Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2012-0151

Опубликовано: 01 мар. 2012
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2012-0151: conga security, bug fix, and enhancement update (MODERATE)

[0.12.2-51.0.1.el5]

  • Added conga-enterprise.patch
  • Added conga-enterprise-Carthage.patch to support OEL5
  • Replaced redhat logo image in conga-0.12.2.tar.gz

[0.12.2-51]

  • Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability)
  • Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019)

[0.12.2-45]

  • Fix bz751359 (Add luci support for fence_ipmilan's -L option)

[0.12.2-44]

  • Fix bz577019 (CVE-2010-1104 zope: XSS on error page)

[0.12.2-42]

  • Fix bz755935 (luci_admin man page is misleading)
  • Fix bz755941 (luci_admin restore is not consistent)

[0.12.2-40]

  • Fix excluding busy nodes not working properly in luci internals.

[0.12.2-38]

  • Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-37]

  • Additional fix for bz734562 (Improve Luci's resource name validation)

[0.12.2-36]

  • Bump version of the luci database.

[0.12.2-35]

  • Fix bz739600 (conga allows erroneous characters in resource)
  • Fix bz734562 (Improve Luci's resource name validation)

[0.12.2-34]

  • Fix bz709478 (Ricci fails to detect if host if virtual machine capable)
  • Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf)
  • Fix bz723188 (Luci does not allow to modify __max_restarts and __restart_expire_time for independent subtrees, only for non-critical resources)

[0.12.2-33]

  • Fix bz732483 (Create new cluster fails with luci when installing packages.)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

luci

0.12.2-51.0.1.el5

ricci

0.12.2-51.0.1.el5

Oracle Linux x86_64

luci

0.12.2-51.0.1.el5

ricci

0.12.2-51.0.1.el5

Oracle Linux i386

luci

0.12.2-51.0.1.el5

ricci

0.12.2-51.0.1.el5

Связанные CVE

CVE-2010-1104
CVE-2011-1948

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-1948

ubuntu
около 14 лет назад

Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

redhat логотип

CVE-2011-1948

redhat
около 14 лет назад

Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

nvd логотип

CVE-2011-1948

nvd
около 14 лет назад

Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

debian логотип

CVE-2011-1948

debian
около 14 лет назад

Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allo ...

ubuntu логотип

CVE-2010-1104

ubuntu
больше 15 лет назад

Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.