lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040915161412.31236.qmail@updates.mandrakesoft.com>
Date: 15 Sep 2004 16:14:12 -0000
From: Mandrake Linux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           printer-drivers
 Advisory ID:            MDKSA-2004:094
 Date:                   September 15th, 2004

 Affected versions:	 10.0, 9.2
 ______________________________________________________________________

 Problem Description:

 The foomatic-rip filter, which is part of foomatic-filters package,
 contains a vulnerability that allows anyone with access to CUPS, local
 or remote, to execute arbitrary commands on the server.  The updated
 packages provide a fixed foomatic-rip filter that prevents this kind
 of abuse.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 5b60d06dd30d734ac047d3ee6f6dc772  10.0/RPMS/cups-drivers-1.1-138.2.100mdk.i586.rpm
 b054fe649f49aaf755d14b797b5b6601  10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpm
 db087f03bd7c8725808e9b72ad328109  10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpm
 bc8d8726f556bf49d28dac6d60131b96  10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpm
 36a87460cc5d6ea62a90b73536e904f2  10.0/RPMS/ghostscript-7.07-19.2.100mdk.i586.rpm
 dd3a8164ed4959f87d8a737f7bc84b01  10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.i586.rpm
 b584cf81006355ccd974cf8845c383ca  10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.i586.rpm
 2a680b3686870b96498a6c2fb0aa684b  10.0/RPMS/libgimpprint1-4.2.7-2.2.100mdk.i586.rpm
 e116225a8e807e81e2f94bfa5bdfd2a8  10.0/RPMS/libgimpprint1-devel-4.2.7-2.2.100mdk.i586.rpm
 0de919bcb4588874ce8937257af9c699  10.0/RPMS/libijs0-0.34-76.2.100mdk.i586.rpm
 1b44c0ef21bea8d59ecba973b681f0c0  10.0/RPMS/libijs0-devel-0.34-76.2.100mdk.i586.rpm
 152791cb0b54d88d66870dd190007709  10.0/RPMS/printer-filters-1.0-138.2.100mdk.i586.rpm
 94849ae591daa6abb27c329262d34510  10.0/RPMS/printer-testpages-1.0-138.2.100mdk.i586.rpm
 817bb3003924bda9143a4ba9fc41f07b  10.0/RPMS/printer-utils-1.0-138.2.100mdk.i586.rpm
 252ce79ceeb44363fcca69e8fae3124f  10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 f77b65e84043e7e426127724e6c926fd  amd64/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.amd64.rpm
 5f74d92859cd3423ffa69e88dfb397fb  amd64/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
 cbc7f870d50c30cdaaa3318ffd9f7cfa  amd64/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
 513edd72b47ea666813d98bf9572ae10  amd64/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
 1656f00628486bddffefc924acdb4bfe  amd64/10.0/RPMS/ghostscript-7.07-19.2.100mdk.amd64.rpm
 4fbad78a6df7915e83d9cb20a6d59939  amd64/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.amd64.rpm
 ad6683d164413b5ca4571a40e78df9f3  amd64/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.amd64.rpm
 f9745491ae1a8f0634107cd7f41d76b2  amd64/10.0/RPMS/lib64gimpprint1-4.2.7-2.2.100mdk.amd64.rpm
 0c7f9f7109ef86406c0d32191aa77fc2  amd64/10.0/RPMS/lib64gimpprint1-devel-4.2.7-2.2.100mdk.amd64.rpm
 d8b8c565cb72e876aceda04de4ad2832  amd64/10.0/RPMS/lib64ijs0-0.34-76.2.100mdk.amd64.rpm
 ed95b407652ab7064837399003bb9553  amd64/10.0/RPMS/lib64ijs0-devel-0.34-76.2.100mdk.amd64.rpm
 462a427f75ccf5d024c793eb829ae025  amd64/10.0/RPMS/printer-filters-1.0-138.2.100mdk.amd64.rpm
 bcad49c7a9063a7856473b1ce969e36b  amd64/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.amd64.rpm
 37339dff70409896959a6f4d4b8af1e7  amd64/10.0/RPMS/printer-utils-1.0-138.2.100mdk.amd64.rpm
 252ce79ceeb44363fcca69e8fae3124f  amd64/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm

 Mandrakelinux 9.2:
 e46b265555a2075d363d746933e88870  9.2/RPMS/cups-drivers-1.1-116.1.92mdk.i586.rpm
 f2e8df86c2cc434c6b3a2d788b22069b  9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpm
 452cc2b7a3d3dfae90818f2c70112c75  9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpm
 4d3926f1a28c1d958e453d01a1708811  9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpm
 b83e8b68601c4c576e4354229f541092  9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.i586.rpm
 ea2f04d7cb9a17ed26e5c0c71711c54c  9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.i586.rpm
 488ad952dc1560ce2b2eba223f692ae1  9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.i586.rpm
 e491c8a7e4fc6edbf205c4539d50806d  9.2/RPMS/libgimpprint1-4.2.5-30.1.92mdk.i586.rpm
 4e2d702a616369ef122b16a112923c3c  9.2/RPMS/libgimpprint1-devel-4.2.5-30.1.92mdk.i586.rpm
 f9a5f949e4342b550a52112aba77fdde  9.2/RPMS/libijs0-0.34-56.1.92mdk.i586.rpm
 4bf9b3b6b6f210490dd74771f81929e8  9.2/RPMS/libijs0-devel-0.34-56.1.92mdk.i586.rpm
 b8145f433d635d70228438401fba14d2  9.2/RPMS/omni-0.7.2-32.1.92mdk.i586.rpm
 43850e0a55dadfd65ddbfbf3a0234264  9.2/RPMS/printer-filters-1.0-116.1.92mdk.i586.rpm
 c5baf817bd47ba680733f87b546f0b2a  9.2/RPMS/printer-testpages-1.0-116.1.92mdk.i586.rpm
 0e0de87f4facbb33d9716c22f6c53a0e  9.2/RPMS/printer-utils-1.0-116.1.92mdk.i586.rpm
 3ac289d0ad9ccbae59ffbbff1d0ef6d0  9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 3805d72ab483ca73c17ec668fcfea260  amd64/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.amd64.rpm
 4120e7ae8d18452e0d010d9f6dad68ab  amd64/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpm
 541fb6b621453eb2f2eb4cd3cc66bdb6  amd64/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpm
 120453007ef1d4e2201f47bc9b435b6f  amd64/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpm
 ba54c898100a7e8f8a648ab6be4dff4a  amd64/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.amd64.rpm
 0088c1cad9cb1c5a3dcdfec551d1b436  amd64/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpm
 ef2d193c0209974f5dc519824d4ce6ef  amd64/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.amd64.rpm
 7e9d6e3afd9e6f55f518693d00da089a  amd64/9.2/RPMS/lib64gimpprint1-4.2.5-30.1.92mdk.amd64.rpm
 b76c616669975e31b4c207edad6a64e2  amd64/9.2/RPMS/lib64gimpprint1-devel-4.2.5-30.1.92mdk.amd64.rpm
 f117b249358c122cd42c86ea0ba671f6  amd64/9.2/RPMS/lib64ijs0-0.34-56.1.92mdk.amd64.rpm
 9ef6acb512d398a9e68fbc52436206ca  amd64/9.2/RPMS/lib64ijs0-devel-0.34-56.1.92mdk.amd64.rpm
 3cf204dea9e41a3c421e30b632ff620e  amd64/9.2/RPMS/omni-0.7.2-32.1.92mdk.amd64.rpm
 ee634dcbe58b639f6573f4b1f735ef94  amd64/9.2/RPMS/printer-filters-1.0-116.1.92mdk.amd64.rpm
 a8ce95c71a3c7a1588168fe71c72aa3f  amd64/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.amd64.rpm
 1953aeb5c4e92e4e2c991ffabb27bbea  amd64/9.2/RPMS/printer-utils-1.0-116.1.92mdk.amd64.rpm
 3ac289d0ad9ccbae59ffbbff1d0ef6d0  amd64/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBSGpUmqjQ0CJFipgRApTFAJ9Dq19mr5vUI6oJakdt2k3/RnsECACfYSZx
5Jwv6WsUJH/3Wj9tiua1Jy4=
=uMtu
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