Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 108	Published: Wed, 20 Feb 2008 22:23:13  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12049 - Security update for PHP4 - SLES9
Severity: <Unspecified>
Fixlet ID: 1204901
Fixlet Link: http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html

Fixlet Description: This update fixes multiple bugs in php:    several problems in pcre        (CVE-2007-1660, CVE-2006-7225, CVE-2006-7224, CVE-2006-7226        CVE-2007-1659, CVE-2006-7230)    Flaws in processing multi byte sequences in htmlentities/htmlspecialchars        (CVE-2007-5898)    overly long arguments to the dl() function could crash php        (CVE-2007-4825)    overy long arguments to the glob() function could crash php        (CVE-2007-4782)    overly long arguments to some iconv functions could crash php        (CVE-2007-4840)    overy long arguments to the setlocale() function could crash php        (CVE-2007-4784)    the wordwrap-Function could cause a floating point exception        (CVE-2007-3998)    overy long arguments to the fnmatch() function could crash php        (CVE-2007-4782)    incorrect size calculation in the chunk_split function could lead        to a buffer overflow        (CVE-2007-4661, CVE-2007-2872)    Flaws in the GD extension could lead to integer overflows        (CVE-2007-3996)    The money_format function contained format string flaws        (CVE-2007-4658) Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12049 - Dependencies Needed - SLES9
Severity: <Unspecified>
Fixlet ID: 1204903
Fixlet Link: http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html

Fixlet Description: This update fixes multiple bugs in php. However, this update requires that the package "apache2-mod_php4" be installed.

***************************************************************
Title: PATCH-12089 - Security update for clamav - SLES9
Severity: <Unspecified>
Fixlet ID: 1208901
Fixlet Link: http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html

Fixlet Description: This version upgrade to 0.92.1  fixes numerous flaws including some security problems (CVE-2008-0318, CVE-2008-0728). Please note that the version number of the clamav library has changed in version 0.92. Programs linked against older libclamav therefore need to be updated as well. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12089 - Security update for clamav - SLES10
Severity: &amp;lt;Unspecified&amp;gt;
Fixlet ID: 1208903

Fixlet Description: This version upgrade to 0.92.1  fixes numerous flaws including some security problems (CVE-2008-0318, CVE-2008-0728). Please note that the version number of the clamav library has changed in version 0.92. Programs linked against older libclamav therefore need to be updated as well. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12090 - Security update for Mozilla - SLES9
Severity: <Unspecified>
Fixlet ID: 1209001
Fixlet Link: http://support.novell.com/techcenter/psdb/5cfea67de8b82bf442ad7c4663356e99.html

Fixlet Description: This update fixes security issues also fixes in the Mozilla Firefox 2.0.0.12 update round. Following security problems were fixed (not all might affect mozilla):    MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay    MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect    MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files    MFSA 2008-08/CVE-2008-0591 File action dialog tampering    MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation        stealing    MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI    MFSA 2008-04/CVE-2008-0417 Stored password corruption    MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code        Execution    MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing        vulnerabilities    MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12) Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8021301 - Security update for MozillaFirefox - SLED10/SLES10
Severity: <Unspecified>
Fixlet ID: 802130101
Fixlet Link: http://support.novell.com/techcenter/psdb/7731713870954ee13e98b603bd413b0b.html

Fixlet Description: This update brings Mozilla Firefox to security update version 2.0.0.12 The following security problems were fixed:    MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay    MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect    MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files    MFSA 2008-08/CVE-2008-0591 File action dialog tampering    MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation        stealing    MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI    MFSA 2008-04/CVE-2008-0417 Stored password corruption    MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code        Execution    MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing        vulnerabilities    MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12) Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8021901 - Security update for Acrobat Reader - SLED10
Severity: <Unspecified>
Fixlet ID: 802190101
Fixlet Link: http://support.novell.com/techcenter/psdb/d7cbebd806a6d19cb424ca24aa66538e.html

Fixlet Description: This version update to 8.1.2 fixes numerous bugs, including some security problems. (CVE-2008-0667, CVE-2008-0655, CVE-2008-0726) Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8021902 - Security update for cairo - SLED10/SLES10
Severity: <Unspecified>
Fixlet ID: 802190201
Fixlet Link: http://support.novell.com/techcenter/psdb/44ab155e3202595389c101e6cf7e20f2.html

Fixlet Description: This update fixes a regression that was caused by the previous security update. Several programs such as gedit didn't display some lines properly anymore. Everyone should update. Please see patch page for more detailed information.