openSUSE:Evergreen 11.2
This page describes part of the community maintenance project with codename Evergreen, version only 11.2.
Evergreen 11.2 purpose
Evergeen 11.2 was started in response to call for continuing security patches for openSUSE 11.2 after it official end at May 2011. Although it's also community supported as part of Evergreen project and tries to follow official security patches, due to lack of active packagers, some packages can be outdated and others can be updated to higher versions. For truly supported Evergreen version have a look at 11.4 version.
How long will it be supported?
The support for Evergreen 11.2 ends at 30th November 2013. Please consider migration of your system to openSUSE 13.1, which will be the next Evergreen supported version
How to activate
- In YAST or via zypper, add the update repository as outlined below and accept the new key offered. On 11.2 you should set the priority to 20 to match the original update repository.
sudo zypper ar --refresh -r http://download.opensuse.org/evergreen/11.2/openSUSE:Evergreen:11.2.repo
- create a file /etc/zypp/vendors.d/evergreen with the following content
[main] vendors = openSUSE Evergreen,suse,opensuse
You can do this from the command line by cutting and pasting the below. You will need to enter the root password for sudo to complete.
cat > /tmp/tmp.evergreen << EOF [main] vendors = openSUSE Evergreen,suse,opensuse EOF sudo mkdir /etc/zypp/vendors.d sudo cp /tmp/tmp.evergreen /etc/zypp/vendors.d/evergreen
Afterwards you should get available updates when you use sudo zypper up.
YaST's online update module does not work unfortunately since we currently have no way to create patches as needed for it.
In addition to the above update repository the distribution repositories are available on ftp5.gwdg.de:
ftp://ftp5.gwdg.de/pub/opensuse/discontinued/distribution/11.2/repo/oss/ ftp://ftp5.gwdg.de/pub/opensuse/discontinued/distribution/11.2/repo/non-oss/ ftp://ftp5.gwdg.de/pub/opensuse/discontinued/source/distribution/11.2/repo/oss/ ftp://ftp5.gwdg.de/pub/opensuse/discontinued/update/11.2/
The full Packman repo for 11.2 was also archived at GWDG:
ftp://ftp5.gwdg.de/pub/opensuse/discontinued/distribution/packman-11.2
while the Packman team thankfully is still providing the Essentials repository for Evergreen/11.2 for example here:
http://packman.inode.at/suse/Evergreen_11.2/
They can be added to zypp using
zypper ar URL PRETTYNAME
Remove the old distribution repositories on download.opensuse.org via
zypper rr NAME
You can also use YaST to control your subscribed repositories.
The Packman Essentials repo continues to be build and is in the standard location. The above archive packman repository is only needed for packages not included in the essentials repo.
How to help
Any help is appreciated, but mostly Evergreen 11.2 lacks of testing and contribution.
Testing
If you want to test incoming updates just use following command to add our test repository:
sudo zypper ar --refresh -r http://download.opensuse.org/repositories/openSUSE:/Evergreen:/11.2:/Test/standard/openSUSE:Evergreen:11.2:Test.repo"
and report issues using Evergreen mailing list.
Packages updating and submitting
- If you want to update a package osc is your best friend. Here are the steps
osc bco openSUSE:Evergreen:11.2:Test PACKAGE_TO_BE_UPDATED
- Update source package to reflect the necessary security patches
- the RPM Release tag must use the following format: $MAJOR.<RELEASE$MINOR> where $MAJOR is using the same number as the 11.2 version of the package and $MINOR is latest_available + 1; if the update package has a higher Version the correct Release should have $MAJOR = 0 and $MINOR = 1
i.e. What you get when you branch as above is the base Version. If that is for example 5.<RELEASE2> then the correct thing to do (in general) is to use 5.<RELEASE3>. In the case of a full version upgrade you should go for 0.<RELEASE1> though.
- update the changes file with "osc vc" command and basically copy the changelog from your patch source
osc vc PACKAGE_NAME.changes
- Build the package locally
osc build --clean --no-verify PACKAGE_NAME.spec
- Add remove local files
osc ar
- Commit your changes to the build service
osc ci
- Make sure the package builds in the OBS and then issue within the package directory "osc submitpac" where target project for contributors is openSUSE:Evergreen:11.2:Test
osc submitpac
The Kernel packagers update process
The following was provided as guideline for kernel update as was inserted here only for reference. Kernel in Evergreen 11.2 was never updated.
My approach is to create a sub-project in my home project called Evergreen-11.1, then make a copy of the SLE11-SP1 kernel-source package there.
I created the home sub-project via the WEBUI.
In order to build the SLE11-SP1 kernel, you need a newer version of kbuild than Evergreen normally has. I branched a copy from openSUSE:11.3:Update:Test to use for my builds. I also did that via the WEBUI.
And then the rest from the command line:
login=JohnDoe
osc copypac Kernel:SLE11-SP1 kernel-source home:$login:Evergreen-11.1
for p in kernel-{default,desktop,pae,xen,vanilla,syms}; do
osc linkpac -C copy home:$login:Evergreen-11.1 kernel-source home:$login:Evergreen-11.1 $p
done
It is important not to change the names of the packages in the above. Also the osc copypac can be run anytime you want to sync up with the SLE11-SP1 kernel, but the for loop only needs to be executed once to create the links.
Also, the above defaults to auto rebuild which can take a lot of OBS horsepower. It is suggested you disable builds via the WEBUI until you are ready to do a full automated build.
Regardless, once you have the above in place you can create a local copy of the kernel source package via
osc co home:$login:Evergreen-11.1 kernel-source cd home:$login:Evergreen-11.1/kernel-source
You can now do a local test build of a specific kernel flavor. As an example:
osc build --clean --no-verify kernel-desktop.spec
Note that there are a number of specfiles in the kernel source project. Which one gets run in OBS appears to be controlled by the name of the project it is in. Thus the importance of not changing the package names in the above loop.
