PDA

Afficher la version complète : Mise a jour de sécurité Opera et Thunar



jluce
20/05/2011, 14h15
Opera

openSUSE Security Update: opera security update
__________________________________________________ ____________________________

Announcement ID: openSUSE-SU-2011:0517-1
Rating: important
References: #694567
Affected Products:
openSUSE 11.4
openSUSE 11.3
__________________________________________________ ____________________________

An update that contains security fixes can now be
installed. It includes one version update.

Description:

opera 11.11 fixes a security vulnerability. Citing
http://www.opera.com/support/kb/view/992/:

Framesets allow web pages to hold other pages inside them.
Certain frameset constructs are not handled correctly when
the page is unloaded, causing a memory corruption. To
inject code, additional techniques will have to be employed.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch opera-4588

- openSUSE 11.3:

zypper in -t patch opera-4588

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64) [New Version: 11.11]:

opera-11.11-1.2.1

- openSUSE 11.3 (i586 x86_64) [New Version: 11.11]:

opera-11.11-1.2.1
opera-gtk-11.11-1.2.1
opera-kde4-11.11-1.2.1


References:

https://bugzilla.novell.com/694567

Thunar

openSUSE Security Update: thunar security update
__________________________________________________ ____________________________

Announcement ID: openSUSE-SU-2011:0518-1
Rating: moderate
References: #687874
Cross-References: CVE-2011-1588
Affected Products:
openSUSE 11.4
__________________________________________________ ____________________________

An update that fixes one vulnerability is now available.

Description:

Due to a format string error thunar could crash when
copy&pasting a file name with format characters
(CVE-2011-1588).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch libthunarx-2-0-4590

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

libthunarx-2-0-1.3.0-1.4.1
thunar-1.3.0-1.4.1
thunar-devel-1.3.0-1.4.1

- openSUSE 11.4 (noarch):

thunar-devel-doc-1.3.0-1.4.1
thunar-doc-1.3.0-1.4.1
thunar-lang-1.3.0-1.4.1


References:

http://support.novell.com/security/cve/CVE-2011-1588.html
https://bugzilla.novell.com/687874