Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 160	Published: Tue, 19 Aug 2008 18:17:34  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12175 - Security update for MySQL - SLES9
Severity: <Unspecified>
Fixlet ID: 1217501
Fixlet Link: http://download.novell.com/Download?buildid=Jg3u8oU2xfk~

Fixlet Description: The database server mySQL was updated to fix two security problems:   CVE-2008-2079: MySQL allowed local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. CVE-2006-7232: sql_select. cc in MySQL 5.0. x before 5.0.32 and 5.1. x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. Please install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12215 - Security update for Python - SLES9
Severity: <Unspecified>
Fixlet ID: 1221501
Fixlet Link: http://download.novell.com/Download?buildid=nXR4AIv-RcQ~

Fixlet Description: This update of python fixes several security vulnerabilities. (CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316) Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12219 - Security update for Postfix - SLES9
Severity: <Unspecified>
Fixlet ID: 1221901
Fixlet Link: http://download.novell.com/Download?buildid=4kh_5g8YFLM~

Fixlet Description: A (local) privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081301 - Security update for MySQL - SLES10 SP1/SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 808130109
Fixlet Link: http://download.novell.com/Download?buildid=IpJ7HvfZfkU~
Fixlet Link: http://download.novell.com/Download?buildid=DVqQF_nglJc~

Fixlet Description: The database server mySQL was updated to fix two security problems:   CVE-2008-2079: MySQL allowed local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. CVE-2006-7232: sql_select. cc in MySQL 5.0. x before 5.0.32 and 5.1. x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. Please install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081301 - Security update for MySQL - SLES10 SP2/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 808130111
Fixlet Link: http://download.novell.com/Download?buildid=fmOTT3J-ZIQ~
Fixlet Link: http://download.novell.com/Download?buildid=kK4mb9qNVrU~

Fixlet Description: The database server mySQL was updated to fix two security problems:   CVE-2008-2079: MySQL allowed local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. CVE-2006-7232: sql_select. cc in MySQL 5.0. x before 5.0.32 and 5.1. x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. Please install this update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081401 - Security update for Postfix - SLES10 SP2/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 808140105
Fixlet Link: http://download.novell.com/Download?buildid=W8HyWYMzpCU~
Fixlet Link: http://download.novell.com/Download?buildid=NqXPNrItVSw~

Fixlet Description: A (local) privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081401 - Security update for Postfix - SLES10 SP1/SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 808140107
Fixlet Link: http://download.novell.com/Download?buildid=RIpN8GweoSg~
Fixlet Link: http://download.novell.com/Download?buildid=9tEL4ejbBq8~

Fixlet Description: A (local) privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081402 - Security update for rdesktop - SLED10 SP1/SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 808140201
Fixlet Link: http://download.novell.com/Download?buildid=swv4WBN-bOc~
Fixlet Link: http://download.novell.com/Download?buildid=q86x4V-E3Lk~

Fixlet Description: Multiple problems have been fixed in rdesktop. CVE-2008-1801, CVE-2008-1802 and CVE-2008-1803 have been assigned to this issue. Everyone using rdesktop should install this issue. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8081501 - Security update for Python - SLES10 SP1/SLES10 SP2/ SLED10 SP1/ SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 808150109
Fixlet Link: http://download.novell.com/Download?buildid=gmz_KPHZzlo~
Fixlet Link: http://download.novell.com/Download?buildid=02pNQ5SJd68~
Fixlet Link: http://download.novell.com/Download?buildid=6UvTjTGAI3U~
Fixlet Link: http://download.novell.com/Download?buildid=BkSEIAiU_U0~

Fixlet Description: This update of python fixes several security vulnerabilities. (CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316) Everyone should update. Please see patch page for more detailed information.