Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 175	Published: Tue, 21 Oct 2008 00:50:29  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12222 - Security update for OpenLDAP 2 - SLES9
Severity: <Unspecified>
Fixlet ID: 1222201
Fixlet Link: http://download.novell.com/Download?buildid=gLU7QtcK7K0~

Fixlet Description: This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101601 - Security update for PHP5 - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 810160101
Fixlet Link: http://download.novell.com/Download?buildid=6BjRGWPWtMg~

Fixlet Description: This update fixes some overflows in the gd extension and the memnstr() function that could crash php or even cause a buffer overflow (CVE-2008-3658, CVE-2008-3659) In addition it fixes a bug in gd support (bnc#411272). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101602 - Security update for hplip - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 810160201
Fixlet Link: http://download.novell.com/Download?buildid=1BImTMWFbkA~

Fixlet Description: This update of hplip does not allow to send alert mails as user anymore (CVE-2008-2940) and fixes a denial-of-service defect (CVE-2008-2941). Everyone using hplip should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101602 - Security update for hplip - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 810160203

Fixlet Description: This update of hplip does not allow to send alert mails as user anymore (CVE-2008-2940) and fixes a denial-of-service defect (CVE-2008-2941). Everyone using hplip should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101602 - Security update for hplip - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 810160205

Fixlet Description: This update of hplip does not allow to send alert mails as user anymore (CVE-2008-2940) and fixes a denial-of-service defect (CVE-2008-2941). Everyone using hplip should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101602 - Security update for hplip - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 810160207

Fixlet Description: This update of hplip does not allow to send alert mails as user anymore (CVE-2008-2940) and fixes a denial-of-service defect (CVE-2008-2941). Everyone using hplip should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101603 - Security update for OpenLDAP 2 - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 810160305

Fixlet Description: This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101603 - Security update for OpenLDAP 2 - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 810160309

Fixlet Description: This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101603 - Security update for OpenLDAP 2 - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 810160311

Fixlet Description: This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8101603 - Security update for OpenLDAP 2 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 810160313

Fixlet Description: This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active. Everyone should update. Please see patch page for more detailed information.