openSUSE-2017-835 important openSUSE Leap 42.3 Update This update for rubygem-puppet fixes the following issues: - CVE-2017-2295: A remote attacker could have forced unsafe YAML deserialization which could have led to code execution (bsc#1040151) ruby2.1-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.1-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.1-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.2-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.3-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-doc-3.8.7-20.1.i586.rpm ruby2.4-rubygem-puppet-testsuite-3.8.7-20.1.i586.rpm rubygem-puppet-3.8.7-20.1.i586.rpm rubygem-puppet-3.8.7-20.1.src.rpm rubygem-puppet-emacs-3.8.7-20.1.noarch.rpm rubygem-puppet-master-3.8.7-20.1.i586.rpm rubygem-puppet-master-unicorn-3.8.7-20.1.noarch.rpm rubygem-puppet-vim-3.8.7-20.1.noarch.rpm ruby2.1-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.1-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.1-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.2-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.3-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-doc-3.8.7-20.1.x86_64.rpm ruby2.4-rubygem-puppet-testsuite-3.8.7-20.1.x86_64.rpm rubygem-puppet-3.8.7-20.1.x86_64.rpm rubygem-puppet-master-3.8.7-20.1.x86_64.rpm openSUSE-2017-826 moderate openSUSE Leap 42.3 Update This update for xorg-x11-server fixes the following issues: - Improve retrieval of entropy for generating random authentication cookies (bsc#1025084) - Fix rendering with glamor acceleration. (bsc#1047154) xorg-x11-server-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-7.6_1.18.3-22.1.src.rpm True xorg-x11-server-debuginfo-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-debugsource-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-extra-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-extra-debuginfo-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-sdk-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-source-7.6_1.18.3-22.1.i586.rpm True xorg-x11-server-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-debuginfo-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-debugsource-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-extra-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-extra-debuginfo-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-sdk-7.6_1.18.3-22.1.x86_64.rpm True xorg-x11-server-source-7.6_1.18.3-22.1.x86_64.rpm True openSUSE-2017-836 low openSUSE Leap 42.3 Update This update provides a new version of smartmontools with various improvements and bug fixes: - Experimental support for NVMe devices on FreeBSD, Linux and Windows. (boo#999541) - smartctl '-i', '-c', '-H' and '-l error': NVMe support. - smartctl '-l nvmelog': New option for NVMe. - smartd.conf '-H', '-l error' and '-W': NVMe support. - Optional NVMe device scanning support on Linux and Windows. - Configure option '--with-nvme-devicescan' to include NVMe in default device scanning result. - Drop systemd dependency on syslog.target (boo#983938). - SCSI: Improved support of modern disks (SAS SSDs). - AACRAID fixes, SMART STATUS should work now. - '/dev/megaraid_sas_ioctl_node' fd leak fix. - Re-add /usr/sbin/rcsmards symlink (boo#900099). - Fix service restart in smartmontools.generate_smartd_opts.in (boo#900099). - re-add sysvinit support in specfile. - HDD, SSD and USB additions to drive database. - Build with large file support in 32 bit systems. smartmontools-6.5-8.1.i586.rpm smartmontools-6.5-8.1.src.rpm smartmontools-debuginfo-6.5-8.1.i586.rpm smartmontools-debugsource-6.5-8.1.i586.rpm smartmontools-6.5-8.1.x86_64.rpm smartmontools-debuginfo-6.5-8.1.x86_64.rpm smartmontools-debugsource-6.5-8.1.x86_64.rpm openSUSE-2017-833 important openSUSE Leap 42.3 Update This update for ucode-intel brings newer revisions of microcode firmwares for many Intel devices: - BDX-ML B0/M0/R0 (06-4f-01:ef): b00001f -> b000021 - Skylake D0 (06-4e-03:c0): 9e -> ba - Broadwell ULT/ULX E/F-step (06-3d-04:c0): 24 -> 25 - ULT Cx/Dx (06-45-01:72): 1f -> 20 - Crystalwell Cx (06-46-01:32): 16 -> 17 - Broadwell Halo E/G-step (06-47-01:22): 16 -> 17 - HSX EX E0 (06-3f-04:80): d -> f - Skylake R0 (06-5e-03:36): 9e -> ba - Haswell Cx/Dx (06-3c-03:32): 20 -> 22 - HSX C0 (06-3f-02:6f): 39 -> 3a - KBL H0 (06-8e-09:c0): -> 62 - KBL Y0 (06-8e-0a:c0): -> 66 - KBL B0 (06-9e-09:2a): -> 5e - SKX H0 (06-55-04:97): -> 2000022 The updated CPU microcode addresses the following bugs: - Intel Skylake AVX/ FMA3 issue. (bsc#993639) - Intel Skylake HyperThreading issue. (bsc#1046431) ucode-intel-20170707-10.1.i586.rpm ucode-intel-20170707-10.1.src.rpm ucode-intel-blob-20170707-10.1.i586.rpm ucode-intel-debuginfo-20170707-10.1.i586.rpm ucode-intel-debugsource-20170707-10.1.i586.rpm ucode-intel-20170707-10.1.x86_64.rpm ucode-intel-blob-20170707-10.1.x86_64.rpm ucode-intel-debuginfo-20170707-10.1.x86_64.rpm ucode-intel-debugsource-20170707-10.1.x86_64.rpm openSUSE-2017-829 low openSUSE Leap 42.3 Update This update supplies access library and tools for the Kernel Crypto API. The libkcapi0 library and the libkcapi-tools are used to access the cryptographic interface of the kernel over the AF_ALG socket interface. (FATE#323554 bsc#1045948) libkcapi-0.13.0-2.1.src.rpm libkcapi-devel-0.13.0-2.1.i586.rpm libkcapi-tools-0.13.0-2.1.i586.rpm libkcapi-tools-debuginfo-0.13.0-2.1.i586.rpm libkcapi0-0.13.0-2.1.i586.rpm libkcapi0-debuginfo-0.13.0-2.1.i586.rpm libkcapi-devel-0.13.0-2.1.x86_64.rpm libkcapi-tools-0.13.0-2.1.x86_64.rpm libkcapi-tools-debuginfo-0.13.0-2.1.x86_64.rpm libkcapi0-0.13.0-2.1.x86_64.rpm libkcapi0-debuginfo-0.13.0-2.1.x86_64.rpm openSUSE-2017-838 moderate openSUSE Leap 42.3 Update This update for virtualbox fixes the following issues: - VirtualBox would fail to start VMs "Kernel driver not installed (rc=-1908)" (boo#1037291) - Issues building kernel modules and guest additions (boo#1042726, boo#1044931) - Issue with configuring host-only network parameters (boo#1027742) - Revise warning screen concerning USB passthru - boo#1041137. Various upstream fixes are included in the 5.1.24 release: - VMM: mask the VME CPUID capability on AMD Ryzen processors for now to make certain guests works, for example Windows XP - VMM: emulate more SSE2 instructions - VMM: properly clear the TF and AC flags when dispatching real-mode interrupts - GUI: fixes to make the mini-toolbar work with recent versions of KDE / Plasma (bug #16325) - GUI: fixed a potential crash when a VM with multiple screens is running in full screen / seamless mode and a host screen is removed, for example when connecting to the host via RDP - GUI: fixed initial size hints for guests which set intermediate sizes before responding (bug #16593) - GUI: prevent stopped screen updates or black screen on reboot in a multi-screen setup under certain conditions - Audio: many improvements for Windows 10 guests (bugs #15189, #15925, #16170, #16682, #16794 and others) - Storage: fixed possible crash when using Intels SPDK - API: use the correct file name of the VM machine state if the VM settings directory is renamed, for example during grouping / ungrouping a VM (bugs #16075 and #16745) - API: return the correct error code if powering up a VM fails - API: video recording did not automatically start at VM start when enabled in the VM settings (bug #16803) - API: when relocating a medium, check that the target path is fully qualified - EFI: fix for VMs with more than 3504MB RAM (bug #11103) - Host-only adapter: correctly determine IPv4 netmasks on Windows hosts (bug #16826) - NAT network: properly do the refcounting for starting / stopping the NAT / DHCP services if the NAT network is changed while the adapter network connection type is anything else but NAT network - VBoxManage: fixed controlvm videocapfile (bug #16779) - Linux / Mac OS X hosts: more fixes for loading shared libraries (5.1.20 regression; bugs #16778, #16693) - Linux hosts / guests: Linux 4.12 fixes (bugs #16725, #16800) - Linux hosts / guests: reduce the kernel stack consumption for Linux kernels with CONFIG_CPUMASK_OFFSTACK defined - Linux hosts / guests: fixes for kernel modules built with gcc-7 (bug #16772) - Linux hosts / guests: Linux 4.13 fix (bug #16887) - Linux hosts: don't depend on net-tools on newer distributions as this package is deprecated in favour of iproute (bug #16764) - Linux hosts: make 2D video acceleration available for older Linux distributions (5.1 regression; bug #16858) - Linux Additions: fix for dynamic resizing with Oracle Linux 6 with UEK4 - Linux Additions: make Fedora 25 and 26 Alpha work when 3D pass-through is enabled - Linux Additions: no longer recommend removing distribution- installed Additions if they are updated to our guidelines python-virtualbox-5.1.24-22.1.x86_64.rpm python-virtualbox-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-5.1.24-22.1.src.rpm virtualbox-5.1.24-22.1.x86_64.rpm virtualbox-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-debugsource-5.1.24-22.1.x86_64.rpm virtualbox-devel-5.1.24-22.1.x86_64.rpm virtualbox-guest-desktop-icons-5.1.24-22.1.noarch.rpm virtualbox-guest-kmp-default-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-guest-kmp-default-debuginfo-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-guest-source-5.1.24-22.1.noarch.rpm virtualbox-guest-tools-5.1.24-22.1.x86_64.rpm virtualbox-guest-tools-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-guest-x11-5.1.24-22.1.x86_64.rpm virtualbox-guest-x11-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-host-kmp-default-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-host-kmp-default-debuginfo-5.1.24_k4.4.76_1-22.1.x86_64.rpm virtualbox-host-source-5.1.24-22.1.noarch.rpm virtualbox-qt-5.1.24-22.1.x86_64.rpm virtualbox-qt-debuginfo-5.1.24-22.1.x86_64.rpm virtualbox-vnc-5.1.24-22.1.x86_64.rpm virtualbox-websrv-5.1.24-22.1.x86_64.rpm virtualbox-websrv-debuginfo-5.1.24-22.1.x86_64.rpm openSUSE-2017-831 important openSUSE Leap 42.3 Update This update for libXi fixes the following issues: - many X clients would crash with SIGSEGV on tablet devices or some GTK applications (bsc#1049681) libXi-1.7.5-8.1.src.rpm libXi-debugsource-1.7.5-8.1.i586.rpm libXi-devel-1.7.5-8.1.i586.rpm libXi-devel-32bit-1.7.5-8.1.x86_64.rpm libXi6-1.7.5-8.1.i586.rpm libXi6-32bit-1.7.5-8.1.x86_64.rpm libXi6-debuginfo-1.7.5-8.1.i586.rpm libXi6-debuginfo-32bit-1.7.5-8.1.x86_64.rpm libXi-debugsource-1.7.5-8.1.x86_64.rpm libXi-devel-1.7.5-8.1.x86_64.rpm libXi6-1.7.5-8.1.x86_64.rpm libXi6-debuginfo-1.7.5-8.1.x86_64.rpm openSUSE-2017-839 moderate openSUSE Leap 42.3 Update This update for coolkey provides fixes and enhancements, including: - PK15 support. - Fix CAC card support. - Fix card removal issues. - Add PKCS11 module to p11-kit-32bit. This update was imported from the SUSE:SLE-12:Update update project. coolkey-1.1.0-156.1.i586.rpm coolkey-1.1.0-156.1.src.rpm coolkey-32bit-1.1.0-156.1.x86_64.rpm coolkey-debuginfo-1.1.0-156.1.i586.rpm coolkey-debuginfo-32bit-1.1.0-156.1.x86_64.rpm coolkey-debugsource-1.1.0-156.1.i586.rpm coolkey-devel-1.1.0-156.1.i586.rpm coolkey-1.1.0-156.1.x86_64.rpm coolkey-debuginfo-1.1.0-156.1.x86_64.rpm coolkey-debugsource-1.1.0-156.1.x86_64.rpm coolkey-devel-1.1.0-156.1.x86_64.rpm