[El-errata] ELSA-2008-0161 Important: Enterprise Linux 4 cups security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Mon Feb 25 15:10:35 PST 2008


Enterprise Linux Security Advisory ELSA-2008-0161

https://rhn.redhat.com/errata/RHSA-2008-0161.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-devel-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm

x86_64:
cups-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/cups-1.1.22-0.rc1.9.20.2.el4_6.5.src.rpm

Description of changes:

[1.1.22-0.rc1.9.20.2:.5]
- Prevented invalid memory accesses when a class and its singleton printer
  are timed out in the same sweep (CVE-2008-0597, bug #433828).
- Back-ported mimeDeleteType from 1.2.x (CVE-2008-0596, bug #433828).

[1.1.22-0.rc1.9.20.2:.4]
- Prevent double-free when a browsed class has the same name as a printer
  or vice versa (bug #433764, STR #2656).
- Reverted previous change as no security impact (bug #418371).

[1.1.22-0.rc1.9.20.2:.3]
- Applied patch to fix CVE-2007-5848 (bug #418371).



More information about the El-errata mailing list