Security update for oracle-update

SUSE Security Update: Security update for oracle-update
Announcement ID: SUSE-SU-2014:0630-1
Rating: moderate
References: #873982
Affected Products:
  • SUSE Manager 1.7 for SLE 11 SP2

  • An update that fixes two vulnerabilities is now available.

    Description:


    This update contains 2 new security fixes for the Oracle
    Database Server.

    * Fixed two security issues with the Oracle Database
    Server (2014/04) (bnc#873982) o CVE-2014-2406 Core RDBMS
    Oracle Net o CVE-2014-2408 Core RDBMS Oracle Net

    http://www.oracle.com/technetwork/topics/security/cpuapr2014
    -1972952.html#AppendixDB
    4-1972952.html#AppendixDB>

    Security Issue references:

    * CVE-2014-2406
    >
    * CVE-2014-2408
    >

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Manager 1.7 for SLE 11 SP2:
      zypper in -t patch sleman17sp2-oracle-update-9148

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Manager 1.7 for SLE 11 SP2 (x86_64):
    • oracle-update-1.7-0.25.1

    References:

    • http://support.novell.com/security/cve/CVE-2014-2406.html
    • http://support.novell.com/security/cve/CVE-2014-2408.html
    • https://bugzilla.novell.com/873982
    • http://download.suse.com/patch/finder/?keywords=b6bfa300835a840de95bfce73e3f83f7