Fixlet Site - PatchesforSUSELinuxEnterprise Current Version: 59 Published: Tue, 21 Aug 2007 21:38:49 GMT *************************************************************** Title: PATCH-11653 - Security update for findutils-locate - SLES9 Severity: Fixlet ID: 1165301 Fixlet Link: http://support.novell.com/techcenter/psdb/2b7ce958bc22c722e60a72673ad2f50b.html Fixlet Description: The cronjob that deletes old core files can be tricked to delete arbitrary files if DELETE_OLD_CORE is set to yes in /etc/sysconfig/cron. (By default, the variable is set to no. ) Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11653 - Security update for findutils-locate - SLED10/SLES10 Severity: Fixlet ID: 1165303 Fixlet Link: http://support.novell.com/techcenter/psdb/2b7ce958bc22c722e60a72673ad2f50b.html Fixlet Description: The cronjob that deletes old core files can be tricked to delete arbitrary files if DELETE_OLD_CORE is set to yes in /etc/sysconfig/cron. (By default, the variable is set to no. ) Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11690 - Security update for rsync - SLES9 Severity: Fixlet ID: 1169001 Fixlet Link: http://support.novell.com/techcenter/psdb/3e5d0b448dcfa1c79607fd3bf6cf58f4.html Fixlet Description: Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11690 - Security update for rsync - SLED10/SLES10 Severity: Fixlet ID: 1169003 Fixlet Link: http://support.novell.com/techcenter/psdb/3e5d0b448dcfa1c79607fd3bf6cf58f4.html Fixlet Description: Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11696 - Security update for tcpdump - SLES9 Severity: Fixlet ID: 1169601 Fixlet Link: http://support.novell.com/techcenter/psdb/cb0a4294e031a1d8cbe15085dd6e88eb.html Fixlet Description: A buffer overflow has been found in tcpdump which can be triggered while displaying BGP packets. This could be exploited by an attacker to execute malicious code under the privileges of the user running tcpdump by presenting specially prepared BGP packets to tcpdump. Everyone using tcpdump should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11696 - Security update for tcpdump - SLED10/SLES10 Severity: Fixlet ID: 1169603 Fixlet Link: http://support.novell.com/techcenter/psdb/cb0a4294e031a1d8cbe15085dd6e88eb.html Fixlet Description: A buffer overflow has been found in tcpdump which can be triggered while displaying BGP packets. This could be exploited by an attacker to execute malicious code under the privileges of the user running tcpdump by presenting specially prepared BGP packets to tcpdump. This issue is tracked by CVE-2007-3798. Everyone using tcpdump should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11700 - Security update for cups - SLES9 Severity: Fixlet ID: 1170001 Fixlet Link: http://support.novell.com/techcenter/psdb/16009a293ca600db0c864de5b3fab847.html Fixlet Description: A buffer overflow in the xpdf code contained in cups has been found which could be exploited by attackers to potentially execute arbitrary code. Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11700 - Security update for cups - SLED10/SLES10 Severity: Fixlet ID: 1170003 Fixlet Link: http://support.novell.com/techcenter/psdb/16009a293ca600db0c864de5b3fab847.html Fixlet Description: A buffer overflow in the xpdf code contained in cups has been found which could be exploited by attackers to potentially execute arbitrary code (CVE-2007-3387). Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11700 - Dependencies Needed - SLED10/SLES10 Severity: Fixlet ID: 1170005 Fixlet Link: http://support.novell.com/techcenter/psdb/16009a293ca600db0c864de5b3fab847.html Fixlet Description: New cups packages are now available. However, this update requires that the package "libgcc-4.1" be installed and at least version "4.1.2_20070115-0.2". *************************************************************** Title: PATCH-11701 - Security update for netpbm - SLES9 Severity: Fixlet ID: 1170101 Fixlet Link: http://support.novell.com/techcenter/psdb/11d0803c9aa25e3642eea1e4de33d20d.html Fixlet Description: Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11702 - Security update for perl-Net-DNS - SLES9 Severity: Fixlet ID: 1170201 Fixlet Link: http://support.novell.com/techcenter/psdb/a7dbc8f043cc91ce48289ac7a197a582.html Fixlet Description: perl-Net-DNS uses sequential IDs for DNS lookups which could cause problems with some programs like spamassassin. It potentially also simplifies DNS spoofing attacks against perl-Net-DNS. Additionally, malformed compressed DNS packets could trigger an endless loop in perl-Net-DNS. Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11702 - Security update for perl-Net-DNS - SLED10/SLES10 Severity: Fixlet ID: 1170203 Fixlet Link: http://support.novell.com/techcenter/psdb/a7dbc8f043cc91ce48289ac7a197a582.html Fixlet Description: perl-Net-DNS uses sequential IDs for DNS lookups which could cause problems with some programs like spamassassin. It potentially also simplifies DNS spoofing attacks against perl-Net-DNS (CVE-2007-3377). Additionally, malformed compressed DNS packets could trigger an endless loop in perl-Net-DNS (CVE-2007-3409). Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7080901 - Security update for kdelibs3,kdelibs3-devel - SLED10/SLES10 Severity: Fixlet ID: 708090101 Fixlet Link: http://support.novell.com/techcenter/psdb/ce690e845ef42c0a36fe0ec55778b90f.html Fixlet Description: A bug in konqueror allowed attackers to abuse the FTP passive mode for portscans. Everyone using the KDE dekstop or KDE applications should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7081301 - Security update for open-iscsi - SLES10 Severity: Fixlet ID: 708130101 Fixlet Link: http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html Fixlet Description: Two vulnerabilites to denial of service in the open-iscsi daemon have been found. The daemon does not properly check the credentials of the process connecting to the management interface, which could be abused by an attacker to disrupt iSCSI connections. Likewise, a semaphore for a shared memory segment of the logging mechanism has too broad permissions, which allows local users to block the daemon on the next attempt to log an event. These DoS vulnerabilities are tracked by CVE-2007-3099 and CVE-2007-3100. Everyone using open-iscsi should install this update. Please see patch page for more detailed information.