Stay Connected:

ELSA-2013-0580

ELSA-2013-0580 - cups security update

Type:SECURITY
Severity:MODERATE
Release Date:2013-02-28

Description


[1:1.4.2-50:.4]
- Added BrowseLDAPCACertFile and PrintcapGUI to restricted options
list.

[1:1.4.2-50:.3]
- Fix for CVE-2012-5519 patch: handle blacklisted lines that have no
value part gracefully.

[1:1.4.2-50:.2]
- Added documentation for new CVE-2012-5519 option.

[1:1.4.2-50:.1]
- Applied patch to fix CVE-2012-5519 (privilege escalation for users
in SystemGroup or with equivalent polkit permission). This prevents
HTTP PUT requests with paths under /admin/conf/ other than that for
cupsd.conf, and also prevents such requests altering certain
configuration directives such as PageLog and FileDevice (bug #875898).

[1:1.4.2-50]
- Fixed LDAP browsing issues (bug #870386).

[1:1.4.2-49]
- Avoid 'forbidden' error when moving job between queues via web UI
(bug #834445).


Related CVEs


CVE-2012-5519

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) cups-1.3.7-30.el5_9.3.src.rpm49e2ea46543e8f464549d8760b8db162ELBA-2015-0064
cups-1.3.7-30.el5_9.3.i386.rpm42d3820d083d954b541c04e8f5cc030bELBA-2015-0064
cups-devel-1.3.7-30.el5_9.3.i386.rpm9f08568b3ee43d5a8d99c024ecec9c1eELBA-2015-0064
cups-libs-1.3.7-30.el5_9.3.i386.rpmdfdfc2dcec1cb84cb56c8ed28787966aELBA-2015-0064
cups-lpd-1.3.7-30.el5_9.3.i386.rpmc396b404155e47125e63e8779f1a6075ELBA-2015-0064
Oracle Linux 5 (ia64) cups-1.3.7-30.el5_9.3.src.rpm49e2ea46543e8f464549d8760b8db162ELBA-2015-0064
cups-1.3.7-30.el5_9.3.ia64.rpm5032b885bcacaf373520a7c466a021deELBA-2015-0064
cups-devel-1.3.7-30.el5_9.3.ia64.rpm35005ab655bc14249fcbb3a07dd9d61cELBA-2015-0064
cups-libs-1.3.7-30.el5_9.3.i386.rpmdfdfc2dcec1cb84cb56c8ed28787966aELBA-2015-0064
cups-libs-1.3.7-30.el5_9.3.ia64.rpm9cb16718d6af6e95c83daed380184a69ELBA-2015-0064
cups-lpd-1.3.7-30.el5_9.3.ia64.rpmd7f7824747165140b464f79737488827ELBA-2015-0064
Oracle Linux 5 (x86_64) cups-1.3.7-30.el5_9.3.src.rpm49e2ea46543e8f464549d8760b8db162ELBA-2015-0064
cups-1.3.7-30.el5_9.3.x86_64.rpmccf84a96d0b44993afb504597db31ed9ELBA-2015-0064
cups-devel-1.3.7-30.el5_9.3.i386.rpm9f08568b3ee43d5a8d99c024ecec9c1eELBA-2015-0064
cups-devel-1.3.7-30.el5_9.3.x86_64.rpm23025f461d05fe7aca078cfcd3a7cc45ELBA-2015-0064
cups-libs-1.3.7-30.el5_9.3.i386.rpmdfdfc2dcec1cb84cb56c8ed28787966aELBA-2015-0064
cups-libs-1.3.7-30.el5_9.3.x86_64.rpm0f44c6b44e242596e866377fde6759b6ELBA-2015-0064
cups-lpd-1.3.7-30.el5_9.3.x86_64.rpma3b726a97acffa3c6f12d98733a0fe29ELBA-2015-0064
Oracle Linux 6 (i386) cups-1.4.2-50.el6_4.4.src.rpmc12ece35502a3a54abe349d42d52afb4ELBA-2019-0716
cups-1.4.2-50.el6_4.4.i686.rpme26bac8d31d59e66261469f3a45c8768ELBA-2019-0716
cups-devel-1.4.2-50.el6_4.4.i686.rpm7cf03f9c1313337cb37af6a2c9596e71ELBA-2019-0716
cups-libs-1.4.2-50.el6_4.4.i686.rpm1e5fbc9975581acc1139a793938f0291ELBA-2019-0716
cups-lpd-1.4.2-50.el6_4.4.i686.rpm5efae095b081364df5099ecc4138e5a5ELBA-2019-0716
cups-php-1.4.2-50.el6_4.4.i686.rpm21007464907a6134cd167c8482960e26ELBA-2019-0716
Oracle Linux 6 (x86_64) cups-1.4.2-50.el6_4.4.src.rpmc12ece35502a3a54abe349d42d52afb4ELBA-2019-0716
cups-1.4.2-50.el6_4.4.x86_64.rpmf42d4cdf02c0e07f99fb43d965ff7172ELBA-2019-0716
cups-devel-1.4.2-50.el6_4.4.i686.rpm7cf03f9c1313337cb37af6a2c9596e71ELBA-2019-0716
cups-devel-1.4.2-50.el6_4.4.x86_64.rpm5480b34eda21900b131f9f75f3f4a840ELBA-2019-0716
cups-libs-1.4.2-50.el6_4.4.i686.rpm1e5fbc9975581acc1139a793938f0291ELBA-2019-0716
cups-libs-1.4.2-50.el6_4.4.x86_64.rpma8c97ccc9f77742740ebb8cc2afee13eELBA-2019-0716
cups-lpd-1.4.2-50.el6_4.4.x86_64.rpmf2be33813266144026a612e7096ac1b3ELBA-2019-0716
cups-php-1.4.2-50.el6_4.4.x86_64.rpm35baa3b435fd7c7ecd045f228f60f943ELBA-2019-0716



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights