Fixlet Site - PatchesforSUSELinuxEnterprise Current Version: 214 Published: Wed, 29 Apr 2009 00:52:39 GMT New Fixlets: ============ *************************************************************** Title: PATCH-B9030301 - Security update for curl - SLED10 SP2 Severity: Fixlet ID: 903030102 Fixlet Link: http://download.novell.com/Download?buildid=J8MNFZPg3wQ~ Fixlet Description: Arbitrary file access via HTTP-redirect has been fixed in curl. CVE-2009-0037 has been assigned to this issue. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9030302 - Security update for libmikmod - SLED10 SP2 Severity: Fixlet ID: 903030202 Fixlet Link: http://download.novell.com/Download?buildid=dw8I6LKYpu8~ Fixlet Description: Specially crafted XM files or playing mod files with varying number of channels could crash applications using libmikmod (CVE-2009-0179, CVE-2007-6720). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9031001 - Security update for hal - SLED10 SP2 Severity: Fixlet ID: 903100102 Fixlet Link: http://download.novell.com/Download?buildid=Z5HmbKwAD8c~ Fixlet Description: The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied (CVE-2008-4311). The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. Additionally a bug in hal that allowed users to crash the hal daemon has been fixed. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9031002 - Security update for vim - SLED10 SP2 Severity: Fixlet ID: 903100202 Fixlet Link: http://download.novell.com/Download?buildid=iwI3lCIkYlU~ Fixlet Description: The VI Improved editor (vim) received bugfixes for some code execution problems. CVE-2008-2712: Arbitrary code execution in vim helper plugins filetype. vim, zipplugin, xpm. vim, gzip_vim, and netrw were fixed. CVE-2008-4101: Arbitrary code execution when pressing K, ctrl-] or g] depending on the text under the cursor. Install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9031602 - Security update for knetworkmanager - SLED10 SP2 Severity: Fixlet ID: 903160202 Fixlet Link: http://download.novell.com/Download?buildid=6hE7O2k-mog~ Fixlet Description: The knetworkmanager configuration was too permissive and allowed any user to read secrets (CVE-2009-0365). Everyone using knetworkmanager should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9031801 - Security update for dbus - SLED10 SP2 Severity: Fixlet ID: 903180102 Fixlet Link: http://download.novell.com/Download?buildid=FCmaULlnaeE~ Fixlet Description: The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied (CVE-2008-4311). The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9031901 - Security update for multipath-tools - SLED10 SP2 Severity: Fixlet ID: 903190102 Fixlet Link: http://download.novell.com/Download?buildid=BDR1NIVyYFc~ Fixlet Description: The default permissions on the multipathd socket file were to generous and allowed any user to connect (CVE-2009-0115). This update also contains the following fixes: Error checking in VECTOR_XXX defines (bnc#469269) Correct definition of dbg_malloc() Double free() on path release Use noflush for kpartx (bnc#473352) multipathd dies immediately after start (bnc#473029) Fix multibus zero-path handling (bnc#476330) Use lists for uevent processing (bnc#478874) Set stack size of uevent handling thread (bnc#478874) Fix multipathd signal deadlock Stack overflow in uev_trigger (bnc#476540) Check for NULL argument in vector_foreach_slot() (bnc#479572) Invalid callout formatting for cciss (bnc#419123) 'no_partitons' feature doesn't work with aliases (bnc#465009) Everybody using multipath should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9032301 - Security update for liblcms - SLED10 SP2 Severity: Fixlet ID: 903230102 Fixlet Link: http://download.novell.com/Download?buildid=ZaqCem9ZFmY~ Fixlet Description: Specially crafted image files could cause an integer overflow in lcms. Attackers could potentially exploit that to crash applications using lcms or even execute arbitrary code (CVE-2009-0723, CVE-2009-0581, CVE-2009-0733). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9032302 - Security update for Ghostscript - SLED10 SP2 Severity: Fixlet ID: 903230202 Fixlet Link: http://download.novell.com/Download?buildid=TboVN7_xnvs~ Fixlet Description: Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files (CVE-2009-0583, CVE-2009-0584). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9032701 - Security update for xntp - SLED10 SP2 Severity: Fixlet ID: 903270102 Fixlet Link: http://download.novell.com/Download?buildid=8p1I6DhuvAE~ Fixlet Description: ntp didn't properly check the return value of the openssl function EVP_VerifyFinal (CVE-2009-0021). Additionally a problem where ntpd refused to use keys from /etc/ntp. keys has been fixed. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9032706 - Security update for Acrobat Reader - SLED10 SP2 Severity: Fixlet ID: 903270601 Fixlet Link: http://download.novell.com/Download?buildid=4Ec86D4k2Sk~ Fixlet Description: Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. (CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062) Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9040201 - Security update for libsndfile - SLED10 SP2 Severity: Fixlet ID: 904020102 Fixlet Link: http://download.novell.com/Download?buildid=wuq_Ri9SL54~ Fixlet Description: Specially crafted CAF files could cause an integer overflow in libsndfile (CVE-2009-0186). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9040301 - Security update for Linux kernel - SLED10 SP2 Severity: Fixlet ID: 904030102 Fixlet Link: http://download.novell.com/Download?buildid=fQIFhED_nKA~ Fixlet Description: This Linux kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and several security issues. Following security issues were fixed: CVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi. c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue. CVE-2009-0676: The sock_getsockopt function in net/core/sock. c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. CVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. CVE-2008-1294: The Linux kernel does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. CVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns. c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. CVE-2009-1046: The console selection feature in the Linux kernel when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an an off-by-two memory error. It is is not clear if this can be exploited at all. Also a huge number of regular bugs were fixed, please see the RPM changelog for full details. Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9040702 - Security update for openswan - SLED10 SP2 Severity: Fixlet ID: 904070202 Fixlet Link: http://download.novell.com/Download?buildid=4-RL7Ozz5kM~ Fixlet Description: By sending a specially crafted Dead Peer Detection (DPD) packet remote attackers could crash the pluto IKE daemon (CVE-2009-0790). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9040801 - Security update for Kerberos - SLED10 SP2 Severity: Fixlet ID: 904080102 Fixlet Link: http://download.novell.com/Download?buildid=k5AIDfDFVlA~ Fixlet Description: The following bugs have been fixed: Clients sending negotiation requests with invalid flags could crash the kerberos server (CVE-2009-0845). GSS-API clients could crash when reading from an invalid address space (CVE-2009-0844). Invalid length checks could crash applications using the kerberos ASN.1 parser (CVE-2009-0847). Under certain circumstances the ASN.1 parser could free an uninitialized pointer which could crash a kerberos server or even lead to execution of arbitrary code (CVE-2009-0846). Everyone using MIT kerberos should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9040901 - Security update for ClamAV - SLED10 SP2 Severity: Fixlet ID: 904090102 Fixlet Link: http://download.novell.com/Download?buildid=Ph8WV37erc0~ Fixlet Description: ClamAV update to version 0.95. This also fixes some potential security bugs. (CVE-2009-1241) Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9041501 - Security update for PostgreSQL - SLED10 SP2 Severity: Fixlet ID: 904150102 Fixlet Link: http://download.novell.com/Download?buildid=J2FPA6L0R0o~ Fixlet Description: Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding (CVE-2009-0922). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9041601 - Security update for udev - SLED10 SP2 Severity: Fixlet ID: 904160102 Fixlet Link: http://download.novell.com/Download?buildid=zmIBpUrPsuI~ Fixlet Description: udev does not check the origin of the netlink messages. A local attacker could fake device creation events and thus gain root privileges. This update fixes the issue. It has been tracked as CVE-2009-1185. The update also fixes three non-security bugs: Fix persistent symbolic links for tapes Fix broken ATA compatibility links Add by-path links for tapes Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9041602 - Security update for acroread_ja - SLED10 SP2 Severity: Fixlet ID: 904160201 Fixlet Link: http://download.novell.com/Download?buildid=fhM4lDEoFB4~ Fixlet Description: Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allow attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. This issue has been tracked as CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061 and CVE-2009-1062. Everyone using acroread_ja should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9041701 - Security update for MozillaFirefox - SLED10 SP2 Severity: Fixlet ID: 904170102 Fixlet Link: http://download.novell.com/Download?buildid=UpXOL5FBBVM~ Fixlet Description: The Mozilla Firefox Browser was refreshed to the current MOZILLA_1_8 branch state around fix level 2.0.0.22. Security issues identified as being fixed are: MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2009-07 / CVE-2009-0772 / CVE-2009-0774: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2009-09 / CVE-2009-0776: Mozilla security researcher Georgi Guninski reported that a website could use nsIRDFService and a cross-domain redirect to steal arbitrary XML data from another domain, a violation of the same-origin policy. This vulnerability could be used by a malicious website to steal private data from users authenticated to the redirected website. MFSA 2009-10 / CVE-2009-0040: Google security researcher Tavis Ormandy reported several memory safety hazards to the libpng project, an external library used by Mozilla to render PNG images. These vulnerabilities could be used by a malicious website to crash a victim's browser and potentially execute arbitrary code on their computer. libpng was upgraded to version 1.2.35 which containis fixes for these flaws. MFSA 2009-12 / CVE-2009-1169: Security researcher Guido Landi discovered that a XSL stylesheet could be used to crash the browser during a XSL transformation. An attacker could potentially use this crash to run arbitrary code on a victim's computer. This vulnerability was also previously reported as a stability problem by Ubuntu community member, Andre. Ubuntu community member Michael Rooney reported Andre's findings to Mozilla, and Mozilla community member Martin helped reduce Andre's original testcase and contributed a patch to fix the vulnerability. Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9041702 - Security update for Xine - SLED10 SP2 Severity: Fixlet ID: 904170201 Fixlet Link: http://download.novell.com/Download?buildid=sDTK4HQUIUU~ Fixlet Description: Specially crafted 4x movie files could cause an integer overflow in xine-lib (CVE-2009-0698). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042201 - Security update for udev - SLES10 SP2 Severity: Fixlet ID: 904220101 Fixlet Link: http://download.novell.com/Download?buildid=renZiKXuXb4~ Fixlet Description: This update fixes a local privilege escalation in udev. CVE-2009-1185: udev did not check the origin of the netlink messages. A local attacker could fake device create events and so gain root privileges. The previous update did not apply the actual patch fixing this problem, as was reported to us by SGI. Please reboot the machine after installing the update, or run: /etc/init. d/boot. udev restart Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042201 - Security update for udev - SLED10 SP2 Severity: Fixlet ID: 904220102 Fixlet Link: http://download.novell.com/Download?buildid=ZYX1-7_GDZA~ Fixlet Description: This update fixes a local privilege escalation in udev. CVE-2009-1185: udev did not check the origin of the netlink messages. A local attacker could fake device create events and so gain root privileges. The previous update did not apply the actual patch fixing this problem, as was reported to us by SGI. Please reboot the machine after installing the update, or run: /etc/init. d/boot. udev restart Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042202 - Security update for CUPS - SLES10 SP2 Severity: Fixlet ID: 904220201 Fixlet Link: http://download.novell.com/Download?buildid=L64STJjPucg~ Fixlet Description: The following bugs have been fixed: Specially crafted tiff files could cause an integer overflow in the 'imagetops' filter (CVE-2009-0163). Specially crafted pdf files could cause overflows in the 'pdftops' filter (CVE-2009-0165, CVE-2009-0166, CVE-2009-0146, CVE-2009-0147, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042202 - Security update for CUPS - SLED10 SP2 Severity: Fixlet ID: 904220202 Fixlet Link: http://download.novell.com/Download?buildid=GiV1XKOOF7w~ Fixlet Description: The following bugs have been fixed: Specially crafted tiff files could cause an integer overflow in the 'imagetops' filter (CVE-2009-0163). Specially crafted pdf files could cause overflows in the 'pdftops' filter (CVE-2009-0165, CVE-2009-0166, CVE-2009-0146, CVE-2009-0147, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042203 - Security update for KDE PIM packages - SLES10 SP2 Severity: Fixlet ID: 904220301 Fixlet Link: http://download.novell.com/Download?buildid=HgqLokJKhgg~ Fixlet Description: This update fixes a security issue where KMail executed links in mails without confirmation. Please update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042203 - Security update for KDE PIM packages - SLED10 SP2 Severity: Fixlet ID: 904220302 Fixlet Link: http://download.novell.com/Download?buildid=WM7WgL1iJys~ Fixlet Description: This update fixes a security issue where KMail executed links in mails without confirmation. Please update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042301 - Security update for xpdf - SLES10 SP2 Severity: Fixlet ID: 904230101 Fixlet Link: http://download.novell.com/Download?buildid=9naXC8vhfxs~ Fixlet Description: Specially crafted PDF files could lead to crashes, make the viewer run into an infinite loop or potentially even allow execution of arbitrary code. This incident has been tracked as CVE-2009-0165, CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182 and CVE-2009-1183. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042301 - Security update for xpdf - SLED10 SP2 Severity: Fixlet ID: 904230102 Fixlet Link: http://download.novell.com/Download?buildid=T3BsF3yGHok~ Fixlet Description: Specially crafted PDF files could lead to crashes, make the viewer run into an infinite loop or potentially even allow execution of arbitrary code. This incident has been tracked as CVE-2009-0165, CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182 and CVE-2009-1183. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042302 - Security update for GnuTLS - SLED10 SP2 Severity: Fixlet ID: 904230202 Fixlet Link: http://download.novell.com/Download?buildid=zXxz8K3I0OE~ Fixlet Description: The previous security fix for gnutls (CVE-2008-4989) introduced a regression in the X.509 validation code for self-signed certificates. This update fixes this problem. Install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042401 - Security update for ClamAV - SLES10 SP2 Severity: Fixlet ID: 904240101 Fixlet Link: http://download.novell.com/Download?buildid=vErHJkNWMv0~ Fixlet Description: This clamav version upgrade to 0.95.1 fixes a buffer overflow error in the cli_url_canon() function (CVE-2009-1372) and a denial of service condition occuring while parsing malformed UPack archives (CVE-2009-1371). Please update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B9042401 - Security update for ClamAV - SLED10 SP2 Severity: Fixlet ID: 904240103 Fixlet Link: http://download.novell.com/Download?buildid=PjD6pJNnZVQ~ Fixlet Description: This clamav version upgrade to 0.95.1 fixes a buffer overflow error in the cli_url_canon() function (CVE-2009-1372) and a denial of service condition occuring while parsing malformed UPack archives (CVE-2009-1371). Please update. Please see patch page for more detailed information.