New Check_MK stable release 1.4.0p15

Dear friends of Check_MK,

the new stable release 1.4.0p15 of Check_MK is ready for download.

This maintenance release ships with 5 changes affecing all editions of Chec=
k_MK,
1 Enterprise Edition specific changes and 0 Managed Services Edition specif=
ic changes.

The most important fix is werk 5234 that fixes an issue affecing the Enterp=
rise
Edition. The problem caused unexpected behaviours in the Check_MK check hel=
pers
in 1.4.0p14 after config reloads. CEE users of the 1.4.0p14 are recommended=
to update
to this release.

Changes in all Check_MK Editions:

WATO:
* 5391 FIX: Removed CEE specific broken link from host edit page (CRE)
* 5362 FIX: Fixed possible exception on global settings page related to “di=
skspace cleanup”
* 5389 FIX: Fixed disabling services via discovery page when a host rule ex=
ists in wrong folder

Checks & agents:
* 5234 FIX: Fixed recently introduced issue with non working WATO rules
* 5379 FIX: Allow Windows logfiles to be monitored without monitoring also =
eventlog

Other components:
* 5388 FIX: Dokuwiki: Fixed missing page edit dialog toolbar when using SLES

Changes in the Check_MK Enterprise Edition:

NO CHANGES

Changes in the Check_MK Managed Services Edition:

NO CHANGES

You can download Check_MK from our download page:
* http://mathias-kettner.de/check_mk_download.html

Please mail bug reports and qualified feedback to feedback@check-mk.org.
We greatly thank you for using Check_MK and wish you a successful monitorin=
g,

Your Check_MK Team

— =

Mathias Kettner GmbH
Kellerstra=DFe 29, 81667 M=FCnchen, Germany
Registergericht: Amtsgericht M=FCnchen, HRB 165902
Gesch=E4ftsf=FChrer: Mathias Kettner
http://mathias-kettner.de
Tel. +49 89 1890 435-0
Fax. +49 89 1890 435-29

_______________________________________________
Checkmk-announce mailing list
Checkmk-announce@lists.mathias-kettner.de
http://lists.mathias-kettner.de/mailman/listinfo/checkmk-announce

