-release of the previous update to also enable the checks for EAP-TLS. NetworkManager-gnome-0.8.2-9.16.1.i586.rpm NetworkManager-gnome-0.8.2-9.16.1.x86_64.rpm NetworkManager-gnome-lang-0.8.2-9.16.1.noarch.rpm NetworkManager-gnome-debuginfo-0.8.2-9.16.1.i586.rpm NetworkManager-gnome-debuginfo-0.8.2-9.16.1.x86_64.rpm NetworkManager-gnome-debugsource-0.8.2-9.16.1.i586.rpm NetworkManager-gnome-debugsource-0.8.2-9.16.1.x86_64.rpm libQtWebKit-devel Important openSUSE 11.4 A stack-based buffer overflow in the glyph handling of libqt4's harfbuzz has been fixed. CVE-2011-3922 has been assigned to this issue. libQtWebKit-devel-4.7.1-8.17.1.i586.rpm libQtWebKit-devel-4.7.1-8.17.1.x86_64.rpm libQtWebKit4-4.7.1-8.17.1.i586.rpm libQtWebKit4-4.7.1-8.17.1.x86_64.rpm libQtWebKit4-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-4.7.1-8.17.1.i586.rpm libqt4-4.7.1-8.17.1.x86_64.rpm libqt4-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-devel-4.7.1-8.17.1.i586.rpm libqt4-devel-4.7.1-8.17.1.x86_64.rpm libqt4-qt3support-4.7.1-8.17.1.i586.rpm libqt4-qt3support-4.7.1-8.17.1.x86_64.rpm libqt4-qt3support-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-sql-4.7.1-8.17.1.i586.rpm libqt4-sql-4.7.1-8.17.1.x86_64.rpm libqt4-sql-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-sql-sqlite-4.7.1-8.17.1.i586.rpm libqt4-sql-sqlite-4.7.1-8.17.1.x86_64.rpm libqt4-sql-sqlite-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-x11-4.7.1-8.17.1.i586.rpm libqt4-x11-4.7.1-8.17.1.x86_64.rpm libqt4-x11-32bit-4.7.1-8.17.1.x86_64.rpm libQtWebKit4-debuginfo-4.7.1-8.17.1.i586.rpm libQtWebKit4-debuginfo-4.7.1-8.17.1.x86_64.rpm libQtWebKit4-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-debugsource-4.7.1-8.17.1.i586.rpm libqt4-debugsource-4.7.1-8.17.1.x86_64.rpm libqt4-devel-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-devel-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-qt3support-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-qt3support-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-qt3support-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-sql-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-sql-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-sql-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-sql-sqlite-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm libqt4-x11-debuginfo-4.7.1-8.17.1.i586.rpm libqt4-x11-debuginfo-4.7.1-8.17.1.x86_64.rpm libqt4-x11-debuginfo-32bit-4.7.1-8.17.1.x86_64.rpm sysconfig Moderate openSUSE 11.4 This update for sysconfig contains the following fixes: - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code (CVE-2011-4182). - Explicitly disabled posix mode in all bash scripts as we are using several features not supported in posix mode (bnc#739338). - Fixed ipv6 dad / link ready wait time calculation (1/10 of the specified time were used), replaced useless up flag check loop with link_ready_wait to avoid send errors from dhclient6 and cleaned up link / dad wait verify flag after status update (bnc#697929). sysconfig-0.74.5-6.13.1.i586.rpm sysconfig-0.74.5-6.13.1.x86_64.rpm sysconfig-debuginfo-0.74.5-6.13.1.i586.rpm sysconfig-debuginfo-0.74.5-6.13.1.x86_64.rpm sysconfig-debugsource-0.74.5-6.13.1.i586.rpm sysconfig-debugsource-0.74.5-6.13.1.x86_64.rpm libopenssl-devel Important openSUSE 11.4 Various security vulnerabilities have been fixed in openssl: - DTLS plaintext recovery attack (CVE-2011-4108) - uninitialized SSL 3.0 padding (CVE-2011-4576) - malformed RFC 3779 data can cause assertion failures (CVE-2011-4577) - SGC restart DoS attack (CVE-2011-4619) - invalid GOST parameters DoS attack (CVE-2012-0027) libopenssl-devel-1.0.0c-18.23.1.i586.rpm libopenssl-devel-1.0.0c-18.23.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.23.1.i586.rpm libopenssl1_0_0-1.0.0c-18.23.1.x86_64.rpm libopenssl1_0_0-32bit-1.0.0c-18.23.1.x86_64.rpm openssl-1.0.0c-18.23.1.i586.rpm openssl-1.0.0c-18.23.1.x86_64.rpm openssl-doc-1.0.0c-18.23.1.noarch.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.23.1.i586.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.23.1.x86_64.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.23.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.23.1.i586.rpm openssl-debuginfo-1.0.0c-18.23.1.x86_64.rpm openssl-debugsource-1.0.0c-18.23.1.i586.rpm openssl-debugsource-1.0.0c-18.23.1.x86_64.rpm mawk Low openSUSE 11.4 This update fixes the following issue for mawk: - 740484: mawk RE matching can return invalid results causing unexpected behavior and crashes mawk-1.3.4-7.8.1.i586.rpm mawk-1.3.4-7.8.1.x86_64.rpm mawk-debuginfo-1.3.4-7.8.1.i586.rpm mawk-debuginfo-1.3.4-7.8.1.x86_64.rpm mawk-debugsource-1.3.4-7.8.1.i586.rpm mawk-debugsource-1.3.4-7.8.1.x86_64.rpm xarchiver Low openSUSE 11.4 This update fixes the following issue for xarchiver: - 723170: thunar-plugin-archive doesn't package a file with spaces in its name xarchiver-0.5.2+20090319-9.14.1.i586.rpm xarchiver-0.5.2+20090319-9.14.1.x86_64.rpm xarchiver-debuginfo-0.5.2+20090319-9.14.1.i586.rpm xarchiver-debuginfo-0.5.2+20090319-9.14.1.x86_64.rpm xarchiver-debugsource-0.5.2+20090319-9.14.1.i586.rpm xarchiver-debugsource-0.5.2+20090319-9.14.1.x86_64.rpm acroread Important openSUSE 11.4 Acrobat Reader was updated to version 9.4.7 to fix security issues (CVE-2011-2462, CVE-2011-4369) acroread-9.4.7-0.3.1.i586.rpm icu Moderate openSUSE 11.4 Specially crafted strings could cause a buffer overflow in icu (CVE-2011-4599). An integer overflow in the getSymbol() function could crash applications using icu (CVE-2010-4409) icu-4.4.2-4.5.1.i586.rpm icu-4.4.2-4.5.1.x86_64.rpm icu-data-4.4.2-4.5.1.i586.rpm icu-data-4.4.2-4.5.1.x86_64.rpm libicu-4.4.2-4.5.1.i586.rpm libicu-4.4.2-4.5.1.x86_64.rpm libicu-32bit-4.4.2-4.5.1.x86_64.rpm libicu-devel-4.4.2-4.5.1.i586.rpm libicu-devel-4.4.2-4.5.1.x86_64.rpm libicu-devel-32bit-4.4.2-4.5.1.x86_64.rpm libicu-doc-4.4.2-4.5.1.i586.rpm libicu-doc-4.4.2-4.5.1.x86_64.rpm icu-debuginfo-4.4.2-4.5.1.i586.rpm icu-debuginfo-4.4.2-4.5.1.x86_64.rpm icu-debugsource-4.4.2-4.5.1.i586.rpm icu-debugsource-4.4.2-4.5.1.x86_64.rpm libicu-debuginfo-4.4.2-4.5.1.i586.rpm libicu-debuginfo-4.4.2-4.5.1.x86_64.rpm libicu-debuginfo-32bit-4.4.2-4.5.1.x86_64.rpm libxml2 Important openSUSE 11.4 A heap-based buffer overflow during decoding of entity references with overly long names has been fixed. CVE-2011-3919 has been assigned. libxml2-2.7.8-16.21.1.i586.rpm libxml2-2.7.8-16.21.1.x86_64.rpm libxml2-32bit-2.7.8-16.21.1.x86_64.rpm libxml2-devel-2.7.8-16.21.1.i586.rpm libxml2-devel-2.7.8-16.21.1.x86_64.rpm libxml2-devel-32bit-2.7.8-16.21.1.x86_64.rpm libxml2-doc-2.7.8-16.21.1.noarch.rpm libxml2-debuginfo-2.7.8-16.21.1.i586.rpm libxml2-debuginfo-2.7.8-16.21.1.x86_64.rpm libxml2-debuginfo-32bit-2.7.8-16.21.1.x86_64.rpm libxml2-debugsource-2.7.8-16.21.1.i586.rpm libxml2-debugsource-2.7.8-16.21.1.x86_64.rpm ruby Moderate openSUSE 11.4 This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes, which are fully compatible with the previous version. You can review the detailed list here: http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLo g The particularly noteworthy fixes are: - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks (CVE-2011-4815). For this OpenSSL::Random.seed at the SecureRandom.random_bytes is used if available. - mkconfig.rb: fix for continued lines. - Fix Infinity to be greater than any bignum number. - initialize store->ex_data.sk. - some IPv6 related fixes - zlib fixes - reinitialize PRNG when forking children (CVE-2011-2686/CVE-2011-3009) - securerandom fixes (CVE-2011-2705) - uri route_to fixes - fix race condition with variables and autoload ruby-1.8.7.p357-0.2.1.i586.rpm ruby-1.8.7.p357-0.2.1.x86_64.rpm ruby-devel-1.8.7.p357-0.2.1.i586.rpm ruby-devel-1.8.7.p357-0.2.1.x86_64.rpm ruby-doc-html-1.8.7.p357-0.2.1.noarch.rpm ruby-doc-ri-1.8.7.p357-0.2.1.noarch.rpm ruby-examples-1.8.7.p357-0.2.1.i586.rpm ruby-examples-1.8.7.p357-0.2.1.x86_64.rpm ruby-test-suite-1.8.7.p357-0.2.1.i586.rpm ruby-test-suite-1.8.7.p357-0.2.1.x86_64.rpm ruby-tk-1.8.7.p357-0.2.1.i586.rpm ruby-tk-1.8.7.p357-0.2.1.x86_64.rpm ruby-debuginfo-1.8.7.p357-0.2.1.i586.rpm ruby-debuginfo-1.8.7.p357-0.2.1.x86_64.rpm ruby-debugsource-1.8.7.p357-0.2.1.i586.rpm ruby-debugsource-1.8.7.p357-0.2.1.x86_64.rpm ruby-tk-debuginfo-1.8.7.p357-0.2.1.i586.rpm ruby-tk-debuginfo-1.8.7.p357-0.2.1.x86_64.rpm yast2-hardware-detection Low openSUSE 11.4 This update fixes the following issues for yast2-hardware-detection: - 716081: smbios missing in yast hwprobe - 425059: Use pr_bios for .probe.bios so that smbios info is included yast2-hardware-detection-2.17.2-2.3.1.i586.rpm yast2-hardware-detection-2.17.2-2.3.1.x86_64.rpm yast2-hardware-detection-debuginfo-2.17.2-2.3.1.i586.rpm yast2-hardware-detection-debuginfo-2.17.2-2.3.1.x86_64.rpm yast2-hardware-detection-debugsource-2.17.2-2.3.1.i586.rpm yast2-hardware-detection-debugsource-2.17.2-2.3.1.x86_64.rpm python-qt4 Low openSUSE 11.4 This update fixes the following issue for python-qt4: - 607579: added phonon-devel to BuildRequires python-qt4-4.8.3-4.5.2.i586.rpm python-qt4-4.8.3-4.5.2.x86_64.rpm python-qt4-devel-4.8.3-4.5.2.i586.rpm python-qt4-devel-4.8.3-4.5.2.x86_64.rpm python-qt4-devel-debuginfo-4.8.3-4.5.2.i586.rpm python-qt4-devel-debuginfo-4.8.3-4.5.2.x86_64.rpm xfce4-session Low openSUSE 11.4 This update fixes the following issue for xfce4-session: - 740566: Screen locking inconsistent between xfce4-power-manager and xfce4-session xfce4-session-4.8.0-7.12.1.i586.rpm xfce4-session-4.8.0-7.12.1.x86_64.rpm xfce4-session-branding-upstream-4.8.0-7.12.1.noarch.rpm xfce4-session-devel-4.8.0-7.12.1.i586.rpm xfce4-session-devel-4.8.0-7.12.1.x86_64.rpm xfce4-session-debuginfo-4.8.0-7.12.1.i586.rpm xfce4-session-debuginfo-4.8.0-7.12.1.x86_64.rpm xfce4-session-debugsource-4.8.0-7.12.1.i586.rpm xfce4-session-debugsource-4.8.0-7.12.1.x86_64.rpm libpython2_7-1_0 Low openSUSE 11.4 This update fixes the following issue for python: - 739536: Conflict between python3-2to3 and python-base libpython2_7-1_0-2.7-8.12.1.i586.rpm libpython2_7-1_0-2.7-8.12.1.x86_64.rpm libpython2_7-1_0-32bit-2.7-8.12.1.x86_64.rpm python-2.7-9.12.1.i586.rpm python-2.7-9.12.1.x86_64.rpm python-32bit-2.7-9.12.1.x86_64.rpm python-base-2.7-8.12.1.i586.rpm python-base-2.7-8.12.1.x86_64.rpm python-base-32bit-2.7-8.12.1.x86_64.rpm python-curses-2.7-9.12.1.i586.rpm python-curses-2.7-9.12.1.x86_64.rpm python-demo-2.7-9.12.1.i586.rpm python-demo-2.7-9.12.1.x86_64.rpm python-devel-2.7-8.12.1.i586.rpm python-devel-2.7-8.12.1.x86_64.rpm python-gdbm-2.7-9.12.1.i586.rpm python-gdbm-2.7-9.12.1.x86_64.rpm python-idle-2.7-9.12.1.i586.rpm python-idle-2.7-9.12.1.x86_64.rpm python-tk-2.7-9.12.1.i586.rpm python-tk-2.7-9.12.1.x86_64.rpm python-xml-2.7-8.12.1.i586.rpm python-xml-2.7-8.12.1.x86_64.rpm libpython2_7-1_0-debuginfo-2.7-8.12.1.i586.rpm libpython2_7-1_0-debuginfo-2.7-8.12.1.x86_64.rpm libpython2_7-1_0-debuginfo-32bit-2.7-8.12.1.x86_64.rpm python-base-debuginfo-2.7-8.12.1.i586.rpm python-base-debuginfo-2.7-8.12.1.x86_64.rpm python-base-debuginfo-32bit-2.7-8.12.1.x86_64.rpm python-base-debugsource-2.7-8.12.1.i586.rpm python-base-debugsource-2.7-8.12.1.x86_64.rpm python-curses-debuginfo-2.7-9.12.1.i586.rpm python-curses-debuginfo-2.7-9.12.1.x86_64.rpm python-debuginfo-2.7-9.12.1.i586.rpm python-debuginfo-2.7-9.12.1.x86_64.rpm python-debuginfo-32bit-2.7-9.12.1.x86_64.rpm python-debugsource-2.7-9.12.1.i586.rpm python-debugsource-2.7-9.12.1.x86_64.rpm python-gdbm-debuginfo-2.7-9.12.1.i586.rpm python-gdbm-debuginfo-2.7-9.12.1.x86_64.rpm python-tk-debuginfo-2.7-9.12.1.i586.rpm python-tk-debuginfo-2.7-9.12.1.x86_64.rpm python-xml-debuginfo-2.7-8.12.1.i586.rpm python-xml-debuginfo-2.7-8.12.1.x86_64.rpm dhcp Low openSUSE 11.4 This update fixes the following issue for dhcp: - 739696: dhcp-client lease parsing problems dhcp-4.2.1-0.13.1.i586.rpm dhcp-4.2.1-0.13.1.x86_64.rpm dhcp-client-4.2.1-0.13.1.i586.rpm dhcp-client-4.2.1-0.13.1.x86_64.rpm dhcp-devel-4.2.1-0.13.1.i586.rpm dhcp-devel-4.2.1-0.13.1.x86_64.rpm dhcp-doc-4.2.1-0.13.1.i586.rpm dhcp-doc-4.2.1-0.13.1.x86_64.rpm dhcp-relay-4.2.1-0.13.1.i586.rpm dhcp-relay-4.2.1-0.13.1.x86_64.rpm dhcp-server-4.2.1-0.13.1.i586.rpm dhcp-server-4.2.1-0.13.1.x86_64.rpm dhcp-client-debuginfo-4.2.1-0.13.1.i586.rpm dhcp-client-debuginfo-4.2.1-0.13.1.x86_64.rpm dhcp-debuginfo-4.2.1-0.13.1.i586.rpm dhcp-debuginfo-4.2.1-0.13.1.x86_64.rpm dhcp-debugsource-4.2.1-0.13.1.i586.rpm dhcp-debugsource-4.2.1-0.13.1.x86_64.rpm dhcp-relay-debuginfo-4.2.1-0.13.1.i586.rpm dhcp-relay-debuginfo-4.2.1-0.13.1.x86_64.rpm dhcp-server-debuginfo-4.2.1-0.13.1.i586.rpm dhcp-server-debuginfo-4.2.1-0.13.1.x86_64.rpm gnutls Low openSUSE 11.4 Large server tickets could crash gnutls clients. CVE-2011-4128 has been assigned to this issue. gnutls-2.8.6-5.6.1.i586.rpm gnutls-2.8.6-5.6.1.x86_64.rpm libgnutls-devel-2.8.6-5.6.1.i586.rpm libgnutls-devel-2.8.6-5.6.1.x86_64.rpm libgnutls-extra-devel-2.8.6-5.6.1.i586.rpm libgnutls-extra-devel-2.8.6-5.6.1.x86_64.rpm libgnutls-extra26-2.8.6-5.6.1.i586.rpm libgnutls-extra26-2.8.6-5.6.1.x86_64.rpm libgnutls26-2.8.6-5.6.1.i586.rpm libgnutls26-2.8.6-5.6.1.x86_64.rpm libgnutls26-32bit-2.8.6-5.6.1.x86_64.rpm gnutls-debuginfo-2.8.6-5.6.1.i586.rpm gnutls-debuginfo-2.8.6-5.6.1.x86_64.rpm gnutls-debugsource-2.8.6-5.6.1.i586.rpm gnutls-debugsource-2.8.6-5.6.1.x86_64.rpm libgnutls-extra26-debuginfo-2.8.6-5.6.1.i586.rpm libgnutls-extra26-debuginfo-2.8.6-5.6.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.6.1.i586.rpm libgnutls26-debuginfo-2.8.6-5.6.1.x86_64.rpm libgnutls26-debuginfo-32bit-2.8.6-5.6.1.x86_64.rpm curl Moderate openSUSE 11.4 The following vulnerabilities have been fixed in curl: - IMAP, POP3 and SMTP URL sanitization vulnerability (CVE-2012-0036) - disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (CVE-2011-3389) - disable SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option for older openssl versions (CVE-2010-4180) curl-7.21.2-10.11.1.i586.rpm curl-7.21.2-10.11.1.x86_64.rpm libcurl-devel-7.21.2-10.11.1.i586.rpm libcurl-devel-7.21.2-10.11.1.x86_64.rpm libcurl4-7.21.2-10.11.1.i586.rpm libcurl4-7.21.2-10.11.1.x86_64.rpm libcurl4-32bit-7.21.2-10.11.1.x86_64.rpm curl-debuginfo-7.21.2-10.11.1.i586.rpm curl-debuginfo-7.21.2-10.11.1.x86_64.rpm libcurl4-debuginfo-7.21.2-10.11.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-10.11.1.x86_64.rpm kvm Moderate openSUSE 11.4 A missing initgroups() call for the -runas option has been fixed in kvm (CVE-2011-2527) as well as a buffer overflow in the e1000 device emulation (CVE-2012-0029). kvm-0.14.0.0-1.14.2.i586.rpm kvm-0.14.0.0-1.14.2.x86_64.rpm kvm-debuginfo-0.14.0.0-1.14.2.i586.rpm kvm-debuginfo-0.14.0.0-1.14.2.x86_64.rpm kvm-debugsource-0.14.0.0-1.14.2.i586.rpm kvm-debugsource-0.14.0.0-1.14.2.x86_64.rpm seccheck Low openSUSE 11.4 This update fixed a typo in a patch for using the command 'xargs'. seccheck-2.0-668.669.1.noarch.rpm pam_ssh Low openSUSE 11.4 This update fixes the following issue for pam_ssh - 741541: fixed segfault when EOF is supplied as a passphrase - 665061: call setgroups and setgid before executing ssh-agent pam_ssh-1.97-11.14.1.i586.rpm pam_ssh-1.97-11.14.1.x86_64.rpm pam_ssh-32bit-1.97-11.14.1.x86_64.rpm pam_ssh-debuginfo-1.97-11.14.1.i586.rpm pam_ssh-debuginfo-1.97-11.14.1.x86_64.rpm pam_ssh-debuginfo-32bit-1.97-11.14.1.x86_64.rpm pam_ssh-debugsource-1.97-11.14.1.i586.rpm pam_ssh-debugsource-1.97-11.14.1.x86_64.rpm lighttpd Moderate openSUSE 11.4 This update of lighttpd fixes an out-of-bounds read due to a signedness error which could cause a Denial of Service (CVE-2011-4362). Additionally an option was added to honor the server cipher order (resolves lighttpd#2364). lighttpd-1.4.26-6.7.1.i586.rpm lighttpd-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_cml-1.4.26-6.7.1.i586.rpm lighttpd-mod_cml-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_magnet-1.4.26-6.7.1.i586.rpm lighttpd-mod_magnet-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_mysql_vhost-1.4.26-6.7.1.i586.rpm lighttpd-mod_mysql_vhost-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_rrdtool-1.4.26-6.7.1.i586.rpm lighttpd-mod_rrdtool-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-1.4.26-6.7.1.i586.rpm lighttpd-mod_trigger_b4_dl-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_webdav-1.4.26-6.7.1.i586.rpm lighttpd-mod_webdav-1.4.26-6.7.1.x86_64.rpm lighttpd-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-debugsource-1.4.26-6.7.1.i586.rpm lighttpd-debugsource-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_cml-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_cml-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_magnet-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_magnet-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_mysql_vhost-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_rrdtool-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_rrdtool-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_trigger_b4_dl-debuginfo-1.4.26-6.7.1.x86_64.rpm lighttpd-mod_webdav-debuginfo-1.4.26-6.7.1.i586.rpm lighttpd-mod_webdav-debuginfo-1.4.26-6.7.1.x86_64.rpm curl Moderate openSUSE 11.4 This update of curl disables GSSAPI to workaround CVE-2011-2192 (bnc#698796). curl-7.21.2-10.13.1.i586.rpm curl-7.21.2-10.13.1.x86_64.rpm libcurl-devel-7.21.2-10.13.1.i586.rpm libcurl-devel-7.21.2-10.13.1.x86_64.rpm libcurl4-7.21.2-10.13.1.i586.rpm libcurl4-7.21.2-10.13.1.x86_64.rpm libcurl4-32bit-7.21.2-10.13.1.x86_64.rpm curl-debuginfo-7.21.2-10.13.1.i586.rpm curl-debuginfo-7.21.2-10.13.1.x86_64.rpm libcurl4-debuginfo-7.21.2-10.13.1.i586.rpm libcurl4-debuginfo-32bit-7.21.2-10.13.1.x86_64.rpm perl Low openSUSE 11.4 This update fixes the following issue for perl: - 732929: The NDBM_File module was not included in the perl package due to a change in perl's Configure script. This update restores the module. perl-5.12.3-11.20.1.i586.rpm perl-5.12.3-11.20.1.x86_64.rpm perl-32bit-5.12.3-11.20.1.x86_64.rpm perl-base-5.12.3-11.20.1.i586.rpm perl-base-5.12.3-11.20.1.x86_64.rpm perl-base-32bit-5.12.3-11.20.1.x86_64.rpm perl-doc-5.12.3-11.20.1.noarch.rpm perl-base-debuginfo-5.12.3-11.20.1.i586.rpm perl-base-debuginfo-5.12.3-11.20.1.x86_64.rpm perl-base-debuginfo-32bit-5.12.3-11.20.1.x86_64.rpm perl-debuginfo-5.12.3-11.20.1.i586.rpm perl-debuginfo-5.12.3-11.20.1.x86_64.rpm perl-debuginfo-32bit-5.12.3-11.20.1.x86_64.rpm perl-debugsource-5.12.3-11.20.1.i586.rpm perl-debugsource-5.12.3-11.20.1.x86_64.rpm wireshark Moderate openSUSE 11.4 This update fixes the following security issues: - 741187: multiple file parser vulnerabilities (CVE-2012-0041) - 741188: RLC dissector buffer overflow (CVE-2012-0043) - 741190: NULL pointer vulnerabilities (CVE-2012-0042) - CVE-2012-0066: DoS due to too large buffer alloc request - CVE-2012-0067: DoS due to integer underflow and too large buffer alloc. request - CVE-2012-0068: memory corruption due to buffer underflow wireshark-1.4.11-0.2.3.i586.rpm wireshark-1.4.11-0.2.3.x86_64.rpm wireshark-devel-1.4.11-0.2.3.i586.rpm wireshark-devel-1.4.11-0.2.3.x86_64.rpm wireshark-debuginfo-1.4.11-0.2.3.i586.rpm wireshark-debuginfo-1.4.11-0.2.3.x86_64.rpm wireshark-debugsource-1.4.11-0.2.3.i586.rpm wireshark-debugsource-1.4.11-0.2.3.x86_64.rpm logrotate Moderate openSUSE 11.4 In order to make logrotate more robust against manipulated log directories logrotate was changed to dbg114-logrotate-5744 logrotate-5744 new_updateinfo add a "su" config option which makes logrotate run partially as the specified user dbg114-logrotate-5744 logrotate-5744 new_updateinfo run external helpers like log file compressors as the user configured with the "su" option dbg114-logrotate-5744 logrotate-5744 new_updateinfo issue a warning for log directories writable by non-root users dbg114-logrotate-5744 logrotate-5744 new_updateinfo not follow symlinks when rotating logs logrotate-3.7.9-6.9.1.i586.rpm logrotate-3.7.9-6.9.1.x86_64.rpm logrotate-debuginfo-3.7.9-6.9.1.i586.rpm logrotate-debuginfo-3.7.9-6.9.1.x86_64.rpm logrotate-debugsource-3.7.9-6.9.1.i586.rpm logrotate-debugsource-3.7.9-6.9.1.x86_64.rpm puppet Low openSUSE 11.4 This update fixes the following issue for puppet: - 739361: fixed wrong directory-permissions and ownerships puppet-2.6.4-4.13.1.i586.rpm puppet-2.6.4-4.13.1.x86_64.rpm puppet-server-2.6.4-4.13.1.i586.rpm puppet-server-2.6.4-4.13.1.x86_64.rpm mozilla-js192 Important openSUSE 11.4 mozilla xulrunner was updated to 1.9.2.26 security update, fixing security issues and bugs. Following security bugs were fixed: MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26. MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted. This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012. MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution. MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. mozilla-js192-1.9.2.26-0.2.1.i586.rpm mozilla-js192-1.9.2.26-0.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.26-0.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.26-0.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.26-0.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.26-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.26-0.2.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 Mozilla Firefox was updated to version 10 to fix bugs and security issues. MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References CVE-2012-0443: Ben Hawkes, Christian Holler, Honza Bombas, Jason Orendorff, Jesse Ruderman, Jan Odvarko, Peter Van Der Beken, and Bill McCloskey reported memory safety problems that were fixed in Firefox 10. CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26. MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted. This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012. MFSA 2012-03/CVE-2012-0445: Alex Dvorov reported that an attacker could replace a sub-frame in another domain's document by using the name attribute of the sub-frame as a form submission target. This can potentially allow for phishing attacks against users and violates the HTML5 frame navigation policy. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution. MFSA 2012-05/CVE-2012-0446: Mozilla security researcher moz_bug_r_a4 reported that frame scripts bypass XPConnect security checks when calling untrusted objects. This allows for cross-site scripting (XSS) attacks through web pages and Firefox extensions. The fix enables the Script Security Manager (SSM) to force security checks on all frame scripts. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-06/CVE-2012-0447: Mozilla developer Tim Abraldes reported that when encoding images as image/vnd.microsoft.icon the resulting data was always a fixed size, with uninitialized memory appended as padding beyond the size of the actual image. This is the result of mImageBufferSize in the encoder being initialized with a value different than the size of the source image. There is the possibility of sensitive data from uninitialized memory being appended to a PNG image when converted fron an ICO format image. This sensitive data may then be disclosed in the resulting image. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. MFSA 2012-09/CVE-2012-0450: magicant starmen reported that if a user chooses to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users on Linux and OS X systems. Firefox 3.6 is not affected by this vulnerability. MozillaFirefox-10.0-0.2.1.i586.rpm MozillaFirefox-10.0-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-10.0-0.2.1.i586.rpm MozillaFirefox-branding-upstream-10.0-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-10.0-0.2.1.i586.rpm MozillaFirefox-buildsymbols-10.0-0.2.1.x86_64.rpm MozillaFirefox-devel-10.0-0.2.1.i586.rpm MozillaFirefox-devel-10.0-0.2.1.x86_64.rpm MozillaFirefox-translations-common-10.0-0.2.1.i586.rpm MozillaFirefox-translations-common-10.0-0.2.1.x86_64.rpm MozillaFirefox-translations-other-10.0-0.2.1.i586.rpm MozillaFirefox-translations-other-10.0-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-10.0-0.2.1.i586.rpm MozillaFirefox-debuginfo-10.0-0.2.1.x86_64.rpm MozillaFirefox-debugsource-10.0-0.2.1.i586.rpm MozillaFirefox-debugsource-10.0-0.2.1.x86_64.rpm MozillaThunderbird Important openSUSE 11.4 Mozilla Thunderbird was updated to 3.1.18 security update, fixing security issues and bugs. Following security bugs were fixed: MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26. MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted. This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012. MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution. MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. MozillaThunderbird-3.1.18-0.23.1.i586.rpm MozillaThunderbird-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.18-0.23.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-devel-3.1.18-0.23.1.i586.rpm MozillaThunderbird-devel-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.18-0.23.1.i586.rpm MozillaThunderbird-translations-common-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.18-0.23.1.i586.rpm MozillaThunderbird-translations-other-3.1.18-0.23.1.x86_64.rpm enigmail-1.1.2+3.1.18-0.23.1.i586.rpm enigmail-1.1.2+3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.18-0.23.1.i586.rpm MozillaThunderbird-debuginfo-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.18-0.23.1.i586.rpm MozillaThunderbird-debugsource-3.1.18-0.23.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.18-0.23.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.18-0.23.1.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.18-0.23.1.i586.rpm enigmail-debuginfo-1.1.2+3.1.18-0.23.1.x86_64.rpm pdns Moderate openSUSE 11.4 This update of PowerDNS fixes a Denial of Service flaw which could be exploited by remote attackers via specially crafted DNS queries (CVE-2012-0206). pdns-2.9.22-5.6.1.i586.rpm pdns-2.9.22-5.6.1.x86_64.rpm pdns-backend-ldap-2.9.22-5.6.1.i586.rpm pdns-backend-ldap-2.9.22-5.6.1.x86_64.rpm pdns-backend-mysql-2.9.22-5.6.1.i586.rpm pdns-backend-mysql-2.9.22-5.6.1.x86_64.rpm pdns-backend-postgresql-2.9.22-5.6.1.i586.rpm pdns-backend-postgresql-2.9.22-5.6.1.x86_64.rpm pdns-backend-sqlite2-2.9.22-5.6.1.i586.rpm pdns-backend-sqlite2-2.9.22-5.6.1.x86_64.rpm pdns-backend-sqlite3-2.9.22-5.6.1.i586.rpm pdns-backend-sqlite3-2.9.22-5.6.1.x86_64.rpm pdns-backend-ldap-debuginfo-2.9.22-5.6.1.i586.rpm pdns-backend-ldap-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-backend-mysql-debuginfo-2.9.22-5.6.1.i586.rpm pdns-backend-mysql-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-backend-postgresql-debuginfo-2.9.22-5.6.1.i586.rpm pdns-backend-postgresql-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-backend-sqlite2-debuginfo-2.9.22-5.6.1.i586.rpm pdns-backend-sqlite2-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-backend-sqlite3-debuginfo-2.9.22-5.6.1.i586.rpm pdns-backend-sqlite3-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-debuginfo-2.9.22-5.6.1.i586.rpm pdns-debuginfo-2.9.22-5.6.1.x86_64.rpm pdns-debugsource-2.9.22-5.6.1.i586.rpm pdns-debugsource-2.9.22-5.6.1.x86_64.rpm libopenssl-devel Moderate openSUSE 11.4 This update of OpenSSL fixes a Denial of Services issue (CVE-2012-0050). libopenssl-devel-1.0.0c-18.25.1.i586.rpm libopenssl-devel-1.0.0c-18.25.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.25.1.i586.rpm libopenssl1_0_0-1.0.0c-18.25.1.x86_64.rpm libopenssl1_0_0-32bit-1.0.0c-18.25.1.x86_64.rpm openssl-1.0.0c-18.25.1.i586.rpm openssl-1.0.0c-18.25.1.x86_64.rpm openssl-doc-1.0.0c-18.25.1.noarch.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.25.1.i586.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.25.1.x86_64.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.25.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.25.1.i586.rpm openssl-debuginfo-1.0.0c-18.25.1.x86_64.rpm openssl-debugsource-1.0.0c-18.25.1.i586.rpm openssl-debugsource-1.0.0c-18.25.1.x86_64.rpm opera Moderate openSUSE 11.4 Opera was updated to release 11.61, fixing various bugs and security issues. http://www.opera.com/support/kb/view/1007/ http://www.opera.com/support/kb/view/1008/ and the changelog for 11.61 release at: http://www.opera.com/docs/changelogs/unix/1161/ opera-11.61-0.3.1.i586.rpm opera-11.61-0.3.1.x86_64.rpm opera-gtk-11.61-0.3.1.i586.rpm opera-gtk-11.61-0.3.1.x86_64.rpm opera-kde4-11.61-0.3.1.i586.rpm opera-kde4-11.61-0.3.1.x86_64.rpm tomcat6 Important openSUSE 11.4 This update fixes a regression in parameter passing (in urldecoding of parameters that contain spaces). In addition, multiple weaknesses in HTTP DIGESTS are fixed (CVE-2011-1184). CVE-2011-5062: The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33 and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184. CVE-2011-5063: The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184. CVE-2011-5064: DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184. tomcat6-6.0.32-7.14.1.noarch.rpm tomcat6-admin-webapps-6.0.32-7.14.1.noarch.rpm tomcat6-docs-webapp-6.0.32-7.14.1.noarch.rpm tomcat6-el-1_0-api-6.0.32-7.14.1.noarch.rpm tomcat6-javadoc-6.0.32-7.14.1.noarch.rpm tomcat6-jsp-2_1-api-6.0.32-7.14.1.noarch.rpm tomcat6-lib-6.0.32-7.14.1.noarch.rpm tomcat6-servlet-2_5-api-6.0.32-7.14.1.noarch.rpm tomcat6-webapps-6.0.32-7.14.1.noarch.rpm xorg-x11-Xvnc Low openSUSE 11.4 This update of xorg-x11-server fixes issues that could allow attackers read access to arbitrary memory locations via the GLX protocol (CVE-2010-4818). xorg-x11-Xvnc-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-Xvnc-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-extra-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-extra-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-sdk-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-sdk-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-Xvnc-debuginfo-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-debuginfo-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-debugsource-7.6_1.9.3-15.26.1.x86_64.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.26.1.i586.rpm xorg-x11-server-extra-debuginfo-7.6_1.9.3-15.26.1.x86_64.rpm qemu Low openSUSE 11.4 A heap-based buffer overflow in the legacy mode of the e1000 driver device emulation was fixed (CVE-2012-0029). qemu-0.14.0_rc1-1.6.1.i586.rpm qemu-0.14.0_rc1-1.6.1.x86_64.rpm qemu-debuginfo-0.14.0_rc1-1.6.1.i586.rpm qemu-debuginfo-0.14.0_rc1-1.6.1.x86_64.rpm qemu-debugsource-0.14.0_rc1-1.6.1.i586.rpm qemu-debugsource-0.14.0_rc1-1.6.1.x86_64.rpm seamonkey Important openSUSE 11.4 Mozilla Seamonkey was updated to 2.7 security update, fixing security issues and bugs. Following security bugs were fixed: MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26. MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted. This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012. MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution. MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. seamonkey-2.7-0.2.1.i586.rpm seamonkey-2.7-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.7-0.2.1.i586.rpm seamonkey-dom-inspector-2.7-0.2.1.x86_64.rpm seamonkey-irc-2.7-0.2.1.i586.rpm seamonkey-irc-2.7-0.2.1.x86_64.rpm seamonkey-translations-common-2.7-0.2.1.i586.rpm seamonkey-translations-common-2.7-0.2.1.x86_64.rpm seamonkey-translations-other-2.7-0.2.1.i586.rpm seamonkey-translations-other-2.7-0.2.1.x86_64.rpm seamonkey-venkman-2.7-0.2.1.i586.rpm seamonkey-venkman-2.7-0.2.1.x86_64.rpm seamonkey-debuginfo-2.7-0.2.1.i586.rpm seamonkey-debuginfo-2.7-0.2.1.x86_64.rpm seamonkey-debugsource-2.7-0.2.1.i586.rpm seamonkey-debugsource-2.7-0.2.1.x86_64.rpm autofs Moderate openSUSE 11.4 This update fixes the following issues for AutoFS: - 742846: disable "--as-needed" to make sure automount will be linked against libtirpc - 730245: fix LDAP result leaks on error paths - 727392: fix segfault caused by an use after free in st_queue_handler() - 707715: fix result null check in read_one_map() autofs-5.0.5-14.21.1.i586.rpm autofs-5.0.5-14.21.1.x86_64.rpm autofs-debuginfo-5.0.5-14.21.1.i586.rpm autofs-debuginfo-5.0.5-14.21.1.x86_64.rpm autofs-debugsource-5.0.5-14.21.1.i586.rpm autofs-debugsource-5.0.5-14.21.1.x86_64.rpm libvirt Low openSUSE 11.4 This collective update 2012/02 for Xen provides fixes for the following reports: Xen === - 649209: Fix Xen live migrations being slow - 683580: Fix hangs during boot up after the message "Enabled directed EOI with ioapic_ack_old on! - 691256: unable to open a connection to the XEN Hypervisor - 694863: Fix kexec fails in xen - 701686: kdump hangs on megaraid_sas driver - 704160: crm resource migrate fails with xen machines - 706106: Fix Inconsistent reporting of VM names during migration - 706574: xm console DomUName hang after "xm save/restore" of PVM on the latest Xen - 712051: Fix xen: IOMMU fault livelock - 712823: Xen guest does not start reliable when rebooted - 714183: Since last update Xen VM's don't start if the name contains dots (as in 'example.mydomain.com') - 715655: No support for performance counters for Westmere E7-8837 and SandyBridge i5-2500 - 716695: dom-us using tap devices will not start - 725169: xen-4.0.2_21511_03-0.5.3: bootup hangs - 726332: Xen changeset 21326 introduces considerable performance hit - 727515: Fragmented packets hang network boot of HVM guest - 732782: xm create hangs when maxmen value is enclosed in "quotes" - 734826: xm rename doesn't work anymore - 736824: Microcode patches for AMD's 15h processors panic the system - 739585: Xen block-attach fails after repeated attach/detach - 740165: Fix heap overflow in e1000 device emulation libvirt ======= - 728681: libvirtd litters syslog with "interfaceGetXMLDesc:355 : internal error" messages when using virt-manager virt-utils ========== - Add Support for creating images that can be run on Microsoft Hyper-V host (Fix vpc file format. Add support for fixed disks) libvirt-0.8.8-0.14.1.i586.rpm libvirt-0.8.8-0.14.1.x86_64.rpm libvirt-client-0.8.8-0.14.1.i586.rpm libvirt-client-0.8.8-0.14.1.x86_64.rpm libvirt-devel-0.8.8-0.14.1.i586.rpm libvirt-devel-0.8.8-0.14.1.x86_64.rpm libvirt-doc-0.8.8-0.14.1.i586.rpm libvirt-doc-0.8.8-0.14.1.x86_64.rpm libvirt-python-0.8.8-0.14.1.i586.rpm libvirt-python-0.8.8-0.14.1.x86_64.rpm virt-utils-1.1.5-1.4.1.i586.rpm virt-utils-1.1.5-1.4.1.x86_64.rpm xen-4.0.3_01-0.2.1.i586.rpm xen-4.0.3_01-0.2.1.x86_64.rpm xen-devel-4.0.3_01-0.2.1.i586.rpm xen-devel-4.0.3_01-0.2.1.x86_64.rpm xen-doc-html-4.0.3_01-0.2.1.i586.rpm xen-doc-html-4.0.3_01-0.2.1.x86_64.rpm xen-doc-pdf-4.0.3_01-0.2.1.i586.rpm xen-doc-pdf-4.0.3_01-0.2.1.x86_64.rpm xen-kmp-default-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-kmp-default-4.0.3_01_k2.6.37.6_0.11-0.2.1.x86_64.rpm xen-kmp-desktop-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-kmp-desktop-4.0.3_01_k2.6.37.6_0.11-0.2.1.x86_64.rpm xen-kmp-pae-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-libs-4.0.3_01-0.2.1.i586.rpm xen-libs-4.0.3_01-0.2.1.x86_64.rpm xen-tools-4.0.3_01-0.2.1.i586.rpm xen-tools-4.0.3_01-0.2.1.x86_64.rpm xen-tools-domU-4.0.3_01-0.2.1.i586.rpm xen-tools-domU-4.0.3_01-0.2.1.x86_64.rpm libvirt-client-debuginfo-0.8.8-0.14.1.i586.rpm libvirt-client-debuginfo-0.8.8-0.14.1.x86_64.rpm libvirt-debuginfo-0.8.8-0.14.1.i586.rpm libvirt-debuginfo-0.8.8-0.14.1.x86_64.rpm libvirt-debugsource-0.8.8-0.14.1.i586.rpm libvirt-debugsource-0.8.8-0.14.1.x86_64.rpm libvirt-python-debuginfo-0.8.8-0.14.1.i586.rpm libvirt-python-debuginfo-0.8.8-0.14.1.x86_64.rpm xen-debugsource-4.0.3_01-0.2.1.i586.rpm xen-debugsource-4.0.3_01-0.2.1.x86_64.rpm xen-kmp-default-debuginfo-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-kmp-default-debuginfo-4.0.3_01_k2.6.37.6_0.11-0.2.1.x86_64.rpm xen-kmp-desktop-debuginfo-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-kmp-desktop-debuginfo-4.0.3_01_k2.6.37.6_0.11-0.2.1.x86_64.rpm xen-kmp-pae-debuginfo-4.0.3_01_k2.6.37.6_0.11-0.2.1.i586.rpm xen-libs-debuginfo-4.0.3_01-0.2.1.i586.rpm xen-libs-debuginfo-4.0.3_01-0.2.1.x86_64.rpm xen-tools-debuginfo-4.0.3_01-0.2.1.i586.rpm xen-tools-debuginfo-4.0.3_01-0.2.1.x86_64.rpm xen-tools-domU-debuginfo-4.0.3_01-0.2.1.i586.rpm xen-tools-domU-debuginfo-4.0.3_01-0.2.1.x86_64.rpm xfce4-panel-plugin-battery Low openSUSE 11.4 * make the add/edit dialog transient for the main configuration window and to make the notification dialog modal * use a dynamically allocated string to hold timer data in order to prevent truncation in some locales (bnc#742788) xfce4-panel-plugin-battery-1.0.0-2.5.1.i586.rpm xfce4-panel-plugin-battery-1.0.0-2.5.1.x86_64.rpm xfce4-panel-plugin-cddrive-0.0.1-19.5.1.i586.rpm xfce4-panel-plugin-cddrive-0.0.1-19.5.1.x86_64.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.5.1.i586.rpm xfce4-panel-plugin-cellmodem-0.0.5-24.5.1.x86_64.rpm xfce4-panel-plugin-clipman-1.1.3-18.5.1.i586.rpm xfce4-panel-plugin-clipman-1.1.3-18.5.1.x86_64.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.5.1.i586.rpm xfce4-panel-plugin-clipman-doc-1.1.3-4.5.1.x86_64.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.5.1.i586.rpm xfce4-panel-plugin-cpufreq-1.0.0-3.5.1.x86_64.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.5.1.i586.rpm xfce4-panel-plugin-cpugraph-1.0.1-6.5.1.x86_64.rpm xfce4-panel-plugin-datetime-0.6.1-18.5.1.i586.rpm xfce4-panel-plugin-datetime-0.6.1-18.5.1.x86_64.rpm xfce4-panel-plugin-diskperf-2.3.0-3.5.1.i586.rpm xfce4-panel-plugin-diskperf-2.3.0-3.5.1.x86_64.rpm xfce4-panel-plugin-eyes-4.4.1-2.5.1.i586.rpm xfce4-panel-plugin-eyes-4.4.1-2.5.1.x86_64.rpm xfce4-panel-plugin-fsguard-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-fsguard-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-genmon-3.2-24.5.1.i586.rpm xfce4-panel-plugin-genmon-3.2-24.5.1.x86_64.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.5.1.i586.rpm xfce4-panel-plugin-mailwatch-1.1.0-6.5.1.x86_64.rpm xfce4-panel-plugin-mount-0.5.5-18.5.1.i586.rpm xfce4-panel-plugin-mount-0.5.5-18.5.1.x86_64.rpm xfce4-panel-plugin-mpc-0.3.6-3.5.1.i586.rpm xfce4-panel-plugin-mpc-0.3.6-3.5.1.x86_64.rpm xfce4-panel-plugin-netload-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-netload-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-notes-1.7.7-6.5.1.i586.rpm xfce4-panel-plugin-notes-1.7.7-6.5.1.x86_64.rpm xfce4-panel-plugin-places-1.2.0-17.5.1.i586.rpm xfce4-panel-plugin-places-1.2.0-17.5.1.x86_64.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.5.1.i586.rpm xfce4-panel-plugin-quicklauncher-1.9.4-24.5.1.x86_64.rpm xfce4-panel-plugin-radio-0.4.4-6.5.1.i586.rpm xfce4-panel-plugin-radio-0.4.4-6.5.1.x86_64.rpm xfce4-panel-plugin-sensors-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-sensors-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-sensors-devel-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.5.1.i586.rpm xfce4-panel-plugin-smartbookmark-0.4.2-24.5.1.x86_64.rpm xfce4-panel-plugin-systemload-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-systemload-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-timeout-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-timeout-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-timer-0.6.1-18.5.1.i586.rpm xfce4-panel-plugin-timer-0.6.1-18.5.1.x86_64.rpm xfce4-panel-plugin-verve-1.0.0-4.5.1.i586.rpm xfce4-panel-plugin-verve-1.0.0-4.5.1.x86_64.rpm xfce4-panel-plugin-wavelan-0.5.6-6.5.1.i586.rpm xfce4-panel-plugin-wavelan-0.5.6-6.5.1.x86_64.rpm xfce4-panel-plugin-weather-0.7.4-3.5.1.i586.rpm xfce4-panel-plugin-weather-0.7.4-3.5.1.x86_64.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.5.1.i586.rpm xfce4-panel-plugin-xfapplet-0.1.0-24.5.1.x86_64.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.5.1.i586.rpm xfce4-panel-plugin-xkb-0.5.4.2-0.5.1.x86_64.rpm xfce4-panel-plugin-xmms-0.5.3-3.5.1.i586.rpm xfce4-panel-plugin-xmms-0.5.3-3.5.1.x86_64.rpm MozillaFirefox Critical openSUSE 11.4 MozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue. Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur. This crash may be potentially exploitable. Firefox 9 and earlier are not affected by this vulnerability. https://www.mozilla.org/security/announce/2012/mfsa2012-10.h tml MozillaFirefox-10.0.1-0.2.1.i586.rpm MozillaFirefox-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-10.0.1-0.2.1.i586.rpm MozillaFirefox-branding-upstream-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-10.0.1-0.2.1.i586.rpm MozillaFirefox-buildsymbols-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-devel-10.0.1-0.2.1.i586.rpm MozillaFirefox-devel-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-translations-common-10.0.1-0.2.1.i586.rpm MozillaFirefox-translations-common-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-translations-other-10.0.1-0.2.1.i586.rpm MozillaFirefox-translations-other-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-10.0.1-0.2.1.i586.rpm MozillaFirefox-debuginfo-10.0.1-0.2.1.x86_64.rpm MozillaFirefox-debugsource-10.0.1-0.2.1.i586.rpm MozillaFirefox-debugsource-10.0.1-0.2.1.x86_64.rpm seamonkey Critical openSUSE 11.4 Seamonkey was updated to 2.7.1 to fix critical bugs and security issue. Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur. This crash may be potentially exploitable. Firefox 9 and earlier are not affected by this vulnerability. https://www.mozilla.org/security/announce/2012/mfsa2012-10.h tml seamonkey-2.7.1-0.2.1.i586.rpm seamonkey-2.7.1-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.7.1-0.2.1.i586.rpm seamonkey-dom-inspector-2.7.1-0.2.1.x86_64.rpm seamonkey-irc-2.7.1-0.2.1.i586.rpm seamonkey-irc-2.7.1-0.2.1.x86_64.rpm seamonkey-translations-common-2.7.1-0.2.1.i586.rpm seamonkey-translations-common-2.7.1-0.2.1.x86_64.rpm seamonkey-translations-other-2.7.1-0.2.1.i586.rpm seamonkey-translations-other-2.7.1-0.2.1.x86_64.rpm seamonkey-venkman-2.7.1-0.2.1.i586.rpm seamonkey-venkman-2.7.1-0.2.1.x86_64.rpm seamonkey-debuginfo-2.7.1-0.2.1.i586.rpm seamonkey-debuginfo-2.7.1-0.2.1.x86_64.rpm seamonkey-debugsource-2.7.1-0.2.1.i586.rpm seamonkey-debugsource-2.7.1-0.2.1.x86_64.rpm pm-utils Low openSUSE 11.4 This update fixes the following issue for pm-utils: - 735837: Sleep/Resume for NetworkManager is broken pm-utils-1.4.1-5.11.1.i586.rpm pm-utils-1.4.1-5.11.1.x86_64.rpm pm-utils-ndiswrapper-1.4.1-5.11.1.i586.rpm pm-utils-ndiswrapper-1.4.1-5.11.1.x86_64.rpm pm-utils-debuginfo-1.4.1-5.11.1.i586.rpm pm-utils-debuginfo-1.4.1-5.11.1.x86_64.rpm pm-utils-debugsource-1.4.1-5.11.1.i586.rpm pm-utils-debugsource-1.4.1-5.11.1.x86_64.rpm libxslt Low openSUSE 11.4 libxslt was prone to an out-of-bounds read flaw when parsing certain patterns (CVE-2011-3970). This could lead to a Denial of Service. libxslt-1.1.26-3.4.1.i586.rpm libxslt-1.1.26-3.4.1.x86_64.rpm libxslt-32bit-1.1.26-3.4.1.x86_64.rpm libxslt-devel-1.1.26-3.4.1.i586.rpm libxslt-devel-1.1.26-3.4.1.x86_64.rpm libxslt-devel-32bit-1.1.26-3.4.1.x86_64.rpm libxslt-debuginfo-1.1.26-3.4.1.i586.rpm libxslt-debuginfo-1.1.26-3.4.1.x86_64.rpm libxslt-debuginfo-32bit-1.1.26-3.4.1.x86_64.rpm libxslt-debugsource-1.1.26-3.4.1.i586.rpm libxslt-debugsource-1.1.26-3.4.1.x86_64.rpm flash-player Critical openSUSE 11.4 flash-player was updated to the security update to 11.1.102.62. It fixes lots of security issues, some already exploited in the wild. Details can be found on: https://www.adobe.com/support/security/bulletins/apsb12-03.h tml These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only). flash-player-11.1.102.62-0.7.1.i586.rpm flash-player-11.1.102.62-0.7.1.x86_64.rpm jetty5 Moderate openSUSE 11.4 jetty5 was prone to a remotely exploitable Denial of Service flaw via hash collisions (CVE-2011-4461). jetty5-5.1.14-11.12.1.noarch.rpm jetty5-demo-5.1.14-11.12.1.noarch.rpm jetty5-javadoc-5.1.14-11.12.1.noarch.rpm jetty5-manual-5.1.14-11.12.1.noarch.rpm apache2-201202 Important openSUSE 11.4 This update of apache2 fixes regressions and several security problems: bnc#728876, fix graceful reload bnc#741243, CVE-2012-0031: Fixed a scoreboard corruption (shared mem segment) by child causes crash of privileged parent (invalid free()) during shutdown. bnc#743743, CVE-2012-0053: Fixed an issue in error responses that could expose "httpOnly" cookies when no custom ErrorDocument is specified for status code 400". bnc#738855, CVE-2007-6750: The "mod_reqtimeout" module was backported from Apache 2.2.21 to help mitigate the "Slowloris" Denial of Service attack. You need to enable the "mod_reqtimeout" module in your existing apache configuration to make it effective, e.g. in the APACHE_MODULES line in /etc/sysconfig/apache2. apache2-2.2.17-4.13.1.i586.rpm apache2-2.2.17-4.13.1.x86_64.rpm apache2-devel-2.2.17-4.13.1.i586.rpm apache2-devel-2.2.17-4.13.1.x86_64.rpm apache2-doc-2.2.17-4.13.1.noarch.rpm apache2-example-certificates-2.2.17-4.13.1.i586.rpm apache2-example-certificates-2.2.17-4.13.1.x86_64.rpm apache2-example-pages-2.2.17-4.13.1.i586.rpm apache2-example-pages-2.2.17-4.13.1.x86_64.rpm apache2-itk-2.2.17-4.13.1.i586.rpm apache2-itk-2.2.17-4.13.1.x86_64.rpm apache2-prefork-2.2.17-4.13.1.i586.rpm apache2-prefork-2.2.17-4.13.1.x86_64.rpm apache2-utils-2.2.17-4.13.1.i586.rpm apache2-utils-2.2.17-4.13.1.x86_64.rpm apache2-worker-2.2.17-4.13.1.i586.rpm apache2-worker-2.2.17-4.13.1.x86_64.rpm apache2-debuginfo-2.2.17-4.13.1.i586.rpm apache2-debuginfo-2.2.17-4.13.1.x86_64.rpm apache2-debugsource-2.2.17-4.13.1.i586.rpm apache2-debugsource-2.2.17-4.13.1.x86_64.rpm apache2-itk-debuginfo-2.2.17-4.13.1.i586.rpm apache2-itk-debuginfo-2.2.17-4.13.1.x86_64.rpm apache2-prefork-debuginfo-2.2.17-4.13.1.i586.rpm apache2-prefork-debuginfo-2.2.17-4.13.1.x86_64.rpm apache2-utils-debuginfo-2.2.17-4.13.1.i586.rpm apache2-utils-debuginfo-2.2.17-4.13.1.x86_64.rpm apache2-worker-debuginfo-2.2.17-4.13.1.i586.rpm apache2-worker-debuginfo-2.2.17-4.13.1.x86_64.rpm grub Moderate openSUSE 11.4 This update fixes the following issue for grub: - 640391, 717836: Remove MAP_GROWSDOWN flag when allocating scratch mem for the grub shell grub-0.97-175.176.1.i586.rpm grub-0.97-175.176.1.x86_64.rpm grub-debuginfo-0.97-175.176.1.i586.rpm grub-debuginfo-0.97-175.176.1.x86_64.rpm MozillaFirefox Important openSUSE 11.4 MozillaFirefox was updated to 10.0.2 to fix a security issue with the embedded libpng, where a integer overflow could allow remote attackers to crash the browser or potentially execute code (CVE-2011-3026), MozillaFirefox-10.0.2-0.2.1.i586.rpm MozillaFirefox-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-branding-upstream-10.0.2-0.2.1.i586.rpm MozillaFirefox-branding-upstream-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-buildsymbols-10.0.2-0.2.1.i586.rpm MozillaFirefox-buildsymbols-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-devel-10.0.2-0.2.1.i586.rpm MozillaFirefox-devel-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-translations-common-10.0.2-0.2.1.i586.rpm MozillaFirefox-translations-common-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-translations-other-10.0.2-0.2.1.i586.rpm MozillaFirefox-translations-other-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-debuginfo-10.0.2-0.2.1.i586.rpm MozillaFirefox-debuginfo-10.0.2-0.2.1.x86_64.rpm MozillaFirefox-debugsource-10.0.2-0.2.1.i586.rpm MozillaFirefox-debugsource-10.0.2-0.2.1.x86_64.rpm MozillaThunderbird Important openSUSE 11.4 Mozilla Thunderbird was updated to 3.1.19 to fix a security issue with the embedded libpng, where a integer overflow could allow remote attackers to crash the browser or potentially execute code (CVE-2011-3026), MozillaThunderbird-3.1.19-0.25.1.i586.rpm MozillaThunderbird-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-buildsymbols-3.1.19-0.25.1.i586.rpm MozillaThunderbird-buildsymbols-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-devel-3.1.19-0.25.1.i586.rpm MozillaThunderbird-devel-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-translations-common-3.1.19-0.25.1.i586.rpm MozillaThunderbird-translations-common-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-translations-other-3.1.19-0.25.1.i586.rpm MozillaThunderbird-translations-other-3.1.19-0.25.1.x86_64.rpm enigmail-1.1.2+3.1.19-0.25.1.i586.rpm enigmail-1.1.2+3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-debuginfo-3.1.19-0.25.1.i586.rpm MozillaThunderbird-debuginfo-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-debugsource-3.1.19-0.25.1.i586.rpm MozillaThunderbird-debugsource-3.1.19-0.25.1.x86_64.rpm MozillaThunderbird-devel-debuginfo-3.1.19-0.25.1.i586.rpm MozillaThunderbird-devel-debuginfo-3.1.19-0.25.1.x86_64.rpm enigmail-debuginfo-1.1.2+3.1.19-0.25.1.i586.rpm enigmail-debuginfo-1.1.2+3.1.19-0.25.1.x86_64.rpm gnutls Low openSUSE 11.4 This update of GnuTLS fixes a vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack. (CVE-2012-0390). gnutls-2.8.6-5.8.1.i586.rpm gnutls-2.8.6-5.8.1.x86_64.rpm libgnutls-devel-2.8.6-5.8.1.i586.rpm libgnutls-devel-2.8.6-5.8.1.x86_64.rpm libgnutls-extra-devel-2.8.6-5.8.1.i586.rpm libgnutls-extra-devel-2.8.6-5.8.1.x86_64.rpm libgnutls-extra26-2.8.6-5.8.1.i586.rpm libgnutls-extra26-2.8.6-5.8.1.x86_64.rpm libgnutls26-2.8.6-5.8.1.i586.rpm libgnutls26-2.8.6-5.8.1.x86_64.rpm libgnutls26-32bit-2.8.6-5.8.1.x86_64.rpm gnutls-debuginfo-2.8.6-5.8.1.i586.rpm gnutls-debuginfo-2.8.6-5.8.1.x86_64.rpm gnutls-debugsource-2.8.6-5.8.1.i586.rpm gnutls-debugsource-2.8.6-5.8.1.x86_64.rpm libgnutls-extra26-debuginfo-2.8.6-5.8.1.i586.rpm libgnutls-extra26-debuginfo-2.8.6-5.8.1.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.8.1.i586.rpm libgnutls26-debuginfo-2.8.6-5.8.1.x86_64.rpm libgnutls26-debuginfo-32bit-2.8.6-5.8.1.x86_64.rpm horde3-dimp Important openSUSE 11.4 This version upgrade of horde3-dimp to 1.1.8 fixes several issues (including security related flaws, CVE-2012-0791) and adds new features. horde3-dimp-1.1.8-0.3.1.noarch.rpm horde3-imp Important openSUSE 11.4 This version upgrade of horde3-dimp to 4.3.11 fixes several issues (including security related flaws, CVE-2012-0791) and adds new features. horde3-imp-4.3.11-0.3.1.noarch.rpm horde3 Important openSUSE 11.4 This version upgrade of horde3 to 3.3.13 fixes several issues (including a security related flaw, CVE-2012-0909) and adds new features. horde3-3.3.13-0.3.2.noarch.rpm mozilla-js192 Important openSUSE 11.4 Mozilla XULRunner was updated to 1.9.2.27 to fix a security issue with the embedded libpng, where a integer overflow could allow remote attackers to crash the browser or potentially execute code (CVE-2011-3026), mozilla-js192-1.9.2.27-0.2.1.i586.rpm mozilla-js192-1.9.2.27-0.2.1.x86_64.rpm mozilla-js192-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-buildsymbols-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-buildsymbols-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-devel-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-gnome-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-translations-common-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-common-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-translations-other-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-translations-other-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-js192-debuginfo-1.9.2.27-0.2.1.i586.rpm mozilla-js192-debuginfo-1.9.2.27-0.2.1.x86_64.rpm mozilla-js192-debuginfo-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-debuginfo-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-debuginfo-32bit-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-debugsource-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-debugsource-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-devel-debuginfo-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.27-0.2.1.i586.rpm mozilla-xulrunner192-gnome-debuginfo-1.9.2.27-0.2.1.x86_64.rpm mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.27-0.2.1.x86_64.rpm seamonkey Important openSUSE 11.4 Mozilla Seamonkey was updated to 2.7.2 to fix a security issue with the embedded libpng, where a integer overflow could allow remote attackers to crash the browser or potentially execute code (CVE-2011-3026), seamonkey-2.7.2-0.2.1.i586.rpm seamonkey-2.7.2-0.2.1.x86_64.rpm seamonkey-dom-inspector-2.7.2-0.2.1.i586.rpm seamonkey-dom-inspector-2.7.2-0.2.1.x86_64.rpm seamonkey-irc-2.7.2-0.2.1.i586.rpm seamonkey-irc-2.7.2-0.2.1.x86_64.rpm seamonkey-translations-common-2.7.2-0.2.1.i586.rpm seamonkey-translations-common-2.7.2-0.2.1.x86_64.rpm seamonkey-translations-other-2.7.2-0.2.1.i586.rpm seamonkey-translations-other-2.7.2-0.2.1.x86_64.rpm seamonkey-venkman-2.7.2-0.2.1.i586.rpm seamonkey-venkman-2.7.2-0.2.1.x86_64.rpm seamonkey-debuginfo-2.7.2-0.2.1.i586.rpm seamonkey-debuginfo-2.7.2-0.2.1.x86_64.rpm seamonkey-debugsource-2.7.2-0.2.1.i586.rpm seamonkey-debugsource-2.7.2-0.2.1.x86_64.rpm libpng12 Important openSUSE 11.4 A heap-based buffer overflow in libpng was fixed that could potentially be exploited by attackers to execute arbitrary code or cause an application to crash (CVE-2011-3026). libpng 1.2 was updated to 1.2.47 to fix this issue. libpng12-0-1.2.47-0.8.1.i586.rpm libpng12-0-1.2.47-0.8.1.x86_64.rpm libpng12-0-32bit-1.2.47-0.8.1.x86_64.rpm libpng12-compat-devel-1.2.47-0.8.1.i586.rpm libpng12-compat-devel-1.2.47-0.8.1.x86_64.rpm libpng12-compat-devel-32bit-1.2.47-0.8.1.x86_64.rpm libpng12-devel-1.2.47-0.8.1.i586.rpm libpng12-devel-1.2.47-0.8.1.x86_64.rpm libpng12-devel-32bit-1.2.47-0.8.1.x86_64.rpm libpng12-0-debuginfo-1.2.47-0.8.1.i586.rpm libpng12-0-debuginfo-1.2.47-0.8.1.x86_64.rpm libpng12-0-debuginfo-32bit-1.2.47-0.8.1.x86_64.rpm libpng12-debugsource-1.2.47-0.8.1.i586.rpm libpng12-debugsource-1.2.47-0.8.1.x86_64.rpm libpng14 Important openSUSE 11.4 A heap-based buffer overflow in libpng was fixed that could potentially be exploited by attackers to execute arbitrary code or cause an application to crash (CVE-2011-3026). libpng14-14-1.4.4-3.6.1.i586.rpm libpng14-14-1.4.4-3.6.1.x86_64.rpm libpng14-14-32bit-1.4.4-3.6.1.x86_64.rpm libpng14-compat-devel-1.4.4-3.6.1.i586.rpm libpng14-compat-devel-1.4.4-3.6.1.x86_64.rpm libpng14-compat-devel-32bit-1.4.4-3.6.1.x86_64.rpm libpng14-devel-1.4.4-3.6.1.i586.rpm libpng14-devel-1.4.4-3.6.1.x86_64.rpm libpng14-devel-32bit-1.4.4-3.6.1.x86_64.rpm libpng14-14-debuginfo-1.4.4-3.6.1.i586.rpm libpng14-14-debuginfo-1.4.4-3.6.1.x86_64.rpm libpng14-14-debuginfo-32bit-1.4.4-3.6.1.x86_64.rpm libpng14-debugsource-1.4.4-3.6.1.i586.rpm libpng14-debugsource-1.4.4-3.6.1.x86_64.rpm libvorbis Important openSUSE 11.4 Specially crafted ogg files could cause a heap-based buffer overflow in the vorbis audio compression library that could potentially be exploited by attackers to cause a crash or execute arbitrary code (CVE-2012-0444). libvorbis-devel-1.3.2-6.7.1.i586.rpm libvorbis-devel-1.3.2-6.7.1.x86_64.rpm libvorbis-doc-1.3.2-6.7.1.noarch.rpm libvorbis0-1.3.2-6.7.1.i586.rpm libvorbis0-1.3.2-6.7.1.x86_64.rpm libvorbis0-32bit-1.3.2-6.7.1.x86_64.rpm libvorbisenc2-1.3.2-6.7.1.i586.rpm libvorbisenc2-1.3.2-6.7.1.x86_64.rpm libvorbisenc2-32bit-1.3.2-6.7.1.x86_64.rpm libvorbisfile3-1.3.2-6.7.1.i586.rpm libvorbisfile3-1.3.2-6.7.1.x86_64.rpm libvorbisfile3-32bit-1.3.2-6.7.1.x86_64.rpm libvorbis-debugsource-1.3.2-6.7.1.i586.rpm libvorbis-debugsource-1.3.2-6.7.1.x86_64.rpm libvorbis0-debuginfo-1.3.2-6.7.1.i586.rpm libvorbis0-debuginfo-1.3.2-6.7.1.x86_64.rpm libvorbis0-debuginfo-32bit-1.3.2-6.7.1.x86_64.rpm libvorbisenc2-debuginfo-1.3.2-6.7.1.i586.rpm libvorbisenc2-debuginfo-1.3.2-6.7.1.x86_64.rpm libvorbisenc2-debuginfo-32bit-1.3.2-6.7.1.x86_64.rpm libvorbisfile3-debuginfo-1.3.2-6.7.1.i586.rpm libvorbisfile3-debuginfo-1.3.2-6.7.1.x86_64.rpm libvorbisfile3-debuginfo-32bit-1.3.2-6.7.1.x86_64.rpm java-1_6_0-openjdk Important openSUSE 11.4 java-1_6_0-openjdk was updated to the b24 release, fixing multiple security issues: dbg114-java-1_6_0-openjdk-5856 java-1_6_0-openjdk-5856 new_updateinfo Security fixes - S7082299, CVE-2011-3571: Fix inAtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass - S7110704, CVE-2012-0506: Issues with some method in corba - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing - S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server java-1_6_0-openjdk-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-1.6.0.0_b24.1.11.1-0.3.2.x86_64.rpm java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.1-0.3.2.x86_64.rpm java-1_6_0-openjdk-javadoc-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-src-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-debuginfo-1.6.0.0_b24.1.11.1-0.3.2.x86_64.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-debugsource-1.6.0.0_b24.1.11.1-0.3.2.x86_64.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.1-0.3.2.i586.rpm java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b24.1.11.1-0.3.2.x86_64.rpm cifs-utils Low openSUSE 11.4 This update fixes the following issue for cifs-utils: - 679949: unable to unmount a cisf share as user in opensuse 11.4 - makes cifs-utils userspace more compatible with the in-kernel cifs module cifs-utils-4.9-1.3.1.i586.rpm cifs-utils-4.9-1.3.1.x86_64.rpm cifs-utils-debuginfo-4.9-1.3.1.i586.rpm cifs-utils-debuginfo-4.9-1.3.1.x86_64.rpm cifs-utils-debugsource-4.9-1.3.1.i586.rpm cifs-utils-debugsource-4.9-1.3.1.x86_64.rpm python-gpgme Low openSUSE 11.4 This update fixes the following issue for python-gpgme: - 745257: fixed error in version-check python-gpgme-0.1-106.107.1.i586.rpm python-gpgme-0.1-106.107.1.x86_64.rpm python-gpgme-debuginfo-0.1-106.107.1.i586.rpm python-gpgme-debuginfo-0.1-106.107.1.x86_64.rpm python-gpgme-debugsource-0.1-106.107.1.i586.rpm python-gpgme-debugsource-0.1-106.107.1.x86_64.rpm cvs Moderate openSUSE 11.4 A heap-based buffer overflow flaw was found in the way CVS read proxy connection HTTP responses. An attacker could exploit this to cause the application to crash or, potentially, execute arbitrary code in the context of the user running the application (CVE-2012-0804). cvs-1.12.12-166.169.1.i586.rpm cvs-1.12.12-166.169.1.x86_64.rpm cvs-doc-1.12.12-166.169.1.noarch.rpm cvs-debuginfo-1.12.12-166.169.1.i586.rpm cvs-debuginfo-1.12.12-166.169.1.x86_64.rpm cvs-debugsource-1.12.12-166.169.1.i586.rpm cvs-debugsource-1.12.12-166.169.1.x86_64.rpm iproxy Moderate openSUSE 11.4 This update of usbmuxd fixes a heap-based buffer overflow which could be triggered via an overly long "SerialNumber" field (CVE-2012-0065). iproxy-1.0.7-3.5.1.i586.rpm iproxy-1.0.7-3.5.1.x86_64.rpm libusbmuxd-devel-1.0.7-3.5.1.i586.rpm libusbmuxd-devel-1.0.7-3.5.1.x86_64.rpm libusbmuxd1-1.0.7-3.5.1.i586.rpm libusbmuxd1-1.0.7-3.5.1.x86_64.rpm usbmuxd-1.0.7-3.5.1.i586.rpm usbmuxd-1.0.7-3.5.1.x86_64.rpm iproxy-debuginfo-1.0.7-3.5.1.i586.rpm iproxy-debuginfo-1.0.7-3.5.1.x86_64.rpm libusbmuxd1-debuginfo-1.0.7-3.5.1.i586.rpm libusbmuxd1-debuginfo-1.0.7-3.5.1.x86_64.rpm usbmuxd-debuginfo-1.0.7-3.5.1.i586.rpm usbmuxd-debuginfo-1.0.7-3.5.1.x86_64.rpm usbmuxd-debugsource-1.0.7-3.5.1.i586.rpm usbmuxd-debugsource-1.0.7-3.5.1.x86_64.rpm libxml2 Moderate openSUSE 11.4 This update of libxml2 fixes the hash table collision flaw which could be exploited by attackers to cause a Denial of Service (CVE-2012-0841). libxml2-2.7.8-16.23.1.i586.rpm libxml2-2.7.8-16.23.1.x86_64.rpm libxml2-32bit-2.7.8-16.23.1.x86_64.rpm libxml2-devel-2.7.8-16.23.1.i586.rpm libxml2-devel-2.7.8-16.23.1.x86_64.rpm