Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 153	Published: Mon, 28 Jul 2008 21:18:25  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12174 - Security update for xscreensaver - SLES9
Severity: <Unspecified>
Fixlet ID: 1217401
Fixlet Link: http://download.novell.com/Download?buildid=dcZXQ6XxXQ0~

Fixlet Description: Following security problem is fixed by this patch:   CVE-2008-1683: When getpwuid() fails (due to dropped network on NIS accounts) fail instead of silently disabling locking (and just blanking). Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8071002 - Security update for bind - SLES10 SP1/SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 807100207
Fixlet Link: http://download.novell.com/Download?buildid=L4LkhGIeK8s~
Fixlet Link: http://download.novell.com/Download?buildid=Ugshtd8r050~

Fixlet Description: The transaction id and the udp source port used for DNS queries by the bind nameserver were predicatable. Attackers could potentially exploit that weakness to manipulate the DNS cache ("DNS cache poisoning", CVE-2008-1447). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8072601 - Security update for xscreensaver - SLES10 SP2/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 807260105
Fixlet Link: http://download.novell.com/Download?buildid=Z09aENB_ymU~
Fixlet Link: http://download.novell.com/Download?buildid=1orR5TlAtmg~

Fixlet Description: Following security problem is fixed by this patch:   CVE-2008-1683: When getpwuid() fails (due to dropped network on NIS accounts) fail instead of silently disabling locking (and just blanking). Install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8072601 - Security update for xscreensaver - SLES10 SP1/SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 807260107
Fixlet Link: http://download.novell.com/Download?buildid=NXXqt3CVh80~
Fixlet Link: http://download.novell.com/Download?buildid=ht1ct38RPa8~

Fixlet Description: Following security problem is fixed by this patch:   CVE-2008-1683: When getpwuid() fails (due to dropped network on NIS accounts) fail instead of silently disabling locking (and just blanking). Install this update. Please see patch page for more detailed information.