OPNsense 17.7.5 image refresh

SGkgYWxsLAoKV2UgYXJlIGhhcHB5IHRvIGFubm91bmNlIHRoZSBpbW1lZGlhdGUgYXZhaWxhYmls
aXR5IG9mIHRoZSByZW5ld2VkCk9QTnNlbnNlIDE3LjcgaW1hZ2VzIGJhc2VkIG9uIHZlcnNpb24g
MTcuNy41LiAgQXBhcnQgZnJvbSB0aGUKbnVtZXJvdXMgaW1wcm92ZW1lbnRzIHNpbmNlIHRoZSBp
bml0aWFsIHJlbGVhc2UsIHRoZSBpbWFnZXMgY29udGFpbgphbiBhZGRpdGlvbiBmb3Igc2luZ2xl
IGludGVyZmFjZXMgU1NIIGluc3RhbGxlciBzY2VuYXJpb3MgYXMgd2VsbAphcyBhbiBQUFBvRSBt
dWx0aS1BUCBrZXJuZWwgcGF0Y2guICBBbmQgZHVlIHRvIHBvcHVsYXIgZGVtYW5kIHRoZQpkeW5h
bWljIEROUyBwbHVnaW4gbm93IGNvbWVzIHByZWluc3RhbGxlZCwgc29tZXRoaW5nIHdlIG1pc3Nl
ZCBpbgp0aGUgb3JpZ2luYWwgMTcuNyBwbHVnaW4gY29udmVyc2lvbiBwcm9jZXNzLgoKRm9yIGFs
bW9zdCAzIHllYXJzIG5vdywgT1BOc2Vuc2UgaXMgZHJpdmluZyBpbm5vdmF0aW9uIHRocm91Z2gK
bW9kdWxhcmlzaW5nIGFuZCBoYXJkZW5pbmcgdGhlIGNvZGUgYmFzZSwgcXVpY2sgYW5kIHJlbGlh
YmxlCmZpcm13YXJlIHVwZ3JhZGVzLCBtdWx0aS1sYW5ndWFnZSBzdXBwb3J0LCBmYXN0IGFkb3B0
aW9uIG9mCnVwc3RyZWFtIHNvZnR3YXJlIHVwZGF0ZXMgYXMgd2VsbCBhcyBjbGVhciBhbmQgc3Rh
YmxlIDItQ2xhdXNlCkJTRCBsaWNlbnNpbmcuCgpXZSB3b3VsZCBhbHNvIGxpa2UgdG8gdXNlIHRo
aXMgb3Bwb3J0dW5pdHkgdG8gcmVtaW5kIGV2ZXJ5b25lCnRoYXQgT1BOc2Vuc2UgaXMgYW5kIGFs
d2F5cyB3aWxsIGJlIGZyZWUgc29mdHdhcmUuICBBbGwgb2YgaXRzCnNvdXJjZSBjb2RlIGFuZCBh
c3NvY2lhdGVkIGJ1aWxkIHRvb2xzIGNhbiBiZSBmb3VuZCBoZXJlOgoKaHR0cHM6Ly9naXRodWIu
Y29tL29wbnNlbnNlCgpEb3dubG9hZCBsaW5rcywgYW4gaW5zdGFsbGF0aW9uIGd1aWRlLCB0aGUg
ZnVsbCBsaXN0IG9mIGNoYW5nZXMKYW5kIHRoZSBjaGVja3N1bXMgZm9yIHRoZSBpbWFnZXMgY2Fu
IGJlIGZvdW5kIGJlbG93LgoKRG93bmxvYWQgTG9jYXRpb25zCgpvIEV1cm9wZTogaHR0cHM6Ly9v
cG5zZW5zZS5jMHVyaWVyLm5ldC9yZWxlYXNlcy8xNy43LwpvIFVTIEVhc3QgQ29hc3Q6IGh0dHA6
Ly9taXJyb3JzLm55Y2J1Zy5vcmcvcHViL29wbnNlbnNlL3JlbGVhc2VzLzE3LjcvCm8gVVMgV2Vz
dCBDb2FzdDogaHR0cHM6Ly9taXJyb3Iuc2ZvMTIudXMubGVhc2V3ZWIubmV0L29wbnNlbnNlL3Jl
bGVhc2VzLzE3LjcvCm8gU291dGggQW1lcmljYTogaHR0cDovL21pcnJvci51cGIuZWR1LmNvL29w
bnNlbnNlL3JlbGVhc2VzLzE3LjcvCm8gU291dGgtRWFzdCBBc2lhOiBodHRwczovL2Z0cC55enUu
ZWR1LnR3L29wbnNlbnNlL3JlbGVhc2VzLzE3LjcvCm8gRnVsbCBtaXJyb3IgbGlzdDogaHR0cHM6
Ly9vcG5zZW5zZS5vcmcvZG93bmxvYWQvCgpJbnN0YWxsIEluc3RydWN0aW9ucwoKVGhlIGJvb3Qg
cHJvY2VzcyBnaXZlcyB5b3UgdGhlIG9wcG9ydHVuaXR5IHRvIHJ1biBzZXZlcmFsCm9wdGlvbmFs
IGNvbmZpZ3VyYXRpb24gc3RlcHMuICBJdCBoYXMgYmVlbiBkZXNpZ25lZCB0byBhbHdheXMKYm9v
dCBpbnRvIGEgbGl2ZSBlbnZpcm9ubWVudCBpbiBvcmRlciB0byBiZSBhYmxlIHRvIGFjY2VzcyB0
aGUKR1VJIG9yIGV2ZW4gU1NIIGRpcmVjdGx5LiAgSWYgYSB0aW1lb3V0IHdhcyBtaXNzZWQgc2lt
cGx5CnJlc3RhcnQgdGhlIGJvb3QgcHJvY2VkdXJlLgoKQWxsIGltYWdlcyBmZWF0dXJlIHRoZSBu
ZXcgIm9wbnNlbnNlLWltcG9ydGVyIiB1dGlsaXR5LCB3aGljaAppcyBub3cgaW52b2tlZCBpbnN0
ZWFkIG9mIHRoZSBlYXJseSBpbnN0YWxsZXIuICBZb3UgY2FuIHN0b3AKdGhlIGF1dG9tYXRpYyB0
aW1lb3V0IGJ5IHByZXNzaW5nIGFueSBrZXkuICBBZnRlcndhcmRzIHlvdSB3aWxsCmhhdmUgdGhl
IG9wcG9ydHVuaXR5IHRvIHNlbGVjdCBhIGRpc2sgdG8gaW1wb3J0IGZyb20uICBJZiB0aGUKb3B0
aW9uIHRpbWVzIG91dCBvciB0aGUgaW1wb3J0ZXIgaXMgZXhpdGVkIHdpdGhvdXQgYSBkaXNrCnNl
bGVjdGlvbiwgdGhlIGZhY3RvcnkgZGVmYXVsdHMgd2lsbCBiZSB1c2VkIGZvciB0aGUgYm9vdC4K
ClRoZSBuZXh0IHByb21wdCB3aWxsIGJlIGZvciBtYW51YWwgaW50ZXJmYWNlIHNlbGVjdGlvbi4K
VGhpcyBzdGVwIGlzIHdlbGwtZXN0YWJsaXNoZWQgc2luY2UgT1BOc2Vuc2UgMTUuNy4KClRoZSBz
eXN0ZW0gd2lsbCB0aGVuIGNvbnRpbnVlIGludG8gYSBsaXZlIGVudmlyb25tZW50LiAgSWYgdGhl
CmNvbmZpZyBpbXBvcnRlciB3YXMgdXNlZCBwcmV2aW91c2x5IG9uIGFuIGV4aXN0aW5nIGluc3Rh
bGxhdGlvbiwKdGhlIHN5c3RlbSB3aWxsIGJvb3QgdXAgd2l0aCBhIGZ1bGx5IGZ1bmN0aW9uYWwg
c2V0dXAsIGJ1dCB3aWxsCm5vdCBvdmVyd3JpdGUgdGhlIHByZXZpb3VzIGluc3RhbGxhdGlvbi4g
VXNlIHRoaXMgZmVhdHVyZSBmb3IKc2FmZWx5IHByZXZpZXdpbmcgdXBncmFkZXMuCgpJZiB5b3Ug
aGF2ZSB1c2VkIGEgQ0QtUk9NLCBWR0EsIFNlcmlhbCBpbWFnZSB3aXRob3V0IGEgY29uZmlnCmlt
cG9ydCB5b3UgYXJlIGJ5IGRlZmF1bHQgYWJsZSB0byAoYSkgbG9nIGludG8gdGhlIHJvb3Qgc2hl
bGwKdXNpbmcgdGhlIHVzZXIgInJvb3QiIHdpdGggcGFzc3dvcmQgIm9wbnNlbnNlIiwgb3IgKGIp
IGxvZyBpbnRvCnRoZSBpbnN0YWxsZXIgdXNpbmcgdGhlIHVzZXIgImluc3RhbGxlciIgd2l0aCBw
YXNzd29yZCAib3Buc2Vuc2UiLgpUaGUgR1VJIHdpbGwgbGlzdGVuIG9uIGh0dHBzOi8vMTkyLjE2
OC4xLjEvIGZvciB1c2VyICJyb290IiB3aXRoCnBhc3N3b3JkICJvcG5zZW5zZSIuICBVc2luZyBT
U0gsIHRoZSAicm9vdCIgYW5kICJpbnN0YWxsZXIiIHVzZXJzCmFyZSBhdmFpbGFibGUgYXMgd2Vs
bCBvbiBJUCAxOTIuMTY4LjEuMS4gIE5vdGUgdGhhdCB0aGVzZSBpbnN0YWxsCm1lZGlhcyBhcmUg
cmVhZC1vbmx5LCB3aGljaCBtZWFucyB5b3VyIGN1cnJlbnQgbGl2ZSBjb25maWd1cmF0aW9uCndp
bGwgYmUgbG9zdCBhZnRlciByZWJvb3QuCgpJZiB5b3UgaGF2ZSB1c2VkIGEgTmFubyBpbWFnZSwg
eW91ciBzeXN0ZW0gaXMgYWxyZWFkeSB1cCBhbmQKcnVubmluZyBhcyBpdCBpcyBkZXNpZ25lZCBh
cyBzdWNoLiAgSXQgaXMgc2V0IHRvIHJlYWQtd3JpdGUKYXR0ZW1wdGluZyB0byBtaW5pbWlzZSB3
cml0ZSBjeWNsZXMgYnkgbW91bnRpbmcgcmVsZXZhbnQgcGFydGl0aW9ucwphcyBtZW1vcnkgZmls
ZSBzeXN0ZW1zLiAgSWYgeW91IHNob3VsZCByZXF1aXJlIGFuIGluc3RhbGxlciBhbnl3YXksCmxv
ZyBpbiBhcyB1c2VyICJyb290Iiwgc2VsZWN0IG9wdGlvbiA4IGZyb20gdGhlIG1lbnUgYW5kIHR5
cGUKIm9wbnNlbnNlLWluc3RhbGxlciIuICBUaGUgIm9wbnNlbnNlLWltcG9ydGVyIiBjYW4gYmUg
cnVuIHRoaXMgd2F5CmFzIHdlbGwgc2hvdWxkIHlvdSByZXF1aXJlIHRvIHJ1biB0aGUgaW1wb3J0
IGFnYWluLgoKVGhlIGZ1bGwgbGlzdCBvZiBjaGFuZ2VzIG9mIE9QTnNlbnNlIDE3LjcgY2FuIGJl
IHJldmlld2VkIHVzaW5nCnRoZWlyIG9yaWdpbmFsIGFubm91bmNlbWVudHM6CgpvIDE3Ljc6IGh0
dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz01NjA0LjAKbyAxNy43LjE6
IGh0dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz01ODYzLjAKbyAxNy43
LjI6IGh0dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz01OTU2LjAKbyAx
Ny43LjM6IGh0dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz01OTk0LjAK
byAxNy43LjQ6IGh0dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz02MDQx
LjAKbyAxNy43LjU6IGh0dHBzOi8vZm9ydW0ub3Buc2Vuc2Uub3JnL2luZGV4LnBocD90b3BpYz02
MDk0LjAKCgpTdGF5IHNhZmUsCllvdXIgT1BOc2Vuc2UgdGVhbQoKLS0KIyBTSEEyNTYgKE9QTnNl
bnNlLTE3LjcuNS1PcGVuU1NMLWR2ZC1hbWQ2NC5pc28uYnoyKSA9IDNmYWI1YjdmNDU5NmRjMDMw
MGU0YjM2ZmI1ZmU4NjQ3ZWJkNDI3NTBlNmUyOGY1YzdmMTQyNGVlMDdjMzUwZWMKIyBTSEEyNTYg
KE9QTnNlbnNlLTE3LjcuNS1PcGVuU1NMLW5hbm8tYW1kNjQuaW1nLmJ6MikgPSAyOTI0Y2VlYzNm
MTEyMDZlODY2YzYxNDYxMTJhZTE0ZDMwNGNkNWUxOGFjYjM4MDNhOTIzZTA0MDE5NjUxYzFiCiMg
U0hBMjU2IChPUE5zZW5zZS0xNy43LjUtT3BlblNTTC1zZXJpYWwtYW1kNjQuaW1nLmJ6MikgPSA3
YTg1YWUzNmI1MmQ2Zjg1MjM5YjdhOTM2Y2VmYTVjNTNkZGRmYTI3MmI5NjhlMjRiYzZiNjFjNzdm
NGRmYmNlCiMgU0hBMjU2IChPUE5zZW5zZS0xNy43LjUtT3BlblNTTC12Z2EtYW1kNjQuaW1nLmJ6
MikgPSA3MzBkZmFhZDM4NTY0MjkwMmQwMGRjNzM2MWZlYTZjNmM3ZTFjMTg2MWNiNTc2ZDU0ZGYw
M2Y5ZDhkMmUyOWM2CiMgU0hBMjU2IChPUE5zZW5zZS0xNy43LjUtT3BlblNTTC1kdmQtaTM4Ni5p
c28uYnoyKSA9IGJlY2U1MTZkZDRlMGZhZmJkNGZlZTA3YjU1NTk1NjNhNjZhYmQ1NDJhOGVmZjlm
M2U4MzNiYzMyMDMzODAyOGYKIyBTSEEyNTYgKE9QTnNlbnNlLTE3LjcuNS1PcGVuU1NMLW5hbm8t
aTM4Ni5pbWcuYnoyKSA9IDllYTI0MzI5NjUwNDg3ZGMwOGI3ZTg0NmJlYzRiMGU3NWFlOTY1YzFi
YTk0OGQwMmEwODU3ZjFiNGRmYzk4OWMKIyBTSEEyNTYgKE9QTnNlbnNlLTE3LjcuNS1PcGVuU1NM
LXNlcmlhbC1pMzg2LmltZy5iejIpID0gZTYwMGMwYzIyMzc3ODQyNWVkOTkwYWUzZjM0ZDY4Y2Ji
NzA1YzU2M2QxYzMwOTE5MGZlZGJjYzk3ZjQ1ODYxZQojIFNIQTI1NiAoT1BOc2Vuc2UtMTcuNy41
LU9wZW5TU0wtdmdhLWkzODYuaW1nLmJ6MikgPSAwNjAwZWVkZDc4NDIxODdjY2ZhMWY5NzY0Mjk1
OWQxMGZlMjkwZDJkYjYwZDEwNjg3ZDAwODk2MjdmNTc0ZWZlCgojIE1ENSAoT1BOc2Vuc2UtMTcu
Ny41LU9wZW5TU0wtZHZkLWFtZDY0Lmlzby5iejIpID0gYWM2OWQxOTYzZWUwYTQ1ZTcwNWYzZjcw
NDRkODQ1MTEKIyBNRDUgKE9QTnNlbnNlLTE3LjcuNS1PcGVuU1NMLW5hbm8tYW1kNjQuaW1nLmJ6
MikgPSBlNWY4ZjdhMzIxZTE2ZDdkMWFmMGQ5OWEwYjJiOGE4MAojIE1ENSAoT1BOc2Vuc2UtMTcu
Ny41LU9wZW5TU0wtc2VyaWFsLWFtZDY0LmltZy5iejIpID0gYzg1MTI4MjExOTA1MTVlOWNjM2Fi
NmY3ZTc2MzY5ZGMKIyBNRDUgKE9QTnNlbnNlLTE3LjcuNS1PcGVuU1NMLXZnYS1hbWQ2NC5pbWcu
YnoyKSA9IDgxMWVlYjM0YmZiODUzYjNmM2YyMTg1YzI0NGM4MDUxCiMgTUQ1IChPUE5zZW5zZS0x
Ny43LjUtT3BlblNTTC1kdmQtaTM4Ni5pc28uYnoyKSA9IGJmZWQ5ZTQ0NDY3Mzg3OTc1MjVhM2M2
Zjc5MGM0NTA3CiMgTUQ1IChPUE5zZW5zZS0xNy43LjUtT3BlblNTTC1uYW5vLWkzODYuaW1nLmJ6
MikgPSBhNTZkZWY1NTgzOTdkNmYyMGE5YWRhNGFiNWNkOTg0OAojIE1ENSAoT1BOc2Vuc2UtMTcu
Ny41LU9wZW5TU0wtc2VyaWFsLWkzODYuaW1nLmJ6MikgPSA0MDRkYzlhN2Q1Zjg0MjQ0NDI4ZDFl
ODIzMDJhNDVmMgojIE1ENSAoT1BOc2Vuc2UtMTcuNy41LU9wZW5TU0wtdmdhLWkzODYuaW1nLmJ6
MikgPSBiM2VhNjgzYTkyODMyNGQzZmQxNDljMjU4MGJkZGU1NwpfX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fXwphbm5vdW5jZSBtYWlsaW5nIGxpc3QKYW5ub3Vu
Y2VAbGlzdHMub3Buc2Vuc2Uub3JnCmh0dHA6Ly9saXN0cy5vcG5zZW5zZS5vcmcvbGlzdGluZm8v
YW5ub3VuY2UK

