User: Password:
Subscribe / Log in / New account

Oracle alert ELSA-2013-0580 (cups)

From:  Errata Announcements for Oracle Linux <>
Subject:  [El-errata] ELSA-2013-0580 Moderate: Oracle Linux 6 cups security update
Date:  Thu, 28 Feb 2013 19:01:10 -0800
Message-ID:  <>
Archive-link:  Article, Thread

Oracle Linux Security Advisory ELSA-2013-0580 The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: cups-1.4.2-50.el6_4.4.i686.rpm cups-devel-1.4.2-50.el6_4.4.i686.rpm cups-libs-1.4.2-50.el6_4.4.i686.rpm cups-lpd-1.4.2-50.el6_4.4.i686.rpm cups-php-1.4.2-50.el6_4.4.i686.rpm x86_64: cups-1.4.2-50.el6_4.4.x86_64.rpm cups-devel-1.4.2-50.el6_4.4.i686.rpm cups-devel-1.4.2-50.el6_4.4.x86_64.rpm cups-libs-1.4.2-50.el6_4.4.i686.rpm cups-libs-1.4.2-50.el6_4.4.x86_64.rpm cups-lpd-1.4.2-50.el6_4.4.x86_64.rpm cups-php-1.4.2-50.el6_4.4.x86_64.rpm SRPMS: Description of changes: [1:1.4.2-50:.4] - Added BrowseLDAPCACertFile and PrintcapGUI to restricted options list. [1:1.4.2-50:.3] - Fix for CVE-2012-5519 patch: handle blacklisted lines that have no value part gracefully. [1:1.4.2-50:.2] - Added documentation for new CVE-2012-5519 option. [1:1.4.2-50:.1] - Applied patch to fix CVE-2012-5519 (privilege escalation for users in SystemGroup or with equivalent polkit permission). This prevents HTTP PUT requests with paths under /admin/conf/ other than that for cupsd.conf, and also prevents such requests altering certain configuration directives such as PageLog and FileDevice (bug #875898). [1:1.4.2-50] - Fixed LDAP browsing issues (bug #870386). [1:1.4.2-49] - Avoid "forbidden" error when moving job between queues via web UI _______________________________________________ El-errata mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds