[El-errata] ELSA-2007-1020 Important: Enterprise Linux 5 cups security and bug fix update
el-errata at oss.oracle.com
el-errata at oss.oracle.com
Wed Oct 31 17:23:17 PDT 2007
Enterprise Linux Security Advisory ELSA-2007-1020
https://rhn.redhat.com/errata/RHSA-2007-1020.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
cups-1.2.4-11.14.el5_1.1.i386.rpm
cups-devel-1.2.4-11.14.el5_1.1.i386.rpm
cups-libs-1.2.4-11.14.el5_1.1.i386.rpm
cups-lpd-1.2.4-11.14.el5_1.1.i386.rpm
x86_64:
cups-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-devel-1.2.4-11.14.el5_1.1.i386.rpm
cups-devel-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-libs-1.2.4-11.14.el5_1.1.i386.rpm
cups-libs-1.2.4-11.14.el5_1.1.x86_64.rpm
cups-lpd-1.2.4-11.14.el5_1.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/cups-1.2.4-11.14.el5_1.1.src.rpm
Description of changes:
[1.2.4-11.14.el5_1.1]
- Applied patch to fix CVE-2007-4351 (STR #2561, bug #353981).
[1.2.4-11.14]
- Applied patch to fix cupsd crash when failing to open a file: URI
(STR #2351, bug #250415).
[1.2.4-11.13]
- Moved LSPP security attributes check before job creation (bug #231522).
[1.2.4-11.12]
- Moved LSPP access check before job creation (bug #231522).
[1.2.4-11.11]
- Better error checking in the LSPP patch (bug #231522).
[1.2.4-11.10]
- Applied patch to fix CVE-2007-3387 (bug #248223).
[1.2.4-11.9]
- Fixed IPv6 address parsing (bug #241400, STR #2117).
- Fixed a bug that caused cups-lpd not to set the correct value for
job-originating-host-name (bug #240223, STR #2023).
- Cleaned up initscript error handling (bug #237953).
- Fixed cups-lpd -odocument-format=... option (bug #230073, STR #2266).
- Fixed If-Modified-Since: handling in libcups (bug #218764, STR #2133).
- Make the initscript use start priority 56 (bug #213828).
[1.2.4-11.8]
- Applied fix for STR #2264 (bug #230118).
- Added patch for UNIX domain sockets authentication (bug #230613).
- LSPP: Updated patch for line-wrapped labels (bug #228107).
[1.2.4-11.7]
- Don't reload CUPS after rotating the logs with logrotate, but make sure
to use the new file in that case (bug #215024).
[1.2.4-11.6]
- LSPP: added check_context() function for get_jobs(), get_job_attrs() and
validate_user() (bug #229673).
- Fixed a potential scheduler crash (bug #231522).
More information about the El-errata
mailing list