[El-errata] ELSA-2010-0754 Important: Enterprise Linux 3 cups security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu Oct 7 16:15:20 PDT 2010


Enterprise Linux Security Advisory ELSA-2010-0754

https://rhn.redhat.com/errata/RHSA-2010-0754.html

The following updated rpms for Enterprise Linux 3 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.1.17-13.3.70.i386.rpm
cups-devel-1.1.17-13.3.70.i386.rpm
cups-libs-1.1.17-13.3.70.i386.rpm

x86_64:
cups-1.1.17-13.3.70.x86_64.rpm
cups-devel-1.1.17-13.3.70.x86_64.rpm
cups-libs-1.1.17-13.3.70.i386.rpm
cups-libs-1.1.17-13.3.70.x86_64.rpm


SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/cups-1.1.17-13.3.70.src.rpm


Description of changes:


[1:1.1.17-13.3.70]
- Reinstated fix for CVE-2010-3702 (bug #595245).

[1:1.1.17-13.3.69]
- Temporarily removed fix for CVE-2010-3702.

[1:1.1.17-13.3.68]
- Added bounds checking to Type1CFontFile::getWord() in order to
  verify fix for CVE-2010-3702.
- Applied small fix to CVE-2009-0791 change: allow objSize=0 in
  gmallocCn() if C > 0.  As well as being correct, this aids with
  testing the fix for CVE-2010-3702.

[1:1.1.17-13.3.67]
- Applied upstream patch to fix uninitialized Gfx::parser pointer
  dereference (bug #595245).





More information about the El-errata mailing list