Stay Connected:

ELSA-2012-0151

ELSA-2012-0151 - conga security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2012-03-01

Description


[0.12.2-51.0.1.el5]
- Added conga-enterprise.patch
- Added conga-enterprise-Carthage.patch to support OEL5
- Replaced redhat logo image in conga-0.12.2.tar.gz

[0.12.2-51]
- Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability)
- Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019)

[0.12.2-45]
- Fix bz751359 (Add luci support for fence_ipmilan's -L option)

[0.12.2-44]
- Fix bz577019 (CVE-2010-1104 zope: XSS on error page)

[0.12.2-42]
- Fix bz755935 (luci_admin man page is misleading)
- Fix bz755941 (luci_admin restore is not consistent)

[0.12.2-40]
- Fix excluding busy nodes not working properly in luci internals.

[0.12.2-38]
- Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-37]
- Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-36]
- Bump version of the luci database.

[0.12.2-35]
- Fix bz739600 (conga allows erroneous characters in resource)
- Fix bz734562 (Improve Luci's resource name validation)

[0.12.2-34]
- Fix bz709478 (Ricci fails to detect if host if virtual machine capable)
- Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf)
- Fix bz723188 (Luci does not allow to modify __max_restarts and __restart_expire_time for independent subtrees, only for non-critical resources)

[0.12.2-33]
- Fix bz732483 (Create new cluster fails with luci when installing packages.)


Related CVEs


CVE-2010-1104
CVE-2011-1948

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_i386_latest
conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_u8_i386_base
luci-0.12.2-51.0.1.el5.i386.rpm71454354ff67f621ad6066e451b0f77ecaf42ef720d16cd94bc4638c7547a807ELSA-2014-1194ol5_i386_latest
luci-0.12.2-51.0.1.el5.i386.rpm71454354ff67f621ad6066e451b0f77ecaf42ef720d16cd94bc4638c7547a807ELSA-2014-1194ol5_u8_i386_base
ricci-0.12.2-51.0.1.el5.i386.rpmf5d7bcd60ec4e3dfe17f7e08653f4e91c02c82d6738edba6f6fc95cd548e966dELSA-2014-1194ol5_i386_latest
ricci-0.12.2-51.0.1.el5.i386.rpmf5d7bcd60ec4e3dfe17f7e08653f4e91c02c82d6738edba6f6fc95cd548e966dELSA-2014-1194ol5_u8_i386_base
Oracle Linux 5 (ia64) conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_ia64_latest
conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_u8_ia64_base
luci-0.12.2-51.0.1.el5.ia64.rpm09f19835e0e40c416e33c813ec5c052182617658c245021c9f7c582fd97f7d55ELSA-2014-1194ol5_ia64_latest
luci-0.12.2-51.0.1.el5.ia64.rpm09f19835e0e40c416e33c813ec5c052182617658c245021c9f7c582fd97f7d55ELSA-2014-1194ol5_u8_ia64_base
ricci-0.12.2-51.0.1.el5.ia64.rpmb1e14b192741180b86fd44296515a7719f908ac1df84d339944169f63f47da81ELSA-2014-1194ol5_ia64_latest
ricci-0.12.2-51.0.1.el5.ia64.rpmb1e14b192741180b86fd44296515a7719f908ac1df84d339944169f63f47da81ELSA-2014-1194ol5_u8_ia64_base
Oracle Linux 5 (x86_64) conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_u8_x86_64_base
conga-0.12.2-51.0.1.el5.src.rpm19cfd27cb7f2236979c82b6649d39c75b461eb3c8addcf0487b91b57b3f6ecf1ELSA-2014-1194ol5_x86_64_latest
luci-0.12.2-51.0.1.el5.x86_64.rpm94942d0ebbd87e1327ae96a9d7dde98a8e03ca17f25bbeb4635ca59dc1e51969ELSA-2014-1194ol5_u8_x86_64_base
luci-0.12.2-51.0.1.el5.x86_64.rpm94942d0ebbd87e1327ae96a9d7dde98a8e03ca17f25bbeb4635ca59dc1e51969ELSA-2014-1194ol5_x86_64_latest
ricci-0.12.2-51.0.1.el5.x86_64.rpm299d7e98622325213b2525365b9aa2406ad26a74fa98048e6f4e856bff61d089ELSA-2014-1194ol5_u8_x86_64_base
ricci-0.12.2-51.0.1.el5.x86_64.rpm299d7e98622325213b2525365b9aa2406ad26a74fa98048e6f4e856bff61d089ELSA-2014-1194ol5_x86_64_latest



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights