release-notes.rpm Final release notes (GA) with many translations updated yast2-sudo.rpm This patch fixes the problem in yast2-sudo module. Using yast2-sudo to edit /etc/sudoers file may result in corrupt configuration, which makes kdesu defunct. jarnal.rpm Jarnal get installed, but does not start because of a crash while startup (b.n.c #223580). The desktop file miss a generic description, which get fixed (b.n.c #222484) . autoyast2-installation.rpm Handle patterns with autoyast autoyast2.rpm Handle patterns with autoyast yast2-trans-fi.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-ro.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-el.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-zh_TW.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-pl.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-zh_CN.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-hu.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-hr.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-pt.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-de.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-et.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-km.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW yast2-trans-nl.rpm YaST translation updates for the following languages: de el et fi hr hu km mr nl pl pt ro zh_CN zh_TW agfa-fonts.rpm Agfa-fonts is not under GPL. Proper license text added. horde.rpm This udpate fixes a cross site scripting bug (XSS) in horde (CVE-2007-1473). tomcat5-webapps.rpm Certain characters of the URL were not properly filtered. This allowed directory reverse traversal attacks to access the web-root of tomcat. (CVE-2007-0450) tomcat5.rpm Certain characters of the URL were not properly filtered. This allowed directory reverse traversal attacks to access the web-root of tomcat. (CVE-2007-0450) tomcat5-admin-webapps.rpm Certain characters of the URL were not properly filtered. This allowed directory reverse traversal attacks to access the web-root of tomcat. (CVE-2007-0450) phpMyAdmin.rpm Multiple bugs in phpMyAdmin could lead to cross-site-scripting (XSS) attacks, injection of Javascript code or to crashing the php interpreter. (CVE-2007-1325,PMASA-2007-1,PMASA-2007-2,PMASA-2007-3,PMASA-2007-4) qt3-devel-doc.rpm This update fixes a buffer overflow in qt3 while handling UTF8 characters. (CVE-2007-4137) apparmor-utils.rpm Fix for #325834 - profiles left in null-complain-profile after genprof run Fix for #237220 - logprof hangs during execution Fix for #237220 - german translation problems and missing shortcuts in command line tools squirrelmail.rpm This update contains a squirrelmail bugfix update, that fixes config files being overwritten. mono-basic.rpm This update fixes a buffer overflow in Mono's BigInteger implementation. derby.rpm Apache Derby did not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode. (CVE-2006-7217) This update also brings a new requirement of a Java 1.5 JRE. update-alternatives.rpm This update fixes a problem in update-alternatives which has switched Java modules from Auto to Manual on java online updates. phpPgAdmin.rpm Several flaws in phpPgAdmin could be exploited by remote attackers to perform cross site scripting (XSS) attacks (CVE-2007-2865, CVE-2007-5728). cacti.rpm This update fixes a SQL injection bug. (CVE-2007-6035) gnump3d.rpm This update fixes a restriction bypass in gnump3d's plugins. (CVE-2007-6130) samba-doc.rpm This update of samba fixes a buffer overflow in function send_mailslot() that allows to overwrite the stack with zero-bytes. (CVE-2007-6015) inst-source-utils.rpm - createpatch no also works in bash. - mk_changelog is added for YaST2 add-on creator moodle-et.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-is.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-gl.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-lv.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-sr.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-he.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-th.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-hi.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-fa.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-eu.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-hr.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-bs.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-tr.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-cs.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-fr.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-be.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-sl.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-fi.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-zh_cn.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-tl.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-mi_tn.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-sv.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-no.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-id.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-it.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ms.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ja.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ko.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ru.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ga.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-uk.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-pl.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ro.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-bg.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-da.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-hu.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-sq.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-nn.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-lt.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-es.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-pt.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-vi.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-so.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ar.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ka.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-kn.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-de.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-af.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-sk.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-nl.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-ca.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-km.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). moodle-el.rpm The install script of moodle is vulnerable to cross site scripting (XSS). This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to install moodle (CVE-2008-0123). geronimo-jetty-servlet-container.rpm A chown in the geronimo init script could change ownership of directories it did not own, due to following symlinks. The default setup would corrupt /var/tmp on start. geronimo.rpm A chown in the geronimo init script could change ownership of directories it did not own, due to following symlinks. The default setup would corrupt /var/tmp on start. geronimo-tomcat-servlet-container.rpm A chown in the geronimo init script could change ownership of directories it did not own, due to following symlinks. The default setup would corrupt /var/tmp on start.