English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 105790 CVE descriptions
and 56160 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-9575
2011-07-22 19:08:05
--------------------------------------------------------------------------------

Name        : foomatic
Product     : Fedora 14
Version     : 4.0.7
Release     : 2.fc14
URL         : http://www.linuxprinting.org
Summary     : Tools for using the foomatic database of printers and printer drivers
Description :
Foomatic is a comprehensive, spooler-independent database of printers,
printer drivers, and driver descriptions. This package contains
utilities to generate driver description files and printer queues for
CUPS, LPD, LPRng, and PDQ using the database (packaged separately).
There is also the possibility to read the PJL options out of PJL-capable
laser printers and take them into account at the driver description
file generation.

There are spooler-independent command line interfaces to manipulate
queues (foomatic-configure) and to print files/manipulate jobs
(foomatic printjob).

The site http://www.linuxprinting.org/ is based on this database.

--------------------------------------------------------------------------------
Update Information:

This update fixes improper sanitization of command line options. (CVE-2011-2964)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 20 2011 Tim Waugh <twaugh@redhat.com> - 4.0.7-2
- Fix improper sanitization of command line options (bug #721001,
  CVE-2011-2697).
* Mon Feb 21 2011 Jiri Popelka <jpopelka@redhat.com> - 4.0.7-1
- 4.0.7
* Tue Dec 21 2010 Tim Waugh <twaugh@redhat.com> - 4.0.6-2
- Use perl_vendorlib macro instead of defining our own.
* Thu Dec 16 2010 Jiri Popelka <jpopelka@redhat.com> - 4.0.6-1
- 4.0.6
* Thu Dec  9 2010 Tim Waugh <twaugh@redhat.com> - 4.0.5-4
- Rebuilt for new device IDs.
* Fri Oct 15 2010 Tim Waugh <twaugh@redhat.com> - 4.0.5-3
- Removed hard-coded perl paths from spec file.
* Tue Oct  5 2010 Tim Waugh <twaugh@redhat.com> - 4.0.5-2
- Updated summary and description to more accurately reflect package
  contents (bug #630651).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #727016 - CVE-2011-2964 foomatic: Improper sanitization of command line option in foomatic-rip (foomatic.c)
        https://bugzilla.redhat.com/show_bug.cgi?id=727016
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update foomatic' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.