Security update for ImageMagick

5501 Security update for ImageMagick moderate openSUSE Leap 42.1 Update This update for ImageMagick fixes the following issues: - security update: * CVE-2016-6520: buffer overflow [bsc#991872] * CVE-2016-5010: Out-of-bounds read in CopyMagickMemory [bsc#991444] * CVE-2016-6491: Out-of-bounds read when processing crafted tiff files [bsc#991445] This update was imported from the SUSE:SLE-12:Update update project. ImageMagick-6.8.8.1-18.2.i586.rpm ImageMagick-6.8.8.1-18.2.src.rpm ImageMagick-debuginfo-6.8.8.1-18.2.i586.rpm ImageMagick-debugsource-6.8.8.1-18.2.i586.rpm ImageMagick-devel-32bit-6.8.8.1-18.2.x86_64.rpm ImageMagick-devel-6.8.8.1-18.2.i586.rpm ImageMagick-doc-6.8.8.1-18.2.noarch.rpm ImageMagick-extra-6.8.8.1-18.2.i586.rpm ImageMagick-extra-debuginfo-6.8.8.1-18.2.i586.rpm libMagick++-6_Q16-3-32bit-6.8.8.1-18.2.x86_64.rpm libMagick++-6_Q16-3-6.8.8.1-18.2.i586.rpm libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-18.2.x86_64.rpm libMagick++-6_Q16-3-debuginfo-6.8.8.1-18.2.i586.rpm libMagick++-devel-32bit-6.8.8.1-18.2.x86_64.rpm libMagick++-devel-6.8.8.1-18.2.i586.rpm libMagickCore-6_Q16-1-32bit-6.8.8.1-18.2.x86_64.rpm libMagickCore-6_Q16-1-6.8.8.1-18.2.i586.rpm libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-18.2.x86_64.rpm libMagickCore-6_Q16-1-debuginfo-6.8.8.1-18.2.i586.rpm libMagickWand-6_Q16-1-32bit-6.8.8.1-18.2.x86_64.rpm libMagickWand-6_Q16-1-6.8.8.1-18.2.i586.rpm libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-18.2.x86_64.rpm libMagickWand-6_Q16-1-debuginfo-6.8.8.1-18.2.i586.rpm perl-PerlMagick-6.8.8.1-18.2.i586.rpm perl-PerlMagick-debuginfo-6.8.8.1-18.2.i586.rpm ImageMagick-6.8.8.1-18.2.x86_64.rpm ImageMagick-debuginfo-6.8.8.1-18.2.x86_64.rpm ImageMagick-debugsource-6.8.8.1-18.2.x86_64.rpm ImageMagick-devel-6.8.8.1-18.2.x86_64.rpm ImageMagick-extra-6.8.8.1-18.2.x86_64.rpm ImageMagick-extra-debuginfo-6.8.8.1-18.2.x86_64.rpm libMagick++-6_Q16-3-6.8.8.1-18.2.x86_64.rpm libMagick++-6_Q16-3-debuginfo-6.8.8.1-18.2.x86_64.rpm libMagick++-devel-6.8.8.1-18.2.x86_64.rpm libMagickCore-6_Q16-1-6.8.8.1-18.2.x86_64.rpm libMagickCore-6_Q16-1-debuginfo-6.8.8.1-18.2.x86_64.rpm libMagickWand-6_Q16-1-6.8.8.1-18.2.x86_64.rpm libMagickWand-6_Q16-1-debuginfo-6.8.8.1-18.2.x86_64.rpm perl-PerlMagick-6.8.8.1-18.2.x86_64.rpm perl-PerlMagick-debuginfo-6.8.8.1-18.2.x86_64.rpm 5504 Security update for typo3-cms-4_5 moderate openSUSE Leap 42.1 Update This update for typo3-cms-4_5 fixes the following issues: - CVE-2015-2047: Authentication Bypass (TYPO3-CORE-SA-2015-001) - CVE-2014-9508: Link spoofing and cache poisoning (TYPO3-CORE-SA-2014-003) - TYPO3-CORE-SA-2014-002: Multiple Vulnerabilities - CVE-2013-7073: Multiple vulnerabilities (TYPO3-CORE-SA-2013-004) This update contains the last upstream release 4.5.40, LTS discontinued since 04.2015. typo3-cms-4_5-4.5.40-7.1.noarch.rpm typo3-cms-4_5-4.5.40-7.1.src.rpm 5507 Recommended update for findutils moderate openSUSE Leap 42.1 Update This update for findutils fixes the following issues: - find -exec + would not pass all arguments for certain specific filename lengths (bsc#986935) This update was imported from the SUSE:SLE-12:Update update project. findutils-4.5.12-10.1.i586.rpm findutils-4.5.12-10.1.src.rpm findutils-debuginfo-4.5.12-10.1.i586.rpm findutils-debugsource-4.5.12-10.1.i586.rpm findutils-lang-4.5.12-10.1.noarch.rpm findutils-4.5.12-10.1.x86_64.rpm findutils-debuginfo-4.5.12-10.1.x86_64.rpm findutils-debugsource-4.5.12-10.1.x86_64.rpm 5508 Security update for libqt4 moderate openSUSE Leap 42.1 Update This update for libqt4 fixes the following issues: Various unsafe SSL ciphers have been disabled in the standard SSL classes. Also the RC4 based ciphers have been disabled. (bsc#865241) This update was imported from the SUSE:SLE-12:Update update project. libqt4-devel-doc-4.8.6-13.2.i586.rpm libqt4-devel-doc-4.8.6-13.2.src.rpm libqt4-devel-doc-data-4.8.6-13.2.noarch.rpm libqt4-devel-doc-debuginfo-4.8.6-13.2.i586.rpm libqt4-devel-doc-debugsource-4.8.6-13.2.i586.rpm qt4-x11-tools-4.8.6-13.2.i586.rpm qt4-x11-tools-debuginfo-4.8.6-13.2.i586.rpm libqt4-sql-mysql-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-mysql-4.8.6-13.1.i586.rpm libqt4-sql-mysql-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-mysql-debuginfo-4.8.6-13.1.i586.rpm libqt4-sql-plugins-4.8.6-13.1.src.rpm libqt4-sql-plugins-debugsource-4.8.6-13.1.i586.rpm libqt4-sql-postgresql-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-postgresql-4.8.6-13.1.i586.rpm libqt4-sql-postgresql-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-postgresql-debuginfo-4.8.6-13.1.i586.rpm libqt4-sql-unixODBC-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-unixODBC-4.8.6-13.1.i586.rpm libqt4-sql-unixODBC-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-unixODBC-debuginfo-4.8.6-13.1.i586.rpm libqt4-32bit-4.8.6-13.1.x86_64.rpm libqt4-4.8.6-13.1.i586.rpm libqt4-4.8.6-13.1.src.rpm libqt4-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-debuginfo-4.8.6-13.1.i586.rpm libqt4-debugsource-4.8.6-13.1.i586.rpm libqt4-devel-4.8.6-13.1.i586.rpm libqt4-devel-debuginfo-4.8.6-13.1.i586.rpm libqt4-linguist-4.8.6-13.1.i586.rpm libqt4-linguist-debuginfo-4.8.6-13.1.i586.rpm libqt4-private-headers-devel-4.8.6-13.1.i586.rpm libqt4-qt3support-32bit-4.8.6-13.1.x86_64.rpm libqt4-qt3support-4.8.6-13.1.i586.rpm libqt4-qt3support-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-qt3support-debuginfo-4.8.6-13.1.i586.rpm libqt4-sql-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-4.8.6-13.1.i586.rpm libqt4-sql-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-debuginfo-4.8.6-13.1.i586.rpm libqt4-sql-sqlite-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-sqlite-4.8.6-13.1.i586.rpm libqt4-sql-sqlite-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.8.6-13.1.i586.rpm libqt4-x11-32bit-4.8.6-13.1.x86_64.rpm libqt4-x11-4.8.6-13.1.i586.rpm libqt4-x11-debuginfo-32bit-4.8.6-13.1.x86_64.rpm libqt4-x11-debuginfo-4.8.6-13.1.i586.rpm libqt4-devel-doc-4.8.6-13.2.x86_64.rpm libqt4-devel-doc-debuginfo-4.8.6-13.2.x86_64.rpm libqt4-devel-doc-debugsource-4.8.6-13.2.x86_64.rpm qt4-x11-tools-4.8.6-13.2.x86_64.rpm qt4-x11-tools-debuginfo-4.8.6-13.2.x86_64.rpm libqt4-sql-mysql-4.8.6-13.1.x86_64.rpm libqt4-sql-mysql-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-sql-plugins-debugsource-4.8.6-13.1.x86_64.rpm libqt4-sql-postgresql-4.8.6-13.1.x86_64.rpm libqt4-sql-postgresql-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-sql-unixODBC-4.8.6-13.1.x86_64.rpm libqt4-sql-unixODBC-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-4.8.6-13.1.x86_64.rpm libqt4-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-debugsource-4.8.6-13.1.x86_64.rpm libqt4-devel-4.8.6-13.1.x86_64.rpm libqt4-devel-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-linguist-4.8.6-13.1.x86_64.rpm libqt4-linguist-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-private-headers-devel-4.8.6-13.1.x86_64.rpm libqt4-qt3support-4.8.6-13.1.x86_64.rpm libqt4-qt3support-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-sql-4.8.6-13.1.x86_64.rpm libqt4-sql-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-sql-sqlite-4.8.6-13.1.x86_64.rpm libqt4-sql-sqlite-debuginfo-4.8.6-13.1.x86_64.rpm libqt4-x11-4.8.6-13.1.x86_64.rpm libqt4-x11-debuginfo-4.8.6-13.1.x86_64.rpm 5521 Recommended update for vim moderate openSUSE Leap 42.1 Update This update for vim fixes the following issues: - Removed --with-x=no because X is needed for copy-pasting to X clipboard. (boo#987515) gvim-7.4.326-5.1.i586.rpm gvim-debuginfo-7.4.326-5.1.i586.rpm vim-7.4.326-5.1.i586.rpm vim-7.4.326-5.1.src.rpm vim-data-7.4.326-5.1.noarch.rpm vim-debuginfo-7.4.326-5.1.i586.rpm vim-debugsource-7.4.326-5.1.i586.rpm gvim-7.4.326-5.1.x86_64.rpm gvim-debuginfo-7.4.326-5.1.x86_64.rpm vim-7.4.326-5.1.x86_64.rpm vim-debuginfo-7.4.326-5.1.x86_64.rpm vim-debugsource-7.4.326-5.1.x86_64.rpm 5523 Recommended update for virtualbox moderate openSUSE Leap 42.1 Update This update for virtualbox fixes the following issues: - VMM: Fixed a bug in the task switching code. - GUI: Allow to overwrite an existing file when saving a log file. - GUI: Fixed screenshot if the VM is started in separate mode. - Audio: Improved recording from USB headsets and other sources which might need conversion of captured data. - Audio: Fixed regression of not having any audio available on Solaris hosts. - VGA: Fixed an occasional hang when running Windows guests with 3D enabled. - Storage: Fixed a possible endless reconnect loop for the iSCSI backend if connecting to the target succeeds but further I/O requests cause a disconnect. - Storage: Fixed a bug when resizing certain VDI images which resulted in using the whole disk on the host. - EFI: Fixed access to devices attached to SATA port 2 and higher. - API: fixed video recording with VBoxHeadless. - API: Don't crash if there is no graphics controller configured. - VBoxSVC: Fixed several memory leaks when handling .dmg images. - Solaris hosts: Fixed a crash on hosts with certain CPU configurations. - Windows hosts: Properly fall back to NDIS5 on pre-Vista hosts on silent installations. python-virtualbox-5.0.26-28.1.x86_64.rpm python-virtualbox-debuginfo-5.0.26-28.1.x86_64.rpm virtualbox-5.0.26-28.1.src.rpm virtualbox-5.0.26-28.1.x86_64.rpm virtualbox-debuginfo-5.0.26-28.1.x86_64.rpm virtualbox-debugsource-5.0.26-28.1.x86_64.rpm virtualbox-devel-5.0.26-28.1.x86_64.rpm virtualbox-guest-desktop-icons-5.0.26-28.1.noarch.rpm virtualbox-guest-kmp-default-5.0.26_k4.1.27_27-28.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-5.0.26_k4.1.27_27-28.1.x86_64.rpm virtualbox-guest-tools-5.0.26-28.1.x86_64.rpm virtualbox-guest-tools-debuginfo-5.0.26-28.1.x86_64.rpm virtualbox-guest-x11-5.0.26-28.1.x86_64.rpm virtualbox-guest-x11-debuginfo-5.0.26-28.1.x86_64.rpm virtualbox-host-kmp-default-5.0.26_k4.1.27_27-28.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-5.0.26_k4.1.27_27-28.1.x86_64.rpm virtualbox-host-source-5.0.26-28.1.noarch.rpm virtualbox-qt-5.0.26-28.1.x86_64.rpm virtualbox-qt-debuginfo-5.0.26-28.1.x86_64.rpm virtualbox-websrv-5.0.26-28.1.x86_64.rpm virtualbox-websrv-debuginfo-5.0.26-28.1.x86_64.rpm 5524 Recommended update for pacemaker moderate openSUSE Leap 42.1 Update This update for pacemaker fixes the following issues: - crm_mon: Avoid logging errors for any CIB changes that we don't care about (bsc#986931) - crmd: When node load was reduced, crmd carries out a feasible action. - ping: Log sensible error when /tmp is full (bsc#987348) - crm_mon: Do not log errors for the known CIB changes that should be ignored (bsc#986931) - libservices: include socket units when listing all systemd agents - fencing: fence_legacy - Search capable devices by querying them through "list" action for cluster-glue stonith agents (bsc#986265) - pengine,tools: Display pending resource state by default when it's available (bsc#986201) - systemd: Allow unit names ending in .socket. - crmd: mention that graceful remote shutdowns may cause connection failures (bsc#981489) - libais,libcluster,libcrmcommon,liblrmd: don't use %z specifier - tools: crm_resource -T option should not be hidden anymore - PE: Correctly update the dependent actions of un-runnable clones - attrd,ipc: Prevent possible segfault on exit (bsc#986056) - tools: properly handle crm_resource --restart