Recommended update for webyast-base

Announcement ID: SUSE-RU-2017:0200-1
Rating: moderate
References:
Affected Products:
  • SLES for SAP Applications 11-SP4
  • SUSE Studio Onsite 1.3
  • WebYaST for SLE-11 1.3

An update that has one fix can now be installed.

Description:

This update for webyast-base provides the following fixes:

  • Tell the browser that it must not allow embedding this page to another page via an IFRAME, preventing Clickjacking attacks. (bsc#981769)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Studio Onsite 1.3
    zypper in -t patch slestso13-webyast-base-12946=1
  • WebYaST for SLE-11 1.3
    zypper in -t patch slewyst13-webyast-base-12946=1
  • SLES for SAP Applications 11-SP4
    zypper in -t patch slewyst13-webyast-base-12946=1

Package List:

  • SUSE Studio Onsite 1.3 (x86_64)
    • rubygem-devise-i18n-0.5.7-3.1
    • rubygem-orm_adapter-0.0.7-3.1
    • rubygem-devise_unix2_chkpwd_authenticatable-0.4.2-3.2
    • rubygem-warden-1.1.0-3.1
    • rubygem-cancan-1.6.7-3.1
    • rubygem-webyast-rake-tasks-0.3.6-0.5.8
    • rubygem-devise-1.5.3-3.3
    • rubygem-ruby-dbus-0.7.2-3.1
    • rubygem-haml-3.1.6-0.9.4.3
  • SUSE Studio Onsite 1.3 (noarch)
    • webyast-base-0.3.43.3-7.20
    • webyast-base-branding-default-0.3.43.3-7.20
  • WebYaST for SLE-11 1.3 (s390x x86_64 i586 ppc64 ia64)
    • rubygem-devise-i18n-0.5.7-3.1
    • rubygem-orm_adapter-0.0.7-3.1
    • rubygem-devise_unix2_chkpwd_authenticatable-0.4.2-3.2
    • rubygem-warden-1.1.0-3.1
    • rubygem-cancan-1.6.7-3.1
    • rubygem-webyast-rake-tasks-0.3.6-0.5.8
    • rubygem-devise-1.5.3-3.3
    • rubygem-ruby-dbus-0.7.2-3.1
    • rubygem-haml-3.1.6-0.9.4.3
  • WebYaST for SLE-11 1.3 (noarch)
    • webyast-base-0.3.43.3-7.20
    • webyast-base-branding-default-0.3.43.3-7.20
  • SLES for SAP Applications 11-SP4 (ppc64 x86_64)
    • rubygem-devise-i18n-0.5.7-3.1
    • rubygem-orm_adapter-0.0.7-3.1
    • rubygem-devise_unix2_chkpwd_authenticatable-0.4.2-3.2
    • rubygem-warden-1.1.0-3.1
    • rubygem-cancan-1.6.7-3.1
    • rubygem-webyast-rake-tasks-0.3.6-0.5.8
    • rubygem-devise-1.5.3-3.3
    • rubygem-ruby-dbus-0.7.2-3.1
    • rubygem-haml-3.1.6-0.9.4.3
  • SLES for SAP Applications 11-SP4 (noarch)
    • webyast-base-0.3.43.3-7.20
    • webyast-base-branding-default-0.3.43.3-7.20

References: