lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <E1ILOwg-0004ah-Gw@artemis.annvix.ca>
Date: Wed, 15 Aug 2007 13:54:22 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2007:165 ] - Updated cups packages fix vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:165
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : cups
 Date    : August 15, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Maurycy Prodeus found an integer overflow vulnerability in the way
 various PDF viewers processed PDF files.  An attacker could create
 a malicious PDF file that could cause cups to crash and possibly
 execute arbitrary code open a user opening the file.
 
 This update provides packages which are patched to prevent these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 bc5c292cb44c5b23b1d2a71d3fa2b0d7  2007.0/i586/cups-1.2.4-1.3mdv2007.0.i586.rpm
 51a9181da44c0d47eb4ff162c345b3bc  2007.0/i586/cups-common-1.2.4-1.3mdv2007.0.i586.rpm
 12b97a05c0de65da4b431409099ab44d  2007.0/i586/cups-serial-1.2.4-1.3mdv2007.0.i586.rpm
 b1b9ac484a0aa2d6f0a22b343a3f3053  2007.0/i586/libcups2-1.2.4-1.3mdv2007.0.i586.rpm
 22ba1b567aa18e25ea2c463f9d42b38a  2007.0/i586/libcups2-devel-1.2.4-1.3mdv2007.0.i586.rpm
 a404b43af035362b8cd26d997a01b56d  2007.0/i586/php-cups-1.2.4-1.3mdv2007.0.i586.rpm 
 49350086e2842ab233b3d92c2a79cb74  2007.0/SRPMS/cups-1.2.4-1.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 d9b9b692146d84ce62202b82cfb0e099  2007.0/x86_64/cups-1.2.4-1.3mdv2007.0.x86_64.rpm
 9c0ee78ece4907629c32e49999725ae1  2007.0/x86_64/cups-common-1.2.4-1.3mdv2007.0.x86_64.rpm
 65b47df2465d223dbc63b994bc5e6b2c  2007.0/x86_64/cups-serial-1.2.4-1.3mdv2007.0.x86_64.rpm
 863599d5fcf8c363904a85e430e6ea7b  2007.0/x86_64/lib64cups2-1.2.4-1.3mdv2007.0.x86_64.rpm
 ed8893fe12e79b60c5ca237ba8c3c266  2007.0/x86_64/lib64cups2-devel-1.2.4-1.3mdv2007.0.x86_64.rpm
 dd709f0b91f094beafca3c884b2dc6be  2007.0/x86_64/php-cups-1.2.4-1.3mdv2007.0.x86_64.rpm 
 49350086e2842ab233b3d92c2a79cb74  2007.0/SRPMS/cups-1.2.4-1.3mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 b0fea359db4550d3a0a470bb63f54802  2007.1/i586/cups-1.2.10-2.1mdv2007.1.i586.rpm
 33ca0ca44541e48450fdb0f66930911e  2007.1/i586/cups-common-1.2.10-2.1mdv2007.1.i586.rpm
 a6e6647a4d775e6b10c15a789b665803  2007.1/i586/cups-serial-1.2.10-2.1mdv2007.1.i586.rpm
 68b54b65768eb27f9375cf1d27410667  2007.1/i586/libcups2-1.2.10-2.1mdv2007.1.i586.rpm
 2111937c855120bcb39369e01876986f  2007.1/i586/libcups2-devel-1.2.10-2.1mdv2007.1.i586.rpm
 50836afba4b9d09eda062a9f8db0cedf  2007.1/i586/php-cups-1.2.10-2.1mdv2007.1.i586.rpm 
 281d9330375f2f6786bf1cec3b857f16  2007.1/SRPMS/cups-1.2.10-2.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 cc3d74326d5a7bbc275500cb93aceb21  2007.1/x86_64/cups-1.2.10-2.1mdv2007.1.x86_64.rpm
 d2cd0fa7109515d54c5cf62c8c7b0c51  2007.1/x86_64/cups-common-1.2.10-2.1mdv2007.1.x86_64.rpm
 52ef39d226ad04aafe40f657524f6e5b  2007.1/x86_64/cups-serial-1.2.10-2.1mdv2007.1.x86_64.rpm
 eb3c01016b5a36c22b147b8568e7dce8  2007.1/x86_64/lib64cups2-1.2.10-2.1mdv2007.1.x86_64.rpm
 d6aa91b7379aa0781382f86fd3142269  2007.1/x86_64/lib64cups2-devel-1.2.10-2.1mdv2007.1.x86_64.rpm
 a612257a048d439cfb9c96577a090516  2007.1/x86_64/php-cups-1.2.10-2.1mdv2007.1.x86_64.rpm 
 281d9330375f2f6786bf1cec3b857f16  2007.1/SRPMS/cups-1.2.10-2.1mdv2007.1.src.rpm

 Corporate 3.0:
 69dd24d3b4eda222dd8536750e520db9  corporate/3.0/i586/cups-1.1.20-5.12.C30mdk.i586.rpm
 e11cef8e543f2f7318dda54f21ed2e50  corporate/3.0/i586/cups-common-1.1.20-5.12.C30mdk.i586.rpm
 0c031620f862e1baf7d1f4e874af6d5b  corporate/3.0/i586/cups-serial-1.1.20-5.12.C30mdk.i586.rpm
 c6f4b0fd2455eb058c04afa75a7507a0  corporate/3.0/i586/libcups2-1.1.20-5.12.C30mdk.i586.rpm
 d61b22abb21eef055f6cc692faef3a2b  corporate/3.0/i586/libcups2-devel-1.1.20-5.12.C30mdk.i586.rpm 
 a3bb3c90aed9f2cb337e1edeb2147d33  corporate/3.0/SRPMS/cups-1.1.20-5.12.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 80e6638c7748278e9e463da6b91b972c  corporate/3.0/x86_64/cups-1.1.20-5.12.C30mdk.x86_64.rpm
 26f68b2419949766430ecd9cb8eb5f9c  corporate/3.0/x86_64/cups-common-1.1.20-5.12.C30mdk.x86_64.rpm
 b1ae56a1bf0f239096cba8879aa32232  corporate/3.0/x86_64/cups-serial-1.1.20-5.12.C30mdk.x86_64.rpm
 28d68209a485a554bfb09e58d34b5c5d  corporate/3.0/x86_64/lib64cups2-1.1.20-5.12.C30mdk.x86_64.rpm
 9cb83abf75a5a31f74964679e647ab76  corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.12.C30mdk.x86_64.rpm 
 a3bb3c90aed9f2cb337e1edeb2147d33  corporate/3.0/SRPMS/cups-1.1.20-5.12.C30mdk.src.rpm

 Corporate 4.0:
 06550a8de7de77d09c0dd1b091a8e361  corporate/4.0/i586/cups-1.2.4-0.3.20060mlcs4.i586.rpm
 4c4204f856c13107ddd3c2d1a7b68f3a  corporate/4.0/i586/cups-common-1.2.4-0.3.20060mlcs4.i586.rpm
 57f9710a036bb3a9ee5bcc934fcfa4da  corporate/4.0/i586/cups-serial-1.2.4-0.3.20060mlcs4.i586.rpm
 67f0dd5f82523296827b6522a599c88a  corporate/4.0/i586/libcups2-1.2.4-0.3.20060mlcs4.i586.rpm
 e7c9f43b15951c4089660b1d604b12c7  corporate/4.0/i586/libcups2-devel-1.2.4-0.3.20060mlcs4.i586.rpm
 81613d8a526b6c005e24b291779d80e0  corporate/4.0/i586/php-cups-1.2.4-0.3.20060mlcs4.i586.rpm 
 9e10e3a5bab8431fd5b90f7d3d73bc35  corporate/4.0/SRPMS/cups-1.2.4-0.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 762970c5f9a7be75423be981e28568db  corporate/4.0/x86_64/cups-1.2.4-0.3.20060mlcs4.x86_64.rpm
 432d0593eb6165186a527d65d59ef774  corporate/4.0/x86_64/cups-common-1.2.4-0.3.20060mlcs4.x86_64.rpm
 d171f3d1be0d10f68a1875b2007b4559  corporate/4.0/x86_64/cups-serial-1.2.4-0.3.20060mlcs4.x86_64.rpm
 2dd3e283bb805f06ba00cdb17c12fd0a  corporate/4.0/x86_64/lib64cups2-1.2.4-0.3.20060mlcs4.x86_64.rpm
 0d0040e62a7bcb83c957e0ee70885764  corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.3.20060mlcs4.x86_64.rpm
 0abd4c82d63895d928f90332d02eb962  corporate/4.0/x86_64/php-cups-1.2.4-0.3.20060mlcs4.x86_64.rpm 
 9e10e3a5bab8431fd5b90f7d3d73bc35  corporate/4.0/SRPMS/cups-1.2.4-0.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGwy5VmqjQ0CJFipgRAr4oAJ9A6hA9CZIk5GR3Ud779v61CO74eQCfTBUZ
54eeSvI8Cpsr45fO17Y3gmU=
=aWcj
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