| |||||||||||||||||||
Oracle alert ELSA-2013-0580 (cups)
Oracle Linux Security Advisory ELSA-2013-0580 https://rhn.redhat.com/errata/RHSA-2013-0580.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: cups-1.4.2-50.el6_4.4.i686.rpm cups-devel-1.4.2-50.el6_4.4.i686.rpm cups-libs-1.4.2-50.el6_4.4.i686.rpm cups-lpd-1.4.2-50.el6_4.4.i686.rpm cups-php-1.4.2-50.el6_4.4.i686.rpm x86_64: cups-1.4.2-50.el6_4.4.x86_64.rpm cups-devel-1.4.2-50.el6_4.4.i686.rpm cups-devel-1.4.2-50.el6_4.4.x86_64.rpm cups-libs-1.4.2-50.el6_4.4.i686.rpm cups-libs-1.4.2-50.el6_4.4.x86_64.rpm cups-lpd-1.4.2-50.el6_4.4.x86_64.rpm cups-php-1.4.2-50.el6_4.4.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/cups-1.4.2-50.el6... Description of changes: [1:1.4.2-50:.4] - Added BrowseLDAPCACertFile and PrintcapGUI to restricted options list. [1:1.4.2-50:.3] - Fix for CVE-2012-5519 patch: handle blacklisted lines that have no value part gracefully. [1:1.4.2-50:.2] - Added documentation for new CVE-2012-5519 option. [1:1.4.2-50:.1] - Applied patch to fix CVE-2012-5519 (privilege escalation for users in SystemGroup or with equivalent polkit permission). This prevents HTTP PUT requests with paths under /admin/conf/ other than that for cupsd.conf, and also prevents such requests altering certain configuration directives such as PageLog and FileDevice (bug #875898). [1:1.4.2-50] - Fixed LDAP browsing issues (bug #870386). [1:1.4.2-49] - Avoid "forbidden" error when moving job between queues via web UI _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata (Log in to post comments)
|
|||||||||||||||||||