Important: cups security update

ID ELSA-2008-0153
Type oraclelinux
Reporter Oracle
Modified 2008-02-25T00:00:00


[1.1.17-13.3.51] - Prevented invalid memory accesses when a class and its singleton printer are timed out in the same sweep (CVE-2008-0597, bug #433827).

[1.1.17-13.3.50] - Back-ported mimeDeleteType from 1.2.x (CVE-2008-0596, bug #433827).

[1.1.17-13.3.49] - Prevent double-free when a browsed class has the same name as a printer or vice versa (bug #433763, STR #2656).

[1.1.17-13.3.48] - Removed mandatory debugging output from cups-polld (bug #246545), which had been introduced by this change: - Backported cups-polld fixes (bug #205694). - Reverted previous change as no security impact (bug #418361).

[1.1.17-13.3.47] - Applied patch to fix CVE-2007-5848 (bug #418361).