[El-errata] ELSA-2010-0490 Important: Enterprise Linux 5 cups security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Thu Jun 17 20:13:03 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0490
https://rhn.redhat.com/errata/RHSA-2010-0490.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
cups-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-lpd-1.3.7-18.el5_5.4.i386.rpm
x86_64:
cups-1.3.7-18.el5_5.4.x86_64.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.x86_64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.x86_64.rpm
cups-lpd-1.3.7-18.el5_5.4.x86_64.rpm
ia64:
cups-1.3.7-18.el5_5.4.ia64.rpm
cups-devel-1.3.7-18.el5_5.4.ia64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.ia64.rpm
cups-lpd-1.3.7-18.el5_5.4.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/cups-1.3.7-18.el5_5.4.src.rpm
Description of changes:
[1:1.3.7-18:.4]
- Don't set domain= for cookies.
[1:1.3.7-18:.3]
- Save classes.conf when a class member printer is
deleted (bug #594621, STR #3505).
[1:1.3.7-18:.2]
- Applied patch for CVE-2010-1748 (web interface memory disclosure,
STR #3577, bug #591983).
- Applied patch for CVE-2010-0542 (texttops unchecked memory
allocation failure leading to NULL pointer dereference, STR #3516,
bug #587746).
- Applied patch for CVE-2010-0540 (CUPS administrator web interface
CSRF, STR #3498, bug #588805).
[1:1.3.7-18:.1]
- Update classes when a printer is removed (bug #581902).
More information about the El-errata
mailing list