Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 235	Published: Tue, 07 Jul 2009 22:00:24  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12442 - Security update for ClamAV - SLES9
Severity: <Unspecified>
Fixlet ID: 1244201
Fixlet Link: http://download.novell.com/Download?buildid=tXdhjyQX0Gg~

Fixlet Description: Multiple issues in clamav regarding malformed archives and emails have been fixed. Everyone using ClamAV should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9070101 - Security update for Acrobat Reader - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 907010101
Fixlet Link: http://download.novell.com/Download?buildid=igtpWuJqghk~

Fixlet Description: This update of acroread fixes the following vulnerabilities:     CVE-2009-1855: stack overflow that could lead to code execution  CVE-2009-1856: integer overflow with potential to lead to arbitrary code execution  CVE-2009-1857: memory corruption with potential to lead to arbitrary code execution  CVE-2009-1858: memory corruption with potential to lead to arbitrary code execution  CVE-2009-1859: memory corruption with potential to lead to arbitrary code execution  CVE-2009-0198: memory corruption with potential to lead to arbitrary code execution  CVE-2009-0509, CVE-2009-0510 CVE-2009-0511, CVE-2009-0512:  heap overflow that could lead to code execution  CVE-2009-1861: heap overflow that could lead to code execution Please install the update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9070102 - Security update for Novell ipsec tools - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 907010201
Fixlet Link: http://download.novell.com/Download?buildid=eVd7flTQe0Y~

Fixlet Description: This update of ipsec-tools fixes a crash of racoon in ISAKMP's de-fragmentation code due to a NULL-pointer dereference (CVE-2009-1574).  Additionally multiple memory leaks were fixed that allowed to execute a remote denial of service attack (CVE-2009-1632). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9070301 - Security update for gstreamer - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 907030101
Fixlet Link: http://download.novell.com/Download?buildid=P8OZvxs39cs~

Fixlet Description: Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). This has been fixed. Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9070301 - Security update for gstreamer - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 907030103
Fixlet Link: http://download.novell.com/Download?buildid=jk8yGiLJ0o0~

Fixlet Description: Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). This has been fixed. Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9070302 - Security update for PHP5 - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 907030201
Fixlet Link: http://download.novell.com/Download?buildid=MXIXvhuO3IE~

Fixlet Description: This update fixes the JSON parser (CVE-2009-1271) and the zip packer code (CVE-2009-1272) in php5. Both bugs can lead to a remote denial of service attack. Please update. Please see patch page for more detailed information.