When doing a kernel build, it takes a while so don't be in a hurry.
The SLE11-SP1 OBS package is typically ahead of the released SLE11-SP1 kernel. The most recent patches won't have been fully qa tested by the Novell team.
Patches are controlled via resolve.conf, so editing that file in the kernel-source package will control which patches get applied in your builds.
How to get help
Evergreen is still openSUSE right? If you need help you can try searching it on forums, wikis or similar. But if your problem is Evergreen specific or you just want to say how you enjoy it you can contact us at our mailing list.
List of updates for 11.2 from Evergreen
These are the updates for openSUSE 11.2 made by the Evergreen project. The list is sorted with latest updates first.
| Package | State | Bug | CVE | |
|---|---|---|---|---|
| krb5 | released | Bug #849240 | CVE-2013-1418 | |
| samba | released | Bug #848101 | CVE-2013-4475 | |
| mozilla-nspr | released | ver. 4.10.2 | ||
| mozilla-nss | released | Bug #850148 | CVE-2013-5605 | ver. 3.15.3 |
| flash-player | released | Bug #850220 | CVE-2013-5329CVE-2013-5330 | ver. 11.2.202.327 |
| whois | released | Bug #848594 | see changelog | ver. 5.0.26 |
| wireshark | released | Bug #848738 | see changelog | ver. 1.8.11 |
| mozilla-nss | released | Bug #842979 | CVE-2013-1739 | ver. 3.15.2 |
| thunderbird-esr | released | Bug #847708 | see changelog | ver. 17.0.10 |
| firefox-esr | released | Bug #847708 | see changelog | ver. 17.0.10 |
| postgresl | released | ver. 8.4.18 | ||
| libmodplug | released | Bug #834483 | CVE-2013-4233CVE-2013-4234 | |
| rtkit | released | Bug #836939 | CVE-2013-4326 | |
| jakarta-commons-fileupload | released | Bug #846174 | CVE-2013-2186 | |
| timezone | released | ver. 2013f | ||
| lcms | released | Bug #843716 | CVE-2013-4276 | |
| gpg2 | released | Bug #840510 | CVE-2013-4351 | |
| icedtea-web | released | Bug #840572 | see changelog | ver. 1.4.1 |
| subversion | released | CVE-2013-4277 | ||
| wireshark | released | Bug #839607 | see changelog | ver. 1.8.10 |
| tiff | released | see changelog | see changelog | |
| thunderbird-esr | released | Bug #840485 | see changelog | ver. 17.0.9 |
| firefox-esr | released | Bug #840485 | see changelog | ver. 17.0.9 |
| flash-player | released | Bug #839897 | see changelog | ver. 11.2.202.310 |
| tomcat | released | see changelog | see changelog | ver. 6.0.32 |
| mysql | released | see changelog | CVE-2012-5611CVE-2012-2122 | ver. 5.1.71 |
| libgcrypt | released | Bug #831359 | CVE-2013-4242 | |
| bind | released | Bug #831899 | CVE-2013-4854 | ver. 9.9.3P2 |
| opera | released | Bug #832559 | ver. 12.16 | |
| wireshark | released | Bug #831718 | see changelog | ver. 1.8.9 |
| apache2 | released | Bug #829056Bug #829057 | CVE-2013-1896CVE-2013-1862 | |
| libxml2 | released | Bug #829077 | CVE-2013-2877 | |
| java-1_6_0-openjdk | released | Bug #829708 | see changelog | ver.1.12.6 |
| timezone | released | ver. 2013d | ||
| ruby | released | Bug #827265 | CVE-2013-4073 | |
| flash-player | released | Bug #828810 | see changelog | ver. 11.2.202.297 |
| python-bugzilla | released | major version update, see changelog | ver. 0.6.2 | |
| nagios | released | Bug #827020 | CVE-2013-2214 | |
| thunderbird-esr | released | Bug #825935 | see changelog | ver. 17.0.7 |
| firefox-esr | released | Bug #825935 | see changelog | ver. 17.0.7 |
| curl | released | Bug #824517 | CVE-2013-2174 | |
| fail2ban | released | Bug #824710 | CVE-2013-2178 | |
| krb5 | released | Bug #825985 | CVE-2002-2443 | |
| subversion | released | Bug #821505 | see changelog | ver. 1.6.23 |
| wireshark | released | Bug #823932 | see changelog | ver. 1.8.8 |
| autotrace | released | Bug #815382 | CVE-2013-1953 | |
| flash-player | released | Bug #824512 | CVE-2013-3343 | ver. 11.2.202.291 |
| poppler | released | fixed some unicode mapping | ||
| gpg2 | released | Bug #798465 | CVE-2012-6085 | |
| wireshark | released | Bug #820566 | CVE-2013-2486 CVE-2013-2487 | ver. 1.8.7 |
| samba | released | see changelog | see changelog | |
| icedtea-web | released | Bug #818768 | see changelog | ver. 1.4.0 |
| thunderbird-esr | released | Bug #819204 | see changelog | ver. 17.0.6 |
| firefox-esr | released | Bug #819204 | see changelog | ver. 17.0.6 |
| tiff | released | Bug #818117 Bug #817573 | see changelog | |
| subversion | released | Bug #813913 | see changelog | ver. 1.6.21 |
| clamav | released | Bug #816865 | CVE-2013-2020 CVE-2013-2021 | ver. 0.97.8 |
| acroread | released | Bug #819918 | see changelog | ver. 9.5.5 |
| curl | released | Bug #814655 | CVE-2013-1944 | |
| jakarta-commons-httpclient3 | released | Bug #814653 | CVE-2013-1940 | |
| flash-player | released | Bug #819916 | see changelog | ver. 11.2.202.285 |
| java-1_6_0-openjdk | released | Bug #817157 | see changelog | ver.1.12.5 |
| krb5 | released | see changelog | see changelog | |
| jakarta-commons-httpclient3 | released | Bug #803332 | CVE-2012-5783 | |
| opera | released | Bug #813495 | ver. 12.15 | |
| postgresql | released | Bug #812525 | see changelog | ver. 8.4.17 |
| apache2 | released | Bug #806458 Bug #807152 | CVE-2012-4558 CVE-2012-3499 | |
| puppet | released | Bug #809839 | ||
| nagios-nrpe | released | Bug #807241 | CVE-2013-1362 | |
| dhcp | released | see changelog | see changelog | |
| bind | released | see changelog | see changelog | ver. 9.9.2-P2 |
| ruby | released | Bug #808137 | CVE-2013-1821 | |
| thunderbird-esr | released | Bug #813026 | see changelog | ver. 17.0.5 |
| firefox-esr | released | Bug #813026 | see changelog | ver. 17.0.5 |
| mozilla-nspr | released | see changelog | see changelog | ver. 4.9.6 |
| mozilla-nss | released | see changelog | see changelog | |
| libxslt | released | Bug #811686 | CVE-2012-6139 | |
| libxml2 | released | Bug #805233 | CVE-2013-0338 | |
| clamav | released | Bug #809945 | ver. 0.97.7 | |
| mozilla-nss | released | see changelog | see changelog | ver. 3.14.3 |
| mozilla-nspr | released | see changelog | see changelog | ver. 4.9.5 |
| thunderbird-esr | released | see changelog | see changelog | ver. 17.0.4 |
| firefox-esr | released | see changelog | see changelog | ver. 17.0.4 |
| perl | released | [1] Bug #797060]] | see changelog | |
| wireshark | released | Bug #807942 | see changelog | ver. 1.8.6 |
| firebird | released | Bug #808268 | CVE-2013-2492 | |
| java-1_6_0-openjdk | released | Bug #807487 | CVE-2013-0809 CVE-2013-1493 | ver. 1.12.4 |
| flash-player | released | Bug #808973 | see changelog | ver. 11.2.202.275 |
| pidgin | released | Bug #804742 | see changelog | |
| flash-player | released | Bug #806415 | see changelog | ver. 11.2.202.273 |
| acroread | released | Bug #803939 | CVE-2013-0640 CVE-2013-0641 | ver. 9.4.4 |
| java-1_6_0-openjdk | released | Bug #804654 | see changelog | ver. 1.12.3 |
| openssl | released | see changelog | see changelog | ver. 0.9.8y |
| postgresql | released | Bug #802679 | CVE-2013-0255 | ver. 8.4.16 |
| inkscape | released | see changelog | see changelog | ver. 0.48.1 |
| flash-player | released | Bug #803485 | see changelog | ver. 11.2.202.270 |
| wireshark | released | Bug #801131 | see changelog | ver. 1.8.5 |
| rubygems | released | Bug #800320 | CVE-2013-0333 | ver. 2.3.16 |
| opera | released | Bug #801233 | ver. 12.14 | |
| flash-player | released | Bug #802809 | CVE-2013-0633CVE-2013-0634 | ver. 11.2.202.262 |
| apache2 | released | see changelog | see changelog | |
| mysql | released | Bug #792444Bug #779476 | CVE-2012-5611 CVE-2012-4414 | ver. 5.1.67 |
| mozilla-nss | released | Bug #796628 | see changelog | ver. 3.14.1 |
| seamonkey | released | Bug #796895 | see changelog | ver. 2.15 |
| firefox-esr | released | Bug #796895 | see changelog | ver. 10.0.12esr |
| thunderbird-esr | released | Bug #796895 | see changelog | ver. 10.0.12esr |
| flash-player | released | Bug #797442 | CVE-2013-0630 | ver. 11.2.202.261 |
| postgresql | released | Bug #794766 | ver. 8.4.15 | |
| bogofilter | released | Bug #792939 | ||
| gegl | released | Bug #789835 | CVE-2012-4433 | |
| libssh | released | Bug #789827 | see changelog | |
| libxml2 | released | Bug #793334 | CVE-2012-5134 | |
| sblim-cim-client2 | released | Bug #768128 | CVE-2012-2328 | |
| opera | released | Bug #795061 | ver. 12.12 | |
| libreoffice | released | see changelog | see changelog | ver. 3.5.4.13 |
| flash-player | released | Bug #794062 | see changelog | ver. 11.2.202.258 |
| gimp | released | Bug #791372 | CVE-2012-5576 | |
| wireshark | released | Bug #792005 | see changelog | ver. 1.8.4 |
| kdelibs4 | released | Bug #787520 Bug #721974 | CVE-2011-3365 | |
| plib | released | Bug #738207 Bug #787305 | CVE-2011-4620 CVE-2012-4552 | |
| libotr | released | Bug #789190 | CVE-2012-3461 | ver. 3.2.1 |
| icedweb-tea | released | Bug #786775Bug #785333Bug #784859 | ver. 1.3.1 | |
| opera | released | Bug #790500 | ver. 12.11 | |
| seamonkey | released | Bug #790140 | see changelog | ver. 2.14 |
| firefox-esr | released | Bug #790140 | see changelog | ver. 10.0.11esr |
| thunderbird-esr | released | Bug #790140 | see changelog | ver. 10.0.11esr |
| mcrypt | released | Bug #786100 | CVE-2012-4527 | |
| ruby | released | Bug #783525 | CVE-2012-4466 | |
| dbus-1 | released | Bug #697105 | CVE-2012-3524 | |
| flash-player | released | Bug #788450 | ver. 11.2.202.251 | |
| opera | released | Bug #788321 | ver. 12.10 | |
| java-1_6_0-openjdk | released | Bug #785433 | see changelog | ver. 1.11.5 |
| timezone | released | Bug #787005 | ver. 2012h | |
| mozilla-nspr | released | ver. 4.9.3 | ||
| exim | released | Bug #786652 | CVE-2012-5671 | ver. 4.80.1 |
| seamonkey | released | Bug #786522 | CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 | ver. 2.13.2 |
| firefox-esr | released | Bug #786522 | CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 | ver. 10.0.10esr |
| thunderbird-esr | released | Bug #786522 | CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 | ver. 10.0.10esr |
| claws-mail | released | Bug #784463 | CVE-2012-4507 | |
| bind | released | Bug #784602 | CVE-2012-5166 | ver. 9.6-ESV-R7-P4 |
| ca-certificates-mozilla | released | Bug #783509 | ver. 1.85 | |
| wireshark | released | Bug #781594Bug #783275 | ver. 1.8.3 | |
| dhcp | released | Bug #780167 | CVE-2012-3955 | ver. 4.2.4-P2 |
| seccheck | released | see changelog | ||
| freeradius-server | released | Bug #781756 | ||
| seamonkey | released | Bug #783533 | see changelog | ver. 2.13.1 |
| firefox-esr | released | Bug #783533 | see changelog | ver. 10.0.9esr |
| thunderbird-esr | released | Bug #783533 | see changelog | ver. 10.0.9esr |
| dhcp | released | Bug #780167 | CVE-2012-3955 | ver. 4.2.4-P2 |
| mozilla-nspr | released | ver. 4.9.2 | ||
| flash-player | released | ver. 11.2.202.243 | ||
| dhcp | released | Bug #780167 | CVE-2012-3955 | ver. 4.2.4-P2 |
| timezone | released | see changelog | see changelog | ver. 2012f |
| dbus-1 | released | Bug #697105 | CVE-2012-3524 | |
| ghostscript | released | Bug #699712 | CVE-2012-4405 | |
| postgresql | released | Bug #765069Bug ##766797 | CVE-2012-2655 CVE-2012-2143 | ver. 8.4.14 |
| clamav | released | see changelog | see changelog | ver. 0.97.6 |
| icedtea-web | released | Bug #779001 | see changelog | ver. 1.3 |
| rubygems | released | see changelog | see changelog | |
| rubygem-rails-2_3 | released | see changelog | see changelog | |
| rubygem-rails | released | see changelog | see changelog | |
| rubygem-rack | released | see changelog | see changelog | |
| rubygem-activesupport-2_3 | released | see changelog | see changelog | |
| rubygem-activesoure | released | see changelog | see changelog | |
| rubygem-activerecord-2_3 | released | see changelog | see changelog | |
| rubygem-activerecord | released | see changelog | see changelog | |
| rubygem-actionpack-2_3 | released | see changelog | see changelog | |
| rubygem-actionpack | released | see changelog | see changelog | |
| rubygem-actionmailer-2_3 | released | see changelog | see changelog | |
| rubygem-actionmailer | released | see changelog | see changelog | |
| php5 | released | Bug #778003 | CVE-2012-4388 CVE-2011-1398 | |
| bind | released | Bug #780157 | CVE-2012-4244 | ver. 9.6-ESV-R7-P3 |
| otrs | released | Bug #778655 | CVE-2012-4600 | ver. 2.4.14 |
| freeradius-server | released | Bug #777834 | CVE-2012-3547 | ver. 2.1.10 |
| java-1_6_0-openjdk | released | Bug #777499 | CVE-2012-1682 CVE-2012-0547 | ver. 1.11.4 |
| gimp | released | see changelog | see changelog | ver. 2.6.11 |
| pcpmon | released | pcp dependency | ||
| pcp | released | Bug #775009 | CVE-2012-3418 | ver. 3.6.5 |
| otrs | released | Bug #776966 | CVE-2012-2582 | |
| dhcp | released | Bug #772924 | see changelog | ver. 4.2.4-P1 |
| icedtea-web | released | Bug #773458 | see changelog | ver. 1.2.1 |
| postgresql | released | Bug #776523Bug ##776524 | CVE-2012-3489 | ver. 8.4.13 |
| php5 | released | Bug #772580Bug #772582Bug #769785 | CVE-2012-2688 CVE-2012-3365 | |
| mozilla-nss | released | ver. 3.13.6 RTM | ||
| seamonkey | released | Bug #777588 | see changelog | ver. 2.12 |
| thunderbird-esr | released | Bug #777588 | see changelog | ver. 10.0.7-ESR |
| firefox-esr | released | Bug #777588 | see changelog | ver. 10.0.7-ESR |
| opera | released | Bug #761633 | see this | ver. 12.02 |
| wireshark | released | Bug #776083 | see changelog | ver. 1.4.15 |
| libxml2 | released | Bug #769184 | CVE-2012-2807 | |
| libreoffice | released | see changelog | see changelog | ver. 3.5.4 |
| mono-core | released | Bug #769799 | CVE-2012-3382 | |
| flash-player | released | Bug #775986 | CVE-2012-1535 | ver. 11.2.202.238 |
| python-gpgme | released | Bug #751005 | CVE-2012-1502 | |
| python-gpgme | released | Bug #745257 | ||
| python-magic | released | Bug #753303 | CVE-2012-1517 | |
| file | released | Bug #753303 | CVE-2012-1517 | |
| python-doc | released | see changelog (similiar to openSUSE:11.4 and 12.1) | see changelog | ver. 2.6.8 |
| python-base | released | see changelog (similiar to openSUSE:11.4 and 12.1) | see changelog | ver. 2.6.8 |
