What Are You Looking For?

Sign Up
Date:         Tue, 2 Mar 2010 13:59:36 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      FASTBUGS for SL 5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

The following FASTBUGS have been uploaded to



         i386:
coreutils-5.97-23.el5_4.2.i386.rpm
libXi-1.0.1-4.el5_4.i386.rpm
libXi-devel-1.0.1-4.el5_4.i386.rpm
openssh-4.3p2-36.el5_4.4.i386.rpm
openssh-askpass-4.3p2-36.el5_4.4.i386.rpm
openssh-clients-4.3p2-36.el5_4.4.i386.rpm
openssh-server-4.3p2-36.el5_4.4.i386.rpm
        x86_64:
coreutils-5.97-23.el5_4.2.x86_64.rpm
libXi-1.0.1-4.el5_4.i386.rpm
libXi-1.0.1-4.el5_4.x86_64.rpm
libXi-devel-1.0.1-4.el5_4.i386.rpm
libXi-devel-1.0.1-4.el5_4.x86_64.rpm
openssh-4.3p2-36.el5_4.4.x86_64.rpm
openssh-askpass-4.3p2-36.el5_4.4.x86_64.rpm
openssh-clients-4.3p2-36.el5_4.4.x86_64.rpm
openssh-server-4.3p2-36.el5_4.4.x86_64.rpm


-Connie Sieh
-Troy Dawson
Date:         Thu, 4 Mar 2010 13:11:23 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: cups on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: cups security update
Issue date:	2010-03-03
CVE Names:	CVE-2010-0302

CVE-2010-0302 cups Incomplete fix for CVE-2009-3553

It was discovered that the cups 1.3.7-11.el5_4.4 security update did not 
fully correct the use-after-free flaw in the way CUPS handled references 
in its file descriptors-handling interface. A remote attacker could send 
specially-crafted queries to the CUPS server, causing it to crash. 
(CVE-2010-0302)

After installing the update, the cupsd daemon will be restarted 
automatically.


SL 5.x

     SRPMS:
cups-1.3.7-11.el5_4.6.src.rpm
     i386:
cups-1.3.7-11.el5_4.6.i386.rpm
cups-devel-1.3.7-11.el5_4.6.i386.rpm
cups-libs-1.3.7-11.el5_4.6.i386.rpm
cups-lpd-1.3.7-11.el5_4.6.i386.rpm
     x86_64:
cups-1.3.7-11.el5_4.6.x86_64.rpm
cups-devel-1.3.7-11.el5_4.6.i386.rpm
cups-devel-1.3.7-11.el5_4.6.x86_64.rpm
cups-libs-1.3.7-11.el5_4.6.i386.rpm
cups-libs-1.3.7-11.el5_4.6.x86_64.rpm
cups-lpd-1.3.7-11.el5_4.6.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2010-0302 Moderate: cups SL5.x i386/x86_64

Moderate: cups security update

Summary

It was discovered that the cups 1.3.7-11.el5_4.4 security update did notfully correct the use-after-free flaw in the way CUPS handled referencesin its file descriptors-handling interface. A remote attacker could sendspecially-crafted queries to the CUPS server, causing it to crash.(CVE-2010-0302)After installing the update, the cupsd daemon will be restartedautomatically.SL 5.xSRPMS:cups-1.3.7-11.el5_4.6.src.rpmi386:cups-1.3.7-11.el5_4.6.i386.rpmcups-devel-1.3.7-11.el5_4.6.i386.rpmcups-libs-1.3.7-11.el5_4.6.i386.rpmcups-lpd-1.3.7-11.el5_4.6.i386.rpmx86_64:cups-1.3.7-11.el5_4.6.x86_64.rpmcups-devel-1.3.7-11.el5_4.6.i386.rpmcups-devel-1.3.7-11.el5_4.6.x86_64.rpmcups-libs-1.3.7-11.el5_4.6.i386.rpmcups-libs-1.3.7-11.el5_4.6.x86_64.rpmcups-lpd-1.3.7-11.el5_4.6.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity
Issued Date: : 2010-03-03
CVE Names: CVE-2010-0302
CVE-2010-0302 cups Incomplete fix for CVE-2009-3553

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo