[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: PatchesforSUSELinuxEnterprise

Notification of New SUSE Fixlet Messages suse-announcements at bigmail.bigfix.com
Sat Dec 12 03:10:06 PST 2009 

Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 281	Published: Fri, 11 Dec 2009 20:23:06  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-B9120701 - Security update for kdelibs3 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 912070101
Fixlet Link: http://download.novell.com/Download?buildid=lfy8kl-GAvw~

Fixlet Description: This update fixes a KDELibs Remote Array Overrun (Arbitrary code execution), CVE-2009-0689 Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120701 - Security update for kdelibs3 - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 912070103
Fixlet Link: http://download.novell.com/Download?buildid=v5XjFOnhSr0~

Fixlet Description: This update fixes a KDELibs Remote Array Overrun (Arbitrary code execution), CVE-2009-0689 Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120801 - Security update for perl-HTML-Parser - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 912080101
Fixlet Link: http://download.novell.com/Download?buildid=w6DEdPDYvxY~

Fixlet Description: Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop (CVE-2009-3627). This has been fixed. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120801 - Security update for perl-HTML-Parser - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 912080103
Fixlet Link: http://download.novell.com/Download?buildid=IxIuu6Ckd9Q~

Fixlet Description: Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop (CVE-2009-3627). This has been fixed. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120802 - Security update for kdelibs3 - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 912080201
Fixlet Link: http://download.novell.com/Download?buildid=JkZZqIY3OX4~

Fixlet Description: This update fixes a KDELibs Remote Array Overrun (Arbitrary code execution), CVE-2009-0689. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120802 - Security update for kdelibs3 - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 912080203
Fixlet Link: http://download.novell.com/Download?buildid=UKRZqmY8gM0~

Fixlet Description: This update fixes a KDELibs Remote Array Overrun (Arbitrary code execution), CVE-2009-0689. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120803 - Security update for perl-HTML-Parser - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 912080301
Fixlet Link: http://download.novell.com/Download?buildid=Q_LYew9Lwx8~

Fixlet Description: Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop (CVE-2009-3627). This has been fixed. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120803 - Security update for perl-HTML-Parser - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 912080303
Fixlet Link: http://download.novell.com/Download?buildid=FdV5i00Ifk0~

Fixlet Description: Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop (CVE-2009-3627). This has been fixed. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120901 - Security update for pidgin - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 912090103
Fixlet Link: http://download.novell.com/Download?buildid=eBSQ5MQSHo0~

Fixlet Description: This update of pidgin fixes the following issues:     CVE-2009-3026: CVSS v2 Base Score: 5.0 Allowed to send confidential data unencrypted even if SSL was chosen by user.  CVE-2009-3025: CVSS v2 Base Score: 4.3 Remote denial of service in yahoo IM plug-in.  CVE-2009-3083: CVSS v2 Base Score: 5.0 Remote denial of service in MSN plug-in.  CVE-2009-3084: CVSS v2 Base Score: 5.0 Remote denial of service in MSN plug-in.  CVE-2009-3085: CVSS v2 Base Score: 5.0 Remote denial of service in XMPP plug-in.  CVE-2009-3615: CVSS v2 Base Score: 5.0 Remote denial of service in ICQ plug-in.  QQ protocol upgrade Migrate all QQ accounts to QQ2008. Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120901 - Dependencies Needed - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 912090104
Fixlet Link: http://download.novell.com/Download?buildid=eBSQ5MQSHo0~

Fixlet Description: Updated pidgin packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater:  mozilla-nss-3.12.3.1-1.4.2.i586.rpm cyrus-sasl-digestmd5-2.1.21-18.4.i586.rpm cyrus-sasl-plain-2.1.21-18.4.i586.rpm

***************************************************************
Title: PATCH-B9120902 - Security update for pidgin - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 912090203
Fixlet Link: http://download.novell.com/Download?buildid=iQqyyWeoN98~

Fixlet Description: This update of pidgin fixes the following issues:     CVE-2009-3026: CVSS v2 Base Score: 5.0 Allowed to send confidential data unencrypted even if SSL was chosen by user.  CVE-2009-3025: CVSS v2 Base Score: 4.3 Remote denial of service in yahoo IM plug-in.  CVE-2009-3083: CVSS v2 Base Score: 5.0 Remote denial of service in MSN plug-in.  CVE-2009-3084: CVSS v2 Base Score: 5.0 Remote denial of service in MSN plug-in.  CVE-2009-3085: CVSS v2 Base Score: 5.0 Remote denial of service in XMPP plug-in.  CVE-2009-3615: CVSS v2 Base Score: 5.0 Remote denial of service in ICQ plug-in.  QQ protocol upgrade Migrate all QQ accounts to QQ2008. Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9120902 - Dependencies Needed - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 912090204
Fixlet Link: http://download.novell.com/Download?buildid=iQqyyWeoN98~

Fixlet Description: Updated pidgin packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater:  cyrus-sasl-digestmd5-2.1.21-18.11.41.i586.rpm cyrus-sasl-plain-2.1.21-18.11.41.i586.rpm

More information about the SUSE-Announcements mailing list