[Dovecot-news] v2.2.33.1 released

https://dovecot.org/releases/2.2/dovecot-2.2.33.1.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.33.1.tar.gz.sig

Oops, one a bit too bad bug was left in the release, so fixing it here.

– dovecot-lda was logging to stderr instead of to the log file.

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

CESA-2017:2882 Moderate CentOS 7 httpd Security Update

CentOS Errata and Security Advisory 2017:2882 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2882

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
41421bbfa809cd1fea427ffd689e2caa4d92643aec1094ce7c2271702f19480a httpd-2.4.6-67.el7.centos.5.x86_64.rpm
2814b75b35bf8fed0fd12033d1fc0b6203a60926646fb3151cbda49260175522 httpd-devel-2.4.6-67.el7.centos.5.x86_64.rpm
2156dda1f88729bbf47dcd000911942d122a0797d55fcfdcb65e1ead2e3601e8 httpd-manual-2.4.6-67.el7.centos.5.noarch.rpm
d1152bdf63709d455dbba51fd7aafc4b69cb45dd48073edfe4b337157a3974b4 httpd-tools-2.4.6-67.el7.centos.5.x86_64.rpm
0e4029a1ac0b75e2363c7803282e5230cdf4260122ffbf2daeaec955a94f71ac mod_ldap-2.4.6-67.el7.centos.5.x86_64.rpm
fe94afba530fb88bfbe1bd782afe61dd69212c30920d14574099468a2ce76844 mod_proxy_html-2.4.6-67.el7.centos.5.x86_64.rpm
cae78de9a2bb32f12af2bf7895cc27c2f95119787b7139b5ab0ea018b6738113 mod_session-2.4.6-67.el7.centos.5.x86_64.rpm
829d9f95fafbdc31c0e14180b688f27beb329c00961c5340e9609b9789070ea6 mod_ssl-2.4.6-67.el7.centos.5.x86_64.rpm

Source:
5cc7d1292f22dc068f166c8e722456158f9856c29a71887581394a99a4615ab0 httpd-2.4.6-67.el7.centos.5.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[Dovecot-news] Released Pigeonhole v0.4.21 for Dovecot v2.2.33.1.

Hello Dovecot users,

Here’s the definitive 0.4.21 release. There were no changes since the
release candidate.

Changelog v0.4.21:

* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope
recipient instead if available, which makes no sense if the primary
e-mail address is available.
+ vacation extension: Allow ignoring the envelope sender while composing
the “To:” header for the reply. Normally, the “To:” header is composed
from the address found in the “Sender”, “Resent-From” or “From”
headers that is equal to the envelope sender. If none is then found,
the bare envelope sender is used. This change adds a new setting
“sieve_vacation_to_header_ignore_envelope”. With this setting enabled,
the “To:” header is always composed from those headers in the source
message. The new setting thus allows ignoring the envelope, which is
useful e.g. when SRS is used.
+ vacation extension: Compose the “To:” header from the full sender
address found in the first “Sender:”, “From:” or “Resent-From:”
header. Before, it would create a “To:” header without a phrase part.
The new behavior is nicer, since the reply will be addressed to the
sender by name if possible.
– LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit
earlier.
– sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.

The release is available as follows:

https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.21.tar.gz
https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.21.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release and don’t hesitate to
notify me when there are any problems.

Regards,


Stephan Bosch
stephan@rename-it.nl

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

openSUSE-SU-2017:2707-1: important: Security update for MozillaThunderbird

openSUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2707-1
Rating: important
References: #1060445
Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810
CVE-2017-7814 CVE-2017-7818 CVE-2017-7819
CVE-2017-7823 CVE-2017-7824 CVE-2017-7825

Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes 9 vulnerabilities is now available.

Description:

Mozilla Thunderbird was updated to 52.4.0 (boo#1060445)
* new behavior was introduced for replies to mailing list posts: “When
replying to a mailing list, reply will be sent to address in From
header ignoring Reply-to header”. A new preference
mail.override_list_reply_to allows to restore the previous behavior.
* Under certain circumstances (image attachment and non-image
attachment), attached images were shown truncated in messages stored
in IMAP folders not synchronised for offline use.
* IMAP UIDs > 0x7FFFFFFF now handled properly Security fixes from Gecko
52.4esr
* CVE-2017-7793 (bmo#1371889) Use-after-free with Fetch API
* CVE-2017-7818 (bmo#1363723) Use-after-free during ARIA array
manipulation
* CVE-2017-7819 (bmo#1380292) Use-after-free while resizing images in
design mode
* CVE-2017-7824 (bmo#1398381) Buffer overflow when drawing and
validating elements with ANGLE
* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement) Use-after-free
in TLS 1.2 generating handshake hashes
* CVE-2017-7814 (bmo#1376036) Blob and data URLs bypass phishing and
malware protection warnings
* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only) OS X fonts render
some Tibetan and Arabic unicode characters as spaces
* CVE-2017-7823 (bmo#1396320) CSP sandbox directive did not create a
unique origin
* CVE-2017-7810 Memory safety bugs fixed in Firefox 56 and Firefox ESR
52.4

– Add alsa-devel BuildRequires: we care for ALSA support to be built and
thus need to ensure we get the dependencies in place. In the past,
alsa-devel was pulled in by accident: we buildrequire libgnome-devel.
This required esound-devel and that in turn pulled in alsa-devel for us.
libgnome is being fixed to no longer require esound-devel.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2017-1144=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

MozillaThunderbird-52.4.0-45.1
MozillaThunderbird-buildsymbols-52.4.0-45.1
MozillaThunderbird-debuginfo-52.4.0-45.1
MozillaThunderbird-debugsource-52.4.0-45.1
MozillaThunderbird-devel-52.4.0-45.1
MozillaThunderbird-translations-common-52.4.0-45.1
MozillaThunderbird-translations-other-52.4.0-45.1

References:

https://www.suse.com/security/cve/CVE-2017-7793.html
https://www.suse.com/security/cve/CVE-2017-7805.html
https://www.suse.com/security/cve/CVE-2017-7810.html
https://www.suse.com/security/cve/CVE-2017-7814.html
https://www.suse.com/security/cve/CVE-2017-7818.html
https://www.suse.com/security/cve/CVE-2017-7819.html
https://www.suse.com/security/cve/CVE-2017-7823.html
https://www.suse.com/security/cve/CVE-2017-7824.html
https://www.suse.com/security/cve/CVE-2017-7825.html
https://bugzilla.suse.com/1060445


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2717-1: important: Security update for git

SUSE Security Update: Security update for git
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2717-1
Rating: important
References: #1061041
Cross-References: CVE-2017-14867
Affected Products:
SUSE Studio Onsite 1.3
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for git fixes the following issues:

– CVE-2017-14867: A cvsserver perl script command injection was fixed
(CVE-2017-14867, bsc#1061041):

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Studio Onsite 1.3:

zypper in -t patch slestso13-git-13310=1

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-git-13310=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-git-13310=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Studio Onsite 1.3 (x86_64):

git-1.7.12.4-0.18.6.1
git-core-1.7.12.4-0.18.6.1

– SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):

git-1.7.12.4-0.18.6.1
git-arch-1.7.12.4-0.18.6.1
git-core-1.7.12.4-0.18.6.1
git-cvs-1.7.12.4-0.18.6.1
git-daemon-1.7.12.4-0.18.6.1
git-email-1.7.12.4-0.18.6.1
git-gui-1.7.12.4-0.18.6.1
git-svn-1.7.12.4-0.18.6.1
git-web-1.7.12.4-0.18.6.1
gitk-1.7.12.4-0.18.6.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

git-debuginfo-1.7.12.4-0.18.6.1
git-debugsource-1.7.12.4-0.18.6.1

References:

https://www.suse.com/security/cve/CVE-2017-14867.html
https://bugzilla.suse.com/1061041


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE-SU-2017:2710-1: important: Security update for MozillaThunderbird

openSUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2710-1
Rating: important
References: #1060445
Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810
CVE-2017-7814 CVE-2017-7818 CVE-2017-7819
CVE-2017-7823 CVE-2017-7824 CVE-2017-7825

Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________

An update that fixes 9 vulnerabilities is now available.

Description:

Mozilla Thunderbird was updated to 52.4.0 (boo#1060445)
* new behavior was introduced for replies to mailing list posts: “When
replying to a mailing list, reply will be sent to address in From
header ignoring Reply-to header”. A new preference
mail.override_list_reply_to allows to restore the previous behavior.
* Under certain circumstances (image attachment and non-image
attachment), attached images were shown truncated in messages stored
in IMAP folders not synchronised for offline use.
* IMAP UIDs > 0x7FFFFFFF now handled properly Security fixes from Gecko
52.4esr
* CVE-2017-7793 (bmo#1371889) Use-after-free with Fetch API
* CVE-2017-7818 (bmo#1363723) Use-after-free during ARIA array
manipulation
* CVE-2017-7819 (bmo#1380292) Use-after-free while resizing images in
design mode
* CVE-2017-7824 (bmo#1398381) Buffer overflow when drawing and
validating elements with ANGLE
* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement) Use-after-free
in TLS 1.2 generating handshake hashes
* CVE-2017-7814 (bmo#1376036) Blob and data URLs bypass phishing and
malware protection warnings
* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only) OS X fonts render
some Tibetan and Arabic unicode characters as spaces
* CVE-2017-7823 (bmo#1396320) CSP sandbox directive did not create a
unique origin
* CVE-2017-7810 Memory safety bugs fixed in Firefox 56 and Firefox ESR
52.4

– Add alsa-devel BuildRequires: we care for ALSA support to be built and
thus need to ensure we get the dependencies in place. In the past,
alsa-devel was pulled in by accident: we buildrequire libgnome-devel.
This required esound-devel and that in turn pulled in alsa-devel for us.
libgnome is being fixed to no longer require esound-devel.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-1144=1

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-1144=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

MozillaThunderbird-52.4.0-47.1
MozillaThunderbird-buildsymbols-52.4.0-47.1
MozillaThunderbird-debuginfo-52.4.0-47.1
MozillaThunderbird-debugsource-52.4.0-47.1
MozillaThunderbird-devel-52.4.0-47.1
MozillaThunderbird-translations-common-52.4.0-47.1
MozillaThunderbird-translations-other-52.4.0-47.1

– openSUSE Leap 42.2 (i586 x86_64):

MozillaThunderbird-52.4.0-41.18.1
MozillaThunderbird-buildsymbols-52.4.0-41.18.1
MozillaThunderbird-debuginfo-52.4.0-41.18.1
MozillaThunderbird-debugsource-52.4.0-41.18.1
MozillaThunderbird-devel-52.4.0-41.18.1
MozillaThunderbird-translations-common-52.4.0-41.18.1
MozillaThunderbird-translations-other-52.4.0-41.18.1

References:

https://www.suse.com/security/cve/CVE-2017-7793.html
https://www.suse.com/security/cve/CVE-2017-7805.html
https://www.suse.com/security/cve/CVE-2017-7810.html
https://www.suse.com/security/cve/CVE-2017-7814.html
https://www.suse.com/security/cve/CVE-2017-7818.html
https://www.suse.com/security/cve/CVE-2017-7819.html
https://www.suse.com/security/cve/CVE-2017-7823.html
https://www.suse.com/security/cve/CVE-2017-7824.html
https://www.suse.com/security/cve/CVE-2017-7825.html
https://bugzilla.suse.com/1060445


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image

SUSE Security Update: Security update for SLES 12-SP1 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2700-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-0860
CVE-2015-1283 CVE-2015-2059 CVE-2015-2325
CVE-2015-2327 CVE-2015-2328 CVE-2015-3210
CVE-2015-3217 CVE-2015-3238 CVE-2015-3622
CVE-2015-5073 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7056 CVE-2016-7141 CVE-2016-7167
CVE-2016-7543 CVE-2016-7796 CVE-2016-8610
CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620
CVE-2016-8621 CVE-2016-8622 CVE-2016-8623
CVE-2016-8624 CVE-2016-9063 CVE-2016-9318
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366
CVE-2017-10684 CVE-2017-10685 CVE-2017-11112
CVE-2017-11113 CVE-2017-2616 CVE-2017-3731
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 143 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 SP1 container image has been updated
to include security and stability fixes.

The following issues related to building of the container images have been
fixed:

– Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
– Do not install recommended packages when building container images.
(bsc#975726)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 SP1 are now included in the
base image. A package/CVE cross-reference is available below.

pam:

– CVE-2015-3238

libtasn1:

– CVE-2015-3622
– CVE-2016-4008

expat:

expat:

– CVE-2012-6702
– CVE-2015-1283
– CVE-2016-0718
– CVE-2016-5300
– CVE-2016-9063
– CVE-2017-9233

libidn:

– CVE-2015-2059
– CVE-2015-8948
– CVE-2016-6261
– CVE-2016-6262
– CVE-2016-6263

zlib:

– CVE-2016-9840
– CVE-2016-9841
– CVE-2016-9842
– CVE-2016-9843

curl:

– CVE-2016-5419
– CVE-2016-5420
– CVE-2016-5421
– CVE-2016-7141
– CVE-2016-7167
– CVE-2016-8615
– CVE-2016-8616
– CVE-2016-8617
– CVE-2016-8618
– CVE-2016-8619
– CVE-2016-8620
– CVE-2016-8621
– CVE-2016-8622
– CVE-2016-8623
– CVE-2016-8624
– CVE-2016-9586
– CVE-2017-1000100
– CVE-2017-1000101
– CVE-2017-7407

openssl:

– CVE-2016-2105
– CVE-2016-2106
– CVE-2016-2107
– CVE-2016-2108
– CVE-2016-2109
– CVE-2016-2177
– CVE-2016-2178
– CVE-2016-2179
– CVE-2016-2180
– CVE-2016-2181
– CVE-2016-2182
– CVE-2016-2183
– CVE-2016-6302
– CVE-2016-6303
– CVE-2016-6304
– CVE-2016-6306
– CVE-2016-7056
– CVE-2016-8610
– CVE-2017-3731

cracklib:

– CVE-2016-6318

pcre:

– CVE-2014-8964
– CVE-2015-2325
– CVE-2015-2327
– CVE-2015-2328
– CVE-2015-3210
– CVE-2015-3217
– CVE-2015-5073
– CVE-2015-8380
– CVE-2015-8381
– CVE-2015-8382
– CVE-2015-8383
– CVE-2015-8384
– CVE-2015-8385
– CVE-2015-8386
– CVE-2015-8387
– CVE-2015-8388
– CVE-2015-8389
– CVE-2015-8390
– CVE-2015-8391
– CVE-2015-8392
– CVE-2015-8393
– CVE-2015-8394
– CVE-2015-8395
– CVE-2016-1283
– CVE-2016-3191

appamor:

– CVE-2017-6507

bash:

– CVE-2014-6277
– CVE-2014-6278
– CVE-2016-0634
– CVE-2016-7543

cpio:

– CVE-2016-2037

glibc:

– CVE-2016-1234
– CVE-2016-3075
– CVE-2016-3706
– CVE-2016-4429
– CVE-2017-1000366

perl:

– CVE-2015-8853
– CVE-2016-1238
– CVE-2016-2381
– CVE-2016-6185

libssh2_org:

– CVE-2016-0787

util-linux:

– CVE-2016-5011
– CVE-2017-2616

ncurses:

– CVE-2017-10684
– CVE-2017-10685
– CVE-2017-11112
– CVE-2017-11113

libksba:

– CVE-2016-4574
– CVE-2016-4579

libxml2:

– CVE-2014-0191
– CVE-2015-8806
– CVE-2016-1762
– CVE-2016-1833
– CVE-2016-1834
– CVE-2016-1835
– CVE-2016-1837
– CVE-2016-1838
– CVE-2016-1839
– CVE-2016-1840
– CVE-2016-2073
– CVE-2016-3627
– CVE-2016-3705
– CVE-2016-4447
– CVE-2016-4448
– CVE-2016-4449
– CVE-2016-4483
– CVE-2016-4658
– CVE-2016-9318
– CVE-2016-9597
– CVE-2017-9047
– CVE-2017-9048
– CVE-2017-9049
– CVE-2017-9050

libgcrypt:

– CVE-2015-7511
– CVE-2016-6313
– CVE-2017-7526

update-alternatives:

– CVE-2015-0860

systemd:

– CVE-2014-9770
– CVE-2015-8842
– CVE-2016-7796

dbus-1:

– CVE-2014-7824
– CVE-2015-0245

Finally, the following packages received non-security fixes:

– augeas
– bzip2
– ca-certificates-mozilla
– coreutils
– cryptsetup
– cyrus-sasl
– dirmngr
– e2fsprogs
– findutils
– gpg2
– insserv-compat
– kmod
– libcap
– libsolv
– libzypp
– lua51
– lvm2
– netcfg
– p11-kit
– permissions
– procps
– rpm
– sed
– sg3_utils
– shadow
– zypper

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12sp1-docker-image-1.0.7-20171002

References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-0860.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7056.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8610.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2701-1: important: Security update for SLES 12-SP2 Docker image

SUSE Security Update: Security update for SLES 12-SP2 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2701-1
Rating: important
References: #1056193
Cross-References: CVE-2012-6702 CVE-2015-3238 CVE-2016-10156
CVE-2016-1839 CVE-2016-2037 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-7055
CVE-2016-9063 CVE-2016-9318 CVE-2016-9401
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-3731 CVE-2017-3732 CVE-2017-5969
CVE-2017-6507 CVE-2017-7375 CVE-2017-7376
CVE-2017-7407 CVE-2017-7435 CVE-2017-7436
CVE-2017-7526 CVE-2017-8872 CVE-2017-9047
CVE-2017-9048 CVE-2017-9049 CVE-2017-9050
CVE-2017-9217 CVE-2017-9233 CVE-2017-9269
CVE-2017-9287 CVE-2017-9445
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 47 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 SP2 container image has been updated
to include security and stability fixes.

The following issues related to building of the container images have been
fixed:

– Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.

bash:

– CVE-2016-9401

expat:

– CVE-2012-6702
– CVE-2016-5300
– CVE-2016-9063
– CVE-2017-9233

curl:

– CVE-2016-9586
– CVE-2017-1000100
– CVE-2017-1000101
– CVE-2017-7407

glibc:

– CVE-2017-1000366

openssl:

– CVE-2017-3731
– CVE-2017-3732
– CVE-2016-7055

pam:

– CVE-2015-3238

apparmor:

– CVE-2017-6507

ncurses:

– CVE-2017-10684
– CVE-2017-10685
– CVE-2017-11112
– CVE-2017-11113

libgcrypt:

– CVE-2017-7526

libxml2:

– CVE-2016-1839
– CVE-2016-4658
– CVE-2016-9318
– CVE-2016-9597
– CVE-2017-0663
– CVE-2017-5969
– CVE-2017-7375
– CVE-2017-7376
– CVE-2017-8872
– CVE-2017-9047
– CVE-2017-9048
– CVE-2017-9049
– CVE-2017-9050

libzypp:

– CVE-2017-9269
– CVE-2017-7435
– CVE-2017-7436

openldap2:

– CVE-2017-9287

systemd:

– CVE-2016-10156
– CVE-2017-9217
– CVE-2017-9445

util-linux:

– CVE-2016-5011
– CVE-2017-2616

zlib:

– CVE-2016-9840
– CVE-2016-9841
– CVE-2016-9842
– CVE-2016-9843

zypper:

– CVE-2017-7436

Finally, the following packages received non-security fixes:

– binutils
– cpio
– cryptsetup
– cyrus-sasl
– dbus-1
– dirmngr
– e2fsprogs
– gpg2
– insserv-compat
– kmod
– libsolv
– libsemanage
– lvm2
– lua51
– netcfg
– procps
– sed
– sg3_utils
– shadow

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12sp2-docker-image-1.0.2-20171006

References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2016-10156.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-7055.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9401.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-0663.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://www.suse.com/security/cve/CVE-2017-5969.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7375.html
https://www.suse.com/security/cve/CVE-2017-7376.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7435.html
https://www.suse.com/security/cve/CVE-2017-7436.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-8872.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9217.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://www.suse.com/security/cve/CVE-2017-9269.html
https://www.suse.com/security/cve/CVE-2017-9287.html
https://www.suse.com/security/cve/CVE-2017-9445.html
https://bugzilla.suse.com/1056193


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2699-1: important: Security update for SLES 12 Docker image

SUSE Security Update: Security update for SLES 12 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2699-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-1283
CVE-2015-2059 CVE-2015-2325 CVE-2015-2327
CVE-2015-2328 CVE-2015-3210 CVE-2015-3217
CVE-2015-3238 CVE-2015-3622 CVE-2015-5073
CVE-2015-5218 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7141 CVE-2016-7167 CVE-2016-7543
CVE-2016-7796 CVE-2016-8615 CVE-2016-8616
CVE-2016-8617 CVE-2016-8618 CVE-2016-8619
CVE-2016-8620 CVE-2016-8621 CVE-2016-8622
CVE-2016-8623 CVE-2016-8624 CVE-2016-9063
CVE-2016-9318 CVE-2016-9586 CVE-2016-9597
CVE-2016-9840 CVE-2016-9841 CVE-2016-9842
CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 140 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 container image has been updated to
include security and stability fixes.

The following issues related to building of the container images have been
fixed:

– Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
– Do not install recommended packages when building container images.
(bsc#975726)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.

pam:

– CVE-2015-3238

libtasn1:

– CVE-2015-3622
– CVE-2016-4008

libidn:

– CVE-2015-2059
– CVE-2015-8948
– CVE-2016-6261
– CVE-2016-6262
– CVE-2016-6263

zlib:

– CVE-2016-9840
– CVE-2016-9841
– CVE-2016-9842
– CVE-2016-9843

curl:

– CVE-2016-5419
– CVE-2016-5420
– CVE-2016-5421
– CVE-2016-7141
– CVE-2016-7167
– CVE-2016-8615
– CVE-2016-8616
– CVE-2016-8617
– CVE-2016-8618
– CVE-2016-8619
– CVE-2016-8620
– CVE-2016-8621
– CVE-2016-8622
– CVE-2016-8623
– CVE-2016-8624
– CVE-2016-9586
– CVE-2017-1000100
– CVE-2017-1000101
– CVE-2017-7407

openssl:

– CVE-2016-2105
– CVE-2016-2106
– CVE-2016-2107
– CVE-2016-2108
– CVE-2016-2109
– CVE-2016-2177
– CVE-2016-2178
– CVE-2016-2179
– CVE-2016-2180
– CVE-2016-2181
– CVE-2016-2182
– CVE-2016-2183
– CVE-2016-6302
– CVE-2016-6303
– CVE-2016-6304
– CVE-2016-6306

libxml2:

– CVE-2014-0191
– CVE-2015-8806
– CVE-2016-1762
– CVE-2016-1833
– CVE-2016-1834
– CVE-2016-1835
– CVE-2016-1837
– CVE-2016-1838
– CVE-2016-1839
– CVE-2016-1840
– CVE-2016-2073
– CVE-2016-3627
– CVE-2016-3705
– CVE-2016-4447
– CVE-2016-4448
– CVE-2016-4449
– CVE-2016-4483
– CVE-2016-4658
– CVE-2016-9318
– CVE-2016-9597
– CVE-2017-9047
– CVE-2017-9048
– CVE-2017-9049
– CVE-2017-9050

util-linux:

– CVE-2015-5218
– CVE-2016-5011
– CVE-2017-2616

cracklib:

– CVE-2016-6318

systemd:

– CVE-2014-9770
– CVE-2015-8842
– CVE-2016-7796

pcre:

– CVE-2014-8964
– CVE-2015-2325
– CVE-2015-2327
– CVE-2015-2328
– CVE-2015-3210
– CVE-2015-3217
– CVE-2015-5073
– CVE-2015-8380
– CVE-2015-8381
– CVE-2015-8382
– CVE-2015-8383
– CVE-2015-8384
– CVE-2015-8385
– CVE-2015-8386
– CVE-2015-8387
– CVE-2015-8388
– CVE-2015-8389
– CVE-2015-8390
– CVE-2015-8391
– CVE-2015-8392
– CVE-2015-8393
– CVE-2015-8394
– CVE-2015-8395
– CVE-2016-1283
– CVE-2016-3191

appamor:

– CVE-2017-6507

bash:

– CVE-2014-6277
– CVE-2014-6278
– CVE-2016-0634
– CVE-2016-7543

cpio:

– CVE-2016-2037

glibc:

– CVE-2016-1234
– CVE-2016-3075
– CVE-2016-3706
– CVE-2016-4429
– CVE-2017-1000366

perl:

– CVE-2015-8853
– CVE-2016-1238
– CVE-2016-2381
– CVE-2016-6185

libssh2_org:

– CVE-2016-0787

expat:

– CVE-2012-6702
– CVE-2015-1283
– CVE-2016-0718
– CVE-2016-5300
– CVE-2016-9063
– CVE-2017-9233

ncurses:

– CVE-2017-10684
– CVE-2017-10685
– CVE-2017-11112
– CVE-2017-11113

libksba:

– CVE-2016-4574
– CVE-2016-4579

libgcrypt:

– CVE-2015-7511
– CVE-2016-6313
– CVE-2017-7526

dbus-1:

– CVE-2014-7824
– CVE-2015-0245

Finally, the following packages received non-security fixes:

– augeas
– bzip2
– ca-certificates-mozilla
– coreutils
– cryptsetup
– cyrus-sasl
– dirmngr
– e2fsprogs
– findutils
– gpg2
– insserv-compat
– kmod
– libcap
– libsolv
– libzypp
– openldap2
– p11-kit
– permissions
– procps
– rpm
– sed
– shadow
– zypper

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12-docker-image-1.1.4-20171002

References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5218.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2694-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2694-1
Rating: important
References: #1013018 #1024450 #1031358 #1036629 #1037441
#1037667 #1037669 #1037994 #1039803 #1040609
#1042863 #1045154 #1047523 #1050381 #1050431
#1051932 #1052311 #1052370 #1053148 #1053152
#1053802 #1053933 #1054070 #1054076 #1054093
#1054247 #1054706 #1055680 #1056588 #1057179
#1057389 #1058524 #984530
Cross-References: CVE-2017-1000112 CVE-2017-1000251 CVE-2017-10661
CVE-2017-12762 CVE-2017-14051 CVE-2017-14140
CVE-2017-14340 CVE-2017-8831
Affected Products:
SUSE Linux Enterprise Real Time Extension 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

An update that solves 8 vulnerabilities and has 25 fixes is
now available.

Description:

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

– CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack
overflow vulnerability in the processing of L2CAP configuration
responses resulting in remote code execution in kernel space
(bnc#1057389).
– CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h
did not verify that a filesystem has a realtime device, which allowed
local users to cause a denial of service (NULL pointer dereference and
OOPS) via vectors related to setting an RHINHERIT flag on a directory
(bnc#1058524).
– CVE-2017-14140: The move_pages system call in mm/migrate.c did not check
the effective uid of the target process, enabling a local attacker to
learn the memory layout of a setuid executable despite ASLR
(bnc#1057179).
– CVE-2017-14051: An integer overflow in the
qla2x00_sysfs_write_optrom_ctl function in
drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a denial of
service (memory corruption and system crash) by leveraging root access
(bnc#1056588).
– CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to
gain privileges or cause a denial of service (list corruption or
use-after-free) via simultaneous file-descriptor operations that
leverage improper might_cancel queueing (bnc#1053152).
– CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c a user-controlled buffer
was copied into a local buffer of constant size using strcpy without a
length check which can cause a buffer overflow (bnc#1053148).
– CVE-2017-8831: The saa7164_bus_get function allowed local users to cause
a denial of service (out-of-bounds array access) or possibly have
unspecified
other impact by changing a certain sequence-number value, aka a “double
fetch” vulnerability (bnc#1037994).
– CVE-2017-1000112: Prevent race condition in net-packet code that could
have been exploited by unprivileged users to gain root
access.(bnc#1052311).

The following non-security bugs were fixed:

– ALSA: Fix Lewisburg audio issue
– Drop commit 96234ae:kvm_io_bus_unregister_dev() should never fail
(bsc#1055680)
– Fixup build warnings in drivers/scsi/scsi.c (bsc#1031358)
– NFS: Cache aggressively when file is open for writing (bsc#1053933).
– NFS: Do drop directory dentry when error clearly requires it
(bsc#1051932).
– NFS: Do not flush caches for a getattr that races with writeback
(bsc#1053933).
– NFS: Optimize fallocate by refreshing mapping when needed (bsc#1053933).
– NFS: invalidate file size when taking a lock (bsc#1053933).
– PCI: fix hotplug related issues (bnc#1054247).
– af_key: do not use GFP_KERNEL in atomic contexts (bsc#1054093).
– avoid deadlock in xenbus (bnc#1047523).
– blacklist 9754d45e9970 tpm: read burstcount from TPM_STS in one 32-bit
transaction
– blkback/blktap: do not leak stack data via response ring (bsc#1042863
XSA-216).
– cx231xx-audio: fix NULL-deref at probe (bsc#1050431).
– cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
– fuse: do not use iocb after it may have been freed (bsc#1054706).
– fuse: fix fuse_write_end() if zero bytes were copied (bsc#1054706).
– fuse: fsync() did not return IO errors (bsc#1054076).
– fuse: fuse_flush must check mapping->flags for errors (bsc#1054706).
– gspca: konica: add missing endpoint sanity check (bsc#1050431).
– kabi/severities: Ignore zpci symbol changes (bsc#1054247)
– lib/mpi: mpi_read_raw_data(): fix nbits calculation
– media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS
ioctl (bsc#1050431).
– net: Fix RCU splat in af_key (bsc#1054093).
– powerpc/fadump: add reschedule point while releasing memory (bsc#1040609
bsc#1024450).
– powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669
bsc#1037667).
– powerpc/fadump: provide a helpful error message (bsc#1037669
bsc#1037667).
– powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530,
bsc#1052370).
– powerpc/slb: Force a full SLB flush when we insert for a bad EA
(bsc#1054070).
– reiserfs: fix race in readdir (bsc#1039803).
– s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1054247).
– s390/pci: fix handling of PEC 306 (bnc#1054247).
– s390/pci: improve error handling during fmb (de)registration
(bnc#1054247).
– s390/pci: improve error handling during interrupt deregistration
(bnc#1054247).
– s390/pci: improve pci hotplug (bnc#1054247).
– s390/pci: improve unreg_ioat error handling (bnc#1054247).
– s390/pci: introduce clp_get_state (bnc#1054247).
– s390/pci: provide more debug information (bnc#1054247).
– scsi: avoid system stall due to host_busy race (bsc#1031358).
– scsi: close race when updating blocked counters (bsc#1031358).
– ser_gigaset: return -ENOMEM on error instead of success (bsc#1037441).
– supported.conf: clear mistaken external support flag for cifs.ko
(bsc#1053802).
– tpm: fix a kernel memory leak in tpm-sysfs.c (bsc#1050381).
– uwb: fix device quirk on big-endian hosts (bsc#1036629).
– xfs: fix inobt inode allocation search optimization (bsc#1013018).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Real Time Extension 11-SP4:

zypper in -t patch slertesp4-linux-kernel-rt-13307=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-linux-kernel-rt-13307=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64):

kernel-rt-3.0.101.rt130-69.8.1
kernel-rt-base-3.0.101.rt130-69.8.1
kernel-rt-devel-3.0.101.rt130-69.8.1
kernel-rt_trace-3.0.101.rt130-69.8.1
kernel-rt_trace-base-3.0.101.rt130-69.8.1
kernel-rt_trace-devel-3.0.101.rt130-69.8.1
kernel-source-rt-3.0.101.rt130-69.8.1
kernel-syms-rt-3.0.101.rt130-69.8.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64):

kernel-rt-debuginfo-3.0.101.rt130-69.8.1
kernel-rt-debugsource-3.0.101.rt130-69.8.1
kernel-rt_debug-debuginfo-3.0.101.rt130-69.8.1
kernel-rt_debug-debugsource-3.0.101.rt130-69.8.1
kernel-rt_trace-debuginfo-3.0.101.rt130-69.8.1
kernel-rt_trace-debugsource-3.0.101.rt130-69.8.1

References:

https://www.suse.com/security/cve/CVE-2017-1000112.html
https://www.suse.com/security/cve/CVE-2017-1000251.html
https://www.suse.com/security/cve/CVE-2017-10661.html
https://www.suse.com/security/cve/CVE-2017-12762.html
https://www.suse.com/security/cve/CVE-2017-14051.html
https://www.suse.com/security/cve/CVE-2017-14140.html
https://www.suse.com/security/cve/CVE-2017-14340.html
https://www.suse.com/security/cve/CVE-2017-8831.html
https://bugzilla.suse.com/1013018
https://bugzilla.suse.com/1024450
https://bugzilla.suse.com/1031358
https://bugzilla.suse.com/1036629
https://bugzilla.suse.com/1037441
https://bugzilla.suse.com/1037667
https://bugzilla.suse.com/1037669
https://bugzilla.suse.com/1037994
https://bugzilla.suse.com/1039803
https://bugzilla.suse.com/1040609
https://bugzilla.suse.com/1042863
https://bugzilla.suse.com/1045154
https://bugzilla.suse.com/1047523
https://bugzilla.suse.com/1050381
https://bugzilla.suse.com/1050431
https://bugzilla.suse.com/1051932
https://bugzilla.suse.com/1052311
https://bugzilla.suse.com/1052370
https://bugzilla.suse.com/1053148
https://bugzilla.suse.com/1053152
https://bugzilla.suse.com/1053802
https://bugzilla.suse.com/1053933
https://bugzilla.suse.com/1054070
https://bugzilla.suse.com/1054076
https://bugzilla.suse.com/1054093
https://bugzilla.suse.com/1054247
https://bugzilla.suse.com/1054706
https://bugzilla.suse.com/1055680
https://bugzilla.suse.com/1056588
https://bugzilla.suse.com/1057179
https://bugzilla.suse.com/1057389
https://bugzilla.suse.com/1058524
https://bugzilla.suse.com/984530


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

[Dovecot-news] v2.2.33 released

https://dovecot.org/releases/2.2/dovecot-2.2.33.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.33.tar.gz.sig

We’re getting close to the last v2.2.x releases. Hopefully we’ll have the first v2.3 beta releases out soon.

* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend’s logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
“:LISTINDEX=” to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc’s dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
+ auth: Added %{ldap_dn} variable for passdb/userdb ldap
– acl: The “create” (k) permission in global acl-file was sometimes
ignored, allowing users to create mailboxes when they shouldn’t have.
– sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
– lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn’t an IP
– lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
– quota_clone: Update also when quota is unlimited (broken in v2.2.31)
– mbox, zlib: Fix assert-crash when accessing compressed mbox
– doveadm director kick -f parameter didn’t work
– doveadm director flush resulted flushing all hosts, if
wasn’t an IP address.
– director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
– director: Use less CPU in imap-login processes when moving/kicking
many users.
– lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
– doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.
– pop3: rawlog_dir setting didn’t work

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

SUSE-SU-2017:2688-1: important: Security update for MozillaFirefox, mozilla-nss

SUSE Security Update: Security update for MozillaFirefox, mozilla-nss
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2688-1
Rating: important
References: #1060445 #1061005
Cross-References: CVE-2017-7793 CVE-2017-7805 CVE-2017-7810
CVE-2017-7814 CVE-2017-7818 CVE-2017-7819
CVE-2017-7823 CVE-2017-7824 CVE-2017-7825

Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Server 12-SP1-LTSS
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Desktop 12-SP3
SUSE Linux Enterprise Desktop 12-SP2
SUSE Container as a Service Platform ALL
______________________________________________________________________________

An update that fixes 9 vulnerabilities is now available.

Description:

This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the
following issues:

This security issue was fixed for mozilla-nss:

– CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating
handshake hashes (bsc#1061005)

These security issues were fixed for Firefox

– CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters
rendering (bsc#1060445).
– CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake
hashes (bsc#1060445).
– CVE-2017-7819: Prevent Use-after-free while resizing images in design
mode (bsc#1060445).
– CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation
(bsc#1060445).
– CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445).
– CVE-2017-7824: Prevent Buffer overflow when drawing and validating
elements with ANGLE (bsc#1060445).
– CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445).
– CVE-2017-7823: CSP sandbox directive did not create a unique origin
(bsc#1060445).
– CVE-2017-7814: Blob and data URLs bypassed phishing and malware
protection warnings (bsc#1060445).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE OpenStack Cloud 6:

zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1662=1

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1662=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1662=1

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1662=1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1662=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1662=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1662=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1662=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1662=1

– SUSE Linux Enterprise Desktop 12-SP3:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1662=1

– SUSE Linux Enterprise Desktop 12-SP2:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1662=1

– SUSE Container as a Service Platform ALL:

zypper in -t patch SUSE-CAASP-ALL-2017-1662=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE OpenStack Cloud 6 (x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP3 (s390x x86_64):

libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP2 (s390x x86_64):

libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (s390x x86_64):

libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-devel-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-hmac-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-hmac-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-devel-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Server 12-LTSS (s390x x86_64):

libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libfreebl3-hmac-32bit-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-hmac-32bit-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1

– SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

MozillaFirefox-52.4.0esr-109.6.2
MozillaFirefox-debuginfo-52.4.0esr-109.6.2
MozillaFirefox-debugsource-52.4.0esr-109.6.2
MozillaFirefox-translations-52.4.0esr-109.6.2
libfreebl3-3.29.5-58.3.1
libfreebl3-32bit-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libfreebl3-debuginfo-32bit-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-32bit-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
libsoftokn3-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-32bit-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-32bit-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1
mozilla-nss-sysinit-3.29.5-58.3.1
mozilla-nss-sysinit-32bit-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-3.29.5-58.3.1
mozilla-nss-sysinit-debuginfo-32bit-3.29.5-58.3.1
mozilla-nss-tools-3.29.5-58.3.1
mozilla-nss-tools-debuginfo-3.29.5-58.3.1

– SUSE Container as a Service Platform ALL (x86_64):

libfreebl3-3.29.5-58.3.1
libfreebl3-debuginfo-3.29.5-58.3.1
libsoftokn3-3.29.5-58.3.1
libsoftokn3-debuginfo-3.29.5-58.3.1
mozilla-nss-3.29.5-58.3.1
mozilla-nss-certs-3.29.5-58.3.1
mozilla-nss-certs-debuginfo-3.29.5-58.3.1
mozilla-nss-debuginfo-3.29.5-58.3.1
mozilla-nss-debugsource-3.29.5-58.3.1

References:

https://www.suse.com/security/cve/CVE-2017-7793.html
https://www.suse.com/security/cve/CVE-2017-7805.html
https://www.suse.com/security/cve/CVE-2017-7810.html
https://www.suse.com/security/cve/CVE-2017-7814.html
https://www.suse.com/security/cve/CVE-2017-7818.html
https://www.suse.com/security/cve/CVE-2017-7819.html
https://www.suse.com/security/cve/CVE-2017-7823.html
https://www.suse.com/security/cve/CVE-2017-7824.html
https://www.suse.com/security/cve/CVE-2017-7825.html
https://bugzilla.suse.com/1060445
https://bugzilla.suse.com/1061005


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

[Dovecot-news] Released Pigeonhole v0.4.21.rc1 for Dovecot v2.2.33.rc1.

Hello Dovecot users,

Here is the Pigeonhole hole release candidate that goes with the Dovecot
release candidate. Nothing really special going on, just a few changes
and fixes that accumulated over the last few months.

Changelog v0.4.21:

* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope
recipient instead if available, which makes no sense if the primary
e-mail address is available.
+ vacation extension: Allow ignoring the envelope sender while composing
the “To:” header for the reply. Normally, the “To:” header is composed
from the address found in the “Sender”, “Resent-From” or “From”
headers that is equal to the envelope sender. If none is then found,
the bare envelope sender is used. This change adds a new setting
“sieve_vacation_to_header_ignore_envelope”. With this setting enabled,
the “To:” header is always composed from those headers in the source
message. The new setting thus allows ignoring the envelope, which is
useful e.g. when SRS is used.
+ vacation extension: Compose the “To:” header from the full sender
address found in the first “Sender:”, “From:” or “Resent-From:”
header. Before, it would create a “To:” header without a phrase part.
The new behavior is nicer, since the reply will be addressed to the
sender by name if possible.
– LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit
earlier.
– sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.

The release is available as follows:

http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.21.rc1.tar.gz
http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.21.rc1.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release candidate and don’t
hesitate to notify me when there are any problems.

Regards,


Stephan Bosch
stephan@rename-it.nl

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

CESA-2017:2863 Moderate CentOS 6 kernel Security Update

CentOS Errata and Security Advisory 2017:2863 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2863

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
f44aa5fe35ee6057f09d3ae976a1ac20b9484680d5ad74ab3188ef786105b4c6 kernel-2.6.32-696.13.2.el6.i686.rpm
e504863f5d383083501f9857d958562a4c9be4900c2e1d64b3cac99234b0773f kernel-abi-whitelists-2.6.32-696.13.2.el6.noarch.rpm
c29d4c8d691d0e7dea47beeabba025e1e6dbacf03777e01859365c0a363e7ed8 kernel-debug-2.6.32-696.13.2.el6.i686.rpm
22e5ff5d05ef0c4527aaa3fdad61c6ca0bc7e71dbbc2c8574ac904bc5359ed26 kernel-debug-devel-2.6.32-696.13.2.el6.i686.rpm
81d7ac3ef8a4281f36d89db8476b891bbc645ba008976ceed011f33cae441bc5 kernel-devel-2.6.32-696.13.2.el6.i686.rpm
6c2d32bc2e8c9a3fa45fd9ad75487460fe68d379d5d505fb632e750e271912ce kernel-doc-2.6.32-696.13.2.el6.noarch.rpm
14d7950349061ce64a544879e2aefae16dd393f4b39f7485a9a0f904a3af7270 kernel-firmware-2.6.32-696.13.2.el6.noarch.rpm
108b88d25312495470eca583fc0faa2636d1d4d4e6bef1b41f8875cbf9f9dba2 kernel-headers-2.6.32-696.13.2.el6.i686.rpm
24353c78854e3deee2b827a66eb778480b40d9eb30d4bd4f54dbe6339fda3375 perf-2.6.32-696.13.2.el6.i686.rpm
60ef719c1ca0e982ce841d16d39378eb44f40ff4b6313d61cdd51ed2b372596b python-perf-2.6.32-696.13.2.el6.i686.rpm

x86_64:
a7cc641a5c25aa0c4e941d71a3f2922334d6b983cf159aced75d20a34a360804 kernel-2.6.32-696.13.2.el6.x86_64.rpm
e504863f5d383083501f9857d958562a4c9be4900c2e1d64b3cac99234b0773f kernel-abi-whitelists-2.6.32-696.13.2.el6.noarch.rpm
0a261cb6a266e4758c9e758ba16f86bae71a4cb79563905f6959870163195b6d kernel-debug-2.6.32-696.13.2.el6.x86_64.rpm
22e5ff5d05ef0c4527aaa3fdad61c6ca0bc7e71dbbc2c8574ac904bc5359ed26 kernel-debug-devel-2.6.32-696.13.2.el6.i686.rpm
494cf193e2e344e0025e04ee64a5008d45734fc9a1ad522143359d99a9bbd2da kernel-debug-devel-2.6.32-696.13.2.el6.x86_64.rpm
5a4ad9b4a4c839043e6206f81603583aac5cacd9a099e8d0dce9d50c6de6624d kernel-devel-2.6.32-696.13.2.el6.x86_64.rpm
6c2d32bc2e8c9a3fa45fd9ad75487460fe68d379d5d505fb632e750e271912ce kernel-doc-2.6.32-696.13.2.el6.noarch.rpm
14d7950349061ce64a544879e2aefae16dd393f4b39f7485a9a0f904a3af7270 kernel-firmware-2.6.32-696.13.2.el6.noarch.rpm
9fe0d82754b6d94574a47c56dd6b2a06cda59d41fe86dc16ef86e17f7970578e kernel-headers-2.6.32-696.13.2.el6.x86_64.rpm
b740603e24f3a7610e4ebc59910cc4fa0a750b90f6600c86edf118a879a00969 perf-2.6.32-696.13.2.el6.x86_64.rpm
6ab0f3a9bd23d658836462a4380865a8b43518a18203bcb071928ea8e9e1f9e7 python-perf-2.6.32-696.13.2.el6.x86_64.rpm

Source:
83c3adc56d5967741a73085c049b5cdb876de1dfb4cb4fb8a88d73b5ddad7b4a kernel-2.6.32-696.13.2.el6.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CESA-2017:2860 Moderate CentOS 6 postgresql Security Update

CentOS Errata and Security Advisory 2017:2860 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2860

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
8ce524d7594d44842dbf2c6a918fba0df6eb4aba61456a1afac2956b49cea425 postgresql-8.4.20-8.el6_9.i686.rpm
8c7e2ce2e6675384b6d956d35b4728a0121b4083e903c0c6a77517a44ba4db27 postgresql-contrib-8.4.20-8.el6_9.i686.rpm
c042b88e603be8a8ae99a6e7907e4f4e63f06662050190e244b611b5d1e99606 postgresql-devel-8.4.20-8.el6_9.i686.rpm
b844f907373eaca72848348cb2e963b10e4943679e4ade53577ad9ada098e257 postgresql-docs-8.4.20-8.el6_9.i686.rpm
a5c1706f6612fe59990fea062966a84e332de1b2d2b7dda7af419bca7c91c2c6 postgresql-libs-8.4.20-8.el6_9.i686.rpm
8d918cdb4dd0897195233e773d22a87678422f579e18c1f2f91b1d15593fcfff postgresql-plperl-8.4.20-8.el6_9.i686.rpm
884286c1308c821035257bdaf49dd2e0500b2257a7e75a0396a39809026b205a postgresql-plpython-8.4.20-8.el6_9.i686.rpm
baf83a6c4b6385021d71cb554ed2ac12dd8c6fc81ed58375ca01bd9ff966a901 postgresql-pltcl-8.4.20-8.el6_9.i686.rpm
44247e758c63bbca45ae553ad9638a9683fdcce537a3fae8ee2eaf2bb369e113 postgresql-server-8.4.20-8.el6_9.i686.rpm
eb054e4c49dc685efcc79b539864ddadd79e01c9124980d9384d01fc3d02f319 postgresql-test-8.4.20-8.el6_9.i686.rpm

x86_64:
8ce524d7594d44842dbf2c6a918fba0df6eb4aba61456a1afac2956b49cea425 postgresql-8.4.20-8.el6_9.i686.rpm
e8edd19f1c1933915dca670a83fed033ddb6b5477526403600ace511db54cf34 postgresql-8.4.20-8.el6_9.x86_64.rpm
53c6b606ea888a80acedecd905475d9ce6c5a6c5802f176e93e65c55cfc3fc61 postgresql-contrib-8.4.20-8.el6_9.x86_64.rpm
c042b88e603be8a8ae99a6e7907e4f4e63f06662050190e244b611b5d1e99606 postgresql-devel-8.4.20-8.el6_9.i686.rpm
df1b83944c4f26d6fda923214143c4a79693ee2bab175e19a548c69c8727e2f2 postgresql-devel-8.4.20-8.el6_9.x86_64.rpm
d7e6dd950b9f460a4925e5c5ae0e9ec8e026c069566c4fc49b788c630bcbc3e1 postgresql-docs-8.4.20-8.el6_9.x86_64.rpm
a5c1706f6612fe59990fea062966a84e332de1b2d2b7dda7af419bca7c91c2c6 postgresql-libs-8.4.20-8.el6_9.i686.rpm
5328bfa0d6716b342cb63c3399a05bcf98f9b3becab22808173228c6cbc5cc33 postgresql-libs-8.4.20-8.el6_9.x86_64.rpm
37265b681d255e811a18f10492ac561fb53c972a057aaa18072627a4d7d194c7 postgresql-plperl-8.4.20-8.el6_9.x86_64.rpm
0b287aaf1379d4a4a52dc277c3ae00865741bb925ccf263ba5b7bcacceafea62 postgresql-plpython-8.4.20-8.el6_9.x86_64.rpm
b6db989f8f62f398245327f23ee4e7e40aee863a0128e38cf75375cdff534624 postgresql-pltcl-8.4.20-8.el6_9.x86_64.rpm
48953d6e0660015f54c206bc03886289ed40ab3753e313309bbc2a82bd562e1c postgresql-server-8.4.20-8.el6_9.x86_64.rpm
ef618101d88d7cc74e147788928640fc6b3435bb583ba05ad8007f414d307215 postgresql-test-8.4.20-8.el6_9.x86_64.rpm

Source:
3c04d99dc0fdc81ddce150b0fea603ff006c630ed33e8fb726d775df61752a08 postgresql-8.4.20-8.el6_9.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

SUSE-SU-2017:2655-1: important: Security update for portus

SUSE Security Update: Security update for portus
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2655-1
Rating: important
References: #1059664
Cross-References: CVE-2017-14621
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for portus fixes the following issues:

– CVE-2017-14621: Fixed a XSS attack via the Team field, related to
typeahead. (bsc#1059664)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1642=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Module for Containers 12 (x86_64):

portus-2.2.0-20.3.1
portus-debuginfo-2.2.0-20.3.1
portus-debugsource-2.2.0-20.3.1

References:

https://www.suse.com/security/cve/CVE-2017-14621.html
https://bugzilla.suse.com/1059664


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

New Check_MK stable release 1.4.0p14

Dear friends of Check_MK,

the new stable release 1.4.0p14 of Check_MK is ready for download.

This maintenance release ships with 14 changes affecing all editions of Che=
ck_MK,
4 Enterprise Edition specific changes and 0 Managed Service Edition specifi=
c changes.

Changes in all Check_MK Editions:

WATO:
* 5231 Distributed WATO: Improved site snapshot generation speed, reduces “=
Activate changes” duration
* 5313 FIX: Service discovery: Fixed ‘Fix all missing/vanished’ action: Dis=
abled services were listed below ‘Monitored services’ after that button cli=
ck.
* 5217 FIX: BI: Improved error handling in case of not existing but referen=
ced rule

User interface:
* 5210 FIX: LDAP: Fixed equal default value for custom variable sync plugins
* 5215 FIX: Fixed broken nested contact group synchronization (regression i=
n 1.4.0p10)
* 5216 FIX: Failed notification checking is now limited to 7 days
* 5214 FIX: Events in tactical overview can now be disabled

Event console:
* 5212 FIX: check_mkevents: Improved performance
* 5361 FIX: Fixed cancelling events by “text” (regression #5057, since 1.4.=
0p11)

Checks & agents:
* 5233 agent_ucs_bladecenter: Now uses python requests to fetch the data
* 5339 FIX: postfix_mailq_status: Now reports if PID file is not readable
* 5316 FIX: cmciii.access: Fixed error state handling
* 5312 FIX: citrix_sessions: Fixed crash if not all session values ‘total’,=
‘active’ or ‘inactive’ are available
* 5232 FIX: Agent version check: fixed exception when an offcial release is=
expected and the agents version is a daily build

Changes in the Check_MK Enterprise Edition:

Reporting & availability:
* 5359 FIX: Reduced size of PDF exports containing graphs

Checks & agents:
* 5378 FIX: Windows agent: Ensure backwards compatibility of section webser=
vices

Agent bakery:
* 5315 FIX: win_printers: Added missing bakery rule
* 5211 FIX: Agent bakery: Reduced agent baking time when monitoring 0 hosts=
from central site

Changes in the Check_MK Managed Service Edition:

NO CHANGES

You can download Check_MK from our download page:
* http://mathias-kettner.de/check_mk_download.html

Please mail bug reports and qualified feedback to feedback@check-mk.org.
We greatly thank you for using Check_MK and wish you a successful monitorin=
g,

Your Check_MK Team

— =

Mathias Kettner GmbH
Kellerstra=DFe 29, 81667 M=FCnchen, Germany
Registergericht: Amtsgericht M=FCnchen, HRB 165902
Gesch=E4ftsf=FChrer: Mathias Kettner
http://mathias-kettner.de
Tel. +49 89 1890 435-0
Fax. +49 89 1890 435-29

_______________________________________________
Checkmk-announce mailing list
Checkmk-announce@lists.mathias-kettner.de
http://lists.mathias-kettner.de/mailman/listinfo/checkmk-announce

[Dovecot-news] v2.2.33 release candidate released

https://dovecot.org/releases/2.2/rc/dovecot-2.2.33.rc1.tar.gz
https://dovecot.org/releases/2.2/rc/dovecot-2.2.33.rc1.tar.gz.sig

There are a couple more small changes still coming, but this should be very close to the final release. I’m especially interested in hearing if there are any problems with doveadm log proxying or with director. We’ve improved our automated director tests quite a lot now, and fixed some rarely occurring bugs.

* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend’s logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
“:LISTINDEX=” to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc’s dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
– sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
– lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn’t an IP
– lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
– quota_clone: Update also when quota is unlimited (broken in v2.2.31)
– mbox, zlib: Fix assert-crash when accessing compressed mbox
– doveadm director kick -f parameter didn’t work
– doveadm director flush resulted flushing all hosts, if
wasn’t an IP address.
– director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
– director: Use less CPU in imap-login processes when moving/kicking
many users.
– lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
– doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news