The remote openSUSE host is missing a security update.
The XML signature checker did not impose limits on the minimum length of HMAC signatures in XML documentes. Attackers could therefore specify a length of e.g. 1 to make the signature appear valid and therefore effectively bypass verification of XML documents. (CVE-2009-0217) The WebStart component does not allow to run unsigned code in some cases. (CVE-2009-1896) A NULL pointer dereference was fixed in the LittleCMS component. (CVE-2009-0793)