Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 133	Published: Thu, 22 May 2008 02:27:20  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12075 - Security update for OpenLDAP2 - SLES9
Severity: <Unspecified>
Fixlet ID: 1207501
Fixlet Link: http://download.novell.com/Download?buildid=XffYAOrzyJ4~

Fixlet Description: An updated openldap package that fixes a bug is now available. Please see patch page for more detailed information. Everyone should install this update.

***************************************************************
Title: PATCH-12119- Security update for bzip2 - SLES9
Severity: <Unspecified>
Fixlet ID: 1211901
Fixlet Link: http://download.novell.com/Download?buildid=yMksZkRN0bE~

Fixlet Description: This update of bzip2 fixes a flaw where specially crafted files could crash the bzip2-decoder. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12135 - Security update for squid - SLES9
Severity: <Unspecified>
Fixlet ID: 1213501
Fixlet Link: http://download.novell.com/Download?buildid=DajdeNod7sU~

Fixlet Description: This update of squid fixes a flaw in a previous security update which could cause squid to crash under certain circumstances. Everyone should update. Please see patch page for more detailed information. squid-2.5.STABLE5-42.54.i586.rpm - 38f0c9917d155e6591263270b65bb4f0d6ab54a1

***************************************************************
Title: PATCH-12140 - Security update for Mozilla - SLES9
Severity: <Unspecified>
Fixlet ID: 1214001
Fixlet Link: http://download.novell.com/Download?buildid=D5jZxoF0iV4~

Fixlet Description: This update fixes security issues also fixed in the Mozilla Firefox 2.0.0.13 update round.  The following security problems were fixed:  MFSA 2008-19/CVE-2008-1241: XUL popup spoofing variant (cross-tab popups)  MFSA 2008-18/CVE-2008-1195 and CVE-2008-1240: Java socket connection to any local port via LiveConnect MFSA 2008-17/CVE-2007-4879: Privacy issue with SSL Client Authentication MFSA 2008-16/CVE-2008-1238: HTTP Referrer spoofing with malformed URLs MFSA 2008-15/CVE-2008-1236 and CVE-2008-1237: Crashes with evidence of memory corruption (rv:1.8.1.13) MFSA 2008-14/CVE-2008-1233, CVE-2008-1234, and CVE-2008-1235: JavaScript privilege escalation and arbitrary code execution. Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12141 - Security update for libpng - SLES9
Severity: <Unspecified>
Fixlet ID: 1214101
Fixlet Link: http://download.novell.com/Download?buildid=D5jZxoF0iV4~

Fixlet Description: Specially crafted PNG files could overwrite arbitrary memory. Attackers could potentially exploit that to execute arbitrary code. Everyone should install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12142 - Security update for IBM Java2 JRE and SDK - SLES9
Severity: <Unspecified>
Fixlet ID: 1214201
Fixlet Link: http://download.novell.com/Download?buildid=CtqME-_f0m0~

Fixlet Description: IBM Java 1.4.2 was updated to SR10 to fix several security issues. Please see patch page for more detailed information. For more information on the vulnerabilities, see http://www-128.ibm.com/developerworks/java/jdk/alerts/

***************************************************************
Title: PATCH-12063 - Security update for IBM Java5 JRE and SDK - SLES9
Severity: <Unspecified>
Fixlet ID: 1214501
Fixlet Link: http://download.novell.com/Download?buildid=6sN_XgE9fvs~

Fixlet Description: IBM Java 5 was updated to SR7 to fix several security issues. Please see patch page for more detailed information. For more information on the vulnerabilities, see http://www-128.ibm.com/developerworks/java/jdk/alerts/ IBMJava5-SDK-1.5.0-0.22.i586.rpm - 6472ad05ad75812b6cbe3e82042b7f0aa7121933  IBMJava5-JRE-1.5.0-0.22.i586.rpm - c1ef708554aeb4834b0ee6b3059ed69c1982ddb1

***************************************************************
Title: PATCH-12149 - Security update for clamav - SLES9
Severity: <Unspecified>
Fixlet ID: 1214901
Fixlet Link: http://download.novell.com/Download?buildid=ZO4m_Ec96kU~

Fixlet Description: This version upgrade of ClamAV to 0.93 fixes a long list of vulnerabilities. These vulnerabilities can lead to remote code execution, bypassing the scanning engine, remote denial-of-service, local file overwrite. Everyone should update. Please see patch page for more detailed information. clamav-0.93-0.6.i586.rpm - 1537a5953068a1b5fdbb4534aaa4d2b904e9c9cd