ELSA-2014-1194

ELSA-2014-1194 - conga security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2014-09-17

Description


[0.12.2-81.0.2.el5]
- Replaced redhat logo image in Data.fs

[0.12.2-81.0.1.el5]
- Added conga-enterprise-Carthage.patch to support OEL5
- Replaced redhat logo image in conga-0.12.2.tar.gz

[0.12.2-81]
- luci: prevent non-admin user from unauthorized executive access
Resolves: rhbz#1089310

[0.12.2-79]
- luci: drop unsuccessful monkey patch application wrt. Plone 20121106 advisory
Related: rhbz#956861

[0.12.2-78]
- luci: reflect startup_wait parameter added in postgres-8 RA
Resolves: rhbz#1065263
- luci: Multiple information leak flaws in various luci site extensions
Resolves: rhbz#1076148

[0.12.2-72]
- luci: fix mishandling of distro release string
Resolves: rhbz#1072075
- luci: fix initscript does not check return values correctly
Resolves: rhbz#970288
- ricci: fix end-use modules do not handle stdin polling correctly
Resolves: rhbz#1076711

[0.12.2-69]
- luci: apply relevant parts of Plone 20121106 advisory (multiple vectors)
Resolves: rhbz#956861


Related CVEs


CVE-2012-5498
CVE-2012-5499
CVE-2012-5500
CVE-2013-6496
CVE-2014-3521
CVE-2012-5485
CVE-2012-5486
CVE-2012-5488
CVE-2012-5497

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) conga-0.12.2-81.0.2.el5.src.rpm5723a1992549b20382a213b661ed01d3-
luci-0.12.2-81.0.2.el5.i386.rpm7043656ec37ddc5b1f1ac95fb08ee3cf-
ricci-0.12.2-81.0.2.el5.i386.rpm0121d7c4930179666690e031668b0d6c-
Oracle Linux 5 (ia64) conga-0.12.2-81.0.2.el5.src.rpm5723a1992549b20382a213b661ed01d3-
luci-0.12.2-81.0.2.el5.ia64.rpmb8312da1decde95722f47d051f88c9b3-
ricci-0.12.2-81.0.2.el5.ia64.rpm9f512509ca941d2082b5ed0e56b359bb-
Oracle Linux 5 (x86_64) conga-0.12.2-81.0.2.el5.src.rpm5723a1992549b20382a213b661ed01d3-
luci-0.12.2-81.0.2.el5.x86_64.rpmc00ef9808504d6e9ad2c2c59d44b7450-
ricci-0.12.2-81.0.2.el5.x86_64.rpmf4247d63d978155eb18a7338d31b6f04-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete