CESA-2017:2563 Moderate CentOS 6 openssh Security Update

CentOS Errata and Security Advisory 2017:2563 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2563

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
7fcc14482bde0ffd56256a95d4e9fb1adde76ff3bd4e51bca62d991216637a41 openssh-5.3p1-123.el6_9.i686.rpm
0b7200aa9e46618664f5ce4418d8dc2a3536246ce4c05a8d49c87a91a2e65c4c openssh-askpass-5.3p1-123.el6_9.i686.rpm
38117542a8fbe8ed16604704c90009c0317759f67de4329b644f1741e72c98fb openssh-clients-5.3p1-123.el6_9.i686.rpm
9446db394224c7ad6b155386d690b5992115d1c0cc2a1e6c324f8db313faffa2 openssh-ldap-5.3p1-123.el6_9.i686.rpm
1b4954075f7f4364460e35cdd4c76c9bdd0f8a6ab5bb7e2ef04cbee9c1098aaa openssh-server-5.3p1-123.el6_9.i686.rpm
318fe5d62ad947c5090fd36310e6938a1f0de93bd2b9b9c490c2bbf2ba9bd65d pam_ssh_agent_auth-0.9.3-123.el6_9.i686.rpm

x86_64:
ca4e9591f2670255c532f2be9b229eff12799006d60aefd7decdf68ab555975c openssh-5.3p1-123.el6_9.x86_64.rpm
5a8b1a467d7836300f53b54e1e96bdaa93cf8df93cd730729f6d5e430f61a8f5 openssh-askpass-5.3p1-123.el6_9.x86_64.rpm
5c7ac733ef43bdd9169c9ba26d2e44d273496508649c30acf2c119c8ee4dd7d0 openssh-clients-5.3p1-123.el6_9.x86_64.rpm
1c4c57bb410082a30401cd68e492d13d3b58577afa604e9ae79114468f61b006 openssh-ldap-5.3p1-123.el6_9.x86_64.rpm
69b18041197c4be9a2812bbea1fc92f94b45d7adca0dd9c308f87dde7743ac06 openssh-server-5.3p1-123.el6_9.x86_64.rpm
318fe5d62ad947c5090fd36310e6938a1f0de93bd2b9b9c490c2bbf2ba9bd65d pam_ssh_agent_auth-0.9.3-123.el6_9.i686.rpm
f87bed409bfde8b91268589a1c32da959cba0bae5a555bed2150c2a4667723f3 pam_ssh_agent_auth-0.9.3-123.el6_9.x86_64.rpm

Source:
4c78bd24259d3604ffbf905642dbf44d209c3997696cfc443eae7885a8d9a53a openssh-5.3p1-123.el6_9.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CESA-2017:2534 Important CentOS 6 thunderbird Security Update

CentOS Errata and Security Advisory 2017:2534 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2534

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
96494a6bbf9295994238419e7b7e9d0f32bd34771f06b54f0f0d06439c72f95e thunderbird-52.3.0-1.el6.centos.i686.rpm

x86_64:
6afe985ea385fb5549fcb8ed89fff3cb4ceacf121de067e809e88da57daa5c48 thunderbird-52.3.0-1.el6.centos.x86_64.rpm

Source:
369ece0043d2781f548a3fe74c097d222f6e9afabd2e7f38a07c476f10dd9cb7 thunderbird-52.3.0-1.el6.centos.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CESA-2017:2550 Moderate CentOS 6 poppler Security Update

CentOS Errata and Security Advisory 2017:2550 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2550

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5e00e48b8c0ac31de59d24deaa04247cc665a39827832cfac05df03c164c52c4 poppler-0.12.4-12.el6_9.i686.rpm
d25cdcfbfc0bf8ef7f5e548984674c6ce2a8d6a2eaef784b1ea7767840690466 poppler-devel-0.12.4-12.el6_9.i686.rpm
94011927f19dd72b17214ea203338a17c4e75507543666097b0d7244860da132 poppler-glib-0.12.4-12.el6_9.i686.rpm
23425ddf68356964411efc36159173c6ae243d0eb237dce6361e582d2baa9e97 poppler-glib-devel-0.12.4-12.el6_9.i686.rpm
f88d5fb1cb327fb9dacc48f2ab02cc12ac09ea043622e39b4eb34ec33088cd76 poppler-qt-0.12.4-12.el6_9.i686.rpm
d201890924ed934ca293d1a88c1a7da78be176166099574c7858c60f3ee93c6e poppler-qt4-0.12.4-12.el6_9.i686.rpm
8d645831a8fac15e1c8e5a32fc9183e95713f9ef1ee561af2d1cc7d11bd705fc poppler-qt4-devel-0.12.4-12.el6_9.i686.rpm
5b88d65fe039f4b9f2ea41faeaa59c35ee0e10a6c24bbf1756f5a9ea6fb0a8f0 poppler-qt-devel-0.12.4-12.el6_9.i686.rpm
59ca913a180b4fd587d4479b64efa37f04c1ee5b6812d17319f69e9cc38d5807 poppler-utils-0.12.4-12.el6_9.i686.rpm

x86_64:
5e00e48b8c0ac31de59d24deaa04247cc665a39827832cfac05df03c164c52c4 poppler-0.12.4-12.el6_9.i686.rpm
2a7c924303b93c19268086f7202cd4d147d54ba04b4d5e9c31f785c887d0f3ff poppler-0.12.4-12.el6_9.x86_64.rpm
d25cdcfbfc0bf8ef7f5e548984674c6ce2a8d6a2eaef784b1ea7767840690466 poppler-devel-0.12.4-12.el6_9.i686.rpm
df823b5d17233bc08e976918b1aeb8d16d88e40c8de95da56c6ad9d22cde0f03 poppler-devel-0.12.4-12.el6_9.x86_64.rpm
94011927f19dd72b17214ea203338a17c4e75507543666097b0d7244860da132 poppler-glib-0.12.4-12.el6_9.i686.rpm
aaa7b0ad900a0f1b77a503bed3772ca8f8d5cc9299be07eba849d67fff67f21a poppler-glib-0.12.4-12.el6_9.x86_64.rpm
23425ddf68356964411efc36159173c6ae243d0eb237dce6361e582d2baa9e97 poppler-glib-devel-0.12.4-12.el6_9.i686.rpm
77a0cf7d64625bd9547bde17cee820eb1c12c4d153cc92dd1f3edd2afc5113bb poppler-glib-devel-0.12.4-12.el6_9.x86_64.rpm
f88d5fb1cb327fb9dacc48f2ab02cc12ac09ea043622e39b4eb34ec33088cd76 poppler-qt-0.12.4-12.el6_9.i686.rpm
29d53b90f6ca5ba1ea401ae122c4ff987a20aa8accfa019f3a9afbb25bb24b46 poppler-qt-0.12.4-12.el6_9.x86_64.rpm
d201890924ed934ca293d1a88c1a7da78be176166099574c7858c60f3ee93c6e poppler-qt4-0.12.4-12.el6_9.i686.rpm
b411d564f12f72a171e5dfb7a15ed32b276afc23b86ce0799aebd2e3400006cf poppler-qt4-0.12.4-12.el6_9.x86_64.rpm
8d645831a8fac15e1c8e5a32fc9183e95713f9ef1ee561af2d1cc7d11bd705fc poppler-qt4-devel-0.12.4-12.el6_9.i686.rpm
6935fc562c03523283368b0ac587bbc9d98b8ec84006d4991d2e3b243157a134 poppler-qt4-devel-0.12.4-12.el6_9.x86_64.rpm
5b88d65fe039f4b9f2ea41faeaa59c35ee0e10a6c24bbf1756f5a9ea6fb0a8f0 poppler-qt-devel-0.12.4-12.el6_9.i686.rpm
2ce55815fe0011187173d93bba74e0f4fc0c01b5b2b4800081c27d54c659b654 poppler-qt-devel-0.12.4-12.el6_9.x86_64.rpm
e75d1d7531bd8ff24932c7ed58fb34b24d9cb1913a3642887e42f441f1725b5d poppler-utils-0.12.4-12.el6_9.x86_64.rpm

Source:
8f9a5f707bf29ee83b8e38b90cf211b01a841591e47fd5848061d37fddf66669 poppler-0.12.4-12.el6_9.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

openSUSE-SU-2017:2311-1: important: Security update for samba and resource-agents

openSUSE Security Update: Security update for samba and resource-agents
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2311-1
Rating: important
References: #1048278 #1048339 #1048352 #1048387 #1048790
#1052577 #1054017
Cross-References: CVE-2017-11103
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update provides Samba 4.6.7, which fixes the following issues:

– CVE-2017-11103: Metadata were being taken from the unauthenticated
plaintext (the Ticket) rather than the authenticated and encrypted KDC
response. (bsc#1048278)
– Fix cephwrap_chdir(). (bsc#1048790)
– Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb.
(bsc#1048339)
– Fix inconsistent ctdb socket path. (bsc#1048352)
– Fix non-admin cephx authentication. (bsc#1048387)
– CTDB cannot start when there is no persistent database. (bsc#1052577)

The CTDB resource agent was also fixed to not fail when the database is
empty.

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-987=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

ctdb-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-tests-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-tests-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
ldirectord-4.0.1+git.1495055229.643177f1-3.1
libdcerpc-binding0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-binding0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-devel-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr-devel-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi-devel-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util-devel-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient-devel-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
resource-agents-4.0.1+git.1495055229.643177f1-3.1
resource-agents-debuginfo-4.0.1+git.1495055229.643177f1-3.1
resource-agents-debugsource-4.0.1+git.1495055229.643177f1-3.1
samba-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-core-devel-4.6.7+git.38.90b2cdb4f22-3.1
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-pidl-4.6.7+git.38.90b2cdb4f22-3.1
samba-python-4.6.7+git.38.90b2cdb4f22-3.1
samba-python-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-test-4.6.7+git.38.90b2cdb4f22-3.1
samba-test-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

– openSUSE Leap 42.3 (noarch):

monitoring-plugins-metadata-4.0.1+git.1495055229.643177f1-3.1
samba-doc-4.6.7+git.38.90b2cdb4f22-3.1

– openSUSE Leap 42.3 (x86_64):

libdcerpc-binding0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-binding0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-ceph-4.6.7+git.38.90b2cdb4f22-3.1
samba-ceph-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1

References:

https://www.suse.com/security/cve/CVE-2017-11103.html
https://bugzilla.suse.com/1048278
https://bugzilla.suse.com/1048339
https://bugzilla.suse.com/1048352
https://bugzilla.suse.com/1048387
https://bugzilla.suse.com/1048790
https://bugzilla.suse.com/1052577
https://bugzilla.suse.com/1054017


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE-SU-2017:2306-1: important: Security update for postgresql93

openSUSE Security Update: Security update for postgresql93
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2306-1
Rating: important
References: #1051684 #1051685 #1053259
Cross-References: CVE-2017-7546 CVE-2017-7547 CVE-2017-7548

Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

Postgresql93 was updated to 9.3.18 to fix the following issues:

* CVE-2017-7547: Further restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as user mapping
options. (bsc#1051685)
* CVE-2017-7546: Disallow empty passwords in all password-based
authentication methods. (bsc#1051684)
* CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259)

The changelog for the release is here:

https://www.postgresql.org/docs/9.3/static/release-9-3-18.html

This update was imported from the SUSE:SLE-12:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-985=1

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-985=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

postgresql93-devel-9.3.18-8.1
postgresql93-devel-debuginfo-9.3.18-8.1
postgresql93-libs-debugsource-9.3.18-8.1

– openSUSE Leap 42.3 (x86_64):

postgresql93-9.3.18-8.1
postgresql93-contrib-9.3.18-8.1
postgresql93-contrib-debuginfo-9.3.18-8.1
postgresql93-debuginfo-9.3.18-8.1
postgresql93-debugsource-9.3.18-8.1
postgresql93-plperl-9.3.18-8.1
postgresql93-plperl-debuginfo-9.3.18-8.1
postgresql93-plpython-9.3.18-8.1
postgresql93-plpython-debuginfo-9.3.18-8.1
postgresql93-pltcl-9.3.18-8.1
postgresql93-pltcl-debuginfo-9.3.18-8.1
postgresql93-server-9.3.18-8.1
postgresql93-server-debuginfo-9.3.18-8.1
postgresql93-test-9.3.18-8.1

– openSUSE Leap 42.3 (noarch):

postgresql93-docs-9.3.18-8.1

– openSUSE Leap 42.2 (i586 x86_64):

postgresql93-devel-9.3.18-5.12.1
postgresql93-devel-debuginfo-9.3.18-5.12.1
postgresql93-libs-debugsource-9.3.18-5.12.1

– openSUSE Leap 42.2 (noarch):

postgresql93-docs-9.3.18-5.12.1

– openSUSE Leap 42.2 (x86_64):

postgresql93-9.3.18-5.12.1
postgresql93-contrib-9.3.18-5.12.1
postgresql93-contrib-debuginfo-9.3.18-5.12.1
postgresql93-debuginfo-9.3.18-5.12.1
postgresql93-debugsource-9.3.18-5.12.1
postgresql93-plperl-9.3.18-5.12.1
postgresql93-plperl-debuginfo-9.3.18-5.12.1
postgresql93-plpython-9.3.18-5.12.1
postgresql93-plpython-debuginfo-9.3.18-5.12.1
postgresql93-pltcl-9.3.18-5.12.1
postgresql93-pltcl-debuginfo-9.3.18-5.12.1
postgresql93-server-9.3.18-5.12.1
postgresql93-server-debuginfo-9.3.18-5.12.1
postgresql93-test-9.3.18-5.12.1

References:

https://www.suse.com/security/cve/CVE-2017-7546.html
https://www.suse.com/security/cve/CVE-2017-7547.html
https://www.suse.com/security/cve/CVE-2017-7548.html
https://bugzilla.suse.com/1051684
https://bugzilla.suse.com/1051685
https://bugzilla.suse.com/1053259


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2302-1: important: Security update for MozillaFirefox

SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2302-1
Rating: important
References: #1031485 #1052829
Cross-References: CVE-2017-7753 CVE-2017-7779 CVE-2017-7782
CVE-2017-7784 CVE-2017-7785 CVE-2017-7786
CVE-2017-7787 CVE-2017-7791 CVE-2017-7792
CVE-2017-7798 CVE-2017-7800 CVE-2017-7801
CVE-2017-7802 CVE-2017-7803 CVE-2017-7804
CVE-2017-7807
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

An update that fixes 16 vulnerabilities is now available.

Description:

Mozilla Firefox was updated to the ESR 52.3 release (bsc#1052829)

Following security issues were fixed:

* MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback
* MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with
data: protocol and modal alerts
* MFSA 2017-19/CVE-2017-7792: Buffer overflow viewing certificates with an
extremely long OID
* MFSA 2017-19/CVE-2017-7782: WindowsDllDetourPatcher allocates memory
without DEP protections
* MFSA 2017-19/CVE-2017-7787: Same-origin policy bypass with iframes
through page reloads
* MFSA 2017-19/CVE-2017-7786: Buffer overflow while painting
non-displayable SVG
* MFSA 2017-19/CVE-2017-7785: Buffer overflow manipulating ARIA attributes
in DOM
* MFSA 2017-19/CVE-2017-7784: Use-after-free with image observers
* MFSA 2017-19/CVE-2017-7753: Out-of-bounds read with cached style data
and pseudo-elements
* MFSA 2017-19/CVE-2017-7798: XUL injection in the style editor in devtools
* MFSA 2017-19/CVE-2017-7804: Memory protection bypass through
WindowsDllDetourPatcher
* MFSA 2017-19/CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and
Firefox ESR 52.3
* MFSA 2017-19/CVE-2017-7800: Use-after-free in WebSockets during
disconnection
* MFSA 2017-19/CVE-2017-7801: Use-after-free with marquee during window
resizing
* MFSA 2017-19/CVE-2017-7802: Use-after-free resizing image elements
* MFSA 2017-19/CVE-2017-7803: CSP containing ‘sandbox’ improperly applied

This update also fixes:

– fixed firefox hangs after a while in FUTEX_WAIT_PRIVATE if cgroups
enabled and running on cpu >=1 (bsc#1031485)
– The Itanium ia64 build was fixed.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-MozillaFirefox-13254=1

– SUSE Linux Enterprise Server 11-SP4:

zypper in -t patch slessp4-MozillaFirefox-13254=1

– SUSE Linux Enterprise Server 11-SP3-LTSS:

zypper in -t patch slessp3-MozillaFirefox-13254=1

– SUSE Linux Enterprise Point of Sale 11-SP3:

zypper in -t patch sleposp3-MozillaFirefox-13254=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-MozillaFirefox-13254=1

– SUSE Linux Enterprise Debuginfo 11-SP3:

zypper in -t patch dbgsp3-MozillaFirefox-13254=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):

MozillaFirefox-devel-52.3.0esr-72.9.1

– SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

MozillaFirefox-52.3.0esr-72.9.1
MozillaFirefox-branding-SLED-52-24.5.1
MozillaFirefox-translations-52.3.0esr-72.9.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):

MozillaFirefox-52.3.0esr-72.9.1
MozillaFirefox-branding-SLED-52-24.5.1
MozillaFirefox-translations-52.3.0esr-72.9.1

– SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

MozillaFirefox-52.3.0esr-72.9.1
MozillaFirefox-branding-SLED-52-24.5.1
MozillaFirefox-translations-52.3.0esr-72.9.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

MozillaFirefox-debuginfo-52.3.0esr-72.9.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):

MozillaFirefox-debuginfo-52.3.0esr-72.9.1

References:

https://www.suse.com/security/cve/CVE-2017-7753.html
https://www.suse.com/security/cve/CVE-2017-7779.html
https://www.suse.com/security/cve/CVE-2017-7782.html
https://www.suse.com/security/cve/CVE-2017-7784.html
https://www.suse.com/security/cve/CVE-2017-7785.html
https://www.suse.com/security/cve/CVE-2017-7786.html
https://www.suse.com/security/cve/CVE-2017-7787.html
https://www.suse.com/security/cve/CVE-2017-7791.html
https://www.suse.com/security/cve/CVE-2017-7792.html
https://www.suse.com/security/cve/CVE-2017-7798.html
https://www.suse.com/security/cve/CVE-2017-7800.html
https://www.suse.com/security/cve/CVE-2017-7801.html
https://www.suse.com/security/cve/CVE-2017-7802.html
https://www.suse.com/security/cve/CVE-2017-7803.html
https://www.suse.com/security/cve/CVE-2017-7804.html
https://www.suse.com/security/cve/CVE-2017-7807.html
https://bugzilla.suse.com/1031485
https://bugzilla.suse.com/1052829


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2303-1: important: Security update for php7

SUSE Security Update: Security update for php7
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2303-1
Rating: important
References: #1047454 #1048094 #1048096 #1048100 #1048111
#1048112 #1050241 #1050726 #1052389 #1053645
#986386
Cross-References: CVE-2016-10397 CVE-2016-5766 CVE-2017-11142
CVE-2017-11144 CVE-2017-11145 CVE-2017-11146
CVE-2017-11147 CVE-2017-11628 CVE-2017-7890

Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Module for Web Scripting 12
______________________________________________________________________________

An update that solves 9 vulnerabilities and has two fixes
is now available.

Description:

This update for php7 fixes the following issues:

– CVE-2016-10397: parse_url() can be bypassed to return fake host.
(bsc#1047454)
– CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of
service attack by injectinglong form variables, related to
main/php_variables. (bsc#1048100)
– CVE-2017-11144: The opensslextension PEM sealing code did not check the
return value of the OpenSSL sealingfunction, which could lead to a
crash. (bsc#1048096)
– CVE-2017-11145: Lack of bounds checks in timelib_meridian coud lead to
information leak. (bsc#1048112)
– CVE-2017-11146: Lack of bounds checks in timelib_meridian parse code
could lead to information leak. (bsc#1048111)
– CVE-2017-11147: The PHAR archive handler could beused by attackers
supplying malicious archive files to crash the PHP interpreteror
potentially disclose information. (bsc#1048094)
– CVE-2017-11628: Stack-base dbuffer overflow in zend_ini_do_op() could
lead to denial of service (bsc#1050726)
– CVE-2017-7890: Buffer over-read from unitialized data in
gdImageCreateFromGifCtx function could lead to denial of service
(bsc#1050241)
– CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap
overflow could lead to denial of service or code execution (bsc#986386)

Other fixes:

– Soap Request with References (bsc#1053645)
– php7-pear should explicitly require php7-pear-Archive_Tar
otherwise this dependency must be declared in every php7-pear-* package
explicitly. [bnc#1052389]

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1417=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1417=1

– SUSE Linux Enterprise Module for Web Scripting 12:

zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-1417=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

php7-debuginfo-7.0.7-50.9.2
php7-debugsource-7.0.7-50.9.2
php7-devel-7.0.7-50.9.2

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

php7-debuginfo-7.0.7-50.9.2
php7-debugsource-7.0.7-50.9.2
php7-devel-7.0.7-50.9.2

– SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64):

apache2-mod_php7-7.0.7-50.9.2
apache2-mod_php7-debuginfo-7.0.7-50.9.2
php7-7.0.7-50.9.2
php7-bcmath-7.0.7-50.9.2
php7-bcmath-debuginfo-7.0.7-50.9.2
php7-bz2-7.0.7-50.9.2
php7-bz2-debuginfo-7.0.7-50.9.2
php7-calendar-7.0.7-50.9.2
php7-calendar-debuginfo-7.0.7-50.9.2
php7-ctype-7.0.7-50.9.2
php7-ctype-debuginfo-7.0.7-50.9.2
php7-curl-7.0.7-50.9.2
php7-curl-debuginfo-7.0.7-50.9.2
php7-dba-7.0.7-50.9.2
php7-dba-debuginfo-7.0.7-50.9.2
php7-debuginfo-7.0.7-50.9.2
php7-debugsource-7.0.7-50.9.2
php7-dom-7.0.7-50.9.2
php7-dom-debuginfo-7.0.7-50.9.2
php7-enchant-7.0.7-50.9.2
php7-enchant-debuginfo-7.0.7-50.9.2
php7-exif-7.0.7-50.9.2
php7-exif-debuginfo-7.0.7-50.9.2
php7-fastcgi-7.0.7-50.9.2
php7-fastcgi-debuginfo-7.0.7-50.9.2
php7-fileinfo-7.0.7-50.9.2
php7-fileinfo-debuginfo-7.0.7-50.9.2
php7-fpm-7.0.7-50.9.2
php7-fpm-debuginfo-7.0.7-50.9.2
php7-ftp-7.0.7-50.9.2
php7-ftp-debuginfo-7.0.7-50.9.2
php7-gd-7.0.7-50.9.2
php7-gd-debuginfo-7.0.7-50.9.2
php7-gettext-7.0.7-50.9.2
php7-gettext-debuginfo-7.0.7-50.9.2
php7-gmp-7.0.7-50.9.2
php7-gmp-debuginfo-7.0.7-50.9.2
php7-iconv-7.0.7-50.9.2
php7-iconv-debuginfo-7.0.7-50.9.2
php7-imap-7.0.7-50.9.2
php7-imap-debuginfo-7.0.7-50.9.2
php7-intl-7.0.7-50.9.2
php7-intl-debuginfo-7.0.7-50.9.2
php7-json-7.0.7-50.9.2
php7-json-debuginfo-7.0.7-50.9.2
php7-ldap-7.0.7-50.9.2
php7-ldap-debuginfo-7.0.7-50.9.2
php7-mbstring-7.0.7-50.9.2
php7-mbstring-debuginfo-7.0.7-50.9.2
php7-mcrypt-7.0.7-50.9.2
php7-mcrypt-debuginfo-7.0.7-50.9.2
php7-mysql-7.0.7-50.9.2
php7-mysql-debuginfo-7.0.7-50.9.2
php7-odbc-7.0.7-50.9.2
php7-odbc-debuginfo-7.0.7-50.9.2
php7-opcache-7.0.7-50.9.2
php7-opcache-debuginfo-7.0.7-50.9.2
php7-openssl-7.0.7-50.9.2
php7-openssl-debuginfo-7.0.7-50.9.2
php7-pcntl-7.0.7-50.9.2
php7-pcntl-debuginfo-7.0.7-50.9.2
php7-pdo-7.0.7-50.9.2
php7-pdo-debuginfo-7.0.7-50.9.2
php7-pgsql-7.0.7-50.9.2
php7-pgsql-debuginfo-7.0.7-50.9.2
php7-phar-7.0.7-50.9.2
php7-phar-debuginfo-7.0.7-50.9.2
php7-posix-7.0.7-50.9.2
php7-posix-debuginfo-7.0.7-50.9.2
php7-pspell-7.0.7-50.9.2
php7-pspell-debuginfo-7.0.7-50.9.2
php7-shmop-7.0.7-50.9.2
php7-shmop-debuginfo-7.0.7-50.9.2
php7-snmp-7.0.7-50.9.2
php7-snmp-debuginfo-7.0.7-50.9.2
php7-soap-7.0.7-50.9.2
php7-soap-debuginfo-7.0.7-50.9.2
php7-sockets-7.0.7-50.9.2
php7-sockets-debuginfo-7.0.7-50.9.2
php7-sqlite-7.0.7-50.9.2
php7-sqlite-debuginfo-7.0.7-50.9.2
php7-sysvmsg-7.0.7-50.9.2
php7-sysvmsg-debuginfo-7.0.7-50.9.2
php7-sysvsem-7.0.7-50.9.2
php7-sysvsem-debuginfo-7.0.7-50.9.2
php7-sysvshm-7.0.7-50.9.2
php7-sysvshm-debuginfo-7.0.7-50.9.2
php7-tokenizer-7.0.7-50.9.2
php7-tokenizer-debuginfo-7.0.7-50.9.2
php7-wddx-7.0.7-50.9.2
php7-wddx-debuginfo-7.0.7-50.9.2
php7-xmlreader-7.0.7-50.9.2
php7-xmlreader-debuginfo-7.0.7-50.9.2
php7-xmlrpc-7.0.7-50.9.2
php7-xmlrpc-debuginfo-7.0.7-50.9.2
php7-xmlwriter-7.0.7-50.9.2
php7-xmlwriter-debuginfo-7.0.7-50.9.2
php7-xsl-7.0.7-50.9.2
php7-xsl-debuginfo-7.0.7-50.9.2
php7-zip-7.0.7-50.9.2
php7-zip-debuginfo-7.0.7-50.9.2
php7-zlib-7.0.7-50.9.2
php7-zlib-debuginfo-7.0.7-50.9.2

– SUSE Linux Enterprise Module for Web Scripting 12 (noarch):

php7-pear-7.0.7-50.9.2
php7-pear-Archive_Tar-7.0.7-50.9.2

References:

https://www.suse.com/security/cve/CVE-2016-10397.html
https://www.suse.com/security/cve/CVE-2016-5766.html
https://www.suse.com/security/cve/CVE-2017-11142.html
https://www.suse.com/security/cve/CVE-2017-11144.html
https://www.suse.com/security/cve/CVE-2017-11145.html
https://www.suse.com/security/cve/CVE-2017-11146.html
https://www.suse.com/security/cve/CVE-2017-11147.html
https://www.suse.com/security/cve/CVE-2017-11628.html
https://www.suse.com/security/cve/CVE-2017-7890.html
https://bugzilla.suse.com/1047454
https://bugzilla.suse.com/1048094
https://bugzilla.suse.com/1048096
https://bugzilla.suse.com/1048100
https://bugzilla.suse.com/1048111
https://bugzilla.suse.com/1048112
https://bugzilla.suse.com/1050241
https://bugzilla.suse.com/1050726
https://bugzilla.suse.com/1052389
https://bugzilla.suse.com/1053645
https://bugzilla.suse.com/986386


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2286-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2286-1
Rating: important
References: #1005778 #1006180 #1011913 #1012829 #1013887
#1015337 #1015342 #1016119 #1019151 #1019695
#1020645 #1022476 #1022600 #1022604 #1023175
#1024346 #1024373 #1025461 #1026570 #1028173
#1028286 #1029693 #1030552 #1031515 #1031717
#1031784 #1033587 #1034075 #1034113 #1034762
#1036215 #1036632 #1037344 #1037404 #1037838
#1037994 #1038078 #1038616 #1038792 #1039153
#1039348 #1039915 #1040307 #1040347 #1040351
#1041958 #1042257 #1042286 #1042314 #1042422
#1042778 #1043261 #1043347 #1043520 #1043598
#1043652 #1043805 #1043912 #1044112 #1044443
#1044623 #1044636 #1045154 #1045293 #1045330
#1045404 #1045563 #1045596 #1045709 #1045715
#1045866 #1045922 #1045937 #1046105 #1046170
#1046434 #1046651 #1046655 #1046682 #1046821
#1046985 #1047027 #1047048 #1047096 #1047118
#1047121 #1047152 #1047174 #1047277 #1047343
#1047354 #1047418 #1047506 #1047595 #1047651
#1047653 #1047670 #1047802 #1048146 #1048155
#1048221 #1048317 #1048348 #1048356 #1048421
#1048451 #1048501 #1048891 #1048912 #1048914
#1048916 #1048919 #1049231 #1049289 #1049298
#1049361 #1049483 #1049486 #1049603 #1049619
#1049645 #1049706 #1049882 #1050061 #1050188
#1050211 #1050320 #1050322 #1050677 #1051022
#1051048 #1051059 #1051239 #1051399 #1051471
#1051478 #1051479 #1051556 #1051663 #1051689
#1051979 #1052049 #1052223 #1052311 #1052325
#1052365 #1052442 #1052533 #1052709 #1052773
#1052794 #1052899 #1052925 #1053043 #1053117
#964063 #974215 #998664
Cross-References: CVE-2017-1000111 CVE-2017-1000112 CVE-2017-10810
CVE-2017-11473 CVE-2017-7533 CVE-2017-7541
CVE-2017-7542 CVE-2017-8831
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Live Patching 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

An update that solves 8 vulnerabilities and has 150 fixes
is now available.

Continue reading “SUSE-SU-2017:2286-1: important: Security update for the Linux Kernel”

openSUSE-SU-2017:2289-1: important: Security update for exim

openSUSE Security Update: Security update for exim
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2289-1
Rating: important
References: #1015930 #1044692 #1046971
Cross-References: CVE-2016-1531 CVE-2016-9963 CVE-2017-1000369

Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________

Continue reading “openSUSE-SU-2017:2289-1: important: Security update for exim”

SUSE-SU-2017:2280-1: important: Security update for java-1_7_1-ibm

SUSE Security Update: Security update for java-1_7_1-ibm
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2280-1
Rating: important
References: #1053431
Cross-References: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074
CVE-2017-10081 CVE-2017-10087 CVE-2017-10089
CVE-2017-10090 CVE-2017-10096 CVE-2017-10101
CVE-2017-10102 CVE-2017-10105 CVE-2017-10107
CVE-2017-10108 CVE-2017-10109 CVE-2017-10110
CVE-2017-10111 CVE-2017-10115 CVE-2017-10116
CVE-2017-10125 CVE-2017-10243
Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Server 12-SP1-LTSS
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that fixes 20 vulnerabilities is now available.

Description:

This update for java-1_7_1-ibm fixes the following issues:

– Version update to 7.1-4.10 [bsc#1053431]
* CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101
CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087
CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115
CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109
CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple
unspecified vulnerabilities in multiple Java components could lead to
code execution or sandbox escape

More information can be found here:

Security Vulnerabilities

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE OpenStack Cloud 6:

zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1395=1

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1395=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1395=1

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1395=1

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1395=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1395=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1395=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1395=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1395=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE OpenStack Cloud 6 (x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Software Development Kit 12-SP3 (ppc64le s390x x86_64):

java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64):

java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP3 (ppc64le s390x x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP3 (x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP2 (ppc64le s390x x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP2 (x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5.1

References:

https://www.suse.com/security/cve/CVE-2017-10053.html
https://www.suse.com/security/cve/CVE-2017-10067.html
https://www.suse.com/security/cve/CVE-2017-10074.html
https://www.suse.com/security/cve/CVE-2017-10081.html
https://www.suse.com/security/cve/CVE-2017-10087.html
https://www.suse.com/security/cve/CVE-2017-10089.html
https://www.suse.com/security/cve/CVE-2017-10090.html
https://www.suse.com/security/cve/CVE-2017-10096.html
https://www.suse.com/security/cve/CVE-2017-10101.html
https://www.suse.com/security/cve/CVE-2017-10102.html
https://www.suse.com/security/cve/CVE-2017-10105.html
https://www.suse.com/security/cve/CVE-2017-10107.html
https://www.suse.com/security/cve/CVE-2017-10108.html
https://www.suse.com/security/cve/CVE-2017-10109.html
https://www.suse.com/security/cve/CVE-2017-10110.html
https://www.suse.com/security/cve/CVE-2017-10111.html
https://www.suse.com/security/cve/CVE-2017-10115.html
https://www.suse.com/security/cve/CVE-2017-10116.html
https://www.suse.com/security/cve/CVE-2017-10125.html
https://www.suse.com/security/cve/CVE-2017-10243.html
https://bugzilla.suse.com/1053431


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2281-1: important: Security update for java-1_7_1-ibm

SUSE Security Update: Security update for java-1_7_1-ibm
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2281-1
Rating: important
References: #1053431
Cross-References: CVE-2017-10053 CVE-2017-10067 CVE-2017-10074
CVE-2017-10081 CVE-2017-10087 CVE-2017-10089
CVE-2017-10090 CVE-2017-10096 CVE-2017-10101
CVE-2017-10102 CVE-2017-10105 CVE-2017-10107
CVE-2017-10108 CVE-2017-10109 CVE-2017-10110
CVE-2017-10111 CVE-2017-10115 CVE-2017-10116
CVE-2017-10125 CVE-2017-10243
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
______________________________________________________________________________

An update that fixes 20 vulnerabilities is now available.

Description:

This update for java-1_7_1-ibm fixes the following issues:

– Version update to 7.1-4.10 [bsc#1053431]
* CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101
CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087
CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115
CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109
CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple
unspecified vulnerabilities in multiple Java components could lead to
code execution or sandbox escape

More information can be found here:

Security Vulnerabilities


July_18_2017_CPU

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-java-1_7_1-ibm-13248=1

– SUSE Linux Enterprise Server 11-SP4:

zypper in -t patch slessp4-java-1_7_1-ibm-13248=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64):

java-1_7_1-ibm-devel-1.7.1_sr4.10-26.5.1

– SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390x x86_64):

java-1_7_1-ibm-1.7.1_sr4.10-26.5.1
java-1_7_1-ibm-jdbc-1.7.1_sr4.10-26.5.1

– SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):

java-1_7_1-ibm-alsa-1.7.1_sr4.10-26.5.1
java-1_7_1-ibm-plugin-1.7.1_sr4.10-26.5.1

References:

https://www.suse.com/security/cve/CVE-2017-10053.html
https://www.suse.com/security/cve/CVE-2017-10067.html
https://www.suse.com/security/cve/CVE-2017-10074.html
https://www.suse.com/security/cve/CVE-2017-10081.html
https://www.suse.com/security/cve/CVE-2017-10087.html
https://www.suse.com/security/cve/CVE-2017-10089.html
https://www.suse.com/security/cve/CVE-2017-10090.html
https://www.suse.com/security/cve/CVE-2017-10096.html
https://www.suse.com/security/cve/CVE-2017-10101.html
https://www.suse.com/security/cve/CVE-2017-10102.html
https://www.suse.com/security/cve/CVE-2017-10105.html
https://www.suse.com/security/cve/CVE-2017-10107.html
https://www.suse.com/security/cve/CVE-2017-10108.html
https://www.suse.com/security/cve/CVE-2017-10109.html
https://www.suse.com/security/cve/CVE-2017-10110.html
https://www.suse.com/security/cve/CVE-2017-10111.html
https://www.suse.com/security/cve/CVE-2017-10115.html
https://www.suse.com/security/cve/CVE-2017-10116.html
https://www.suse.com/security/cve/CVE-2017-10125.html
https://www.suse.com/security/cve/CVE-2017-10243.html
https://bugzilla.suse.com/1053431


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2294-1: important: Security update for quagga

SUSE Security Update: Security update for quagga
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2294-1
Rating: important
References: #1005258 #1021669 #1034273
Cross-References: CVE-2016-1245 CVE-2017-5495
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
______________________________________________________________________________

An update that solves two vulnerabilities and has one
errata is now available.

Description:

This update provides Quagga 1.1.1, which brings several fixes and
enhancements.

Security issues fixed:

– CVE-2017-5495: Telnet ‘vty’ interface DoS due to unbounded memory
allocation. (bsc#1021669)
– CVE-2016-1245: Stack overrun in IPv6 RA receive code. (bsc#1005258)

Bug fixes:

– Do not enable zebra’s TCP interface (port 2600) to use default UNIX
socket for communication between the daemons. (fate#323170)

Between 0.99.22.1 and 1.1.1 the following improvements have been
implemented:

– Changed the default of ‘link-detect’ state, controlling whether zebra
will respond to link-state events and consider an interface to be down
when link is down. To retain the current behavior save your config
before updating, otherwise remove the ‘link-detect’ flag from your
config prior to updating. There is also a new global ‘default
link-detect (on|off)’ flag to configure the global default.
– Greatly improved nexthop resolution for recursive routes.
– Event driven nexthop resolution for BGP.
– Route tags support.
– Transport of TE related metrics over OSPF, IS-IS.
– IPv6 Multipath for zebra and BGP.
– Multicast RIB support has been extended. It still is IPv4 only.
– RIP for IPv4 now supports equal-cost multipath (ECMP).
– route-maps have a new action “set ipv6 next-hop peer-address”.
– route-maps have a new action “set as-path prepend last-as”.
– “next-hop-self all” to override nexthop on iBGP route reflector setups.
– New pimd daemon provides IPv4 PIM-SSM multicast routing.
– IPv6 address management has been improved regarding tentative addresses.
This is visible in that a freshly configured address will not
immediately be marked as usable.
– Recursive route support has been overhauled. Scripts parsing “show ip
route” output may need adaptation.
– A large amount of changes has been merged for ospf6d. Careful evaluation
prior to deployment is recommended.
– Multiprotocol peerings over IPv6 now try to find a more appropriate IPv4
nexthop by looking at the interface.
– Relaxed bestpath criteria for multipath and improved display of
multipath routes in “show ip bgp”. Scripts parsing this output may need
to be updated.
– Support for iBGP TTL security.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1407=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1407=1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1407=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1407=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1407=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

quagga-debuginfo-1.1.1-17.3.3
quagga-debugsource-1.1.1-17.3.3
quagga-devel-1.1.1-17.3.3

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

quagga-debuginfo-1.1.1-17.3.3
quagga-debugsource-1.1.1-17.3.3
quagga-devel-1.1.1-17.3.3

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

libfpm_pb0-1.1.1-17.3.3
libfpm_pb0-debuginfo-1.1.1-17.3.3
libospf0-1.1.1-17.3.3
libospf0-debuginfo-1.1.1-17.3.3
libospfapiclient0-1.1.1-17.3.3
libospfapiclient0-debuginfo-1.1.1-17.3.3
libquagga_pb0-1.1.1-17.3.3
libquagga_pb0-debuginfo-1.1.1-17.3.3
libzebra1-1.1.1-17.3.3
libzebra1-debuginfo-1.1.1-17.3.3
quagga-1.1.1-17.3.3
quagga-debuginfo-1.1.1-17.3.3
quagga-debugsource-1.1.1-17.3.3

– SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

libfpm_pb0-1.1.1-17.3.3
libfpm_pb0-debuginfo-1.1.1-17.3.3
libospf0-1.1.1-17.3.3
libospf0-debuginfo-1.1.1-17.3.3
libospfapiclient0-1.1.1-17.3.3
libospfapiclient0-debuginfo-1.1.1-17.3.3
libquagga_pb0-1.1.1-17.3.3
libquagga_pb0-debuginfo-1.1.1-17.3.3
libzebra1-1.1.1-17.3.3
libzebra1-debuginfo-1.1.1-17.3.3
quagga-1.1.1-17.3.3
quagga-debuginfo-1.1.1-17.3.3
quagga-debugsource-1.1.1-17.3.3

– SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

libfpm_pb0-1.1.1-17.3.3
libfpm_pb0-debuginfo-1.1.1-17.3.3
libospf0-1.1.1-17.3.3
libospf0-debuginfo-1.1.1-17.3.3
libospfapiclient0-1.1.1-17.3.3
libospfapiclient0-debuginfo-1.1.1-17.3.3
libquagga_pb0-1.1.1-17.3.3
libquagga_pb0-debuginfo-1.1.1-17.3.3
libzebra1-1.1.1-17.3.3
libzebra1-debuginfo-1.1.1-17.3.3
quagga-1.1.1-17.3.3
quagga-debuginfo-1.1.1-17.3.3
quagga-debugsource-1.1.1-17.3.3

References:

https://www.suse.com/security/cve/CVE-2016-1245.html
https://www.suse.com/security/cve/CVE-2017-5495.html
https://bugzilla.suse.com/1005258
https://bugzilla.suse.com/1021669
https://bugzilla.suse.com/1034273


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2229-1: important: Security update for GraphicsMagick

SUSE Security Update: Security update for GraphicsMagick
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2229-1
Rating: important
References: #1036985 #1042826 #1043289 #1049072 #1050611
#1050674
Cross-References: CVE-2017-11403 CVE-2017-11636 CVE-2017-11643
CVE-2017-8350 CVE-2017-9439 CVE-2017-9501

Affected Products:
SUSE Studio Onsite 1.3
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

– CVE-2017-8350: The PNG/JNG decoder recieved an incremental fix, fixing
some related issues in the same code. (bsc#1036985)
– CVE-2017-9439: A memory leak was found in the function ReadPDBImage
incoders/pdb.c (bsc#1042826)
– CVE-2017-9501: An assertion failure could cause a denial of service via
a crafted file (bsc#1043289)
– CVE-2017-11403: The ReadMNGImage function in coders/png.c has an
out-of-order CloseBlob call, resulting in a use-after-free via a crafted
file (bsc#1049072)
– CVE-2017-11643: A heap overflow in WriteCMYKImage()function in
coders/cmyk.c was fixed (bsc#1050611)
– CVE-2017-11636: A heap overflow in WriteRGBImage() in coders/rgb.c was
fixed (bsc#1050674)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Studio Onsite 1.3:

zypper in -t patch slestso13-GraphicsMagick-13236=1

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-GraphicsMagick-13236=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-GraphicsMagick-13236=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Studio Onsite 1.3 (x86_64):

GraphicsMagick-1.2.5-4.78.9.1
libGraphicsMagick2-1.2.5-4.78.9.1

– SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):

GraphicsMagick-1.2.5-4.78.9.1
libGraphicsMagick2-1.2.5-4.78.9.1
perl-GraphicsMagick-1.2.5-4.78.9.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

GraphicsMagick-debuginfo-1.2.5-4.78.9.1
GraphicsMagick-debugsource-1.2.5-4.78.9.1

References:

https://www.suse.com/security/cve/CVE-2017-11403.html
https://www.suse.com/security/cve/CVE-2017-11636.html
https://www.suse.com/security/cve/CVE-2017-11643.html
https://www.suse.com/security/cve/CVE-2017-8350.html
https://www.suse.com/security/cve/CVE-2017-9439.html
https://www.suse.com/security/cve/CVE-2017-9501.html
https://bugzilla.suse.com/1036985
https://bugzilla.suse.com/1042826
https://bugzilla.suse.com/1043289
https://bugzilla.suse.com/1049072
https://bugzilla.suse.com/1050611
https://bugzilla.suse.com/1050674


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2237-1: important: Security update for samba and resource-agents

SUSE Security Update: Security update for samba and resource-agents
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2237-1
Rating: important
References: #1048278 #1048339 #1048352 #1048387 #1048790
#1052577 #1054017
Cross-References: CVE-2017-11103
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update provides Samba 4.6.7, which fixes the following issues:

– CVE-2017-11103: Metadata were being taken from the unauthenticated
plaintext (the Ticket) rather than the authenticated and encrypted KDC
response. (bsc#1048278)
– Fix cephwrap_chdir(). (bsc#1048790)
– Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb.
(bsc#1048339)
– Fix inconsistent ctdb socket path. (bsc#1048352)
– Fix non-admin cephx authentication. (bsc#1048387)
– CTDB cannot start when there is no persistent database. (bsc#1052577)

The CTDB resource agent was also fixed to not fail when the database is
empty.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1367=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1367=1

– SUSE Linux Enterprise High Availability 12-SP3:

zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1367=1

– SUSE Linux Enterprise Desktop 12-SP3:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1367=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

libsmbclient-devel-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient-devel-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

libdcerpc-binding0-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc-binding0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise Server 12-SP3 (s390x x86_64):

libdcerpc-binding0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc-binding0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise Server 12-SP3 (noarch):

samba-doc-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):

ctdb-4.6.7+git.38.90b2cdb4f22-3.7.1
ctdb-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
ldirectord-4.0.1+git.1495055229.643177f1-2.4.2
resource-agents-4.0.1+git.1495055229.643177f1-2.4.2
resource-agents-debuginfo-4.0.1+git.1495055229.643177f1-2.4.2
resource-agents-debugsource-4.0.1+git.1495055229.643177f1-2.4.2
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise High Availability 12-SP3 (noarch):

monitoring-plugins-metadata-4.0.1+git.1495055229.643177f1-2.4.2

– SUSE Linux Enterprise Desktop 12-SP3 (noarch):

samba-doc-4.6.7+git.38.90b2cdb4f22-3.7.1

– SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

libdcerpc-binding0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc-binding0-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc-binding0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc-binding0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libdcerpc0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-krb5pac0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-nbt0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr-standard0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libndr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libnetapi0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-credentials0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-errors0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-hostconfig0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-passdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamba-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsamdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbconf0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libsmbldap0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libtevent-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
libwbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-client-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-libs-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.7.1
samba-winbind-debuginfo-4.6.7+git.38.90b2cdb4f22-3.7.1

References:

https://www.suse.com/security/cve/CVE-2017-11103.html
https://bugzilla.suse.com/1048278
https://bugzilla.suse.com/1048339
https://bugzilla.suse.com/1048352
https://bugzilla.suse.com/1048387
https://bugzilla.suse.com/1048790
https://bugzilla.suse.com/1052577
https://bugzilla.suse.com/1054017


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

CEBA-2017:2506 CentOS 6 dhcp BugFix Update

CentOS Errata and Bugfix Advisory 2017:2506

Upstream details at : https://access.redhat.com/errata/RHBA-2017:2506

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
31d4b1e77ecd473cfae41fbf4216158cc9b923d553556d412e637ff2fa8cec47 dhclient-4.1.1-53.P1.el6.centos.1.i686.rpm
c35277ba2644e77feb9984275cd871a9e632e0392b9d332e0a85827e7906d1aa dhcp-4.1.1-53.P1.el6.centos.1.i686.rpm
d35c82ff2e3d02889531fd6adb737c11890758c2252ad1cc85f11cd871a4e24a dhcp-common-4.1.1-53.P1.el6.centos.1.i686.rpm
9a0feab0407cb62c42d6e3d2488a0ec9a00c1812117bf9ff591742b3f578fc3c dhcp-devel-4.1.1-53.P1.el6.centos.1.i686.rpm

x86_64:
1a5b9ef938292a1b272db6a52a341cb4cf470d78c9ee44b999b66837797a1c5c dhclient-4.1.1-53.P1.el6.centos.1.x86_64.rpm
069cbc470f4d064b759f1573f74102667aae852b3efc7c3999f5322f3f559e16 dhcp-4.1.1-53.P1.el6.centos.1.x86_64.rpm
6570ee68e9333cbf9698863b2ce4b90f3bd3135c27b537e78d0506b7673a4792 dhcp-common-4.1.1-53.P1.el6.centos.1.x86_64.rpm
9a0feab0407cb62c42d6e3d2488a0ec9a00c1812117bf9ff591742b3f578fc3c dhcp-devel-4.1.1-53.P1.el6.centos.1.i686.rpm
27b4ec55bae530671a45a52a54c84c175cb5d7d2169ac0a5b465ec9ea2b15f31 dhcp-devel-4.1.1-53.P1.el6.centos.1.x86_64.rpm

Source:
904fbae9672602a5e167a228ea712b71460e2a1f705ef0922b5bbec9559dd9cf dhcp-4.1.1-53.P1.el6.centos.1.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CEEA-2017:2500 CentOS 6 unbound Enhancement Update

CentOS Errata and Enhancement Advisory 2017:2500

Upstream details at : https://access.redhat.com/errata/RHEA-2017:2500

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
2fac524811e1dbf01a6cd6bd931d4628a5adba2d20d0cd97f0cb342ea064b8b3 unbound-1.4.20-23.el6_9.4.i686.rpm
ed1ce6f7b787138dd29af1064ce5046fa6fa49c0849f6facf1cc683ec1c61cdb unbound-devel-1.4.20-23.el6_9.4.i686.rpm
929982cc3197d5bfa6b770bace24e395a14ec98ff4e4db3377da3a2c29db32cf unbound-libs-1.4.20-23.el6_9.4.i686.rpm
46e553a20ee09820c08415a89ad3a5be5c978c1794ca2419caf913737183dd02 unbound-python-1.4.20-23.el6_9.4.i686.rpm

x86_64:
b870310bbc3ed3d0386e25b3bf72be92d256032c2c272a5ac3e94d109fddb661 unbound-1.4.20-23.el6_9.4.x86_64.rpm
ed1ce6f7b787138dd29af1064ce5046fa6fa49c0849f6facf1cc683ec1c61cdb unbound-devel-1.4.20-23.el6_9.4.i686.rpm
cd93e772f13decfbcd5ee60ead21d04d7a734a22370b1c83e185f75ab2465d07 unbound-devel-1.4.20-23.el6_9.4.x86_64.rpm
929982cc3197d5bfa6b770bace24e395a14ec98ff4e4db3377da3a2c29db32cf unbound-libs-1.4.20-23.el6_9.4.i686.rpm
b9991f293eddceba22b2cd66e15f451ddb4338fb3fcf1811f728fc640dcf4074 unbound-libs-1.4.20-23.el6_9.4.x86_64.rpm
46e553a20ee09820c08415a89ad3a5be5c978c1794ca2419caf913737183dd02 unbound-python-1.4.20-23.el6_9.4.i686.rpm
73f0e380f4a8e9e75439325e0ed9cb3371fecdbaaea6ae1fa6e4485f1f0d4797 unbound-python-1.4.20-23.el6_9.4.x86_64.rpm

Source:
5e5a69b22ec6f36c6c3263d665855e11ee7c28cf339120ae15d16bcc45cf9eec unbound-1.4.20-23.el6_9.4.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CEBA-2017:2501 CentOS 6 acl BugFix Update

CentOS Errata and Bugfix Advisory 2017:2501

Upstream details at : https://access.redhat.com/errata/RHBA-2017:2501

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
56c8bd71d132223a86492533476fe9ff37c5ba7c09e21b5927a9efd5b2d717dd acl-2.2.49-7.el6_9.1.i686.rpm
fdd9e75884a47e8ef4ebc8552e907cd27405f6e9efbb2be773dcae07c01fc294 libacl-2.2.49-7.el6_9.1.i686.rpm
48295e81557752bcce96dd7271fe5234560db841fe309a732a7e5810323e209c libacl-devel-2.2.49-7.el6_9.1.i686.rpm

x86_64:
3afaabd15713abab6adc5033f35b9db225e792d651e42199d59c8444695893a5 acl-2.2.49-7.el6_9.1.x86_64.rpm
fdd9e75884a47e8ef4ebc8552e907cd27405f6e9efbb2be773dcae07c01fc294 libacl-2.2.49-7.el6_9.1.i686.rpm
2d2bb216ec706020dd82ddb7f0971d799161d3e7fb35937e14eb1a77a8c183e0 libacl-2.2.49-7.el6_9.1.x86_64.rpm
48295e81557752bcce96dd7271fe5234560db841fe309a732a7e5810323e209c libacl-devel-2.2.49-7.el6_9.1.i686.rpm
32b91ef60f2813d8275e0b87dd8193efcc515f71a8fdc54f306ee334bc55ab95 libacl-devel-2.2.49-7.el6_9.1.x86_64.rpm

Source:
5ce6a3887fb3a2026f08ba2dcfe43861c564fdcf2ba330d70701abb25f4a2a19 acl-2.2.49-7.el6_9.1.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce