you certainly have heard about, probably also the successor

I wonder if Novell will publish a free version of a SLES10 SP4 fix: the relevant patches in are all locked and restricted to LTSS customers.

Furthermore I wonder when a patch for CVE-2014-7169 will be made available.

FreeBSD and Debian 7 are already done, but sounds not so promising:
"Please submit fixed packages until 2014-10-03"

Cheers, Thomas