As of now we are offering so called Patch RPM packages. A Patch RPM updates an already installed RPM. It only contains files which have changed - therefore it is (much) smaller than the complete RPM package. Prerequisite for installation is an already installed basic RPM. The packages included on the SUSE Linux 10.2 (x86_64) CDs/DVD are considered as basic RPMs.
If you want to update an already installed package, please download the smaller Patch RPM package.
Only x86_64- and non-architecture specific packages are listed here. If you have installed i586 packages, please see this page for respective updates.
| 22 Jul 2008 |
gnumeric: Spreadsheet Application |
| RPM |
gnumeric 1.6.3-29 (x86_64) |
10521 kB |
| Patch-RPM |
gnumeric 1.6.3-29-patch (x86_64) |
1955 kB |
| Source-RPM |
gnumeric-1.6.3-29.src.rpm |
|
Security Update!
Specially crafed xls files could trigger integer overflows in gnumeric that could potentially be exploited to execute arbitrary code (CVE-2008-0668).
|
| 16 Jul 2008 |
moodle-vi: Moodle language pack for Vietnamese |
| RPM |
moodle-vi 1.7.2-0.7 (noarch) |
152 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-sk: Moodle language pack for Slovak |
| RPM |
moodle-sk 1.7.2-0.7 (noarch) |
155 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-sl: Moodle language pack for Slovenian |
| RPM |
moodle-sl 1.7.2-0.7 (noarch) |
276 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-sq: Moodle language pack for Albanian |
| RPM |
moodle-sq 1.7.2-0.7 (noarch) |
188 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-so: Moodle language pack for Somali |
| RPM |
moodle-so 1.7.2-0.7 (noarch) |
50 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-th: Moodle language pack for Thai |
| RPM |
moodle-th 1.7.2-0.7 (noarch) |
209 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-sr: Moodle language pack for Serbian |
| RPM |
moodle-sr 1.7.2-0.7 (noarch) |
52 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-tl: Moodle language pack for Tagalog |
| RPM |
moodle-tl 1.7.2-0.7 (noarch) |
310 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-sv: Moodle language pack for Swedish |
| RPM |
moodle-sv 1.7.2-0.7 (noarch) |
362 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-zh_cn: Moodle language pack for Chinese (Simplified) UTF8 |
| RPM |
moodle-zh_cn 1.7.2-0.7 (noarch) |
211 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-tr: Moodle language pack for Turkish |
| RPM |
moodle-tr 1.7.2-0.7 (noarch) |
134 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-uk: Moodle language pack for Ukrainian |
| RPM |
moodle-uk 1.7.2-0.7 (noarch) |
110 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-fa: Moodle language pack for Persian |
| RPM |
moodle-fa 1.7.2-0.7 (noarch) |
31 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-et: Moodle language pack for Estonian |
| RPM |
moodle-et 1.7.2-0.7 (noarch) |
91 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-es: Moodle language pack for Spanish |
| RPM |
moodle-es 1.7.2-0.7 (noarch) |
371 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-el: Moodle language pack for Greek |
| RPM |
moodle-el 1.7.2-0.7 (noarch) |
109 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-fi: Moodle language pack for Finnish |
| RPM |
moodle-fi 1.7.2-0.7 (noarch) |
217 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ms: Moodle language pack for Malay |
| RPM |
moodle-ms 1.7.2-0.7 (noarch) |
74 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-hr: Moodle language pack for Croatian |
| RPM |
moodle-hr 1.7.2-0.7 (noarch) |
59 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-lt: Moodle language pack for Lithuanian |
| RPM |
moodle-lt 1.7.2-0.7 (noarch) |
57 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ro: Moodle language pack for Romanian |
| RPM |
moodle-ro 1.7.2-0.7 (noarch) |
37 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-he: Moodle language pack for Hebrew |
| RPM |
moodle-he 1.7.2-0.7 (noarch) |
51 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-lv: Moodle language pack for Latvian |
| RPM |
moodle-lv 1.7.2-0.7 (noarch) |
48 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ko: Moodle language pack for Korean |
| RPM |
moodle-ko 1.7.2-0.7 (noarch) |
401 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-kn: Moodle language pack for Kannada |
| RPM |
moodle-kn 1.7.2-0.7 (noarch) |
27 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-km: Moodle language pack for Cambodian |
| RPM |
moodle-km 1.7.2-0.7 (noarch) |
124 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-no: Moodle language pack for Norwegian |
| RPM |
moodle-no 1.7.2-0.7 (noarch) |
153 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-nn: Moodle language pack for Nynorsk |
| RPM |
moodle-nn 1.7.2-0.7 (noarch) |
51 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-fr: Moodle language pack for French |
| RPM |
moodle-fr 1.7.2-0.7 (noarch) |
293 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-bs: Moodle language pack for Bosnian |
| RPM |
moodle-bs 1.7.2-0.7 (noarch) |
74 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-de: Moodle language pack for German |
| RPM |
moodle-de 1.7.2-0.7 (noarch) |
354 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ga: Moodle language pack for Irish |
| RPM |
moodle-ga 1.7.2-0.7 (noarch) |
75 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-da: Moodle language pack for Danish |
| RPM |
moodle-da 1.7.2-0.7 (noarch) |
80 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-nl: Moodle language pack for Dutch |
| RPM |
moodle-nl 1.7.2-0.7 (noarch) |
328 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-gl: Moodle language pack for Galician |
| RPM |
moodle-gl 1.7.2-0.7 (noarch) |
154 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-mi_tn: Moodle language pack for Maori |
| RPM |
moodle-mi_tn 1.7.2-0.7 (noarch) |
41 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ka: Moodle language pack for Georgian |
| RPM |
moodle-ka 1.7.2-0.7 (noarch) |
83 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-cs: Moodle language pack for Czech |
| RPM |
moodle-cs 1.7.2-0.7 (noarch) |
306 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-af: Moodle language pack for Afrikaans |
| RPM |
moodle-af 1.7.2-0.7 (noarch) |
59 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ar: Moodle language pack for Arabic |
| RPM |
moodle-ar 1.7.2-0.7 (noarch) |
94 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ca: Moodle language pack for Catalan |
| RPM |
moodle-ca 1.7.2-0.7 (noarch) |
214 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-hu: Moodle language pack for Hungarian |
| RPM |
moodle-hu 1.7.2-0.7 (noarch) |
292 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-id: Moodle language pack for Indonesian |
| RPM |
moodle-id 1.7.2-0.7 (noarch) |
63 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-hi: Moodle language pack for Hindi |
| RPM |
moodle-hi 1.7.2-0.7 (noarch) |
33 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-is: Moodle language pack for Icelandic |
| RPM |
moodle-is 1.7.2-0.7 (noarch) |
96 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-bg: Moodle language pack for Bulgarian |
| RPM |
moodle-bg 1.7.2-0.7 (noarch) |
75 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-be: Moodle language pack for Byelorussian |
| RPM |
moodle-be 1.7.2-0.7 (noarch) |
213 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-it: Moodle language pack for Italian |
| RPM |
moodle-it 1.7.2-0.7 (noarch) |
336 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-pt: Moodle language pack for Portuguese |
| RPM |
moodle-pt 1.7.2-0.7 (noarch) |
443 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ja: Moodle language pack for Japanese |
| RPM |
moodle-ja 1.7.2-0.7 (noarch) |
326 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-pl: Moodle language pack for Polish |
| RPM |
moodle-pl 1.7.2-0.7 (noarch) |
290 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle: A Course Management System |
| RPM |
moodle 1.7.2-0.7 (noarch) |
8027 kB |
| Patch-RPM |
moodle 1.7.2-0.7-patch (noarch) |
8021 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-ru: Moodle language pack for Russian |
| RPM |
moodle-ru 1.7.2-0.7 (noarch) |
153 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 16 Jul 2008 |
moodle-eu: Moodle language pack for Basque |
| RPM |
moodle-eu 1.7.2-0.7 (noarch) |
222 kB |
| Source-RPM |
moodle-1.7.2-0.7.src.rpm |
|
Security Update!
An incorrect input validation in moodle could be exploited by
attackers to conduct cross site scripting attacks (CVE-2008-1502).
|
| 11 Jul 2008 |
sylpheed-claws: An Email client similar to Eudora on Windows |
| RPM |
sylpheed-claws 2.5.5-33 (x86_64) |
4701 kB |
| Patch-RPM |
sylpheed-claws 2.5.5-33-patch (x86_64) |
1359 kB |
| Source-RPM |
sylpheed-claws-2.5.5-33.src.rpm |
|
sylpheed-claws needed to be updated to work with clamav 0.93 and later.
|
| 11 Jul 2008 |
clamav-db: Virus Database for ClamAV |
| RPM |
clamav-db 0.93.3-0.1 (x86_64) |
15787 kB |
| Source-RPM |
clamav-0.93.3-0.1.src.rpm |
|
Security Update!
This update brings clamav to version 0.93.3.
It lists CVE-2008-2713 as fixed, but this was fixed
in 0.93.1 already, but not mentioned.
The update contains stability and bugfixes.
|
| 11 Jul 2008 |
clamav: Antivirus Toolkit |
| RPM |
clamav 0.93.3-0.1 (x86_64) |
1281 kB |
| Patch-RPM |
clamav 0.93.3-0.1-patch (x86_64) |
1119 kB |
| Source-RPM |
clamav-0.93.3-0.1.src.rpm |
|
Security Update!
This update brings clamav to version 0.93.3.
It lists CVE-2008-2713 as fixed, but this was fixed
in 0.93.1 already, but not mentioned.
The update contains stability and bugfixes.
|
| 10 Jul 2008 |
MozillaFirefox-translations: Translations for MozillaFirefox |
| RPM |
MozillaFirefox-translations 2.0.0.15-0.1 (x86_64) |
4684 kB |
| Patch-RPM |
MozillaFirefox-translations 2.0.0.15-0.1-patch (x86_64) |
4683 kB |
| Source-RPM |
MozillaFirefox-2.0.0.15-0.1.src.rpm |
|
Security Update!
Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs
including following security bugs:
CVE-2008-2798 CVE-2008-2799 MFSA-2008-21:
Mozilla developers identified and fixed several stability bugs in the browser
engine used in Firefox and other Mozilla-based products. Some of these crashes
showed evidence of memory corruption under certain circumstances and we presume
that with enough effort at least some of these could be exploited to run
arbitrary code.
CVE-2008-2800 MFSA-2008-22:
Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities which allow
scripts from one document to be executed in the context of a different
document. These vulnerabilities could be used by an attacker to violate the
same-origin policy and perform an XSS attack.
CVE-2008-2801 MFSA-2008-23:
Security researcher Collin Jackson reported a series of vulnerabilities which
allow JavaScript to be injected into signed JARs and executed under the context
of the JAR's signer. This could allow an attacker to run JavaScript in a
victim's browser with the privileges of a different website, provided the
attacker possesses a JAR signed by the other website.
CVE-2008-2802 MFSA-2008-24:
Mozilla contributor moz_bug_r_a4 reported a vulnerability that allowed
non-priviliged XUL documents to load chrome scripts from the fastload file.
This could allow an attacker to run arbitrary JavaScript code with chrome
privileges.
CVE-2008-2803 MFSA-2008-25:
Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows
arbitrary JavaScript to be executed with chrome privileges. The privilege
escalation was possible because JavaScript loaded via
mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers when
accessing content. This could allow an attacker to overwrite trusted objects
with arbitrary code which would be executed with chrome privileges when the
trusted objects were called by the browser.
CVE-2008-2805 MFSA-2008-27:
Opera developer Claudio Santambrogio reported a vulnerability which allows
malicious content to force the browser into uploading local files to the remote
server. This could be used by an attacker to steal arbitrary files from a
victim's computer.
CVE-2008-2806 MFSA-2008-28:
Security researcher Gregory Fleischer reported a vulnerability in the way
Mozilla indicates the origin of a document to the Java plugin. This
vulnerability could allow a malicious Java applet to bypass the same-origin
policy and create arbitrary socket connections to other domains.
CVE-2008-2807 MFSA-2008-29:
Mozilla developer Daniel Glazman demonstrated that an improperly encoded
.properties file in an add-on can result in uninitialized memory being used.
This could potentially result in small chunks of data from other programs being
exposed in the browser.
CVE-2008-2808 MFSA-2008-30:
Mozilla contributor Masahiro Yamada reported that file URLs in directory
listings were not being HTML escaped properly when the filenames contained
particular characters. This resulted in files from directory listings being
opened in unintended ways or files not being able to be opened by the browser
altogether.
CVE-2008-2809 MFSA-2008-31:
Mozilla developer John G. Myers reported a weakness in the trust model used by
Mozilla regarding alternate names on self-signed certificates. A user could be
prompted to accept a self-signed certificate from a website which includes
alt-name entries. If the user accepted the certificate, they would also extend
trust to any alternate domains listed in the certificate, despite not being
prompted about the additional domains. This technique could be used by an
attacker to impersonate another server.
CVE-2008-2810 MFSA-2008-32:
Mozilla community member Geoff reported a vulnerability in the way Mozilla
opens URL files sent directly to the browser. He demonstrated that such files
were opened with local file privileges, giving the remote content access to
read from the local filesystem. If a user opened a bookmark to a malicious page
in this manner, the page could potentially read from other local files on the
user's computer.
CVE-2008-2811 MFSA 2008-33:
Security research firm Astabis, via the iSIGHT Partners GVP Program, reported a
vulnerability in Mozilla's block reflow code. This vulnerablitity could be used
by an attacker to crash the browser and run arbitrary code on the victim's
computer.
|
| 10 Jul 2008 |
MozillaFirefox: Mozilla Firefox Web Browser |
| RPM |
MozillaFirefox 2.0.0.15-0.1 (x86_64) |
8858 kB |
| Patch-RPM |
MozillaFirefox 2.0.0.15-0.1-patch (x86_64) |
7636 kB |
| Source-RPM |
MozillaFirefox-2.0.0.15-0.1.src.rpm |
|
Security Update!
Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs
including following security bugs:
CVE-2008-2798 CVE-2008-2799 MFSA-2008-21:
Mozilla developers identified and fixed several stability bugs in the browser
engine used in Firefox and other Mozilla-based products. Some of these crashes
showed evidence of memory corruption under certain circumstances and we presume
that with enough effort at least some of these could be exploited to run
arbitrary code.
CVE-2008-2800 MFSA-2008-22:
Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities which allow
scripts from one document to be executed in the context of a different
document. These vulnerabilities could be used by an attacker to violate the
same-origin policy and perform an XSS attack.
CVE-2008-2801 MFSA-2008-23:
Security researcher Collin Jackson reported a series of vulnerabilities which
allow JavaScript to be injected into signed JARs and executed under the context
of the JAR's signer. This could allow an attacker to run JavaScript in a
victim's browser with the privileges of a different website, provided the
attacker possesses a JAR signed by the other website.
CVE-2008-2802 MFSA-2008-24:
Mozilla contributor moz_bug_r_a4 reported a vulnerability that allowed
non-priviliged XUL documents to load chrome scripts from the fastload file.
This could allow an attacker to run arbitrary JavaScript code with chrome
privileges.
CVE-2008-2803 MFSA-2008-25:
Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows
arbitrary JavaScript to be executed with chrome privileges. The privilege
escalation was possible because JavaScript loaded via
mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers when
accessing content. This could allow an attacker to overwrite trusted objects
with arbitrary code which would be executed with chrome privileges when the
trusted objects were called by the browser.
CVE-2008-2805 MFSA-2008-27:
Opera developer Claudio Santambrogio reported a vulnerability which allows
malicious content to force the browser into uploading local files to the remote
server. This could be used by an attacker to steal arbitrary files from a
victim's computer.
CVE-2008-2806 MFSA-2008-28:
Security researcher Gregory Fleischer reported a vulnerability in the way
Mozilla indicates the origin of a document to the Java plugin. This
vulnerability could allow a malicious Java applet to bypass the same-origin
policy and create arbitrary socket connections to other domains.
CVE-2008-2807 MFSA-2008-29:
Mozilla developer Daniel Glazman demonstrated that an improperly encoded
.properties file in an add-on can result in uninitialized memory being used.
This could potentially result in small chunks of data from other programs being
exposed in the browser.
CVE-2008-2808 MFSA-2008-30:
Mozilla contributor Masahiro Yamada reported that file URLs in directory
listings were not being HTML escaped properly when the filenames contained
particular characters. This resulted in files from directory listings being
opened in unintended ways or files not being able to be opened by the browser
altogether.
CVE-2008-2809 MFSA-2008-31:
Mozilla developer John G. Myers reported a weakness in the trust model used by
Mozilla regarding alternate names on self-signed certificates. A user could be
prompted to accept a self-signed certificate from a website which includes
alt-name entries. If the user accepted the certificate, they would also extend
trust to any alternate domains listed in the certificate, despite not being
prompted about the additional domains. This technique could be used by an
attacker to impersonate another server.
CVE-2008-2810 MFSA-2008-32:
Mozilla community member Geoff reported a vulnerability in the way Mozilla
opens URL files sent directly to the browser. He demonstrated that such files
were opened with local file privileges, giving the remote content access to
read from the local filesystem. If a user opened a bookmark to a malicious page
in this manner, the page could potentially read from other local files on the
user's computer.
CVE-2008-2811 MFSA 2008-33:
Security research firm Astabis, via the iSIGHT Partners GVP Program, reported a
vulnerability in Mozilla's block reflow code. This vulnerablitity could be used
by an attacker to crash the browser and run arbitrary code on the victim's
computer.
|
| 10 Jul 2008 |
bind-utils: Utilities to query and test DNS |
| RPM |
bind-utils 9.3.5P1-0.1 (x86_64) |
174 kB |
| Patch-RPM |
bind-utils 9.3.5P1-0.1-patch (x86_64) |
152 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind-doc: BIND documentation |
| RPM |
bind-doc 9.3.5P1-0.1 (x86_64) |
1538 kB |
| Patch-RPM |
bind-doc 9.3.5P1-0.1-patch (x86_64) |
393 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind-libs: Shared libraries of BIND |
| RPM |
bind-libs 9.3.5P1-0.1 (x86_64) |
996 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind-libs-32bit: Shared libraries of BIND |
| RPM |
bind-libs-32bit 9.3.5P1-0.1 (x86_64) |
876 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind-devel: Development Libraries and Header Files of BIND |
| RPM |
bind-devel 9.3.5P1-0.1 (x86_64) |
1289 kB |
| Patch-RPM |
bind-devel 9.3.5P1-0.1-patch (x86_64) |
1005 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind-chrootenv: Chroot environment for BIND named and lwresd |
| RPM |
bind-chrootenv 9.3.5P1-0.1 (x86_64) |
24 kB |
| Patch-RPM |
bind-chrootenv 9.3.5P1-0.1-patch (x86_64) |
23 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 10 Jul 2008 |
bind: Domain Name System (DNS) Server (named) |
| RPM |
bind 9.3.5P1-0.1 (x86_64) |
231 kB |
| Patch-RPM |
bind 9.3.5P1-0.1-patch (x86_64) |
219 kB |
| Source-RPM |
bind-9.3.5P1-0.1.src.rpm |
|
Security Update!
The transaction id and the UDP source port used for DNS queries by
the bind nameserver were predicatable. Attackers could potentially
exploit that weakness to manipulate the DNS cache ("DNS cache poisoning",
CVE-2008-1447).
|
| 7 Jul 2008 |
licq-icqnd: GTK-2 GUI plugin for Licq |
| RPM |
licq-icqnd 1.3.4-31 (x86_64) |
505 kB |
| Patch-RPM |
licq-icqnd 1.3.4-31-patch (x86_64) |
318 kB |
| Source-RPM |
licq-1.3.4-31.src.rpm |
|
Licq clients could no longer log in to the ICQ network due to a server
change at July 1st 2008
|
| 7 Jul 2008 |
licq: Linux ICQ Client |
| RPM |
licq 1.3.4-31 (x86_64) |
2907 kB |
| Patch-RPM |
licq 1.3.4-31-patch (x86_64) |
1725 kB |
| Source-RPM |
licq-1.3.4-31.src.rpm |
|
Licq clients could no longer log in to the ICQ network due to a server
change at July 1st 2008
|
| 7 Jul 2008 |
zypper: Command Line Package Management Using Libzypp |
| RPM |
zypper 0.6.15-0.6 (x86_64) |
213 kB |
| Patch-RPM |
zypper 0.6.15-0.6-patch (x86_64) |
205 kB |
| Source-RPM |
zypper-0.6.15-0.6.src.rpm |
|
Libzypp was not able to import updated GPG keys (with for instance new expiry dates), since it already saw the GPG key as imported.
This blocked the extension of the suse build key for instance.
This update of the zypp-refresh utility does no longer accept repository signatures and files with signature check problems without user's approval.
|
| 7 Jul 2008 |
libzypp: Package, Patch, Pattern, and Product Management |
| RPM |
libzypp 2.17.2-0.1 (x86_64) |
2368 kB |
| Patch-RPM |
libzypp 2.17.2-0.1-patch (x86_64) |
2350 kB |
| Source-RPM |
libzypp-2.17.2-0.1.src.rpm |
|
Libzypp was not able to import updated GPG keys (with for instance new expiry dates), since it already saw the GPG key as imported.
This blocked the extension of the suse build key for instance.
This update of the zypp-refresh utility does no longer accept repository signatures and files with signature check problems without user's approval.
|
| 7 Jul 2008 |
libzypp-devel: Package, Patch, Pattern, and Product Management - developers files |
| RPM |
libzypp-devel 2.17.2-0.1 (x86_64) |
4345 kB |
| Patch-RPM |
libzypp-devel 2.17.2-0.1-patch (x86_64) |
4294 kB |
| Source-RPM |
libzypp-2.17.2-0.1.src.rpm |
|
Libzypp was not able to import updated GPG keys (with for instance new expiry dates), since it already saw the GPG key as imported.
This blocked the extension of the suse build key for instance.
This update of the zypp-refresh utility does no longer accept repository signatures and files with signature check problems without user's approval.
|
| 4 Jul 2008 |
freetype2-devel-32bit: Include Files and Libraries mandatory for Development. |
| RPM |
freetype2-devel-32bit 2.3.5-4.3 (x86_64) |
250 kB |
| Source-RPM |
freetype2-2.3.5-4.3.src.rpm |
|
Security Update!
This update of freetype2 fixes several potential vulnerabilities reported by iDefense.
|
| 4 Jul 2008 |
freetype2-devel: Include Files and Libraries mandatory for Development. |
| RPM |
freetype2-devel 2.3.5-4.3 (x86_64) |
559 kB |
| Patch-RPM |
freetype2-devel 2.3.5-4.3-patch (x86_64) |
480 kB |
| Source-RPM |
freetype2-2.3.5-4.3.src.rpm |
|
Security Update!
This update of freetype2 fixes several potential vulnerabilities reported by iDefense.
|
| 4 Jul 2008 |
freetype2-32bit: A TrueType Font Library |
| RPM |
freetype2-32bit 2.3.5-4.3 (x86_64) |
241 kB |
| Source-RPM |
freetype2-2.3.5-4.3.src.rpm |
|
Security Update!
This update of freetype2 fixes several potential vulnerabilities reported by iDefense.
|
| 4 Jul 2008 |
freetype2: A TrueType Font Library |
| RPM |
freetype2 2.3.5-4.3 (x86_64) |
348 kB |
| Patch-RPM |
freetype2 2.3.5-4.3-patch (x86_64) |
339 kB |
| Source-RPM |
freetype2-2.3.5-4.3.src.rpm |
|
Security Update!
This update of freetype2 fixes several potential vulnerabilities reported by iDefense.
|
| 4 Jul 2008 |
suse-build-key: The public gpg key for rpm package signature verification |
| RPM |
suse-build-key 1.0-710 (noarch) |
12 kB |
| Source-RPM |
suse-build-key-1.0-710.src.rpm |
|
This update extends the expiration dates of various Novell
Keys by two more years:
9C800ACA,8495160C,307E3D54: extend expiration by 2 years until 2010-05-05
7E2E3B05: extend expiration by 2 years until 2010-05-24
|
| 1 Jul 2008 |
mtr-gtk: Ping and Traceroute Network Diagnostic Tool |
| RPM |
mtr-gtk 0.72-20 (x86_64) |
61 kB |
| Patch-RPM |
mtr-gtk 0.72-20-patch (x86_64) |
41 kB |
| Source-RPM |
mtr-0.72-20.src.rpm |
|
Security Update!
This update fixes a stack based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code (CVE-2008-2357).
|
| 1 Jul 2008 |
mtr: Ping and Traceroute Network Diagnostic Tool |
| RPM |
mtr 0.72-20 (x86_64) |
51 kB |
| Patch-RPM |
mtr 0.72-20-patch (x86_64) |
34 kB |
| Source-RPM |
mtr-0.72-20.src.rpm |
|
Security Update!
This update fixes a stack based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code (CVE-2008-2357).
|
| 30 Jun 2008 |
GraphicsMagick-devel: Viewer and Converter for Images - files mandatory for development |
| RPM |
GraphicsMagick-devel 1.1.7-35.7 (x86_64) |
46 kB |
| Patch-RPM |
GraphicsMagick-devel 1.1.7-35.7-patch (x86_64) |
11 kB |
| Source-RPM |
GraphicsMagick-1.1.7-35.7.src.rpm |
|
Security Update!
GraphicsMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
perl-GraphicsMagick: Viewer and Converter for Images - perl interface |
| RPM |
perl-GraphicsMagick 1.1.7-35.7 (x86_64) |
65 kB |
| Patch-RPM |
perl-GraphicsMagick 1.1.7-35.7-patch (x86_64) |
7 kB |
| Source-RPM |
GraphicsMagick-1.1.7-35.7.src.rpm |
|
Security Update!
GraphicsMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
GraphicsMagick-c++-devel: Viewer and Converter for Images - C++ interface - development files |
| RPM |
GraphicsMagick-c++-devel 1.1.7-35.7 (x86_64) |
40 kB |
| Patch-RPM |
GraphicsMagick-c++-devel 1.1.7-35.7-patch (x86_64) |
5 kB |
| Source-RPM |
GraphicsMagick-1.1.7-35.7.src.rpm |
|
Security Update!
GraphicsMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
GraphicsMagick-c++: Viewer and Converter for Images - C++ interface |
| RPM |
GraphicsMagick-c++ 1.1.7-35.7 (x86_64) |
126 kB |
| Source-RPM |
GraphicsMagick-1.1.7-35.7.src.rpm |
|
Security Update!
GraphicsMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
GraphicsMagick: Viewer and Converter for Images |
| RPM |
GraphicsMagick 1.1.7-35.7 (x86_64) |
2226 kB |
| Patch-RPM |
GraphicsMagick 1.1.7-35.7-patch (x86_64) |
1161 kB |
| Source-RPM |
GraphicsMagick-1.1.7-35.7.src.rpm |
|
Security Update!
GraphicsMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
perl-PerlMagick: Perl interface for ImageMagick |
| RPM |
perl-PerlMagick 6.3.0.0-27.10 (x86_64) |
150 kB |
| Patch-RPM |
perl-PerlMagick 6.3.0.0-27.10-patch (x86_64) |
92 kB |
| Source-RPM |
ImageMagick-6.3.0.0-27.10.src.rpm |
|
Security Update!
ImageMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
ImageMagick-devel: Include Files and Libraries Mandatory for Development. |
| RPM |
ImageMagick-devel 6.3.0.0-27.10 (x86_64) |
1534 kB |
| Patch-RPM |
ImageMagick-devel 6.3.0.0-27.10-patch (x86_64) |
1483 kB |
| Source-RPM |
ImageMagick-6.3.0.0-27.10.src.rpm |
|
Security Update!
ImageMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
ImageMagick-Magick++: C++ Interface for ImageMagick - runtime library |
| RPM |
ImageMagick-Magick++ 6.3.0.0-27.10 (x86_64) |
143 kB |
| Patch-RPM |
ImageMagick-Magick++ 6.3.0.0-27.10-patch (x86_64) |
136 kB |
| Source-RPM |
ImageMagick-6.3.0.0-27.10.src.rpm |
|
Security Update!
ImageMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
ImageMagick-Magick++-devel: C++ Interface for ImageMagick - files mandatory for development |
| RPM |
ImageMagick-Magick++-devel 6.3.0.0-27.10 (x86_64) |
205 kB |
| Patch-RPM |
ImageMagick-Magick++-devel 6.3.0.0-27.10-patch (x86_64) |
136 kB |
| Source-RPM |
ImageMagick-6.3.0.0-27.10.src.rpm |
|
Security Update!
ImageMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 30 Jun 2008 |
ImageMagick: Viewer and Converter for Images |
| RPM |
ImageMagick 6.3.0.0-27.10 (x86_64) |
3248 kB |
| Patch-RPM |
ImageMagick 6.3.0.0-27.10-patch (x86_64) |
1513 kB |
| Source-RPM |
ImageMagick-6.3.0.0-27.10.src.rpm |
|
Security Update!
ImageMagick is affected by two security problems:
CVE-2008-1096: Buffer overflow in the handling of XCF files
CVE-2008-1097: Heap buffer overflow in the handling of PCX files
|
| 27 Jun 2008 |
php5-zlib: PHP5 Extension Module |
| RPM |
php5-zlib 5.2.6-0.2 (x86_64) |
51 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-zip: PHP5 Extension Module |
| RPM |
php5-zip 5.2.6-0.2 (x86_64) |
67 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-xsl: PHP5 Extension Module |
| RPM |
php5-xsl 5.2.6-0.2 (x86_64) |
50 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-xmlwriter: PHP5 Extension Module |
| RPM |
php5-xmlwriter 5.2.6-0.2 (x86_64) |
48 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-xmlrpc: PHP5 Extension Module |
| RPM |
php5-xmlrpc 5.2.6-0.2 (x86_64) |
75 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-wddx: PHP5 Extension Module |
| RPM |
php5-wddx 5.2.6-0.2 (x86_64) |
52 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-xmlreader: PHP5 Extension Module |
| RPM |
php5-xmlreader 5.2.6-0.2 (x86_64) |
50 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-tokenizer: PHP5 Extension Module |
| RPM |
php5-tokenizer 5.2.6-0.2 (x86_64) |
45 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-tidy: PHP5 Extension Module |
| RPM |
php5-tidy 5.2.6-0.2 (x86_64) |
54 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-sysvsem: PHP5 Extension Module |
| RPM |
php5-sysvsem 5.2.6-0.2 (x86_64) |
42 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-sysvshm: PHP5 Extension Module |
| RPM |
php5-sysvshm 5.2.6-0.2 (x86_64) |
44 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-sqlite: PHP5 Extension Module |
| RPM |
php5-sqlite 5.2.6-0.2 (x86_64) |
73 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-suhosin: PHP5 Extension Module |
| RPM |
php5-suhosin 5.2.6-0.2 (x86_64) |
106 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-sysvmsg: PHP5 Extension Module |
| RPM |
php5-sysvmsg 5.2.6-0.2 (x86_64) |
44 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-soap: PHP5 Extension Module |
| RPM |
php5-soap 5.2.6-0.2 (x86_64) |
155 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-sockets: PHP5 Extension Module |
| RPM |
php5-sockets 5.2.6-0.2 (x86_64) |
54 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-readline: PHP5 readline extension |
| RPM |
php5-readline 5.2.6-0.2 (x86_64) |
44 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-snmp: PHP5 Extension Module |
| RPM |
php5-snmp 5.2.6-0.2 (x86_64) |
49 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-shmop: PHP5 Extension Module |
| RPM |
php5-shmop 5.2.6-0.2 (x86_64) |
43 kB |
| Source-RPM |
php5-5.2.6-0.2.src.rpm |
|
Security Update!
This update of php5 fixes:
- possible stack-based buffer overflow CVE-2008-2050
- incomplete escapeshellcmd() CVE-2008-2051
- printf() integer overflow CVE-2008-1384
- insecure GENERATE_SEED macro CVE-2008-2107
- timezone update for DST in Pakistan
|
| 27 Jun 2008 |
php5-pspell: PHP5 pspell extension |
| RPM |
php5-pspell 5.2.6-0.2 (x86_64) |
47 kB |