[El-errata] ELSA-2008-0153 Important: Enterprise Linux 3 cups security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Mon Feb 25 15:09:55 PST 2008


Enterprise Linux Security Advisory ELSA-2008-0153

https://rhn.redhat.com/errata/RHSA-2008-0153.html

The following updated rpms for Enterprise Linux 3 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.1.17-13.3.51.i386.rpm
cups-devel-1.1.17-13.3.51.i386.rpm
cups-libs-1.1.17-13.3.51.i386.rpm

x86_64:
cups-1.1.17-13.3.51.x86_64.rpm
cups-devel-1.1.17-13.3.51.x86_64.rpm
cups-libs-1.1.17-13.3.51.i386.rpm
cups-libs-1.1.17-13.3.51.x86_64.rpm


SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/cups-1.1.17-13.3.51.src.rpm

Description of changes:

[1.1.17-13.3.51]
- Prevented invalid memory accesses when a class and its singleton printer
  are timed out in the same sweep (CVE-2008-0597, bug #433827).

[1.1.17-13.3.50]
- Back-ported mimeDeleteType from 1.2.x (CVE-2008-0596, bug #433827).

[1.1.17-13.3.49]
- Prevent double-free when a browsed class has the same name as a printer
  or vice versa (bug #433763, STR #2656).

[1.1.17-13.3.48]
- Removed mandatory debugging output from cups-polld (bug #246545), 
which had
  been introduced by this change:
  - Backported cups-polld fixes (bug #205694).
- Reverted previous change as no security impact (bug #418361).

[1.1.17-13.3.47]
- Applied patch to fix CVE-2007-5848 (bug #418361).





More information about the El-errata mailing list