Marcus Updateinfo to OVAL Converter 5.5 2014-01-28T04:00:09 openSUSE 12.2 Update Empty. openSUSE 12.2 Update A denial of service attack (NULL ptr dereference) in claws mail was fixed. openSUSE 12.2 Update This update of libqt4 disabled compression to mitigate the CRIME attack. openSUSE 12.2 Update java-1_7_0-opendjk was updated to icedtea-2.3.3 (bnc#785814) * Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp - S7158807: Revise stack management with volatile call sites - S7163198, CVE-2012-5076: Tightened package accessibility - S7167656, CVE-2012-5077: Multiple Seeders are being created - S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types - S7169887, CVE-2012-5074: Tightened package accessibility - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector - S7172522, CVE-2012-5072: Improve DomainCombiner checking - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC - S7189103, CVE-2012-5069: Executors needs to maintain state - S7189490: More improvements to DomainCombiner checking - S7189567, CVE-2012-5085: java net obselete protocol - S7192975, CVE-2012-5071: Issue with JMX reflection - S7195194, CVE-2012-5084: Better data validation for Swing - S7195549, CVE-2012-5087: Better bean object persistence - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved - S7195919, CVE-2012-5079: (sl) ServiceLoader can throw CCE without needing to create instance - S7196190, CVE-2012-5088: Improve method of handling MethodHandles - S7198296, CVE-2012-5089: Refactor classloader usage - S7158800: Improve storage of symbol tables - S7158801: Improve VM CompileOnly option - S7158804: Improve config file parsing - S7198606, CVE-2012-4416: Improve VM optimization * Bug fixes - Remove merge artefact. openSUSE 12.2 Update Automake received fixes for race conditions in "make distcheck", where tarballs were created world-writeable. openSUSE 12.2 Update This update fixes a remotely exploitable overflow in DKIM handling. openSUSE 12.2 Update Specially-crafted commits could trigger a heap-based buffer overflow openSUSE 12.2 Update Mozilla Firefox, Thunderbird and XULRunner were updated to 16.0.2. Mozilla Seamonkey was updated to 2.13.2. Tracker bug: bnc#786522 A security issues was fixed: * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 (bmo#800666, bmo#793121, bmo#802557) Fixes for Location object issues The update also brings back Obsoletes for libproxy's mozjs plugin for distributions before 12.2 to avoid crashes openSUSE 12.2 Update Specially-crafted commits can cause code to be executed on the clients due to improperly quoted arguments. openSUSE 12.2 Update This update of ruby fixed multiple SAFE level bypass flaws. openSUSE 12.2 Update Some potential mcrypt buffer overflows in the commandline tool were fixed, which could lead to early aborts of mcrypt. Due to FORTIFY_SOURCE catching such cases, it would have only aborted mcrypt with a buffer overflow backtrace. openSUSE 12.2 Update This update of plib fixed two stack-based buffer overflows. openSUSE 12.2 Update This update of phpMyAdmin is a version upgrade to 3.5.3.0 to fix multiple XSS flaws. openSUSE 12.2 Update LibreOffice was updated to 3.5.4.13 (3.5.6rc2 based), fixing a security issue and lots of bugs: - NULL pointer dereference (bnc#778669, CVE-2012-4233) - bullet-color-pptx-import.diff: bullets should have same color as following text by default; missing part of the fix (bnc#734733) - update to suse-3.5.4.13 (SUSE 3.5 bugfix release 13, based on upstream 3.5.6-rc2) * polygon fill rule (bnc#759172) * open XML in Writer (bnc#777181) * undo in text objects (fdo#36138) * broken numbering level (bnc#760019) * better MathML detection (bnc#774921) * pictures in DOCX import (bnc#772094) * collapsing border painting (fdo#39415) * better DOCX text box export (fdo#45724) * hidden text in PPTX import (bnc#759180) * slide notes in PPTX import (bnc#768027) * RTL paragraphs in DOC import (fdo#43398) * better vertical text imports (bnc#744510) * HYPERLINK field in DOCX import (fdo#51034) * shadow color on partial redraw (bnc#773515) * floating objects in DOCX import (bnc#775899) * graphite2 hyphenation regression (fdo#49486) * missing shape position and size (bnc#760997) * page style attributes in ODF import (fdo#38056) * browsing in Template dialog crasher (fdo#46249) * wrong master slide shape being used (bnc#758565) * page borders regression in ODT import (fdo#38056) * invalidate bound rect after drag&amp;drop (fdo#44534) * rotated shape margins in PPTX import (bnc#773048) * pasting into more than 1 sheet crasher (fdo#47311) * crashers in PPT/PPTX import (bnc#768027, bnc#774167 * missing footnote in DOCX/DOC/RTF export (fdo#46020) * checkbox no-label behaviour (fdo#51336, bnc#757602) * try somewhat harder to read w:position (bnc#773061) * FormatNumber can handle sal_uInt32 values (fdo#51793) * rectangle-paragraph tables in DOCX import (bnc#775899) * header and bullet in slideshow transition (bnc#759172) * default background color in DOC/DOCX export (fdo#45724) * font name / size attributes in DOCX import (bnc#774681) * zero rect. size causing wrong line positions (fdo#47434) * adjusted display of Bracket/BracePair in PPT (bnc#741480) * use Unicode functions for QuickStarter tooltip (fdo#52143) * TabRatio API and detect macro at group shape fixes (bnc#770708) * indented text in DOCX file does not wrap correctly (bnc#775906) * undocked toolbars do not show all icons in special ratio (fdo#47071) * cross-reference text when Caption order is Numbering first (fdo#50801) * bullet color same as following text by default (bnc#719988, bnc#734733) * misc RTF import fixes (rhbz#819304, fdo#49666, bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335, fdo#48446, fdo#49892, fdo#46966) - update to libvisio 0.0.19: * file displays as blank page in Draw (fdo#50990) - use the vendor SUSE instead of Novell, Inc. - install-with-vendor-SUSE.diff: fix installation with the vendor "SUSE" openSUSE 12.2 Update This update of libotr fixed multiple buffer overflows. openSUSE 12.2 Update This update fixes the following issues for Hyper-V: The source code without this patch caused hv_kvp_daemon to exit when it processed a spoofed Netlink packet which has been sent from an untrusted local user. Now Netlink messages with a non-zero nl_pid source address are ignored and a warning is printed into the syslog. This fixes the previous change from CVE-2012-2669. openSUSE 12.2 Update This update fixes the following issues for wireshark: - Security update to 1.8.4: https://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html http://seclists.org/oss-sec/2012/q4/378 CVE-2012-5592 Wireshark #1 pcap-ng hostname disclosure (wnpa-sec-2012-30) CVE-2012-5593 Wireshark #2 DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31) CVE-2012-5594 Wireshark #3 DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32) CVE-2012-5595 Wireshark #4 DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33) CVE-2012-5596 Wireshark #5 DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34) CVE-2012-5597 Wireshark #6 DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35) CVE-2012-5598 Wireshark #7 DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36) CVE-2012-5599 Wireshark #8 DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37) CVE-2012-5600 Wireshark #9 DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38) CVE-2012-5601 Wireshark #10 DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39) CVE-2012-5602 Wireshark #11 DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40) And also the bugfix: - bnc#780669: change wireshark.spec BuildRequires lua-devel to lua51-devel to fix lua-support in openSUSE 12.2 openSUSE 12.2 Update This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc#787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk (XSA 25) CVE-2012-4544-xsa25.patch - bnc#779212 - CVE-2012-4411: XEN / qemu: guest administrator can access qemu monitor console (XSA-19) CVE-2012-4411-xsa19.patch - bnc#786516 - CVE-2012-4535: xen: Timer overflow DoS vulnerability CVE-2012-4535-xsa20.patch - bnc#786518 - CVE-2012-4536: xen: pirq range check DoS vulnerability CVE-2012-4536-xsa21.patch - bnc#786517 - CVE-2012-4537: xen: Memory mapping failure DoS vulnerability CVE-2012-4537-xsa22.patch - bnc#786519 - CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability CVE-2012-4538-xsa23.patch - bnc#786520 - CVE-2012-4539: xen: Grant table hypercall infinite loop DoS vulnerability CVE-2012-4539-xsa24.patch - bnc#784087 - L3: Xen BUG at io_apic.c:129 26102-x86-IOAPIC-legacy-not-first.patch - Upstream patches from Jan 26054-x86-AMD-perf-ctr-init.patch 26055-x86-oprof-hvm-mode.patch 26056-page-alloc-flush-filter.patch 26061-x86-oprof-counter-range.patch 26062-ACPI-ERST-move-data.patch 26063-x86-HPET-affinity-lock.patch 26093-HVM-PoD-grant-mem-type.patch - Upstream patches from Jan 25931-x86-domctl-iomem-mapping-checks.patch 25952-x86-MMIO-remap-permissions.patch ------------------------------------------------------------------- Mon Sep 24 16:41:58 CEST 2012 - ohering@suse.de - use BuildRequires: gcc46 only in sles11sp2 or 12.1 to fix build in 11.4 ------------------------------------------------------------------- Thu Sep 20 10:03:40 MDT 2012 - carnold@novell.com - Upstream patches from Jan 25808-domain_create-return-value.patch 25814-x86_64-set-debugreg-guest.patch 25815-x86-PoD-no-bug-in-non-translated.patch 25816-x86-hvm-map-pirq-range-check.patch 25833-32on64-bogus-pt_base-adjust.patch 25834-x86-S3-MSI-resume.patch 25835-adjust-rcu-lock-domain.patch 25836-VT-d-S3-MSI-resume.patch 25850-tmem-xsa-15-1.patch 25851-tmem-xsa-15-2.patch 25852-tmem-xsa-15-3.patch 25853-tmem-xsa-15-4.patch 25854-tmem-xsa-15-5.patch 25855-tmem-xsa-15-6.patch 25856-tmem-xsa-15-7.patch 25857-tmem-xsa-15-8.patch 25858-tmem-xsa-15-9.patch 25859-tmem-missing-break.patch 25860-tmem-cleanup.patch 25883-pt-MSI-cleanup.patch 25927-x86-domctl-ioport-mapping-range.patch 25929-tmem-restore-pool-version.patch - bnc#778105 - first XEN-PV VM fails to spawn xend: Increase wait time for disk to appear in host bootloader Modified existing xen-domUloader.diff - Upstream patches from Jan 25752-ACPI-pm-op-valid-cpu.patch 25754-x86-PoD-early-access.patch 25755-x86-PoD-types.patch 25756-x86-MMIO-max-mapped-pfn.patch 25757-x86-EPT-PoD-1Gb-assert.patch 25764-x86-unknown-cpu-no-sysenter.patch 25765-x86_64-allow-unsafe-adjust.patch 25771-grant-copy-status-paged-out.patch 25773-x86-honor-no-real-mode.patch 25786-x86-prefer-multiboot-meminfo-over-e801.patch - bnc#777890 - CVE-2012-3497: xen: multiple TMEM hypercall vulnerabilities (XSA-15) CVE-2012-3497-tmem-xsa-15-1.patch CVE-2012-3497-tmem-xsa-15-2.patch CVE-2012-3497-tmem-xsa-15-3.patch CVE-2012-3497-tmem-xsa-15-4.patch CVE-2012-3497-tmem-xsa-15-5.patch CVE-2012-3497-tmem-xsa-15-6.patch CVE-2012-3497-tmem-xsa-15-7.patch CVE-2012-3497-tmem-xsa-15-8.patch CVE-2012-3497-tmem-xsa-15-9.patch tmem-missing-break.patch openSUSE 12.2 Update The IcedTea Web Java plugin was updated to 1.3.1 (bnc#787846) - Security Updates * CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet - Common Bugfixes - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775) openSUSE 12.2 Update This update of kdelibs fixed various memory corruption vulnerabilities. On openSUSE 12.1 a akregator crash on closing tab was fixed. openSUSE 12.2 Update - added weechat-fix-hook_process-shell-injection.patch which fixes a shell injection vulnerability in the hook_process function (bnc#790217, CVE-2012-5534) - added weechat-fix-buffer-overflow-in-irc-color-decoding.patch which fixes a heap-based overflow when decoding IRC colors in strings (bnc#789146, CVE-2012-5854) openSUSE 12.2 Update Changes in MozillaFirefox: - update to Firefox 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) openSUSE 12.2 Update Changes in MozillaThunderbird: - update to Thunderbird 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) - update Enigmail to 1.4.6 openSUSE 12.2 Update Changes in xulrunner: - update to 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) openSUSE 12.2 Update Changes in seamonkey: - update to SeaMonkey 2.14 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) openSUSE 12.2 Update - Fixing bnc#790258 CVE-2012-5533: Denial of Service via specially-crafted HTTP header. Added patches: 0001-Fix-DoS-in-header-value-split-reported-by-Jesse-Sipp.patch 0001-remove-whitespace-at-end-of-header-keys.patch openSUSE 12.2 Update This update of libssh fixed various memory management issues that could have security implications (Code execution, Denial of Service). openSUSE 12.2 Update This update of sblim-cim-client2 fixed a Denial of Service (via hash table collision) issue. openSUSE 12.2 Update This version update to version 5.0.24 addresses CVE-2012-5565 (bnc#791179) to fix XSS vulnerabilities on the compose page (traditional view), the contacts popup window, and with certain IMAP mailbox names. openSUSE 12.2 Update Fix integer overflow by parsing PPM image. (bnc#789835, CVE-2012-4433) openSUSE 12.2 Update This version update to version 3.0.18 addresses bnc#791184: Two sets (3.0.17 and 3.0.18) of XSS flaws (CVE-2012-5566 and CVE-2012-5567) openSUSE 12.2 Update - Add gimp-CVE-2012-5576.patch: fix memory corruption vulnerability when reading XWD files (bnc#791372, bgo#687392, CVE-2012-5576). openSUSE 12.2 Update - Tear down the circuit when receiving an unexpected SENDME cell. Prevents circumvention of the network's flow control, exhaustion of network resources and possible denial-of-service attacks on entry nodes [bnc#791374] CVE-2012-5573, adding tor-0.2.2.39-SENDME-DOS.patch openSUSE 12.2 Update Chromium was updated to 25.0.1343 * Security Fixes (bnc#791234 and bnc#792154): - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding - CVE-2012-5134: Buffer underflow in libxml. - CVE-2012-5135: Use-after-free with printing. - CVE-2012-5136: Bad cast in input element handling. - CVE-2012-5138: Incorrect file path handling - CVE-2012-5137: Use-after-free in media source handling - Correct build so that proprietary codecs can be used when the chromium-ffmpeg package is installed - Update to 25.0.1335 * {gtk} Fixed <input> selection renders white text on white background in apps. (Issue: 158422) * Fixed translate infobar button to show selected language. (Issue: 155350) * Fixed broken Arabic language. (Issue: 158978) * Fixed pre-rendering if the preference is disabled at start up. (Issue: 159393) * Fixed JavaScript rendering issue. (Issue: 159655) * No further indications in the ChangeLog * Updated V8 - 3.14.5.0 * Bookmarks are now searched by their title while typing into the omnibox with matching bookmarks being shown in the autocomplete suggestions pop-down list. Matching is done by prefix. * Fixed chromium issues 155871, 154173, 155133. - Removed patch chomium-ffmpeg-no-pkgconfig.patch - Building now internal libffmpegsumo.so based on the standard chromium ffmpeg codecs - Add a configuration file (/etc/default/chromium) where we can indicate flags for the chromium-browser. - add explicit buildrequire on libbz2-devel openSUSE 12.2 Update This version upgrade of bogofilter fixed a heap corruption in the base 64 decoding routine as well as several other non-security issues. openSUSE 12.2 Update A Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. openSUSE 12.2 Update This update of XEN fixes various denial of service bugs. - bnc#789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26) - bnc#789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27) - bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28) - bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29) - bnc#789948 - CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30) - bnc#789950 - CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31) - bnc#789988 - FATAL PAGE FAULT in hypervisor (arch_do_domctl) 25931-x86-domctl-iomem-mapping-checks.patch - Upstream patches from Jan 26132-tmem-save-NULL-check.patch 26134-x86-shadow-invlpg-check.patch 26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch) 26149-x86-p2m-physmap-error-path.patch (Replaces CVE-2012-4537-xsa22.patch) 26150-x86-shadow-unhook-toplevel-check.patch (Replaces CVE-2012-4538-xsa23.patch) 26151-gnttab-compat-get-status-frames.patch (Replaces CVE-2012-4539-xsa24.patch) - bnc#777628 - guest "disappears" after live migration Updated block-dmmd script - Fix exception in balloon.py and osdep.py xen-max-free-mem.diff - bnc#792476 - efi files missing in latest XEN update Revert c/s 25751 EFI Makefile changes in 23614-x86_64-EFI-boot.patch openSUSE 12.2 Update bind received updates to fix bugs and security issues. On openSUSE 12.2, bind was updated to 9.9.2-P1. On openSUSE 12.1, bind was updated to 9.8.4-P1. Main security fix: CVE-2012-5688: Prevents named from aborting with a require assertion failure on servers with DNS64 enabled. These crashes might occur as a result of specific queries that are received. (Note that this fix is a subset of a series of updates that will be included in full in BIND 9.8.5 and 9.9.3 as change #3388, RT #30996). [CVE-2012-5688] [RT #30792] openSUSE 12.2 Update - Update to 25.0.1362 * Security fixes (bnc#794075): - CVE-2012-5139: Use-after-free with visibility events - CVE-2012-5140: Use-after-free in URL loader - CVE-2012-5141: Limit Chromoting client plug-in instantiation. - CVE-2012-5142: Crash in history navigation. - CVE-2012-5143: Integer overflow in PPAPI image buffers - CVE-2012-5144: Stack corruption in AAC decoding * Fixed garbled header and footer text in print preview. [Issue: 152893] * Fixed extension action badges with long text. [Issue: 160069] * Disable find if constrained window is shown. [Issue: 156969] * Enable fullscreen for apps windows. [Issue: 161246] * Fixed broken profile with system-wide installation and UserDataDir & DiskCacheDir policy. [Issue: 161336] * Fixed stability crashes like 158747, 159437, 149139, 160914, 160401, 161858, 158747, 156878 * Fixed graphical corruption in Dust. [Issue: 155258] * Fixed scrolling issue. [Issue: 163553] openSUSE 12.2 Update - fix bnc#793394 - bypass of security constraints (CVE-2012-3546) * tomcat-CVE-2012-3546.patch http://svn.apache.org/viewvc?view=revision&revision=1377892 - fix bnc#793391 - bypass of CSRF prevention filter (CVE-2012-4431) * tomcat-CVE-2012-4431.patch http://svn.apache.org/viewvc?view=revision&revision=1393088 - document how to protect against slowloris DoS (CVE-2012-5568/bnc#791679) in README.SUSE - fixes bnc#791423 - cnonce tracking weakness (CVE-2012-5885) bnc#791424 - authentication caching weakness (CVE-2012-5886) bnc#791426 - stale nonce weakness (CVE-2012-5887) * tomcat-dont-parse-user-name-twice.patch http://svn.apache.org/viewvc?view=revision&revision=1366723 * tomcat-CVE-2009-2693-CVE-2009-2901-CVE-2009-2902.patch http://svn.apache.org/viewvc?view=revision&revision=1377807 - fix bnc#789406: HTTP NIO connector OOM DoS via a request with large headers (CVE-2012-2733) * http://svn.apache.org/viewvc?view=revision&revision=1350301 - fix bnc#779538 - Tomcat7 default current workdir isn't /usr/share/tomcat openSUSE 12.2 Update mysql community server was updated to 5.5.28, fixing bugs and security issues. See http://dev.mysql.com/doc/refman/5.5/en/news-5-5-27.html http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html openSUSE 12.2 Update MariaDB was updated to 5.5.28a, fixing bugs and security issues: * Release notes: http://kb.askmonty.org/v/mariadb-5528a-release-notes http://kb.askmonty.org/v/mariadb-5528-release-notes http://kb.askmonty.org/v/mariadb-5527-release-notes * Changelog: http://kb.askmonty.org/v/mariadb-5528a-changelog http://kb.askmonty.org/v/mariadb-5528-changelog http://kb.askmonty.org/v/mariadb-5527-changelog openSUSE 12.2 Update libqt4 received a fix for a security issue: - avoid redirect to file url scheme in XMLHttpRequests (bnc#793194, CVE-2012-5624) openSUSE 12.2 Update - fix bnc#794548 - denial of service (CVE-2012-4534) * tomcat-CVE-2012-4534.patch fixes apache#53138, apache#52858 http://svn.apache.org/viewvc?view=rev&rev=1340218 openSUSE 12.2 Update The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. Mozilla XULRunner was updated to version 17.0.2. * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas * MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads * MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups * MFSA 2013-06/CVE-2013-0751 (bmo#790454) Touch events are shared across iframes * MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads * MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection * MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values * MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy * MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects * MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in Javascript string concatenation * MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG * MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype * MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects * MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream * MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager * MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate * MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in Javascript Proxy objects Mozilla NSPR was updated to 4.9.4, containing some small bugfixes and new features. Mozilla NSS was updated to 3.14.1 containing various new features, security fix and bugfixes: * MFSA 2013-20/CVE-2013-0743 (bmo#825022, bnc#796628) revoke mis-issued intermediate certificates from TURKTRUST Cryptographic changes done: * Support for TLS 1.1 (RFC 4346) * Experimental support for DTLS 1.0 (RFC 4347) and DTLS-SRTP (RFC 5764) * Support for AES-CTR, AES-CTS, and AES-GCM * Support for Keying Material Exporters for TLS (RFC 5705) * Support for certificate signatures using the MD5 hash algorithm is now disabled by default * The NSS license has changed to MPL 2.0. Previous releases were released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more information about MPL 2.0, please see http://www.mozilla.org/MPL/2.0/FAQ.html. For an additional explanation on GPL/LGPL compatibility, see security/nss/COPYING in the source code. * Export and DES cipher suites are disabled by default. Non-ECC AES and Triple DES cipher suites are enabled by default Please see http://www.mozilla.org/security/announce/ for more information. openSUSE 12.2 Update - fix for CVE-2011-4966 (bnc#797313) (freeradius-server-CVE-2011-4966.patch) - fixed a bug in the logrotate script (bnc#797292) openSUSE 12.2 Update - BNC#795826, CVE-2012-5668.patch [bdf] Fix Savannah bug #37905. * src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero in case of allocation error; this value gets used in a loop in - BNC#795826, CVE-2012-5669.patch [bdf] Fix Savannah bug #37906. * src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for checking `glyph_enc'. - BNC#795826, CVE-2012-5670.patch [bdf] Fix Savannah bug #37907. * src/bdf/bdflib.c (_bdf_parse_glyphs) <ENCODING>: Normalize negative second parameter of `ENCODING' field also. openSUSE 12.2 Update - avoid stack based buffer overflow in web interface (history): added nagios-history_buffer_overflow.patch - (bnc#797237) fixes CVE-2012-6096 openSUSE 12.2 Update - imported upstream version 1.7.4 - bnc#797237 * core: add fix for CVE-2012-6096 - history.cgi remote command execution (Eric Stanley, Markus Frosch) #3532 - MF * core: fix embedded perl segfault #3027 - MF * core: fix duplicated events on check scheduling logic for new events (Andreas Ericsson) #2676 #2993 - MF * core: avoid duplicate events when scheduling forced host|service check (Imri Zvik) #2993 - MF * core: get rid of the instame macro usage while logging alerts and states (Andreas Ericsson) #2665 - MF * core: revamp the detection of embedded perl usage directive "# icinga: +epn" (Andreas Ericsson) #2197 - MF * core: fix whitespaces are not stripped using multiple templates ("use abc, def, ghi") #2701 - MF * core: add hint on icinga.cfg package location, and tip to read Changelog CHANGES on upgrades #2879 - MF * core: bail out early with config error if resource.cfg macros contain NULL values #2879 - MF * core: fix logical bug on icinga.cfg detection on config read #2879 - MF * core: fsync() files before fclose() (Andreas Ericsson) #2948 - MF * core: remove weird switch() statement when scanning checkresult queue (Andreas Ericsson) #2950 - MF * core: fix deleting too old check result files (Andreas Ericsson) #2951 - MF * idoutils: fix IDOUtils on PostgreSQL, recreates service objects in icinga_objects (thx Torsten Fohrer) #3166 - MF * idoutils: fix icinga mysql db creation script grants access to all dbs #2917 - MF * idoutils: fix ignoring mysql password in create_mysqldb.sh #2994 - MF - removed obsolete patches openSUSE 12.2 Update - update to 3.1.23 fix for bnc#794954, CVE-2012-5643, SQUID:2012-1 - Additional fixes for CVE-2012-5643 / SQUID:2012-1 * http://www.squid-cache.org/Advisories/SQUID-2012_1.txt * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643 - removed 3.1.12 config, nobuilddates, swapdir patch - added FSF, config, nobuilddates, swapdir patch - added rpmlintrc, service file - rebase swapdir patch openSUSE 12.2 Update java-1_7_0-openjdk was updated to icedtea-2.3.4 fixing bugs and also severe security issues: * Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries - S8006017, CVE-2013-0422: Improve lookup resolutions - S8006125: Update MethodHandles library interactions * Bug fixes - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle &gt; 32 bit shifts - G422525: Fix building with PaX enabled kernels. - use gpg-offline to check the validity of icedtea tarball - use jamvm on %arm - use icedtea package name instead of protected openjdk for jamvm builds - fix armv5 build - update to java access bridge 1.26.2 * bugfix release, mainly 64bit JNI and JVM support - fix a segfault in AWT code - (bnc#792951) * add openjdk-7-src-b147-awt-crasher.patch - turn pulseaudio off on pre 11.4 distros openSUSE 12.2 Update - Fix Bug 786096 - cron: does not close file descriptors before invocation of commands - bug-786096_cronie-fdleak.diff (CVE-2012-6097) openSUSE 12.2 Update - Update to 26.0.1383 * Security fixes (bnc#798326) - CVE-2012-5145: Use-after-free in SVG layout - CVE-2012-5146: Same origin policy bypass with malformed URL - CVE-2012-5147: Use-after-free in DOM handling - CVE-2012-5148: Missing filename sanitization in hyphenation support - CVE-2012-5149: Integer overflow in audio IPC handling - CVE-2012-5150: Use-after-free when seeking video - CVE-2012-5152: Out-of-bounds read when seeking video - CVE-2012-5153: Out-of-bounds stack access in v8. - CVE-2012-5154: Integer overflow in shared memory allocation - CVE-2013-0830: Missing NUL termination in IPC. - CVE-2013-0831: Possible path traversal from extension process - CVE-2013-0832: Use-after-free with printing. - CVE-2013-0833: Out-of-bounds read with printing. - CVE-2013-0834: Out-of-bounds read with glyph handling - CVE-2013-0835: Browser crash with geolocation - CVE-2013-0836: Crash in v8 garbage collection. - CVE-2013-0837: Crash in extension tab handling. - CVE-2013-0838: Tighten permissions on shared memory segments * Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys . # Note: these are for openSUSE Chromium builds ONLY!! (Setup was done based on indication from Pawel Hajdan) - Change the default setting for password-store to basic. (bnc#795860) - Fixes from Update to 25.0.1352 * Fixed garbled header and footer text in print preview. * Fixed broken profile with system-wide installation and * Fixed stability crashes like 158747, 159437, 149139, 160914, - Add a configuration file (/etc/default/chromium) where we can indicate flags for the chromium-browser. * {gtk} Fixed <input> selection renders white text on white * Fixed translate infobar button to show selected language. - Update to 25.0.1329 * No further indications in the ChangeLog - Update to 25.0.1319 * No further indications in the Changelog - Update to 24.0.1308 * Updated V8 - 3.14.5.0 * Bookmarks are now searched by their title while typing into the omnibox with matching bookmarks being shown in the autocomplete suggestions pop-down list. Matching is done by prefix. * Fixed chromium issues 155871, 154173, 155133. * No further indications in the ChangeLog. - Update to 24.0.1283 openSUSE 12.2 Update - added CVE-2013-0420.diff to fix CVE-2013-0420 (bnc#798776) openSUSE 12.2 Update - Avoid segmentation fault in "join -i" with long line input (bnc#798541, VUL-1, CVE-2013-0223) - Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1, CVE-2013-0222) - Avoid segmentation fault in "sort -d" and "sort -M" with long line input (bnc#798538, VUL-1, CVE-2013-0221) openSUSE 12.2 Update The Javascript engine V8 was updated to 3.16.4.0 to fix lots of bugs and security issues. openSUSE 12.2 Update - httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when checking against SNI server names. [bnc#798733] - httpd-2.2.x-bnc777260-CVE-2012-2687-mod_negotiation_filename_xss.diff Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory. CVE-2012-2687 [bnc#777260] openSUSE 12.2 Update libqt4 was updated to fix various issues regarding to SSL and certificates. * various more compromised SSL root and intermediate certificates were blacklisted * Fix wrong error reporting when using a binary incompatible version of openSSL (bnc#797006, CVE-2012-6093) Bugfixes done: * enable linked support for OpenSSL * Add fix for qdbusviewer not matching args (bnc#784197) openSUSE 12.2 Update - Update to version 1.6.18 (bnc#801061) + Security fix for CERT issue VU#922681 This patch addresses three possible buffer overflows in function unique_service_name(). The three issues have the folowing CVE numbers: CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN + Notice that the following issues have already been dealt by previous work: CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType openSUSE 12.2 Update wireshark was updated to 1.8.5 to fix bugs and security issues. Vulnerabilities fixed: * Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 * The CLNP dissector could crash wnpa-sec-2013-02 CVE-2013-1582 * The DTN dissector could crash wnpa-sec-2013-03 CVE-2013-1583 CVE-2013-1584 * The MS-MMC dissector (and possibly others) could crash wnpa-sec-2013-04 CVE-2013-1585 * The DTLS dissector could crash wnpa-sec-2013-05 CVE-2013-1586 * The ROHC dissector could crash wnpa-sec-2013-06 CVE-2013-1587 * The DCP-ETSI dissector could corrupt memory wnpa-sec-2013-07 CVE-2013-1588 * The Wireshark dissection engine could crash wnpa-sec-2013-08 CVE-2013-1589 * The NTLMSSP dissector could overflow a buffer wnpa-sec-2013-09 CVE-2013-1590 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html openSUSE 12.2 Update This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions was fixed. CVE-2013-0155: Unsafe Query Generation Risk in Ruby on Rails was fixed. CVE-2013-0156: Multiple vulnerabilities in parameter parsing in Action Pack were fixed. openSUSE 12.2 Update Samba was updated to 3.6.7 fixing bugs and security issues: - The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 are affected by a cross-site request forgery; CVE-2013-0214; (bnc#799641). - The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1 could possibly be used in clickjacking attacks; CVE-2013-0213; (bnc#800982). It also contains various other bugfixes merged by our Samba team. openSUSE 12.2 Update - Update to libvirt 0.9.11.9 stable release - Fixes CVE-2013-0170 by including cherry picked master commit 46532e3e, bnc#800976 - Fix starting lxc VM e.g from OpenStack bnc#793900 and rh#858104 openSUSE 12.2 Update Inkscape was updated to fix two security issues: - inkscape occasionaly tries to open EPS files from /tmp (bnc#796306, CVE-2012-6076). - inkscape could load XML from external hosts (bnc#794958, CWE-827, CVE-2012-5656). openSUSE 12.2 Update gnome-online-accounts was updated to do SSL certicicate checking when creating accounts, avoiding man-in-the-middle attack possibilities. (CVE-2013--240) openSUSE 12.2 Update This update fixes tmp races in the undo save quit Blender routine. openSUSE 12.2 Update The update to version 0.8.5 includes a fix for an XSS vulnerability. openSUSE 12.2 Update PostgreSQL was updated to version 9.1.8 (bnc#802679): * Prevent execution of enum_recv from SQL (CVE-2013-0255). * Fix multiple problems in detection of when a consistent database state has been reached during WAL replay * Update minimum recovery point when truncating a relation file * Fix recycling of WAL segments after changing recovery target timeline * Fix missing cancellations in hot standby mode * See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.1/static/release-9-1-8.html /usr/share/doc/packages/postgresql/HISTORY - Remove postgresql91-full.spec.in and use postgresql91.spec as the master for generating postgresql91-libs.spec. openSUSE 12.2 Update jakarta-commons-httpclient3 was updated to add SSL certificate hostname checking. (CVE-2012-5783) openSUSE 12.2 Update The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - update to version 3.2.12 (bnc#803336) CVE-2013-0276: - update to version 3.2.12 (bnc#803336) CVE-2013-0276: issue with attr_protected where malformed input could circumvent protection - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277: - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to version 3.2.12 (bnc#803336) CVE-2013-0276: - Quote numeric values being compared to non-numeric columns. Otherwise, in some database, the string column values will be coerced to a numeric allowing 0, 0.0 or false to match any string starting with a non-digit. - update to 1.1.6 (bnc#802794) * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - update to 1.2.8 (bnc#802794) * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - update to 1.3.10 (bnc#802794) * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - ruby rack update to 1.4.5 (bnc#802794 bnc#802795) * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie * Fix CVE-2013-0262, symlink path traversal in Rack::File - ruby rack update to 1.4.4 (bnc#798452) * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings (CVE-2013-0184) - ruby rack changes from 1.4.3 * Security: Prevent unbounded reads in large multipart boundaries (CVE-2013-0183) - ruby rack changes from 1.4.2 (CVE-2012-6109) * Add warnings when users do not provide a session secret * Fix parsing performance for unquoted filenames * Updated URI backports * Fix URI backport version matching, and silence constant warnings * Correct parameter parsing with empty values * Correct rackup '-I' flag, to allow multiple uses * Correct rackup pidfile handling * Report rackup line numbers correctly * Fix request loops caused by non-stale nonces with time limits * Fix reloader on Windows * Prevent infinite recursions from Response#to_ary * Various middleware better conforms to the body close specification * Updated language for the body close specification * Additional notes regarding ECMA escape compatibility issues * Fix the parsing of multiple ranges in range headers * Prevent errors from empty parameter keys * Added PATCH verb to Rack::Request * Various documentation updates * Fix session merge semantics (fixes rack-test) * Rack::Static :index can now handle multiple directories * All tests now utilize Rack::Lint (special thanks to Lars Gierth) * Rack::File cache_control parameter is now deprecated, and removed by 1.5 * Correct Rack::Directory script name escaping * Rack::Static supports header rules for sophisticated configurations * Multipart parsing now works without a Content-Length header * New logos courtesy of Zachary Scott! * Rack::BodyProxy now explicitly defines #each, useful for C extensions * Cookies that are not URI escaped no longer cause exceptions openSUSE 12.2 Update rubgem rdoc was updated to fix a security issue: CVE-2013-0256: rubygem-rdoc: XSS exploit of RDoc documentation generated by rdoc * Ensured that rd parser files are generated before checking the manifest. openSUSE 12.2 Update openssl was updated to 1.0.1e, fixing bugs and security issues: o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. o Fix OCSP bad key DoS attack CVE-2013-0166 bnc#802746 o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 bnc#802184 o Fix for TLS AESNI record handling flaw CVE-2012-2686 Also the following buyg was fixed: bnc#757773 - c_rehash to accept more filename extensions openSUSE 12.2 Update MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0. Changes in MozillaFirefox 19.0: * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - added patch to fix session restore window order (bmo#712763) - update to Firefox 18.0.2 * blocklist and CTP updates * fixes in JS engine - update to Firefox 18.0.1 * blocklist updates * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - Fix WebRTC to build on powerpc Changes in MozillaThunderbird: - update to Thunderbird 17.0.3 (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - update Enigmail to 1.5.1 * The release fixes the regressions found in the past few weeks Changes in seamonkey: - update to SeaMonkey 2.16 (bnc#804248) * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - update to SeaMonkey 2.15.2 * Applications could not be removed from the "Application details" dialog under Preferences, Helper Applications (bmo#826771). * View / Message Body As could show menu items out of context (bmo#831348) - update to SeaMonkey 2.15.1 * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468) Changes in xulrunner: - update to 17.0.3esr (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer openSUSE 12.2 Update java-1_7_0-openjdk was updated to icedtea-2.3.6 (bnc#803379) containing various security and bugfixes: * Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdown - S7141694, CVE-2013-0429: Improving CORBA internals - S7173145: Improve in-memory representation of splashscreens - S7186945: Unpack200 improvement - S7186946: Refine unpacker resource usage - S7186948: Improve Swing data validation - S7186952, CVE-2013-0432: Improve clipboard access - S7186954: Improve connection performance - S7186957: Improve Pack200 data validation - S7192392, CVE-2013-0443: Better validation of client keys - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages - S7192977, CVE-2013-0442: Issue in toolkit thread - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies - S7200491: Tighten up JTable layout code - S7200493, CVE-2013-0444: Improve cache handling - S7200499: Better data validation for options - S7200500: Launcher better input validation - S7201064: Better dialogue checking - S7201066, CVE-2013-0441: Change modifiers on unused fields - S7201068, CVE-2013-0435: Better handling of UI elements - S7201070: Serialization to conform to protocol - S7201071, CVE-2013-0433: InetSocketAddress serialization issue - S8000210: Improve JarFile code quality - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class - S8000539, CVE-2013-0431: Introspect JMX data handling - S8000540, CVE-2013-1475: Improve IIOP type reuse management - S8000631, CVE-2013-1476: Restrict access to class constructor - S8001235, CVE-2013-0434: Improve JAXP HTTP handling - S8001242: Improve RMI HTTP conformance - S8001307: Modify ACC_SUPER behavior - S8001972, CVE-2013-1478: Improve image processing - S8002325, CVE-2013-1480: Improve management of images * Backports - S7057320: test/java/util/concurrent/Executors/AutoShutdown.java failing intermittently - S7083664: TEST_BUG: test hard code of using c:/temp but this dir might not exist - S7107613: scalability blocker in javax.crypto.CryptoPermissions - S7107616: scalability blocker in javax.crypto.JceSecurityManager - S7146424: Wildcard expansion for single entry classpath - S7160609: [macosx] JDK crash in libjvm.dylib ( C [GeForceGLDriver+0x675a] gldAttachDrawable+0x941) - S7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar - S7162488: VM not printing unknown -XX options - S7169395: Exception throws due to the changes in JDK 7 object tranversal and break backward compatibility - S7175616: Port fix for TimeZone from JDK 8 to JDK 7 - S7176485: (bf) Allow temporary buffer cache to grow to IOV_MAX - S7179908: Fork hs23.3 hsx from hs22.2 for jdk7u7 and reinitialize build number - S7184326: TEST_BUG: java/awt/Frame/7024749/bug7024749.java has a typo - S7185245: Licensee source bundle tries to compile JFR - S7185471: Avoid key expansion when AES cipher is re-init w/ the same key - S7186371: [macosx] Main menu shortcuts not displayed (7u6 regression) - S7187834: [macosx] Usage of private API in macosx 2d implementation causes Apple Store rejection - S7188114: (launcher) need an alternate command line parser for Windows - S7189136: Fork hs23.5 hsx from hs23.4 for jdk7u9 and reinitialize build number - S7189350: Fix failed for CR 7162144 - S7190550: REGRESSION: Some closed/com/oracle/jfr/api tests fail to compile becuse of fix 7185245 - S7193219: JComboBox serialization fails in JDK 1.7 - S7193977: REGRESSION:Java 7's JavaBeans persistence ignoring the "transient" flag on properties - S7195106: REGRESSION : There is no way to get Icon inf, once Softreference is released - S7195301: XML Signature DOM implementation should not use instanceof to determine type of Node - S7195931: UnsatisfiedLinkError on PKCS11.C_GetOperationState while using NSS from jre7u6+ - S7197071: Makefiles for various security providers aren't including the default manifest. - S7197652: Impossible to run any signed JNLP applications or applets, OCSP off by default - S7198146: Another new regression test does not compile on windows-amd64 - S7198570: (tz) Support tzdata2012f - S7198640: new hotspot build - hs23.6-b04 - S7199488: [TEST] runtime/7158800/InternTest.java failed due to false-positive on PID match. - S7199645: Increment build # of hs23.5 to b02 - S7199669: Update tags in .hgtags file for CPU release rename - S7200720: crash in net.dll during NTLM authentication - S7200742: (se) Selector.select does not block when starting Coherence (sol11u1) - S7200762: [macosx] Stuck in sun.java2d.opengl.CGLGraphicsConfig.getMaxTextureSize(Native Method) - S8000285: Deadlock between PostEventQueue.noEvents, EventQueue.isDispatchThread and SwingUtilities.invokeLater - S8000286: [macosx] Views keep scrolling back to the drag position after DnD - S8000297: REGRESSION: closed/java/awt/EventQueue/PostEventOrderingTest.java fails - S8000307: Jre7cert: focusgained does not get called for all focus req when do alt + tab - S8000822: Fork hs23.7 hsx from hs23.6 for jdk7u11 and reinitialize build number - S8001124: jdk7u ProblemList.txt updates (10/2012) - S8001242: Improve RMI HTTP conformance - S8001808: Create a test for 8000327 - S8001876: Create regtest for 8000283 - S8002068: Build broken: corba code changes unable to use new JDK 7 classes - S8002091: tools/launcher/ToolsOpts.java test started to fail since 7u11 b01 on Windows - S8002114: fix failed for JDK-7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar - S8002225: (tz) Support tzdata2012i - S8003402: (dc) test/java/nio/channels/DatagramChannel/SendToUnresovled.java failing after 7u11 cleanup issues - S8003403: Test ShortRSAKeyWithinTLS and ClientJSSEServerJSSE failing after 7u11 cleanup - S8003948: NTLM/Negotiate authentication problem - S8004175: Restricted packages added in java.security are missing in java.security-{macosx, solaris, windows} - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01 - S8004341: Two JCK tests fails with 7u11 b06 - S8005615: Java Logger fails to load tomcat logger implementation (JULI) * Bug fixes - Fix build using Zero's HotSpot so all patches apply again. - PR1295: jamvm parallel unpack failure * removed icedtea-2.3.2-fix-extract-jamvm-dependency.patch - removed icedtea-2.3.3-refresh-6924259-string_offset.patch - few missing /openjdk/%{origin}/ changes openSUSE 12.2 Update rubygem-devise was updated to version 1.5.4 fixing bugs and security issue: * wrong records may be read when sending specifically crafted requests (bnc#800955) (CVE-2013-0233) openSUSE 12.2 Update ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 (bnc#802406) - XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256) - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 (bnc#789983) - CVE-2012-5371 and plenty of other fixes Update to 1.9.3 p286 (bnc#783511, bnc#791199) - This release includes some security fixes, and many other bug fixes. $SAFE escaping vulnerability about Exception#to_s / NameError#to_s (CVE-2012-4464, CVE-2012-4466) - Unintentional file creation caused by inserting an illegal NUL character many other bug fixes. (CVE-2012-4522) Also following bugfixes and packaging fixes were done: - make sure the rdoc output is more stable for build-compare (new patch ruby-sort-rdoc-output.patch) - readd the private header *atomic.h - remove build depencency on ca certificates - only causing cycles - one more header needed for rubygem-ruby-debug-base19 - install vm_core.h and its dependencies as ruby-devel-extra - move the provides to the ruby package instead - add provides for the internal gems - restore the old ruby macros and the gem wrapper script - gem_install_wrapper no longer necessary openSUSE 12.2 Update PackageKit was fixed to add a patch to forbid update to downgrade (bnc#804983) As the update operation is allowed for logged in regular users, they could install old package versions which might have been still affected by already fixed security problems. openSUSE 12.2 Update git imap-send was fixed to do SSL host verification. This can be disabled if necessary in the config file. openSUSE 12.2 Update libqt4 was updated to fix a information disclosure via QSharedMemory (CVE-2013-0254). openSUSE 12.2 Update pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274) - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. (CVE-2013-0273) - Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272) - Fix a bug where a remote MXit user could possibly specify a local file path to be written to. (CVE-2013-0271) openSUSE 12.2 Update The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sock_diag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime of /dev/ptmx is no longer updated, avoiding side channel attacks via user typing speed. CVE-2012-5374: Denial of service via btrfs hashes could have been used by local attackers to cause a compute denial of service. CVE-2013-0216: Fixed a problem in XEN netback: shutdown the ring if it contains garbage. CVE-2013-0231: Fixed a problem in XEN pciback: rate limit error messages from xen_pcibk_enable_msi(x). openSUSE 12.2 Update sudo was updated to fix two security issues, where adjusting the time of the syste could be used to regain access to sudo sessions if they onc were granted. (CVE-2013-1775,CVE-2013-1776) openSUSE 12.2 Update This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird. openSUSE 12.2 Update wireshark was updated to 1.8.6 [bnc#807942] + vulnerabilities fixed: * The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 * The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 * The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 * The MS-MMS dissector could crash. wnpa-sec-2013-13 CVE-2013-2478 * The MPLS Echo dissector could go into an infinite loop. wnpa-sec-2013-14 CVE-2013-2479 * The RTPS and RTPS2 dissectors could crash. wnpa-sec-2013-15 CVE-2013-2480 * The Mount dissector could crash. wnpa-sec-2013-16 CVE-2013-2481 * The AMPQ dissector could go into an infinite loop. wnpa-sec-2013-17 CVE-2013-2482 * The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18 CVE-2013-2483 * The CIMD dissector could crash. wnpa-sec-2013-19 CVE-2013-2484 * The FCSP dissector could go into an infinite loop. wnpa-sec-2013-20 CVE-2013-2485 * The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487 * The DTLS dissector could crash. wnpa-sec-2013-22 CVE-2013-2488 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html openSUSE 12.2 Update chromium was updated to version 27.0.1425 having both stability and security fixes: * Bug and stability fixes: - Fixed crash after clicking through malware warning. (Issue: 173986) - Fixed broken command line to create extensions with locale info (Issue: 176187) - Hosted apps in Chrome will always be opened from app launcher. (Issue: 176267) - Added modal confirmation dialog to the enterprise profile sign-in flow. (Issue: 171236) - Fixed a crash with autofill. (Issues: 175454, 176576) - Fixed issues with sign-in. (Issues: 175672, 175819, 175541, 176190) - Fixed spurious profile shortcuts created with a system-level install. (Issue: 177047) - Fixed the background tab flashing with certain themes. (Issue: 175426) * Security Fixes: (bnc#804986) - High CVE-2013-0879: Memory corruption with web audio node - High CVE-2013-0880: Use-after-free in database handling - Medium CVE-2013-0881: Bad read in Matroska handling - High CVE-2013-0882: Bad memory access with excessive SVG parameters. - Medium CVE-2013-0883: Bad read in Skia. - Low CVE-2013-0884: Inappropriate load of NaCl. - Medium CVE-2013-0885: Too many API permissions granted to web store - Medium CVE-2013-0886: Incorrect NaCl signal handling. - Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server - Medium CVE-2013-0888: Out-of-bounds read in Skia - Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads. - High CVE-2013-0890: Memory safety issues across the IPC layer. - High CVE-2013-0891: Integer overflow in blob handling. - Medium CVE-2013-0892: Lower severity issues across the IPC layer - Medium CVE-2013-0893: Race condition in media handling. - High CVE-2013-0894: Buffer overflow in vorbis decoding. - High CVE-2013-0895: Incorrect path handling in file copying. - High CVE-2013-0896: Memory management issues in plug-in message handling - Low CVE-2013-0897: Off-by-one read in PDF - High CVE-2013-0898: Use-after-free in URL handling - Low CVE-2013-0899: Integer overflow in Opus handling - Medium CVE-2013-0900: Race condition in ICU * Make adjustment for autodetecting of the PepperFlash library. The package with the PepperFlash hopefully will be soon available through packman - Update to 26.0.1411 * Bug and stability fixes - Update to 26.0.1403 * Bug and stability fixes - Using system libxml2 requires system libxslt. - Using system MESA does not work in i586 for some reason. - Also use system MESA, factory version seems adecuate now. - Always use system libxml2. - Restrict the usage of system libraries instead of the bundled ones to new products, too much hassle otherwise. - Also link kerberos and libgps directly, do not dlopen them. - Avoid using dlopen on system libraries, rpm or the package Manager do not handle this at all. tested for a few weeks and implemented with a macro so it can be easily disabled if problems arise. - Use SOME system libraries instead of the bundled ones, tested for several weeks and implemented with a macro for easy enable/Disable in case of trouble. - Update to 26.0.1393 * Bug and stability fixes * Security fixes - Update to 26.0.1375 * Bug and stability fixes - Update to 26.0.1371 * Bug and stability fixes - Update to 26.0.1367 * Bug and stability fixes openSUSE 12.2 Update Mozilla Firefox was updated to 19.0.2 (bnc#808243) fixing: * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor could be used for code execution * blocklist updates openSUSE 12.2 Update krb5 was updated to fix security issues in PKINIT: - fix PKINIT null pointer deref in pkinit_check_kdc_pkid() (CVE-2012-1016 bnc#807556) - fix PKINIT null pointer deref (CVE-2013-1415 bnc#806715) Also package a missing file on 12.3 (bnc#794784). openSUSE 12.2 Update This systemtap updated fixes a security issue and bugs: Security fix: Fix kernel panic when processing malformed DWARF unwind data (bnc#748564 CVE-2012-0875) Also bugs were fixed: - Change how systemtap looks for tracepoint header files (bnc#796574, new patch: systemtap-build-source-dir.patch) - Add libebl1 dependancy. Systemtap manually loads libebl backends and the manual Requires: was incorrectly removed in a previous revision (bnc#800335) openSUSE 12.2 Update xulrunner was updated to 17.0.4esr (bnc#808243) to fix a important security issue: * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor openSUSE 12.2 Update seamonkey was updated to version 2.16.1 fixing a severe security issue. * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor openSUSE 12.2 Update NRPE (the Nagios Remote Plug-In Executor) allows the passing of $() to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as (typically, 'nagios'). With this update NRPE will deny remote requests containing a bash command substitution. openSUSE 12.2 Update Perl was updated to fix 3 security issues: - fix rehash denial of service (compute time) [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329] In openSUSE 12.1 also the following non-security bug was fixed: - fix IPC::Open3 bug when '-' is used [bnc#755278] openSUSE 12.2 Update MozillaThunderbird was updated to 17.0.4 (bnc#808243) * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor openSUSE 12.2 Update transmission was updated to fix remote crashes in UTP_ProcessIncoming() (CVE-2012-6129, bnc#803088). openSUSE 12.2 Update nss-pam-ldap was updated to fix a FD_SET overflow, happening when more than 1024 filedescriptors are opened. (CVE-2013-0288) openSUSE 12.2 Update java-1_7_0-openjdk was updated to icedtea-2.3.7 (bnc#809386): * Security fixes - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion * Backports - S8002344: Krb5LoginModule config class does not return proper KDC list from DNS - S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c - S8006179: JSR292 MethodHandles lookup with interface using findVirtual() - S8006882: Proxy generated classes in sun.proxy package breaks JMockit * Bug fixes - PR1303: Correct #ifdef to #if - PR1340: Simplify the rhino class rewriter to avoid use of concurrency - Revert 7017193 and add the missing free call, until a better fix is ready. openSUSE 12.2 Update telepathy-gabble was updated to fix a remote denial of service attack using NULL ptr dereferences during hashing. (CVE-2013-1769). openSUSE 12.2 Update libxml2 was updated to limit internal entity expansion denial of service problems (IXE) (CVE-2013-0338) (bnc#805233) openSUSE 12.2 Update privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 (bnc#809123) - changes in 3.0.21 * On POSIX-like platforms, network sockets with file descriptor values above FD_SETSIZE are properly rejected. Previously they could cause memory corruption in configurations that allowed the limit to be reached. * Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentionally allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley. * Compiles on OS/2 again now that unistd.h is only included on platforms that have it. * The show-status page shows the FEATURE_STRPTIME_SANITY_CHECKS status. * A couple of assert()s that could theoretically dereference NULL pointers in debug builds have been relocated. * Added an LSB info block to the generic start script. Based on a patch from Natxo Asenjo. * The max-client-connections default has been changed to 128 which should be more than enough for most setups. * Block rover.ebay./ar.*\&adtype= instead of "/.*\&adtype=" which caused too man false positives. Reported by u302320 in #360284, additional feedback from Adam Piggott. * Unblock '.advrider.com/' and '/.*ADVrider'. Anonymously reported in #3603636. * Stop blocking '/js/slider\.js'. Reported by Adam Piggott in #3606635 and _lvm in #2791160. * Added an iframes filter. * The whole GPLv2 text is included in the user manual now, so Privoxy can serve it itself and the user can read it without having to wade through GPLv3 ads first. * Properly numbered and underlined a couple of section titles in the config that where previously overlooked due to a flaw in the conversion script. Reported by Ralf Jungblut. * Improved the support instruction to hopefully make it harder to unintentionally provide insufficient information when requesting support. Previously it wasn't obvious that the information we need in bug reports is usually also required in support requests. * Removed documentation about packages that haven't been provided in years. * Only log the test number when not running in verbose mode The position of the test is rarely relevant and it previously - for full list of changes see ChangeLog file shipped together with this package openSUSE 12.2 Update ImageMagick received fixes for a overflow in *png_malloc functions. (CVE-2012-3437) openSUSE 12.2 Update GraphicsMagick was updated to fix integer overflows in the _png_malloc functions (CVE-2012-3438). openSUSE 12.2 Update pigz incorrectly used world writeable permissions during unpacking (CVE-2013-0296). openSUSE 12.2 Update clamav was updated to version 0.97.7 (bnc#809945) and contains several hardening fixes which might be security issues. openSUSE 12.2 Update Ruby 1.8 was updated to fix a XML entity expansion denial of service attack (CVE-2013-1821) Ruby 1.9 was updated to 1.9.3 p392, fixing the same security issues and also: - update json intree to 1.5.5: Denial of Service and Unsafe Object Creation Vulnerability in JSON CVE-2013-0269 - limit entity expansion text limit to 10kB CVE-2013-1821 - get rid of a SEGV when calling rb_iter_break() from some extention libraries. - some warning suppressed and smaller fixes openSUSE 12.2 Update This update of fail2ban fixes a startup related startup-problem and a security problem fixed upstream (CVE-2012-5642). openSUSE 12.2 Update Two denial of service problems (crashes with NULL pointer derference) were fixed in libxslt, which could potentially be used by remote attackers to crash libxslt using programs. openSUSE 12.2 Update Various security issues were fixed in puppet. CVE-2013-1655 CVE-2013-2275 CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 openSUSE 12.2 Update bind was updated to 9.9.2-P2, fixing a security issue in regular expression handling. [CVE-2013-2266] [RT #32688] https://kb.isc.org/article/AA-00871 (bnc#811876) openSUSE 12.2 Update The ISC dhcp server was updated to fix a denial of service attack via regular expressions: - Removed regex.h check from configure in bind sources (bnc#811934, CVE-2013-2266). Make the bind export library build output visible. [dhcp-4.2.4-P2-no-bind-regex-check.CVE-2013-2266.diff] Also fixed: - Added dhcp6-server service template for SuSEfirewall2 (bnc#783002) openSUSE 12.2 Update jakarta-commons-httpclient was updated to enhance the fix of bnc#803332 / CVE-2012-5783 * also check for subjectAltNames in the certificate. openSUSE 12.2 Update apache2 was updated to fix: - fix for cross site scripting vulnerability in mod_balancer. This is CVE-2012-4558 [bnc#807152] - fixes for low profile cross site scripting vulnerabilities, known as CVE-2012-3499 [bnc#806458] - Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory. CVE-2012-2687 [bnc#777260] And also these bugs: - httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when checking against SNI server names. [bnc#798733] openSUSE 12.2 Update XEN was updated to fix various bugs and security issues: Security issues fixed: - bnc#800275 - CVE-2013-0153: xen: interrupt remap entries shared and old ones not cleared on AMD IOMMUs - bnc#797523 - CVE-2012-6075: qemu / kvm-qemu: e1000 overflows under some conditions - bnc#797031 - Xen Security Advisory 37 (CVE-2013-0154) - Hypervisor crash due to incorrect ASSERT (debug build only) - bnc#794316 - CVE-2012-5634: xen: VT-d interrupt remapping source validation flaw (XSA-33) Bugs fixed: - Upstream patches from Jan 26536-xenoprof-div-by-0.patch 26578-AMD-IOMMU-replace-BUG_ON.patch 26656-x86-fix-null-pointer-dereference-in-intel_get_extended_msrs.patch 26659-AMD-IOMMU-erratum-746-workaround.patch 26660-x86-fix-CMCI-injection.patch 26672-vmx-fix-handling-of-NMI-VMEXIT.patch 26673-Avoid-stale-pointer-when-moving-domain-to-another-cpupool.patch 26676-fix-compat-memory-exchange-op-splitting.patch 26677-x86-make-certain-memory-sub-ops-return-valid-values.patch 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch 26679-x86-defer-processing-events-on-the-NMI-exit-path.patch 26683-credit1-Use-atomic-bit-operations-for-the-flags-structure.patch 26692-x86-MSI-fully-protect-MSI-X-table.patch - bnc#805094 - xen hot plug attach/detach fails modified blktap-pv-cdrom.patch - bnc#802690 - domain locking can prevent a live migration from completing modified xend-domain-lock.patch - bnc#797014 - no way to control live migrations 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch 26549-tools-xc_turn_XCFLAGS__into_shifts.patch 26550-tools-xc_restore_logging_in_xc_save.patch 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch 26675-tools-xentoollog_update_tty_detection_in_stdiostream_progress.patch xen.migrate.tools-xc_print_messages_from_xc_save_with_xc_report.patch xen.migrate.tools-xc_document_printf_calls_in_xc_restore.patch xen.migrate.tools-xc_rework_xc_save.cswitch_qemu_logdirty.patch xen.migrate.tools_set_migration_constraints_from_cmdline.patch xen.migrate.tools_add_xm_migrate_--log_progress_option.patch - remove old patches: xen.xc.progress.patch xen.xc_save.details.patch xen.migration.abort_if_busy.patch - bnc#806736: enabling xentrace crashes hypervisor 26686-xentrace_fix_off-by-one_in_calculate_tbuf_size.patch - Upstream patches from Jan 26287-sched-credit-pick-idle.patch 26501-VMX-simplify-CR0-update.patch 26502-VMX-disable-SMEP-when-not-paging.patch 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch) - bnc#798188 - Add $network to xend initscript dependencies - bnc#797014 - no way to control live migrations * fix logic error in stdiostream_progress xen.xc.progress.patch * restore logging in xc_save xen.xc_save.details.patch * add options to control migration tunables --max_iters, --max_factor, --abort_if_busy xen.migration.abort_if_busy.patch - bnc#799694 - Unable to dvd or cdrom-boot DomU after xen-tools update Fixed with update to Xen version 4.1.4 - bnc#800156 - L3: HP iLo Generate NMI function not working in XEN kernel 26440-x86-forward-SERR.patch - Upstream patches from Jan 26404-x86-forward-both-NMI-kinds.patch 26427-x86-AMD-enable-WC+.patch - bnc#793927 - Xen VMs with more than 2 disks randomly fail to start 25590-hotplug-locking.patch 25595-hotplug-locking.patch 26079-hotplug-locking.patch - Upstream patches from Jan 26332-x86-compat-show-guest-stack-mfn.patch 26333-x86-get_page_type-assert.patch (Replaces CVE-2013-0154-xsa37.patch) 26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces CVE-2012-5634-xsa33.patch) 26370-libxc-x86-initial-mapping-fit.patch - Update to Xen 4.1.4 c/s 23432 - Update xenpaging.guest-memusage.patch add rule for xenmem to avoid spurious build failures - Upstream patches from Jan 26179-PCI-find-next-cap.patch 26183-x86-HPET-masking.patch 26188-x86-time-scale-asm.patch 26200-IOMMU-debug-verbose.patch 26203-x86-HAP-dirty-vram-leak.patch 26229-gnttab-version-switch.patch (Replaces CVE-2012-5510-xsa26.patch) 26230-x86-HVM-limit-batches.patch (Replaces CVE-2012-5511-xsa27.patch) 26231-memory-exchange-checks.patch (Replaces CVE-2012-5513-xsa29.patch) 26232-x86-mark-PoD-error-path.patch (Replaces CVE-2012-5514-xsa30.patch) 26233-memop-order-checks.patch (Replaces CVE-2012-5515-xsa31.patch) 26235-IOMMU-ATS-max-queue-depth.patch 26272-x86-EFI-makefile-cflags-filter.patch 26294-x86-AMD-Fam15-way-access-filter.patch CVE-2013-0154-xsa37.patch - Restore c/s 25751 in 23614-x86_64-EFI-boot.patch. Modify the EFI Makefile to do additional filtering. EFI-makefile-cflags-filter.patch openSUSE 12.2 Update - Update to version 0.8.6 (bnc#812568) * Fix security issue in save-pref command (CVE-2013-1904) openSUSE 12.2 Update The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3. mozilla-nspr was updated to version 4.9.6. mozilla-nspr was updated to version 4.9.6: * aarch64 support * added PL_SizeOfArenaPoolExcludingPool function (bmo#807883) * Auto detect android api version for x86 (bmo#782214) * Initialize Windows CRITICAL_SECTIONs without debug info and with nonzero spin count (bmo#812085) Previous update to version 4.9.5 * bmo#634793: define NSPR's exact-width integer types PRInt{N} and PRUint{N} types to match the <stdint.h> exact-width integer types int{N}_t and uint{N}_t. * bmo#782815: passing 'int *' to parameter of type 'unsigned int *' in setsockopt(). * bmo#822932: Port bmo#802527 (NDK r8b support for x86) to NSPR. * bmo#824742: NSPR shouldn't require librt on Android. * bmo#831793: data race on lib->refCount in PR_UnloadLibrary. mozilla-nss was updated to version 3.14.3: * disable tests with expired certificates * add SEC_PKCS7VerifyDetachedSignatureAtTime using patch from mozilla tree to fulfill Firefox 21 requirements * No new major functionality is introduced in this release. This release is a patch release to address CVE-2013-1620 (bmo#822365) * "certutil -a" was not correctly producing ASCII output as requested. (bmo#840714) * NSS 3.14.2 broke compilation with older versions of sqlite that lacked the SQLITE_FCNTL_TEMPFILENAME file control. NSS 3.14.3 now properly compiles when used with older versions of sqlite (bmo#837799) - remove system-sqlite.patch * add arm aarch64 support * added system-sqlite.patch (bmo#837799) * do not depend on latest sqlite just for a #define * enable system sqlite usage again * update to 3.14.2 * required for Firefox >= 20 * removed obsolete nssckbi update patch * MFSA 2013-40/CVE-2013-0791 (bmo#629816) Out-of-bounds array read in CERT_DecodeCertPackage * disable system sqlite usage since we depend on 3.7.15 which is not provided in any openSUSE distribution * add nss-sqlitename.patch to avoid any name clash Changes in MozillaFirefox: - update to Firefox 20.0 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) - build fixes for armv7hl: * disable debug build as armv7hl does not have enough memory * disable webrtc on armv7hl as it is non-compiling Changes in MozillaThunderbird: - update to Thunderbird 17.0.5 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations Changes in seamonkey: - update to SeaMonkey 2.17 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) Changes in xulrunner: - update to 17.0.5esr (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations openSUSE 12.2 Update Changes in rubygem-actionpack-2_3: - add 2 patches to fix security issues: - bug-809935_2-3-css_sanitize.patch: CVE-2013-1855: rubygem-actionpack*: XSS vulnerability in sanitize_css in Action Pack (bnc#809935) - bug-809940_2-3-sanitize_protocol.patch: CVE-2013-1857: rubygem-actionpack*: XSS Vulnerability in the `sanitize` helper of Ruby on Rails (bnc#809940) openSUSE 12.2 Update Changes in rubygem-actionpack-3_2: - add 2 patches to fix security issues: - bug-809935_3-2-css_sanitize.patch: CVE-2013-1855: rubygem-actionpack*: XSS vulnerability in sanitize_css in Action Pack (bnc#809935) - bug-809940_3-2-sanitize_protocol.patch: CVE-2013-1857: rubygem-actionpack*: XSS Vulnerability in the `sanitize` helper of Ruby on Rails (bnc#809940) openSUSE 12.2 Update Changes in rubygem-activerecord-2_3: - add patch to fix security issue: - bug-809932_2-3-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord*: Symbol DoS vulnerability in Active Record (bnc#809932) openSUSE 12.2 Update Changes in rubygem-activerecord-3_2: - add patch to fix security issue: - bug-809932_3-2-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord*: Symbol DoS vulnerability in Active Record (bnc#809932) openSUSE 12.2 Update Changes in rubygem-activesupport-2_3: - add patch to fix security issue: - bug-809932_2-3-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord*: Symbol DoS vulnerability in Active Record (bnc#809932) openSUSE 12.2 Update postgresql was updated to version 9.1.9 (bnc#812525): * CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is eventually rejected. * CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. This avoids a scenario wherein random numbers generated by "contrib/pgcrypto" functions might be relatively easy for another database user to guess. The risk is only significant when the postmaster is configured with ssl = on but most connections don't use SSL encryption. * CVE-2013-1901: Make REPLICATION privilege checks test current user not authenticated user. An unprivileged database user could exploit this mistake to call pg_start_backup() or pg_stop_backup(), thus possibly interfering with creation of routine backups. * See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.1/static/release-9-1-9.html /usr/share/doc/packages/postgresql91/HISTORY openSUSE 12.2 Update Subversion received minor version updates to fix remote triggerable vulnerabilities in mod_dav_svn which may result in denial of service. On openSUSE 12.1: - update to 1.6.21 [bnc#813913], addressing remotely triggerable + CVE-2013-1845: mod_dav_svn excessive memory usage from property changes + CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs + CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs + CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs - further changes: + mod_dav_svn will omit some property values for activity urls + improve memory usage when committing properties in mod_dav_svn + fix mod_dav_svn runs pre-revprop-change twice + fixed: post-revprop-change errors cancel commit + improved logic in mod_dav_svn's implementation of lock. + fix a compatibility issue with g++ 4.7 On openSUSE 12.2 and 12.3: - update to 1.7.9 [bnc#813913], addressing remotely triggerable vulnerabilities in mod_dav_svn which may result in denial of service: + CVE-2013-1845: mod_dav_svn excessive memory usage from property changes + CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs + CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs + CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs + CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT - further changes: + Client-side bugfixes: * improved error messages about svn:date and svn:author props. * fix local_relpath assertion * fix memory leak in `svn log` over svn:// * fix incorrect authz failure when using neon http library * fix segfault when using kwallet + Server-side bugfixes: * svnserve will log the replayed rev not the low-water rev. * mod_dav_svn will omit some property values for activity urls * fix an assertion in mod_dav_svn when acting as a proxy on / * improve memory usage when committing properties in mod_dav_svn * fix svnrdump to load dump files with non-LF line endings * fix assertion when rep-cache is inaccessible * improved logic in mod_dav_svn's implementation of lock. * avoid executing unnecessary code in log with limit - Developer-visible changes: + General: * fix an assertion in dav_svn_get_repos_path() on Windows * fix get-deps.sh to correctly download zlib * doxygen docs will now ignore prefixes when producing the index * fix get-deps.sh on freebsd + Bindings: * javahl status api now respects the ignoreExternals boolean - refresh subversion-no-build-date.patch for upstream source changes openSUSE 12.2 Update libcurl was updated to fix a cookie tail matching flaw which could lead to attackers gaining cookie access depending on domain names. (CVE-2013-1944,bnc#814655) openSUSE 12.2 Update This Mesa update fixes the following security bug: CVE-2013-1993: Integer overflows in XF86DRIOpenConnection and XF86DRIGetClientDriverName were fixed that could lead to client crashes when using a malicious X server. This update fixes the following issue for Mesa on openSUSE 12.3: - bnc#814947, fdo#62141: Make sure we do render between two hiz flushes openSUSE 12.2 Update - update to 1.3.2 (bnc#815596) - Security Updates * CVE-2013-1927, RH884705: fixed gifar vulnerability * CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common * Added new option in itw-settings which allows users to set JVM arguments when plugin is initialized. - NetX * PR580: http://www.horaoficial.cl/ loads improperly - Plugin * PR1260: IcedTea-Web should not rely on GTK obsoletes icedtea-web-remove-gtk-dep.patch * PR1157: Applets can hang browser after fatal exception - Add icedtea-web-remove-gtk-dep.patch, build icedtea-web without GTK. Plugin now works in both gtk2 and gtk3 based browsers. - limit the provides/obsoletes to architectures, where -plugin package existed and don't pollute shiny new arm with an old garbage - handle the package renaming on arm properly openSUSE 12.2 Update - fix for CVE-2013-1969 (bnc#815665) * libxml2-CVE-2013-1969.patch openSUSE 12.2 Update - fix prep_reprocess_req NULL pointer deref CVE-2013-1416 (bnc#816413) bug-816413-CVE-2013-1416-prep_reprocess_req-NULL-ptr-deref.dif openSUSE 12.2 Update - apply aarch64 patches on openSUSE 12.3+, EM_AARCH64 is not defined in earlier releases - update to icedtea-2.3.9 (bnc#816720) * Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework RMI model - S8001322: Refactor deserialization - S8001329, CVE-2013-1557: Augment RMI logging - S8003335: Better handling of Finalizer thread - S8003445: Adjust JAX-WS to focus on API - S8003543, CVE-2013-2415: Improve processing of MTOM attachments - S8004261: Improve input validation - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames - S8004986, CVE-2013-2383: Better handling of glyph table - S8004987, CVE-2013-2384: Improve font layout - S8004994, CVE-2013-1569: Improve checking of glyph table - S8005432: Update access to JAX-WS - S8005943: (process) Improved Runtime.exec - S8006309: More reliable control panel operation - S8006435, CVE-2013-2424: Improvements in JMX - S8006790: Improve checking for windows - S8006795: Improve font warning messages - S8007406: Improve accessibility of AccessBridge - S8007617, CVE-2013-2420: Better validation of images - S8007667, CVE-2013-2430: Better image reading - S8007918, CVE-2013-2429: Better image writing - S8008140: Better method handle resolution - S8009049, CVE-2013-2436: Better method handle binding - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap - S8009305, CVE-2013-0401: Improve AWT data transfer - S8009677, CVE-2013-2423: Better setting of setters - S8009699, CVE-2013-2421: Methodhandle lookup - S8009814, CVE-2013-1488: Better driver management - S8009857, CVE-2013-2422: Problem with plugin * Backports - S7130662, RH928500: GTK file dialog crashes with a NPE * Bug fixes - PR1363: Fedora 19 / rawhide FTBFS SIGILL - PR1401: Fix Zero build on 2.3.8 - Fix offset problem in ICU LETableReference. - Change -Werror fix to preserve OpenJDK default. - PR1303: Correct #ifdef to #if - PR1404: Failure to bootstrap with ecj 4.2 - Added url as source. Please see http://en.opensuse.org/SourceUrls - icedtea-2.3.8-zero-patches.patch: remove patch not applicable to zero compatible hotspot - java-1.7.0-openjdk-fork.patch: Add support for architectures without fork syscall - java-1.7.0-openjdk-aarch64.patch: Add support for aarch64 openSUSE 12.2 Update Linux kernel was updated to kernel 3.4.42 fixing various bugs and security issues. - Refresh patches.suse/SUSE-bootsplash. Fix bootsplash breakage due to stable fix (bnc#813963) - Linux 3.4.39. - kABI: protect struct tracer. - Linux 3.4.38 (bnc#808829,CVE-2013-0913). - patches.kabi/kabi-protect-struct-sk_buff.patch: kABI: protect struct sk_buff. - patches.kabi/kabi-ipv4-remove-inclusion.patch: kABI: ipv4, remove inclusion. - USB: io_ti: Fix NULL dereference in chase_port() (bnc#806976, CVE-2013-1774). - Linux 3.4.37 (bnc#809155 bnc#809330 bnc#809748 CVE-2013-1848). - Linux 3.4.36. - KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797). - KVM: Fix bounds checking in ioapic indirect register read (bnc#806980 CVE-2013-1798). - KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796). - kabi/severities: Allow kvm abi changes - kvm modules are self consistent - loopdev: fix a deadlock (bnc#809748). - block: use i_size_write() in bd_set_size() (bnc#809748). - drm/i915: bounds check execbuffer relocation count (bnc#808829,CVE-2013-0913). - TTY: do not reset master's packet mode (bnc#809330). - Update patches.fixes/ext3-Fix-format-string-issues.patch (bnc#809155 CVE-2013-1848). - ext3: Fix format string issues (bnc#809155). - Linux 3.4.35 (bnc#802153). - Linux 3.4.34 (CVE-2013-1763 CVE-2013-1767 bnc#792500 bnc#806138 bnc#805633). - tmpfs: fix use-after-free of mempolicy object (bnc#806138, CVE-2013-1767). openSUSE 12.2 Update - U_xf86-fix-flush-input-to-work-with-Linux-evdev-device.patch * So when we VT switch back and attempt to flush the input devices, we don't succeed because evdev won't return part of an event, since we were only asking for 4 bytes, we'd only get -EINVAL back. This could later cause events to be flushed that we shouldn't have gotten. This is a fix for CVE-2013-1940. (bnc#814653) openSUSE 12.2 Update - Applied upstream patch for security vulnerability discovered by Kevin Wojtysiak in ECDSA signature verification of the strongswan openssl plugin (bnc#815236, CVE-2013-2944) [0003-Check-return-value-of-ECDSA_Verify-correctly.patch] openSUSE 12.2 Update This update of python-httplib2 fixed broken SSL certification verification. openSUSE 12.2 Update Changes in telepathy-idle: - Add telepathy-idle-require-tls-validation.patch (bnc#817120, CVE-2007-6746). This fixes flaws in the SSL certificate validation. openSUSE 12.2 Update Changes in gnutls: - Fix bug[ bnc#802651] CVE-2013-1619( gnutls): Luck-13 issue Add patch file: CVE-2013-1619.patch openSUSE 12.2 Update Changes in icedtea-web with update to 1.4 (bnc#818768): * Added cs, de, pl localization * Splash screen for javaws and plugin * Better error reporting for plugin via Error-splash-screen * All IcedTea-Web dialogues are centered to middle of active screen * Download indicator made compact for more then one jar * User can select its own JVM via itw-settings and deploy.properties. * Added extended applets security settings and dialogue * Security updates - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - CVE-2013-1927, RH884705: fixed gifar vulnerabilit - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings * NetX - PR1027: DownloadService is not supported by IcedTea-Web - PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run - PR1292: Javaws does not resolve versioned jar names with periods correctly * Plugin - PR1106: Buffer overflow in plugin table- - PR1166: Embedded JNLP File is not supported in applet tag - PR1217: Add command line arguments for plugins - PR1189: Icedtea-plugin requires code attribute when using jnlp_href - PR1198: JSObject is not passed to javascript correctly - PR1260: IcedTea-Web should not rely on GTK - PR1157: Applets can hang browser after fatal exception - PR580: http://www.horaoficial.cl/ loads improperly * Common - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered - PR955: regression: SweetHome3D fails to run - PR1145: IcedTea-Web can cause ClassCircularityError - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 - PR822: Applets fail to load if jars have different signers - PR1186: System.getProperty("deployment.user.security.trusted.cacerts") is null - PR909: The Java applet at http://de.gosupermodel.com/games/wardrobegame.jsp fails - PR1299: WebStart doesn't read socket proxy settings from firefox correctly openSUSE 12.2 Update New clamav version 0.97.8 (bnc#816865): * CVE-2013-2020: Fix heap corruption * CVE-2013-2021: Fix overflow due to PDF key length computation. openSUSE 12.2 Update libtiff security update: * CVE-2013-1961.patch [bnc#818117] * CVE-2013-1960.patch [bnc#817573] openSUSE 12.2 Update This submission supersedes the Samba packages currently available from http://download.openSUSE.org/pub/opensuse/update/12.*-test/ - Add support for PFC_FLAG_OBJECT_UUID when parsing packets; (bso#9382). - Fix "guest ok", "force user" and "force group" for guest users; (bso#9746). - Fix 'map untrusted to domain' with NTLMv2; (bso#9817). - Fix crash bug in Winbind; (bso#9854). - Fix panic in nt_printer_publish_ads; (bso#9830). openSUSE 12.2 Update MozillaFirefox was updated to Firefox 21.0 (bnc#819204) * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-43/CVE-2013-1671 (bmo#842255) File input control has access to full path * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer Changes in MozillaFirefox-branding-openSUSE: - modified file locations for Firefox 21 and above - added DuckDuckGo as search option (bnc#801121) openSUSE 12.2 Update MozillaThunderbird was updated to security update Thunderbird 17.0.6 (bnc#819204): * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer openSUSE 12.2 Update Mozilla xulrunner was updated to 17.0.6esr (bnc#819204) * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer openSUSE 12.2 Update This update of gpg2 fixes two security issues: * fix for CVE-2012-6085 (bnc#798465) added gpg2-CVE-2012-6085.patch * fix for bnc#780943 added gpg2-set_umask_before_open_outfile.patch openSUSE 12.2 Update This update of wireshark includes several security and bug fixes. [bnc#820566] + vulnerabilities fixed: * The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 * The GTPv2 dissector could crash. wnpa-sec-2013-24 * The ASN.1 BER dissector could crash. wnpa-sec-2013-25 * The PPP CCP dissector could crash. wnpa-sec-2013-26 * The DCP ETSI dissector could crash. wnpa-sec-2013-27 * The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28 * The Websocket dissector could crash. wnpa-sec-2013-29 * The MySQL dissector could go into an infinite loop. wnpa-sec-2013-30 * The ETCH dissector could go into a large loop. wnpa-sec-2013-31 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html openSUSE 12.2 Update The openSUSE 12.2 kernel was updated to fix security issue and other bugs. Security issues fixed: CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it (aka not filtered by firewalls). CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - reiserfs: fix problems with chowning setuid file w/ xattrs (bnc#790920). - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can't even be modularized. - CONFIG_UCB1400_CORE=n - CONFIG_TOUCHSCREEN_UCB1400=n - CONFIG_GPIO_UCB1400=n - mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327). - unix/stream: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: peek beyond 0-sized skbs (bnc#803931 CVE-2013-0290). openSUSE 12.2 Update This update of nfs-utils fixed a DNS spoofing issue. openSUSE 12.2 Update This update of libxcb fixes a integer overflow issue: - U_0001-integer-overflow-in-read_packet-CVE-2013-2064.patch * fixes integer overflow in read_packet() [CVE-2013-2064] (bnc#821584, bnc#815451) openSUSE 12.2 Update This update of libXext fixes several integer overflow issues: - U_0001-integer-overflow-in-XcupGetReservedColormapEntries-C.patch, U_0002-integer-overflow-in-XcupStoreColors-CVE-2013-1982-2-.patch, U_0003-several-integer-overflows-in-XdbeGetVisualInfo-CVE-2.patch, U_0004-integer-overflow-in-XeviGetVisualInfo-CVE-2013-1982-.patch, U_0005-integer-overflow-in-XShapeGetRectangles-CVE-2013-198.patch, U_0006-integer-overflow-in-XSyncListSystemCounters-CVE-2013.patch, * integer overflow(s) in XcupGetReservedColormapEntries(), XcupStoreColors(), XdbeGetVisualInfo(), XeviGetVisualInfo(), XShapeGetRectangles(), XSyncListSystemCounters() [CVE-2013-1982] (bnc#821665, bnc#815451) openSUSE 12.2 Update This update of libXfixes fixes an integer overflow issue: - U_0001-integer-overflow-in-XFixesGetCursorImage-CVE-2013-19.patch * integer overflow in XFixesGetCursorImage() [CVE-2013-1983] (bnc#821667, bnc#815451) openSUSE 12.2 Update This update of libXp fixes several integer overflow issues: - U_0001-integer-overflow-in-XpGetAttributes-XpGetOneAttribut.patch, U_0002-integer-overflows-in-XpGetPrinterList-CVE-2013-2062-.patch, U_0003-integer-overflows-in-XpQueryScreens-CVE-2013-2062-3-.patch * integer overflow(s) in XpGetAttributes/XpGetOneAttribute, XpGetPrinterList() and XpQueryScreens() [CVE-2013-2062] (bnc#821668, bnc#815451) openSUSE 12.2 Update This update of libXrender fixes several integer overflow issues. - U_0001-integer-overflow-in-XRenderQueryFilters-CVE-2013-198.patch, U_0002-integer-overflow-in-XRenderQueryFormats-CVE-2013-198.patch, U_0003-integer-overflow-in-XRenderQueryPictIndexValues-CVE-.patch * integer overflow in XRenderQueryFilters(), XRenderQueryFormats() and XRenderQueryPictIndexValues() [CVE-2013-1987] (bnc#821669, bnc#815451) openSUSE 12.2 Update This update of libXt fixes several security issues. - U_0001-unvalidated-length-in-_XtResourceConfigurationEH-CVE.patch * unvalidated length in _XtResourceConfigurationEH [CVE-2013-2002] (bnc#821670, bnc#815451) - U_0001-Unchecked-return-values-of-XGetWindowProperty-CVE-20.patch * Unchecked return values of XGetWindowProperty [CVE-2013-2005] (bnc#821670, bnc#815451) openSUSE 12.2 Update This update of libXrender fixes several buffer and integer overflow issues. - U_0001-integer-overflow-in-XvQueryPortAttributes-CVE-2013-1.patch, U_0002-integer-overflow-in-XvListImageFormats-CVE-2013-1989.patch, U_0003-integer-overflow-in-XvCreateImage-CVE-2013-1989-3-3.patch * integer overflow in XvQueryPortAttributes(), XvListImageFormats(), XvCreateImage() [CVE-2013-1989] (bnc#821671, bnc#815451) - U_0001-buffer-overflow-in-XvQueryPortAttributes-CVE-2013-20.patch * buffer overflow in XvQueryPortAttributes() [CVE-2013-2066] (bnc#821671, bnc#815451) openSUSE 12.2 Update This update of telepathy-gabble fixes a TLS bypass problem. Changes in telepathy-gabble: - Add telepathy-gabble-cve-2013-1431.patch (bnc#822586). This makes it respect the TLS-required flag on legacy Jabber servers. Identified as CVE-2013-1431. openSUSE 12.2 Update This update of subversion includes several bug and security fixes. - update to 1.7.10 [bnc#821505] CVE-2013-1968 CVE-2013-2088 CVE-2013-2112 - Client-side bugfixes: * fix 'svn revert' "no such table: revert_list" spurious error * fix 'svn diff' doesn't show some locally added files * fix changelist filtering when --changelist values aren't UTF8 * fix 'svn diff --git' shows wrong copyfrom * fix 'svn diff -x-w' shows wrong changes * fix 'svn blame' sometimes shows every line as modified * fix regression in 'svn status -u' output for externals * fix file permissions change on commit of file with keywords * improve some fatal error messages * fix externals not removed when working copy is made shallow - Server-side bugfixes: * fix repository corruption due to newline in filename * fix svnserve exiting when a client connection is aborted * fix svnserve memory use after clear * fix repository corruption on power/disk failure on Windows - Developer visible changes: * make get-deps.sh compatible with Solaris /bin/sh * fix infinite recursion bug in get-deps.sh * fix uninitialised output parameter of svn_fs_commit_txn() - Bindings: * fix JavaHL thread-safety bug openSUSE 12.2 Update This update of autotrace fixes a buffer overflow issue. - Fix stack-based buffer overflow in bmp parser (CVE-2013-1953.patch, bnc#815382, CVE-2013-1953). openSUSE 12.2 Update This update of libFS fixes an integer overflow issue. - U_0001-Sign-extension-issue-and-integer-overflow-in-FSOpenS.patch * Sign extension issue and integer overflow in FSOpenServer() [CVE-2013-1996] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXcursor fixes an integer overflow issue. - U_0001-signedness-bug-integer-overflow-in-_XcursorFileHeade.patch * signedness bug & integer overflow in _XcursorFileHeaderCreate() [CVE-2013-2003] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXi fixes several integer overflow issues. - U_0001-integer-overflow-in-XGetDeviceControl-CVE-2013-1984-.patch, U_0002-integer-overflow-in-XGetFeedbackControl-CVE-2013-198.patch, U_0003-integer-overflow-in-XGetDeviceDontPropagateList-CVE-.patch, U_0004-integer-overflow-in-XGetDeviceMotionEvents-CVE-2013-.patch, U_0005-integer-overflow-in-XIGetProperty-CVE-2013-1984-5-8.patch, U_0006-integer-overflow-in-XIGetSelectedEvents-CVE-2013-198.patch, U_0007-Avoid-integer-overflow-in-XGetDeviceProperties-CVE-2.patch, U_0008-Avoid-integer-overflow-in-XListInputDevices-CVE-2013.patch * integer overflow in various functions [CVE-2013-1984] (bnc#821663, bnc#815451) - U_0001-sign-extension-issue-in-XListInputDevices-CVE-2013-1.patch * sign extension issue in XListInputDevices() [CVE-2013-1995] (bnc#821663, bnc#815451) - U_0001-Stack-buffer-overflow-in-XGetDeviceButtonMapping-CVE.patch, U_0002-memory-corruption-in-_XIPassiveGrabDevice-CVE-2013-1.patch, U_0003-unvalidated-lengths-in-XQueryDeviceState-CVE-2013-19.patch * Stack buffer overflow in XGetDeviceButtonMapping(), memory corruption in _XIPassiveGrabDevice(), unvalidated lengths in XQueryDeviceState() [CVE-2013-1998] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXinerama fixes an integer overflow issue. - U_0001-integer-overflow-in-XineramaQueryScreens-CVE-2013-19.patch * integer overflow in XineramaQueryScreens() [CVE-2013-1985] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXrandr fixes several integer overflow issues. - U_0001-integer-overflow-in-XRRQueryOutputProperty-CVE-2013-.patch, U_0003-integer-overflow-in-XRRGetOutputProperty-CVE-2013-19.patch, * integer overflow in XRRQueryOutputProperty(), XRRGetProviderProperty() [CVE-2013-1986] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXres fixes several integer overflow issues. - U_0001-integer-overflow-in-XResQueryClients-CVE-2013-1988-1.patch, U_0002-integer-overflow-in-XResQueryClientResources-CVE-201.patch * integer overflow in XResQueryClients(), XResQueryClientResources() [CVE-2013-1988] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXtst fixes an integer overflow issue. - U_0001-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch * integer overflow in XRecordGetContext() [CVE-2013-2063] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXvMC fixes several integer overflow issues. - U_0001-integer-overflow-in-XvMCListSurfaceTypes-CVE-2013-19.patch, U_0002-integer-overflow-in-XvMCListSubpictureTypes-CVE-2013.patch * integer overflow in XvMCListSurfaceTypes(), XvMCListSubpictureTypes() [CVE-2013-1990] (bnc#821663, bnc#815451) - U_0001-Multiple-unvalidated-assumptions-in-XvMCGetDRInfo-CV.patch * Multiple unvalidated assumptions in XvMCGetDRInfo() [CVE-2013-1999] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXxf86dga fixes several buffer and integer overflow issues. - U_0001-integer-overflow-in-XDGAQueryModes-CVE-2013-1991-1-2.patch, U_0002-integer-overflow-underflow-in-XDGASetMode-CVE-2013-1.patch * integer overflow in XDGAQueryModes(); integer overflow & underflow in XDGASetMode() [CVE-2013-1991] (bnc#821663, bnc#815451) - U_0001-buffer-overflow-in-XDGAQueryModes-CVE-2013-2000-1-2.patch, U_0002-buffer-overflow-in-XDGASetMode-CVE-2013-2000-2-2.patch * buffer overflow in XDGAQueryModes(), XDGASetMode() [CVE-2013-2000] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libXxf86vm fixes a memory corruption issue. - U_0001-memory-corruption-in-XF86VidModeGetGammaRamp-CVE-201.patch * memory corruption in XF86VidModeGetGammaRamp() [CVE-2013-2001] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libdmx fixes several integer overflow issues. - U_0001-integer-overflow-in-DMXGetScreenAttributes-CVE-2013-.patch, U_0002-integer-overflow-in-DMXGetWindowAttributes-CVE-2013-.patch, U_0003-integer-overflow-in-DMXGetInputAttributes-CVE-2013-1.patch, * integer overflow in DMXGetScreenAttributes(), DMXGetWindowAttributes(), DMXGetInputAttributes() [CVE-2013-1992] (bnc#821663, bnc#815451) openSUSE 12.2 Update This update of libX11 fixes several security issues. - U_0001-integer-overflow-in-_XQueryFont-on-32-bit-platforms-.patch, U_0002-integer-overflow-in-_XF86BigfontQueryFont-CVE-2013-1.patch, U_0003-integer-overflow-in-XListFontsWithInfo-CVE-2013-1981.patch, U_0004-integer-overflow-in-XGetMotionEvents-CVE-2013-1981-4.patch, U_0005-integer-overflow-in-XListHosts-CVE-2013-1981-5-13.patch, U_0006-Integer-overflows-in-stringSectionSize-cause-buffer-.patch, U_0007-integer-overflow-in-ReadInFile-in-Xrm.c-CVE-2013-198.patch, U_0008-integer-truncation-in-_XimParseStringFile-CVE-2013-1.patch, U_0009-integer-overflows-in-TransFileName-CVE-2013-1981-9-1.patch, U_0010-integer-overflow-in-XGetWindowProperty-CVE-2013-1981.patch, U_0011-integer-overflow-in-XGetImage-CVE-2013-1981-11-13.patch, U_0012-integer-overflow-in-XGetPointerMapping-XGetKeyboardM.patch, U_0013-integer-overflow-in-XGetModifierMapping-CVE-2013-198.patch * integer overflow in various functions, integer truncation in _XimParseStringFile() [CVE-2013-1981] (bnc#821664, bnc#815451) - U_0001-unvalidated-lengths-in-XAllocColorCells-CVE-2013-199.patch, U_0002-unvalidated-index-in-_XkbReadGetDeviceInfoReply-CVE-.patch, U_0003-unvalidated-indexes-in-_XkbReadGeomShapes-CVE-2013-1.patch, U_0004-unvalidated-indexes-in-_XkbReadGetGeometryReply-CVE-.patch, U_0005-unvalidated-index-in-_XkbReadKeySyms-CVE-2013-1997-5.patch, U_0006-unvalidated-index-in-_XkbReadKeyActions-CVE-2013-199.patch, U_0007-unvalidated-index-in-_XkbReadKeyBehaviors-CVE-2013-1.patch, U_0008-unvalidated-index-in-_XkbReadModifierMap-CVE-2013-19.patch, U_0009-unvalidated-index-in-_XkbReadExplicitComponents-CVE-.patch, U_0010-unvalidated-index-in-_XkbReadVirtualModMap-CVE-2013-.patch, U_0011-unvalidated-index-length-in-_XkbReadGetNamesReply-CV.patch, U_0012-unvalidated-length-in-_XimXGetReadData-CVE-2013-1997.patch, U_0013-Avoid-overflows-in-XListFonts-CVE-2013-1997-13-15.patch, U_0014-Avoid-overflows-in-XGetFontPath-CVE-2013-1997-14-15.patch, U_0015-Avoid-overflows-in-XListExtensions-CVE-2013-1997-15-.patch * unvalidated index/length in various functions; Avoid overflows in XListFonts(), XGetFontPath(), XListExtensions() [CVE-2013-1997] (bnc##821664, bnc#815451) - U_0001-Unbounded-recursion-in-GetDatabase-when-parsing-incl.patch, U_0002-Unbounded-recursion-in-_XimParseStringFile-when-pars.patch * Unbounded recursion in GetDatabase(), _XimParseStringFile when parsing include files [CVE-2013-2004] (bnc##821664, bnc#815451) openSUSE 12.2 Update This update of darktable fixes a problem inside the embedded libraw version. - Fix for CVE-2013-2126 * added backported patch from git master 0001-fixed-error-handling-for-broken-full-color-images.patch fixes bnc#823114- openSUSE 12.2 Update This update of wireshark includes several security and bug fixes. - update to 1.8.8 [bnc#823932] + vulnerabilities fixed: * The CAPWAP dissector could crash. wnpa-sec-2013-32 * The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 * The PPP dissector could crash. wnpa-sec-2013-34 * The NBAP dissector could crash. wnpa-sec-2013-35 * The RDP dissector could crash. wnpa-sec-2013-36 * The GSM CBCH dissector could crash. wnpa-sec-2013-37 * The Assa Abloy R3 dissector could consume excessive memory and CPU. wnpa-sec-2013-38 * The HTTP dissector could overrun the stack. wnpa-sec-2013-39 * The Ixia IxVeriWave file parser could overflow the heap. wnpa-sec-2013-40 * The DCP ETSI dissector could crash. wnpa-sec-2013-41 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html wnpa-sec-2013-24 CVE-2013-3555 wnpa-sec-2013-25 CVE-2013-3556 CVE-2013-3557 wnpa-sec-2013-26 CVE-2013-3558 wnpa-sec-2013-27 CVE-2013-3559 wnpa-sec-2013-28 CVE-2013-3560 wnpa-sec-2013-29 CVE-2013-3561 CVE-2013-3562 wnpa-sec-2013-30 CVE-2013-3561 wnpa-sec-2013-31 CVE-2013-3561 openSUSE 12.2 Update This update of phpMyAdmin fixes several security issues. - update to 3.5.8.1 (2013-04-24) * [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) * [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) - fix for bnc#824301 * PMASA-2013-2 (CVE-2013-3238) - fix for bnc#824302 * PMASA-2013-3 (CVE-2013-3239) - update to 3.5.8 (2013-04-08) * sf#3828 MariaDB reported as MySQL * sf#3854 Incorrect header for Safari 6.0 * sf#3705 Attempt to open trigger for edit gives NULL * Use HTML5 DOCTYPE * [security] Self-XSS on GIS visualisation page, reported by Janek Vind see PMASA-2013-1 * sf#3800 Incorrect keyhandler behaviour #2 - fix for bnc#814678 * PMASA-2013-1 (CVE-2013-1937) openSUSE 12.2 Update This openconnect update to version 3.20 includes several security and bug fixes. - fix bnc#767616 - fix for CVE-2012-3291 - make vpnc mandatory during build, following upstream changes - package documentation in a -doc package - Update to version 3.20 * Cope with non-keepalive HTTP response on authentication success. * Fix progress callback with incorrect cbdata which caused KDE crash. - Update to version 3.19 * Enable native TPM support when built with GnuTLS. * Enable PKCS#11 token support when built with GnuTLS. * Eliminate all SSL library exposure through libopenconnect. * Parse split DNS information, provide $CISCO_SPLIT_DNS environment variable to vpnc-script. * Attempt to provide new-style MTU information to server (on Linux only, unless specified on command line). * Allow building against GnuTLS, including DTLS support. * Add --with-pkgconfigdir= option to configure for FreeBSD's benefit (fd#48743). - Update to version 3.18 * Fix autohate breakage with --disable-nls... hopefully. * Fix buffer overflow in banner handling. - Update to version 3.17 * Work around time() brokenness on Solaris. * Fix interface plumbing on Solaris 10. * Provide asprintf() function for (unpatched) Solaris 10. * Make vpnc-script mandatory, like it is for vpnc * Don't set Legacy IP address on tun device; let vpnc-script do it. * Detect OpenSSL even without pkg-config. * Stop building static library by default. * Invoke vpnc-script with "pre-init" reason to load tun module if necessary. - Update to version 3.16 * Fix build failure on Debian/kFreeBSD and Hurd. * Fix memory leak of deflated packets. * Fix memory leak of zlib state on CSTP reconnect. * Eliminate memcpy() calls on packets from DTLS and tunnel device. * Use I_LINK instead of I_PLINK on Solaris to plumb interface for Legacy IP. * Plumb interface for IPv6 on Solaris, instead of expecting vpnc-script to do it. * Refer to vpnc-script and help web pages in openconnect output. * Fix potential crash when processing libproxy results. * Be more conservative in detecting libproxy without pkg-config. openSUSE 12.2 Update This update of fail2ban fixes a security vulnerability. Changes in fail2ban: - Fixes: Yaroslav Halchenko * [6ccd5781] filter.d/apache-{auth,nohome,noscript,overflows} - anchor failregex at the beginning (and where applicable at the end). Addresses a possible DoS. Closes gh#fail2ban/fail2ban#248, CVE-2013-2178, bnc#824710 openSUSE 12.2 Update This update fixes a kpasswd UDP ping-pong security bug (CVE-2002-2443). openSUSE 12.2 Update Empty. openSUSE 12.2 Update MozillaFirefox was updated to Firefox 22.0 (bnc#825935) Following security issues were fixed: * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code execution within Profiler * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox restrictions not applied to nested frame elements * MFSA 2013-58/CVE-2013-1696 (bmo#761667) X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context * MFSA 2013-60/CVE-2013-1698 (bmo#876044) getUserMedia permission dialog incorrectly displays location * MFSA 2013-61/CVE-2013-1699 (bmo#840882) Homograph domain spoofing in .com, .net and .name openSUSE 12.2 Update MozillaThunderbird was updated to Thunderbird 17.0.7 (bnc#825935) Security issues fixed: * MFSA 2013-49/CVE-2013-1682 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context openSUSE 12.2 Update Mozilla xulrunner was update to 17.0.7esr (bnc#825935) Security issues fixed: * MFSA 2013-49/CVE-2013-1682 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context openSUSE 12.2 Update This xorg-x11-server update fixes a DoS vulnerability and adds randr support. - U_os-Reset-input-buffer-s-ignoreBytes-field.patch * If a client sends a request larger than maxBigRequestSize, the server is supposed to ignore it. Before commit cf88363d, the server would simply disconnect the client. After that commit, it attempts to gracefully ignore the request by remembering how long the client specified the request to be, and ignoring that many bytes. However, if a client sends a BigReq header with a large size and disconnects before actually sending the rest of the specified request, the server will reuse the ConnectionInput buffer without resetting the ignoreBytes field. This makes the server ignore new X clients' requests. This fixes that behavior by resetting the ignoreBytes field when putting the ConnectionInput buffer back on the FreeInputs list. (bnc#815583) - u_xserver_xvfb-randr.patch * Add randr support to Xvfb (bnc#823410) openSUSE 12.2 Update This python-bugzilla update fixes a SSL verification issue. - CVE-2013-2191 (bnc#825876) - validate SSL certificates and hostnames openSUSE 12.2 Update This nagios update fixes a authorization problem inside host/service views. - added nagios-CVE-2013-2214.patch fixing unauthorized host/service views displayed in servicegroup view (bnc#827020) openSUSE 12.2 Update - Update to 30.0.1553 * Bug and stability fixes * Includes security update for v8 (bnc821601) * CVE-2013-2838 Denial of service (out-of-bounds read) via unspecified vectors - Add the flag --disable-gpu-sandbox to prevent crashes and/or slowness. The GPU Sandbox is a new sandbox introduces in M28 and is currently causing issues (http://code.google.com/p/chromium/issues/detail?id=255063) openSUSE 12.2 Update libkdcraw was updated to fix a possible double-free() on error recovery on damaged full-color (Foveon, sRAW) files. (CVE-2013-2126) openSUSE 12.2 Update was updated to fix SSL hostname certification (CVE-2013-4073) (bnc#827265). https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89 openSUSE 12.2 Update perl-Module-Signature was updated to 0.73, fixing bugs and security issues: Security fix for code execution in signature checking: * fix for bnc#828010 (CVE-2013-2145) * Properly redo the previous fix using File::Spec->file_name_is_absolute. - [Changes for 0.72 - Wed Jun 5 23:19:02 CST 2013] * Only allow loading Digest::* from absolute paths in @INC, by ensuring they begin with \ or / characters. Contributed by: Florian Weimer (CVE-2013-2145) - [Changes for 0.71 - Tue Jun 4 18:24:10 CST 2013] * Constrain the user-specified digest name to /^\w+\d+$/. * Avoid loading Digest::* from relative paths in @INC. Contributed by: Florian Weimer (CVE-2013-2145) - [Changes for 0.70 - Thu Nov 29 01:45:54 CST 2012] * Don't check gpg version if gpg does not exist. This avoids unnecessary warnings during installation when gpg executable is not installed. Contributed by: Kenichi Ishigaki - [Changes for 0.69 - Fri Nov 2 23:04:19 CST 2012] * Support for gpg under these alternate names: gpg gpg2 gnupg gnupg2 Contributed by: Michael Schwern openSUSE 12.2 Update seamonkey was updated to 2.19 (bnc#825935) to fix bugs and security issues. Security issues fixed: * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code execution within Profiler * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox restrictions not applied to nested frame elements * MFSA 2013-58/CVE-2013-1696 (bmo#761667) X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context * MFSA 2013-60/CVE-2013-1698 (bmo#876044) getUserMedia permission dialog incorrectly displays location * MFSA 2013-61/CVE-2013-1699 (bmo#840882) Homograph domain spoofing in .com, .net and .name openSUSE 12.2 Update Mesa was updated to fix a security problem in the Intel drivers, where potentially remote attackers via 3D models could inject code. (CVE-2013-1872 - i965: fix problem with constant out of bounds access (bnc #828007).) openSUSE 12.2 Update Python SUDS was updated to create a create random cache tempdir to avoid other local user access (bnc#827568) (CVE-2013-2217) openSUSE 12.2 Update The qemu guest agent creates a bunch of files with insecure permissions when started in daemon mode. For now mask all file mode bits for "group" and "others" in become_daemon(). Temporarily, for compatibility reasons, stick with the 0666 file-mode in case of files newly created by the "guest-file-open" QMP call. Do so without changing the umask temporarily. QEMU was updated to 1.1.2 on openSUSE 12.2, and 1.3.1 on openSUSE 12.3. openSUSE 12.2 Update Tinyproxy allowed remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that trigger hash collisions predictably. bucket. This update fixes this by limiting headers and improving the hash keying. openSUSE 12.2 Update A directory traversal in cgit could be used by remote attackers to read files on the local filesystem. (CVE-2013-2117) openSUSE 12.2 Update python-django was updated to 1.4.5 to fix various security issues and bugs. Update to 1.4.5: - Security release. - Fix bnc#807175 / bnc#787521 / CVE-2012-4520 / CVE-2013-0305 / CVE-2013-0306 and CVE-2013-1665. - Update to 1.4.3: - Security release: - Host header poisoning - Redirect poisoning - Please check release notes for details: https://www.djangoproject.com/weblog/2012/dec/10/security - Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin - Update to 1.4.2: - Security release: - Host header poisoning - Please check release notes for details: https://www.djangoproject.com/weblog/2012/oct/17/security - Update to 1.4.1: - Security release: - Cross-site scripting in authentication views - Denial-of-service in image validation - Denial-of-service via get_image_dimensions() - Please check release notes for details: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued - Add patch to support CSRF_COOKIE_HTTPONLY config openSUSE 12.2 Update java-1_7_0-openjdk was updated to icedtea-2.4.1 (bnc#828665) * Security fixes - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve deserialization - S8000642, CVE-2013-2446: Better handling of objects for transportation - S8001032: Restrict object access - S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers - S8001034, CVE-2013-1500: Memory management improvements - S8001038, CVE-2013-2444: Resourcefully handle resources - S8001043: Clarify definition restrictions - S8001308: Update display of applet windows - S8001309: Better handling of annotation interfaces - S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost - S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only) - S8003703, CVE-2013-2412: Update RMI connection dialog box - S8004288, CVE-2013-2449: (fs) Files.probeContentType problems - S8004584: Augment applet contextualization - S8005007: Better glyph processing - S8006328, CVE-2013-2448: Improve robustness of sound classes - S8006611: Improve scripting - S8007467: Improve robustness of JMX internal APIs - S8007471: Improve MBean notifications - S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes - S8007925: Improve cmsStageAllocLabV2ToV4curves - S8007926: Improve cmsPipelineDup - S8007927: Improve cmsAllocProfileSequenceDescription - S8007929: Improve CurvesAlloc - S8008120, CVE-2013-2457: Improve JMX class checking - S8008124, CVE-2013-2453: Better compliance testing - S8008128: Better API coherence for JMX - S8008132, CVE-2013-2456: Better serialization support - S8008585: Better JMX data handling - S8008593: Better URLClassLoader resource management - S8008603: Improve provision of JMX providers - S8008607: Better input checking in JMX - S8008611: Better handling of annotations in JMX - S8008615: Improve robustness of JMX internal APIs - S8008623: Better handling of MBeanServers - S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606 - S8008982: Adjust JMX for underlying interface changes - S8009004: Better implementation of RMI connections - S8009008: Better manage management-api - S8009013: Better handling of T2K glyphs - S8009034: Improve resulting notifications in JMX - S8009038: Improve JMX notification support - S8009057, CVE-2013-2448: Improve MIDI event handling - S8009067: Improve storing keys in KeyStore - S8009071, CVE-2013-2459: Improve shape handling - S8009235: Improve handling of TSA data - S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change - S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields - S8009654: Improve stability of cmsnamed - S8010209, CVE-2013-2460: Better provision of factories - S8011243, CVE-2013-2470: Improve ImagingLib - S8011248, CVE-2013-2471: Better Component Rasters - S8011253, CVE-2013-2472: Better Short Component Rasters - S8011257, CVE-2013-2473: Better Byte Component Rasters - S8012375, CVE-2013-1571: Improve Javadoc framing - S8012421: Better positioning of PairPositioning - S8012438, CVE-2013-2463: Better image validation - S8012597, CVE-2013-2465: Better image channel verification - S8012601, CVE-2013-2469: Better validation of image layouts - S8014281, CVE-2013-2461: Better checking of XML signature - S8015997: Additional improvement in Javadoc framing * OpenJDK - list to long, please consult NEWS file - java-1.7.0-openjdk-zero-arch.patch: fix detection of zero arch - ignore rhino dependencies during a build to prevent a build cycle - update to icedtea-2.4.0 (based on oracle jdk7u40) * OpenJDK (see NEWS for full listing) - PR1209, S7170638: Use DTRACE_PROBE[N] in JNI Set and SetStatic Field. - PR1206, S7201205: Add Makefile configuration option to build with unlimited crypto in OpenJDK * Backports - PR1197, S8003120, RH868136: ResourceManager.getApplicationResources() does not close InputStreams - S8014618, RH962568: Need to strip leading zeros in TlsPremasterSecret of DHKeyAgreement * Bug fixes - PR1212: IcedTea7 fails to build because Resources.getText() is no longer available for code to use - Add NSS (commented out) to other platforms. - Allow multiple PKCS11 library initialisation to be a non-critical error. - Complete switch from local zlib patch to upstream version. - Include defs.make in buildtree.make so ZERO_BUILD is recognised and JVM_VARIANT_ZERO set. - Provide support for using PKCS11 provider with NSS - Remove file apparently removed as part of upstreaming of Zero. - Revert 7060849 - Set UNLIMITED_CRYPTO=true to ensure we use the unlimited policy. - PR473: Set handleStartupErrors to ignoreMultipleInitialisation in nss.cfg - PR716: IcedTea7 should bootstrap with IcedTea6 - Expand java.security.cert.* imports to avoid conflict when building with OpenJDK 6. - Fix indentation on Makefile block not executed when STRIP_POLICY=no_strip is set - Fix invalid XSL stylesheets and DTD introduced as part of JEP 167. - Include defs.make in buildtree.make so ZERO_BUILD is recognised and JVM_VARIANT_ZERO set. - Make sure libffi cflags and libs are used. - PR1378: Add AArch64 support to Zero - PR1170: Ensure unlimited crypto policy is in place. - RH513605, PR1280: Updating/Installing OpenJDK should recreate the shared class-data archive - PR1358: Make XRender mandatory - PR1360: Check for /usr/lib64 JVMs and generic JPackage alternative - PR1435, D657854: OpenJDK 7 returns incorrect TrueType font metrics - PR728: GTKLookAndFeel does not honor gtk-alternative-button-order * JamVM - JSR 335: (lambda expressions) initial hack - JEP 171: Implement fence methods in sun.misc.Unsafe - Fix invokesuper check in invokespecial opcode - Fix non-direct interpreter invokespecial super-class check - When GC'ing a native method don't try to free code - Do not free unprepared Miranda method code data - Set anonymous class protection domain - JVM_IsVMGeneratedMethodIx stub - Dummy implementation of sun.misc.Perf natives - separate vm for zero is no longer needed - drop java-1.7.0-openjdk-aarch64.patch (upstream: PR1378) - fix bnc#781690c#11 - setup JAVA_HOME in posttrans, so certificates will be created by this JVM - fix the postrans conditions (add missing prefiX) - relax build requires, so every java-devel >= 1.7.0 can match openSUSE 12.2 Update Libxml2 was updated to fix buffer overread problems which could lead to crashes (out of bounds read). (CVE-2013-2877) openSUSE 12.2 Update - update to 0.9.10: + added fullscreen option + added Thruk support + added Check_MK cookie-based auth + added new Centreon autologin option + added configurable default sort order + added filter for hosts in hard/soft state for Nagios, Icinga, Opsview and Centreon + added $STATUS-INFO$ variable for custom actions + added audio alarms also in fullscreen mode + improved update interval set in seconds instead minutes + improved Icinga JSON support + improved Centreon 2.4 xml/broker support + improved Nagios 3.4 pagination support + improved nicer GTK theme Murrine on MacOSX + fixed security bug + fixed some memory leaks + fixed superfluous passive icon for Check_MK + fixed blocking of shutdown/reboot on MacOSX + fixed saving converted pre 0.9.9 config immediately + fixed statusbar position when offscreen + fixed some GUI issues + fixed update detection - this version fixes a security bug in the automatic update check (mentioned in CVE-2013-4114 and bnc #829217) - fix build on CentOS > 5 openSUSE 12.2 Update - fixing the following security issues: * CVE-2013-4635.patch (bnc#828020): - Integer overflow in the SdnToJewish * CVE-2013-1635.patch and CVE-2013-1643.patch (bnc#807707): - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir * CVE-2013-4113.patch (bnc#829207): - heap corruption due to badly formed xml openSUSE 12.2 Update This version update of lcms2 to release 2.5 fixes several security issues plus several other color management bugs. openSUSE 12.2 Update Subversion was updated to 1.7.11 [bnc#830031] to fix bugs and security issues. * translation updates for Simplified Chinese * mod_dav_svn: fix incorrect path canonicalization (CVE-2013-4131) * javahl bindings: fix bug in error constructing code openSUSE 12.2 Update kdebase4-workspace received fixes for: - KDM: a potential crash in crypt() was fixed (bnc#829857, CVE-2013-4132) - Fixes plasma systemtray memory leak with legacy icons (kde#314919, bnc#817932, bnc#829857, CVE-2013-4133) openSUSE 12.2 Update Tomcat was updated to fix security issues and bug: CVE-2013-1976: Avoid a potential symlink race during startup of the tomcat server, where a local attacker that gaine access to the tomcat chroot could escalate privileges to root. CVE-2013-2067: java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat did not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack. CVE-2012-3544: Tomcat were affected by a chunked transfer encoding extension size denial of service vulnerability. Also the following bug was fixed: - Fix tomcat init scripts generating malformed classpath (http://youtrack.jetbrains.com/issue/JT-18545) bnc#804992 openSUSE 12.2 Update libgcrypt was updated to 1.5.3 [bnc#831359] to fix a security issue, bugs and get some new features: Security issue fixed: * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See <http://eprint.iacr.org/2013/448>. - contains changes from 1.5.2 * The upstream sources now contain the IDEA algorithm, dropping: idea.c.gz libgcrypt-1.5.0-idea.patch libgcrypt-1.5.0-idea_codecleanup.patch * Made the Padlock code work again (regression since 1.5.0). * Fixed alignment problems for Serpent. * Fixed two bugs in ECC computations. - add GPL3.0+ to License tag because of dumpsexp (bnc#810759) - contains changes from 1.5.1 * Allow empty passphrase with PBKDF2. * Do not abort on an invalid algorithm number in gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen. * Fixed some Valgrind warnings. * Fixed a problem with select and high fd numbers. * Improved the build system * Various minor bug fixes. * Interface changes relative to the 1.5.0 release: GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW. GCRYPT_VERSION_NUMBER NEW. openSUSE 12.2 Update Wireshark was updated to 1.8.9 [bnc#831718] + vulnerabilities fixed: * The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45 * The DIS dissector could go into a large loop CVE-2013-4929 wnpa-sec-2013-47 * The DVB-CI dissector could crash CVE-2013-4930 wnpa-sec-2013-48 * The GSM RR dissector (and possibly others) could go into a large loop CVE-2013-4931 wnpa-sec-2013-49 * The GSM A Common dissector could crash CVE-2013-4932 wnpa-sec-2013-50 * The Netmon file parser could crash CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-51 * The ASN.1 PER dissector could crash CVE-2013-4935 wnpa-sec-2013-52 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html openSUSE 12.2 Update - httpd-2.2.x-bnc829056-CVE-2013-1896-pr1482522-mod_dav.diff CVE-2013-1896: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault. [bnc#829056] - httpd-2.2.x-bnc829057-CVE-2013-1862-mod_rewrite_terminal_escape_sequences.diff CVE-2013-1862: client data written to the RewriteLog must have terminal escape sequences escaped. [bnc#829057] openSUSE 12.2 Update The ticket system OTRS was updated to 3.1.18 to fix various bugs and security issues. Update to 3.1.18: * OSA-2013-05, CVE-2013-4717, CVE-2013-4718 fixed. * Fixed bug#9561 - ACL restriction with CustomerID for DynamicFields at new Ticket screen not working. * Fixed bug#9425 - Wrong created date for queue view. * Fixed bug#9125 - AgentTicketSearch dialog does not expand when choosing more search criteria. * Fixed bug#8273 - Copying text in preview mode not possible. * Fixed bug#9557 - Cannot see quoted text in customer ticket zoom. * Fixed bug#9011 - GenericInterface: New value after value mapping can't be 0. * Improved parameter quoting in various places. * Fixed bug#9104 - Group permission for customer subset overwrites permissions for other customers. * Fixed bug#8719 - PasswordMin2Lower2UpperCharacters problem. - 3.1.17 * Fixed OSA-2013-04, CVE-2013-4088. * Improved permission checks in AgentTicketWatcher. * Fixed bug#9503 - no connection header in soap responses. * Added parameter "-t dbonly" to backup.pl to only backup the database * Fixed bug#9491 - GenericAgent job update with dynamic fields sends Uninitialized value error. * Fixed bug#9462 - Package Management page timeout due to HTTPS disabled on Proxy connections. - 3.1.16 * Fixed OSA-2013-03, CVE-2013-3551. * Updated Package Manager, that will ensure that packages to be installed meet the quality standards of OTRS Group. This is to guarantee that your package wasn’t modified, which may possibly harm your system or have an influence on the stability and performance of it. All independent package contributors will have to conduct a check of their Add-Ons by OTRS Group in order to take full advantage of the OTRS package verification. * Fixed bug#9387 - Error in a condition with dynamic fields in NotificationEvent. * Fixed bug#9286 - Ticket::ChangeOwnerToEveryone isn't functional, After a AJAX Load the setting is ignored. * Fixed bug#7518 - Escalation Notify by not working properly (follow-up fix). * Fixed bug#7478 - Got an external answer to an internal mail. * Improved permission checks in AgentTicketPhone. * Fixed bug#[9360](http://bugs.otrs.org/show_bug.cgi?id=9360) - DynamicField Names shown in CSV output. * Fixed bug#9384 - Problem with Method ServiceParentsGet of ServiceObject. * Fixed bug#9072 - Reply to email-internal includes customer users email in Cc. field. - 3.1.15 * Added Malay translation. * Fixed bug#8960 - AgentTicketSearch.pm SearchProfile problem. * Fixed bug#9182 - Customer Search Function -> If you go into a ticket and go back you got not the search results. * Fixed bug#9198 - Linked search with fulltext AND additional attributes. * Fixed bug#9295 - Article dynamic field is not searchable. * Fixed bug#9312 - LinkObject permission check problem. - 3.1.14 * Fixed for OSA-2013-01, CVE-2013-2625. * Fixed bug#9257 - No notifications to agents with out-of-office set but period not reached. * Improved permission checks in LinkObject. * Fixed bug#9191 - When ticket types are restricted, first available type is selected in AgentTicketActionCommon-based screens. * Updated Turkish translation, thanks to Sefer Şimşek / Network Group! * Fixed bug#9214 - IE10: impossible to open links from rich text articles. * Fixed bug#9218 - Cannot use special characters in TicketHook. * Fixed bug#9056 - Unused SysConfig option Ticket::Frontend::CustomerInfoQueueMaxSize. * Follow-up fix for bug#8533 apache will not start on Fedora. * Fixed bug#9172 - Generic Interface does not work on IIS 7.0. * Updated Czech language translation, thanks to Katerina Bubenickova! * Fixed bug#8865 - Additional empty data column in statistics CSV-Output. - update OTRS::ITSM to 3.1.10 (fix for OSA-2013-05, CVE-2013-4717, CVE-2013-4718) - update OTRS::ITSM to 3.1.9 (fix for OSA-2013-03, CVE-2013-3551) - update OTRS::ITSM to 3.1.8 (fix for OSA-2013-01, CVE-2013-2625) (fix for OSA-2013-02, CVE-2013-2637) - update to 3.1.13 - http://www.otrs.com/en/open-source/community-news/releases-notes/ release-notes-otrs-help-desk-3113/ - http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.2260.2.206&view=markup * Fixed bug#9162 - Setting the start day of the week for the datepicker to Sunday does not work. * Fixed bug#9141 - Confused Columns in CustomerTicketSearch (ResultShort). * Fixed bug#9146 - Signed SMIME mails with altered content shows a not clear message. * Fixed bug#9145 - SMIME sign verification errors are not displayed in TicketZoom. * Fixed bug#9140 - Postmaster Filter for empty subjects does not work. * Fixed bug#9121 - Filenames with Unicode NFD are incorrectly reported as NFC by Main::DirectoryRead(). * Fixed bug#9108 - Check for opened/closed tickets not working with Ticket::SubjectFormat = Right. * Fixed bug#8839 - DateChecksum followup doesn't get correctly SystemID. * Updated Russian translation, thanks to Vadim Goncharov! * Fixed bug#9101 - Not possible to create dropdown with autocomplete attribute. * Fixed bug#9096 - All services list is shown instead of only default services. * Fixed bug#8470 - otrs.GenericAgent.pl reports: Can't open '/opt/otrs/otrs_vemco/var/tmp/CacheFileStorable/DynamicField/f3b7e10730fb6c9cab5ae0e7f7e034f3'. * Added new translation for Spanish (Colombia), thanks to John Edisson Ortiz Roman! * Fixed bug#9054 - Link Object deletes all links under certain conditions. * Fixed bug#8944 - do not backup the cache. * Fixed bug#9057 - Generating a PDF with bin/otrs.GenerateStats.pl produces lots of warnings. * Fixed bug#8929 - Fix problems with empty ticket search results while Ticket::Frontend::AgentTicketSearch###ExtendedSearchCondition is inactive. * Fixed bug#9042 - Add X-Spam-Score to Ticket.xml. * Fixed bug#9047 - HistoryTicketGet caches info on disk directly. * Fixed bug#8923 - Alert message shown, if parent window is reloaded while bulk action popup is open. * Fixed bug#9030 - Wrong handling of Invalid YAML in Scheduler Tasks. * Updated CKEditor to version 3.6.6. * Updated Polish translation, thanks to Pawel @ ib.pl! * Follow-up fix for bug#8805 - Cron missing as RPM dependency on RHEL. Changed dependency on 'anacron' to 'vixie-cron' on RHEL5. * Fixed bug#9020 - Generic Ticket Connector does not support attachments with ContentType without charset. * Fixed bug#8545 - Attachment download not possible if pop up of another action is open. * Fixed bug#9009 - Empty Multiselect Dynamic Fields provokes an error. * Fixed bug#8589 - Bulk-Action not possible for single ticket. * Fixed bug#7198 - Broken repository selection width in Package Manager. * Fixed bug#8457 - Error if accessing AgentTicketSearch from AgentTicketPhone in IE8. * Fixed bug#8695 - Table head of Customer Ticket History does not resize on window resize. * Fixed bug#8533 - Apache will not start if you use mod_perl on Fedora 16 or 17. * Fixed bug#8974 - Event Based Notification does not populate REALNAME with Customer User data. - update to 3.1.12 * Fixed bug#8933 - ArticleStorageInit permission check problem. * Fixed bug#8763 - Please add charset conversion for customer companies. * Fixed bug#1970 - Email attachments of type .msg (Outlook-Message) are converted. * Fixed bug#8955 - Init script might fail on SUSE. * Fixed bug#8936 - Ticket close date is empty when ticket is created in closed state. * Fixed bug#8937 - "$" should be escaped in interpolated strings when javascript is meant. * Fixed bug#8919 - Customer interface search results: ticket can only be accessed via ticket number and subject. * Fixed bug#8850 - CustomerTicketOverview - MouseOver Age isn't always correct. * Fixed bug#8868 - Event Based Notification problem saving 'text' Dynamic Fields. * Fixed bug#8914 - Syntax error in hash loop in TicketGet operation. * Fixed bug#8749 - CustomerFrontend: missing dynamicfield in search results. * Fixed bug#8873 - Bad example of customization of "static" dynamic fields in AgentTicketOverviewSmall. * Fixed bug#8791 - IMAPTLS fails with some Microsoft Exchange servers. * Fixed bug#8841 - Search for Dynamic Fields shows all tickets (on "enter" key pressed). * Fixed bug#8861 - Ticket History overlaid calender choice function. * Fixed bug#8862 - GI debugger GUI does not show SOAP XML tags correctly. * Fixed bug#8566 - Cannot download attachment if filename has character #. * Fixed bug#8833 - Article table in TicketZoom does not scroll correctly. * Fixed bug#8673 - Richtext-Editor popups broken on Customer-Interface. * Fixed bug#8859 - Package upgrade does not work if an installed testpackage should be upgraded with a newer regular package. * Fixed bug#8678 - 'WidgetAction Toggle' is always shown as 'Expanded' when nesting elements * Fixed bug#8378 - Validation fails if the ID of the element contains a dot (.) or a colon (:) * Fixed bug#8847 - Inline PGP message description routine does not add any info, thanks to IB Development Team. * Fixed bug#8848 - AgentTicketEmail does not preserve PGP Signatures set if attachment is added. * Fixed bug#8149 - Wrong handling of subject when SubjectFormat=right. * Updated Polish translation, thanks to Pawel! * Fixed bug#8820 - Service rcotrs restart fails because a race condition happens. * Fixed bug#8819 - Syntax error (stop crontab command) in SuSE rc script. * Removed auto cleanup of expired sessions in CreateSessionID() to improve the scalability of the hole system. * Fixed bug#8667 - TicketSplit does not use QueueID of old Ticket for ACL Checking. * Fixed bug#8780 - 508 Compliance: Text descriptions of "Responsible Tickets" and "Locked Tickets" links are insufficient for screen reader users. * Fixed bug#8812 - Encrypted email doesn't see properly in Outlook. * Fixed bug#8214 - OTRS Init script on Red Hat fails to check scheduler. * Fixed bug#8850 - Cron missing as RPM dependency on Red Hat Enterprise Linux. * Fixed bug#7274 - Ticket QueueView sorts by priority on first page but subsequent pages sort incorrectly by Age. * Fixed bug#8792 - TriggerEscalationStopEvents logs as loglevel 'error'. * Fixed bug#8743 - AgentTicketCompose.pm creates To, CC, BCC filelds without spaces after comma. * Fixed bug#8606 - Escalation notifications should not be sent to agents who are set out-of-office. * Fixed bug#8740 - backup.pl: insufficient handling of system() return values. * Fixed bug#8622 - Storing a new GI Invoker or Operation with an existing name doesn't complain anything. * Fixed bug#8770 - AJAX Removes Default Options (follow-up fix). * Improved caching for Services and Service Lists. - Update ITSM to 3.1.7 - News * In AgentTicketZoom the service and the sla are now shown as links to the service zoom / sla zoom screens. * Updated Polish translation, thanks to Pawel! * Added feature in bin/otrs.ITSMConfigItemDelete.pl script to delete config items by class together with the deployment state. * Added CustomerCompany field type that allows to link CI's with Customer Companies registered in OTRS. * Enhanced Import/Export screen to show a summary after importing. * Added new optional sysconfig option to check if config item names are unique. * Added attachment support for ITSM config items. This will replace the OTRS FeatureAddOn OTRSCIAttachment. Please uninstall this FeatureAddon BEFORE you upgrade to OTRS::ITSM 3.1.7 (no attachment data will be lost)! - Bug Fixes * Bug# 5928 - Print PDF: Newline not interpreted. * Bug# 8723 - Setting the planned start and planned end time to the same value causes an error. * Bug# 8785 - Poor performance of ServiceGet with many child services. * Bug# 8626 - AgentTicketAddtlITSMField, Ticket states set to first state after reload. * Bug# 8852 - No Impact and Criticality in CustomerTicketZoom. * Bug# 7786 - Search by "type" not displaying correct results from page 2 on. * Bug# 8804 - Reorder of workorders based on actual startime. * Bug# 8686 - CI-Search can not handle > 1000 CIs per class * Bug# 8863 - Problem with ChangeManagement DropDowns in Conditions Mask. * Bug# 8834 - Broken changes created from template when no time offset. * Bug# 8830 - CI version header should be clickable in all columns. * Bug# 8613 - Wrong date if a workorder has been created from a template. * Bug# 8881 - Searching for a config item number = 0 or a config item name = 0 (without wildcards) finds results where it should not. * Bug# 8882 - Error message from ToolBarMyCAB. * Bug# 8614 - Update agent notification doesn't contain agent name. * Bug# 8615 - Notification not sent for ChangeStateUpdate to pending PIR. * Bug# 7508 - Autocomplete uses milliseconds rather than seconds. - rebase perm patch - fix changes file openSUSE 12.2 Update - complete overhaul of this package, with update to 2.7.5. - ruleset update to 2.2.8-0-g0f07cbb. - new configuration framework private to mod_security2: /etc/apache2/conf.d/mod_security2.conf loads /usr/share/apache2-mod_security2/rules/modsecurity_crs_10_setup.conf, then /etc/apache2/mod_security2.d/*.conf , as set up based on advice in /etc/apache2/conf.d/mod_security2.conf Your configuration starting point is /etc/apache2/conf.d/mod_security2.conf - !!! Please note that mod_unique_id is needed for mod_security2 to run! - modsecurity-apache_2.7.5-build_fix_pcre.diff changes erroneaous linker parameter, preventing rpath in shared object. - fixes contained for the following bugs: * CVE-2009-5031, CVE-2012-2751 [bnc#768293] request parameter handling * [bnc#768293] multi-part bypass, minor threat * CVE-2013-1915 [bnc#813190] XML external entity vulnerability * CVE-2012-4528 [bnc#789393] rule bypass * CVE-2013-2765 [bnc#822664] null pointer dereference crash - new from 2.5.9 to 2.7.5, only major changes: * GPLv2 replaced by Apache License v2 * rules are not part of the source tarball any longer, but maintaned upstream externally, and included in this package. * documentation was externalized to a wiki. Package contains the FAQ and the reference manual in html form. * renamed the term "Encryption" in directives that actually refer to hashes. See CHANGES file for more details. * new directive SecXmlExternalEntity, default off * byte conversion issues on s390x when logging fixed. * many small issues fixed that were discovered by a Coverity scanner * updated reference manual * wrong time calculation when logging for some timezones fixed. * replaced time-measuring mechanism with finer granularity for measured request/answer phases. (Stopwatch remains for compat.) * cookie parser memory leak fix * parsing of quoted strings in multipart Content-Disposition headers fixed. * SDBM deadlock fix * @rsub memory leak fix * cookie separator code improvements * build failure fixes * compile time option --enable-htaccess-config (set) openSUSE 12.2 Update This version upgrade of mariadb fixed the following issues: - get rid of info which is not info (bnc#747811) - minor polishing of spec/installation - avoiding file conflicts with mytop - better fix for hardcoded libdir issue - making mysqldump work with MySQL 5.0 (bnc#768832) - fixed log rights (bnc#789263 and bnc#803040) - binlog disabled in default configuration (bnc#791863) - fixed dependencies for client package (bnc#780019) Additionally, it includes multiple security fixes. openSUSE 12.2 Update This update of strongswan fixed a denial-of-service vulnerability, that could be triggered by special XAuth usernames and EAP identities. openSUSE 12.2 Update This update of samba fixed the following issues: - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20; (bnc#806501). - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124; (bnc#829969). - PIDL: fix parsing linemarkers in preprocessor output; (bso#9636). - build:autoconf: fix output of syslog-facility check; (bso#9983). - libreplace: add a missing "eval" to the AC_VERIFY_C_PROTOTYPE macro. - Remove ldapsmb from the main spec file. - Don't bzip2 the main tar ball, use the upstream gziped one instead. - Fix crash bug during Win8 sync; (bso#9822). - Check for system libtevent and link dbwrap_tool and dbwrap_torture against it; (bso#9881). - errno gets overwritten in call to check_parent_exists(); (bso#9927). - Fix a bug of drvupgrade of smbcontrol; (bso#9941). - Document idmap_ad rfc2307 attribute requirements; (bso#9880); (bnc#820531). - Don't install the tdb utilities man pages on post-12.1 systems; (bnc#823549). - Fix libreplace license ambiguity; (bso#8997); (bnc#765270). - Fix is_printer_published GUID retrieval; (bso#9900); (bnc#798856). - Fix 'map untrusted to domain' with NTLMv2; (bso#9817); (bnc#817919). - Don't modify the pidfile name when a custom config file path is used; (bnc#812929). - Add extra attributes for AD printer publishing; (bso#9378); (bnc#798856). - Fix vfs_catia module; (bso#9701); (bnc#824833). - Fix AD printer publishing; (bso#9378); (bnc#798856). openSUSE 12.2 Update libzypp was adjusted to enhance the RPM GPG key import/handling to avoid a problem with multiple key blobs. Attackers able to supplying a repository could let the packagemanager show another keys fingerprint while a second one was actually used to sign the repository (CVE-2013-3704). openSUSE 12.2 Update This version upgrade of phpMyAdmin fixed various security issues (SQL injection, XSS, full path disclosure, Clickjacking) openSUSE 12.2 Update Changes in seamonkey: - update to SeaMonkey 2.20 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - removed obsolete seamonkey-shared-nss-db.patch Changes in seamonkey: - update to SeaMonkey 2.20 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - removed obsolete seamonkey-shared-nss-db.patch Changes in xulrunner: - update to 17.0.8esr (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system Changes in xulrunner: - update to 17.0.8esr (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system Changes in MozillaThunderbird: - update to Thunderbird 17.0.8 (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - update Enigmail to 1.5.2 * bugfix release Changes in MozillaThunderbird: - update to Thunderbird 17.0.8 (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - update Enigmail to 1.5.2 * bugfix release Changes in mozilla-nss: - fix 32bit requirement, it's without () actually - update to 3.15.1 * TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. * some bugfixes and improvements - require libnssckbi instead of mozilla-nss-certs so p11-kit can conflict with the latter (fate#314991) - update to 3.15 * Packaging + removed obsolete patches * nss-disable-expired-testcerts.patch * bug-834091.patch * New Functionality + Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); + Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. + Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. + certutil has been updated to support creating name constraints extensions. * New Functions in ssl.h SSL_PeerStapledOCSPResponse - Returns the server's stapled OCSP response, when used with a TLS client socket that negotiated the status_request extension. SSL_SetStapledOCSPResponses - Set's a stapled OCSP response for a TLS server socket to return when clients send the status_request extension. in ocsp.h CERT_PostOCSPRequest - Primarily intended for testing, permits the sending and receiving of raw OCSP request/responses. in secpkcs7.h SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7 signature at a specific time other than the present time. in xconst.h CERT_EncodeNameConstraintsExtension - Matching function for CERT_DecodeNameConstraintsExtension, added in NSS 3.10. in secitem.h SECITEM_AllocArray SECITEM_DupArray SECITEM_FreeArray SECITEM_ZfreeArray - Utility functions to handle the allocation and deallocation of SECItemArrays SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is now obsolete. SECITEM_ReallocItemV2 better matches caller expectations, in that it updates item->len on allocation. For more details of the issues with SECITEM_ReallocItem, see Bug 298649 and Bug 298938. in pk11pub.h PK11_Decrypt - Performs decryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. PK11_Encrypt - Performs encryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. * New Types in secitem.h SECItemArray - Represents a variable-length array of SECItems. * New Macros in ssl.h SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure TLS client sockets to request the certificate_status extension (eg: OCSP stapling) when set to PR_TRUE * Notable changes + SECITEM_ReallocItem is now deprecated. Please consider using SECITEM_ReallocItemV2 in all future code. + The list of root CA certificates in the nssckbi module has been updated. + The default implementation of SSL_AuthCertificate has been updated to add certificate status responses stapled by the TLS server to the OCSP cache. * a lot of bugfixes - Add Source URL, see https://en.opensuse.org/SourceUrls Changes in mozilla-nss: - fix 32bit requirement, it's without () actually - update to 3.15.1 * TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. * some bugfixes and improvements - require libnssckbi instead of mozilla-nss-certs so p11-kit can conflict with the latter (fate#314991) - update to 3.15 * Packaging + removed obsolete patches * nss-disable-expired-testcerts.patch * bug-834091.patch * New Functionality + Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); + Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. + Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. + certutil has been updated to support creating name constraints extensions. * New Functions in ssl.h SSL_PeerStapledOCSPResponse - Returns the server's stapled OCSP response, when used with a TLS client socket that negotiated the status_request extension. SSL_SetStapledOCSPResponses - Set's a stapled OCSP response for a TLS server socket to return when clients send the status_request extension. in ocsp.h CERT_PostOCSPRequest - Primarily intended for testing, permits the sending and receiving of raw OCSP request/responses. in secpkcs7.h SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7 signature at a specific time other than the present time. in xconst.h CERT_EncodeNameConstraintsExtension - Matching function for CERT_DecodeNameConstraintsExtension, added in NSS 3.10. in secitem.h SECITEM_AllocArray SECITEM_DupArray SECITEM_FreeArray SECITEM_ZfreeArray - Utility functions to handle the allocation and deallocation of SECItemArrays SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is now obsolete. SECITEM_ReallocItemV2 better matches caller expectations, in that it updates item->len on allocation. For more details of the issues with SECITEM_ReallocItem, see Bug 298649 and Bug 298938. in pk11pub.h PK11_Decrypt - Performs decryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. PK11_Encrypt - Performs encryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. * New Types in secitem.h SECItemArray - Represents a variable-length array of SECItems. * New Macros in ssl.h SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure TLS client sockets to request the certificate_status extension (eg: OCSP stapling) when set to PR_TRUE * Notable changes + SECITEM_ReallocItem is now deprecated. Please consider using SECITEM_ReallocItemV2 in all future code. + The list of root CA certificates in the nssckbi module has been updated. + The default implementation of SSL_AuthCertificate has been updated to add certificate status responses stapled by the TLS server to the OCSP cache. * a lot of bugfixes - Add Source URL, see https://en.opensuse.org/SourceUrls Changes in mozilla-nspr: - update to version 4.10 * bmo#844513: Add AddressSanitizer (ASan) memory check annotations to PLArena. * bmo#849089: Simple changes to make NSPR's configure.in work with the current version of autoconf. * bmo#856196: Fix compiler warnings and clean up code in NSPR 4.10. * bmo#859066: Fix warning in nsprpub/pr/src/misc/prnetdb.c. * bmo#859830: Deprecate ANDROID_VERSION in favor of android/api-level.h. * bmo#861434: Make PR_SetThreadPriority() change priorities relatively to the main process instead of using absolute values on Linux. * bmo#871064L: _PR_InitThreads() should not call PR_SetThreadPriority. Changes in mozilla-nspr: - update to version 4.10 * bmo#844513: Add AddressSanitizer (ASan) memory check annotations to PLArena. * bmo#849089: Simple changes to make NSPR's configure.in work with the current version of autoconf. * bmo#856196: Fix compiler warnings and clean up code in NSPR 4.10. * bmo#859066: Fix warning in nsprpub/pr/src/misc/prnetdb.c. * bmo#859830: Deprecate ANDROID_VERSION in favor of android/api-level.h. * bmo#861434: Make PR_SetThreadPriority() change priorities relatively to the main process instead of using absolute values on Linux. * bmo#871064L: _PR_InitThreads() should not call PR_SetThreadPriority. Changes in MozillaFirefox: - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - fix build on ARM (/-g/ matches /-grecord-switches/) Changes in MozillaFirefox: - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - fix build on ARM (/-g/ matches /-grecord-switches/) openSUSE 12.2 Update The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. (CVE-2013-4854, bnc#831899) openSUSE 12.2 Update FileZilla was updated to version 3.7.3 to add various features, fix bugs and also security issues in the embedded putty ssh client. Full changelog: https://filezilla-project.org/changelog.php - Noteworthy changes: * Apply a fix for a security vulnerability in PuTTY as used in FileZilla to handle SFTP. See CVE-2013-4852 for reference. * Merge further fixes from PuTTY to address CVE-2013-4206, CVE-2013-4207, CVE-2013-4208 - Version bump to 3.7.0.1 - Fix issues with bundled gnutls - Update translations - Update to version 3.7.0. Changes since 3.6.0.2: - Show total transfer speed as tooltip over the transfer indicators - List supported protocols in tooltip of host field in quickconnect bar - Use TLS instead of the deprecated term SSL - Reworded text when saving of passwords is disabled, do not refer to kiosk mode - Improved usability of Update page in settings dialog - Improve SFTP performance - When navigating to the parent directory, highlight the former child - When editing files, use high priority for the transfers - Add label to size conditions in filter conditions dialog indicating that the unit is bytes - Ignore drag&drop operations where source and target are identical and clarify the wording in some drop error cases - Trim whitespace from the entered port numbers - Slightly darker color of inactive tabs - Ignore .. item in the file list context menus if multiple items are selected - Display TLS version and key exchange algorithm in certificate and encryption details dialog for FTP over TLS connections. - Fix handling of remote paths containing double-quotes - Fix crash when opening local directories in Explorer if the name contained characters not representable in the locale's narrow-width character set. - Fix a memory leak in the host key verification dialog for SFTP - Fix drag-scrolling in file lists with very low height - Don't attempt writing XML files upon loading them - Improve handling of legacy DDE file associations - Fix handling of HTTPS in the auto updater in case a mirror redirects to HTTPS - Update to version 3.6.0.2. Changes since 3.5.3: - 3.6.0.2 (2012-11-29) * Fix problems with stalling FTP over TLS uploads * MSW: Minor performance increase listing local files - 3.6.0.1 (2012-11-18) * Fix problems with TLS cipher selection, including a bugfix for GnuTLS * Fix a crash on shutdown * Add log message for servers not using UTF-8 * Small performance and memory optimizations getting file types * Improve formatting of transfer speeds - 3.6.0 (2012-11-10) * Fix a crash introduced since 3.5.3 * IPv6-only hosts should no longer cause a crash in the network configuration wizard openSUSE 12.2 Update poppler was updated to fix a security problem. PDF files could emit messages with terminal escape sequences which could be used to inject shell code if the user ran a PDF viewer from a terminal shell (CVE-2012-2142). Also a bug was fixed to avoid division by zero when using origpagesizes option (bnc#795582) openSUSE 12.2 Update cacti was updated to version 0.8.8b to fix security issues and bugs. - Fixes CVE-2013-1434 CVE-2013-1435 - security: SQL injection and shell escaping issues - bug: Fixed issue with custom data source information being lost when saved from edit - bug: Repopulate the poller cache on new installations - bug: Fix issue with poller not escaping the script query path correctly - bug: Allow snmpv3 priv proto none - bug: Fix issue where host activate may flush the entire poller item cache openSUSE 12.2 Update The ruby gemrc configured the gem installation source as http source, allowing man in the middle attacks (if someone could provide a different address for rubygems.org). openSUSE 12.2 Update XEN was updated to 4.1.5 release. It fixes various bugs and security issues. Issues fixed seperately from the 4.1.5 release: - bnc#824676 - Failed to setup devices for vm instance when start multiple vms simultaneously - bnc#XXXXXX - xen: CVE-2013-XXXX: XSA-61: suppress device assignment to HVM guest when there is no IOMMU - Various upstream patches from Jan were integrated. - bnc#823786 - migrate.py support of short options dropped by PTF - bnc#803712 - after live migration rcu_sched_state detected stalls add new option xm migrate --min_remaing <num> - CVE-2013-1432 / bnc#826882 - xen: XSA-58: x86: fix page refcount handling in page table pin error path - CVE-2013-2211 / bnc#823608 - xen: XSA-57: libxl allows guest write access to sensitive console related xenstore keys - bnc#823011 - xen: XSA-55: Multiple vulnerabilities in libelf PV kernel handling - bnc#801663 - performance of mirror lvm unsuitable for production - CVE-2013-1918/ bnc#816159 - xen: CVE-2013-1918: XSA-45: Several long latency operations are not preemptible - CVE-2013-1952 / bnc#816163 - xen: CVE-2013-1952: XSA-49: VT-d interrupt remapping source validation flaw for bridges - CVE-2013-2076 / bnc#820917 - CVE-2013-2076: xen: Information leak on XSAVE/XRSTOR capable AMD CPUs (XSA-52) - CVE-2013-2077 / bnc#820919 - CVE-2013-2077: xen: Hypervisor crash due to missing exception recovery on XRSTOR (XSA-53) - CVE-2013-2078 / bnc#820920 - CVE-2013-2078: xen: Hypervisor crash due to missing exception recovery on XSETBV (XSA-54) - CVE-2013-2072 / bnc#819416 - xen: CVE-2013-2072: XSA-56: Buffer overflow in xencontrol Python bindings affecting xend - Update to Xen 4.1.5 c/s 23509 There were many xen.spec file patches dropped as now being included in the 4.1.5 tarball. - CVE-2013-1918 / bnc#816159 - xen: XSA-45: Several long latency operations are not preemptible - CVE-2013-1952 / bnc#816163 - xen: XSA-49: VT-d interrupt remapping source validation flaw for bridges - bnc#809662 - can't use pv-grub to start domU (pygrub does work) - CVE-2013-1917 / bnc#813673 - xen: Xen PV DoS vulnerability with SYSENTER - CVE-2013-1919 / bnc#813675 - xen: Several access permission issues with IRQs for unprivileged guests - CVE-2013-1920 / bnc#813677 - xen: Potential use of freed memory in event channel operations - bnc#814709 - Unable to create XEN virtual machines in SLED 11 SP2 on Kyoto openSUSE 12.2 Update libpixman was updated to fix a stack based buffer overflow (CVE-2013-1591). openSUSE 12.2 Update roundcubemail was updated to version 0.9.3 (bnc#837436) (CVE-2013-5645) * Optimized UI behavior for touch devices * Fix setting refresh_interval to "Never" in Preferences * Fix purge action in folder manager * Fix base URL resolving on attribute values with no quotes * Fix wrong handling of links with '|' character * Fix colorspace issue on image conversion using ImageMagick? * Fix XSS vulnerability when saving HTML signatures * Fix XSS vulnerability when editing a message "as new" or draft * Fix rewrite rule in .htaccess * Fix detecting Turkish language in ISO-8859-9 encoding * Fix identity-selection using Return-Path headers * Fix parsing of links with ... in URL * Fix compose priority selector when opening in new window * Fix bug where signature wasn't changed on identity selection when editing a draft * Fix IMAP SETMETADATA parameters quoting * Fix "could not load message" error on valid empty message body * Fix handling of message/rfc822 attachments on message forward and edit * Fix parsing of square bracket characters in IMAP response strings * Don't clear References and in-Reply-To when a message is "edited as new" * Fix messages list sorting with THREAD=REFS * Remove deprecated (in PHP 5.5) PREG /e modifier usage * Fix empty messages list when register_globals is enabled * Fix so valid and set date.timezone is not required by installer checks * Canonize boolean ini_get() results * Fix so install do not fail when one of DB driver checks fails but other drivers exist * Fix so exported vCard specifies encoding in v3-compatible format - Update to version 0.9.2 * Fix image thumbnails display in print mode * Fix height of message headers block * Fix timeout issue on drag&drop uploads * Fix default sorting of threaded list when THREAD=REFS isn't supported * Fix list mode switch to 'List' after saving list settings in Larry skin * Fix error when there's no writeable addressbook source * Fix zipdownload plugin issue with filenames charset * Fix so non-inline images aren't skipped on forward * Fix "null" instead of empty string on messages list in IE10 * Fix legacy options handling * Fix so bounces addresses in Sender headers are skipped on Reply-All * Fix bug where serialized strings were truncated in PDO::quote() * Fix displaying messages with invalid self-closing HTML tags * Fix PHP warning when responding to a message with many Return-Path headers * Fix unintentional compose window resize * Fix performance regression in text wrapping function * Fix connection to posgtres db using unix socket * Fix handling of comma when adding contact from contacts widget * Fix bug where a message was opened in both preview pane and new window on double-click * Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml * Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 * Fix invalid option selected in default_font selector when font is unset * Fix displaying contact with ID divisible by 100 in sql addressbook * Fix browser warnings on PDF plugin detection * Fix fatal error when parsing UUencoded messages - Update to version 0.9.1 * a lot of bugfixes and smaller improvements (http://trac.roundcube.net/wiki/Changelog) - Update to version 0.9.0 * Improved rendering of forwarded and attached messages * Optionally display and compose email messages a new windows * Unified UI for message view and composition * Show sender photos from contacts in email view * Render thumbnails for image attachments * Download all attachments as zip archive (using the zipdownload plugin) * Forward multiple emails as attachments * CSV import for contacts openSUSE 12.2 Update This python update includes a SSL certificates fix and other minor fixes. - disable test_io completely on ppc/ppc64 - handle NULL bytes in certain fields of SSL certificates (CVE-2013-4238, bnc#834601, CVE-2013-4238_py27.patch) - python & python-base Release numbers can differ, take that into account. See bnc#766778 comment 12. openSUSE 12.2 Update This python update includes a SSL certificates fix and other minor changes. - disable test_io on ppc* as it hangs - handle NULL bytes in certain fields of SSL certificates (CVE-2013-4238, bnc#834601, CVE-2013-4238-py32.patch) openSUSE 12.2 Update This squid update includes several security fixes and minor changes. - squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname. - squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0188-cachemgr_cgi_dos.diff memory leak in cachemgr.cgi known as CVE-2013-0189, which is the underfixed CVE-2012-5643 problem. [bnc#796999] [bnc#794954] - run logrotate as squid:nogroup [bnc#677335] openSUSE 12.2 Update This squid3 update includes several security fixes and minor changes. - squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname. - run logrotate as squid:nogroup [bnc#677335] openSUSE 12.2 Update This subversion update includes a security fix and several minor changes. - update to 1.7.13 [bnc#836245] - User-visible changes: - General * merge: fix bogus mergeinfo with conflicting file merges * diff: fix duplicated path component in '--summarize' output * ra_serf: ignore case when checking certificate common names - Server-side bugfixes: * svnserve: fix creation of pid files CVE-2013-4277 * mod_dav_svn: better status codes for commit failures * mod_dav_svn: do not map requests to filesystem - Developer-visible changes: - General: * don't use uninitialized variable to produce an error code - Bindings: * swig-pl: fix SVN::Client not honoring config file settings * swig-pl & swig-py: disable unusable svn_fs_set_warning_func openSUSE 12.2 Update This wireshark update to 1.8.10 fixes several security and non security bugs. [bnc#839607] + vulnerabilities fixed: * The NBAP dissector could crash. wnpa-sec-2013-55 CVE-2013-5718 * The ASSA R3 dissector could go into an infinite loop. wnpa-sec-2013-56 CVE-2013-5719 * The RTPS dissector could overflow a buffer. wnpa-sec-2013-57 CVE-2013-5720 * The MQ dissector could crash. wnpa-sec-2013-58 CVE-2013-5721 * The LDAP dissector could crash. wnpa-sec-2013-59 CVE-2013-5722 * The Netmon file parser could crash. wnpa-sec-2013-60 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.10.html openSUSE 12.2 Update This tiff security update fixes several buffer overflow issues and a out-of-bounds wirte problem. * tiff: buffer overflows/use after free problem [CVE-2013-4231][CVE-2013-4232][bnc#834477] * libtiff (gif2tiff): OOB Write in LZW decompressor [CVE-2013-4244][bnc#834788] * libtiff (gif2tiff): heap-based buffer overflow in readgifimage() [CVE-2013-4243][bnc#834779] openSUSE 12.2 Update Empty. openSUSE 12.2 Update This xulrunner17 version update to 17.0.9esr fixes the following security issues (bnc#840485): * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-76/CVE-2013-1718 Miscellaneous memory safety hazards * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object openSUSE 12.2 Update This MozillaFirefox update to version 24.0 fixes several security and non-security issues: - move greek to the translations-common package (bnc#840551) - update to Firefox 24.0 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-78/CVE-2013-1721 (bmo#890277) Integer overflow in ANGLE library * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - enable gstreamer explicitely via pref (gecko.js) - require NSS 3.15.1 openSUSE 12.2 Update This MozillaThunderbird update to version 24.0 fixes several security and non-security issues: - update to Thunderbird 24.0 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - moved greek to common translation package - require NSPR 4.10 and NSS 3.15.1 - add GStreamer build requirements for Gecko - added enigmail-build.patch to fix TB packaging (bmo#886095) - removed obsolete patches: * enigmail-old-gcc.patch * mozilla-gcc43-enums.patch * mozilla-gcc43-template_hacks.patch * mozilla-gcc43-templates_instantiation.patch * ppc-xpcshell.patch openSUSE 12.2 Update This seamonkey update to version 2.21 fixes several security and non-security issues: - update to SeaMonkey 2.21 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-78/CVE-2013-1721 (bmo#890277) Integer overflow in ANGLE library * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - requires NSS 3.15.1 openSUSE 12.2 Update This python-django update fixes several security issues. - Update to version 1.4.8 (bnc#840832, CVE-2013-1443): + Fixed denial-of-service via large passwords - Changes from version 1.4.7: + Fixed directory traversal with ssi template tag - Changes from version 1.4.6: + Fixed Cross-site scripting (XSS) in admin interface + Fixed Possible XSS via is_safe_url openSUSE 12.2 Update This boost update fixes a UTF validation problem. - Apply boost-locale_utf.patch to fix a vulnerability in the utf handling of boost:locale (bnc#801991, CVE-2013-0252) openSUSE 12.2 Update This systemd update fixes several security issue. - polkit-Avoid-race-condition-in-scraping-proc.patch VUL-0: polkit: process subject race condition (bnc#836932) CVE-2013-4288. openSUSE 12.2 Update This icedtea-web update fixes several security issues. Changes in icedtea-web: - update to 1.4.1 (bnc#840572) * Improved and cleaned Temporary internet files panel * NetX - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of local file * Plugin - PR854: Resizing an applet several times causes 100% CPU load * Security Updates - CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet CVE-2012-4540 nit fixed in icedtea-web 1.4 * Misc - reproducers tests are enabled in dist-tarball - application context support for OpenJDK build 25 and higher - small patches into rhino support and - PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties - need jpackage-utils on older distros - run more tests in %check - drop icedtea-web-AppContext.patch, already upstream - add javapackages-tools to build requires openSUSE 12.2 Update The Linux kernel was updated to 3.4.63, fixing various bugs and security issues. - Linux 3.4.59 (CVE-2013-2237 bnc#828119). - Linux 3.4.57 (CVE-2013-2148 bnc#823517). - Linux 3.4.55 (CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 bnc#827749 bnc#827750 bnc#831055 bnc#831058). - Drivers: hv: util: Fix a bug in util version negotiation code (bnc#838346). - vmxnet3: prevent div-by-zero panic when ring resizing uninitialized dev (bnc#833321). - bnx2x: protect different statistics flows (bnc#814336). - bnx2x: Avoid sending multiple statistics queries (bnc#814336). - Drivers: hv: util: Fix a bug in version negotiation code for util services (bnc#828714). - Update Xen patches to 3.4.53. - netfront: fix kABI after "reduce gso_max_size to account for max TCP header". - netback: don't disconnect frontend when seeing oversize packet (bnc#823342). - netfront: reduce gso_max_size to account for max TCP header. - backends: Check for insane amounts of requests on the ring. - reiserfs: Fixed double unlock in reiserfs_setattr failure path. - reiserfs: locking, release lock around quota operations (bnc#815320). - reiserfs: locking, handle nested locks properly (bnc#815320). - reiserfs: locking, push write lock out of xattr code (bnc#815320). - ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size (bnc#831055, CVE-2013-4163). - af_key: fix info leaks in notify messages (bnc#827749 CVE-2013-2234). - af_key: initialize satype in key_notify_policy_flush() (bnc#828119 CVE-2013-2237). - ipv6: call udp_push_pending_frames when uncorking a socket with (bnc#831058, CVE-2013-4162). - ipv6: ip6_sk_dst_check() must not assume ipv6 dst. - xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end (CVE-2013-1819 bnc#807471). - brcmsmac: don't start device when RfKill is engaged (bnc#787649). - CIFS: Protect i_nlink from being negative (bnc#785542 bnc#789598). - cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bnc#794988). - xfs: xfs: fallback to vmalloc for large buffers in xfs_compat_attrlist_by_handle (bnc#818053 bnc#807153). - xfs: fallback to vmalloc for large buffers in xfs_attrlist_by_handle (bnc#818053 bnc#807153). - Linux 3.4.53 (CVE-2013-2164 CVE-2013-2851 bnc#822575 bnc#824295). - drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (bnc#824295, CVE-2013-2164). - fanotify: info leak in copy_event_to_user() (CVE-2013-2148 bnc#823517). - block: do not pass disk names as format strings (bnc#822575 CVE-2013-2851). - ext4: avoid hang when mounting non-journal filesystems with orphan list (bnc#817377). - Linux 3.4.49 (CVE-2013-0231 XSA-43 bnc#801178). - Linux 3.4.48 (CVE-2013-1774 CVE-2013-2850 bnc#806976 bnc#821560). - Always include the git commit in KOTD builds This allows us not to set it explicitly in builds submitted to the official distribution (bnc#821612, bnc#824171). - Bluetooth: Really fix registering hci with duplicate name (bnc#783858). - Bluetooth: Fix registering hci with duplicate name (bnc#783858). openSUSE 12.2 Update Mozilla NSS was updated to 3.15.2 (bnc#842979) * Support for AES-GCM ciphersuites that use the SHA-256 PRF * MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs * Add PK11_CipherFinal macro * sizeof() used incorrectly * nssutil_ReadSecmodDB() leaks memory * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. * Deprecate the SSL cipher policy code * Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739) openSUSE 12.2 Update * GnuPG treated no-usage-permitted keys as all-usages-permitted * added gpg2-CVE-2013-4351.patch * GnuPG treated no-usage-permitted keys as all-usages-permitted * added gpg2-CVE-2013-4351.patch openSUSE 12.2 Update rtkit was fixed to avoid a TOCTOU race condition that might have allowed local attackers to gain realtime rights they should not have. (CVE-2013-4326) openSUSE 12.2 Update clutter was updatd to fix improper translation of hierarchy events (gnome-shell crash after system resume) (CVE-2013-2190, bnc#843441). openSUSE 12.2 Update libvirt was updated to fix 2 security issues: CVE-2013-4311: Add support for using 3-arg pkcheck syntax for process, which previously could be used for race conditions to gain privileges. CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats openSUSE 12.2 Update Update to Chromium 30.0.1599.66: - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes: + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code + CVE-2013-2909: Use after free in inline-block rendering + CVE-2013-2910: Use-after-free in Web Audio + CVE-2013-2911: Use-after-free in XSLT + CVE-2013-2912: Use-after-free in PPAPI + CVE-2013-2913: Use-after-free in XML document parsing + CVE-2013-2914: Use after free in the Windows color chooser dialog + CVE-2013-2915: Address bar spoofing via a malformed scheme + CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code + CVE-2013-2917: Out of bounds read in Web Audio + CVE-2013-2918: Use-after-free in DOM + CVE-2013-2919: Memory corruption in V8 + CVE-2013-2920: Out of bounds read in URL parsing + CVE-2013-2921: Use-after-free in resource loader + CVE-2013-2922: Use-after-free in template element + CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives + CVE-2013-2924: Use-after-free in ICU. Upstream bug - Add patch chromium-fix-altgrkeys.diff - Make sure that AltGr is treated correctly (issue#296835) - Do not build with system libxml (bnc#825157) - Update to Chromium 31.0.1640.0 * Bug and Stability Fixes - Fix destkop file for chromium by removing extension from icon - Change the methodology for the Chromium packages. Build is now based on an official tarball. As soon as the Beta channel catches up with the current version, Chromium will be based on the Beta channel instead of svn snapshots - Update to 31.0.1632 * Bug and Stability fixes - Added the flag --enable-threaded-compositing to the startup script. This flag seems to be required when hardware acceleration is in use. This prevents websites from locking up on users in certain cases. - Update to 31.0.1627 * Bug and Stability fixes - Update to 31.0.1619 * bug and Stability fixes - require mozilla-nss-devel >= 3.14 and mozilla-nspr-devel >= 4.9.5 - Add patch exclude_ymp.diff to ensure that 1-click-install files are downloaded and NOT opened (bnc#836059) - Update to 31.0.1611 * Bug and stability fixes - Update to 31.0.1605 * Bug and stability fixes - Change the startup script so that Chromium will not start when the chrome_sandbox doesn't have the SETUID. (bnc#779448) - Update to 31.0.1601 * Bug and stability fixes - Update to 30.0.1594 * Bug and stability fixes - Correct specfile to properly own /usr/bin/chromium (bnc#831584) - Chromium now expects the SUID-helper installed in the same directory as chromium. So let's create a symlink to the helper in /usr/lib - Update to 30.0.1587 * Bug and stability fixes - Remove patch chromium-nss-compliant.diff (Upstream) - Update to 30.0.1575 * Bug and stability fixes * Enable the gpu-sandbox again due to upstream fix (chromium#255063) - Update to 30.0.1567 * bug and Stability fixes openSUSE 12.2 Update Some minor stackoverflows in lcms utilities were fixed. (CVE-2013-4276). openSUSE 12.2 Update gpg2 was updated to fix a denial of service attack through infinite recursion in the compressed packet parser [bnc#844175] [CVE-2013-4402]. openSUSE 12.2 Update proftpd was updated to 1.3.4d. * Fixed broken build when using --disable-ipv6 configure option * Fixed mod_sql "SQLAuthType Backend" MySQL issues - fix for bnc#843444 (CVE-2013-4359) * http://bugs.proftpd.org/show_bug.cgi?id=3973 * add proftpd-sftp-kbdint-max-responses-bug3973.patch - Improve systemd service file - use upstream tmpfiles.d file. related to [bnc#811793] - Use /run instead of /var/run - update to 1.3.4c * Added Spanish translation. * Fixed several mod_sftp issues, including SFTPPassPhraseProvider, handling of symlinks for REALPATH requests, and response code logging. * Fixed symlink race for creating directories when UserOwner is in effect. * Increased performance of FTP directory listings. - rebase and rename patches (remove version string) * proftpd-1.3.4a-dist.patch -> proftpd-dist.patch * proftpd-1.3.4a-ftpasswd.patch -> proftpd-ftpasswd.patch * proftpd-1.3.4a-strip.patch -> proftpd-strip.patch - fix proftpd.conf (rebase basic.conf patch) * IdentLookups is now a seperate module <IfModule mod_ident.c> IdentLookups on/off </IfModule> is needed and module is not built cause crrodriguez disabled it. - fix for bnc#787884 (https://bugzilla.novell.com/show_bug.cgi?id=787884) * added extra Source proftpd.conf.tmpfile - Disable ident lookups, this protocol is totally obsolete and dangerous. (add --disable-ident) - Fix debug info generation ( add --disable-strip) - Add systemd unit - update to 1.3.4b + Fixed mod_ldap segfault on login when LDAPUsers with no filters used. + Fixed sporadic SFTP upload issues for large files. + Fixed SSH2 handling for some clients (e.g. OpenVMS). + New FactsOptions directive; see doc/modules/mod_facts.html#FactsOptions + Fixed build errors on Tru64, AIX, Cygwin. - add Source Signatuire (.asc) file - add noBuildDate patch - add lang pkg * --enable-nls - add configure option * --enable-openssl, --with-lastlog openSUSE 12.2 Update spice-gtk received fixes for the acl helper policy kit checks that had a race condition in PID checking. (CVE-2013-4324, bnc#844967). openSUSE 12.2 Update nmap was updated to fix bnc#844953/CVE-2013-4885: There was a vulnerability in one of our 437 NSE scripts. If you ran the (fortunately non-default) http-domino-enum-passwords script with the (fortunately also non-default) domino-enum-passwords.idpath parameter against a malicious server, it could cause an arbitrarily named file to to be written to the client system. openSUSE 12.2 Update A remote attacker could supply a serialized instance of the DiskFileItem class, which would be deserialized on a server and write arbitrary content to any location on the server that is permitted by the user running the application server process. bnc#846174/CVE-2013-2186 openSUSE 12.2 Update libzrtpcpp was updated to fix multiple security issues. openSUSE 12.2 Update ruby19 was updated to fix the following security issues: - fix CVE-2013-2065: Object taint bypassing in DL and Fiddle (bnc#843686) The file CVE-2013-2065.patch contains the patch - fix CVE-2013-4287 CVE-2013-4363: ruby19: Algorithmic complexity vulnerability (bnc#837457) The file CVE-2013-4287-4363.patch contains the patch openSUSE 12.2 Update Fixes the following security issue: - an authenticated X client can cause an X server to use memory after it was freed, potentially leading to crash and/or memory corruption. (CVE-2013-4396, bnc#843652) and the following bug was fixed too: - rfbAuthReenable is accessing rfbClient structure that was in most cases already freed. It actually needs only ScreenPtr, so pass it directly. (bnc#816813) openSUSE 12.2 Update the following security issue was fixed in apache2-mod_fcgid: - fixes a heap overflow identified by CVE-2013-4365 [bnc#844935]. openSUSE 12.2 Update the following security issue was fixed for HPLIP 3.13.10: usage of an insecure polkit DBUS API (fix for bnc#836937 and CVE-2013-4325 that are related to CVE-2013-4288 and bnc#835827). openSUSE 12.2 Update Update to icedtea 2.4.3 (bnc#846999) synchronized OpenJDK 7 support with the upstream u45 b31 fixes the following issues: - S8006900, CVE-2013-3829: Add new date/time capability - S8008589: Better MBean permission validation - S8011071, CVE-2013-5780: Better crypto provider handling - S8011081, CVE-2013-5772: Improve jhat - S8011157, CVE-2013-5814: Improve CORBA portablility - S8012071, CVE-2013-5790: Better Building of Beans - S8012147: Improve tool support - S8012277: CVE-2013-5849: Improve AWT DataFlavor - S8012425, CVE-2013-5802: Transform TransformerFactory - S8013503, CVE-2013-5851: Improve stream factories - S8013506: Better Pack200 data handling - S8013510, CVE-2013-5809: Augment image writing code - S8013514: Improve stability of cmap class - S8013739, CVE-2013-5817: Better LDAP resource management - S8013744, CVE-2013-5783: Better tabling for AWT - S8014085: Better serialization support in JMX classes - S8014093, CVE-2013-5782: Improve parsing of images - S8014098: Better profile validation - S8014102, CVE-2013-5778: Improve image conversion - S8014341, CVE-2013-5803: Better service from Kerberos servers - S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations - S8014530, CVE-2013-5825: Better digital signature processing - S8014534: Better profiling support - S8014987, CVE-2013-5842: Augment serialization handling - S8015614: Update build settings - S8015731: Subject java.security.auth.subject to improvements - S8015743, CVE-2013-5774: Address internet addresses - S8016256: Make finalization final - S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names - S8016675, CVE-2013-5797: Make Javadoc pages more robust - S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately - S8017287, CVE-2013-5829: Better resource disposal - S8017291, CVE-2013-5830: Cast Proxies Aside - S8017298, CVE-2013-4002: Better XML support - S8017300, CVE-2013-5784: Improve Interface Implementation - S8017505, CVE-2013-5820: Better Client Service - S8019292: Better Attribute Value Exceptions - S8019617: Better view of objects - S8020293: JVM crash - S8021275, CVE-2013-5805: Better screening for ScreenMenu - S8021282, CVE-2013-5806: Better recycling of object instances - S8021286: Improve MacOS resourcing - S8021290, CVE-2013-5823: Better signature validation - S8022931, CVE-2013-5800: Enhance Kerberos exceptions - S8022940: Enhance CORBA translations - S8023683: Enhance class file parsing * Backports - S6614237: missing codepage Cp290 at java runtime - S8005932: Java 7 on mac os x only provides text clipboard formats - S8014046: (process) Runtime.exec(String) fails if command contains spaces [win] - S8015144: Performance regression in ICU OpenType Layout library - S8015965: (process) Typo in name of property to allow ambiguous commands - S8015978: Incorrect transformation of XPath expression "string(-0)" - S8016357: Update hotspot diagnostic class - S8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null - S8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes - S8020032: 7u fastdebug doesn't generate fastdebuginfo file - S8020085: Linux ARM build failure for 7u45 - S8020088: Increment minor version of HSx for 7u45 and initialize the build number - S8020551: increment hsx build to b03 for 7u45-b03 - S8020943: Memory leak when GCNotifier uses create_from_platform_dependent_str() - S8021287: Improve MacOS resourcing - S8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris - S8021360: object not exported" on start of JMXConnectorServer for RMI-IIOP protocol with security manager - S8021366: java_util/Properties/PropertiesWithOtherEncodings fails during 7u45 nightly testing - S8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01 - S8021899: Re-adjust fix of # 8020498 in 7u45 after mergeing 7u40 - S8021901: Increment hsx build to b05 for 7u45-b05 - S8021933: Add extra check for fix # JDK-8014530 - S8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log. - S8022066: Evaluation of method reference to signature polymorphic method crashes VM - S8022086: Fixing licence of newly added files - S8022254: Remove incorrect jdk7u45-b05 tag from jdk7u-cpu forest - S8022661: InetAddress.writeObject() performs flush() on object output stream - S8022682: Supporting XOM - S8022808: Kitchensink hangs on macos - S8022856: 7u45 l10n resource file translation update - S8023323: Increment hsx build to b06 for 7u45-b08 - S8023457: Event based tracing framework needs a mutex for thread groups - S8023478: Test fails with HS crash in GCNotifier. - S8023741: Increment hsx 24.45 build to b07 for 7u45-b09 - S8023771: when USER_RELEASE_SUFFIX is set in order to add a string to java -version, build number in the bundles names should not be changed to b00 - S8023888: Increment hsx 24.45 build to b08 for 7u45-b10 - S8023964: java/io/IOException/LastErrorString.java should be @ignore-d - S8024369: Increment build # of hs24.0 to b57 for 7u40-b61 psu - S8024668: api/java_nio/charset/Charset/index.html#Methods JCK-runtime test fails with 7u45 b11 - S8024697: Fix for 8020983 causes Xcheck:jni warnings - S8024863: X11: Support GNOME Shell as mutter - S8024883: (se) SelectableChannel.register throws NPE if fd >= 64k (lnx) - S8025128: File.createTempFile fails if prefix is absolute path - S8025170: jdk7u51 7u-1-prebuild is failing since 9/19 * Bug fixes - PR1400: Menu of maximized AWT window not working in Mate - Update to icedtea 2.4.2 * System LCMS 2 support again enabled by default, requiring 2.5 or above. * OpenJDK - S7122222: GC log is limited to 2G for 32-bit - S7162400: Intermittent java.io.IOException: Bad file number during HotSpotVirtualMachine.executeCommand - S7165807: Non optimized initialization of NSS crypto library leads to scalability issues - S7199324: IPv6: JMXConnectorServer.getConnectionIDs() return IDs contradicting to address grammar - S8001345: VM crashes with assert(n->outcnt() != 0 || C->top() == n || n->is_Proj()) failed: No dead instructions after post-alloc - S8001424: G1: Rename certain G1-specific flags - S8001425: G1: Change the default values for certain G1 specific flags - S8004859: Graphics.getClipBounds/getClip return difference nonequivalent bounds, depending from transform - S8005019: JTable passes row index instead of length when inserts selection interval - S8005194: [parfait] #353 sun/awt/image/jpeg/imageioJPEG.c Memory leak of pointer 'scale' allocated with calloc() - S8006941: [macosx] Deadlock in drag and drop - S8007898: Incorrect optimization of Memory Barriers in Matcher::post_store_load_barrier() - S8009168: accessibility.properties syntax issue - S8009985: [parfait] Uninitialised variable at jdk/src/solaris/native/com/sun/management/UnixOperatingSystem_md.c - S8011064: Some tests have failed with SIGSEGV on arm-hflt on build b82 - S8011569: ARM -- avoid native stack walking - S8011760: assert(delta != 0) failed: dup pointer in MemBaseline::malloc_sort_by_addr - S8012144: multiple SIGSEGVs fails on staxf - S8012156: tools/javac/file/zip/T6865530.java fails for win32/64 - S8012241: NMT huge memory footprint, it usually leads to OOME - S8012366: Fix for 8007815 breaks down when only building OpenJDK (without deploy and install forests) - S8013546: compiler/8011901/Test8011901.java fails with CompilationError: Compilation failed - S8013719: Increment build # of hs23.21 to b02 - S8013791: G1: G1CollectorPolicy::initialize_flags() may set min_alignment > max_alignment - S8014264: The applet pathguy_TimeDead throws java.lang.NullPointerException in java console once click drop-down check box. - S8014312: Fork hs23.25 hsx from hs23.21 for jdk7u25 and reinitialize build number - S8014805: NPE is thrown during certpath validation if certificate does not have AuthorityKeyIdentifier extension - S8014850: Third Party License Readme updates for 7u40 - S8014925: Disable sun.reflect.Reflection.getCallerClass(int) with a temporary switch to re-enable it - S8015237: Parallelize string table scanning during strong root processing - S8015411: Bump the hsx build number for 7u21-b50 for customer - S8015441: runThese crashed with assert(opcode == Op_ConP || opcode == Op_ThreadLocal || opcode == Op_CastX2P ..) failed: sanity - S8015576: CMS: svc agent throws java.lang.RuntimeException: No type named "FreeList" in database - S8015668: overload resolution: performance regression in JDK 7 - S8015884: runThese crashed with SIGSEGV, hs_err has an error instead of stacktrace - S8016074: NMT: assertion failed: assert(thread->thread_state() == from) failed: coming from wrong thread state - S8016102: Increment build # of hs23.25 to b02 for 7u25-b31 psu - S8016131: nsk/sysdict/vm/stress/chain tests crash the VM in 'entry_frame_is_first()' - S8016133: Regression: diff. behavior with user-defined SAXParser - S8016157: During CTW: C2: assert(!def_outside->member(r)) failed: Use of external LRG overlaps the same LRG defined in this block - S8016331: Minor issues in event tracing metadata - S8016648: FEATURE_SECURE_PROCESSING set to true or false causes SAXParseException to be thrown - S8016734: Remove extra code due to duplicated push - S8016737: After clicking on "Print UNCOLLATED" button, the print out come in order 'Page 1', 'Page 2', 'Page 1' - S8016740: assert in GC_locker from PSOldGen::expand with -XX:+PrintGCDetails and Verbose - S8016767: Provide man pages generated from DARB for OpenJDK - S8017070: G1: assert(_card_counts[card_num] <= G1ConcRSHotCardLimit) failed - S8017159: Unexclude sun/tools/JMAP/Basic.sh test - S8017173: XMLCipher with RSA_OAEP Key Transport algorithm can't be instantiated - S8017174: NPE when using Logger.getAnonymousLogger or LogManager.getLogManager().getLogger - S8017189: [macosx] AWT program menu disabled on Mac - S8017252: new hotspot build - hs24-b51 - S8017478: Kitchensink crashed with SIGSEGV in BaselineReporter::diff_callsites - S8017483: G1 tests fail with native OOME on Solaris x86 after HeapBaseMinAddress has been increased - S8017510: Add a regression test for 8005956 - S8017566: Backout 8000450 - Cannot access to com.sun.corba.se.impl.orb.ORBImpl - S8017588: SA: jstack -l throws UnalignedAddressException while attaching to core file for java that was started with CMS GC - S8019155: Update makefiles with correct jfr packages - S8019201: Regression: java.awt.image.ConvolveOp throws java.awt.image.ImagingOpException - S8019236: [macosx] Add javadoc to the handleWindowFocusEvent in CEmbeddedFrame - S8019265: [macosx] apple.laf.useScreenMenuBar regression comparing with jdk6 - S8019298: new hotspot build - hs24-b52 - S8019381: HashMap.isEmpty is non-final, potential issues for get/remove - S8019541: 7u40 l10n resource file translation update - S8019587: [macosx] Possibility to set the same frame for the different screens - S8019625: Test compiler/8005956/PolynomialRoot.java timeouts on Solaris SPARCs - S8019628: [macosx] closed/java/awt/Modal/BlockedMouseInputTest/BlockedMouseInputTest.html failed since 7u40b30 on MacOS - S8019826: Test com/sun/management/HotSpotDiagnosticMXBean/SetVMOption.java fails with NPE - S8019933: new hotspot build - hs24-b53 - S8019979: Replace CheckPackageAccess test with better one from closed repo - S8020038: [macosx] Incorrect usage of invokeLater() and likes in callbacks called via JNI from AppKit thread - S8020054: (tz) Support tzdata2013d - S8020155: PSR:PERF G1 not collecting old regions when humongous allocations interfer - S8020215: Different execution plan when using JIT vs interpreter - S8020228: Restore the translated version of logging_xx.properties - S8020298: [macosx] Incorrect merge in the lwawt code - S8020319: Update Japanese man pages for 7u40 - S8020371: [macosx] applets with Drag and Drop fail with IllegalArgumentException - S8020381: new hotspot build - hs24-b54 - S8020425: Product options incorrectly removed in minor version - S8020430: NullPointerException in xml sqe nightly result on 2013-07-12 - S8020433: Crash when using -XX:+RestoreMXCSROnJNICalls - S8020498: Crash when both libnet.so and libmawt.so are loaded - S8020525: Increment build # of hs23.25 to b03 for 7u25-b34 psu - S8020547: Event based tracing needs a UNICODE string type - S8020625: [TESTBUG] java/util/HashMap/OverrideIsEmpty.java doesn't compile for jdk7u - S8020701: Avoid crashes in WatcherThread - S8020796: new hotspot build - hs24-b55 - S8020811: [macosx] Merge fault 7u25-7u40: Missed focus fix JDK-8012330 - S8020940: Valid OCSP responses are rejected for backdated enquiries - S8020983: OutOfMemoryError caused by non garbage collected JPEGImageWriter Instances - S8021008: Provide java and jcmd man pages for Mac (OpenJDK) - S8021148: Regression in SAXParserImpl in 7u40 b34 (NPE) - S8021353: Event based tracing is missing thread exit - S8021381: JavaFX scene included in Swing JDialog not starting from Web Start - S8021565: new hotspot build - hs24-b56 - S8021771: warning stat64 is deprecated - when building on OSX 10.7.5 - S8021946: Disabling sun.reflect.Reflection.getCallerCaller(int) by default breaks several frameworks and libraries - S8022548: SPECJVM2008 has errors introduced in 7u40-b34 - S8023751: Need to backout 8020943, was pushed to hs24 without approval - S8024914: Swapped usage of idx_t and bm_word_t types in bitMap.inline.hpp * New features - RH991170: java does not use correct kerberos credential cache - PR1536: Allow use of system Kerberos to obtain cache location - PR1551: Add build support for Zero AArch64 - PR1552: Add -D_LITTLE_ENDIAN for ARM architectures. - PR1553: Add Debian AArch64 support - PR1554: Fix build on Mac OS X * Bug fixes - RH661505: JPEGs with sRGB IEC61966-2.1 color profiles have wrong colors - RH995488: Java thinks that the default timezone is Busingen instead of Zurich - Cleanup file resources properly in TimeZone_md. - PR1410: Icedtea 2.3.9 fails to build using icedtea 1.12.4 - G477456: emerge fails on pax system: java attempts RWX map, paxctl -m missing - G478484: patches/boot/ecj-diamond.patch FAILED - Fix Zero following changes to entry_frame_call_wrapper in 8016131 - Set ZERO_BUILD in flags.make so it is set on rebuilds - Cast should use same type as GCDrainStackTargetSize (uintx). - Add casts to fix build on S390 * JamVM - JSR292: Invoke Dynamic - sun.misc.Unsafe: additional methods get/putAddress: allows JamVM with OpenJDK 7/8 to run recent versions of JEdit. - FreeClassData: adjust method count for Miranda methods * Patches changes (mostly sync with Fedora) * removed java-1.7.0-openjdk-arm-fixes.patch, fixed upstream * removed java-1.7.0-openjdk-fork.patch, fixed upstream * renamed java-1.7.0-openjdk-bitmap.patch to zero-s8024914.patch * renamed java-1.7.0-openjdk-size_t.patch to zero-size_t.patch * added PStack-808293.patch * added RH661505-toBeReverted.patch * added abrt_friendly_hs_log_jdk7.patch * added gstackbounds.patch * added java-1.7.0-openjdk-freetype-check-fix.patch * added pulse-soundproperties.patch * added rhino.patch * added zero-entry_frame_call_wrapper.patch * added zero-gcdrainstacktargetsize.patch * added zero-zero_build.patch openSUSE 12.2 Update Empty. openSUSE 12.2 Update This update disables compression in openssl by default, as the varying sizes resulting from compression can be used to retrieve plaintext in various cases. (CRIME attack CVE-2012-4929). This update introduces a environment variable OPENSSL_NO_DEFAULT_ZLIB which can be set to "no" to reenable compression in selected services. openSUSE 12.2 Update Xen was updated to 4.1.6 c/s 23588 to fix various bugs and security issues. Following changes are listed: - Comment out the -include directive in Config.mk as the build service build seems to error out not finding '.config' xen-config.diff - bnc#845520 - CVE-2013-4416: xen: ocaml xenstored mishandles oversized message replies - Improvements to block-dmmd script bnc#828623 - bnc#840196 - MTU size on Dom0 gets reset when booting DomU with e1000 device - bnc#840592 - CVE-2013-4355: XSA-63: xen: Information leaks through I/O instruction emulation - bnc#841766 - CVE-2013-4361: XSA-66: xen: Information leak through fbld instruction emulation - bnc#842511 - CVE-2013-4368: XSA-67: xen: Information leak through outs instruction emulation - xen/27397-ACPI-fix-acpi_os_map_memory.patch: address regression - bnc#839596 - CVE-2013-1442: XSA-62: xen: Information leak on AVX and/or LWP capable CPUs - bnc#833251 - In HP’s UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic. - bnc#833796 - Xen: migration broken from xsave-capable to xsave-incapable host - bnc#834751 - In xen, “shutdown –y 0 –h” cannot power off system - bnc#833251 - In HP’s UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic. - bnc#839600 - In HP’s UEFI x86_64 platform and sles11sp3 with xen environment, xen hypervisor will panic on multiple blades nPar. openSUSE 12.2 Update MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates Changes in MozillaThunderbird: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates - update to Thunderbird 24.0.1 * fqdn for smtp server name was not accepted (bmo#913785) * fixed crash in PL_strncasecmp (bmo#917955) - update Enigmail to 1.6 * The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent. * New dialog to change the expiry date of keys * New function to search for the OpenPGP keys of all Address Book entries on a keyserver * removed obsolete enigmail-build.patch Changes in xulrunner: - update to 17.0.10esr (bnc#847708) * require NSS 3.14.4 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers - update to 17.0.9esr (bnc#840485) * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-76/CVE-2013-1718 Miscellaneous memory safety hazards * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object Changes in mozilla-nspr: - update to version 4.10.1 * bmo#888273: RWIN Scaling (RFC1323) limited to 2 on Windows 7 and 8 (Windows only) * bmo#907512: Unix platforms shouldn't mask errors specific to Unix domain sockets openSUSE 12.2 Update update to 0.13.1 fixes the following security issue: NUL byte handling in subjectAltName (bnc#839107, CVE-2013-4314) CVE-2013-4314 openSUSE 12.2 Update The following security issues were fixed: - Applied upstream patch changing to use a constant time memcmp when comparing HMACs in openvpn_decrypt to address ciphertext injection in UDP mode (CVE-2013-2061, bnc#843509). [0006-openvpn-2.0.9-HMAC-memcmp-CVE-2013-2061_bnc843509.patch] Changes in openvpn: - Applied upstream patch changing to use a constant time memcmp when comparing HMACs in openvpn_decrypt to address ciphertext injection in UDP mode (CVE-2013-2061, bnc#843509). [0006-openvpn-2.0.9-HMAC-memcmp-CVE-2013-2061_bnc843509.patch] openSUSE 12.2 Update - update to SeaMonkey 2.22 (bnc#847708) * rebased patches * requires NSS 3.15.2 or higher * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates openSUSE 12.2 Update This update fixes the following security issue with varnish: - bnc#848451, CVE-2013-4484: fixed denial of service flaw in certain GET requests when using certain configurations in Varnish Cache handling openSUSE 12.2 Update security issue fixed in apache2-mod_fcgid: loop counter handled incorrectly, leading to SEGV and "Premature end of script headers" errors. [bnc#844935] CVE-2013-4365 This patch will be obsoleted by the next version update (to 2.3.9 or higher). openSUSE 12.2 Update the following security issues were fixed in wireshark: * The IEEE 802.15.4 dissector could crash wnpa-sec-2013-61 CVE-2013-6336 * The NBAP dissector could crash wnpa-sec-2013-62 CVE-2013-6337 * The SIP dissector could crash wnpa-sec-2013-63 CVE-2013-6338 * The OpenWire dissector could go into a large loop wnpa-sec-2013-64 CVE-2013-6339 * The TCP dissector could crash wnpa-sec-2013-65 CVE-2013-6340 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html openSUSE 12.2 Update - update to 5.0.26 [bnc#848594] * Added the .cf TLD server. * Updated the .bi TLD server. * Added a new ASN allocation. - includes changes from 5.0.25 * Added the .ax, .bn, .iq, .pw and .rw TLD servers. * Updated one or more translations. - includes updates changes 5.0.24: * Merged documentation fixes and the whois.conf(5) man page * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.23 * whois.nic.or.kr switched from EUC-KR to UTF-8. - includes changes from 5.0.22 * Fixed cross-compiling - includes changes from 5.0.21 * Fixed parsing of 6to4 addresses * Added the .xn--j1amh (.??????, Ukraine) TLD server. * Updated the .bi, .se and .vn TLD servers. * Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken. * Updated some disclaimer suppression strings. * Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling. - includes changes form 5.0.20 * Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers. * Added the .bw, .td, .xn--mgb9awbf (????????., Oman), .xn--mgberp4a5d4ar (.????????????????, Saudi Arabia) and .xn--mgbx4cd0ab (??????????????????., Malaysia) TLD servers. * Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (??????????., Iran) TLD servers. - includes changes from 5.0.19 * Added the .post TLD server. * Updated the .co.za SLD servers. * Added the .alt.za, .net.za and .web.za SLD servers. * whois.ua changed (?) the encoding to utf-8. * Fixed the parsing of 6to4 addresses like whois 2002:xxxx::. - includes changes from 5.0.18 * Updated the .ae and .xn--mgbaam7a8h (.????????????, United Arabs Emirates) TLDs. * Updated the server charset table for .fr and .it. - includes changes from whois 5.0.17 * Updated the .bi, .fo, .gr and .gt TLD servers. * Removed support for recursion of .org queries, it has been a thick registry since 2005. - includes changes from 5.0.16 * Added the .xn--80ao21a (.??????, Kazakhstan) TLD server. * Updated the .ec and .ee TLD servers. * Removed the .xn--mgbc0a9azcg (.????????????, Morocco) and .xn--mgberp4a5d4ar (.????????????????, Saudi Arabia) TLD servers. * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.15 * Added the .xn--mgba3a4f16a (??????????., Iran) TLD server. * Updated the .pe TLD server, this time for real. * Updated one or more translations. - includes changes from 5.0.14 * Added the .sx TLD server. * Updated the .pe TLD server. - includes changes from 5.0.13 * Updated the .hr TLD server. * Improved the package description * Updated the FSF address in licenses. - includes changes from 5.0.12 * Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE). * Add the "+" flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the "a" and "n" flags. No thanks to ARIN for breaking every whois client. * Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.??????, Korea), .xn--45brj9c (.????????????, India, Bengali), .xn--90a3ac (.??????, Serbia), .xn--clchc0ea0b2g2a9gcd (.?????????????????????????????????, Singapore, Tamil), .xn--fpcrj9c3d (.???????????????, India, Telugu), .xn--fzc2c9e2c (.????????????, Sri Lanka, Sinhala), .xn--gecrj9c (.????????????, India, Gujarati), .xn--h2brj9c (.????????????, India, Hindi), .xn--lgbbat1ad8j (.??????????????, Algeria), .xn--mgbayh7gpa (.????????????, Jordan), .xn--mgbbh1a71e (.??????????, India, Urdu), .xn--mgbc0a9azcg (.????????????, Morocco), .xn--ogbpf8fl (.??????????, Syria), .xn--s9brj9c (.????????????, India, Punjabi), .xn--xkc2al3hye2a (.??????????????????, Sri Lanka, Tamil), .xn--wgbl6a (.??????, Qatar), .xn--xkc2dl3a5ee0h (.?????????????????????, India, Tamil), .xn--yfro4i67o (.?????????, Singapore, Chinese) and .xxx TLD servers. (Closes: #642424), * Added the .priv.at pseudo-SLD server. * Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478) * Added a new ASN allocation. * Fixed a typo and -t syntax in whois(1). (Closes: #614973, #632588) * Made whois return an error in some cases, code contributed by David Souther. * Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE. * mkpasswd: stop rejecting non-ASCII characters. * mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483. * mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default. * mkpasswd: removed support for 2 and {SHA}, which actually are not supported by FreeBSD and libxcrypt. - packaging changes * removed patches accepted upstream: whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-prefix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfish-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.diff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff * removed patches no longer required: whois-5.0.11-mkpasswd-fix-compiler-warnings.diff * updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch * verify source signatures - crypt_gensalt moved to separate library libowcrypt (fate#314945) - update to 5.0.26 [bnc#848594] * Added the .cf TLD server. * Updated the .bi TLD server. * Added a new ASN allocation. - includes changes from 5.0.25 * Added the .ax, .bn, .iq, .pw and .rw TLD servers. * Updated one or more translations. - includes updates changes 5.0.24: * Merged documentation fixes and the whois.conf(5) man page * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.23 * whois.nic.or.kr switched from EUC-KR to UTF-8. - includes changes from 5.0.22 * Fixed cross-compiling - includes changes from 5.0.21 * Fixed parsing of 6to4 addresses * Added the .xn--j1amh (.??????, Ukraine) TLD server. * Updated the .bi, .se and .vn TLD servers. * Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken. * Updated some disclaimer suppression strings. * Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling. - includes changes form 5.0.20 * Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers. * Added the .bw, .td, .xn--mgb9awbf (????????., Oman), .xn--mgberp4a5d4ar (.????????????????, Saudi Arabia) and .xn--mgbx4cd0ab (??????????????????., Malaysia) TLD servers. * Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (??????????., Iran) TLD servers. - includes changes from 5.0.19 * Added the .post TLD server. * Updated the .co.za SLD servers. * Added the .alt.za, .net.za and .web.za SLD servers. * whois.ua changed (?) the encoding to utf-8. * Fixed the parsing of 6to4 addresses like whois 2002:xxxx::. - includes changes from 5.0.18 * Updated the .ae and .xn--mgbaam7a8h (.????????????, United Arabs Emirates) TLDs. * Updated the server charset table for .fr and .it. - includes changes from whois 5.0.17 * Updated the .bi, .fo, .gr and .gt TLD servers. * Removed support for recursion of .org queries, it has been a thick registry since 2005. - includes changes from 5.0.16 * Added the .xn--80ao21a (.??????, Kazakhstan) TLD server. * Updated the .ec and .ee TLD servers. * Removed the .xn--mgbc0a9azcg (.????????????, Morocco) and .xn--mgberp4a5d4ar (.????????????????, Saudi Arabia) TLD servers. * Added a new ASN allocation. * Updated one or more translations. - includes changes from 5.0.15 * Added the .xn--mgba3a4f16a (??????????., Iran) TLD server. * Updated the .pe TLD server, this time for real. * Updated one or more translations. - includes changes from 5.0.14 * Added the .sx TLD server. * Updated the .pe TLD server. - includes changes from 5.0.13 * Updated the .hr TLD server. * Improved the package description * Updated the FSF address in licenses. - includes changes from 5.0.12 * Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE). * Add the "+" flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the "a" and "n" flags. No thanks to ARIN for breaking every whois client. * Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.??????, Korea), .xn--45brj9c (.????????????, India, Bengali), .xn--90a3ac (.??????, Serbia), .xn--clchc0ea0b2g2a9gcd (.?????????????????????????????????, Singapore, Tamil), .xn--fpcrj9c3d (.???????????????, India, Telugu), .xn--fzc2c9e2c (.????????????, Sri Lanka, Sinhala), .xn--gecrj9c (.????????????, India, Gujarati), .xn--h2brj9c (.????????????, India, Hindi), .xn--lgbbat1ad8j (.??????????????, Algeria), .xn--mgbayh7gpa (.????????????, Jordan), .xn--mgbbh1a71e (.??????????, India, Urdu), .xn--mgbc0a9azcg (.????????????, Morocco), .xn--ogbpf8fl (.??????????, Syria), .xn--s9brj9c (.????????????, India, Punjabi), .xn--xkc2al3hye2a (.??????????????????, Sri Lanka, Tamil), .xn--wgbl6a (.??????, Qatar), .xn--xkc2dl3a5ee0h (.?????????????????????, India, Tamil), .xn--yfro4i67o (.?????????, Singapore, Chinese) and .xxx TLD servers. (Closes: #642424), * Added the .priv.at pseudo-SLD server. * Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478) * Added a new ASN allocation. * Fixed a typo and -t syntax in whois(1). (Closes: #614973, #632588) * Made whois return an error in some cases, code contributed by David Souther. * Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE. * mkpasswd: stop rejecting non-ASCII characters. * mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483. * mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default. * mkpasswd: removed support for 2 and {SHA}, which actually are not supported by FreeBSD and libxcrypt. - packaging changes * removed patches accepted upstream: whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-prefix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfish-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.diff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff * removed patches no longer required: whois-5.0.11-mkpasswd-fix-compiler-warnings.diff * updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch * verify source signatures - crypt_gensalt moved to separate library libowcrypt (fate#314945) openSUSE 12.2 Update Chromium was updated to 30.0.1599.114: Stable Channel update: fix build for 32bit systems - Update to Chromium 30.0.1599.101 - Security Fixes: + CVE-2013-2925: Use after free in XHR + CVE-2013-2926: Use after free in editing + CVE-2013-2927: Use after free in forms. + CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives. openSUSE 12.2 Update the following security issues were fixed in samba: - ACLs are not checked on opening an alternate data stream on a file or directory; CVE-2013-4475; (bso#10229); (bnc#848101). - Fix memleak in reload_printers_full(); (bso#9993). - Valid utf8 filenames cause "invalid conversion error" messages; (bso#10139). - s3: smb2 breaks "smb encryption = mandatory"; (bso#10167). - Missing talloc_free can leak stackframe in error path; (bso#10187). - Offline logon cache not updating for cross child domain group membership; (bso#10194). - The preceding bugs are tracked by (bnc#849226) too. - Make Samba work on site with Read Only Domain Controller; (bso#5917). - Give machine password changes 10 minutes of time; (bso#8955). - NetrServerPasswordSet2 timeout is too short; (bso#8955). - Fix fallback to ncacn_np in cm_connect_lsat(); (bso#9615); (bso#9899). - s3-winbind: Do not delete an existing valid credential cache; (bso#9994). - 'net ads join': Fix segmentation fault in create_local_private_krb5_conf_for_domain; (bso#10073). - Fix variable list in man vfs_crossrename; (bso#10076). - MacOSX 10.9 will not follow path-based DFS referrals handed out by Samba; (bso#10097). - Honour output buffer length set by the client for SMB2 GetInfo requests; (bso#10106). - Handle Dropbox (write-only-directory) case correctly in pathname lookup; (bso#10114). - Fix 'smbstatus' as non-root user; (bso#10127). - The preceding bugs are tracked by (bnc#849226) too. - Windows 8 Roaming profiles fail; (bso#9678). - Linux kernel oplock breaks can miss signals; (bso#10064). - The preceding bugs are tracked by (bnc#849226) too. - Verify source tar ball gpg signature. - Store and return the correct spoolss jobid in notifications; (bnc#838472). - Reload snums before processing the printer list. (bnc#817880). openSUSE 12.2 Update This update fixes the following security issue with krb5: - bnc#849240, CVE-2013-1418: fix Multi-realm KDC null deref openSUSE 12.2 Update the following security issues were fixed in mozilla-nss and mozilla nspr: - mozilla-nss: + update to 3.15.3 (bnc#850148) * CERT_VerifyCert returns SECSuccess (saying certificate is good) even for bad certificates, when the CERTVerifyLog log parameter is given (bmo#910438) * NSS advertises TLS 1.2 ciphersuites in a TLS 1.1 ClientHello (bmo#919677) * fix CVE-2013-5605 - mozilla-nspr: + update to version 4.10.2 relevant changes: * bmo#770534: possible pointer overflow in PL_ArenaAllocate() * bmo#888546: ptio.c:PR_ImportUDPSocket doesn't work openSUSE 12.2 Update Chromium was updated to 31.0.1650.57: Stable channel update: - Security Fixes: * CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 (bnc#850430) Stable Channel update: - Security fixes: * CVE-2013-6621: Use after free related to speech input elements.. * CVE-2013-6622: Use after free related to media elements. * CVE-2013-6623: Out of bounds read in SVG. * CVE-2013-6624: Use after free related to “id” attribute strings. * CVE-2013-6625: Use after free in DOM ranges. * CVE-2013-6626: Address bar spoofing related to interstitial warnings. * CVE-2013-6627: Out of bounds read in HTTP parsing. * CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. * CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives. * CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. * CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. * CVE-2013-6631: Use after free in libjingle. - Added patch chromium-fix-chromedriver-build.diff to fix the chromedriver build openSUSE 12.2 Update librsvg was updated to fix a denial a XML External Entity Inclusion problem, where files on the system could be imported into the SVG. (CVE-2013-1881) openSUSE 12.2 Update The nginx webserver was fixed to avoid a restriction bypass when a space in not correctly escaped. (CVE-2013-4547) openSUSE 12.2 Update This update fixes the following issues with subversion: - bnc#850747: update to 1.7.14 * CVE-2013-4505: mod_dontdothat does not restrict requests from serf clients. * CVE-2013-4558: mod_dav_svn assertion triggered by autoversioning commits. + Client- and server-side bugfixes: * fix assertion on urls of the form 'file://./' + Client-side bugfixes: * upgrade: fix an assertion when used with pre-1.3 wcs * fix externals that point at redirected locations * diff: fix incorrect calculation of changes in some cases * diff: fix errors with added/deleted targets + Server-side bugfixes: * mod_dav_svn: Prevent crashes with some 3rd party modules * fix OOM on concurrent requests at threaded server start * fsfs: limit commit time of files with deep change histories * mod_dav_svn: canonicalize paths properly + Other tool improvements and bugfixes: * mod_dontdothat: Fix the uri parser + Developer-visible changes: * javahl: canonicalize path for streamFileContent method + require python-sqlite when running regression tests openSUSE 12.2 Update The following security issue was fixed in ruby19: openSUSE 12.2 Update This update fixes the following security issues with curl: - fix CVE-2013-4545 (bnc#849596) = acknowledge VERIFYHOST without VERIFYPEER openSUSE 12.2 Update This update fixes the following security issue with nodejs: - fix CVE-2013-4450: nodejs: HTTP Pipelining DoS (bnc#846808) CVE-2013-4450-v0.10.x.patch: contains the fix openSUSE 12.2 Update This update fixes the following security issue with thttpd: - fix CVE-2013-0348 (bnc#853381) * don't create a world readable logfile openSUSE 12.2 Update The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. * distrust: AC DG Tresor SSL (bnc#854367) * new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing * new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server auth, code signing, email signing * new: China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt server auth * changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt removed code signing and server auth abilities * changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt removed code signing and server auth abilities * new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth * new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth * removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt * new: PSCProcert:2.1.11.crt server auth, code signing, email signing * new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt server auth, code signing, email signing * new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt server auth, code signing * changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt removed all abilities * new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt server auth, code signing * changed: TWCA_Root_Certification_Authority:2.1.1.crt added code signing ability openSUSE 12.2 Update - Update to Chromium 31.0.1650.63 Stable channel update: - Security fixes: * CVE-2013-6634: Session fixation in sync related to 302 redirects * CVE-2013-6635: Use-after-free in editing * CVE-2013-6636: Address bar spoofing related to modal dialogs * CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives. * CVE-2013-6638: Buffer overflow in v8 * CVE-2013-6639: Out of bounds write in v8. * CVE-2013-6640: Out of bounds read in v8 * and 12 other security fixes. - Remove the build flags to build according to the Chrome ffmpeg branding and the proprietary codecs. (bnc#847971) openSUSE 12.2 Update - fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS (bnc#853632). File CVE-2013-6415.patch contains the patch. openSUSE 12.2 Update - fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS (bnc#853625). File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS (bnc#853633). File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS (bnc#853632). File CVE-2013-6415.patch contains the patch. - fix CVE-2013-6417: rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) (bnc#853627). File CVE-2013-6417.patch contains the patch. openSUSE 12.2 Update - update to Firefox 26.0 (bnc#854367, bnc#854370) * rebased patches * requires NSPR 4.10.2 and NSS 3.15.3.1 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-105/CVE-2013-5611 (bmo#771294) Application Installation doorhanger persists on navigation * MFSA 2013-106/CVE-2013-5612 (bmo#871161) Character encoding cross-origin XSS attack * MFSA 2013-107/CVE-2013-5614 (bmo#886262) Sandbox restrictions not applied to nested object elements * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-110/CVE-2013-5619 (bmo#917841) Potential overflow in JavaScript binary search algorithms * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-112/CVE-2013-6672 (bmo#894736) Linux clipboard information disclosure though selection paste * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) - removed gecko.js preference file as GStreamer is enabled by default now openSUSE 12.2 Update - update to Thunderbird 24.2.0 (bnc#854370) * requires NSS 3.15.3.1 or higher * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) - update to Thunderbird 24.1.1 * requires NSPR 4.10.2 and NSS 3.15.3 for security reasons * fix binary compatibility issues for patch level updates (bmo#927073) openSUSE 12.2 Update - added cve-2013-4508.patch and cve-2013-4508-regression-bug729480.patch: (bnc#849059) When defining an ssl.cipher-list, it works for the 'default' HTTPS setup ($SERVER["socket"] 443 block), but when you utilize SNI ($HTTP["host"] blocks within the $SERVER["socket"] block) the ssl.cipher-list seems to not inherit into the host blocks and instead will default to include all of the available openssl ciphers (except SSL v2/v3 based if those are disabled) - added cve-2013-4559.patch (bnc#850468) check success of setuid,setgid,setgroups - added cve-2013-4560.patch (bnc#850469) FAM: fix use after free - added cve-2013-4508.patch and cve-2013-4508-regression-bug729480.patch: (bnc#849059) When defining an ssl.cipher-list, it works for the 'default' HTTPS setup ($SERVER["socket"] 443 block), but when you utilize SNI ($HTTP["host"] blocks within the $SERVER["socket"] block) the ssl.cipher-list seems to not inherit into the host blocks and instead will default to include all of the available openssl ciphers (except SSL v2/v3 based if those are disabled) - added cve-2013-4559.patch (bnc#850468) check success of setuid,setgid,setgroups - added cve-2013-4560.patch (bnc#850469) FAM: fix use after free - added cve-2013-4508.patch and cve-2013-4508-regression-bug729480.patch: (bnc#849059) When defining an ssl.cipher-list, it works for the 'default' HTTPS setup ($SERVER["socket"] 443 block), but when you utilize SNI ($HTTP["host"] blocks within the $SERVER["socket"] block) the ssl.cipher-list seems to not inherit into the host blocks and instead will default to include all of the available openssl ciphers (except SSL v2/v3 based if those are disabled) - added cve-2013-4559.patch (bnc#850468) check success of setuid,setgid,setgroups - added cve-2013-4560.patch (bnc#850469) FAM: fix use after free openSUSE 12.2 Update This update fixes the following security issue with mozilla-nss: - update to 3.15.3.1 (bnc#854367) * includes certstore update (1.95) (bmo#946351) (explicitely distrust AC DG Tresor SSL) - adapt specfile to ppc64le openSUSE 12.2 Update This update fixes the following security issue with rubygem-i18n: - fix bnc#854166: CVE-2013-4492: rubygem-i18n: missing translation XSS. File CVE-2013-4492.patch.i18n.0.6.x contains the fix. openSUSE 12.2 Update This update fixes the following security issue with openttd: - add patch 60.patch: Aircraft crashing near the map's border due to a lack of airports could trigger a crash [CVE-2013-6411] [FS#5820] (bnc#853041) openSUSE 12.2 Update This update fixes the following security issues with rubygem-activesupport-3_2: - fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS vulnerability in the log subscriber component (bnc#846239) File CVE-2013-4389.patch contains the fix. openSUSE 12.2 Update This update fixes the following security issue with rubygem-actionmailer-3_2: - fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS vulnerability in the log subscriber component (bnc#846239) File CVE-2013-4389.patch contains the fix. openSUSE 12.2 Update This update fixes the following security issues with rubygem-actionpack-3_2: - fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS vulnerability in the log subscriber component (bnc#846239) File CVE-2013-4389.patch contains the fix. - fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS (bnc#853625). File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS (bnc#853633). File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: number_to_currency XSS (bnc#853632). File CVE-2013-6415.patch contains the patch. - fix CVE-2013-6417: rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) (bnc#853627). File CVE-2013-6417.patch contains the patch. openSUSE 12.2 Update This update fixes the following security issues with SeaMonkey: - update to SeaMonkey 2.23 (bnc#854370)) * requires NSPR 4.10.2 and NSS 3.15.3.1 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-105/CVE-2013-5611 (bmo#771294) Application Installation doorhanger persists on navigation * MFSA 2013-106/CVE-2013-5612 (bmo#871161) Character encoding cross-origin XSS attack * MFSA 2013-107/CVE-2013-5614 (bmo#886262) Sandbox restrictions not applied to nested object elements * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-110/CVE-2013-5619 (bmo#917841) Potential overflow in JavaScript binary search algorithms * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-112/CVE-2013-6672 (bmo#894736) Linux clipboard information disclosure though selection paste * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) - rebased patches: * mozilla-nongnome-proxies.patch * mozilla-shared-nss-db.patch openSUSE 12.2 Update - Update spec-file to fit the changes in V8 (addition of internal ICU) * Building against system ICU * Regenerate Makefiles before using them - Update to 3.22.24.8 - Security fixes (bnc#854473): * CVE-2013-6638: Buffer overflow in v8 * CVE-2013-6639: Out of bounds write in v8 * CVE-2013-6640: Out of bounds read in v8 openSUSE 12.2 Update Fixed CVE-2013-3709: make the secret token file (secret_token.rb) readable only for the webyast user to avoid forging the session cookie (bnc#851116) (reported by joernchen of Phenoelit) openSUSE 12.2 Update - security update * CVE-2013-6420.patch [bnc#854880] * CVE-2013-6712.patch [bnc#853045] * CVE-2013-4248.patch [bnc#837746] openSUSE 12.2 Update - openSUSE 12.2 and 12.3: update to 1.8.12 [bnc#855980] + vulnerabilities fixed: * The SIP dissector could go into an infinite loop. wnpa-sec-2013-66 CVE-2013-7112 * The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. wnpa-sec-2013-68 CVE-2013-7114 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html - openSUSE 13.1: update to 1.10.4 [bnc#855980] + vulnerabilities fixed: * The SIP dissector could go into an infinite loop. wnpa-sec-2013-66 CVE-2013-7112 * The BSSGP dissector could crash. wnpa-sec-2013-67 CVE-2013-7113 * The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. wnpa-sec-2013-68 CVE-2013-7114 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.4.html openSUSE 12.2 Update The X server was updated to fix a possible X server crash using invalid trapezoids. (bnc#853846 CVE-2013-6424) openSUSE 12.2 Update - Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.patch for bnc#853824. Fixes an integer underflow bug which can cause a crash. openSUSE 12.2 Update - Fixed bnc#856687, openssl: crash when using TLS 1.2 Add file: CVE-2013-6449.patch - compression_methods_switch.patch: setenv might not be successful if a surrounding library or application filters it, like e.g. sudo. As setenv() does not seem to be useful anyway, remove it. bnc#849377 openSUSE 12.2 Update nagios was updated to fix a possible denial of service in CGI executables. openSUSE 12.2 Update This update of openssl fixes several security issues. - Fixed bnc#857203, openssl: crash in DTLS renegotiation after packet loss Add file: CVE-2013-6450.patch - Fixed bnc#856687, openssl: crash when using TLS 1.2 Add file: CVE-2013-6449.patch openSUSE 12.2 Update - add lightdm-gtk-greeter-handle-invalid-user.patch in order to fix a NULL pointer dereference after authentication of an invalid username has failed (bnc#857303, CVE-2014-0979) - add lightdm-gtk-greeter-invalid-last_session.patch fix segfault when last_session is an invalid session (lp#1161883) - add lightdm-gtk-greeter-fix-login.patch in order to fix login/unlock detection openSUSE 12.2 Update - Fixed bnc#857640, openssl: TLS record tampering issue can lead to OpenSSL crash Add file: CVE-2013-4353.patch openSUSE 12.2 Update - Fixes XML Entity Expansion Denial of Service (bnc#856832, CVE-2013-4549) * add backported patch libqt4-disallow-deep-or-widely-nested-entity-references.patch * add backported patch libqt4-fully-expand-all-entities.patch openSUSE 12.2 Update - U_CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch * unlimited sscanf overflows stack buffer in bdfReadCharacters() (CVE-2013-6462, bnc#854915) openSUSE 12.2 Update - Add gnumeric-CVE-2013-6836.patch: fix Heap-buffer-overflow in ms_escher_get_data on a fuzzed xls file (bnc#856254, bgo#712772, CVE-2013-6838). openSUSE 12.2 Update Hardening: - cups-0002-systemd-listen-only-on-localhost-for-socket-activation.patch fixes the systemd cups.socket file so that systemd listens only on localhost (bnc#857372). openSUSE 12.2 Update - Update to version 0.9.1: + Almanah doesn't encrypt the database when the application close (bgo#695117, bnc#809140, CVE-2013-1853). openSUSE 12.2 Update - fix-CVE-2013-6402.dif fixes hardcoded file name /tmp/hp-pkservice.log in pkit.py (bnc#852368). - disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for security reasons (bnc#853405). To upgrade HPLIP an openSUSE software package manager like YaST or zypper should be used. (CVE-2013-6427) openSUSE 12.2 Update Multiple version upgrades for rails components. openSUSE 12.2 Update Fix buffer overflow in MS Word ODF filter among other non-security related bugs. Also a version update to 2.4.3 happened: * Words: - Always show vertical scroll bar to avoid race condition (kde#301076) - Do not save with an attribue that makes LibreOffice and OpenOffice crash (kde#298689 ) * Kexi: - Fixed import from csv when “Start at Line” value changed (kde#302209) - Set limit to 255 characters for Text type (VARCHAR) (kde#301277 and 301136) + - Remove limits for Text data type, leave as option (kde#301277) - Fixed data saving when focus policy for one of widgets is NoFocus (kde#301109) * Krita: - Read and set the resolution for psd images * Charts: - Fix load/save styles of all shapes (title,subtitle,axistitles,footer,etc.) - Lines in the chart should be displayed (kde#271771) - Combined Bar and Line Charts only show bars (Trendlines not supported) (kde#288537) - Load/save chart type for each dataset (kde#271771 and 288537) openSUSE 12.2 Update Update to pcp-3.6.5. + Fixes for security advisory CVE-2012-3418; (bnc#775009). + Workaround for security advisory CVE-2012-3419; (bnc#775010). + Fixes for security advisory CVE-2012-3420; (bnc#775011). + Fixes for security advisory CVE-2012-3421; (bnc#775013). openSUSE 12.2 Update Wireshark was updated to 1.8.2: * The DCP ETSI dissector could trigger a zero division. (wnpa-sec-2012-13 CVE-2012-4285) * The MongoDB dissector could go into a large loop. (wnpa-sec-2012-14 CVE-2012-4287) * The XTP dissector could go into an infinite loop. (wnpa-sec-2012-15 CVE-2012-4288) * The ERF dissector could overflow a buffer. (wnpa-sec-2012-16 CVE-2012-4294 CVE-2012-4295) * The AFP dissector could go into a large loop. (wnpa-sec-2012-17 CVE-2012-4289) * The RTPS2 dissector could overflow a buffer. (wnpa-sec-2012-18 CVE-2012-4296) * The GSM RLC MAC dissector could overflow a buffer. (wnpa-sec-2012-19 CVE-2012-4297) * The CIP dissector could exhaust system memory. (wnpa-sec-2012-20 CVE-2012-4291) * The STUN dissector could crash. (wnpa-sec-2012-21 CVE-2012-4292) * The EtherCAT Mailbox dissector could abort. (wnpa-sec-2012-22 CVE-2012-4293) * The CTDB dissector could go into a large loop. (wnpa-sec-2012-23 CVE-2012-4290) * The pcap-ng file parser could trigger a zero division. (wnpa-sec-2012-24 CVE-2012-4286) * The Ixia IxVeriWave file parser could overflow a buffer. (wnpa-sec-2012-25 CVE-2012-4298) Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html openSUSE 12.2 Update openttd was updated to 1.2.2 - many bugfixes including: Fix: In some cases ships could be covered with land [FS#5254] (CVE-2012-3436, bnc#775023) openSUSE 12.2 Update The nut upsd is prone to multiple flaws that allow remote attackers to cause a denial of service (application crash) by sending unexpected data. openSUSE 12.2 Update This update fixes the following issues for icinga and nagios-rpm-macros: icinga: - reverted icinga home directory change - added missing dependency to the new recurring downtimes plugin - added a new package which provides the recurring downtimes scripts from contrib http://docs.icinga.org/latest/en/recurring_downtimes.html - updated the icinga user home directory - /var/lib/icinga is not needed anymore - imported upstream version 1.7.1 * core: use prefix in solaris service definition #2609 - TD/CF * core: fix various memory leaks in downtime eventhandling on SIGHUP (Carlos Velasco) #2666 - MF * classic ui: Fixed status.cgi time out when displaying hostgroups in large environments #2617 - RB * classic ui: Fixed Invalid JSON output for hostgroup overview (Torsten Rehn) #2680 - RB * classic ui: Fixed Confusing use of display_name in JSON and CSV output (Torsten Rehn) #2681 - RB * classic ui: Fixed wrong totals in "Service Status Summary" on Status Summary page (Mark Ziesemer) #2689 - RB * idoutils: fix small compiler issues #2620 - TD/CF * idoutils: fix upgradedb script typos and past changes #2682 - MF * config: check_ido2db_procs.cfg should not depend on local-service template #2616 - MF * install: adapt lsb headers for icinga and ido2db #2637 - MF * install: fix typo in contrib/eventhandlers/redundancy-scenario1/handle-master-proc-event (thanks uosiu) #2671 - MF - cleaned up rcicinga and added checkresult directory creation before start - added patch to fix wrong fsf address in some license files - extracted update_path_script parts from %post to a separate file located under doc - fixed icinga-create_mysqldb.sh - it granted icinga access to all dbs - so please check the permissions of your mysql icinga user - removed all other ido2utils scripts since they are not supported by upstream - updated readme - better distinguishable topics - updated readme - mysql example command granted icinga access to all dbs - added 'show-errors' to icinga init script as documented in the wiki - changed eventhandlers directory from /usr/lib/nagios/plugins/eventhandler to /lib/icinga/eventhandler (unpackaged files do not get copied) - moved remaining files and the checkresults directory from /var/lib/icinga to /var/spool/icinga - moved /var/lib/icinga to /var/spool/icinga/ - removed nagios directories from the packages (/var/lib/nagios/*) - changed /var/spool/icinga/icinga.cmd to /var/run/icinga/icinga.cmd - changed /var/spool/icinga/ido2db.sock to /var/run/icinga/ido2db.sock - added post scripts to update the existing configuration files accordingly - replaced the existing default http-passwd file with the one from upstream - user icingaadmin with password icingaadmin - adapted the RHEL upstream icinga and icinga-idoutils readmes for SUSE and packaged them - idoutils db schema has changed, check /usr/share/doc/packages/icinga-idoutils/README.SUSE.idoutils how to upgrade it - imported upstream version 1.7.0 * core: notifications: Create contact list after eventbroker callbacks (Andreas Ericsson) #2110 - MF * core: fix event removal from queues with O(1) removal from doubly linked lists (Andreas Ericsson) #2183 - MF * core: avoid senseless looping when free()'ing macros (Andreas Ericsson) #2184 - MF * core: avoid insane looping through event list when rescheduling checks (Mathias Kettner, Andreas Ericsson) #2182 - MF * core: allow empty host groups in service and host dependencies if allow_empty_hostgroup_assignment flag is set (Daniel Wittenberg) #2255 - MF * core: fix compatibility problems on solaris 10 (affects core, cgis, ido) (Carl R. Friend) #2292 - MF/RB/TD * core: add trigger_time to downtimes to allow calculating of flexible downtimes endtime #2537 - MF * core: add nebmodule version/name check for idomod (this allows future version dependencies) #2569 - MF * classic ui: Added option for max log entries displayed in showlog.cgi #2145 - RB * classic ui: Added config option for status totals in status.cgi #2018 - RB * classic ui: Added multiple hosts/services to status.cgi GET #1981 - RB * classic ui: Added nostatusheader in status.cgi as config option #2018 - RB * classic ui: Added statusmap resizing with exclude/include button (thanks to Mat) #2186 - RB * classic ui: Added Select hosts or services by clicking on line instead of box #2118 - RB * classic ui: include graph icons by default in logos #2222 - MF * classic ui: added missing comment tool tip box to outages.cgi #2396 - RB * classic ui: add javascript to refresh page/pause easier #2119 - RB * classic ui: Added Scheduling queue filter for specific host or service #2421 - RB * classic ui: add display_status_totals as cgi.cfg option in order to allow the status totals to be shown again #2443 - RB * classic ui: Changed reading of auth information from cgiauth.c to cgiutils.c #2524 - RB * classic ui: Added readonly cgi.cfg view into the config section #1776 - RB * classic ui: add is_in_effect and trigger_time to downtime view for html, csv, json #2538 - MF * classic ui: add modified attributes row to extinfo.cgi showing diffs to original config (thx Sven Nierlein for the idea) #2473 - MF * classic ui: add modified attributes reset command to extinfo.cgi allowing to reset to original config #2474 - MF * idoutils: add new index for state in table statehistory #2274 - TD * idoutils: add is_in_effect and trigger_time to scheduleddowntime and downtimehistory tables #2539 - MF * idoutils: change varchar(255) to TEXT in mysql (not cs and address rfc columns) #2181 - MF * idoutils: enhance dbversion table with modified and created columns #2562 - MF * idoutils: set module info in idomod, to be checked on neb module load in future versions #2569 - MF - init script: check configuration before restart to avoid a non running service on config problems nagios-rpm-macros: - readded status.dat and retention.dat paths - added additional Icinga paths for Icinga 1.7 openSUSE 12.2 Update phpMyAdmin was updated to 3.5.2.2 - fix for bnc#776698, bnc#776701 openSUSE 12.2 Update Tor 0.2.2.38 fixes a rare race condition that can crash exit relays; fixes a remotely triggerable crash bug; and fixes a timing attack that could in theory leak path information. openSUSE 12.2 Update A security issue in otrs was fixed: * OSA-2012-1, http://otrs.org/advisory/ openSUSE 12.2 Update gnome-keyring was updated to not cache passwords indefinitely. openSUSE 12.2 Update - Update to version 0.8.1 * lot of bugfixes and new features including new skin (please check the CHANGELOG) * contains security related fixes (bnc#777446) * Fix XSS vulnerability in message subject handling using Larry skin (CVE-2012-3507) * Fix XSS issue where plain signatures wasn't secured in HTML mode (CVE-2012-3508) * Fix XSS issue where href="javascript:" wasn't secured (CVE-2012-3508) openSUSE 12.2 Update Mesa was updated to fix a buffer overrun in glsl shaders: - U_glsl-linker-Avoid-buffer-over-run-in-parcel_out_unif.patch * Avoid buffer over-run in parcel_out_uniform_storage::visit_field When too may uniforms are used, the error will be caught in check_resources (src/glsl/linker.cpp). (CVE-2012-2864, bnc#777461) openSUSE 12.2 Update Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update (bnc#777588) * MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 Use-after-free issues found using Address Sanitizer * MFSA 2012-59/CVE-2012-1956 (bmo#756719) Location object can be shadowed using Object.defineProperty * MFSA 2012-60/CVE-2012-3965 (bmo#769108) Escalation of privilege through about:newtab * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) Memory corruption with bitmap format images with negative height * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 WebGL use-after-free and memory corruption * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 SVG buffer overflow and use-after-free issues * MFSA 2012-64/CVE-2012-3971 Graphite 2 memory corruption * MFSA 2012-65/CVE-2012-3972 (bmo#746855) Out-of-bounds read in format-number in XSLT * MFSA 2012-66/CVE-2012-3973 (bmo#757128) HTTPMonitor extension allows for remote debugging without explicit activation * MFSA 2012-68/CVE-2012-3975 (bmo#770684) DOMParser loads linked resources in extensions when parsing text/html * MFSA 2012-69/CVE-2012-3976 (bmo#768568) Incorrect site SSL certificate data display * MFSA 2012-70/CVE-2012-3978 (bmo#770429) Location object security checks bypassed by chrome code * MFSA 2012-72/CVE-2012-3980 (bmo#771859) Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) - GStreamer is only used for MP4 (no WebM, OGG) - updated filelist - moved browser specific preferences to correct location openSUSE 12.2 Update php5 was updated to fix two security issues: - use FilesMatch with 'SetHandler' rather than 'AddHandler' [bnc#775852] Since this update just hardens a configuration to protect weakly designed web applications, there was no CVE assigned. - A HTTP header Carriage-Return injection flaw was fixed (CVE-2011-1398 and CVE-2011-4388 [bnc#778003]) openSUSE 12.2 Update Fixed 2 gimp security bugs: - fixed bnc#724628 CVE-2012-3481: gimp: GIF plugin 'height' / 'len' integer overflow leading to heap-based buffer overflow - fixed bnc#763595 CVE-2012-2763: gimp: buffer overflow in script-fu's server component openSUSE 12.2 Update Chromium was updated to 21.0.1180.88 to fix various bugs and security issues. Security fixes and rewards: Please see the Chromium security page<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. - [$500] [121347<https://code.google.com/p/chromium/issues/detail?id=121347>] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz. - [$1000] [134897<https://code.google.com/p/chromium/issues/detail?id=134897>] High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz. - [135485 <https://code.google.com/p/chromium/issues/detail?id=135485>] Low CVE-2012-2867: Browser crash with SPDY. - [$500] [136881<https://code.google.com/p/chromium/issues/detail?id=136881>] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz. - [137778 <https://code.google.com/p/chromium/issues/detail?id=137778>] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team. - [138672 <https://code.google.com/p/chromium/issues/detail?id=138672>] [ 140368 <https://code.google.com/p/chromium/issues/detail?id=140368>] LowCVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire. - [$1000] [138673<https://code.google.com/p/chromium/issues/detail?id=138673>] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire. - [$500] [142956<https://code.google.com/p/chromium/issues/detail?id=142956>] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein. openSUSE 12.2 Update - fix starttls command injection issue (CVE-2012-3523), [bnc#776967] - handle /var/run on tmpfs. [bnc#778439] openSUSE 12.2 Update - Fix VT100 emulation vulnerability (bnc#777084) (CVE-2012-3515) openSUSE 12.2 Update Security Update for Xen openSUSE 12.2 Update qemu was fixed to add bounds checking for VT100 escape code parsing and cursor placement. Also qemu was updated on 12.2 and 11.4 to the latest stable release (v1.1.1 and v0.14.1 respectively). openSUSE 12.2 Update Java-1_7_0-openjdk was updated to fix a remote exploit (CVE-2012-4681). Also bugfixes were done: - fix build on ARM and i586 - remove files that are no longer used - zero build can be enabled using rpmbuild (osc build) --with zero - add hotspot 2.1 needed for zero - fix filelist on %{ix86} * Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7194567, CVE-2012-3136: Improve long term persistence of java.beans objects - S7163201, CVE-2012-0547: Simplify toolkit internals references - RH852051, CVE-2012-4681, S7162473: Reintroduce PackageAccessible checks removed in 6788531. * OpenJDK - Fix Zero FTBFS issues with 2.3 - S7180036: Build failure in Mac platform caused by fix # 7163201 - S7182135: Impossible to use some editors directly - S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed - S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE * Bug fixes - PR1149: Zero-specific patch files not being packaged - use icedtea tarball for build again, this led into following dropped files because the are already in the tarball and simplified %prep and %build - drop class-rewriter.tar.gz - drop systemtap-tapset.tar.gz - drop desktop-files.tar.gz - drop nss.cfg - drop pulseaudio.tar.gz - drop remove-intree-libraries.sh - add archives from icedtea7-forest-2.3 for openjdk, corba, jaxp, jaxws, jdk, langtools and hotspot - drop rhino.patch, pulse-soundproperties and systemtap patch - move gnome bridge patches before make as it's irritating to have the patch fail after openjdk is built - use explicit file attributes in %files sections to prevent the file permissions problems in a future (like bnc#770040) - changed version scheme, so it now matches Oracle Java 1.7.0.6 == Java7 u 6 - update to icedtea-2.3.1 / OpenJDK7 u6 (bnc#777499) * Security fixes - RH852051, CVE-2012-4681: Reintroduce PackageAccessible checks removed in 6788531. * Bug fixes - PR902: PulseAudioClip getMicrosecondsLength() returns length in milliseconds, not microseconds - PR986: IcedTea7 fails to build with IcedTea6 CACAO due to low max heapsize - PR1050: Stream objects not garbage collected - PR1119: Only add classes to rt-source-files.txt if the class (or one or more of its methods/fields) are actually missing from the boot JDK - PR1137: Allow JARs to be optionally compressed by setting COMPRESS_JARS * OpenJDK - Make dynamic support for GConf work again. - PR1095: Add configure option for -Werror - PR1101: Undefined symbols on GNU/Linux SPARC - PR1140: Unnecessary diz files should not be installed - S7192804, PR1138: Build should not install jvisualvm man page for OpenJDK * JamVM - ARMv6 armhf: Changes for Raspbian (Raspberry Pi) - PPC: Don't use lwsync if it isn't supported - X86: Generate machine-dependent stubs for i386 - When suspending, ignore detached threads that have died, this prevents a user caused deadlock when an external thread has been attached to the VM via JNI and it has exited without detaching - Add missing REF_TO_OBJs for references passed from JNI, this enable JamVM to run Qt-Jambi - there are number of fixes in 2.3, see NEWS openSUSE 12.2 Update Postgresql was updated to the security and bugfix release 9.1.3: * Require execute permission on the trigger function for "CREATE TRIGGER" (CVE-2012-0866, bnc#749299). * Remove arbitrary limitation on length of common name in SSL certificates (CVE-2012-0867, bnc#749301). * Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303). * See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.1/static/release.html /usr/share/doc/packages/postgresql/HISTORY - This also fixes bnc#701489. openSUSE 12.2 Update - added 3-0-escape_html-activesupport.patch: (bnc#775653) Also encode single quote (CVE-2012-3464) - added 3-0-strip_tags.patch: (bnc#775649) Do not mark strip_tags result as html_safe CVE-2012-3465 openSUSE 12.2 Update This update of freeradius fixes a stack overflow in TLS handling, which can be exploited by remote attackers able to access Radius to execute code. openSUSE 12.2 Update - fix a XSS vulnerability: bnc#778655 (CVE-2012-4600) - update to 2.4.14 (openSUSE 11.4) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. - update to 3.0.16 (openSUSE 12.1) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. * Bug#8611 - Ticket count is wrong in QueueView. - update to 3.1.10 (openSUSE 12.2) (fix for OSA-2012-02, http://otrs.org/advisory/) * Improved HTML security filter to detect tag nesting. * Bug#8611 - Ticket count is wrong in QueueView. * Bug#8698 - Layout.pm only looks at first entry from HTTP_ACCEPT_LANGUAGE to determine language. * Bug#8731 - LDAP group check returns wrong error. openSUSE 12.2 Update A remote denial of service attack was fixed in the BIND DNS nameserver, which could be caused by attackers providing a specifically prepared zone file for recursive transfer. (CVE-2012-4244) openSUSE 12.2 Update A buffer overflow in the mcrypt commandlinetool was fixed, when the user could be tricked into a prepared file. openSUSE 12.2 Update - Fix tmp issues in annotate-output (bnc#778291, CVE-2012-3500) openSUSE 12.2 Update - update to 0.2.2.39 [bnc#780620] Changes in version 0.2.2.39 - 2012-09-11 Tor 0.2.2.39 fixes two more opportunities for remotely triggerable assertions. o Security fixes: - Fix an assertion failure in tor_timegm() that could be triggered by a badly formatted directory object (CVE-2012-4922). - Do not crash when comparing an address with port value 0 to an address policy. This bug could have been used to cause a remote assertion failure by or against directory authorities, or to allow some applications to crash clients (CVE-2012-4419). openSUSE 12.2 Update - Update to ISC dhcp-4.2.4-P2 release, providing a security fix for an issue with the use of lease times was found and fixed. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. ([ISC-Bugs #30281], CVE: CVE-2012-3955, bnc#780167) openSUSE 12.2 Update - Security and bugfix release 9.1.5: * Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655) bnc#765069 * Fix incorrect password transformation in "contrib/pgcrypto"'s DES crypt() function (CVE-2012-2143) bnc#766799 * Prevent access to external files/URLs via "contrib/xml2"'s xslt_process() (CVE-2012-3488) bnc#776523 * Prevent access to external files/URLs via XML entity references (CVE-2012-3489) bnc#776524 * See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.1/static/release.html /usr/share/doc/packages/postgresql/HISTORY openSUSE 12.2 Update This update fixes the following issues for emacs, emacs-w3, gnuplot and ddskk: emacs: - Add fix for bnc#775993 which disable arbitrary lisp code execution when 'enable-local-variables' is set to ':safe' (CVE-2012-3479) - Add fix for bnc#780653 to allow emacs to parse tar archives with PAX extended headers - This update also upgrades emacs to version 24.1: * Support for Gtk+3.0, GnuTLS, ImageMagick, libxml2, and SELinux * Support for wide integer (62 bits) in lisp even on 32-bit machines. * The --unibyte, --multibyte, --no-multibyte, and --no-unibyte command line arguments, and the EMACS_UNIBYTE environment variable, no longer have any effect. * And many more changes see /usr/share/emacs/24.1/etc/NEWS - Remove obsolete patches - Refresh some others patches emacs-w3: - (condition-case ...) and (eval-when (compile) ...) will not work together gnuplot: - Resolve the former problem by using texlive-texinfo to enforce installing required fonts as well as required tools for TL 2012 - add more texlive 2012 requirements - Make it build with latest TeXLive 2012 with new package layout - Convert gnuplot.el to new backtick lisp scheme for emacs 24.1 ddskk: - Update to ddskk-14.4 and skkdic-20110529 - Take some patches from Debian as well add some own patches - Drop superfluous patches openSUSE 12.2 Update This update fixed CVE-2012-3524 (getenv() vulnerability), which can be used by local attackers to escalate privileges to root. openSUSE 12.2 Update VirtualBox was updated to 4.1.22 stable release, bringing lots of security and also bugfixes. The 4.1.22 release is brought to all openSUSE distributions to align their versions. changes in virtualbox 4.1.22 (maintenance release) * VMM: fixed a potential host crash triggered by shutting down a VM when another VM was running * VMM: fixed a potential host crash under a high guest memory pressure (seen with Windows 8 guests) * VMM: respect RAM preallocation while restoring saved state. * VMM: fixed handling of task gates if VT-x/AMD-V is disabled * Storage: fixed audio CD passthrough for certain media players * USB: don't crash if a USB device is plugged or unplugged when saving or loading the VM state (SMP guests only) * RTC: fixed a potential corruption of CMOS bank 1 * Mac OS X hosts: installer fixes for Leopard (4.1.20 regression) * Windows Additions: fixed memory leak in VBoxTray (bug #10808) - changes in virtualbox 4.1.20 (maintenance release) * VMM: fixed a crash under rare circumstances for VMs running without hardware virtualization * VMM: fixed a code analysis bug for certain displacement instructions for VMs running without hardware virtualization * VMM: fixed an interpretion bug for TPR read instructions under rare conditions (AMD-V only) * Snapshots: fixed a crash when restoring an old snapshot when powering off a VM (bugs #9604, #10491) * VBoxSVC: be more tolerant against environment variables with strange encodings (bug #8780) * VGA: fixed wrong access check which might cause a crash under certain conditions * NAT: final fix for crashes under rare conditions (bug #10513) * Virtio-net: fixed the problem with receiving of GSO packets in Windows XP guests causing packet loss in host-to-VM transfers * HPET: several fixes (bugs #10170, #10306) * Clipboard: disable the clipboard by default for new VMs * BIOS: the PCI BIOS was not properly detected with the chipset type set to ICH9 (bugs #9301, #10327) * Mac OS X hosts: adaptions to Mountain Lion * Linux Installer: fixes for Gentoo Linux (bug #10642) * Linux guests: fixed mouse integration on Fedora 17 guests (bug #2306) * Linux Additions: compile fixes for RHEL/CentOS 6.3 (bug #10756) * Linux Additions: compile fixes for Linux 3.5-rc1 and Linux 3.6-rc1 (bug #10709) * Solaris host: fixed a guru meditation while allocating large pages (bug #10600) * Solaris host: fixed possible kernel panics while freeing memory * Solaris Installer: fixed missing icon for menu and desktop shortcuts openSUSE 12.2 Update This kernel update to 3.4.11 fixes various bugs and security issues. The changes up to 3.4.11 contain both security and bugfixes and are not explicitly listed here. Following security issues were fixed: CVE-2012-3520: Force passing credentials, otherwise local services could be fooled to assume requests coming from root. CVE-2012-3412: Do not allow extreme TSO parameters in the sfc driver and tcp stack. Following non-security bugs were fixed: - nbd: clear waiting_queue on shutdown (bnc#778630). - NFS: avoid warning from nfs_drop_nlink (bnc#780624). - net: do not disable sg for packets requiring no checksum (bnc#774859). - sfc: Fix maximum number of TSO segments and minimum TX queue size (bnc#774523 CVE-2012-3412). - net: Allow driver to limit number of GSO segments per skb (bnc#774523 CVE-2012-3412). - drm/nouveau: fix booting with plymouth + dumb support (bnc#771392). - memcg: warn on deeper hierarchies with use_hierarchy==0 (bnc#781134). - Linux 3.4.11. - Update config files. - Refresh patches.suse/scsi-error-test-unit-ready-timeout. - Btrfs: fix tree log remove space corner case (bnc#779432) - irq_remap: disable IRQ remapping if any IOAPIC lacks an IOMMU. - Linux 3.4.10. - Linux 3.4.9. - kABI: protect struct irq_desc. - Linux 3.4.8. - kABI: sdhci, remove inclusion. - reiserfs: fix deadlock with nfs racing on create/lookup (bnc#762693). - Properly update Xen patches to 3.4.7. - Refresh other Xen patches (bnc#772831). - config: enable various ARM errata workarounds to improve stability - Import kabi files for 12.2 - rpm/config.sh: Build the KOTD against 12.2 - ASoC: omap: Add missing modules aliases to get sound working on omap devices. - Update config files to fix build - rt2800: add chipset revision RT5390R support (bnc#772566). - reiserfs: fix deadlocks with quotas - ACPI, APEI: Fixup common access width firmware bug (bnc#765230). - i2c/busses: Fix build error if CONFIG_I2C_DESIGNWARE_PLATFORM=y and CONFIG_I2C_DESIGN. - Update ARM configs to match kernel 3.4.7 - Update ARM omap2plus config to match kernel 3.4.7 and add Smartreflex support (auto voltage) - ALSA: hda - Fix mute-LED GPIO initialization for IDT codecs (bnc#772923). - ALSA: hda - Fix polarity of mute LED on HP Mini 210 (bnc#772923). - Linux 3.4.7. - Refresh patches.suse/dm-raid45-26-Nov-2009.patch. - Enable RTL8150 for omap2plus Generic USB Network device that also works fine on ARM, so enable it - update RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER patch name - Drivers: hv: Cleanup the guest ID computation. - hyperv: Add a check for ring_size value. - hyperv: Add error handling to rndis_filter_device_add(). - Drivers: hv: Change the hex constant to a decimal constant. - hyperv: Add support for setting MAC from within guests. - net/hyperv: Use wait_event on outstanding sends during device removal. - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER. - Refresh patches.suse/SUSE-bootsplash. Fix wrong vfree() (bnc#773406) openSUSE 12.2 Update optipng received a fix for a palette reduction use-after-free vulnerability. (CVE-2012-4432) openSUSE 12.2 Update wireshark is updated to version 1.8.3 on all openSUSE distributions, bringing bug and security fixes. openSUSE 11.4 and 12.1 received a version upgrade, so also receiving lots of new features. openSUSE 12.2 Update The Mozilla suite received following security updates (bnc#783533): Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer * MFSA 2012-87/CVE-2012-3990 (bmo#787704) openSUSE 12.2 Update This patch validated the message length of EAP-TLS to avoid the potential DoS attack openSUSE 12.2 Update This update fixes a heap-based buffer overflow in OpenJPEG which could allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file. openSUSE 12.2 Update Chromium was upgraded to version 24.0.1290 which fixed multiple security flaws. openSUSE 12.2 Update The bind nameserver was updated to fix specially crafted DNS data can cause a lockup in named. openSUSE 12.2 Update This update of libproxy fixed a buffer overflow flaw. openSUSE 12.2 Update This version upgrade of otrs fixed a Cross-Site Scripting (XSS) flaw as well as several other, non-security issues. openSUSE 12.2 Update This update of tiff fixed a heap-based buffer overflow vulnerability and an integer overflow issue.