[El-errata] ELSA-2010-0490 Important: Enterprise Linux 4 cups security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Thu Jun 17 20:13:14 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0490
https://rhn.redhat.com/errata/RHSA-2010-0490.html
The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:
i386:
cups-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.x86_64.rpm
ia64:
cups-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.6.ia64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/cups-1.1.22-0.rc1.9.32.el4_8.6.src.rpm
Description of changes:
[1:1.1.22-0.rc1.9.32:.6]
- Don't set domain= for cookies.
[1:1.1.22-0.rc1.9.32:.5]
- Fixed CVE-2010-0540 patch to ensure all headers are sent before
content.
[1:1.1.22-0.rc1.9.32:.4]
- Applied patch for CVE-2010-1748 (web interface memory disclosure,
STR #3577, bug #591983).
- Applied patch for CVE-2010-0542 (texttops unchecked memory
allocation failure leading to NULL pointer dereference, STR #3516,
bug #587746).
- Applied patch for CVE-2010-0540 (CUPS administrator web interface
CSRF, STR #3498, bug #588805).
More information about the El-errata
mailing list