Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 188	Published: Fri, 05 Dec 2008 02:08:02  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-B8120101 - Security update for pam_krb5 - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 812010101
Fixlet Link: http://download.novell.com/Download?buildid=X9oKYTsYTZU~

Fixlet Description: Insufficient file access permissions checks allowed users to read Kerberos tickets of other users if pam_krb5 was configured with the option "existing_ticket" (CVE-2008-3825). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120101 - Security update for pam_krb5 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 812010103
Fixlet Link: http://download.novell.com/Download?buildid=x42BcsNWnCM~

Fixlet Description: Insufficient file access permissions checks allowed users to read Kerberos tickets of other users if pam_krb5 was configured with the option "existing_ticket" (CVE-2008-3825). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120101 - Security update for pam_krb5 - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 812010105
Fixlet Link: http://download.novell.com/Download?buildid=MblnTL6Whbo~

Fixlet Description: Insufficient file access permissions checks allowed users to read Kerberos tickets of other users if pam_krb5 was configured with the option "existing_ticket" (CVE-2008-3825). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120101 - Security update for pam_krb5 - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 812010107
Fixlet Link: http://download.novell.com/Download?buildid=BC12hnD76BY~

Fixlet Description: Insufficient file access permissions checks allowed users to read Kerberos tickets of other users if pam_krb5 was configured with the option "existing_ticket" (CVE-2008-3825). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120201 - Security update for Linux Kernel (x86) - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 812020101
Fixlet Link: http://download.novell.com/Download?buildid=ARd5PKhOJGo~

Fixlet Description: This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. Following security issues are addressed:  CVE-2008-4210: fs/open. c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. CVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir-&gt;i_size and dir-&gt;i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile. CVE-2007-6716: fs/direct-io. c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. For additional bugfixes please refer to the RPM changelog. Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120201 - Dependencies Needed - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 812020104
Fixlet Link: http://download.novell.com/Download?buildid=ARd5PKhOJGo~

Fixlet Description: Updated Linux kernel packages are now available for SuSE Linux Enterprise 10. However, these packages have a dependency that must be resolved. The following package must be installed at the specified version or greater:  perl-Bootloader-0.4.16-7.3.i586.rpm

***************************************************************
Title: PATCH-B8120201 - Security update for Linux Kernel (x86) - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 812020105
Fixlet Link: http://download.novell.com/Download?buildid=n1auxMowDnk~

Fixlet Description: This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. Following security issues are addressed:  CVE-2008-4210: fs/open. c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. CVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir-&gt;i_size and dir-&gt;i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile. CVE-2007-6716: fs/direct-io. c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. For additional bugfixes please refer to the RPM changelog. Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120201 - Dependencies Needed - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 812020107
Fixlet Link: http://download.novell.com/Download?buildid=n1auxMowDnk~

Fixlet Description: Updated Linux kernel packages are now available for SuSE Linux Enterprise 10. However, these packages have a dependency that must be resolved. The following package must be installed at the specified version or greater:  perl-Bootloader-0.4.16-7.3.i586.rpm

***************************************************************
Title: PATCH-B8120301 - Security update for Samba - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 812030101
Fixlet Link: http://download.novell.com/Download?buildid=FvvJCP2pWl8~

Fixlet Description: Malicious clients could potentially retrieve arbitrary memory content from a samba server (CVE-2008-4314). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120301 - Security update for Samba - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 812030103
Fixlet Link: http://download.novell.com/Download?buildid=beEhmrSugr8~

Fixlet Description: Malicious clients could potentially retrieve arbitrary memory content from a samba server (CVE-2008-4314). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120301 - Security update for Samba - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 812030105
Fixlet Link: http://download.novell.com/Download?buildid=erSO63z1u4o~

Fixlet Description: Malicious clients could potentially retrieve arbitrary memory content from a samba server (CVE-2008-4314). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120301 - Dependencies Needed - SLES10 SP1
Severity: <Unspecified>
Fixlet ID: 812030106
Fixlet Link: http://download.novell.com/Download?buildid=erSO63z1u4o~

Fixlet Description: Updated Samba packages are now available for SuSE Linux Enterprise 10. However, these packages have a dependency that must be resolved. The following package must be installed at the specified version or greater:  dmapi-2.2.7-0.11.i586.rpm

***************************************************************
Title: PATCH-B8120301 - Security update for Samba - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 812030107
Fixlet Link: http://download.novell.com/Download?buildid=0h2y9zeI-fk~

Fixlet Description: Malicious clients could potentially retrieve arbitrary memory content from a samba server (CVE-2008-4314). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B8120301 - Dependencies Needed - SLED10 SP1
Severity: <Unspecified>
Fixlet ID: 812030108
Fixlet Link: http://download.novell.com/Download?buildid=0h2y9zeI-fk~

Fixlet Description: Updated Samba packages are now available for SuSE Linux Enterprise 10. However, these packages have a dependency that must be resolved. The following package must be installed at the specified version or greater:  dmapi-2.2.7-0.11.i586.rpm