[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1O23i8-00048M-Ez@titan.mandriva.com>
Date: Wed, 14 Apr 2010 16:37:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:072 ] cups
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:072
http://www.mandriva.com/security/
_______________________________________________________________________
Package : cups
Date : April 14, 2010
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in cups:
CUPS in does not properly handle (1) HTTP headers and (2) HTML
templates, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and HTTP response splitting attacks via vectors
related to (a) the product's web interface, (b) the configuration of
the print system, and (c) the titles of printed jobs (CVE-2009-2820).
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS
1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable
to determine the file that provides localized message strings, which
allows local users to gain privileges via a file that contains crafted
localization data with format string specifiers (CVE-2010-0393).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
740c074b463cb19e228e8452d654ff77 corporate/4.0/i586/cups-1.2.4-0.13.20060mlcs4.i586.rpm
b4efdba1af730183bf665ba19eef5e41 corporate/4.0/i586/cups-common-1.2.4-0.13.20060mlcs4.i586.rpm
3b0c57f1c8aff54f44a8757832b388a7 corporate/4.0/i586/cups-serial-1.2.4-0.13.20060mlcs4.i586.rpm
e32253a438c2783e88fdba9308c53b34 corporate/4.0/i586/libcups2-1.2.4-0.13.20060mlcs4.i586.rpm
2ef500ce86c081c4715764209a9cd65e corporate/4.0/i586/libcups2-devel-1.2.4-0.13.20060mlcs4.i586.rpm
286f41821b5b92627f756db7437b0047 corporate/4.0/i586/php-cups-1.2.4-0.13.20060mlcs4.i586.rpm
dbac43650b92f93f745be6451d30f11f corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
45551f204c08ad1bd602cabecbb23dc5 corporate/4.0/x86_64/cups-1.2.4-0.13.20060mlcs4.x86_64.rpm
e836b68917a8dc53436410fd55723a5b corporate/4.0/x86_64/cups-common-1.2.4-0.13.20060mlcs4.x86_64.rpm
1a78d7675b0ea5497ae044ef70a8fb1f corporate/4.0/x86_64/cups-serial-1.2.4-0.13.20060mlcs4.x86_64.rpm
fd3d6e9b3c899ecd475acfc9d5ad12b5 corporate/4.0/x86_64/lib64cups2-1.2.4-0.13.20060mlcs4.x86_64.rpm
07561e3bd8e757ed1ccd9a343a847d61 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.13.20060mlcs4.x86_64.rpm
09541108666b89cad59b723949e4fea1 corporate/4.0/x86_64/php-cups-1.2.4-0.13.20060mlcs4.x86_64.rpm
dbac43650b92f93f745be6451d30f11f corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLxahkmqjQ0CJFipgRAsnrAJ4hIErd0YfzlqHNjOXCKLpzqluKYwCfcdHo
ZXN+jQ9LKCAGJg8zlt2se4k=
=hh1R
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists