Since I haven't seen any announcement or discussion here, "Novell Data
Synchronizer Mobility Pack 1.1.2, and earlier, has a vulnerability that,
in certain circumstances, could allow a user to gain unauthorized access
to other user accounts."

The following two security patches have been released for builds:

* 343 (1.1.1) @
* 428 (1.1.2) @

You need to use the security patch that matches your build.

See TID 7008690 for more information and installation instructions.

I'll ask about patches for earlier versions but I'm guessing that the
answer is to upgrade to either 343 or 428.

Novell Knowledge Partner (NKP)

Do you work with Novell technologies at a university, college or school?
If so, your campus could benefit from joining the Novell Technology
Transfer Partner (TTP) program. See for more details.