libxml2-devel-32bit-2.7.8-16.23.1.x86_64.rpm libxml2-doc-2.7.8-16.23.1.noarch.rpm libxml2-debuginfo-2.7.8-16.23.1.i586.rpm libxml2-debuginfo-2.7.8-16.23.1.x86_64.rpm libxml2-debuginfo-32bit-2.7.8-16.23.1.x86_64.rpm libxml2-debugsource-2.7.8-16.23.1.i586.rpm libxml2-debugsource-2.7.8-16.23.1.x86_64.rpm csound Important openSUSE 11.4 This update of csound fixes two stack-based buffer overflows that could be exploited via malformed hetro and pvoc files (CVE-2012-0270). csound-5.06.0-139.140.1.i586.rpm csound-5.06.0-139.140.1.x86_64.rpm ark Moderate openSUSE 11.4 Ark was prone to a path traversal vulnerability allowing a maliciously-crafted zip file to allow for an arbitrary file to be displayed and, if the user has appropriate credentials, removed (CVE-2011-2725). ark-4.6.0-4.5.1.i586.rpm ark-4.6.0-4.5.1.x86_64.rpm filelight-4.6.0-4.5.1.i586.rpm filelight-4.6.0-4.5.1.x86_64.rpm kcalc-4.6.0-4.5.1.i586.rpm kcalc-4.6.0-4.5.1.x86_64.rpm kcharselect-4.6.0-4.5.1.i586.rpm kcharselect-4.6.0-4.5.1.x86_64.rpm kde4-printer-applet-4.6.0-4.5.1.i586.rpm kde4-printer-applet-4.6.0-4.5.1.x86_64.rpm kdeutils4-4.6.0-4.5.1.i586.rpm kdeutils4-4.6.0-4.5.1.x86_64.rpm kdf-4.6.0-4.5.1.i586.rpm kdf-4.6.0-4.5.1.x86_64.rpm kfloppy-4.6.0-4.5.1.i586.rpm kfloppy-4.6.0-4.5.1.x86_64.rpm kgpg-4.6.0-4.5.1.i586.rpm kgpg-4.6.0-4.5.1.x86_64.rpm kremotecontrol-4.6.0-4.5.1.i586.rpm kremotecontrol-4.6.0-4.5.1.x86_64.rpm ktimer-4.6.0-4.5.1.i586.rpm ktimer-4.6.0-4.5.1.x86_64.rpm kwalletmanager-4.6.0-4.5.1.i586.rpm kwalletmanager-4.6.0-4.5.1.x86_64.rpm kwikdisk-4.6.0-4.5.1.i586.rpm kwikdisk-4.6.0-4.5.1.x86_64.rpm superkaramba-4.6.0-4.5.1.i586.rpm superkaramba-4.6.0-4.5.1.x86_64.rpm sweeper-4.6.0-4.5.1.i586.rpm sweeper-4.6.0-4.5.1.x86_64.rpm ark-debuginfo-4.6.0-4.5.1.i586.rpm ark-debuginfo-4.6.0-4.5.1.x86_64.rpm filelight-debuginfo-4.6.0-4.5.1.i586.rpm filelight-debuginfo-4.6.0-4.5.1.x86_64.rpm kcalc-debuginfo-4.6.0-4.5.1.i586.rpm kcalc-debuginfo-4.6.0-4.5.1.x86_64.rpm kcharselect-debuginfo-4.6.0-4.5.1.i586.rpm kcharselect-debuginfo-4.6.0-4.5.1.x86_64.rpm kdeutils4-debugsource-4.6.0-4.5.1.i586.rpm kdeutils4-debugsource-4.6.0-4.5.1.x86_64.rpm kdf-debuginfo-4.6.0-4.5.1.i586.rpm kdf-debuginfo-4.6.0-4.5.1.x86_64.rpm kfloppy-debuginfo-4.6.0-4.5.1.i586.rpm kfloppy-debuginfo-4.6.0-4.5.1.x86_64.rpm kgpg-debuginfo-4.6.0-4.5.1.i586.rpm kgpg-debuginfo-4.6.0-4.5.1.x86_64.rpm kremotecontrol-debuginfo-4.6.0-4.5.1.i586.rpm kremotecontrol-debuginfo-4.6.0-4.5.1.x86_64.rpm ktimer-debuginfo-4.6.0-4.5.1.i586.rpm ktimer-debuginfo-4.6.0-4.5.1.x86_64.rpm kwalletmanager-debuginfo-4.6.0-4.5.1.i586.rpm kwalletmanager-debuginfo-4.6.0-4.5.1.x86_64.rpm kwikdisk-debuginfo-4.6.0-4.5.1.i586.rpm kwikdisk-debuginfo-4.6.0-4.5.1.x86_64.rpm superkaramba-debuginfo-4.6.0-4.5.1.i586.rpm superkaramba-debuginfo-4.6.0-4.5.1.x86_64.rpm sweeper-debuginfo-4.6.0-4.5.1.i586.rpm sweeper-debuginfo-4.6.0-4.5.1.x86_64.rpm pm-utils Low openSUSE 11.4 This update fixes the following issue for pm-utils: - 749031: fix script 50rcnetwork error and update savestate/restorestate functions - 670074: add pm-utils-1.4.1-vtXX-upower-battery-AC-adapter.patch pm-utils-1.4.1-5.13.1.i586.rpm pm-utils-1.4.1-5.13.1.x86_64.rpm pm-utils-ndiswrapper-1.4.1-5.13.1.i586.rpm pm-utils-ndiswrapper-1.4.1-5.13.1.x86_64.rpm pm-utils-debuginfo-1.4.1-5.13.1.i586.rpm pm-utils-debuginfo-1.4.1-5.13.1.x86_64.rpm pm-utils-debugsource-1.4.1-5.13.1.i586.rpm pm-utils-debugsource-1.4.1-5.13.1.x86_64.rpm timezone-2012b Important openSUSE 11.4 This update provides 2012b which provides the following important changes: dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 Cuba has delayed start of DST by 3 weeks (now starts April 1 rather than March 11 dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 Chile 2011/2012 and 2012/2013 summer time date adjustments. dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 Falkland Islands onto permanent summer time (we're assuming for the foreseeable future, though 2012 is all we're fairly certain of.) dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 Armenia has abolished Summer Time. dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 Tokelau jumped the International Date Line back last December (just the same as their near neighbour, Samoa). dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 America/Creston is a new zone for a small area of British Columbia dbg114-timezone-2012b-5920 new_updateinfo timezone-2012b-5920 There will be a leapsecod 2012-06-30 23:59:60 UTC. timezone-2012b-0.2.1.i586.rpm timezone-2012b-0.2.1.x86_64.rpm timezone-java-2012b-0.2.1.noarch.rpm timezone-debuginfo-2012b-0.2.1.i586.rpm timezone-debuginfo-2012b-0.2.1.x86_64.rpm timezone-debugsource-2012b-0.2.1.i586.rpm timezone-debugsource-2012b-0.2.1.x86_64.rpm flash-player Important openSUSE 11.4 flash-player 11.1.102.63 fixes two security issues: - memory corruption vulnerability in Matrix3D could lead to code executionn (CVE-2012-0768) - integer errors that could lead to information disclosure (CVE-2012-0769) flash-player-11.1.102.63-0.2.1.i586.rpm flash-player-11.1.102.63-0.2.1.x86_64.rpm gnash Moderate openSUSE 11.4 gnash used predictable and world readable temporary file names to store HTTP cookies (CVE-2011-4328). gnash-0.8.8-6.7.1.i586.rpm gnash-0.8.8-6.7.1.x86_64.rpm gnash-devel-0.8.8-6.7.1.i586.rpm gnash-devel-0.8.8-6.7.1.x86_64.rpm gnash-debuginfo-0.8.8-6.7.1.i586.rpm gnash-debuginfo-0.8.8-6.7.1.x86_64.rpm gnash-debugsource-0.8.8-6.7.1.i586.rpm gnash-debugsource-0.8.8-6.7.1.x86_64.rpm icecast Low openSUSE 11.4 Icecast didn't strip newlines from log entries, therefore allowing uses to forge log entries (CVE-2011-4612). icecast-2.3.2-60.61.1.i586.rpm icecast-2.3.2-60.61.1.x86_64.rpm icecast-debuginfo-2.3.2-60.61.1.i586.rpm icecast-debuginfo-2.3.2-60.61.1.x86_64.rpm icecast-debugsource-2.3.2-60.61.1.i586.rpm icecast-debugsource-2.3.2-60.61.1.x86_64.rpm openSUSE-2012-182 important openSUSE 11.4 Update php5 security update apache2-mod_php5-5.3.5-5.214.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-5.214.1.i586.rpm php5-5.3.5-5.214.1.i586.rpm php5-5.3.5-5.214.1.src.rpm php5-bcmath-5.3.5-5.214.1.i586.rpm php5-bcmath-debuginfo-5.3.5-5.214.1.i586.rpm php5-bz2-5.3.5-5.214.1.i586.rpm php5-bz2-debuginfo-5.3.5-5.214.1.i586.rpm php5-calendar-5.3.5-5.214.1.i586.rpm php5-calendar-debuginfo-5.3.5-5.214.1.i586.rpm php5-ctype-5.3.5-5.214.1.i586.rpm php5-ctype-debuginfo-5.3.5-5.214.1.i586.rpm php5-curl-5.3.5-5.214.1.i586.rpm php5-curl-debuginfo-5.3.5-5.214.1.i586.rpm php5-dba-5.3.5-5.214.1.i586.rpm php5-dba-debuginfo-5.3.5-5.214.1.i586.rpm php5-debuginfo-5.3.5-5.214.1.i586.rpm php5-debugsource-5.3.5-5.214.1.i586.rpm php5-devel-5.3.5-5.214.1.i586.rpm php5-dom-5.3.5-5.214.1.i586.rpm php5-dom-debuginfo-5.3.5-5.214.1.i586.rpm php5-enchant-5.3.5-5.214.1.i586.rpm php5-enchant-debuginfo-5.3.5-5.214.1.i586.rpm php5-exif-5.3.5-5.214.1.i586.rpm php5-exif-debuginfo-5.3.5-5.214.1.i586.rpm php5-fastcgi-5.3.5-5.214.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-5.214.1.i586.rpm php5-fileinfo-5.3.5-5.214.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-5.214.1.i586.rpm php5-fpm-5.3.5-5.214.1.i586.rpm php5-fpm-debuginfo-5.3.5-5.214.1.i586.rpm php5-ftp-5.3.5-5.214.1.i586.rpm php5-ftp-debuginfo-5.3.5-5.214.1.i586.rpm php5-gd-5.3.5-5.214.1.i586.rpm php5-gd-debuginfo-5.3.5-5.214.1.i586.rpm php5-gettext-5.3.5-5.214.1.i586.rpm php5-gettext-debuginfo-5.3.5-5.214.1.i586.rpm php5-gmp-5.3.5-5.214.1.i586.rpm php5-gmp-debuginfo-5.3.5-5.214.1.i586.rpm php5-hash-5.3.5-5.214.1.i586.rpm php5-hash-debuginfo-5.3.5-5.214.1.i586.rpm php5-iconv-5.3.5-5.214.1.i586.rpm php5-iconv-debuginfo-5.3.5-5.214.1.i586.rpm php5-imap-5.3.5-5.214.1.i586.rpm php5-imap-debuginfo-5.3.5-5.214.1.i586.rpm php5-intl-5.3.5-5.214.1.i586.rpm php5-intl-debuginfo-5.3.5-5.214.1.i586.rpm php5-json-5.3.5-5.214.1.i586.rpm php5-json-debuginfo-5.3.5-5.214.1.i586.rpm php5-ldap-5.3.5-5.214.1.i586.rpm php5-ldap-debuginfo-5.3.5-5.214.1.i586.rpm php5-mbstring-5.3.5-5.214.1.i586.rpm php5-mbstring-debuginfo-5.3.5-5.214.1.i586.rpm php5-mcrypt-5.3.5-5.214.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-5.214.1.i586.rpm php5-mysql-5.3.5-5.214.1.i586.rpm php5-mysql-debuginfo-5.3.5-5.214.1.i586.rpm php5-odbc-5.3.5-5.214.1.i586.rpm php5-odbc-debuginfo-5.3.5-5.214.1.i586.rpm php5-openssl-5.3.5-5.214.1.i586.rpm php5-openssl-debuginfo-5.3.5-5.214.1.i586.rpm php5-pcntl-5.3.5-5.214.1.i586.rpm php5-pcntl-debuginfo-5.3.5-5.214.1.i586.rpm php5-pdo-5.3.5-5.214.1.i586.rpm php5-pdo-debuginfo-5.3.5-5.214.1.i586.rpm php5-pear-5.3.5-5.214.1.noarch.rpm php5-pgsql-5.3.5-5.214.1.i586.rpm php5-pgsql-debuginfo-5.3.5-5.214.1.i586.rpm php5-phar-5.3.5-5.214.1.i586.rpm php5-phar-debuginfo-5.3.5-5.214.1.i586.rpm php5-posix-5.3.5-5.214.1.i586.rpm php5-posix-debuginfo-5.3.5-5.214.1.i586.rpm php5-pspell-5.3.5-5.214.1.i586.rpm php5-pspell-debuginfo-5.3.5-5.214.1.i586.rpm php5-readline-5.3.5-5.214.1.i586.rpm php5-readline-debuginfo-5.3.5-5.214.1.i586.rpm php5-shmop-5.3.5-5.214.1.i586.rpm php5-shmop-debuginfo-5.3.5-5.214.1.i586.rpm php5-snmp-5.3.5-5.214.1.i586.rpm php5-snmp-debuginfo-5.3.5-5.214.1.i586.rpm php5-soap-5.3.5-5.214.1.i586.rpm php5-soap-debuginfo-5.3.5-5.214.1.i586.rpm php5-sockets-5.3.5-5.214.1.i586.rpm php5-sockets-debuginfo-5.3.5-5.214.1.i586.rpm php5-sqlite-5.3.5-5.214.1.i586.rpm php5-sqlite-debuginfo-5.3.5-5.214.1.i586.rpm php5-suhosin-5.3.5-5.214.1.i586.rpm php5-suhosin-debuginfo-5.3.5-5.214.1.i586.rpm php5-sysvmsg-5.3.5-5.214.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-5.214.1.i586.rpm php5-sysvsem-5.3.5-5.214.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-5.214.1.i586.rpm php5-sysvshm-5.3.5-5.214.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-5.214.1.i586.rpm php5-tidy-5.3.5-5.214.1.i586.rpm php5-tidy-debuginfo-5.3.5-5.214.1.i586.rpm php5-tokenizer-5.3.5-5.214.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-5.214.1.i586.rpm php5-wddx-5.3.5-5.214.1.i586.rpm php5-wddx-debuginfo-5.3.5-5.214.1.i586.rpm php5-xmlreader-5.3.5-5.214.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-5.214.1.i586.rpm php5-xmlrpc-5.3.5-5.214.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-5.214.1.i586.rpm php5-xmlwriter-5.3.5-5.214.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-5.214.1.i586.rpm php5-xsl-5.3.5-5.214.1.i586.rpm php5-xsl-debuginfo-5.3.5-5.214.1.i586.rpm php5-zip-5.3.5-5.214.1.i586.rpm php5-zip-debuginfo-5.3.5-5.214.1.i586.rpm php5-zlib-5.3.5-5.214.1.i586.rpm php5-zlib-debuginfo-5.3.5-5.214.1.i586.rpm apache2-mod_php5-5.3.5-5.214.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-5.3.5-5.214.1.x86_64.rpm php5-bcmath-5.3.5-5.214.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-bz2-5.3.5-5.214.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-calendar-5.3.5-5.214.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-ctype-5.3.5-5.214.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-curl-5.3.5-5.214.1.x86_64.rpm php5-curl-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-dba-5.3.5-5.214.1.x86_64.rpm php5-dba-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-debugsource-5.3.5-5.214.1.x86_64.rpm php5-devel-5.3.5-5.214.1.x86_64.rpm php5-dom-5.3.5-5.214.1.x86_64.rpm php5-dom-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-enchant-5.3.5-5.214.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-exif-5.3.5-5.214.1.x86_64.rpm php5-exif-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-fastcgi-5.3.5-5.214.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-fileinfo-5.3.5-5.214.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-fpm-5.3.5-5.214.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-ftp-5.3.5-5.214.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-gd-5.3.5-5.214.1.x86_64.rpm php5-gd-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-gettext-5.3.5-5.214.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-gmp-5.3.5-5.214.