[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15

updates at fedoraproject.org updates at fedoraproject.org
Fri Aug 26 19:12:30 UTC 2011


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-11197
2011-08-19 21:17:08
--------------------------------------------------------------------------------

Name        : cups
Product     : Fedora 15
Version     : 1.4.8
Release     : 2.fc15
URL         : http://www.cups.org/
Summary     : Common Unix Printing System
Description :
The Common UNIX Printing System provides a portable printing layer for
UNIX® operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.

--------------------------------------------------------------------------------
Update Information:

This update avoids a GIF reader loop (CVE-2011-2896).
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 19 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.8-2
- Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
* Tue Jul 26 2011 Jiri Popelka <jpopelka at redhat.com> 1:1.4.8-1
- 1.4.8
* Wed Jul 20 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-9
- Don't delete job data files when restarted (STR #3880).
* Fri Jul 15 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-8
- Ship an rpm macro for where to put driver executables.
* Wed Jul 13 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-7
- Avoid busy loop in cups-polld (bug #720921).
* Thu Jul  7 2011 Jiri Popelka <jpopelka at redhat.com> 1:1.4.7-6
- Fix SNMP supply level crasher (STR #3875, bug #719057).
* Thu Jul  7 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-5
- Undo last change which had no effect.  We already remove the .SILENT
  target from the Makefile as part of the build.
* Thu Jul  7 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-4
- Make build log verbose enough to include compiler flags used.
* Wed Jun 29 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-3
- Tag localization files correctly (bug #716421).
* Tue Jun 28 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.7-2
- Updated avahi patches.
* Tue Jun 28 2011 Jiri Popelka <jpopelka at redhat.com> 1:1.4.7-1
- 1.4.7.
* Fri Jun  3 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.6-20
- Use correct port number when publishing services through Avahi
  (Ubuntu #792309).
* Fri Jun  3 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.6-19
- Don't crash when unable to connect to D-Bus.
* Fri Jun  3 2011 Jiri Popelka <jpopelka at redhat.com> 1:1.4.6-18
- Set the default RIPCache to 128m (STR #3535, bug #549901).
* Wed May 18 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.6-17
- Package parallel port printer device nodes (bug #678804).
* Tue May 17 2011 Richard Hughes <rhughes at redhat.com> 1:1.4.6-16
- Updated colord patch from upstream review.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=727800
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update cups' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list