User: Password:
|
|
Subscribe / Log in / New account

Scientific Linux alert SL-syst-20110823 (system-config-printer)

From:  Troy Dawson <dawson@fnal.gov>
To:  "scientific-linux-errata@fnal.gov" <scientific-linux-errata@fnal.gov>
Subject:  Security ERRATA Moderate: system-config-printer on SL4.x, SL5.x i386/x86_64
Date:  Tue, 23 Aug 2011 12:22:17 -0500
Message-ID:  <4E53E1C9.8070300@fnal.gov>
Archive-link:  Article, Thread

Synopsis: Moderate: system-config-printer security update Issue Date: 2011-08-23 CVE Numbers: CVE-2011-2899 system-config-printer is a print queue configuration tool with a graphical user interface. It was found that system-config-printer did not properly sanitize NetBIOS and workgroup names when searching for network printers. A remote attacker could use this flaw to execute arbitrary code with the privileges of the user running system-config-printer. (CVE-2011-2899) All users of system-config-printer are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Running instances of system-config-printer must be restarted for this update to take effect. SL4: i386 system-config-printer-0.6.116.10-1.6.el4.i386.rpm system-config-printer-gui-0.6.116.10-1.6.el4.i386.rpm x86_64 system-config-printer-0.6.116.10-1.6.el4.x86_64.rpm system-config-printer-gui-0.6.116.10-1.6.el4.x86_64.rpm SL5: i386 system-config-printer-0.7.32.10-1.el5_7.1.i386.rpm system-config-printer-libs-0.7.32.10-1.el5_7.1.i386.rpm x86_64 system-config-printer-0.7.32.10-1.el5_7.1.x86_64.rpm system-config-printer-libs-0.7.32.10-1.el5_7.1.x86_64.rpm - Scientific Linux Development Team


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds