SuSE releases critical patches

By Dawn Kawamoto
Staff Writer, CNET News

Print
E-mail
Share

Related Stories: Linux groups patch image flaw
December 8, 2004; More flaws foul security of open-source repository
June 9, 2004

Novell's SuSE has released a number of "highly critical" patches, according to a report released Monday.

The patches are designed to address vulnerabilities that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.

The vulnerabilities were found in SuSE' eMail Server 3.x, Linux Database Server, Linux Enterprise Server 9 and Linux Office Server.

One issue that particularly concerns Secunia is SuSE's method of sending out weekly scheduled patches.

"SuSE started a new policy of bundling their updates, so that creates some confusion over what is highly critical and needs to be addressed first," said Thomas Kristensen, Secunia's chief technology officer. "Microsoft has scheduled updates too, but there is one patch for one product. SuSE bundles in multiple patches for multiple products."

SuSE could not be immediately reached for comment.

Last month, SuSE, along with several other Linux companies, issued patches for several vulnerabilities. In the case of SuSE, the software seller issued updates to resolve a vulnerability that could allow malicious code to create a local denial-of-service attack using a specially created Acrobat document.

See more CNET content tagged:
SuSE, patch management, Novell Inc., denial of service, vulnerability

Add a Comment (Log in or register) 3 comments

False Info?

by February 9, 2005 9:10 AM PST

It would appear that you are misleading your readers about the SuSE patch procedure. If you have a legal registered copy of SuSE Linux, then you get a notification of each patch as it is released, and the severity of the patch is listed within the patch notification. If you're using a pirated copy, or haven't registered, then you are limited to the weekly e-mail which comes out on the SuSE Security mailing list. So was the author of this article using an illegal copy, or just an unregistered copy?

Reply to this comment

weekly e-mail
by ca_forums May 9, 2007 5:06 PM PDT: http://www.analogstereo.com/chevrolet_blazer_owners_manual.htm

These types of vulnerabilities sound vaguely familiar
by ejhonda February 16, 2005 1:53 PM PST: Let's see - Windows OS has been plagued by these same holes, and we're supposed to be magically protected by switching to Linux? Seems to me that argument just got blown full of "holes"...

Linux certainly has its benefits, but infallability isn't one of them.; Reply to this comment

Latest tech news headlines

Conde Nast to shutter teen site Flip.com
Posted in News - Digital Media by Steven Musil

December 2, 2008 9:00 PM PST
Apple deletes Mac antivirus suggestion
Posted in News - Security by Elinor Mills

December 2, 2008 6:40 PM PST
Music and browsing take flight in Songbird
Posted in The Download Blog by Seth Rosenblatt

December 2, 2008 6:03 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Novell (0.00%) 0.00 4.18; Dow Jones Industrials (3.31%) 270.00 8,419.09; S&P 500 (3.99%) 32.60 848.81; NASDAQ (3.70%) 51.73 1,449.80; CNET TECH (3.64%) 36.93 1,051.13

Inside CNET News

Scroll Left Scroll Right

Business Tech
IPOs a thing of the past?
At AlwaysOn Venture Summit West conference, investment bankers, venture capitalists, and private equity players weigh in on the prognosis for the IPO market.
Gallery
Photos: Space station marks a decade aloft
The first pieces of the International Space Station went into orbit 10 years ago. Now a full-fledged lab facility, it continues to grow.
Security
Apple deletes Mac antivirus suggestion
Apple removes statement to customers urging them to use antivirus software, saying that Macs are safe "out of the box."
Beyond Binary
Microsoft expands Vista SP2 testing
Starting on Thursday, the software maker will make public a test version of the service pack update to Vista.
Video
A toast to online wine
Digital Media
Conde Nast to shutter teen site Flip.com
The teenage girl social-networking site plans to shut down on December 16, according to an e-mail sent to users.
Video
Wi-Fi while you fly
Gaming and Culture
From Cy Young to video game fame
Tim Lincecum, one of the best pitchers in baseball, was chosen to be the cover athlete for 2K Sports' next baseball game. On Tuesday, he did a motion-capture session for the game.
Green Tech
Ta ta, Tesla
Are the Valley-based VCs and big-wigs who back Tesla Motors really serious about asking the federal government for low-interest loans?
Gallery
Photos: Top-rated reviews of the week
Here are a few of CNET Reviews' favorite items from the past week, including Adobe suites, laptop bags, and a Panasonic flat panel TV.
Crave
HTC focuses on phone design; acquires One & Company Design, Inc.
Looking to concentrate on design, smartphone manufacturer HTC acquires San Francisco-based design firm, One & Company Design, to help create its future devices.
Green Tech
Ford accelerates electric-vehicle plans
In its turnaround plan presented to Congress, Ford says it will invest billions in fuel efficiency and introduce a family of hybrid-electric and all-electric cars.