[El-errata] ELSA-2011-0953 Moderate: Oracle Linux 6 system-config-firewall security update

Tue Jul 19 09:30:45 PDT 2011

Oracle Linux Security Advisory ELSA-2011-0953

https://rhn.redhat.com/errata/RHSA-2011-0953.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
system-config-firewall-1.2.27-3.el6_1.3.noarch.rpm
system-config-firewall-base-1.2.27-3.el6_1.3.noarch.rpm
system-config-firewall-tui-1.2.27-3.el6_1.3.noarch.rpm
system-config-printer-1.1.16-17.el6_1.2.i686.rpm
system-config-printer-libs-1.1.16-17.el6_1.2.i686.rpm
system-config-printer-udev-1.1.16-17.el6_1.2.i686.rpm

x86_64:
system-config-firewall-1.2.27-3.el6_1.3.noarch.rpm
system-config-firewall-base-1.2.27-3.el6_1.3.noarch.rpm
system-config-firewall-tui-1.2.27-3.el6_1.3.noarch.rpm
system-config-printer-1.1.16-17.el6_1.2.x86_64.rpm
system-config-printer-libs-1.1.16-17.el6_1.2.x86_64.rpm
system-config-printer-udev-1.1.16-17.el6_1.2.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/system-config-firewall-1.2.27-3.el6_1.3.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/system-config-printer-1.1.16-17.el6_1.2.src.rpm

Description of changes:

system-config-firewall:

[1.2.27-3.3]
- fixed possible privilege escalation flaw via use of python pickle
   (CVE-2011-2520), replaced pickle by json (rhbz#717985)
- stop D-BUS firewall mechanism on update

system-config-printer:

[1.1.16-17:.2]
- Build pycups with -fno-strict-aliasing compiler option to avoid
   compiler warnings.

[1.1.16-17:.1]
- Adapted to system-config-firewall API change (bug #717985, CVE-2011-2520).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/el-errata/attachments/20110719/98394a48/attachment.html 