with a resource in a group - tools: don't assume all resources restart on same node with crm_resource --restart - tools: avoid memory leaks in crm_resource --restart - tools: remember any existing target-role when doing crm_resource --restart - tools: correctly count starting resources when doing crm_resource --restart - Add logrotate to requirements of pacemaker-cli - libcrmcommon: really ensure crm_time_t structure is fully initialized by API calls - crmd: avoid timeout on older peers when cancelling a resource operation - crmd: use proper resource agent name when caching metadata - crmd: avoid memory leak when sending fencing alert - liblrmd: avoid memory leak when closing or deleting lrmd connections - tools: avoid memory leak when crm_mon unpacks constraints - pengine: avoid use-after-free with location constraint + sets + templates - pengine: better error handling when unpacking sets in location constraints - pengine: avoid memory leak when invalid constraint involves set - cts: avoid kill usage error if DummySD stop called when already stopped - pengine : Correction of the record judgment of the failed information. - crmd: clear remote node transient attributes on disconnect (bsc#981489) - Revert "Fix: attrd: Correctly implement mass removal of a node's attributes" (bsc#981489) - attrd: ensure remote nodes are in correct peer cache (bsc#981489) - crmd: set remote flag when gracefully shutting down remote nodes (bsc#981489) - crmd: Graceful proxy shutdown is now tested (bsc#981489) - crmd: Set the shutdown transient attribute in response to LRMD_IPC_OP_SHUTDOWN_REQ from remote nodes (bsc#981489) - PE: Honor the shutdown transient attributes for remote nodes (bsc#981489) - pacemaker_remote: support graceful stops (bsc#981489) - crmd: support graceful pacemaker_remote stops (bsc#981489) - lrmd,liblrmd: add lrmd IPC operations for requesting and acknowledging shutdown (bsc#981489) - cts: simulate pacemaker_remote failure with kill (bsc#981489) - crmd,lrmd,liblrmd: use defined constants for lrmd IPC operations (bsc#981489) - lrmd: make proxied IPC providers/clients opaque (bsc#981489) - lrmd: handle shutdown a little more cleanly (bsc#981489) - libpengine: log message when stonith disabled, not enabled - pengine: only set unfencing constraints once - libcrmcommon: ensure crm_time_t structure is fully initialized by API calls - attrd: don't leak memory when returning due to malformed update request - pengine: properly order stop actions relative to stonith - crm_resource: don't pretend that target-role:started would prevent promotion - crm_mon: consistently print ms resource state - controld: use "stonith_admin -H '*' -V" (bsc#977201) - stonith_admin: allow -H '*' to show history for all nodes (bsc#977201) - controld: fix "[: -eq: unary operator expected" issue from PR 1022 (bsc#977201) - controld: Prevent unwanted self-fencing if "stateful_merge_wait" state of dlm is not available (bsc#977201) - spec: fence_pcmk only eligible for Pacemaker+CMAN - crmd: Acknowledge cancellation operations for remote connection resources (bsc#976865) - controld: improve DLM check with stateful_merge_wait (bsc#977201) - attrd, libcrmcommon: validate attrd requests better - crm_mon: Fix time formatting on x32 - resources: use OCF version tagging correctly - libcommon: crm_procfs_pid_of() would always return last /proc entry checked - crmd: Take start-delay into account for the timeout of the action timer (bsc#977258) - libservices: make systemd override file world-readable to avoid log warning - libcrmcommon: correct directory name in log message - pengine: Correctly set the environment variable "OCF_RESKEY_CRM_meta_timeout" when "start-delay" is configured (bsc#977258) - services: Correctly clean up service actions for non-dbus case - RA: SysInfo - Reset the node attribute "#health_disk" to "green" when there's sufficient free disk (bsc#975079) - pengine: Organize order of actions for slave resources in anti-colocations (bsc#977800) - pengine: Organize order of actions for master resources in anti-colocations (bsc#977800) - pengine: Respect asymmetrical ordering when trying to move resources (bsc#977675) - fencing: Record the last known names of nodes to make sure fencing requested with nodeid works (bsc#974108) - ping resource: Use fping6 for IPv6 hosts (bsc#976271) - pengine: Consider resource failed if any of the configured monitor operations failed (bsc#972187) - spec: make Publican docs not depend on pre-existing packages - cib/fencing: Set status callback before connecting to cluster (bsc#974108) - libtransition: potential memory leak if unpacking action fails - attrd: crash on exit if initialization fails - pengine: Suppress assert if a stateful clone is not being demoted/stopped (bsc#971129) - PE: Correctly handle the ordering of demote actions for failed and moving containers - libcib: Correctly determine the node type (bsc#967775) - resources: match agents' default for globally_unique to pacemaker's - crm_resource: Prevent segfault when --resource is not correctly supplied for --restart command Additionally, the following bug-references have been added to the changelog: bsc#986676, bsc#981731, bsc#970733, bsc#967383, bsc#967254, bsc#956500 This update was imported from the SUSE:SLE-12-SP1:Update update project. libpacemaker-devel-1.1.13-20.1.i586.rpm libpacemaker3-1.1.13-20.1.i586.rpm libpacemaker3-debuginfo-1.1.13-20.1.i586.rpm pacemaker-1.1.13-20.1.i586.rpm pacemaker-1.1.13-20.1.src.rpm pacemaker-cli-1.1.13-20.1.i586.rpm pacemaker-cli-debuginfo-1.1.13-20.1.i586.rpm pacemaker-cts-1.1.13-20.1.i586.rpm pacemaker-cts-debuginfo-1.1.13-20.1.i586.rpm pacemaker-debuginfo-1.1.13-20.1.i586.rpm pacemaker-debugsource-1.1.13-20.1.i586.rpm pacemaker-remote-1.1.13-20.1.i586.rpm pacemaker-remote-debuginfo-1.1.13-20.1.i586.rpm libpacemaker-devel-1.1.13-20.1.x86_64.rpm libpacemaker3-1.1.13-20.1.x86_64.rpm libpacemaker3-debuginfo-1.1.13-20.1.x86_64.rpm pacemaker-1.1.13-20.1.x86_64.rpm pacemaker-cli-1.1.13-20.1.x86_64.rpm pacemaker-cli-debuginfo-1.1.13-20.1.x86_64.rpm pacemaker-cts-1.1.13-20.1.x86_64.rpm pacemaker-cts-debuginfo-1.1.13-20.1.x86_64.rpm pacemaker-debuginfo-1.1.13-20.1.x86_64.rpm pacemaker-debugsource-1.1.13-20.1.x86_64.rpm pacemaker-remote-1.1.13-20.1.x86_64.rpm pacemaker-remote-debuginfo-1.1.13-20.1.x86_64.rpm 5525 Security update for phpMyAdmin important openSUSE Leap 42.1 Update phpMyAdmin was updated to version 4.4.15.8 (2016-08-16) to fix the following issues: - Upstream changelog for 4.4.15.8: * Improve session cookie code for openid.php and signon.php example files * Full path disclosure in openid.php and signon.php example files * Unsafe generation of BlowfishSecret (when not supplied by the user) * Referrer leak when phpinfo is enabled * Use HTTPS for wiki links * Improve SSL certificate handling * Fix full path disclosure in debugging code * Administrators could trigger SQL injection attack against users - other fixes * Remove Swekey support - Security fixes: https://www.phpmyadmin.net/security/ * Weaknesses with cookie encryption see PMASA-2016-29 (CVE-2016-6606, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-30 (CVE-2016-6607, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-31 (CVE-2016-6608, CWE-661) * PHP code injection see PMASA-2016-32 (CVE-2016-6609, CWE-661) * Full path disclosure see PMASA-2016-33 (CVE-2016-6610, CWE-661) * SQL injection attack see PMASA-2016-34 (CVE-2016-6611, CWE-661) * Local file exposure through LOAD DATA LOCAL INFILE see PMASA-2016-35 (CVE-2016-6612, CWE-661) * Local file exposure through symlinks