Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 219	Published: Wed, 06 May 2009 21:04:17  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12398 - Security update for freetype2 - SLES9
Severity: <Unspecified>
Fixlet ID: 1239801
Fixlet Link: http://download.novell.com/Download?buildid=7MjGuZCwaGg~

Fixlet Description: Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. (CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12411 - Security update for libsoup - SLES9
Severity: <Unspecified>
Fixlet ID: 1241101
Fixlet Link: http://download.novell.com/Download?buildid=1rwqQ_B9vJk~

Fixlet Description: Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code (CVE-2009-0585). Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9050401 - Security update for freetype2 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 905040101
Fixlet Link: http://download.novell.com/Download?buildid=R2tnRhodJnA~

Fixlet Description: Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. (CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs. Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9050401 - Security update for freetype2 - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 905040103
Fixlet Link: http://download.novell.com/Download?buildid=TGCTrD-go1o~

Fixlet Description: Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. (CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs. Everyone should update. Please see patch page for more detailed information.