[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for SUSE Linux Enterprise'
Notification of New SUSE Fixlet Messages
suse-announcements at bigmail.bigfix.com
Wed Jun 23 03:10:10 PDT 2010
Fixlet Site - 'Patches for SUSE Linux Enterprise'
Current Version: 330 Published: Tue, 22 Jun 2010 20:53:25 GMT
New Fixlets:
============
***************************************************************
Title: PATCH-12591 - Security update for xmlrpc-c - SLES9
Severity: <Unspecified>
Fixlet ID: 1259101
Fixlet Link: http://download.novell.com/Download?buildid=KqKJnZfXkGA~
Fixlet Description: This update of libxmlrpc is not vulnerable to denial of service bugs that can occur while processing malformed XML input. CVE-2009-2625: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2009-3720: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Insufficient Information (CWE-noinfo) CVE-2009-3560: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) Everyone should update. Please see patch page for more detailed information.
More information about the SUSE-Announcements
mailing list