with UploadDir see PMASA-2016-36 (CVE-2016-6613, CWE-661) * Path traversal with SaveDir and UploadDir see PMASA-2016-37 (CVE-2016-6614, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-38 (CVE-2016-6615, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-39 (CVE-2016-6616, CWE-661) * SQL injection vulnerability see PMASA-2016-40 (CVE-2016-6617, CWE-661) * Denial-of-service attack through transformation feature see PMASA-2016-41 (CVE-2016-6618, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-42 (CVE-2016-6619, CWE-661) * Verify data before unserializing see PMASA-2016-43 (CVE-2016-6620, CWE-661) * SSRF in setup script see PMASA-2016-44 (CVE-2016-6621, CWE-661) * Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections see PMASA-2016-45 (CVE-2016-6622, CWE-661) * Denial-of-service attack by using for loops see PMASA-2016-46 (CVE-2016-6623, CWE-661) * Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server see PMASA-2016-47 (CVE-2016-6624, CWE-661) * Detect if user is logged in see PMASA-2016-48 (CVE-2016-6625, CWE-661) * Bypass URL redirection protection see PMASA-2016-49 (CVE-2016-6626, CWE-661) * Referrer leak see PMASA-2016-50 (CVE-2016-6627, CWE-661) * Reflected File Download see PMASA-2016-51 (CVE-2016-6628, CWE-661) * ArbitraryServerRegexp bypass see PMASA-2016-52 (CVE-2016-6629, CWE-661) * Denial-of-service attack by entering long password see PMASA-2016-53 (CVE-2016-6630, CWE-661) * Remote code execution vulnerability when running as CGI see PMASA-2016-54 (CVE-2016-6631, CWE-661) * Denial-of-service attack when PHP uses dbase extension see PMASA-2016-55 (CVE-2016-6632, CWE-661) * Remove tode execution vulnerability when PHP uses dbase extension see PMASA-2016-56 (CVE-2016-6633, CWE-661) phpMyAdmin-4.4.15.8-25.1.noarch.rpm phpMyAdmin-4.4.15.8-25.1.src.rpm 5526 Security update for cracklib moderate openSUSE Leap 42.1 Update This update for cracklib fixes the following issues: - Add patch to fix a buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318) This update was imported from the SUSE:SLE-12:Update update project. cracklib-2.9.0-7.1.i586.rpm cracklib-2.9.0-7.1.src.rpm cracklib-debuginfo-2.9.0-7.1.i586.rpm cracklib-debugsource-2.9.0-7.1.i586.rpm cracklib-devel-2.9.0-7.1.i586.rpm cracklib-devel-32bit-2.9.0-7.1.x86_64.rpm cracklib-dict-small-2.9.0-7.1.i586.rpm libcrack2-2.9.0-7.1.i586.rpm libcrack2-32bit-2.9.0-7.1.x86_64.rpm libcrack2-debuginfo-2.9.0-7.1.i586.rpm libcrack2-debuginfo-32bit-2.9.0-7.1.x86_64.rpm libpwquality-1.2.3-5.1.src.rpm libpwquality-debugsource-1.2.3-5.1.i586.rpm libpwquality-devel-1.2.3-5.1.i586.rpm libpwquality-lang-1.2.3-5.1.noarch.rpm libpwquality-tools-1.2.3-5.1.i586.rpm libpwquality-tools-debuginfo-1.2.3-5.1.i586.rpm libpwquality1-1.2.3-5.1.i586.rpm libpwquality1-debuginfo-1.2.3-5.1.i586.rpm pam_pwquality-1.2.3-5.1.i586.rpm pam_pwquality-debuginfo-1.2.3-5.1.i586.rpm python-pwquality-1.2.3-5.1.i586.rpm python-pwquality-debuginfo-1.2.3-5.1.i586.rpm cracklib-2.9.0-7.1.x86_64.rpm cracklib-debuginfo-2.9.0-7.1.x86_64.rpm cracklib-debugsource-2.9.0-7.1.x86_64.rpm cracklib-devel-2.9.0-7.1.x86_64.rpm cracklib-dict-small-2.9.0-7.1.x86_64.rpm libcrack2-2.9.0-7.1.x86_64.rpm libcrack2-debuginfo-2.9.0-7.1.x86_64.rpm libpwquality-debugsource-1.2.3-5.1.x86_64.rpm libpwquality-devel-1.2.3-5.1.x86_64.rpm libpwquality-tools-1.2.3-5.1.x86_64.rpm libpwquality-tools-debuginfo-1.2.3-5.1.x86_64.rpm libpwquality1-1.2.3-5.1.x86_64.rpm libpwquality1-debuginfo-1.2.3-5.1.x86_64.rpm pam_pwquality-1.2.3-5.1.x86_64.rpm pam_pwquality-debuginfo-1.2.3-5.1.x86_64.rpm python-pwquality-1.2.3-5.1.x86_64.rpm python-pwquality-debuginfo-1.2.3-5.1.x86_64.rpm 5529 Recommended update for kbd low openSUSE Leap 42.1 Update This update fixes loading of some console keymaps, including the default keymap used by "loadkeys -d". This update was imported from the SUSE:SLE-12:Update update project. kbd-1.15.5-12.1.i586.rpm kbd-1.15.5-12.1.src.rpm kbd-debuginfo-1.15.5-12.1.i586.rpm kbd-debugsource-1.15.5-12.1.i586.rpm kbd-1.15.5-12.1.x86_64.rpm kbd-debuginfo-1.15.5-12.1.x86_64.rpm kbd-debugsource-1.15.5-12.1.x86_64.rpm 5530 Recommended update for postgresql-init low openSUSE Leap 42.1 Update This update for postgresql-init converts the former initialization script into a service file for Systemd. With this change, PostgreSQL will now by default write logs to syslog instead of $DATADIR/postmaster.log. This update was imported from the SUSE:SLE-12:Update update project. postgresql-init-9.4-12.1.noarch.rpm postgresql-init-9.4-12.1.src.rpm 5531 Security update for MozillaFirefox, mozilla-nss moderate openSUSE Leap 42.1 Update This update for MozillaFirefox, mozilla-nss fixes the following issues: Changes in MozillaFirefox: - Mozilla Firefox 48.0.1: * Fixed an audio regression impacting some major websites (bmo#1295296) * Fix a top crash in the JavaScript engine (bmo#1290469) * Fix a startup crash issue caused by Websense (bmo#1291738) * Fix a different behavior with e10s / non-e10s on <select> and mouse events (bmo#1291078) * Fix a top crash caused by plugin issues (bmo#1264530) * Fix a shutdown issue (bmo#1276920) * Fix a crash in WebRTC - added upstream patch so system plugins/extensions are correctly loaded again on x86-64 (bmo#1282843) - CVE-2016-6354: Fix for possible buffer overrun (boo#990856) Changes in mozilla-nss: - also sign libfreeblpriv3.so to allow FIPS mode again (boo#992236) MozillaFirefox-48.0.1-30.4.i586.rpm MozillaFirefox-48.0.1-30.4.src.rpm MozillaFirefox-branding-upstream-48.0.1-30.4.i586.rpm MozillaFirefox-buildsymbols-48.0.1-30.4.i586.rpm MozillaFirefox-debuginfo-48.0.1-30.4.i586.rpm MozillaFirefox-debugsource-48.0.1-30.4.i586.rpm MozillaFirefox-devel-48.0.1-30.4.i586.rpm MozillaFirefox-translations-common-48.0.1-30.4.i586.rpm MozillaFirefox-translations-other-48.0.1-30.4.i586.rpm libfreebl3-3.24-26.1.i586.rpm libfreebl3-32bit-3.24-26.1.x86_64.rpm libfreebl3-debuginfo-3.24-26.1.i586.rpm libfreebl3-debuginfo-32bit-3.24-26.1.x86_64.rpm libsoftokn3-3.24-26.1.i586.rpm libsoftokn3-32bit-3.24-26.1.x86_64.rpm libsoftokn3-debuginfo-3.24-26.1.i586.rpm libsoftokn3-debuginfo-32bit-3.24-26.1.x86_64.rpm mozilla-nss-3.24-26.1.i586.rpm mozilla-nss-3.24-26.1.src.rpm mozilla-nss-32bit-3.24-26.1.x86_64.rpm mozilla-nss-certs-3.24-26.1.i586.rpm mozilla-nss-certs-32bit-3.24-26.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.24-26.1.i586.rpm mozilla-nss-certs-debuginfo-32bit-3.24-26.1.x86_64.rpm mozilla-nss-debuginfo-3.24-26.1.i586.rpm mozilla-nss-debuginfo-32bit-3.24-26.1.x86_64.rpm mozilla-nss-debugsource-3.24-26.1.i586.rpm mozilla-nss-devel-3.24-26.1.i586.rpm mozilla-nss-sysinit-3.24-26.1.i586.rpm mozilla-nss-sysinit-32bit-3.24-26.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.24-26.1.i586.rpm mozilla-nss-sysinit-debuginfo-32bit-3.24-26.1.x86_64.rpm mozilla-nss-tools-3.24-26.1.i586.rpm mozilla-nss-tools-debuginfo-3.24-26.1.i586.rpm MozillaFirefox-48.0.1-30.4.x86_64.rpm MozillaFirefox-branding-upstream-48.0.1-30.4.x86_64.rpm MozillaFirefox-buildsymbols-48.0.1-30.4.x86_64.rpm MozillaFirefox-debuginfo-48.0.1-30.4.x86_64.rpm MozillaFirefox-debugsource-48.0.1-30.4.x86_64.rpm MozillaFirefox-devel-48.0.1-30.4.x86_64.rpm MozillaFirefox-translations-common-48.0.1-30.4.x86_64.rpm MozillaFirefox-translations-other-48.0.1-30.4.x86_64.rpm libfreebl3-3.24-26.1.x86_64.rpm libfreebl3-debuginfo-3.24-26.1.x86_64.rpm libsoftokn3-3.24-26.1.x86_64.rpm libsoftokn3-debuginfo-3.24-26.1.x86_64.rpm mozilla-nss-3.24-26.1.x86_64.rpm mozilla-nss-certs-3.24-26.1.x86_64.rpm mozilla-nss-certs-debuginfo-3.24-26.1.x86_64.rpm mozilla-nss-debuginfo-3.24-26.1.x86_64.rpm mozilla-nss-debugsource-3.24-26.1.x86_64.rpm mozilla-nss-devel-3.24-26.1.x86_64.rpm mozilla-nss-sysinit-3.24-26.1.x86_64.rpm mozilla-nss-sysinit-debuginfo-3.24-26.1.x86_64.rpm mozilla-nss-tools-3.24-26.1.x86_64.rpm mozilla-nss-tools-debuginfo-3.24-26.1.x86_64.rpm 5532 Recommended update for clamav-database low openSUSE Leap 42.1 Update This update for clamav-database fixes the following issues: - Database refresh August 22nd. This update was imported from the SUSE:SLE-12:Update update project. clamav-database-201608220003-146.1.noarch.rpm clamav-database-201608220003-146.1.src.rpm 5533 Recommended update for timezone low openSUSE Leap 42.1 Update This update for timezone adds a positive leap second at the end of 2016-12-31. This update was imported from the SUSE:SLE-12:Update update project. timezone-java-2016f-0.25.1.noarch.rpm timezone-java-2016f-0.25.1.src.rpm timezone-2016f-0.25.1.i586.rpm timezone-2016f-0.25.1.src.rpm timezone-debuginfo-2016f-0.25.1.i586.rpm timezone-debugsource-2016f-0.25.1.i586.rpm timezone-2016f-0.25.1.x86_64.rpm timezone-debuginfo-2016f-0.25.1.x86_64.rpm timezone-debugsource-2016f-0.25.1.x86_64.rpm 5534 Security update for eog moderate openSUSE Leap 42.1 Update This update for eog fixes the following issues: - Update to version 3.16.5 (boo#994819, CVE-2016-6855): + Bug fixes: - bgo#770143: CVE-2016-6855 out-of-bounds write in eog 3.10.2. - bgo#770197: eog leaks error message if loading an SVG fails. eog-3.16.5-9.1.i586.rpm eog-3.16.5-9.1.src.rpm eog-debuginfo-3.16.5-9.1.i586.rpm eog-debugsource-3.16.5-9.1.i586.rpm eog-devel-3.16.5-9.1.i586.rpm eog-lang-3.16.5-9.1.noarch.rpm eog-3.16.5-9.1.x86_64.rpm eog-debuginfo-3.16.5-9.1.x86_64.rpm eog-debugsource-3.16.5-9.1.x86_64.rpm eog-devel-3.16.5-9.1.x86_64.rpm 5535 Security update for krb5 moderate openSUSE Leap 42.1 Update This update for krb5 fixes the following issues: - CVE-2016-3120: KDC NULL Pointer Dereference Denial Of Service Vulnerability (bsc#991088) This update was imported from the SUSE:SLE-12:Update update project. krb5-mini-1.12.1-36.1.i586.rpm krb5-mini-1.12.1-36.1.src.rpm krb5-mini-debuginfo-1.12.1-36.1.i586.rpm krb5-mini-debugsource-1.12.1-36.1.i586.rpm krb5-mini-devel-1.12.1-36.1.i586.rpm krb5-1.12.1-36.1.i586.rpm krb5-1.12.1-36.1.src.rpm krb5-32bit-1.12.1-36.1.x86_64.rpm krb5-client-1.12.1-36.1.i586.rpm krb5-client-debuginfo-1.12.1-36.1.i586.rpm krb5-debuginfo-1.12.1-36.1.i586.rpm krb5-debuginfo-32bit-1.12.1-36.1.x86_64.rpm krb5-debugsource-1.12.1-36.1.i586.rpm krb5-devel-1.12.1-36.1.i586.rpm krb5-devel-32bit-1.12.1-36.1.x86_64.rpm krb5-doc-1.12.1-36.1.i586.rpm krb5-plugin-kdb-ldap-1.12.1-36.1.i586.rpm krb5-plugin-kdb-ldap-debuginfo-1.12.1-36.1.i586.rpm krb5-plugin-preauth-otp-1.12.1-36.1.i586.rpm krb5-plugin-preauth-otp-debuginfo-1.12.1-36.1.i586.rpm krb5-plugin-preauth-pkinit-1.12.1-36.1.i586.rpm krb5-plugin-preauth-pkinit-debuginfo-1.12.1-36.1.i586.rpm krb5-server-1.12.1-36.1.i586.rpm krb5-server-debuginfo-1.12.1-36.1.i586.rpm krb5-mini-1.12.1-36.1.x86_64.rpm krb5-mini-debuginfo-1.12.1-36.1.x86_64.rpm krb5-mini-debugsource-1.12.1-36.1.x86_64.rpm krb5-mini-devel-1.12.1-36.1.x86_64.rpm krb5-1.12.1-36.1.x86_64.rpm krb5-client-1.12.1-36.1.x86_64.rpm krb5-client-debuginfo-1.12.1-36.1.x86_64.rpm krb5-debuginfo-1.12.1-36.1.x86_64.rpm krb5-debugsource-1.12.1-36.1.x86_64.rpm krb5-devel-1.12.1-36.1.x86_64.rpm krb5-doc-1.12.1-36.1.x86_64.rpm krb5-plugin-kdb-ldap-1.12.1-36.1.x86_64.rpm krb5-plugin-kdb-ldap-debuginfo-1.12.1-36.1.x86_64.rpm krb5-plugin-preauth-otp-1.12.1-36.1.x86_64.rpm krb5-plugin-preauth-otp-debuginfo-1.12.1-36.1.x86_64.rpm krb5-plugin-preauth-pkinit-1.12.1-36.1.x86_64.rpm krb5-plugin-preauth-pkinit-debuginfo-1.12.1-36.1.x86_64.rpm krb5-server-1.12.1-36.1.x86_64.rpm krb5-server-debuginfo-1.12.1-36.1.x86_64.rpm