[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for SUSE Linux Enterprise'
Notification of New SUSE Fixlet Messages
suse-announcements at bigmail.bigfix.com
Wed Feb 24 03:11:03 PST 2010
Fixlet Site - 'Patches for SUSE Linux Enterprise'
Current Version: 302 Published: Tue, 23 Feb 2010 19:52:50 GMT
New Fixlets:
============
***************************************************************
Title: PATCH-B10022201 - Security update for PHP5 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1002220101
Fixlet Link: http://download.novell.com/Download?buildid=YJvf14gZWxg~
Fixlet Description: This update of PHP5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10022202 - Security update for PHP5 - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1002220203
Fixlet Link: http://download.novell.com/Download?buildid=0fL4Qjxe9oU~
Fixlet Description: This update of PHP5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) Please update. Please see patch page for more detailed information.
More information about the SUSE-Announcements
mailing list