Advisory: SuSE Essential and Critical Security Patch Updates

Find the information you need for your favorite open source distribution .

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-006: OpenSSL certificate verification problem Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The OpenSSL certificate checking routines EVP_VerifyFinal can return The OpenSSL certificate checking routines EVP_VerifyFinal can return negative values and 0 on failure. In some places negative values negative values and 0 on failure. In some places negative values were not checked and considered successful verification. Prior to this update it was possible to bypass the certification chain chec [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-005: bind Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The DNS daemon bind is used to resolve and lookup addresses on the inter- The DNS daemon bind is used to resolve and lookup addresses on the inter- net. net. Some month ago a vulnerability in the DNS protocol and its numbers was published that allowed easy spoofing of DNS entries. The only way to pro- tect against spoofing is to use DNSSEC. Unfortunately the bind code that verifys the certificatio [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-004: Linux kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The openSUSE 10.3 kernel was updated to fix various security problems The openSUSE 10.3 kernel was updated to fix various security problems and bugs. Following security bugs were fixed: and bugs. Following security bugs were fixed: CVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the sam [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-003: Linux kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes various security issues and several bugs in the This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. openSUSE 11.0 kernel. The kernel was also updated to the stable version 2.6.25.20, including its bugfixes. Following security issues were fixed:

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2009:002

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-002: Mozilla Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various Mozilla browser suite programs were updated to the last Various Mozilla browser suite programs were updated to the last security release. security release. The Mozilla Firefox 3.0.5 browser, Seamonkey 1.1.14 and xulrunner190 update were already published before Christmas, please see SUSE-SA:2008:058.

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2009:001

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2009-001: Sun Java Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sun Java received several security fixes and was updated to: Sun Java received several security fixes and was updated to: - Sun Java 1.6.0 to Update 11-b03 - Sun Java 1.5.0 to Update 17 - Sun Java 1.4.2 to Update 19 Numerous security issues such as privilege escalations, and sandbox

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-059: flash-player Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Adobe Flash Player was updated to fix an unspecified vulnerability The Adobe Flash Player was updated to fix an unspecified vulnerability that allowed attackers to take control of the victim's system by that allowed attackers to take control of the victim's system by having the victim load a specially crafted SWF file, for instance embedded in a web page (CVE-2008-5499). 2) Solution or Work-A [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-058: Mozilla Firefox Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Mozilla Firefox browser was updated to version 3.0.5, fixing The Mozilla Firefox browser was updated to version 3.0.5, fixing various security issues and stability problems. various security issues and stability problems. The Mozilla Seamonkey browser was updated to version 1.1.14, also fixing various security issues and stability problems. The other Mozilla browsers and suites are still bein [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:025

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:024

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:023

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:022

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:021

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-041: openwsman Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The openwsman project provides an implementation of the Web Service The openwsman project provides an implementation of the Web Service Management specification. Management specification. The SuSE Security-Team has found two critical issues in the code: - two remote buffer overflows while decoding the HTTP basic authenticationheader (CVE-2008-2234) - a possible SSL session replay attack affectin [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-040: postfix Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Postfix is a well known MTA. Postfix is a well known MTA. During a source code audit the SuSE Security-Team discovered a local During a source code audit the SuSE Security-Team discovered a local privilege escalation bug (CVE-2008-2936) as well as a mailbox ownership problem (CVE-2008-2937) in postfix. The first bug allowed local users to execute arbitrary commands as root while the second one al [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: Weekly Summary 2008:016

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-039: net-snmp Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The net-snmp daemon implements the "simple network management protocol". The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 pa [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2008-033: bind Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The bind daemon is responsible for resolving hostnames in IP addresses and The bind daemon is responsible for resolving hostnames in IP addresses and vice versa. vice versa. The new version of bind uses a random transaction-ID (TRXID) and a random UDP source-port for DNS queries to address DNS cache poisoning attacks possible because of the "birthday paradox" and an attack discovered by Dan Kamins [More...]

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved