Ispravljeni su višestruki sigurnosni nedostaci aplikacije Suse Studio Onsite i paketa kiwi koje je udaljeni napadač mogao iskoristiti za umetanje HTML i skriptnog koda, te izvršavanje proizvoljnog programskog koda.

   SUSE Security Update: Security update for SUSE Studio Onsite 1.2 and kiwi
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1324-1
Rating:             critical
References:         #705694 #707637 #709572 #710392 #710403 #714755 
                    #716992 #725445 #725466 #725706 #728934 #729204 
                    #729273 #729315 #729675 
Cross-References:   CVE-2011-2225 CVE-2011-2226 CVE-2011-3180
                    CVE-2011-4192 CVE-2011-4193 CVE-2011-4195
                   
Affected Products:
                    SUSE Studio Onsite 1.2
                    SUSE Studio Extension for System z 1.2
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 9 fixes is
   now available. It includes two new package versions.

Description:


   Fix for several vulnerabilities in SUSE Studio Onsite 1.2
   and kiwi:

   * CVE-2011-2225: The path of overlay files was not
   escaped which allowed shell meta character injection.
   * CVE-2011-2226: By using an untrusted software
   repository a user becomes vulnerable to a XSS attack when
   displaying pattern files (clicking "All patterns" in the
   software tab).
   * CVE-2011-3180: The path of overlay files was not
   escaped which allowed shell meta character injection via
   the chown(1) command-line. (kiwi)
   * CVE-2011-4195: The image name was not escaped
   properly and can be used in conjunction with other
   applications to execute arbitrary shell commands. (kiwi)
   * CVE-2011-4193: XSS vulnerability in "overlay files"
   tab can be used to execute arbitrary JavaScript code while
   cloning an appliance from an untrusted source.
   * CVE-2011-4192: Arbitrary shell command injection in
   conjunction with Studio by using double quotes in
   kiwi_oemtitle of .profile. (kiwi)

   In addition, the following non-security fixes were added:

   * Added SLE SDK repos to SLES-for-VMware templates
   * do not overwrite rmds.conf

   Security Issue references:

   * CVE-2011-2225
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2225
   >
   * CVE-2011-2226
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2226
   >
   * CVE-2011-3180
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3180
   >
   * CVE-2011-4195
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4195
   >
   * CVE-2011-4193
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4193
   >
   * CVE-2011-4192
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4192
   >

Indications:

   Please update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Studio Onsite 1.2:

      zypper in -t patch slestso12-susestudio-201112-5535

   - SUSE Studio Extension for System z 1.2:

      zypper in -t patch slestso12-susestudio-201112-5535

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Studio Onsite 1.2 (x86_64) [New Version: 1.2.1 and 4.85.1]:

      kiwi4-4.85.1-0.22.9
      kiwi4-desc-isoboot-4.85.1-0.22.9
      kiwi4-desc-netboot-4.85.1-0.22.9
      kiwi4-desc-oemboot-4.85.1-0.22.9
      kiwi4-desc-vmxboot-4.85.1-0.22.9
      kiwi4-doc-4.85.1-0.22.9
      kiwi4-tools-4.85.1-0.22.9
      susestudio-1.2.1-0.26.1
      susestudio-clicfs-1.2.1-0.26.1
      susestudio-common-1.2.1-0.26.1
      susestudio-image-helpers-1.2.1-0.3.3
      susestudio-parted-1.2.1-0.26.1
      susestudio-rmds-1.2.1-0.26.1
      susestudio-runner-1.2.1-0.26.1
      susestudio-squashfs-1.2.1-0.26.1
      susestudio-thoth-1.2.1-0.26.1
      susestudio-ui-server-1.2.1-0.26.1

   - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 1.2.1 and
4.85.1]:

      kiwi4-4.85.1-0.22.9
      kiwi4-desc-oemboot-4.85.1-0.22.9
      kiwi4-desc-vmxboot-4.85.1-0.22.9
      kiwi4-tools-4.85.1-0.22.9
      susestudio-1.2.1-0.26.1
      susestudio-common-1.2.1-0.26.1
      susestudio-image-helpers-1.2.1-0.3.3
      susestudio-runner-1.2.1-0.26.1
      susestudio-ui-server-1.2.1-0.26.1


References:

   http://support.novell.com/security/cve/CVE-2011-2225.html
   http://support.novell.com/security/cve/CVE-2011-2226.html
   http://support.novell.com/security/cve/CVE-2011-3180.html
   http://support.novell.com/security/cve/CVE-2011-4192.html
   http://support.novell.com/security/cve/CVE-2011-4193.html
   http://support.novell.com/security/cve/CVE-2011-4195.html
   https://bugzilla.novell.com/705694
   https://bugzilla.novell.com/707637
   https://bugzilla.novell.com/709572
   https://bugzilla.novell.com/710392
   https://bugzilla.novell.com/710403
   https://bugzilla.novell.com/714755
   https://bugzilla.novell.com/716992
   https://bugzilla.novell.com/725445
   https://bugzilla.novell.com/725466
   https://bugzilla.novell.com/725706
   https://bugzilla.novell.com/728934
   https://bugzilla.novell.com/729204
   https://bugzilla.novell.com/729273
   https://bugzilla.novell.com/729315
   https://bugzilla.novell.com/729675
  
http://download.novell.com/patch/finder/?keywords=cea13b60fcb37edad0cdb1e1952837e8

-- 
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.