[El-errata] ELSA-2010-0755 Important: Enterprise Linux 4 cups security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu Oct 7 16:15:27 PDT 2010


Enterprise Linux Security Advisory ELSA-2010-0755

https://rhn.redhat.com/errata/RHSA-2010-0755.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm

x86_64:
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm

ia64:
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm


Description of changes:


[1:1.1.22-0.rc1.9.32:.10]
- Applied small fix to CVE-2009-0791 change: allow objSize=0 in
  gmallocCn() if C > 0.  As well as being correct, this aids with
  testing the fix for CVE-2009-3609.

[1:1.1.22-0.rc1.9.32:.9]
- Back-ported upstream patch to fix integer overflow in pdftops
  ImageStream (CVE-2009-3609, bug #526893).

[1:1.1.22-0.rc1.9.32:.7]
- Applied upstream patch to fix uninitialized Gfx::parser pointer
  dereference (CVE-2010-3702, bug #595245).





More information about the El-errata mailing list