| python | released | see changelog (similiar to openSUSE:11.4 and 12.1) | see changelog | ver. 2.6.8 |
| bind | released | Bug #7702945 | CVE-2012-3817 | ver. 9.7.6-P2 |
| tiff | released | Bug #770816 | CVE-2012-3401 | |
| rocksndiamonds | released | Bug #736261 | CVE-2011-4606 | |
| wireshark | released | Bug #772738 | CVE-2012-4048CVE-2012-4049 | ver. 1.4.14 |
| opera | released | see changelog | see this | ver. 12.01 |
| puppet | released | see changelog | see changelog | ver. 2.6.17 |
| gdk-pxbuf | released | Bug #762735 | CVE-2012-2370 | |
| libxslt | released | Bug #769182 | CVE-2012-2825 | |
| viewvc | released | Bug #768680 | see changelog | ver 1.1.15, see this |
| gnome-terminal | released | Bug #699214Bug #772761 | see changelog | |
| vte | released | Bug #699214Bug #772761 | see changelog | |
| arpwatch | released | Bug #764521 | ||
| libexif | released | see changelog | see changelog | ver. 0.6.20 |
| piding | released | Bug #752275 | CVE-2012-1178 | |
| bash | released | Bug #770795 | ||
| gypsy | released | see changelog | see changelog | ver. 0.8 |
| seamonkey | released | Bug #771583 | see changelog | ver. 2.11 |
| thunderbird-esr | released | Bug #771583 | see changelog | ver. 10.0.6-ESR |
| firefox-esr | released | Bug #771583 | see changelog | ver. 10.0.6-ESR |
| kvm | released | Bug #764526Bug #740165 | CVE-2012-2652 | |
| puppet | released | see changelog | see changelog | ver. 2.6.16 |
| java-1_6_0-openjdk | released | Bug #766802 | see changelog | ver. 1.11.3 |
| tiff | released | Bug #767852 Bug #767854 | CVE-2012-2113 CVE-2012-2008 | |
| bind | released | Bug #746074 | CVE-2012-1033 | ver. 9.7.6-P1 |
| libgdata | released | Bug #752088 | CVE-2012-1177 | |
| pidgin | released | Bug #761155 | CVE-2012-2318 | |
| php5 | released | Bug #766798 | CVE-2012-2143 | |
| mysql | released | Bug #765092 | CVE-2012-2122 | ver. 5.1.63 |
| zlib | released | added zlib.pc | ||
| php5 | released | Bug #763814Bug #761631 | see changelog | |
| opera | released | Bug #767045 | see this | ver. 12.00 |
| libxml2 | released | Bug #764538 | CVE-2011-3102 | |
| bind | released | Bug #765315 | CVE-2012-1667 | ver. 9.7.4P1 |
| postgrsql | released | see link | CVE-2012-2143 CVE-2012-2655 | ver. 8.4.12 |
| ImageMagick | released | see changelog | see changelog | |
| mozilla-nss | released | ver. 3.13.5 | ||
| seamonkey | released | Bug #765204 | see changelog | ver. 2.10 |
| thunderbird-esr | released | Bug #765204 | see changelog | ver. 10.0.5-ESR |
| firefox-esr | released | Bug #765204 | see changelog | ver. 10.0.5-ESR |
| wireshark | released | Bug #763634 | see changelog | ver. 1.4.13 |
| strongswan | released | Bug #761325 | CVE-2012-2388 | |
| mailman | released | see changelog | CVE-2011-0707 | |
| sudo | released | Bug #762327 | CVE-2012-2337 | |
| jakarta-poi | released | Bug #750164 | CVE-2012-0213 | |
| net-snmp | released | Bug #759352 | CVE-2012-2141 | |
| taglib | released | see changelog | ||
| rpm | released | see changelog | ||
| mysql | released | see changelog | ver. 5.1.62 | |
| cifs-utils | released | new package | ||
| samba | released | see changelog | see changelog | ver. 3.6.3 |
| glibc | released | fix fallocate64 | ||
| opera | released | Bug #761633 | see changelog | ver. 11.64 |
| php5 | released | Bug #760536 | CVE-2012-2311 CVE-2012-1823 | |
| flash-player | released | Bug #760777 Bug #758645 | CVE-2012-0779 | ver. 11.2.202.235 |
| flash-player | released | Bug #757428 | ver. 11.2.202.233 | |
| seamonkey | released | Bug #758408 | see changelog | ver. 2.9 |
| thunderbird-esr | released | ver. 10.0.4-ESR supersedes MozillaThunderbird | ||
| firefox-esr | released | ver. 10.0.4-ESR supersedes MozillaFirefox | ||
| wireshark | released | see changelog | see changelog | ver. 1.4.12 |
| t1lib | released | see changelog | see changelog | |
| opera | released | Bug #754687 | see changelog | ver. 11.62 |
| csound | released | see changelog | see changelog | |
| expat | released | Bug #755377 | ||
| php5 | released | Bug #752030 | CVE-2012-1172 | |
| tiff | released | Bug #753362 | CVE-2012-1173 | |
| openssl | released | CVE-2012-2110 | ver. 0.9.8v | |
| freetype2 | released | see changelog | see changelog | |
| libpng12-0 | released | Bug #754745 | CVE-2011-3048 | ver. 1.2.49 |
| libreoffice | released | see changelog | ver. 3.4.5.5 | |
| acroread | released | CVE-2012-0774 CVE-2012-0775 CVE-2012-0776 CVE-2012-0777 | ver. 9.5.1 | |
| php5 | released | see changelog | see changelog | |
| expat | released | see changelog | see changelog | |
| perl-DBD-Pg | released | 7521500} | CVE-2012-1151 | |
| libpng12-0 | released | Bug #752008 | CVE-2011-3045 | ver. 1.2.48 |
| flash-player | released | Bug #754689 | see changelog for details | ver. 11.2.202.228 |
| openssl | released | CVE-2012-0884 | ver. 0.9.8u | |
| seamonkey | released | Bug #750044 | see changelog | ver. 2.8 |
| MozillaFirefox | released | Bug #750044 | see changelog | ver. 3.6.28 |
| MozillaThunderbird | released | Bug #750044 | see changelog | ver. 3.1.20 |
| mozilla-xulrunner192 | released | Bug #750044 | see changelog | ver. 1.9.2.28 |
| mozilla-nss | released | ver. 3.13.3 | ||
| mozilla-nspr | released | ver. 4.9 | ||
| ark (kdeutils4) | released | Bug #708268 | CVE-2011-2725 | |
| gnutls | released | CVE-2011-4128 CVE-2012-0390 | ||
| libxslt | released | CVE-2011-3970 | ||
| libxml2 | released | CVE-2012-0841 | ||
| icedtea-web | released | see changelog | see changelog | version 1.2 |
| timezone | released | Bug #748550 | ver. 2012b | |
| flash-player | released | Bug #750614 | see changelog for details | ver. 11.1.102.63 |
| postgresql | released | see changelog | ver. 8.4.11 | |
| libpng | released | CVE-2011-3026 | ver. 1.2.47 | |
| libvorbis | released | Bug #747912 | CVE-2012-0444 | |
| csound | released | Bug #749073 | CVE-2012-0270 | |
| cvs | released | Bug #744059 | CVE-2012-0804 | |
| postgresql | released | see changelog | ver. 8.4.10 | |
| wireshark | released | see changelog | see changelog | ver. 1.4.11 |
| pdns | released | Bug #740255 | CVE-2012-0206 | |
| ruby | released | Bug #739122 | see changelog | ver. 1.8.7.p357 |
| java-1_6_0-openjdk | released | see changelog | see changelog | ver. 1.6.0.0_b24 |
| sysconfig | released | see changelog | CVE-2011-4182 | |
| qemu | released | Bug #740165 | ||
| curl | released | Bug #698796 | CVE-2011-2192 CVE-2010-4180 | |
| seamonkey | released | Bug #747328 | CVE-2011-3026 | ver. 2.7.2 |
| MozillaFirefox | released | Bug #747328 | CVE-2011-3026 | ver. 3.6.27 |
| MozillaThunderbird | released | Bug #747328 | CVE-2011-3026 | ver. 3.1.19 |
| mozilla-xulrunner192 | released | Bug #747328 | CVE-2011-3026 | ver. 1.9.2.27 |
| apache2 | released | Bug #722545 Bug #727071 Bug #729181 | see changelog | |
| lighttpd | released | Bug #733607 | CVE-2011-4362 | |
| MozillaFirefox | released | Bug #744275 | see changelog | ver. 3.6.26 |
| MozillaThunderbird | released | Bug #744275 | see changelog | ver. 3.1.18 |
| mozilla-xulrunner192 | released | Bug #744275 | see changelog | ver. 1.9.2.26 |
| pam-modules | released | Bug #735220 | ||
| opera | released | Bug #743079 | ver. 11.61 | |
| atftp | released | Bug #727843 | ||
| icu | released | Bug #736146 Bug #657910 | CVE-2010-4409 | |
| tomcat6 | released | Bug #712784 Bug #727543 | CVE-2011-4858 | |
| squid | released | Bug #587375 | CVE-2010-0639 | |
| libxml2 | released | Bug #739894 | CVE-2011-3919 | |
| libqt4 | released | Bug #739904 | CVE-2011-3922 | |
| openssl | released | Bug #739719 | see changelog | ver. 0.9.8t |
| system-config-printer | released | Bug #733542 Bug #735322 | CVE-2011-2899 CVE-2011-4405 | |
| nspluginwrapper | released | Bug #702034 | CVE-2011-2486 | |
| acroread | released | Bug #735275 | see changelog | ver. 9.4.7 |
| iptables | released | Bug #730161 | ||
| libxml2 | released | Bug #732787 | CVE-2011-2821 | |
| pidgin | released | Bug #736147 | see changelog | |
| glibc | released | Bug #735850 | CVE-2009-5029 | |
| krb5 | released | Bug #738632 | CVE-2011-4862 | |
| FastCGI | released | Bug #735882 | CVE-2011-2766 | |
| net6 | released | Bug #727708 Bug #727710 | CVE-2011-4091 CVE-2011-4093 | ver. 1.3.14 |
| chasen | released | Bug #735830 | CVE-2011-4000 | |
| seamonkey | released | see changelog | ver. 2.6.1 | |
| MozillaFirefox | released | Bug #737533 | CVE-2011-3666 | ver. 3.6.25 |
| MozillaThunderbird | released | Bug #737533 | CVE-2011-3666 | ver. 3.1.17 |
| mozilla-xulrunner192 | released | Bug #737533 | CVE-2011-3666 | ver. 1.9.2.25 |
| seamonkey | released | Bug #737533 | see changelog | ver. 2.6 |
| mozilla-nss | released | CVE-2011-3389 | ver. 3.13.1 | |
| system-config-printer | released | Bug #733542 Bug #735322 | CVE-2011-4405 | |
| namazu | released | Bug #732323 | CVE-2011-4345 | |
| jasper | released | Bug #725758 | CVE-2011-4516 CVE-2011-4517 | |
| xorg-x11-libs | released | Bug #709851 | CVE-2011-2895 | |
| opera | released | Bug #735045 | see changelog | ver. 11.60 |
| freetype2 | released | Bug #730124 | CVE-2011-3256 CVE-2011-3439 | |
| pidgin | released | Bug #722199 | CVE-2011-3594 | |
| libmsn | released | Bug #729478 | ||
| puppet | released | see changelog | see changelog | |
| apache2 | released | see changelog | see changelog | |
| seamonkey | released | Bug #728520 | see changelog | ver. 2.5.1 |
| bind | released | Bug #730995 | CVE-2011-4313 | |
| libcap | released | Bug #7727715 | CVE-2011-4099 | |
| wireshark | released | Bug #706728 | CVE-2011-2597 CVE-2011-3266 | ver. 1.4.10 |
| mysql | released | see changelog | ver. 5.1.57 | |
| radvd | released | Bug #721968 | see changelog | |
| acroread | released | Bug #717724 | see changelog | version 9.4.6 |
| icedtea-web | released | Bug #729870 | see changelog | version 1.1.4 |
| flash-player | released | Bug #729797 | see changelog for details | ver. 11.1.102.55 |
| MozillaThunderbird | released | Bug #720264 | please see changelog | ver. 3.1.16 |
| mozilla-xulrunner192 | released | Bug #728520 | please see changelog | ver. 1.9.2.24 |
| MozillaFirefox | released | Bug #728520 | please see changelog | ver. 3.6.234 |
| mozilla-nss | released | Bug #728520 Bug #726096 | CVE-2011-3640 | |
| pam | released | Bug #724480 Bug #631802 | CVE-2011-3148 CVE-2011-3149 CVE-2011-3316 | |
| rpm | released | Bug #720824 | CVE-2011-3378 | |
| xorg-x11-xserver | released | CVE-2011-4028 CVE-2011-4029 | ||
| java-1_6_0-openjdk | released | Bug #725167 | please see changelog | ver. 1.6.0.0_b22.1.10.4 |
| timezone | released | Bug #726162 | ver. 2011m | |
| puppet | released | Bug #721139 | CVE-2011-3848 | |
| etherape | released | Bug #719086 | CVE-2011-3369 | ver. 0.9.12 |
| fail2ban | released | Bug #690853 | CVE-2009-5023 | |
| libreoffice - many packages | released | see link | see changelog | ver. 3.4.2.6 |
| cyrus-imapd | released | Bug #719998 | CVE-2011-3372 CVE-2011-3481 | |
| clamav | released | Bug #724856 | CVE-2011-3627 | ver. 0.9.73 |
| opera | released | see link | version 11.52 | |
| apache2 | released | Bug #722545 | CVE-2011-3368 | |
| ldns | released | Bug #720277 | CVE-2011-3581 | |
| iftop | released | Bug #718922 | ||
| gimp | released | see changelog for details | ||
| libqt4-sql-plugins | released | CVE-2011-3193 CVE-2011-3194 | ||
| libqt4-devel-doc-data | released | CVE-2011-3193 CVE-2011-3194 | ||
| libqt4 | released | CVE-2011-3193 CVE-2011-3194 | ||
| quagga | released | see this for details | see this for details | |
| wireshark | released | see this for details | see this for details | |
| php5 | released | please see changelog | ver. 5.3.3 | |
| tomcat6 | released | Bug #715991 | CVE-2011-3190 | |
| seamonkey | released | see changelog | ver. 2.4.1 | |
| librsvg | released | Bug #714980 | CVE-2011-3146 | |
| seamonkey | released | Bug #720264 | ver. 2.4 | |
| MozillaThunderbird | released | Bug #720264 | ver. 3.1.15 | |
| mozilla-xulrunner192 | released | Bug #720264 | ver. 1.9.2.23 | |
| MozillaFirefox | released | Bug #720264 | ver. 3.6.23 | |
| flash-player | released | Bug #719400 | see this for details | ver. 10.3.183.10 |
| timezone-java | released | Bug #684181 | ver. 2011j | |
| timezone | released | Bug #684181 | ver. 2011j | |
| apache2 | released | CVE-2011-3192 CVE-2011-3348 | ||
| cyrus-imapd | released | Bug #715251 | CVE-2011-3208 | |
| timezone-java | released | Bug #684181 | ver. 2011i | |
| timezone | released | Bug #684181 | ver. 2011i | |
| dhcp | released | Bug #712653 | CVE-2011-2748 | ver. 3.1-ESV-R3 |
| otrs | released | Bug #715659 | CVE-2011-2746 | ver. 2.4.9 |
| seamonkey | released | Bug #714931 | ver. 2.3.2 | |
| mozilla-xulrunner192 | released | Bug #714931 | ver. 1.9.2.21 | |
| MozillaFirefox | released | Bug #714931 | ver. 3.6.22 | |
| MozillaThunderbird | released | Bug #714931 | ver. 3.1.14 | |
| mozilla-nss | released | Bug #714931 | ||
| tomcat6 | released | Bug #706404 Bug #706382 Bug #702289 | CVE-2011-2204 CVE-2011-2526 | |
| coreutils | released | Bug #697897 | ||
| ca-certificates-mozilla | released | Bug #714931 | new package ver. 1.76 | |
| ca-certificates | released | Bug #714931 | new package ver. 1.0 | |
| squid3 | released | Bug #715171 | CVE-2011-3205 CVE-2005-0094 | |
| yast2-core | released | Bug #700876 | CVE-2011-2483 | see this for details |
| pam-modules | released | Bug #700876 | CVE-2011-2483 | see this for details |
| pwdutils | released | Bug #700876 | CVE-2011-2483 | see this for details |
| libxcrypt | released | Bug #700876 Bug #713727 | CVE-2011-2483 | see this for details |
| glibc | released | Bug #700876 | CVE-2011-2483 | see this for details |
| ncpfs | released | Bug #686554 | CVE-2011-1089 CVE-2011-1679 | |
| opera | released | see link | version 11.51 | |
| apache2 | released | CVE-2011-3192 | ||
| flash-player | released | Bug #714365 | version 10.3.183.7 | |
| hplip | released | Bug #698451 | CVE-2011-2697 | |
| seamonkey | released | Bug #712224 | version 2.3.5 | |
| yasm | released | Bug #712224 | version 1.1.0 | |
| mozilla-nss | released | Bug #712224 | version 3.12.11 | |
