Bug 19518
Summary: | need LPRng 3.2.26 | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Gene Czarcinski <gczarcinski> |
Component: | LPRng | Assignee: | Crutcher Dunnavant <crutcher> |
Status: | CLOSED ERRATA | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 7.0 | CC: | chris, dr |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
URL: | http://www.astart.com/LPRng/CHANGES | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2000-10-24 10:42:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gene Czarcinski
2000-10-21 17:40:16 UTC
Weren't these issues addressed by the RedHat security update? Have any issues been fixed which were not fixed by the update? I've found the LPRng changelog, and put it in the URL field. And here, I've pasted the relevant Changelog entries: ----- Release LPRng 3.6.26 Fri Oct 13 07:38:38 PDT 2000 unsetenv() is not available on some systems. Fallback to setenv and then putenv() if not present (Found by: Niklas Edmundsson <nikke.se>) Release LPRng 3.6.25 Tue Oct 3 09:19:11 PDT 2000 syslog Compromise - modified syslog to use 'syslog(xx,"%s", msg). gettext Compromise - added the following to Initialize(): if( getuid() == 0 || geteuid() == 0 ) unsetenv("NLSPATH"); IN6_ADDR removed, in fact IPV6 stuff removed. See the various CERT advisories. Sigh... ---- The RH update fixed the syslog() thing. It looks like the NLSPATH thing will only be an issue if the printing clients are suid-root, and I don't think they are. Anyway, the glibc update should take care of the NLSPATH issues...? Yeah, we got the syslog thing, and glibc should have gotten the other thing, but gonna roll this anyway, got a printting update comming. (as a side note, I cannot belive how fast this package itterates!, its like netscape in the old days.) Does this thing have the notion of UNIX socket support, avoiding the need to network-listen in many circumstances? |