conga security, bug fix, and enhancement update

2012-03-01T00:00:00
ID ELSA-2012-0151
Type oraclelinux
Reporter Oracle
Modified 2012-03-01T00:00:00

Description

[0.12.2-51.0.1.el5] - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz [0.12.2-51] - Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability) - Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019) [0.12.2-45] - Fix bz751359 (Add luci support for fence_ipmilan's -L option) [0.12.2-44] - Fix bz577019 (CVE-2010-1104 zope: XSS on error page) [0.12.2-42] - Fix bz755935 (luci_admin man page is misleading) - Fix bz755941 (luci_admin restore is not consistent) [0.12.2-40] - Fix excluding busy nodes not working properly in luci internals. [0.12.2-38] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-37] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-36] - Bump version of the luci database. [0.12.2-35] - Fix bz739600 (conga allows erroneous characters in resource) - Fix bz734562 (Improve Luci's resource name validation) [0.12.2-34] - Fix bz709478 (Ricci fails to detect if host if virtual machine capable) - Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf) - Fix bz723188 (Luci does not allow to modify max_restarts and restart_expire_time for independent subtrees, only for non-critical resources) [0.12.2-33] - Fix bz732483 (Create new cluster fails with luci when installing packages.)