| mozilla-nspr | released | Bug #712224 | version 4.8.9 | |
| clamav | released | Bug #708263 | CVE-2011-2721 | version 0.97.2 |
| libmodplug | released | Bug #710726 | please see changes for CVE info | version 0.8.8.4 |
| libpng12-0 | released | please see changes for CVE info | version 1.2.46 | |
| MozillaThunderbird | released | Bug #712224 | please see changes for CVE info | version 3.1.12 |
| MozillaFirefox | released | Bug #712224 | please see changes for CVE info | version 3.6.20 |
| mozilla-xulrunner192 | released | Bug #712224 | please see changes for CVE info | version 1.9.2.20 |
| foomatic-filters | released | Bug #698451 | CVE-2011-2697 CVE-2011-2964 | |
| flash-player | released | Bug #711427 | see link | version 10.3.183.5 |
| apache2-mod_fcgid | released | Bug #656092 | CVE-2010-3872 | |
| libxml2 | released | Bug #697372 | CVE-2011-1944 | |
| nagios | released | Bug #682966 | CVE-2011-1523 | |
| opie | released | Bug #698772 | CVE-2011-2489 CVE-2011-2490 | |
| libsndfile | released | Bug #705681 Bug #631379 | CVE-2011-2696 CVE-2009-4835 | |
| libapr-util1 | released | Bug #650435 Bug #693778 | CVE-2010-1623 | |
| libapr1 | released | Bug #693778 | CVE-2011-0419 CVE-2011-1928 | |
| dbus-1 | released | Bug #699712 | CVE-2011-2200 | |
| libsoup | released | Bug #706630 | CVE-2011-2524 | |
| freetype2 | released | Bug #704612 | CVE-2011-0226 | |
| compat-openssl097g | released | Bug #698456 | please see changelog | |
| icedtea-web | released | Bug #704419 Bug #704309 | CVE-2011-2513 CVE-2011-2514 | |
| apcupsd | released | Bug #703592 | ||
| quagga | released | Bug #680499 | ||
| telnet | released | Bug #700229 | ||
| open-iscsi | released | Bug #656119 Bug #683249 | ||
| cyrus-imapd | released | Bug #694247 | CVE-2011-1926 | |
| flash-player | released | Bug #703618 | version 10.3.181.34 | |
| opera | released | Bug #703668 | see link | version 11.50 |
| kvm | released | Bug #701161 Bug #702823 | CVE-2011-2212 CVE-2011-2512 | |
| bind | released | Bug #660236 | CVE-2011-2464 | version 9.7.3P3 |
| tftp | released | Bug #699714 | CVE-2011-2199 | |
| nut | released | Bug #660236 | ||
| icetea-web | released | Bug #702825 | version 1.1 | |
| icetea-web | released | Bug #698739 | please see changes for CVE info | version 1.1 |
| java-1_6_0-openjdk | released | Bug #698739 | please see changes for CVE info | version 1.6.0.0_b22.1.10.2 |
| subversion | released | see link | see link | |
| libgnomesu | released | Bug #695627 | CVE-2011-1946 | |
| MozillaThunderbird | released | please see changes for CVE info | version 3.1.11 | |
| MozillaFirefox | released | please see changes for CVE info | version 3.6.18 | |
| mozilla-xulrunner192 | released | please see changes for CVE info | version 1.9.2.18 | |
| clamav | released | Bug #698999 | version 0.97.1 | |
| php5 | released | see link | see link | version 5.3.3 |
| ConsoleKit-doc | released | bnc#686150 | CVE-2010-4664 | |
| ConsoleKit | released | bnc#686150 | CVE-2010-4664 | |
| flash-player | released | bnc#699942 | CVE-2011-2110 | version 10.3.181.26 |
| openssl | released | bnc#693027 | CVE-2011-1945 | |
| unixODBC-gui-qt | released | bnc#678796 | CVE-2011-1145 | |
| unixODBC | released | bnc#678796 | CVE-2011-1145 | |
| java-1_6_0-sun | released | bnc#698754 | see changelog | version 1.6.0u26 |
| flash-player | released | bnc#698261 | CVE-2011-2107 | version 10.3.181.22 |
| wireshark | released | bnc#688109 | CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 | ver. 1.4.4 |
| bind | released | bnc#696585 | CVE-2011-1910 | ver. 9.7.3P1 |
| python-feedparser | released | bnc#696287 | ||
| gimp | released | bnc#692877 | CVE-2011-1178 CVE-2011-1782 | ver. 2.6.8 |
| ruby | released | see link | see link | patch level p249 |
| libmodplug | released | bnc#691137 | CVE-2011-1761 | version 0.8.8.3 |
| dovecot | released | CVE-2011-1929 | ||
| logrotate | released | bnc#679661 bnc#677336 bnc#679662 | CVE-2011-1154 CVE-2011-1098 CVE-2011-1155 | |
| rdesktop | released | CVE-2011-1595 | ||
| viewvc | released | CVE-2009-5024 | ||
| opera | released | http://www.opera.com/support/kb/view/992/ | version 11.11 | |
| kvm | released | CVE-2011-1750 CVE-2011-1751 | ||
| apparmor-profiles | released | bnc#657054 | ||
| flash-player | released | bnc#693573 | please see changes for CVE info | version 10.3.181.14 |
Links to openSUSE and Novell projects
- In the Section Bug the pattens are linked to the threads in Novell's bugzilla.
External links
- In the section CVE the pattens are linked to the National Vulnerability Database (NVD) of the National Institute of Standards and Technology (NIST). NIST is an Agency of the U.S. Department of Commerce.