[El-errata] ELSA-2010-0490 Important: Enterprise Linux 3 cups security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Thu Jun 17 20:13:25 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0490
https://rhn.redhat.com/errata/RHSA-2010-0490.html
The following updated rpms for Enterprise Linux 3 have been uploaded to
the Unbreakable Linux Network:
i386:
cups-1.1.17-13.3.65.i386.rpm
cups-devel-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
x86_64:
cups-1.1.17-13.3.65.x86_64.rpm
cups-devel-1.1.17-13.3.65.x86_64.rpm
cups-libs-1.1.17-13.3.65.i386.rpm
cups-libs-1.1.17-13.3.65.x86_64.rpm
SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/cups-1.1.17-13.3.65.src.rpm
Description of changes:
[1:1.1.17-13.3.65]
- Don't set domain= for cookies. Fixed template handling. Added
cookie handling in HTTP client code.
[1:1.1.17-13.3.64]
- Fixed CVE-2010-0540 patch to ensure all headers are sent before
content.
[1:1.1.17-13.3.63]
- Applied patch for CVE-2010-1748 (web interface memory disclosure,
STR #3577, bug #591983).
- Applied patch for CVE-2010-0542 (texttops unchecked memory
allocation failure leading to NULL pointer dereference, STR #3516,
bug #587746).
- Applied patch for CVE-2010-0540 (CUPS administrator web interface
CSRF, STR #3498, bug #588805).
More information about the El-errata
mailing list