ELSA-2012-0151

ELSA-2012-0151 - conga security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2012-03-01

Description


[0.12.2-51.0.1.el5]
- Added conga-enterprise.patch
- Added conga-enterprise-Carthage.patch to support OEL5
- Replaced redhat logo image in conga-0.12.2.tar.gz

[0.12.2-51]
- Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability)
- Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019)

[0.12.2-45]
- Fix bz751359 (Add luci support for fence_ipmilan's -L option)

[0.12.2-44]
- Fix bz577019 (CVE-2010-1104 zope: XSS on error page)

[0.12.2-42]
- Fix bz755935 (luci_admin man page is misleading)
- Fix bz755941 (luci_admin restore is not consistent)

[0.12.2-40]
- Fix excluding busy nodes not working properly in luci internals.

[0.12.2-38]
- Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-37]
- Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-36]
- Bump version of the luci database.

[0.12.2-35]
- Fix bz739600 (conga allows erroneous characters in resource)
- Fix bz734562 (Improve Luci's resource name validation)

[0.12.2-34]
- Fix bz709478 (Ricci fails to detect if host if virtual machine capable)
- Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf)
- Fix bz723188 (Luci does not allow to modify __max_restarts and __restart_expire_time for independent subtrees, only for non-critical resources)

[0.12.2-33]
- Fix bz732483 (Create new cluster fails with luci when installing packages.)


Related CVEs


CVE-2010-1104
CVE-2011-1948

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) conga-0.12.2-51.0.1.el5.src.rpm03b1f90f109954a3946462d0d1260014ELSA-2014-1194
luci-0.12.2-51.0.1.el5.i386.rpm5a51e7dd704c9f3dda27275a2e131726ELSA-2014-1194
ricci-0.12.2-51.0.1.el5.i386.rpm03704a8a0f910272369396b4e3fba5c3ELSA-2014-1194
Oracle Linux 5 (ia64) conga-0.12.2-51.0.1.el5.src.rpm03b1f90f109954a3946462d0d1260014ELSA-2014-1194
luci-0.12.2-51.0.1.el5.ia64.rpm771c9b79d6df548b1187b91d2523ef92ELSA-2014-1194
ricci-0.12.2-51.0.1.el5.ia64.rpm5f32dad7ff657fbf28b95f13db109277ELSA-2014-1194
Oracle Linux 5 (x86_64) conga-0.12.2-51.0.1.el5.src.rpm03b1f90f109954a3946462d0d1260014ELSA-2014-1194
luci-0.12.2-51.0.1.el5.x86_64.rpmf7d337e76c478cf851dbc5c904db9342ELSA-2014-1194
ricci-0.12.2-51.0.1.el5.x86_64.rpm74454fc95db2dab60b43e250a4ec2be5ELSA-2014-1194



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete