[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for SUSE Linux Enterprise'
Notification of New SUSE Fixlet Messages
suse-announcements at bigmail.bigfix.com
Sat Mar 27 02:21:41 PST 2010
Fixlet Site - 'Patches for SUSE Linux Enterprise'
Current Version: 313 Published: Sat, 27 Mar 2010 01:38:48 GMT
New Fixlets:
============
***************************************************************
Title: PATCH-12593 - Security update for ethereal - SLES9
Severity: <Unspecified>
Fixlet ID: 1259301
Fixlet Link: http://download.novell.com/Download?buildid=oDSA_yifhmM~
Fixlet Description: This update of ethereal fixes: CVE-2010-0304: Several buffer overflows in the LWRES dissector. Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-12597 - Security update for squid - SLES9
Severity: <Unspecified>
Fixlet ID: 1259701
Fixlet Link: http://download.novell.com/Download?buildid=RmIyFRMvHms~
Fixlet Description: The following vulnerabilities have been fixed in squid: CVE-2009-2855: DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031501 - Security update for OpenOffice_org - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1003150101
Fixlet Link: http://download.novell.com/Download?buildid=DRRtHAfR_6Q~
Fixlet Description: This update of OpenOffice_org includes fixes for the following vulnerabilities: CVE-2009-0217: XML signature weakness CVE-2009-2949: XPM Import Integer Overflow CVE-2009-2950: GIF Import Heap Overflow CVE-2009-3301: MS Word sprmTDefTable Memory Corruption CVE-2009-3302: MS Word sprmTDefTable Memory Corruption CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. This also provides the maintenance update to OpenOffice. org-3.2. Details about all upstream changes can be found at http://development. openoffice. org/releases/3.2.0. html The Novell changes are: updated ooo-build to version 3.2.0.7 (3.2 bugfix release): Calc bits: modified date reset to '0' (bnc#581634) l10n: duplicate formula names in Spanish localization (i#109407) removed broken Danish extra localizations sources; fixed function names in Calc (bnc#549027) updated ooo-build to version 3.2.0.6 (3.2 bugfix release): Common bits: exception handling in SVG import Impress bits: mis-detection of cloned displays (bnc#578730, bnc#551391) OOXML bits: image wrapping in DOCX import numbering in DOCX import (bnc#580106) l10n: updated Hungarian translation new strings from SLED11-SP1 translators applying extra SDF files (i#109378) really localize the layout dialogs (deb#570378) localize Vendor in the Windows installer (bnc#571489) fixed mis-detection of cloned displays in slideshow; caused many troubles on FOSDEM 2010 (bnc#578730) maintenance update for SLED10-SP2 (bnc#577873, MaintenanceTracker-29597) ooo-build-3.2.0.5 == 3.2-rc5 == final updated to the milestone ooo320-m12 (3.2-rc5) updated ooo-build to version 3.2.0.5 (3.2-rc5): Common bits: vcl's grey palette init x86_64 bridge fixes (i#98028, bnc#575704) not-properly initialized paradepth in svdfppt. cxx decode URI escapes in subject when sending E-mail (bnc#575653) various GNOME quickstarter fixes (i#108918, bnc#575555) decode URI escapes in subject when sending E-mail (bnc#575653) Base bits: ReportBuilder crasher (i#108914, bnc#575698) Calc bits: better formula variable separator config check (bnc#556142) Impress bits: avoid looping in draw/impress BadMatch crasher during slideshow (i#107763) l10n bits: Spanish accelerators fix (i#102645) build bits: look for moc in QT4DIR first updated to the milestone ooo320-m11 (3.2-rc4) updated ooo-build to version 3.2.0.4 (3.2-rc4): Common bits: valgrind warnings increase the default java stack size to 1MB (bnc#572372) Calc bits: CSV dialog parameters storing (i#108645) hidden rows heights XLS export (bnc#573938) pagenation when printing selected cells (bnc#569328) drilling down on field member crasher (i#103347, bnc#573456) Write bits: bullets RTF export (bnc#569266) create style via API (i#108426) VBA bits: library location so VBA services work for Windows l10n bits: Spanish translations fix build bits: presenter screen extension build localize framework improvements updated to the milestone ooo320-m9 updated ooo-build to version 3.2.0.2 (3.2-rc2): performance: faster XLSX export (bnc#558577) Common bits: fixes from valgrind test SVG import crasher (bnc#560255) AFM parser crasher (bnc#535485) Base bits: Table wizard does not start (i#107917) [upstream, Rene] Calc bits: correctly query last flagged row (bnc#568146) error when saving ODS document as XLSX (bnc#566581) dis-joint ranges highlighting while in chart mode (bnc#568016) Writer bits: fields DOC import crasher (bnc#569348) KDE4 bits: override existing files multiple auto-extension checkboxes 3rd party plugin should not cause crash (bnc#548354) VBA bits: 'exe' checkbox under Load/Save|VBA Properties options updated to the milestone ooo320-m8 updated ooo-build to version 3.2.0.1 (3.2-rc1): performance: DBF import performance by 75% (bnc#558505) string intern optimization for PC 850 code pages do not load any VBA crap from non MSO documents do not always load presenter screen (i#107568) Common bits: layout dialogs crashers few WMF/EMF+ import fixes [upstream, Radek] file read from sftp-folder (bnc#465102) pasting from Firefox crashers (bnc#553819) unnecessary exceptions in sfx2 (i#107512) better wording of the always save option check box saving when locking is not supported (bnc#560877, i#107511) Calc bits: Lotus import crasher (bnc#565184) connector styles XLS import (bnc#559393) minor bugs in datapilot ODS import/export line count of move-copy sheet dialog (bnc#559438) random ListBox::CalcMinimumSize() results (bnc#557230) support XLSX export for more that 65536 rows (bnc#504623) conflict between formula and decimal separators (bnc#556142) number of the sheet in the "Insert Sheet" dialog (bnc#559445) Writer bits: image position in DOC import update table format when pasting a value (bnc#564789) VBA bits: macro properties fixup (bnc#566030) listindex, radiobutton, listbox events (bnc#560355, bnc#561639) updated to the milestone ooo320-m7 updated ooo-build to version 3.1.99.4 (3.2-beta4): features: support ooo320-m6 support iceape/icedove/iceweasel in open-url add option for the save icon behavior (bnc#556125) speed up: filtering performance in presence of cell notes (bnc#556927) Common bits: French autocorrection improvements fullscreen WM hints (bnc#551402) work with odf-converter again (bnc#557368) un-set Cairo font options crasher (i#59127) find the moved help when registering extension (i#107283) [ab, Petr] Calc bits: filter removing crasher (bnc#558564) percent format getting unlimited precision (bnc#555889) return correct flag value from R1C1 parser (bnc#557475) incorrect range separator for disjoint ranges (bnc#556268) TAB key to auto-complete word and move cell cursor (i#18748) incorrect XLS import of sheet protection options (bnc#542024) Writer bits: OLE objects DOC import (bnc#557965) returning from writer fullscreen mode crasher (i#107248) OOXML bits: regression on image DOCX import sections DOCX import crasher (bnc#548701) temporary make the XLSX export a separate library wrong type and position of connector shape in XLSX import (bnc#549331) VBA bits: late document event crasher (bnc#558907) mappings between imported local names and orig excel name l10n bits: Hungarian fixes updated ooo-build translation from the openSUSE community used the renamed "gu" instead of "gu-IN" lang code; kept the package name to keep the backward compatibility updated to the milestone ooo320-m5 updated ooo-build to version 3.1.99.3 (3.2-beta3): speed up: bunch of useless flush calls in rdb code page break update and printing performance (bnc#554955) row's hidden state lookup during pagenation (bnc#554955) Common bits: better document status icon in the status bar Calc bits: more on flat_segment_tree implementation better icons in the datapilot popup window datapilot position in XLS export/import (i#106583) storing custom display names for datapilot tables (i#106975) Draw bits: malformed Bezier curve printing (bnc#553219) more on custom shapes gradient color (bnc#485637) VBA bits: more Writer VBA API more on sheet protection event helper crasher (bnc#438606) find fails to wrap search when it fails (bnc#554261) added define use_xulrunner191 that would allow to use xulrunner191 on SLED11-SP1 (bnc#540726) added check to avoid error message about missing writer2latex extension (bnc#529914) fixed en_US test build; --with-lang must be called with empty string now updated to the milestone ooo320-m4 updated ooo-build to version 3.1.99.2 (3.2-beta2): speed up: do not call `uname` during start (i#106891) Common bits: broken find&search dialog (bnc#552450) broken colors in PDF export (i#106523) erasing elements in toolkit layout code (i#106575) Calc bits: more on automatic adjusting decimal numbers (bnc#541973) disable paste mode when the input mode is active (i#102456) rot. text + border in XLS import (i#38709, bnc#549728) Writer bits: recorded changes editing (bnc#545815) image size DOC export (bnc#554549, i#59648) background color and bullet indentation DOC import (bnc#547308) OOXML bits: more on shapes DOCX import VBA bits: control name override logic selection reset after paste combobox binding data import in userform (bnc#539220) build bits: switch back to the internal saxon (bnc#547157) updated the prebuilt mono cli DLLs updated to the milestone ooo320-m2 updated ooo-build to version 3.1.99.1 (3.2-beta1): features: NLPSolver extension (fate#304653) oooblogger extension (fate#304555) Google Docs and Zoho extension (fate#304577) optional icon themes (i#105062, bnc#529404, bnc#537541) speed up: use stringbuf in SVG export cache fontconfig's pre-match substitution results (bnc#529532) common bits: XML parser crasher opacity SVG import WebDAV locking stuff rework many KDE4 integration fixes set dev-install icons to small ones regression in WMF import (bnc#417818) more on fontconfig/cairofont stuff wrong kerning on Linux (bnc#464436, i#26519) inserting uiconfiguration ( menus/toolbar ) (i#105154) keep locks after saving documents via WebDAV (bnc#464568) better fix for quick-starter unload crasher (i#101245) save non-English file names with KDE4 dialog (deb#536664) driver string action and font object EMF+ import (bnc#519715) prevent multiple window resize when maximised (i#104469) Base bits: UPDATE db record failure (i#104088) Calc bits: selection change and status icon (bnc#548116) range selection for RTL languages (bnc#542684) Force-interpret formula cell results (bnc#540563) check for the General number format type (i#46511) broken SUBTOTAL cell function after undo (bnc#545287) erroneous export of OCX combo box controls (bnc#540566) automatically adjust the number of decimals (bnc#541973) skip filtered cells during search or replace (bnc#539282) unicode strings in external ref URIs (i#103918, i#104166) disable context menu on non-selectable cells (bnc#542024) SHA1 hash algorithm for sheet and doc password by default zero bytes encryption inside cond. formatting (bnc#541058) selection of cells on protected sheets by default (bnc#538559) cell selection handling when cell is being edited (bnc#541269) Draw bits: slides printing page offset (bnc#537931) Impress bits: wrong text bounds missing drag rect on mac PPT import crasher (bnc#546758) bullet size PPT import (bnc#515972) dock presentation minimizer toolbar Writer bits: Non-breaking spaces fixes UNO API related to fields unknown fields DOC import (i#61075, i#89667) allow to add param into form field during import two consecutive text fields in DOC import (bnc#546416) OOXML bits: collapsed paragraphs at the end of the sections DOCX import VML shapes missing and bad sizes in DOCX import (bnc#549300) styles without stylesheet definition DOCX import (bnc#545717) VBA bits: some wae fixes controls visibility (bnc#542132) AutoFilterMode macro (bnc#549383) more on transient imported autotext misc IBM fixes (i#104203, i#103653) support for default member with automation bridge boolean arguments to worksheet functions (bnc#541735) more fixes for automation (bnc#535086, bnc#535087, bnc#535088, bnc#535089) Do While Not "foo"="" " causes date type mismatch (i#105321) IsEmpty RTL function fails with non-object params (bnc#541749) object not cleared when entering new stack frame (bnc#541755) l10n bits: lots fixes Russian and Slovak autocorection update (i#91304) split build: install extensions MIME type icon install startcenter. desktop (bnc#548534) Novell bits: use xulrunner-1.9.1 on openSUSE-11.2 branch configuration for openSUSE-11.2 enable EMFPlus section for SLED10 (bnc#232232) used internal boost on SLED10, openSUSE-10.3, openSUSE-11.0 Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031501 - Dependency Conflict - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1003150102
Fixlet Link: http://download.novell.com/Download?buildid=DRRtHAfR_6Q~
Fixlet Description: Updated OpenOffice packages that addresses a security vulnerability are now available. However, the listed computers have the package "OpenOffice_org-de-templates" installed, less than version "8.2-171.12" which conflicts with this security update. You must uninstall or upgrade this package in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10031502 - Security update for OpenOffice_org - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003150201
Fixlet Link: http://download.novell.com/Download?buildid=QXKJvACPNSc~
Fixlet Description: This update of OpenOffice_org includes fixes for the following vulnerabilities: CVE-2009-0217: XML signature weakness CVE-2009-2949: XPM Import Integer Overflow CVE-2009-2950: GIF Import Heap Overflow CVE-2009-3301: MS Word sprmTDefTable Memory Corruption CVE-2009-3302: MS Word sprmTDefTable Memory Corruption CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. This also provides the maintenance update to OpenOffice. org-3.2. Details about all upstream changes can be found at http://development. openoffice. org/releases/3.2.0. html The Novell changes are: updated ooo-build to version 3.2.0.7 (3.2 bugfix release): Calc bits: modified date reset to '0' (bnc#581634) l10n: duplicate formula names in Spanish localization (i#109407) removed broken Danish extra localizations sources; fixed function names in Calc (bnc#549027) updated ooo-build to version 3.2.0.6 (3.2 bugfix release): Common bits: exception handling in SVG import Impress bits: mis-detection of cloned displays (bnc#578730, bnc#551391) OOXML bits: image wrapping in DOCX import numbering in DOCX import (bnc#580106) l10n: updated Hungarian translation new strings from SLED11-SP1 translators applying extra SDF files (i#109378) really localize the layout dialogs (deb#570378) localize Vendor in the Windows installer (bnc#571489) fixed mis-detection of cloned displays in slideshow; caused many troubles on FOSDEM 2010 (bnc#578730) switched to xulrunner191 (bnc#540726) maintenance update for SLED10-SP3 (bnc#577873, MaintenanceTracker-29597) switched to xulrunner191 (bnc#540726) ooo-build-3.2.0.5 == 3.2-rc5 == final updated to the milestone ooo320-m12 (3.2-rc5) updated ooo-build to version 3.2.0.5 (3.2-rc5): Common bits: vcl's grey palette init x86_64 bridge fixes (i#98028, bnc#575704) not-properly initialized paradepth in svdfppt. cxx decode URI escapes in subject when sending E-mail (bnc#575653) various GNOME quickstarter fixes (i#108918, bnc#575555) decode URI escapes in subject when sending E-mail (bnc#575653) Base bits: ReportBuilder crasher (i#108914, bnc#575698) Calc bits: better formula variable separator config check (bnc#556142) Impress bits: avoid looping in draw/impress BadMatch crasher during slideshow (i#107763) l10n bits: Spanish accelerators fix (i#102645) build bits: look for moc in QT4DIR first updated to the milestone ooo320-m11 (3.2-rc4) updated ooo-build to version 3.2.0.4 (3.2-rc4): Common bits: valgrind warnings increase the default java stack size to 1MB (bnc#572372) Calc bits: CSV dialog parameters storing (i#108645) hidden rows heights XLS export (bnc#573938) pagenation when printing selected cells (bnc#569328) drilling down on field member crasher (i#103347, bnc#573456) Write bits: bullets RTF export (bnc#569266) create style via API (i#108426) VBA bits: library location so VBA services work for Windows l10n bits: Spanish translations fix build bits: presenter screen extension build localize framework improvements updated to the milestone ooo320-m9 updated ooo-build to version 3.2.0.2 (3.2-rc2): performance: faster XLSX export (bnc#558577) Common bits: fixes from valgrind test SVG import crasher (bnc#560255) AFM parser crasher (bnc#535485) Base bits: Table wizard does not start (i#107917) [upstream, Rene] Calc bits: correctly query last flagged row (bnc#568146) error when saving ODS document as XLSX (bnc#566581) dis-joint ranges highlighting while in chart mode (bnc#568016) Writer bits: fields DOC import crasher (bnc#569348) KDE4 bits: override existing files multiple auto-extension checkboxes 3rd party plugin should not cause crash (bnc#548354) VBA bits: 'exe' checkbox under Load/Save|VBA Properties options updated to the milestone ooo320-m8 updated ooo-build to version 3.2.0.1 (3.2-rc1): performance: DBF import performance by 75% (bnc#558505) string intern optimization for PC 850 code pages do not load any VBA crap from non MSO documents do not always load presenter screen (i#107568) Common bits: layout dialogs crashers few WMF/EMF+ import fixes [upstream, Radek] file read from sftp-folder (bnc#465102) pasting from Firefox crashers (bnc#553819) unnecessary exceptions in sfx2 (i#107512) better wording of the always save option check box saving when locking is not supported (bnc#560877, i#107511) Calc bits: Lotus import crasher (bnc#565184) connector styles XLS import (bnc#559393) minor bugs in datapilot ODS import/export line count of move-copy sheet dialog (bnc#559438) random ListBox::CalcMinimumSize() results (bnc#557230) support XLSX export for more that 65536 rows (bnc#504623) conflict between formula and decimal separators (bnc#556142) number of the sheet in the "Insert Sheet" dialog (bnc#559445) Writer bits: image position in DOC import update table format when pasting a value (bnc#564789) VBA bits: macro properties fixup (bnc#566030) listindex, radiobutton, listbox events (bnc#560355, bnc#561639) updated to the milestone ooo320-m7 updated ooo-build to version 3.1.99.4 (3.2-beta4): features: support ooo320-m6 support iceape/icedove/iceweasel in open-url add option for the save icon behavior (bnc#556125) speed up: filtering performance in presence of cell notes (bnc#556927) Common bits: French autocorrection improvements fullscreen WM hints (bnc#551402) work with odf-converter again (bnc#557368) un-set Cairo font options crasher (i#59127) find the moved help when registering extension (i#107283) [ab, Petr] Calc bits: filter removing crasher (bnc#558564) percent format getting unlimited precision (bnc#555889) return correct flag value from R1C1 parser (bnc#557475) incorrect range separator for disjoint ranges (bnc#556268) TAB key to auto-complete word and move cell cursor (i#18748) incorrect XLS import of sheet protection options (bnc#542024) Writer bits: OLE objects DOC import (bnc#557965) returning from writer fullscreen mode crasher (i#107248) OOXML bits: regression on image DOCX import sections DOCX import crasher (bnc#548701) temporary make the XLSX export a separate library wrong type and position of connector shape in XLSX import (bnc#549331) VBA bits: late document event crasher (bnc#558907) mappings between imported local names and orig excel name l10n bits: Hungarian fixes updated ooo-build translation from the openSUSE community used the renamed "gu" instead of "gu-IN" lang code; kept the package name to keep the backward compatibility updated to the milestone ooo320-m5 updated ooo-build to version 3.1.99.3 (3.2-beta3): speed up: bunch of useless flush calls in rdb code page break update and printing performance (bnc#554955) row's hidden state lookup during pagenation (bnc#554955) Common bits: better document status icon in the status bar Calc bits: more on flat_segment_tree implementation better icons in the datapilot popup window datapilot position in XLS export/import (i#106583) storing custom display names for datapilot tables (i#106975) Draw bits: malformed Bezier curve printing (bnc#553219) more on custom shapes gradient color (bnc#485637) VBA bits: more Writer VBA API more on sheet protection event helper crasher (bnc#438606) find fails to wrap search when it fails (bnc#554261) added define use_xulrunner191 that would allow to use xulrunner191 on SLED11-SP1 (bnc#540726) added check to avoid error message about missing writer2latex extension (bnc#529914) fixed en_US test build; --with-lang must be called with empty string now updated to the milestone ooo320-m4 updated ooo-build to version 3.1.99.2 (3.2-beta2): speed up: do not call `uname` during start (i#106891) Common bits: broken find&search dialog (bnc#552450) broken colors in PDF export (i#106523) erasing elements in toolkit layout code (i#106575) Calc bits: more on automatic adjusting decimal numbers (bnc#541973) disable paste mode when the input mode is active (i#102456) rot. text + border in XLS import (i#38709, bnc#549728) Writer bits: recorded changes editing (bnc#545815) image size DOC export (bnc#554549, i#59648) background color and bullet indentation DOC import (bnc#547308) OOXML bits: more on shapes DOCX import VBA bits: control name override logic selection reset after paste combobox binding data import in userform (bnc#539220) build bits: switch back to the internal saxon (bnc#547157) updated the prebuilt mono cli DLLs updated to the milestone ooo320-m2 updated ooo-build to version 3.1.99.1 (3.2-beta1): features: NLPSolver extension (fate#304653) oooblogger extension (fate#304555) Google Docs and Zoho extension (fate#304577) optional icon themes (i#105062, bnc#529404, bnc#537541) speed up: use stringbuf in SVG export cache fontconfig's pre-match substitution results (bnc#529532) common bits: XML parser crasher opacity SVG import WebDAV locking stuff rework many KDE4 integration fixes set dev-install icons to small ones regression in WMF import (bnc#417818) more on fontconfig/cairofont stuff wrong kerning on Linux (bnc#464436, i#26519) inserting uiconfiguration ( menus/toolbar ) (i#105154) keep locks after saving documents via WebDAV (bnc#464568) better fix for quick-starter unload crasher (i#101245) save non-English file names with KDE4 dialog (deb#536664) driver string action and font object EMF+ import (bnc#519715) prevent multiple window resize when maximised (i#104469) Base bits: UPDATE db record failure (i#104088) Calc bits: selection change and status icon (bnc#548116) range selection for RTL languages (bnc#542684) Force-interpret formula cell results (bnc#540563) check for the General number format type (i#46511) broken SUBTOTAL cell function after undo (bnc#545287) erroneous export of OCX combo box controls (bnc#540566) automatically adjust the number of decimals (bnc#541973) skip filtered cells during search or replace (bnc#539282) unicode strings in external ref URIs (i#103918, i#104166) disable context menu on non-selectable cells (bnc#542024) SHA1 hash algorithm for sheet and doc password by default zero bytes encryption inside cond. formatting (bnc#541058) selection of cells on protected sheets by default (bnc#538559) cell selection handling when cell is being edited (bnc#541269) Draw bits: slides printing page offset (bnc#537931) Impress bits: wrong text bounds missing drag rect on mac PPT import crasher (bnc#546758) bullet size PPT import (bnc#515972) dock presentation minimizer toolbar Writer bits: Non-breaking spaces fixes UNO API related to fields unknown fields DOC import (i#61075, i#89667) allow to add param into form field during import two consecutive text fields in DOC import (bnc#546416) OOXML bits: collapsed paragraphs at the end of the sections DOCX import VML shapes missing and bad sizes in DOCX import (bnc#549300) styles without stylesheet definition DOCX import (bnc#545717) VBA bits: some wae fixes controls visibility (bnc#542132) AutoFilterMode macro (bnc#549383) more on transient imported autotext misc IBM fixes (i#104203, i#103653) support for default member with automation bridge boolean arguments to worksheet functions (bnc#541735) more fixes for automation (bnc#535086, bnc#535087, bnc#535088, bnc#535089) Do While Not "foo"="" " causes date type mismatch (i#105321) IsEmpty RTL function fails with non-object params (bnc#541749) object not cleared when entering new stack frame (bnc#541755) l10n bits: lots fixes Russian and Slovak autocorrection update (i#91304) split build: install extensions MIME type icon install startcenter. desktop (bnc#548534) Novell bits: use xulrunner-1.9.1 on openSUSE-11.2 branch configuration for openSUSE-11.2 enable EMFPlus section for SLED10 (bnc#232232) used internal boost on SLED10, openSUSE-10.3, openSUSE-11.0 Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031502 - Dependency Conflicts - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003150202
Fixlet Link: http://download.novell.com/Download?buildid=QXKJvACPNSc~
Fixlet Description: Updated OpenOffice packages that addresses a security vulnerability are now available. However, the listed computers have the any of the packages "OpenOffice_org-el", OpenOffice_org-en-GB, or OpenOffice_org-ko installed, less than version "3.2-0.5.2" which conflicts with this security update. You must uninstall or upgrade these packages in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10031602 - Security update for ethereal - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003160201
Fixlet Link: http://download.novell.com/Download?buildid=_ZXVxJFo094~
Fixlet Description: This update of ethereal fixes: CVE-2010-0304: Several buffer overflows in the LWRES dissector. Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031602 - Security update for ethereal - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1003160203
Fixlet Link: http://download.novell.com/Download?buildid=A_a-AOtTQIk~
Fixlet Description: This update of ethereal fixes: CVE-2010-0304: Several buffer overflows in the LWRES dissector. Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031703 - Security update for cron - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003170301
Fixlet Link: http://download.novell.com/Download?buildid=BjpHtsj827U~
Fixlet Description: This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups() is verified now. Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031703 - Security update for cron - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1003170303
Fixlet Link: http://download.novell.com/Download?buildid=vVziO25sB8Q~
Fixlet Description: This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups() is verified now. Please update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031704 - Security update for MySQL - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003170401
Fixlet Link: http://download.novell.com/Download?buildid=vjH9zMlmyRk~
Fixlet Description: This update fixes various security issues (bnc#557669): upstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow (CVE-2009-4484) Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10031704 - Security update for MySQL - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1003170403
Fixlet Link: http://download.novell.com/Download?buildid=R54I09jZvF4~
Fixlet Description: This update fixes various security issues (bnc#557669): upstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow (CVE-2009-4484) Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10032201 - Security update for squid - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1003220101
Fixlet Link: http://download.novell.com/Download?buildid=ddesbrRqh5w~
Fixlet Description: The following vulnerabilities have been fixed in squid: CVE-2009-2855: DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10032201 - Security update for squid - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1003220103
Fixlet Link: http://download.novell.com/Download?buildid=wJKgGED1kAA~
Fixlet Description: The following vulnerabilities have been fixed in squid: CVE-2009-2855: DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10032202 - Security update for squid - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1003220201
Fixlet Link: http://download.novell.com/Download?buildid=nZIDqqvzI8o~
Fixlet Description: The following vulnerabilities have been fixed in squid: CVE-2009-2855: DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10032202 - Security update for squid - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1003220203
Fixlet Link: http://download.novell.com/Download?buildid=DorzxDjLgPU~
Fixlet Description: The following vulnerabilities have been fixed in squid: CVE-2009-2855: DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header Everyone should update. Please see patch page for more detailed information.
More information about the SUSE-Announcements
mailing list