lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1E3JcE-0005is-B0@mercury.mandriva.com>
Date: Thu, 11 Aug 2005 14:25:26 -0600
From: Mandriva Security Team <security@...driva.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2005:138 - Updated cups packages fix vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           cups
 Advisory ID:            MDKSA-2005:138
 Date:                   August 11th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A vulnerability was discovered in the CUPS printing package where
 when processing a PDF file, bounds checking was not correctly
 performed on some fields.  As a result, this could cause the pdtops
 filter to crash.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 5d48bca988287653dd56975cc47a9011  10.0/RPMS/cups-1.1.20-5.8.100mdk.i586.rpm
 4766df09a7d3dab61dff26d18210607e  10.0/RPMS/cups-common-1.1.20-5.8.100mdk.i586.rpm
 01d3f0e9fbca7245d29e0008f511379e  10.0/RPMS/cups-serial-1.1.20-5.8.100mdk.i586.rpm
 f654610a508b60e19a9fdd909a36ca50  10.0/RPMS/libcups2-1.1.20-5.8.100mdk.i586.rpm
 2a8b8d18b2f3aafec1b3f5a6e27c8f76  10.0/RPMS/libcups2-devel-1.1.20-5.8.100mdk.i586.rpm
 e8fbda4a5bc004645231929662b461f0  10.0/SRPMS/cups-1.1.20-5.8.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 e6c500410c6737912b341994c1079a02  amd64/10.0/RPMS/cups-1.1.20-5.8.100mdk.amd64.rpm
 290cbd28249758d012ce0f6405fe8bb7  amd64/10.0/RPMS/cups-common-1.1.20-5.8.100mdk.amd64.rpm
 a23b7e1868ff06db1c3358ddad003e08  amd64/10.0/RPMS/cups-serial-1.1.20-5.8.100mdk.amd64.rpm
 501e5559e13ab873eb84ee7449258c2c  amd64/10.0/RPMS/lib64cups2-1.1.20-5.8.100mdk.amd64.rpm
 39270cd3e6719b3a531c748a85d005e9  amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.8.100mdk.amd64.rpm
 f654610a508b60e19a9fdd909a36ca50  amd64/10.0/RPMS/libcups2-1.1.20-5.8.100mdk.i586.rpm
 e8fbda4a5bc004645231929662b461f0  amd64/10.0/SRPMS/cups-1.1.20-5.8.100mdk.src.rpm

 Mandrakelinux 10.1:
 175bc89b8c2aa3f49f3b264eb3d11c08  10.1/RPMS/cups-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 a0f2a26a2c03c4eeb4b2d8c0edead1d7  10.1/RPMS/cups-common-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 f266721618d085b9039f5dca9674ecb2  10.1/RPMS/cups-serial-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 631dbfd315035444776fd6cf95cf6acd  10.1/RPMS/libcups2-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 d35a97d673a4ac95ace0a42537f88025  10.1/RPMS/libcups2-devel-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 63feebc89515a0df9119c425c4a35884  10.1/SRPMS/cups-1.1.21-0.rc1.7.6.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 d36a3f804109352ab330793e97e1a0de  x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
 b50419737107d955258878707d575935  x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
 0d9a6b76fc5eae9190f73ad14f5cfbc2  x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
 7782f4c85b11d9eaf980488b84d06e93  x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
 ed0fe1a09d4564c4495bacb221df847d  x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
 631dbfd315035444776fd6cf95cf6acd  x86_64/10.1/RPMS/libcups2-1.1.21-0.rc1.7.6.101mdk.i586.rpm
 63feebc89515a0df9119c425c4a35884  x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.6.101mdk.src.rpm

 Mandrakelinux 10.2:
 c1ef8da952cd9e56e2746be2b0bb5bd9  10.2/RPMS/cups-1.1.23-11.1.102mdk.i586.rpm
 736fd01eacca34d04607795d1ef6547f  10.2/RPMS/cups-common-1.1.23-11.1.102mdk.i586.rpm
 7d9dabe327857b8295bca0c689725732  10.2/RPMS/cups-serial-1.1.23-11.1.102mdk.i586.rpm
 829d2177b1f7317e5a8cde837aca55b4  10.2/RPMS/libcups2-1.1.23-11.1.102mdk.i586.rpm
 16a599e6757a5bd5ed6820833d968b33  10.2/RPMS/libcups2-devel-1.1.23-11.1.102mdk.i586.rpm
 27c0d389d9a85467c9a70944b4362ec4  10.2/SRPMS/cups-1.1.23-11.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 3a1ccbf7ae89e47c1778f3c5997b178f  x86_64/10.2/RPMS/cups-1.1.23-11.1.102mdk.x86_64.rpm
 d3275ccee68d7429fda7ba20f89c518c  x86_64/10.2/RPMS/cups-common-1.1.23-11.1.102mdk.x86_64.rpm
 e665f3d80d4e13de539d9fa39a16d22e  x86_64/10.2/RPMS/cups-serial-1.1.23-11.1.102mdk.x86_64.rpm
 9b5863c09729384a019f725d6861839e  x86_64/10.2/RPMS/lib64cups2-1.1.23-11.1.102mdk.x86_64.rpm
 63770318c658c4186d7d57a2208ed46a  x86_64/10.2/RPMS/lib64cups2-devel-1.1.23-11.1.102mdk.x86_64.rpm
 829d2177b1f7317e5a8cde837aca55b4  x86_64/10.2/RPMS/libcups2-1.1.23-11.1.102mdk.i586.rpm
 16a599e6757a5bd5ed6820833d968b33  x86_64/10.2/RPMS/libcups2-devel-1.1.23-11.1.102mdk.i586.rpm
 27c0d389d9a85467c9a70944b4362ec4  x86_64/10.2/SRPMS/cups-1.1.23-11.1.102mdk.src.rpm

 Corporate Server 2.1:
 cf770f5bf37c8318ba77c5fcde438172  corporate/2.1/RPMS/cups-1.1.18-2.10.C21mdk.i586.rpm
 524af59e822beba950b117106a1f96ed  corporate/2.1/RPMS/cups-common-1.1.18-2.10.C21mdk.i586.rpm
 5be445e71199134e69dabe35c1e3be7d  corporate/2.1/RPMS/cups-serial-1.1.18-2.10.C21mdk.i586.rpm
 a54a56a116a971a49bf2f0bdbb68e94f  corporate/2.1/RPMS/libcups1-1.1.18-2.10.C21mdk.i586.rpm
 77365811d8997c9ffe4495b27005dfa6  corporate/2.1/RPMS/libcups1-devel-1.1.18-2.10.C21mdk.i586.rpm
 20c930c0306bfd6294ac99f4e479b61b  corporate/2.1/SRPMS/cups-1.1.18-2.10.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 65685f8e7a1d812a02e9cb589b2bce69  x86_64/corporate/2.1/RPMS/cups-1.1.18-2.10.C21mdk.x86_64.rpm
 aadb1a546919cc920ebec02d2bc49cfd  x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.10.C21mdk.x86_64.rpm
 5cfc03537c65469e4d639ef0b70cae89  x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.10.C21mdk.x86_64.rpm
 5dcab751c4e4882492824dbcc7cb68d3  x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.10.C21mdk.x86_64.rpm
 0277512cc9357f1644abb49f3a514b9d  x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.10.C21mdk.x86_64.rpm
 20c930c0306bfd6294ac99f4e479b61b  x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.10.C21mdk.src.rpm

 Corporate 3.0:
 ada77f1b64381034566313eb87f809c9  corporate/3.0/RPMS/cups-1.1.20-5.8.C30mdk.i586.rpm
 55be908096a2354e98f661ce596b2361  corporate/3.0/RPMS/cups-common-1.1.20-5.8.C30mdk.i586.rpm
 9d2b28df649b1a96e3937839adac1933  corporate/3.0/RPMS/cups-serial-1.1.20-5.8.C30mdk.i586.rpm
 3dde8924c65df2232a1e908605a25c67  corporate/3.0/RPMS/libcups2-1.1.20-5.8.C30mdk.i586.rpm
 8aa74d6b8b151d6ca0520c8d8b23cab1  corporate/3.0/RPMS/libcups2-devel-1.1.20-5.8.C30mdk.i586.rpm
 e0606323bf662289f25298c29d64faed  corporate/3.0/SRPMS/cups-1.1.20-5.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 88a009de39c8d2f7fa137c0f113ccac2  x86_64/corporate/3.0/RPMS/cups-1.1.20-5.8.C30mdk.x86_64.rpm
 7512d729ba5767b120390dd65b2d32d5  x86_64/corporate/3.0/RPMS/cups-common-1.1.20-5.8.C30mdk.x86_64.rpm
 15c7f2318320357a8a54d3aa10206a99  x86_64/corporate/3.0/RPMS/cups-serial-1.1.20-5.8.C30mdk.x86_64.rpm
 a685089585d71ba77578a25187d4970c  x86_64/corporate/3.0/RPMS/lib64cups2-1.1.20-5.8.C30mdk.x86_64.rpm
 89507149b4b041b3d954e7c2e97c0feb  x86_64/corporate/3.0/RPMS/lib64cups2-devel-1.1.20-5.8.C30mdk.x86_64.rpm
 3dde8924c65df2232a1e908605a25c67  x86_64/corporate/3.0/RPMS/libcups2-1.1.20-5.8.C30mdk.i586.rpm
 e0606323bf662289f25298c29d64faed  x86_64/corporate/3.0/SRPMS/cups-1.1.20-5.8.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC+7Q2mqjQ0CJFipgRArJqAJ9Ct27CrTdqO+IWgn7o/t8y3QxvkACgxyg1
Kl+kyirBMLuNwZYU7mPLmpk=
=HdMX
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