Security update for SUSE Manager client tools

SUSE Security Update: Security update for SUSE Manager client tools
Announcement ID: SUSE-SU-2012:0820-1
Rating: moderate
References: #766148
Affected Products:
  • SLE CLIENT TOOLS 10 for x86_64
  • SLE CLIENT TOOLS 10 for s390x
  • SLE CLIENT TOOLS 10 for ia64
  • SLE CLIENT TOOLS 10 for PPC
  • SLE CLIENT TOOLS 10

  • An update that fixes one vulnerability is now available.

    Description:


    This update for the Client Tools for SUSE Manager fixes the
    following issue:

    * fixed insecure permissions used for
    /var/log/rhncfg-actions file

    Security Issue reference:

    * CVE-2012-2679
    >

    Package List:

    • SLE CLIENT TOOLS 10 for x86_64 (noarch):
    • rhncfg-5.9.33-0.11.1
    • rhncfg-actions-5.9.33-0.11.1
    • rhncfg-client-5.9.33-0.11.1
    • rhncfg-management-5.9.33-0.11.1
    • SLE CLIENT TOOLS 10 for s390x (noarch):
    • rhncfg-5.9.33-0.11.1
    • rhncfg-actions-5.9.33-0.11.1
    • rhncfg-client-5.9.33-0.11.1
    • rhncfg-management-5.9.33-0.11.1
    • SLE CLIENT TOOLS 10 for ia64 (noarch):
    • rhncfg-5.9.33-0.11.1
    • rhncfg-actions-5.9.33-0.11.1
    • rhncfg-client-5.9.33-0.11.1
    • rhncfg-management-5.9.33-0.11.1
    • SLE CLIENT TOOLS 10 for PPC (noarch):
    • rhncfg-5.9.33-0.11.1
    • rhncfg-actions-5.9.33-0.11.1
    • rhncfg-client-5.9.33-0.11.1
    • rhncfg-management-5.9.33-0.11.1
    • SLE CLIENT TOOLS 10 (noarch):
    • rhncfg-5.9.33-0.11.1
    • rhncfg-actions-5.9.33-0.11.1
    • rhncfg-client-5.9.33-0.11.1
    • rhncfg-management-5.9.33-0.11.1

    References:

  • http://support.novell.com/security/cve/CVE-2012-2679.html
  • https://bugzilla.novell.com/766148
  • http://download.suse.com/patch/finder/?keywords=312da6fd636d091671aa5a052e6d18bb