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-hash-5.3.5-5.214.1.x86_64.rpm php5-hash-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-iconv-5.3.5-5.214.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-imap-5.3.5-5.214.1.x86_64.rpm php5-imap-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-intl-5.3.5-5.214.1.x86_64.rpm php5-intl-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-json-5.3.5-5.214.1.x86_64.rpm php5-json-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-ldap-5.3.5-5.214.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-mbstring-5.3.5-5.214.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-mcrypt-5.3.5-5.214.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-mysql-5.3.5-5.214.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-odbc-5.3.5-5.214.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-openssl-5.3.5-5.214.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-pcntl-5.3.5-5.214.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-pdo-5.3.5-5.214.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-pgsql-5.3.5-5.214.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-phar-5.3.5-5.214.1.x86_64.rpm php5-phar-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-posix-5.3.5-5.214.1.x86_64.rpm php5-posix-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-pspell-5.3.5-5.214.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-readline-5.3.5-5.214.1.x86_64.rpm php5-readline-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-shmop-5.3.5-5.214.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-snmp-5.3.5-5.214.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-soap-5.3.5-5.214.1.x86_64.rpm php5-soap-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-sockets-5.3.5-5.214.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-sqlite-5.3.5-5.214.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-suhosin-5.3.5-5.214.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-sysvmsg-5.3.5-5.214.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-sysvsem-5.3.5-5.214.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-sysvshm-5.3.5-5.214.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-tidy-5.3.5-5.214.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-tokenizer-5.3.5-5.214.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-wddx-5.3.5-5.214.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-xmlreader-5.3.5-5.214.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-xmlrpc-5.3.5-5.214.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-xmlwriter-5.3.5-5.214.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-xsl-5.3.5-5.214.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-zip-5.3.5-5.214.1.x86_64.rpm php5-zip-debuginfo-5.3.5-5.214.1.x86_64.rpm php5-zlib-5.3.5-5.214.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-5.214.1.x86_64.rpm openSUSE-2012-214 low openSUSE 11.4 Update - Security and bugfix release 9.0.7: * Require execute permission on the trigger function for "CREATE TRIGGER" (CVE-2012-0866, bnc#749299). * Remove arbitrary limitation on length of common name in SSL certificates (CVE-2012-0867, bnc#749301). * Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303). See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.0/static/release.html /usr/share/doc/packages/postgresql/HISTORY libecpg6-9.0.7-12.2.i586.rpm libecpg6-debuginfo-9.0.7-12.2.i586.rpm libpq5-32bit-9.0.7-12.2.x86_64.rpm libpq5-9.0.7-12.2.i586.rpm libpq5-debuginfo-32bit-9.0.7-12.2.x86_64.rpm libpq5-debuginfo-9.0.7-12.2.i586.rpm libpq5-debuginfo-x86-9.0.7-12.2.ia64.rpm libpq5-x86-9.0.7-12.2.ia64.rpm postgresql-devel-9.0.7-12.2.i586.rpm postgresql-devel-debuginfo-9.0.7-12.2.i586.rpm postgresql-libs-9.0.7-12.2.src.rpm postgresql-libs-debugsource-9.0.7-12.2.i586.rpm postgresql-9.0.7-12.1.i586.rpm postgresql-9.0.7-12.1.src.rpm postgresql-contrib-9.0.7-12.1.i586.rpm postgresql-contrib-debuginfo-9.0.7-12.1.i586.rpm postgresql-debuginfo-9.0.7-12.1.i586.rpm postgresql-debugsource-9.0.7-12.1.i586.rpm postgresql-docs-9.0.7-12.1.noarch.rpm postgresql-plperl-9.0.7-12.1.i586.rpm postgresql-plperl-debuginfo-9.0.7-12.1.i586.rpm postgresql-plpython-9.0.7-12.1.i586.rpm postgresql-plpython-debuginfo-9.0.7-12.1.i586.rpm postgresql-pltcl-9.0.7-12.1.i586.rpm postgresql-pltcl-debuginfo-9.0.7-12.1.i586.rpm postgresql-server-9.0.7-12.1.i586.rpm postgresql-server-debuginfo-9.0.7-12.1.i586.rpm libecpg6-9.0.7-12.2.x86_64.rpm libecpg6-debuginfo-9.0.7-12.2.x86_64.rpm libpq5-9.0.7-12.2.x86_64.rpm libpq5-debuginfo-9.0.7-12.2.x86_64.rpm postgresql-devel-9.0.7-12.2.x86_64.rpm postgresql-devel-debuginfo-9.0.7-12.2.x86_64.rpm postgresql-libs-debugsource-9.0.7-12.2.x86_64.rpm postgresql-9.0.7-12.1.x86_64.rpm postgresql-contrib-9.0.7-12.1.x86_64.rpm postgresql-contrib-debuginfo-9.0.7-12.1.x86_64.rpm postgresql-debuginfo-9.0.7-12.1.x86_64.rpm postgresql-debugsource-9.0.7-12.1.x86_64.rpm postgresql-plperl-9.0.7-12.1.x86_64.rpm postgresql-plperl-debuginfo-9.0.7-12.1.x86_64.rpm postgresql-plpython-9.0.7-12.1.x86_64.rpm postgresql-plpython-debuginfo-9.0.7-12.1.x86_64.rpm postgresql-pltcl-9.0.7-12.1.x86_64.rpm postgresql-pltcl-debuginfo-9.0.7-12.1.x86_64.rpm postgresql-server-9.0.7-12.1.x86_64.rpm postgresql-server-debuginfo-9.0.7-12.1.x86_64.rpm openSUSE-2012-277 moderate openSUSE 11.4 Update gnutls-2.8.6-5.21.2.i586.rpm gnutls-2.8.6-5.21.2.src.rpm gnutls-debuginfo-2.8.6-5.21.2.i586.rpm gnutls-debugsource-2.8.6-5.21.2.i586.rpm libgnutls-devel-2.8.6-5.21.2.i586.rpm libgnutls-extra-devel-2.8.6-5.21.2.i586.rpm libgnutls-extra26-2.8.6-5.21.2.i586.rpm libgnutls-extra26-debuginfo-2.8.6-5.21.2.i586.rpm libgnutls26-2.8.6-5.21.2.i586.rpm libgnutls26-32bit-2.8.6-5.21.2.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.21.2.i586.rpm libgnutls26-debuginfo-32bit-2.8.6-5.21.2.x86_64.rpm libgnutls26-debuginfo-x86-2.8.6-5.21.2.ia64.rpm libgnutls26-x86-2.8.6-5.21.2.ia64.rpm gnutls-2.8.6-5.21.2.x86_64.rpm gnutls-debuginfo-2.8.6-5.21.2.x86_64.rpm gnutls-debugsource-2.8.6-5.21.2.x86_64.rpm libgnutls-devel-2.8.6-5.21.2.x86_64.rpm libgnutls-extra-devel-2.8.6-5.21.2.x86_64.rpm libgnutls-extra26-2.8.6-5.21.2.x86_64.rpm libgnutls-extra26-debuginfo-2.8.6-5.21.2.x86_64.rpm libgnutls26-2.8.6-5.21.2.x86_64.rpm libgnutls26-debuginfo-2.8.6-5.21.2.x86_64.rpm openSUSE-2012-218 moderate openSUSE 11.4 Update Specially crafted ogg files could crash taglib taglib-1.6.2-7.1.i586.rpm taglib-1.6.2-7.1.src.rpm taglib-32bit-1.6.2-7.1.x86_64.rpm taglib-debuginfo-1.6.2-7.1.i586.rpm taglib-debuginfo-32bit-1.6.2-7.1.x86_64.rpm taglib-debuginfo-x86-1.6.2-7.1.ia64.rpm taglib-debugsource-1.6.2-7.1.i586.rpm taglib-devel-1.6.2-7.1.i586.rpm taglib-x86-1.6.2-7.1.ia64.rpm taglib-1.6.2-7.1.x86_64.rpm taglib-debuginfo-1.6.2-7.1.x86_64.rpm taglib-debugsource-1.6.2-7.1.x86_64.rpm taglib-devel-1.6.2-7.1.x86_64.rpm openSUSE-2012-308 important openSUSE 11.4 Update Specially crafted DER files could trigger a memory corruption in openssl libopenssl-devel-1.0.0c-18.42.1.i586.rpm libopenssl1_0_0-1.0.0c-18.42.1.i586.rpm libopenssl1_0_0-32bit-1.0.0c-18.42.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.42.1.i586.rpm libopenssl1_0_0-debuginfo-32bit-1.0.0c-18.42.1.x86_64.rpm libopenssl1_0_0-debuginfo-x86-1.0.0c-18.42.1.ia64.rpm libopenssl1_0_0-x86-1.0.0c-18.42.1.ia64.rpm openssl-1.0.0c-18.42.1.i586.rpm openssl-1.0.0c-18.42.1.src.rpm openssl-debuginfo-1.0.0c-18.42.1.i586.rpm openssl-debugsource-1.0.0c-18.42.1.i586.rpm openssl-doc-1.0.0c-18.42.1.noarch.rpm libopenssl-devel-1.0.0c-18.42.1.x86_64.rpm libopenssl1_0_0-1.0.0c-18.42.1.x86_64.rpm libopenssl1_0_0-debuginfo-1.0.0c-18.42.1.x86_64.rpm openssl-1.0.0c-18.42.1.x86_64.rpm openssl-debuginfo-1.0.0c-18.42.1.x86_64.rpm openssl-debugsource-1.0.0c-18.42.1.x86_64.rpm openSUSE-2012-288 important openSUSE 11.4 Update The patch for CVE-2012-1823 was incomplete, this update fixes the remaining bits (CVE-2012-2335, CVE-2012-2336) apache2-mod_php5-5.3.5-335.1.i586.rpm apache2-mod_php5-debuginfo-5.3.5-335.1.i586.rpm php5-5.3.5-335.1.i586.rpm php5-5.3.5-335.1.src.rpm php5-bcmath-5.3.5-335.1.i586.rpm php5-bcmath-debuginfo-5.3.5-335.1.i586.rpm php5-bz2-5.3.5-335.1.i586.rpm php5-bz2-debuginfo-5.3.5-335.1.i586.rpm php5-calendar-5.3.5-335.1.i586.rpm php5-calendar-debuginfo-5.3.5-335.1.i586.rpm php5-ctype-5.3.5-335.1.i586.rpm php5-ctype-debuginfo-5.3.5-335.1.i586.rpm php5-curl-5.3.5-335.1.i586.rpm php5-curl-debuginfo-5.3.5-335.1.i586.rpm php5-dba-5.3.5-335.1.i586.rpm php5-dba-debuginfo-5.3.5-335.1.i586.rpm php5-debuginfo-5.3.5-335.1.i586.rpm php5-debugsource-5.3.5-335.1.i586.rpm php5-devel-5.3.5-335.1.i586.rpm php5-dom-5.3.5-335.1.i586.rpm php5-dom-debuginfo-5.3.5-335.1.i586.rpm php5-enchant-5.3.5-335.1.i586.rpm php5-enchant-debuginfo-5.3.5-335.1.i586.rpm php5-exif-5.3.5-335.1.i586.rpm php5-exif-debuginfo-5.3.5-335.1.i586.rpm php5-fastcgi-5.3.5-335.1.i586.rpm php5-fastcgi-debuginfo-5.3.5-335.1.i586.rpm php5-fileinfo-5.3.5-335.1.i586.rpm php5-fileinfo-debuginfo-5.3.5-335.1.i586.rpm php5-fpm-5.3.5-335.1.i586.rpm php5-fpm-debuginfo-5.3.5-335.1.i586.rpm php5-ftp-5.3.5-335.1.i586.rpm php5-ftp-debuginfo-5.3.5-335.1.i586.rpm php5-gd-5.3.5-335.1.i586.rpm php5-gd-debuginfo-5.3.5-335.1.i586.rpm php5-gettext-5.3.5-335.1.i586.rpm php5-gettext-debuginfo-5.3.5-335.1.i586.rpm php5-gmp-5.3.5-335.1.i586.rpm php5-gmp-debuginfo-5.3.5-335.1.i586.rpm php5-hash-5.3.5-335.1.i586.rpm php5-hash-debuginfo-5.3.5-335.1.i586.rpm php5-iconv-5.3.5-335.1.i586.rpm php5-iconv-debuginfo-5.3.5-335.1.i586.rpm php5-imap-5.3.5-335.1.i586.rpm php5-imap-debuginfo-5.3.5-335.1.i586.rpm php5-intl-5.3.5-335.1.i586.rpm php5-intl-debuginfo-5.3.5-335.1.i586.rpm php5-json-5.3.5-335.1.i586.rpm php5-json-debuginfo-5.3.5-335.1.i586.rpm php5-ldap-5.3.5-335.1.i586.rpm php5-ldap-debuginfo-5.3.5-335.1.i586.rpm php5-mbstring-5.3.5-335.1.i586.rpm php5-mbstring-debuginfo-5.3.5-335.1.i586.rpm php5-mcrypt-5.3.5-335.1.i586.rpm php5-mcrypt-debuginfo-5.3.5-335.1.i586.rpm php5-mysql-5.3.5-335.1.i586.rpm php5-mysql-debuginfo-5.3.5-335.1.i586.rpm php5-odbc-5.3.5-335.1.i586.rpm php5-odbc-debuginfo-5.3.5-335.1.i586.rpm php5-openssl-5.3.5-335.1.i586.rpm php5-openssl-debuginfo-5.3.5-335.1.i586.rpm php5-pcntl-5.3.5-335.1.i586.rpm php5-pcntl-debuginfo-5.3.5-335.1.i586.rpm php5-pdo-5.3.5-335.1.i586.rpm php5-pdo-debuginfo-5.3.5-335.1.i586.rpm php5-pear-5.3.5-335.1.noarch.rpm php5-pgsql-5.3.5-335.1.i586.rpm php5-pgsql-debuginfo-5.3.5-335.1.i586.rpm php5-phar-5.3.5-335.1.i586.rpm php5-phar-debuginfo-5.3.5-335.1.i586.rpm php5-posix-5.3.5-335.1.i586.rpm php5-posix-debuginfo-5.3.5-335.1.i586.rpm php5-pspell-5.3.5-335.1.i586.rpm php5-pspell-debuginfo-5.3.5-335.1.i586.rpm php5-readline-5.3.5-335.1.i586.rpm php5-readline-debuginfo-5.3.5-335.1.i586.rpm php5-shmop-5.3.5-335.1.i586.rpm php5-shmop-debuginfo-5.3.5-335.1.i586.rpm php5-snmp-5.3.5-335.1.i586.rpm php5-snmp-debuginfo-5.3.5-335.1.i586.rpm php5-soap-5.3.5-335.1.i586.rpm php5-soap-debuginfo-5.3.5-335.1.i586.rpm php5-sockets-5.3.5-335.1.i586.rpm php5-sockets-debuginfo-5.3.5-335.1.i586.rpm php5-sqlite-5.3.5-335.1.i586.rpm php5-sqlite-debuginfo-5.3.5-335.1.i586.rpm php5-suhosin-5.3.5-335.1.i586.rpm php5-suhosin-debuginfo-5.3.5-335.1.i586.rpm php5-sysvmsg-5.3.5-335.1.i586.rpm php5-sysvmsg-debuginfo-5.3.5-335.1.i586.rpm php5-sysvsem-5.3.5-335.1.i586.rpm php5-sysvsem-debuginfo-5.3.5-335.1.i586.rpm php5-sysvshm-5.3.5-335.1.i586.rpm php5-sysvshm-debuginfo-5.3.5-335.1.i586.rpm php5-tidy-5.3.5-335.1.i586.rpm php5-tidy-debuginfo-5.3.5-335.1.i586.rpm php5-tokenizer-5.3.5-335.1.i586.rpm php5-tokenizer-debuginfo-5.3.5-335.1.i586.rpm php5-wddx-5.3.5-335.1.i586.rpm php5-wddx-debuginfo-5.3.5-335.1.i586.rpm php5-xmlreader-5.3.5-335.1.i586.rpm php5-xmlreader-debuginfo-5.3.5-335.1.i586.rpm php5-xmlrpc-5.3.5-335.1.i586.rpm php5-xmlrpc-debuginfo-5.3.5-335.1.i586.rpm php5-xmlwriter-5.3.5-335.1.i586.rpm php5-xmlwriter-debuginfo-5.3.5-335.1.i586.rpm php5-xsl-5.3.5-335.1.i586.rpm