[El-errata] ELSA-2010-0490 Important: Enterprise Linux 5 cups security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu Jun 17 20:13:03 PDT 2010


Enterprise Linux Security Advisory ELSA-2010-0490

https://rhn.redhat.com/errata/RHSA-2010-0490.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-lpd-1.3.7-18.el5_5.4.i386.rpm

x86_64:
cups-1.3.7-18.el5_5.4.x86_64.rpm
cups-devel-1.3.7-18.el5_5.4.i386.rpm
cups-devel-1.3.7-18.el5_5.4.x86_64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.x86_64.rpm
cups-lpd-1.3.7-18.el5_5.4.x86_64.rpm

ia64:
cups-1.3.7-18.el5_5.4.ia64.rpm
cups-devel-1.3.7-18.el5_5.4.ia64.rpm
cups-libs-1.3.7-18.el5_5.4.i386.rpm
cups-libs-1.3.7-18.el5_5.4.ia64.rpm
cups-lpd-1.3.7-18.el5_5.4.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/cups-1.3.7-18.el5_5.4.src.rpm


Description of changes:


[1:1.3.7-18:.4]
- Don't set domain= for cookies.

[1:1.3.7-18:.3]
- Save classes.conf when a class member printer is
  deleted (bug #594621, STR #3505).

[1:1.3.7-18:.2]
- Applied patch for CVE-2010-1748 (web interface memory disclosure,
  STR #3577, bug #591983).
- Applied patch for CVE-2010-0542 (texttops unchecked memory
  allocation failure leading to NULL pointer dereference, STR #3516,
  bug #587746).
- Applied patch for CVE-2010-0540 (CUPS administrator web interface
  CSRF, STR #3498, bug #588805).

[1:1.3.7-18:.1]
- Update classes when a printer is removed (bug #581902).






More information about the El-errata mailing list