Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 143	Published: Tue, 08 Jul 2008 01:21:52  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12170 - Security update for XFree86 - SLES9
Severity: <Unspecified>
Fixlet ID: 1217001
Fixlet Link: http://download.novell.com/Download?buildid=Udd5C_4PGek~

Fixlet Description: This update fixes multiple vulnerabilities reported by iDefense:   CVE-2008-2360 - RENDER Extension heap buffer overflow CVE-2008-2361 - RENDER Extension crash CVE-2008-2362 - RENDER Extension memory corruption CVE-2008-1379 - MIT-SHM arbitrary memory read CVE-2008-1377 - RECORD and Security extensions memory corruption Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12184 - Security update for libxslt - SLES9
Severity: <Unspecified>
Fixlet ID: 1218401
Fixlet Link: http://download.novell.com/Download?buildid=0c4Zvx-0TIo~

Fixlet Description: A libxslt XSL-match processing overflow has been fixed. CVE-2008-1767 has been assigned to this issue. everyone using libxslt should update Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8062501 - Security update for PHP5 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 806250103
Fixlet Link: http://download.novell.com/Download?buildid=JZeB-dmbnqA~

Fixlet Description: This version upgrade php5 to 5.2.6 fixes several security vulnerabilities.   Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. and many more. . . Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8070101 - Security update for bind - SLES10 SP1/SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 807010103
Fixlet Link: http://download.novell.com/Download?buildid=SOm0igJ7BKk~
Fixlet Link: http://download.novell.com/Download?buildid=9_2EEeumEUE~

Fixlet Description: The IP number for the "L" root DNS server changed. This patch updates the root. hint zone file to get the new IP number. Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8070102 - Security update for mtr - SLES10 SP1/SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 807010203
Fixlet Link: http://download.novell.com/Download?buildid=o9yuREls0gU~
Fixlet Link: http://download.novell.com/Download?buildid=57ls3Q0Q5Sk~

Fixlet Description: This update fixes a stack based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code (CVE-2008-2357). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8070103 - Security update for libxslt - SLES10 SP1/SLES10 SP2/SLED10 SP1/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 807010311
Fixlet Link: http://download.novell.com/Download?buildid=mCzLLUVOkTM~
Fixlet Link: http://download.novell.com/Download?buildid=p3cUBAJO5Ho~
Fixlet Link: http://download.novell.com/Download?buildid=mGbubLglvcg~
Fixlet Link: http://download.novell.com/Download?buildid=fNfNY4RaNaM~

Fixlet Description: A libxslt XSL-match processing overflow has been fixed. CVE-2008-1767 has been assigned to this issue. everyone using libxslt should update Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8070104 - Security update for ImageMagick - SLED10 SP1/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 807010403
Fixlet Link: http://download.novell.com/Download?buildid=eC6_GJJJun4~
Fixlet Link: http://download.novell.com/Download?buildid=MKUK7KMmWhU~

Fixlet Description: ImageMagick and GraphicsMagick are affected by two security problems:   CVE-2008-1096: Buffer overflow in the handling of XCF files CVE-2008-1097: Heap buffer overflow in the handling of PCX files Please install this update. Please see patch page for more detailed information.