[El-errata] ELSA-2010-0754 Important: Enterprise Linux 3 cups security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Thu Oct 7 16:15:20 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0754
https://rhn.redhat.com/errata/RHSA-2010-0754.html
The following updated rpms for Enterprise Linux 3 have been uploaded to
the Unbreakable Linux Network:
i386:
cups-1.1.17-13.3.70.i386.rpm
cups-devel-1.1.17-13.3.70.i386.rpm
cups-libs-1.1.17-13.3.70.i386.rpm
x86_64:
cups-1.1.17-13.3.70.x86_64.rpm
cups-devel-1.1.17-13.3.70.x86_64.rpm
cups-libs-1.1.17-13.3.70.i386.rpm
cups-libs-1.1.17-13.3.70.x86_64.rpm
SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/cups-1.1.17-13.3.70.src.rpm
Description of changes:
[1:1.1.17-13.3.70]
- Reinstated fix for CVE-2010-3702 (bug #595245).
[1:1.1.17-13.3.69]
- Temporarily removed fix for CVE-2010-3702.
[1:1.1.17-13.3.68]
- Added bounds checking to Type1CFontFile::getWord() in order to
verify fix for CVE-2010-3702.
- Applied small fix to CVE-2009-0791 change: allow objSize=0 in
gmallocCn() if C > 0. As well as being correct, this aids with
testing the fix for CVE-2010-3702.
[1:1.1.17-13.3.67]
- Applied upstream patch to fix uninitialized Gfx::parser pointer
dereference (bug #595245).
More information about the El-errata
mailing list