[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040915161412.31236.qmail@updates.mandrakesoft.com>
Date: 15 Sep 2004 16:14:12 -0000
From: Mandrake Linux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: printer-drivers
Advisory ID: MDKSA-2004:094
Date: September 15th, 2004
Affected versions: 10.0, 9.2
______________________________________________________________________
Problem Description:
The foomatic-rip filter, which is part of foomatic-filters package,
contains a vulnerability that allows anyone with access to CUPS, local
or remote, to execute arbitrary commands on the server. The updated
packages provide a fixed foomatic-rip filter that prevents this kind
of abuse.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
5b60d06dd30d734ac047d3ee6f6dc772 10.0/RPMS/cups-drivers-1.1-138.2.100mdk.i586.rpm
b054fe649f49aaf755d14b797b5b6601 10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpm
db087f03bd7c8725808e9b72ad328109 10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpm
bc8d8726f556bf49d28dac6d60131b96 10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpm
36a87460cc5d6ea62a90b73536e904f2 10.0/RPMS/ghostscript-7.07-19.2.100mdk.i586.rpm
dd3a8164ed4959f87d8a737f7bc84b01 10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.i586.rpm
b584cf81006355ccd974cf8845c383ca 10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.i586.rpm
2a680b3686870b96498a6c2fb0aa684b 10.0/RPMS/libgimpprint1-4.2.7-2.2.100mdk.i586.rpm
e116225a8e807e81e2f94bfa5bdfd2a8 10.0/RPMS/libgimpprint1-devel-4.2.7-2.2.100mdk.i586.rpm
0de919bcb4588874ce8937257af9c699 10.0/RPMS/libijs0-0.34-76.2.100mdk.i586.rpm
1b44c0ef21bea8d59ecba973b681f0c0 10.0/RPMS/libijs0-devel-0.34-76.2.100mdk.i586.rpm
152791cb0b54d88d66870dd190007709 10.0/RPMS/printer-filters-1.0-138.2.100mdk.i586.rpm
94849ae591daa6abb27c329262d34510 10.0/RPMS/printer-testpages-1.0-138.2.100mdk.i586.rpm
817bb3003924bda9143a4ba9fc41f07b 10.0/RPMS/printer-utils-1.0-138.2.100mdk.i586.rpm
252ce79ceeb44363fcca69e8fae3124f 10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
f77b65e84043e7e426127724e6c926fd amd64/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.amd64.rpm
5f74d92859cd3423ffa69e88dfb397fb amd64/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
cbc7f870d50c30cdaaa3318ffd9f7cfa amd64/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
513edd72b47ea666813d98bf9572ae10 amd64/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpm
1656f00628486bddffefc924acdb4bfe amd64/10.0/RPMS/ghostscript-7.07-19.2.100mdk.amd64.rpm
4fbad78a6df7915e83d9cb20a6d59939 amd64/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.amd64.rpm
ad6683d164413b5ca4571a40e78df9f3 amd64/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.amd64.rpm
f9745491ae1a8f0634107cd7f41d76b2 amd64/10.0/RPMS/lib64gimpprint1-4.2.7-2.2.100mdk.amd64.rpm
0c7f9f7109ef86406c0d32191aa77fc2 amd64/10.0/RPMS/lib64gimpprint1-devel-4.2.7-2.2.100mdk.amd64.rpm
d8b8c565cb72e876aceda04de4ad2832 amd64/10.0/RPMS/lib64ijs0-0.34-76.2.100mdk.amd64.rpm
ed95b407652ab7064837399003bb9553 amd64/10.0/RPMS/lib64ijs0-devel-0.34-76.2.100mdk.amd64.rpm
462a427f75ccf5d024c793eb829ae025 amd64/10.0/RPMS/printer-filters-1.0-138.2.100mdk.amd64.rpm
bcad49c7a9063a7856473b1ce969e36b amd64/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.amd64.rpm
37339dff70409896959a6f4d4b8af1e7 amd64/10.0/RPMS/printer-utils-1.0-138.2.100mdk.amd64.rpm
252ce79ceeb44363fcca69e8fae3124f amd64/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm
Mandrakelinux 9.2:
e46b265555a2075d363d746933e88870 9.2/RPMS/cups-drivers-1.1-116.1.92mdk.i586.rpm
f2e8df86c2cc434c6b3a2d788b22069b 9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpm
452cc2b7a3d3dfae90818f2c70112c75 9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpm
4d3926f1a28c1d958e453d01a1708811 9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpm
b83e8b68601c4c576e4354229f541092 9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.i586.rpm
ea2f04d7cb9a17ed26e5c0c71711c54c 9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.i586.rpm
488ad952dc1560ce2b2eba223f692ae1 9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.i586.rpm
e491c8a7e4fc6edbf205c4539d50806d 9.2/RPMS/libgimpprint1-4.2.5-30.1.92mdk.i586.rpm
4e2d702a616369ef122b16a112923c3c 9.2/RPMS/libgimpprint1-devel-4.2.5-30.1.92mdk.i586.rpm
f9a5f949e4342b550a52112aba77fdde 9.2/RPMS/libijs0-0.34-56.1.92mdk.i586.rpm
4bf9b3b6b6f210490dd74771f81929e8 9.2/RPMS/libijs0-devel-0.34-56.1.92mdk.i586.rpm
b8145f433d635d70228438401fba14d2 9.2/RPMS/omni-0.7.2-32.1.92mdk.i586.rpm
43850e0a55dadfd65ddbfbf3a0234264 9.2/RPMS/printer-filters-1.0-116.1.92mdk.i586.rpm
c5baf817bd47ba680733f87b546f0b2a 9.2/RPMS/printer-testpages-1.0-116.1.92mdk.i586.rpm
0e0de87f4facbb33d9716c22f6c53a0e 9.2/RPMS/printer-utils-1.0-116.1.92mdk.i586.rpm
3ac289d0ad9ccbae59ffbbff1d0ef6d0 9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
3805d72ab483ca73c17ec668fcfea260 amd64/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.amd64.rpm
4120e7ae8d18452e0d010d9f6dad68ab amd64/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpm
541fb6b621453eb2f2eb4cd3cc66bdb6 amd64/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpm
120453007ef1d4e2201f47bc9b435b6f amd64/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpm
ba54c898100a7e8f8a648ab6be4dff4a amd64/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.amd64.rpm
0088c1cad9cb1c5a3dcdfec551d1b436 amd64/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpm
ef2d193c0209974f5dc519824d4ce6ef amd64/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.amd64.rpm
7e9d6e3afd9e6f55f518693d00da089a amd64/9.2/RPMS/lib64gimpprint1-4.2.5-30.1.92mdk.amd64.rpm
b76c616669975e31b4c207edad6a64e2 amd64/9.2/RPMS/lib64gimpprint1-devel-4.2.5-30.1.92mdk.amd64.rpm
f117b249358c122cd42c86ea0ba671f6 amd64/9.2/RPMS/lib64ijs0-0.34-56.1.92mdk.amd64.rpm
9ef6acb512d398a9e68fbc52436206ca amd64/9.2/RPMS/lib64ijs0-devel-0.34-56.1.92mdk.amd64.rpm
3cf204dea9e41a3c421e30b632ff620e amd64/9.2/RPMS/omni-0.7.2-32.1.92mdk.amd64.rpm
ee634dcbe58b639f6573f4b1f735ef94 amd64/9.2/RPMS/printer-filters-1.0-116.1.92mdk.amd64.rpm
a8ce95c71a3c7a1588168fe71c72aa3f amd64/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.amd64.rpm
1953aeb5c4e92e4e2c991ffabb27bbea amd64/9.2/RPMS/printer-utils-1.0-116.1.92mdk.amd64.rpm
3ac289d0ad9ccbae59ffbbff1d0ef6d0 amd64/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBSGpUmqjQ0CJFipgRApTFAJ9Dq19mr5vUI6oJakdt2k3/RnsECACfYSZx
5Jwv6WsUJH/3Wj9tiua1Jy4=
=uMtu
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists