[El-errata] ELSA-2007-1020 Important: Enterprise Linux 5 cups security and bug fix update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Wed Oct 31 17:23:17 PDT 2007


Enterprise Linux Security Advisory ELSA-2007-1020

https://rhn.redhat.com/errata/RHSA-2007-1020.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.2.4-11.14.el5_1.1.i386.rpm
cups-devel-1.2.4-11.14.el5_1.1.i386.rpm
cups-libs-1.2.4-11.14.el5_1.1.i386.rpm
cups-lpd-1.2.4-11.14.el5_1.1.i386.rpm

x86_64:
cups-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-devel-1.2.4-11.14.el5_1.1.i386.rpm
cups-devel-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-libs-1.2.4-11.14.el5_1.1.i386.rpm
cups-libs-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-lpd-1.2.4-11.14.el5_1.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/cups-1.2.4-11.14.el5_1.1.src.rpm

Description of changes:

[1.2.4-11.14.el5_1.1]
- Applied patch to fix CVE-2007-4351 (STR #2561, bug #353981).

[1.2.4-11.14]
- Applied patch to fix cupsd crash when failing to open a file: URI
  (STR #2351, bug #250415).

[1.2.4-11.13]
- Moved LSPP security attributes check before job creation (bug #231522).

[1.2.4-11.12]
- Moved LSPP access check before job creation (bug #231522).

[1.2.4-11.11]
- Better error checking in the LSPP patch (bug #231522).

[1.2.4-11.10]
- Applied patch to fix CVE-2007-3387 (bug #248223).

[1.2.4-11.9]
- Fixed IPv6 address parsing (bug #241400, STR #2117).
- Fixed a bug that caused cups-lpd not to set the correct value for
  job-originating-host-name (bug #240223, STR #2023).
- Cleaned up initscript error handling (bug #237953).
- Fixed cups-lpd -odocument-format=... option (bug #230073, STR #2266).
- Fixed If-Modified-Since: handling in libcups (bug #218764, STR #2133).
- Make the initscript use start priority 56 (bug #213828).

[1.2.4-11.8]
- Applied fix for STR #2264 (bug #230118).
- Added patch for UNIX domain sockets authentication (bug #230613).
- LSPP: Updated patch for line-wrapped labels (bug #228107).

[1.2.4-11.7]
- Don't reload CUPS after rotating the logs with logrotate, but make sure
  to use the new file in that case (bug #215024).

[1.2.4-11.6]
- LSPP: added check_context() function for get_jobs(), get_job_attrs() and
  validate_user() (bug #229673).
- Fixed a potential scheduler crash (bug #231522).





More information about the El-errata mailing list