php5-xsl-debuginfo-5.3.5-335.1.i586.rpm php5-zip-5.3.5-335.1.i586.rpm php5-zip-debuginfo-5.3.5-335.1.i586.rpm php5-zlib-5.3.5-335.1.i586.rpm php5-zlib-debuginfo-5.3.5-335.1.i586.rpm apache2-mod_php5-5.3.5-335.1.x86_64.rpm apache2-mod_php5-debuginfo-5.3.5-335.1.x86_64.rpm php5-5.3.5-335.1.x86_64.rpm php5-bcmath-5.3.5-335.1.x86_64.rpm php5-bcmath-debuginfo-5.3.5-335.1.x86_64.rpm php5-bz2-5.3.5-335.1.x86_64.rpm php5-bz2-debuginfo-5.3.5-335.1.x86_64.rpm php5-calendar-5.3.5-335.1.x86_64.rpm php5-calendar-debuginfo-5.3.5-335.1.x86_64.rpm php5-ctype-5.3.5-335.1.x86_64.rpm php5-ctype-debuginfo-5.3.5-335.1.x86_64.rpm php5-curl-5.3.5-335.1.x86_64.rpm php5-curl-debuginfo-5.3.5-335.1.x86_64.rpm php5-dba-5.3.5-335.1.x86_64.rpm php5-dba-debuginfo-5.3.5-335.1.x86_64.rpm php5-debuginfo-5.3.5-335.1.x86_64.rpm php5-debugsource-5.3.5-335.1.x86_64.rpm php5-devel-5.3.5-335.1.x86_64.rpm php5-dom-5.3.5-335.1.x86_64.rpm php5-dom-debuginfo-5.3.5-335.1.x86_64.rpm php5-enchant-5.3.5-335.1.x86_64.rpm php5-enchant-debuginfo-5.3.5-335.1.x86_64.rpm php5-exif-5.3.5-335.1.x86_64.rpm php5-exif-debuginfo-5.3.5-335.1.x86_64.rpm php5-fastcgi-5.3.5-335.1.x86_64.rpm php5-fastcgi-debuginfo-5.3.5-335.1.x86_64.rpm php5-fileinfo-5.3.5-335.1.x86_64.rpm php5-fileinfo-debuginfo-5.3.5-335.1.x86_64.rpm php5-fpm-5.3.5-335.1.x86_64.rpm php5-fpm-debuginfo-5.3.5-335.1.x86_64.rpm php5-ftp-5.3.5-335.1.x86_64.rpm php5-ftp-debuginfo-5.3.5-335.1.x86_64.rpm php5-gd-5.3.5-335.1.x86_64.rpm php5-gd-debuginfo-5.3.5-335.1.x86_64.rpm php5-gettext-5.3.5-335.1.x86_64.rpm php5-gettext-debuginfo-5.3.5-335.1.x86_64.rpm php5-gmp-5.3.5-335.1.x86_64.rpm php5-gmp-debuginfo-5.3.5-335.1.x86_64.rpm php5-hash-5.3.5-335.1.x86_64.rpm php5-hash-debuginfo-5.3.5-335.1.x86_64.rpm php5-iconv-5.3.5-335.1.x86_64.rpm php5-iconv-debuginfo-5.3.5-335.1.x86_64.rpm php5-imap-5.3.5-335.1.x86_64.rpm php5-imap-debuginfo-5.3.5-335.1.x86_64.rpm php5-intl-5.3.5-335.1.x86_64.rpm php5-intl-debuginfo-5.3.5-335.1.x86_64.rpm php5-json-5.3.5-335.1.x86_64.rpm php5-json-debuginfo-5.3.5-335.1.x86_64.rpm php5-ldap-5.3.5-335.1.x86_64.rpm php5-ldap-debuginfo-5.3.5-335.1.x86_64.rpm php5-mbstring-5.3.5-335.1.x86_64.rpm php5-mbstring-debuginfo-5.3.5-335.1.x86_64.rpm php5-mcrypt-5.3.5-335.1.x86_64.rpm php5-mcrypt-debuginfo-5.3.5-335.1.x86_64.rpm php5-mysql-5.3.5-335.1.x86_64.rpm php5-mysql-debuginfo-5.3.5-335.1.x86_64.rpm php5-odbc-5.3.5-335.1.x86_64.rpm php5-odbc-debuginfo-5.3.5-335.1.x86_64.rpm php5-openssl-5.3.5-335.1.x86_64.rpm php5-openssl-debuginfo-5.3.5-335.1.x86_64.rpm php5-pcntl-5.3.5-335.1.x86_64.rpm php5-pcntl-debuginfo-5.3.5-335.1.x86_64.rpm php5-pdo-5.3.5-335.1.x86_64.rpm php5-pdo-debuginfo-5.3.5-335.1.x86_64.rpm php5-pgsql-5.3.5-335.1.x86_64.rpm php5-pgsql-debuginfo-5.3.5-335.1.x86_64.rpm php5-phar-5.3.5-335.1.x86_64.rpm php5-phar-debuginfo-5.3.5-335.1.x86_64.rpm php5-posix-5.3.5-335.1.x86_64.rpm php5-posix-debuginfo-5.3.5-335.1.x86_64.rpm php5-pspell-5.3.5-335.1.x86_64.rpm php5-pspell-debuginfo-5.3.5-335.1.x86_64.rpm php5-readline-5.3.5-335.1.x86_64.rpm php5-readline-debuginfo-5.3.5-335.1.x86_64.rpm php5-shmop-5.3.5-335.1.x86_64.rpm php5-shmop-debuginfo-5.3.5-335.1.x86_64.rpm php5-snmp-5.3.5-335.1.x86_64.rpm php5-snmp-debuginfo-5.3.5-335.1.x86_64.rpm php5-soap-5.3.5-335.1.x86_64.rpm php5-soap-debuginfo-5.3.5-335.1.x86_64.rpm php5-sockets-5.3.5-335.1.x86_64.rpm php5-sockets-debuginfo-5.3.5-335.1.x86_64.rpm php5-sqlite-5.3.5-335.1.x86_64.rpm php5-sqlite-debuginfo-5.3.5-335.1.x86_64.rpm php5-suhosin-5.3.5-335.1.x86_64.rpm php5-suhosin-debuginfo-5.3.5-335.1.x86_64.rpm php5-sysvmsg-5.3.5-335.1.x86_64.rpm php5-sysvmsg-debuginfo-5.3.5-335.1.x86_64.rpm php5-sysvsem-5.3.5-335.1.x86_64.rpm php5-sysvsem-debuginfo-5.3.5-335.1.x86_64.rpm php5-sysvshm-5.3.5-335.1.x86_64.rpm php5-sysvshm-debuginfo-5.3.5-335.1.x86_64.rpm php5-tidy-5.3.5-335.1.x86_64.rpm php5-tidy-debuginfo-5.3.5-335.1.x86_64.rpm php5-tokenizer-5.3.5-335.1.x86_64.rpm php5-tokenizer-debuginfo-5.3.5-335.1.x86_64.rpm php5-wddx-5.3.5-335.1.x86_64.rpm php5-wddx-debuginfo-5.3.5-335.1.x86_64.rpm php5-xmlreader-5.3.5-335.1.x86_64.rpm php5-xmlreader-debuginfo-5.3.5-335.1.x86_64.rpm php5-xmlrpc-5.3.5-335.1.x86_64.rpm php5-xmlrpc-debuginfo-5.3.5-335.1.x86_64.rpm php5-xmlwriter-5.3.5-335.1.x86_64.rpm php5-xmlwriter-debuginfo-5.3.5-335.1.x86_64.rpm php5-xsl-5.3.5-335.1.x86_64.rpm php5-xsl-debuginfo-5.3.5-335.1.x86_64.rpm php5-zip-5.3.5-335.1.x86_64.rpm php5-zip-debuginfo-5.3.5-335.1.x86_64.rpm php5-zlib-5.3.5-335.1.x86_64.rpm php5-zlib-debuginfo-5.3.5-335.1.x86_64.rpm openSUSE-2012-332 important openSUSE 11.4 Update Version upgrade to 5.1.63 of MySQL to fix an authentication bypass flaw. Additionally, various other non-security bugs were fixed. libmysqlclient-devel-5.1.63-55.1.i586.rpm libmysqlclient16-32bit-5.1.63-55.1.x86_64.rpm libmysqlclient16-5.1.63-55.1.i586.rpm libmysqlclient16-debuginfo-32bit-5.1.63-55.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.63-55.1.i586.rpm libmysqlclient16-debuginfo-x86-5.1.63-55.1.ia64.rpm libmysqlclient16-debuginfo-x86-debuginfo-5.1.63-55.1.ia64.rpm libmysqlclient16-x86-5.1.63-55.1.ia64.rpm libmysqlclient_r16-32bit-5.1.63-55.1.x86_64.rpm libmysqlclient_r16-5.1.63-55.1.i586.rpm libmysqlclient_r16-debuginfo-32bit-5.1.63-55.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.63-55.1.i586.rpm libmysqlclient_r16-debuginfo-x86-5.1.63-55.1.ia64.rpm libmysqlclient_r16-debuginfo-x86-debuginfo-5.1.63-55.1.ia64.rpm libmysqlclient_r16-x86-5.1.63-55.1.ia64.rpm libmysqld-devel-5.1.63-55.1.i586.rpm libmysqld0-5.1.63-55.1.i586.rpm libmysqld0-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-5.1.63-55.1.i586.rpm mysql-community-server-5.1.63-55.1.src.rpm mysql-community-server-bench-5.1.63-55.1.i586.rpm mysql-community-server-bench-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-client-5.1.63-55.1.i586.rpm mysql-community-server-client-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-debug-5.1.63-55.1.i586.rpm mysql-community-server-debug-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-debugsource-5.1.63-55.1.i586.rpm mysql-community-server-debugsource-5.1.63-55.1.ia64.rpm mysql-community-server-debugsource-5.1.63-55.1.x86_64.rpm mysql-community-server-test-5.1.63-55.1.i586.rpm mysql-community-server-test-debuginfo-5.1.63-55.1.i586.rpm mysql-community-server-tools-5.1.63-55.1.i586.rpm mysql-community-server-tools-debuginfo-5.1.63-55.1.i586.rpm libmysqlclient-devel-5.1.63-55.1.x86_64.rpm libmysqlclient16-5.1.63-55.1.x86_64.rpm libmysqlclient16-debuginfo-5.1.63-55.1.x86_64.rpm libmysqlclient_r16-5.1.63-55.1.x86_64.rpm libmysqlclient_r16-debuginfo-5.1.63-55.1.x86_64.rpm libmysqld-devel-5.1.63-55.1.x86_64.rpm libmysqld0-5.1.63-55.1.x86_64.rpm libmysqld0-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-5.1.63-55.1.x86_64.rpm mysql-community-server-bench-5.1.63-55.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-client-5.1.63-55.1.x86_64.rpm mysql-community-server-client-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-debug-5.1.63-55.1.x86_64.rpm mysql-community-server-debug-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-test-5.1.63-55.1.x86_64.rpm mysql-community-server-test-debuginfo-5.1.63-55.1.x86_64.rpm mysql-community-server-tools-5.1.63-55.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.1.63-55.1.x86_64.rpm openSUSE-2012-378 important openSUSE 11.4 Update This version upgrade of mysql-cluster to version 7.1.22 fixed an authentication bypass flaw. Additionally, this version upgrade also includes fixes for various other bugs. libmysqlclusterclient16-7.1.22-55.1.i586.rpm libmysqlclusterclient16-debuginfo-7.1.22-55.1.i586.rpm libmysqlclusterclient_r16-7.1.22-55.1.i586.rpm libmysqlclusterclient_r16-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-7.1.22-55.1.i586.rpm mysql-cluster-7.1.22-55.1.src.rpm mysql-cluster-bench-7.1.22-55.1.i586.rpm mysql-cluster-bench-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-client-7.1.22-55.1.i586.rpm mysql-cluster-client-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debug-7.1.22-55.1.i586.rpm mysql-cluster-debug-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-debugsource-7.1.22-55.1.i586.rpm mysql-cluster-ndb-extra-7.1.22-55.1.i586.rpm mysql-cluster-ndb-extra-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-management-7.1.22-55.1.i586.rpm mysql-cluster-ndb-management-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-storage-7.1.22-55.1.i586.rpm mysql-cluster-ndb-storage-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-ndb-tools-7.1.22-55.1.i586.rpm mysql-cluster-ndb-tools-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-test-7.1.22-55.1.i586.rpm mysql-cluster-test-debuginfo-7.1.22-55.1.i586.rpm mysql-cluster-tools-7.1.22-55.1.i586.rpm mysql-cluster-tools-debuginfo-7.1.22-55.1.i586.rpm libmysqlclusterclient16-7.1.22-55.1.x86_64.rpm libmysqlclusterclient16-debuginfo-7.1.22-55.1.x86_64.rpm libmysqlclusterclient_r16-7.1.22-55.1.x86_64.rpm libmysqlclusterclient_r16-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-7.1.22-55.1.x86_64.rpm mysql-cluster-bench-7.1.22-55.1.x86_64.rpm mysql-cluster-bench-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-client-7.1.22-55.1.x86_64.rpm mysql-cluster-client-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debug-7.1.22-55.1.x86_64.rpm mysql-cluster-debug-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-debugsource-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-extra-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-extra-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-management-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-management-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-storage-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-storage-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-tools-7.1.22-55.1.x86_64.rpm mysql-cluster-ndb-tools-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-test-7.1.22-55.1.x86_64.rpm mysql-cluster-test-debuginfo-7.1.22-55.1.x86_64.rpm mysql-cluster-tools-7.1.22-55.1.x86_64.rpm mysql-cluster-tools-debuginfo-7.1.22-55.1.x86_64.rpm openSUSE-2012-404 critical openSUSE 11.4 Update This update of XEN fixed multiple security flaws that could be exploited by local attackers to cause a Denial of Service or potentially escalate privileges. Additionally, several other upstream changes were backported. xen-4.0.3_04-42.4.i586.rpm xen-4.0.3_04-42.4.src.rpm xen-debugsource-4.0.3_04-42.4.i586.rpm xen-devel-4.0.3_04-42.4.i586.rpm xen-doc-html-4.0.3_04-42.4.i586.rpm xen-doc-pdf-4.0.3_04-42.4.i586.rpm xen-kmp-default-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-kmp-default-debuginfo-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-kmp-desktop-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-kmp-desktop-debuginfo-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-kmp-pae-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-kmp-pae-debuginfo-4.0.3_04_k2.6.37.6_0.20-42.4.i586.rpm xen-libs-4.0.3_04-42.4.i586.rpm xen-libs-debuginfo-4.0.3_04-42.4.i586.rpm xen-tools-4.0.3_04-42.4.i586.rpm xen-tools-debuginfo-4.0.3_04-42.4.i586.rpm xen-tools-domU-4.0.3_04-42.4.i586.rpm xen-tools-domU-debuginfo-4.0.3_04-42.4.i586.rpm xen-4.0.3_04-42.4.x86_64.rpm xen-debugsource-4.0.3_04-42.4.x86_64.rpm xen-devel-4.0.3_04-42.4.x86_64.rpm xen-doc-html-4.0.3_04-42.4.x86_64.rpm xen-doc-pdf-4.0.3_04-42.4.x86_64.rpm xen-kmp-default-4.0.3_04_k2.6.37.6_0.20-42.4.x86_64.rpm xen-kmp-default-debuginfo-4.0.3_04_k2.6.37.6_0.20-42.4.x86_64.rpm xen-kmp-desktop-4.0.3_04_k2.6.37.6_0.20-42.4.x86_64.rpm xen-kmp-desktop-debuginfo-4.0.3_04_k2.6.37.6_0.20-42.4.x86_64.rpm xen-libs-4.0.3_04-42.4.x86_64.rpm xen-libs-debuginfo-4.0.3_04-42.4.x86_64.rpm xen-tools-4.0.3_04-42.4.x86_64.rpm xen-tools-debuginfo-4.0.3_04-42.4.x86_64.rpm xen-tools-domU-4.0.3_04-42.4.x86_64.rpm xen-tools-domU-debuginfo-4.0.3_04-42.4.x86_64.rpm