openSUSE-2017-835 important openSUSE Leap 42.3 Update This update for rubygem-puppet fixes the following issues: - CVE-2017-2295: A remote attacker could have forced unsafe YAML deserialization which could have led to code execution (bsc#1040151) ruby2.1-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.1-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.1-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm rubygem-puppet-3.8.7-20.1.i586.rpm rubygem-puppet-3.8.7-20.1.src.rpm rubygem-puppet-emacs-3.8.7-20.1.noarch.rpm rubygem-puppet-master-3.8.7-20.1.i586.rpm rubygem-puppet-master-unicorn-3.8.7-20.1.noarch.rpm rubygem-puppet-vim-3.8.7-20.1.noarch.rpm ruby2.1-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.1-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.1-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm rubygem-puppet-3.8.7-20.1.x86_64.rpm rubygem-puppet-master-3.8.7-20.1.x86_64.rpm openSUSE-2017-826 moderate openSUSE Leap 42.3 Update This update for xorg-x11-server fixes the following issues: - Improve retrieval of entropy for generating random authentication cookies (bsc#1025084) - Fix rendering with glamor acceleration. (bsc#1047154) xorg-x11-server-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-7.6_1.18.3-22.1.src.rpm True xorg-x11-server-debuginfo-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-debugsource-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-extra-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-extra-debuginfo-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-sdk-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-source-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-debuginfo-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-debugsource-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-extra-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-extra-debuginfo-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-sdk-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-source-7.6_1.18.3-22.1.x86_64.rpm True openSUSE-2017-836 low openSUSE Leap 42.3 Update This update provides a new version of smartmontools with various improvements and bug fixes: - Experimental support for NVMe devices on FreeBSD, Linux and Windows. (boo#999541) - smartctl '-i', '-c', '-H' and '-l error': NVMe support. - smartctl '-l nvmelog': New option for NVMe. - smartd.conf '-H', '-l error' and '-W': NVMe support. - Optional NVMe device scanning support on Linux and Windows. - Configure option '--with-nvme-devicescan' to include NVMe in default device scanning result. - Drop systemd dependency on syslog.target (boo#983938). - SCSI: Improved support of modern disks (SAS SSDs). - AACRAID fixes, SMART STATUS should work now. - '/dev/megaraid_sas_ioctl_node' fd leak fix. - Re-add /usr/sbin/rcsmards symlink (boo#900099). - Fix service restart in smartmontools.generate_smartd_opts.in (boo#900099). - re-add sysvinit support in specfile. - HDD, SSD and USB additions to drive database. - Build with large file support in 32 bit systems. smartmontools-6.5-8.1.i586.rpm smartmontools-6.5-8.1.src.rpm smartmontools-debuginfo-6.5-8.1.i586.rpm smartmontools-debugsource-6.5-8.1.i586.rpm smartmontools-6.5-8.1.x86_64.rpm smartmontools-debuginfo-6.5-8.1.x86_64.rpm smartmontools-debugsource-6.5-8.1.x86_64.rpm openSUSE-2017-833 important openSUSE Leap 42.3 Update This update for ucode-intel brings newer revisions of microcode firmwares for many Intel devices: - BDX-ML B0/M0/R0 (06-4f-01:ef): b00001f -> b000021 - Skylake D0 (06-4e-03:c0): 9e -> ba - Broadwell ULT/ULX E/F-step (06-3d-04:c0): 24 -> 25 - ULT Cx/Dx (06-45-01:72): 1f -> 20 - Crystalwell Cx (06-46-01:32): 16 -> 17 - Broadwell Halo E/G-step (06-47-01:22): 16 -> 17 - HSX EX E0 (06-3f-04:80): d -> f - Skylake R0 (06-5e-03:36): 9e -> ba - Haswell Cx/Dx (06-3c-03:32): 20 -> 22 - HSX C0 (06-3f-02:6f): 39 -> 3a - KBL H0 (06-8e-09:c0): -> 62 - KBL Y0 (06-8e-0a:c0): -> 66 - KBL B0 (06-9e-09:2a): -> 5e - SKX H0 (06-55-04:97): -> 2000022 The updated CPU microcode addresses the following bugs: - Intel Skylake AVX/ FMA3 issue. (bsc#993639) - Intel Skylake HyperThreading issue. (bsc#1046431) ucode-intel-20170707-10.1.i586.rpm ucode-intel-20170707-10.1.src.rpm ucode-intel-blob-20170707-10.1.i586.rpm ucode-intel-debuginfo-20170707-10.1.i586.rpm ucode-intel-debugsource-20170707-10.1.i586.rpm ucode-intel-20170707-10.1.x86_64.rpm ucode-intel-blob-20170707-10.1.x86_64.rpm ucode-intel-debuginfo-20170707-10.1.x86_64.rpm ucode-intel-debugsource-20170707-10.1.x86_64.rpm openSUSE-2017-829 low openSUSE Leap 42.3 Update This update supplies access library and tools for the Kernel Crypto API. The libkcapi0 library and the libkcapi-tools are used to access the cryptographic interface of the kernel over the AF_ALG socket interface. (FATE#323554 bsc#1045948) libkcapi-0.13.0-2.1.src.rpm libkcapi-devel-0.13.0-2.1.i586.rpm libkcapi-tools-0.13.0-2.1.i586.rpm libkcapi-tools-debuginfo-0.13.0-2.1.i586.rpm libkcapi0-0.13.0-2.1.i586.rpm libkcapi0-debuginfo-0.13.0-2.1.i586.rpm libkcapi-devel-0.13.0-2.1.x86_64.rpm libkcapi-tools-0.13.0-2.1.x86_64.rpm libkcapi-tools-debuginfo-0.13.0-2.1.x86_64.rpm libkcapi0-0.13.0-2.1.x86_64.rpm libkcapi0-debuginfo-0.13.0-2.1.x86_64.rpm openSUSE-2017-840 moderate openSUSE Leap 42.3 Update This update to Wireshark 2.2.8 fixes some minor vulnerabilities could be used to trigger dissector crashes, infinite loops, or cause excessive use of memory resources by making Wireshark read specially crafted packages from the network or a capture file: - CVE-2017-7702,CVE-2017-11410: WBMXL dissector infinite loop (wnpa-sec-2017-13) - CVE-2017-9350,CVE-2017-11411: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28) - CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34) - CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35) - CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36) wireshark-2.2.8-17.1.src.rpm wireshark-2.2.8-17.1.x86_64.rpm wireshark-debuginfo-2.2.8-17.1.x86_64.rpm wireshark-debugsource-2.2.8-17.1.x86_64.rpm wireshark-devel-2.2.8-17.1.x86_64.rpm wireshark-ui-gtk-2.2.8-17.1.x86_64.rpm wireshark-ui-gtk-debuginfo-2.2.8-17.1.x86_64.rpm wireshark-ui-qt-2.2.8-17.1.x86_64.rpm wireshark-ui-qt-debuginfo-2.2.8-17.1.x86_64.rpm openSUSE-2017-847 important openSUSE Leap 42.3 Update This update for systemd and dracut fixes the following issues: Issues fixed in systemd: - Automounter issue in combination with NFS volumes (bsc#1040968) - Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153) - Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750) The update also contains a tracked code change for CVE-2017-9445, a possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. The openSUSE package does not ship resolved and is not affected. (bsc#1045290) Issues fixed in dracut: - Bail out if module directory does not exist. (bsc#1043900) - Suppress bogus error message. (bsc#1032029) - Fix module force loading with systemd. (bsc#986216) - Ship udev files required by systemd. (bsc#1040153) - Ignore module resolution errors (e.g. with kgraft). (bsc#1037120) - switch fips checking to use the libkcapi based fipscheck toolset (bsc#1048565) - ISCSI boot would fail randomly (bsc#1032284) This update was imported from the SUSE:SLE-12-SP2:Update and SUSE:SLE-12-SP3:Update update projects. dracut-044.1-23.2.i586.rpm dracut-044.1-23.2.src.rpm dracut-debuginfo-044.1-23.2.i586.rpm dracut-debugsource-044.1-23.2.i586.rpm dracut-fips-044.1-23.2.i586.rpm dracut-tools-044.1-23.2.i586.rpm libsystemd0-mini-228-29.1.i586.rpm libsystemd0-mini-debuginfo-228-29.1.i586.rpm libudev-mini-devel-228-29.1.i586.rpm libudev-mini1-228-29.1.i586.rpm libudev-mini1-debuginfo-228-29.1.i586.rpm systemd-mini-228-29.1.i586.rpm systemd-mini-228-29.1.src.rpm systemd-mini-bash-completion-228-29.1.noarch.rpm systemd-mini-debuginfo-228-29.1.i586.rpm systemd-mini-debugsource-228-29.1.i586.rpm systemd-mini-devel-228-29.1.i586.rpm systemd-mini-sysvinit-228-29.1.i586.rpm udev-mini-228-29.1.i586.rpm udev-mini-debuginfo-228-29.1.i586.rpm libsystemd0-228-29.1.i586.rpm libsystemd0-32bit-228-29.1.x86_64.rpm libsystemd0-debuginfo-228-29.1.i586.rpm libsystemd0-debuginfo-32bit-228-29.1.x86_64.rpm libudev-devel-228-29.1.i586.rpm libudev1-228-29.1.i586.rpm libudev1-32bit-228-29.1.x86_64.rpm libudev1-debuginfo-228-29.1.i586.rpm libudev1-debuginfo-32bit-228-29.1.x86_64.rpm nss-myhostname-228-29.1.i586.rpm nss-myhostname-32bit-228-29.1.x86_64.rpm nss-myhostname-debuginfo-228-29.1.i586.rpm nss-myhostname-debuginfo-32bit-228-29.1.x86_64.rpm nss-mymachines-228-29.1.i586.rpm nss-mymachines-debuginfo-228-29.1.i586.rpm systemd-228-29.1.i586.rpm systemd-228-29.1.src.rpm systemd-32bit-228-29.1.x86_64.rpm systemd-bash-completion-228-29.1.noarch.rpm systemd-debuginfo-228-29.1.i586.rpm systemd-debuginfo-32bit-228-29.1.x86_64.rpm systemd-debugsource-228-29.1.i586.rpm systemd-devel-228-29.1.i586.rpm systemd-logger-228-29.1.i586.rpm systemd-sysvinit-228-29.1.i586.rpm udev-228-29.1.i586.rpm udev-debuginfo-228-29.1.i586.rpm dracut-044.1-23.2.x86_64.rpm dracut-debuginfo-044.1-23.2.x86_64.rpm dracut-debugsource-044.1-23.2.x86_64.rpm dracut-fips-044.1-23.2.x86_64.rpm dracut-tools-044.1-23.2.x86_64.rpm libsystemd0-mini-228-29.1.x86_64.rpm libsystemd0-mini-debuginfo-228-29.1.x86_64.rpm libudev-mini-devel-228-29.1.x86_64.rpm libudev-mini1-228-29.1.x86_64.rpm libudev-mini1-debuginfo-228-29.1.x86_64.rpm systemd-mini-228-29.1.x86_64.rpm systemd-mini-debuginfo-228-29.1.x86_64.rpm systemd-mini-debugsource-228-29.1.x86_64.rpm systemd-mini-devel-228-29.1.x86_64.rpm systemd-mini-sysvinit-228-29.1.x86_64.rpm udev-mini-228-29.1.x86_64.rpm udev-mini-debuginfo-228-29.1.x86_64.rpm libsystemd0-228-29.1.x86_64.rpm libsystemd0-debuginfo-228-29.1.x86_64.rpm libudev-devel-228-29.1.x86_64.rpm libudev1-228-29.1.x86_64.rpm libudev1-debuginfo-228-29.1.x86_64.rpm nss-myhostname-228-29.1.x86_64.rpm nss-myhostname-debuginfo-228-29.1.x86_64.rpm nss-mymachines-228-29.1.x86_64.rpm nss-mymachines-debuginfo-228-29.1.x86_64.rpm systemd-228-29.1.x86_64.rpm systemd-debuginfo-228-29.1.x86_64.rpm systemd-debugsource-228-29.1.x86_64.rpm systemd-devel-228-29.1.x86_64.rpm systemd-logger-228-29.1.x86_64.rpm systemd-sysvinit-228-29.1.x86_64.rpm udev-228-29.1.x86_64.rpm udev-debuginfo-228-29.1.x86_64.rpm openSUSE-2017-841 moderate openSUSE Leap 42.3 Update This update for catdoc fixes the following issues: - CVE-2017-11110: Attackers may have used specially crafted files to cause a denial of service through a heap-based buffer under-flow and application crash, or have unspecified other impact (boo#1047877) catdoc-0.95-10.1.i586.rpm catdoc-0.95-10.1.src.rpm catdoc-debuginfo-0.95-10.1.i586.rpm catdoc-debugsource-0.95-10.1.i586.rpm catdoc-0.95-10.1.x86_64.rpm catdoc-debuginfo-0.95-10.1.x86_64.rpm catdoc-debugsource-0.95-10.1.x86_64.rpm openSUSE-2017-842 moderate openSUSE Leap 42.3 Update This update for gsoap fixes the following security issue: - CVE-2017-9765: A remote attacker may have triggered a buffer overflow to cause a server crash (denial of service) after sending 2GB of a specially crafted XML message, or possibly have unspecified futher impact. (bsc#1049348) gsoap-2.8.46-3.1.src.rpm gsoap-debugsource-2.8.46-3.1.i586.rpm gsoap-devel-2.8.46-3.1.i586.rpm gsoap-devel-debuginfo-2.8.46-3.1.i586.rpm gsoap-doc-2.8.46-3.1.noarch.rpm libgsoap-2_8_46-2.8.46-3.1.i586.rpm libgsoap-2_8_46-debuginfo-2.8.46-3.1.i586.rpm gsoap-debugsource-2.8.46-3.1.x86_64.rpm gsoap-devel-2.8.46-3.1.x86_64.rpm gsoap-devel-debuginfo-2.8.46-3.1.x86_64.rpm libgsoap-2_8_46-2.8.46-3.1.x86_64.rpm libgsoap-2_8_46-debuginfo-2.8.46-3.1.x86_64.rpm openSUSE-2017-846 low openSUSE Leap 42.3 Update This update for sendmail fixes the following issues: - The requirements of the libmilter, sendmail-devel packages did not consider other MTAs (boo#1049188) libmilter-doc-8.15.2-6.1.noarch.rpm libmilter1_0-8.15.2-6.1.x86_64.rpm libmilter1_0-debuginfo-8.15.2-6.1.x86_64.rpm rmail-8.15.2-6.1.x86_64.rpm rmail-debuginfo-8.15.2-6.1.x86_64.rpm sendmail-8.15.2-6.1.src.rpm sendmail-8.15.2-6.1.x86_64.rpm sendmail-debuginfo-8.15.2-6.1.x86_64.rpm sendmail-debugsource-8.15.2-6.1.x86_64.rpm sendmail-devel-8.15.2-6.1.x86_64.rpm sendmail-starttls-8.15.2-6.1.noarch.rpm openSUSE-2017-844 moderate openSUSE Leap 42.3 Update This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. (bsc#1009994) - CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010975) - CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a denial of service (assertion failure). (bsc#1010968) - CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010774) - CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a denial of service (assertion failure) via a very large integer. (bsc#1010782) - CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial of service. (bsc#1047958) CVEs already fixed with previous update: - CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010757) - CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010766) - CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010756) This update was imported from the SUSE:SLE-12:Update update project. jasper-1.900.14-179.1.i586.rpm jasper-1.900.14-179.1.src.rpm jasper-debuginfo-1.900.14-179.1.i586.rpm jasper-debugsource-1.900.14-179.1.i586.rpm libjasper-devel-1.900.14-179.1.i586.rpm libjasper1-1.900.14-179.1.i586.rpm libjasper1-32bit-1.900.14-179.1.x86_64.rpm libjasper1-debuginfo-1.900.14-179.1.i586.rpm libjasper1-debuginfo-32bit-1.900.14-179.1.x86_64.rpm jasper-1.900.14-179.1.x86_64.rpm jasper-debuginfo-1.900.14-179.1.x86_64.rpm jasper-debugsource-1.900.14-179.1.x86_64.rpm libjasper-devel-1.900.14-179.1.x86_64.rpm libjasper1-1.900.14-179.1.x86_64.rpm libjasper1-debuginfo-1.900.14-179.1.x86_64.rpm openSUSE-2017-852 low openSUSE Leap 42.3 Update This update for iptables provides the following fix: - Fix a locking issue of iptables-batch when other programs modify the iptables rules in parallel (bsc#1045130) This update was imported from the SUSE:SLE-12:Update update project. iptables-1.4.21-9.1.i586.rpm iptables-1.4.21-9.1.src.rpm iptables-debuginfo-1.4.21-9.1.i586.rpm iptables-debugsource-1.4.21-9.1.i586.rpm libipq-devel-1.4.21-9.1.i586.rpm libipq0-1.4.21-9.1.i586.rpm libipq0-debuginfo-1.4.21-9.1.i586.rpm libiptc-devel-1.4.21-9.1.i586.rpm libiptc0-1.4.21-9.1.i586.rpm libiptc0-debuginfo-1.4.21-9.1.i586.rpm libxtables-devel-1.4.21-9.1.i586.rpm libxtables10-1.4.21-9.1.i586.rpm libxtables10-debuginfo-1.4.21-9.1.i586.rpm xtables-plugins-1.4.21-9.1.i586.rpm xtables-plugins-debuginfo-1.4.21-9.1.i586.rpm iptables-1.4.21-9.1.x86_64.rpm iptables-debuginfo-1.4.21-9.1.x86_64.rpm iptables-debugsource-1.4.21-9.1.x86_64.rpm libipq-devel-1.4.21-9.1.x86_64.rpm libipq0-1.4.21-9.1.x86_64.rpm libipq0-debuginfo-1.4.21-9.1.x86_64.rpm libiptc-devel-1.4.21-9.1.x86_64.rpm libiptc0-1.4.21-9.1.x86_64.rpm libiptc0-debuginfo-1.4.21-9.1.x86_64.rpm libxtables-devel-1.4.21-9.1.x86_64.rpm libxtables10-1.4.21-9.1.x86_64.rpm libxtables10-debuginfo-1.4.21-9.1.x86_64.rpm xtables-plugins-1.4.21-9.1.x86_64.rpm xtables-plugins-debuginfo-1.4.21-9.1.x86_64.rpm openSUSE-2017-853 moderate openSUSE Leap 42.3 Update This update for lxc fixes the following issue: * lxc-start would fail to start (boo#1036360) This fix requires to manually start apparmor after installation or rebooting the machine. lxc-1.1.5-19.1.src.rpm lxc-1.1.5-19.1.x86_64.rpm lxc-debuginfo-1.1.5-19.1.x86_64.rpm lxc-debugsource-1.1.5-19.1.x86_64.rpm lxc-devel-1.1.5-19.1.x86_64.rpm openSUSE-2017-838 moderate openSUSE Leap 42.3 Update This update for virtualbox fixes the following issues: - VirtualBox would fail to start VMs "Kernel driver not installed (rc=-1908)" (boo#1037291) - Issues building kernel modules and guest additions (boo#1042726, boo#1044931) - Issue with configuring host-only network parameters (boo#1027742) - Revise warning screen concerning USB passthru - boo#1041137. Various upstream fixes are included in the 5.1.24 release: - VMM: mask the VME CPUID capability on AMD Ryzen processors for now to make certain guests works, for example Windows XP - VMM: emulate more SSE2 instructions - VMM: properly clear the TF and AC flags when dispatching real-mode interrupts - GUI: fixes to make the mini-toolbar work with recent versions of KDE / Plasma (bug #16325) - GUI: fixed a potential crash when a VM with multiple screens is running in full screen / seamless mode and a host screen is removed, for example when connecting to the host via RDP - GUI: fixed initial size hints for guests which set intermediate sizes before responding (bug #16593) - GUI: prevent stopped screen updates or black screen on reboot in a multi-screen setup under certain conditions - Audio: many improvements for Windows 10 guests (bugs #15189, #15925, #16170, #16682, #16794 and others) - Storage: fixed possible crash when using Intels SPDK - API: use the correct file name of the VM machine state if the VM settings directory is renamed, for example during grouping / ungrouping a VM (bugs #16075 and #16745) - API: return the correct error code if powering up a VM fails - API: video recording did not automatically start at VM start when enabled in the VM settings (bug #16803) - API: when relocating a medium, check that the target path is fully qualified - EFI: fix for VMs with more than 3504MB RAM (bug #11103) - Host-only adapter: correctly determine IPv4 netmasks on Windows hosts (bug #16826) - NAT network: properly do the refcounting for starting / stopping the NAT / DHCP services if the NAT network is changed while the adapter network connection type is anything else but NAT network - VBoxManage: fixed controlvm videocapfile (bug #16779) - Linux / Mac OS X hosts: more fixes for loading shared libraries (5.1.20 regression; bugs #16778, #16693) - Linux hosts / guests: Linux 4.12 fixes (bugs #16725, #16800) - Linux hosts / guests: reduce the kernel stack consumption for Linux kernels with CONFIG_CPUMASK_OFFSTACK defined - Linux hosts / guests: fixes for kernel modules built with gcc-7 (bug #16772) - Linux hosts / guests: Linux 4.13 fix (bug #16887) - Linux hosts: don't depend on net-tools on newer distributions as this package is deprecated in favour of iproute (bug #16764) - Linux hosts: make 2D video acceleration available for older Linux distributions (5.1 regression; bug #16858) - Linux Additions: fix for dynamic resizing with Oracle Linux 6 with UEK4 - Linux Additions: make Fedora 25 and 26 Alpha work when 3D pass-through is enabled - Linux Additions: no longer recommend removing distribution- installed Additions if they are updated to our guidelines python-virtualbox-5.1.24-22.1.x86_64.rpm python-virtualbox-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-5.1.24-22.1.src.rpm virtualbox-5.1.24-22.1.x86_64.rpm virtualbox-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-debugsource-5.1.24-22.1.x86_64.rpm virtualbox-devel-5.1.24-22.1.x86_64.rpm virtualbox-guest-desktop-icons-5.1.24-22.1.noarch.rpm virtualbox-guest-kmp-default-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-guest-source-5.1.24-22.1.noarch.rpm virtualbox-guest-tools-5.1.24-22.1.x86_64.rpm virtualbox-guest-tools-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-guest-x11-5.1.24-22.1.x86_64.rpm virtualbox-guest-x11-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-host-kmp-default-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-host-source-5.1.24-22.1.noarch.rpm virtualbox-qt-5.1.24-22.1.x86_64.rpm virtualbox-qt-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-vnc-5.1.24-22.1.x86_64.rpm virtualbox-websrv-5.1.24-22.1.x86_64.rpm virtualbox-websrv-debuginfo-5.1.24-22.1.x86_64.rpm openSUSE-2017-831 important openSUSE Leap 42.3 Update This update for libXi fixes the following issues: - many X clients would crash with SIGSEGV on tablet devices or some GTK applications (bsc#1049681) libXi-1.7.5-8.1.src.rpm libXi-debugsource-1.7.5-8.1.i586.rpm libXi-devel-1.7.5-8.1.i586.rpm libXi-devel-32bit-1.7.5-8.1.x86_64.rpm libXi6-1.7.5-8.1.i586.rpm libXi6-32bit-1.7.5-8.1.x86_64.rpm libXi6-debuginfo-1.7.5-8.1.i586.rpm libXi6-debuginfo-32bit-1.7.5-8.1.x86_64.rpm libXi-debugsource-1.7.5-8.1.x86_64.rpm libXi-devel-1.7.5-8.1.x86_64.rpm libXi6-1.7.5-8.1.x86_64.rpm libXi6-debuginfo-1.7.5-8.1.x86_64.rpm openSUSE-2017-839 moderate openSUSE Leap 42.3 Update This update for coolkey provides fixes and enhancements, including: - PK15 support. - Fix CAC card support. - Fix card removal issues. - Add PKCS11 module to p11-kit-32bit. This update was imported from the SUSE:SLE-12:Update update project. coolkey-1.1.0-156.1.i586.rpm coolkey-1.1.0-156.1.src.rpm coolkey-32bit-1.1.0-156.1.x86_64.rpm coolkey-debuginfo-1.1.0-156.1.i586.rpm coolkey-debuginfo-32bit-1.1.0-156.1.x86_64.rpm coolkey-debugsource-1.1.0-156.1.i586.rpm coolkey-devel-1.1.0-156.1.i586.rpm coolkey-1.1.0-156.1.x86_64.rpm coolkey-debuginfo-1.1.0-156.1.x86_64.rpm coolkey-debugsource-1.1.0-156.1.x86_64.rpm coolkey-devel-1.1.0-156.1.x86_64.rpm openSUSE-2017-851 moderate openSUSE Leap 42.3 Update This update for GraphicsMagick fixes the following issue: - CVE-2017-11403: A specially crafted PNG file may have have triggerd a use-after-free flaw (boo#1049072) GraphicsMagick-1.3.25-17.1.i586.rpm GraphicsMagick-1.3.25-17.1.src.rpm GraphicsMagick-debuginfo-1.3.25-17.1.i586.rpm GraphicsMagick-debugsource-1.3.25-17.1.i586.rpm GraphicsMagick-devel-1.3.25-17.1.i586.rpm libGraphicsMagick++-Q16-12-1.3.25-17.1.i586.rpm libGraphicsMagick++-Q16-12-debuginfo-1.3.25-17.1.i586.rpm libGraphicsMagick++-devel-1.3.25-17.1.i586.rpm libGraphicsMagick-Q16-3-1.3.25-17.1.i586.rpm libGraphicsMagick-Q16-3-debuginfo-1.3.25-17.1.i586.rpm libGraphicsMagick3-config-1.3.25-17.1.i586.rpm libGraphicsMagickWand-Q16-2-1.3.25-17.1.i586.rpm libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-17.1.i586.rpm perl-GraphicsMagick-1.3.25-17.1.i586.rpm perl-GraphicsMagick-debuginfo-1.3.25-17.1.i586.rpm GraphicsMagick-1.3.25-17.1.x86_64.rpm GraphicsMagick-debuginfo-1.3.25-17.1.x86_64.rpm GraphicsMagick-debugsource-1.3.25-17.1.x86_64.rpm GraphicsMagick-devel-1.3.25-17.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.25-17.1.x86_64.rpm libGraphicsMagick++-Q16-12-debuginfo-1.3.25-17.1.x86_64.rpm libGraphicsMagick++-devel-1.3.25-17.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.25-17.1.x86_64.rpm libGraphicsMagick-Q16-3-debuginfo-1.3.25-17.1.x86_64.rpm libGraphicsMagick3-config-1.3.25-17.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.25-17.1.x86_64.rpm libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-17.1.x86_64.rpm perl-GraphicsMagick-1.3.25-17.1.x86_64.rpm perl-GraphicsMagick-debuginfo-1.3.25-17.1.x86_64.rpm openSUSE-2017-856 low openSUSE Leap 42.3 Update This update for python-websockify fixes the following issues: - remove unused run-time dependency on pyOpenSSL (boo#1049987) python-websockify-0.8.0-5.1.noarch.rpm python-websockify-0.8.0-5.1.src.rpm openSUSE-2017-857 moderate openSUSE Leap 42.3 Update This update gnuhealth 3.2.1 fixes the following issues: - View error on lab order (bsc#1049985) gnuhealth-3.2.1-15.1.noarch.rpm gnuhealth-3.2.1-15.1.src.rpm openSUSE-2017-850 moderate openSUSE Leap 42.3 Update This update for the_silver_searcher to version 2.0.0 fixes a minor security issue and includes various improvements. New and updated functionality: - New and updated support for various file types - Performance improvements, including faster substring search - Add --print-all-files options to print all files searched - Add support for inverting ignore rules (e.g. !blah.txt) - Add zsh completion function The following functionality has changed: - No longer read from .agignore, .ignore is used The following potential security issue was fixed: - Heap buffer overflow when searching an absolute path (boo#1050057) The following bug fixes are included: - Fix context line printing when reading from a pipe - Ignore local-domain socket just like named pipes - Fix --word-regexp not applying to alternates the_silver_searcher-2.0.0-6.1.i586.rpm the_silver_searcher-2.0.0-6.1.src.rpm the_silver_searcher-debuginfo-2.0.0-6.1.i586.rpm the_silver_searcher-debugsource-2.0.0-6.1.i586.rpm the_silver_searcher-2.0.0-6.1.x86_64.rpm the_silver_searcher-debuginfo-2.0.0-6.1.x86_64.rpm the_silver_searcher-debugsource-2.0.0-6.1.x86_64.rpm openSUSE-2017-861 moderate openSUSE Leap 42.3 Update This update for oidentd fixes the following issues: - Upgrade and start-up problems related to service files (boo#953608) oidentd-2.0.8-153.1.i586.rpm oidentd-2.0.8-153.1.src.rpm oidentd-debuginfo-2.0.8-153.1.i586.rpm oidentd-debugsource-2.0.8-153.1.i586.rpm oidentd-2.0.8-153.1.x86_64.rpm oidentd-debuginfo-2.0.8-153.1.x86_64.rpm oidentd-debugsource-2.0.8-153.1.x86_64.rpm openSUSE-2017-862 low openSUSE Leap 42.3 Update This update for mpg123 fixes the following issues: - Improve over previous fix for CVE-2017-10683 to avoid playback issues (bsc#1046766) libmpg123-0-1.25.3-3.1.i586.rpm libmpg123-0-32bit-1.25.3-3.1.x86_64.rpm libmpg123-0-debuginfo-1.25.3-3.1.i586.rpm libmpg123-0-debuginfo-32bit-1.25.3-3.1.x86_64.rpm libout123-0-1.25.3-3.1.i586.rpm libout123-0-32bit-1.25.3-3.1.x86_64.rpm libout123-0-debuginfo-1.25.3-3.1.i586.rpm libout123-0-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-1.25.3-3.1.i586.rpm mpg123-1.25.3-3.1.src.rpm mpg123-debuginfo-1.25.3-3.1.i586.rpm mpg123-debugsource-1.25.3-3.1.i586.rpm mpg123-devel-1.25.3-3.1.i586.rpm mpg123-devel-32bit-1.25.3-3.1.x86_64.rpm mpg123-esound-1.25.3-3.1.i586.rpm mpg123-esound-32bit-1.25.3-3.1.x86_64.rpm mpg123-esound-debuginfo-1.25.3-3.1.i586.rpm mpg123-esound-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-jack-1.25.3-3.1.i586.rpm mpg123-jack-32bit-1.25.3-3.1.x86_64.rpm mpg123-jack-debuginfo-1.25.3-3.1.i586.rpm mpg123-jack-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-openal-1.25.3-3.1.i586.rpm mpg123-openal-32bit-1.25.3-3.1.x86_64.rpm mpg123-openal-debuginfo-1.25.3-3.1.i586.rpm mpg123-openal-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-portaudio-1.25.3-3.1.i586.rpm mpg123-portaudio-32bit-1.25.3-3.1.x86_64.rpm mpg123-portaudio-debuginfo-1.25.3-3.1.i586.rpm mpg123-portaudio-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-pulse-1.25.3-3.1.i586.rpm mpg123-pulse-32bit-1.25.3-3.1.x86_64.rpm mpg123-pulse-debuginfo-1.25.3-3.1.i586.rpm mpg123-pulse-debuginfo-32bit-1.25.3-3.1.x86_64.rpm mpg123-sdl-1.25.3-3.1.i586.rpm mpg123-sdl-32bit-1.25.3-3.1.x86_64.rpm mpg123-sdl-debuginfo-1.25.3-3.1.i586.rpm mpg123-sdl-debuginfo-32bit-1.25.3-3.1.x86_64.rpm libmpg123-0-1.25.3-3.1.x86_64.rpm libmpg123-0-debuginfo-1.25.3-3.1.x86_64.rpm libout123-0-1.25.3-3.1.x86_64.rpm libout123-0-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-1.25.3-3.1.x86_64.rpm mpg123-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-debugsource-1.25.3-3.1.x86_64.rpm mpg123-devel-1.25.3-3.1.x86_64.rpm mpg123-esound-1.25.3-3.1.x86_64.rpm mpg123-esound-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-jack-1.25.3-3.1.x86_64.rpm mpg123-jack-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-openal-1.25.3-3.1.x86_64.rpm mpg123-openal-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-portaudio-1.25.3-3.1.x86_64.rpm mpg123-portaudio-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-pulse-1.25.3-3.1.x86_64.rpm mpg123-pulse-debuginfo-1.25.3-3.1.x86_64.rpm mpg123-sdl-1.25.3-3.1.x86_64.rpm mpg123-sdl-debuginfo-1.25.3-3.1.x86_64.rpm openSUSE-2017-866 moderate openSUSE Leap 42.3 Update This update for mysql-community-server to version 5.6.37 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-3633: Memcached unspecified vulnerability (boo#1049394) - CVE-2017-3634: DML unspecified vulnerability (boo#1049396) - CVE-2017-3635: C API unspecified vulnerability (boo#1049398) - CVE-2017-3636: Client programs unspecified vulnerability (boo#1049399) - CVE-2017-3641: DML unspecified vulnerability (boo#1049404) - CVE-2017-3647: Replication unspecified vulnerability (boo#1049410) - CVE-2017-3648: Charsets unspecified vulnerability (boo#1049411) - CVE-2017-3649: Replication unspecified vulnerability (boo#1049412) - CVE-2017-3651: Client mysqldump unspecified vulnerability (boo#1049415) - CVE-2017-3652: DDL unspecified vulnerability (boo#1049416) - CVE-2017-3653: DDL unspecified vulnerability (boo#1049417) - CVE-2017-3732: Security, Encryption unspecified vulnerability (boo#1049421) The following general changes are included: - switch systemd unit file from 'Restart=on-failure' to 'Restart=on-abort' - update file lists for new man-pages and tools (for mariadb) For a list of upstream changes in this release, see: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-37.html libmysql56client18-32bit-5.6.37-27.1.x86_64.rpm libmysql56client18-5.6.37-27.1.i586.rpm libmysql56client18-debuginfo-32bit-5.6.37-27.1.x86_64.rpm libmysql56client18-debuginfo-5.6.37-27.1.i586.rpm libmysql56client_r18-32bit-5.6.37-27.1.x86_64.rpm libmysql56client_r18-5.6.37-27.1.i586.rpm mysql-community-server-5.6.37-27.1.i586.rpm mysql-community-server-5.6.37-27.1.src.rpm mysql-community-server-bench-5.6.37-27.1.i586.rpm mysql-community-server-bench-debuginfo-5.6.37-27.1.i586.rpm mysql-community-server-client-5.6.37-27.1.i586.rpm mysql-community-server-client-debuginfo-5.6.37-27.1.i586.rpm mysql-community-server-debuginfo-5.6.37-27.1.i586.rpm mysql-community-server-debugsource-5.6.37-27.1.i586.rpm mysql-community-server-errormessages-5.6.37-27.1.i586.rpm mysql-community-server-test-5.6.37-27.1.i586.rpm mysql-community-server-test-debuginfo-5.6.37-27.1.i586.rpm mysql-community-server-tools-5.6.37-27.1.i586.rpm mysql-community-server-tools-debuginfo-5.6.37-27.1.i586.rpm libmysql56client18-5.6.37-27.1.x86_64.rpm libmysql56client18-debuginfo-5.6.37-27.1.x86_64.rpm libmysql56client_r18-5.6.37-27.1.x86_64.rpm mysql-community-server-5.6.37-27.1.x86_64.rpm mysql-community-server-bench-5.6.37-27.1.x86_64.rpm mysql-community-server-bench-debuginfo-5.6.37-27.1.x86_64.rpm mysql-community-server-client-5.6.37-27.1.x86_64.rpm mysql-community-server-client-debuginfo-5.6.37-27.1.x86_64.rpm mysql-community-server-debuginfo-5.6.37-27.1.x86_64.rpm mysql-community-server-debugsource-5.6.37-27.1.x86_64.rpm mysql-community-server-errormessages-5.6.37-27.1.x86_64.rpm mysql-community-server-test-5.6.37-27.1.x86_64.rpm mysql-community-server-test-debuginfo-5.6.37-27.1.x86_64.rpm mysql-community-server-tools-5.6.37-27.1.x86_64.rpm mysql-community-server-tools-debuginfo-5.6.37-27.1.x86_64.rpm openSUSE-2017-865 moderate openSUSE Leap 42.3 Update This update for apache2 fixes the following issues: Security issue fixed: - CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. (bsc#1048576) Bug fixes: - Include individual sysconfig.d files instead of the whole sysconfig.d directory. - Include sysconfig.d/include.conf after httpd.conf is processed. (bsc#1023616, bsc#1043055) This update was imported from the SUSE:SLE-12-SP2:Update update project. apache2-2.4.23-13.1.i586.rpm apache2-2.4.23-13.1.src.rpm apache2-debuginfo-2.4.23-13.1.i586.rpm apache2-debugsource-2.4.23-13.1.i586.rpm apache2-devel-2.4.23-13.1.i586.rpm apache2-doc-2.4.23-13.1.noarch.rpm apache2-event-2.4.23-13.1.i586.rpm apache2-event-debuginfo-2.4.23-13.1.i586.rpm apache2-example-pages-2.4.23-13.1.i586.rpm apache2-prefork-2.4.23-13.1.i586.rpm apache2-prefork-debuginfo-2.4.23-13.1.i586.rpm apache2-utils-2.4.23-13.1.i586.rpm apache2-utils-debuginfo-2.4.23-13.1.i586.rpm apache2-worker-2.4.23-13.1.i586.rpm apache2-worker-debuginfo-2.4.23-13.1.i586.rpm apache2-2.4.23-13.1.x86_64.rpm apache2-debuginfo-2.4.23-13.1.x86_64.rpm apache2-debugsource-2.4.23-13.1.x86_64.rpm apache2-devel-2.4.23-13.1.x86_64.rpm apache2-event-2.4.23-13.1.x86_64.rpm apache2-event-debuginfo-2.4.23-13.1.x86_64.rpm apache2-example-pages-2.4.23-13.1.x86_64.rpm apache2-prefork-2.4.23-13.1.x86_64.rpm apache2-prefork-debuginfo-2.4.23-13.1.x86_64.rpm apache2-utils-2.4.23-13.1.x86_64.rpm apache2-utils-debuginfo-2.4.23-13.1.x86_64.rpm apache2-worker-2.4.23-13.1.x86_64.rpm apache2-worker-debuginfo-2.4.23-13.1.x86_64.rpm openSUSE-2017-854 important openSUSE Leap 42.3 Update This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: * CVE-2017-5091: Use after free in IndexedDB * CVE-2017-5092: Use after free in PPAPI * CVE-2017-5093: UI spoofing in Blink * CVE-2017-5094: Type confusion in extensions * CVE-2017-5095: Out-of-bounds write in PDFium * CVE-2017-5096: User information leak via Android intents * CVE-2017-5097: Out-of-bounds read in Skia * CVE-2017-5098: Use after free in V8 * CVE-2017-5099: Out-of-bounds write in PPAPI * CVE-2017-5100: Use after free in Chrome Apps * CVE-2017-5101: URL spoofing in OmniBox * CVE-2017-5102: Uninitialized use in Skia * CVE-2017-5103: Uninitialized use in Skia * CVE-2017-5104: UI spoofing in browser * CVE-2017-7000: Pointer disclosure in SQLite * CVE-2017-5105: URL spoofing in OmniBox * CVE-2017-5106: URL spoofing in OmniBox * CVE-2017-5107: User information leak via SVG * CVE-2017-5108: Type confusion in PDFium * CVE-2017-5109: UI spoofing in browser * CVE-2017-5110: UI spoofing in payments dialog * Various fixes from internal audits, fuzzing and other initiatives A number of upstream bugfixes are also included in this release. chromedriver-60.0.3112.78-107.1.x86_64.rpm chromedriver-debuginfo-60.0.3112.78-107.1.x86_64.rpm chromium-60.0.3112.78-107.1.src.rpm chromium-60.0.3112.78-107.1.x86_64.rpm chromium-debuginfo-60.0.3112.78-107.1.x86_64.rpm chromium-debugsource-60.0.3112.78-107.1.x86_64.rpm openSUSE-2017-872 low openSUSE Leap 42.3 Update This update for procps provides the following fixes: - Allow reading and writing content lines longer than 1024 characters under /proc/sys (bsc#1039941) - Avoid printing messages when /proc/sys/net/ipv6/conf/*/stable_secret is not set This update was imported from the SUSE:SLE-12:Update update project. libprocps3-3.3.9-14.1.i586.rpm libprocps3-debuginfo-3.3.9-14.1.i586.rpm procps-3.3.9-14.1.i586.rpm procps-3.3.9-14.1.src.rpm procps-debuginfo-3.3.9-14.1.i586.rpm procps-debugsource-3.3.9-14.1.i586.rpm procps-devel-3.3.9-14.1.i586.rpm libprocps3-3.3.9-14.1.x86_64.rpm libprocps3-debuginfo-3.3.9-14.1.x86_64.rpm procps-3.3.9-14.1.x86_64.rpm procps-debuginfo-3.3.9-14.1.x86_64.rpm procps-debugsource-3.3.9-14.1.x86_64.rpm procps-devel-3.3.9-14.1.x86_64.rpm openSUSE-2017-871 low openSUSE Leap 42.3 Update This update for shotwell fixes the following issues: - Fix segmentation fault on "Import From Application..." after disabling plugins (bsc#1040047) This update was imported from the SUSE:SLE-12-SP2:Update update project. shotwell-0.22.0+git.20160103-11.1.src.rpm shotwell-0.22.0+git.20160103-11.1.x86_64.rpm shotwell-debuginfo-0.22.0+git.20160103-11.1.x86_64.rpm shotwell-debugsource-0.22.0+git.20160103-11.1.x86_64.rpm shotwell-lang-0.22.0+git.20160103-11.1.noarch.rpm openSUSE-2017-870 moderate openSUSE Leap 42.3 Update This update for squidGuard provides the following fixes: - Adapt squidGuard to work properly with current versions of squid (bsc#1040757) - Change the default configuration file to only reference existing filter lists (bsc#961499) This update was imported from the SUSE:SLE-12:Update update project. squidGuard-1.4-8.1.src.rpm squidGuard-1.4-8.1.x86_64.rpm squidGuard-debuginfo-1.4-8.1.x86_64.rpm squidGuard-debugsource-1.4-8.1.x86_64.rpm squidGuard-doc-1.4-8.1.x86_64.rpm openSUSE-2017-869 moderate openSUSE Leap 42.3 Update This update for libical fixes the following issues: Security issues fixed: - CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bsc#986639) - CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. (bsc#986631) - CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. (bsc#1015964) Bug fixes: - libical crashes while parsing timezones (bsc#1044995) This update was imported from the SUSE:SLE-12-SP2:Update update project. libical-1.0.1-16.1.src.rpm libical-debugsource-1.0.1-16.1.i586.rpm libical-devel-1.0.1-16.1.i586.rpm libical-devel-static-1.0.1-16.1.i586.rpm libical-doc-1.0.1-16.1.noarch.rpm libical1-1.0.1-16.1.i586.rpm libical1-32bit-1.0.1-16.1.x86_64.rpm libical1-debuginfo-1.0.1-16.1.i586.rpm libical1-debuginfo-32bit-1.0.1-16.1.x86_64.rpm libical-debugsource-1.0.1-16.1.x86_64.rpm libical-devel-1.0.1-16.1.x86_64.rpm libical-devel-static-1.0.1-16.1.x86_64.rpm libical1-1.0.1-16.1.x86_64.rpm libical1-debuginfo-1.0.1-16.1.x86_64.rpm