LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Important: cups security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: cups security update
Advisory ID:       RHSA-2005:706-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-706.html
Issue date:        2005-08-09
Updated on:        2005-08-09
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-2097
- ---------------------------------------------------------------------

1. Summary:

Updated CUPS packages that fix a security issue are now available for Red
Hat Enterprise Linux.

This update has been rated as having important security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The Common UNIX Printing System (CUPS) provides a portable printing layer for
UNIX(R) operating systems.

When processing a PDF file, bounds checking was not correctly performed on
some fields.  This could cause the pdftops filter (running as user "lp") to
crash.  The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2097 to this issue.

All users of CUPS should upgrade to these erratum packages, which contain a
patch to correct this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

164510 - CAN-2005-2097 pdf flaw


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.31.src.rpm
6fdfeda1620e95a6ed9141398adb88be  cups-1.1.17-13.3.31.src.rpm

i386:
6f53077afd334ef360da78265a1d3015  cups-1.1.17-13.3.31.i386.rpm
313336568455c6bf53c465b6b9ddfe6b  cups-devel-1.1.17-13.3.31.i386.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm

ia64:
0e3c6790b045e27c30c8546ef147a6b6  cups-1.1.17-13.3.31.ia64.rpm
da9e2d61e6ea694b691d43015d044648  cups-devel-1.1.17-13.3.31.ia64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
42bbd422f83eae3bd94a67709aabc9b6  cups-libs-1.1.17-13.3.31.ia64.rpm

ppc:
2ef8571cde9f6fc0ba6ffa7cf4bcffcf  cups-1.1.17-13.3.31.ppc.rpm
ea06586a5d0edece302f465cc06655b9  cups-devel-1.1.17-13.3.31.ppc.rpm
d5864d0bc6ffafb60e5512b72cd1deee  cups-libs-1.1.17-13.3.31.ppc.rpm
070c52a8fff483d5b2977f41af8c2d48  cups-libs-1.1.17-13.3.31.ppc64.rpm

s390:
e8a3333a4f41f4d286e30d2ba6dac182  cups-1.1.17-13.3.31.s390.rpm
64b0004da2a22335600116c4fd62655a  cups-devel-1.1.17-13.3.31.s390.rpm
73fd8d9b5532dfcb6512af45e2e0bb4c  cups-libs-1.1.17-13.3.31.s390.rpm

s390x:
930e0db46c1e076b8e79d6bf712a5996  cups-1.1.17-13.3.31.s390x.rpm
624a554a09a737def3b20b19a65755e0  cups-devel-1.1.17-13.3.31.s390x.rpm
73fd8d9b5532dfcb6512af45e2e0bb4c  cups-libs-1.1.17-13.3.31.s390.rpm
d56b117031bccc86a8c827e9d0cf7ade  cups-libs-1.1.17-13.3.31.s390x.rpm

x86_64:
d737dd5cb793f4ad445d93d33b48e082  cups-1.1.17-13.3.31.x86_64.rpm
75ad39e7ec8114ceb2dd1653df48f6c9  cups-devel-1.1.17-13.3.31.x86_64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
7a874e6ac4f4b128041f150cc08a90bb  cups-libs-1.1.17-13.3.31.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.31.src.rpm
6fdfeda1620e95a6ed9141398adb88be  cups-1.1.17-13.3.31.src.rpm

i386:
6f53077afd334ef360da78265a1d3015  cups-1.1.17-13.3.31.i386.rpm
313336568455c6bf53c465b6b9ddfe6b  cups-devel-1.1.17-13.3.31.i386.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm

x86_64:
d737dd5cb793f4ad445d93d33b48e082  cups-1.1.17-13.3.31.x86_64.rpm
75ad39e7ec8114ceb2dd1653df48f6c9  cups-devel-1.1.17-13.3.31.x86_64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
7a874e6ac4f4b128041f150cc08a90bb  cups-libs-1.1.17-13.3.31.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.31.src.rpm
6fdfeda1620e95a6ed9141398adb88be  cups-1.1.17-13.3.31.src.rpm

i386:
6f53077afd334ef360da78265a1d3015  cups-1.1.17-13.3.31.i386.rpm
313336568455c6bf53c465b6b9ddfe6b  cups-devel-1.1.17-13.3.31.i386.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm

ia64:
0e3c6790b045e27c30c8546ef147a6b6  cups-1.1.17-13.3.31.ia64.rpm
da9e2d61e6ea694b691d43015d044648  cups-devel-1.1.17-13.3.31.ia64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
42bbd422f83eae3bd94a67709aabc9b6  cups-libs-1.1.17-13.3.31.ia64.rpm

x86_64:
d737dd5cb793f4ad445d93d33b48e082  cups-1.1.17-13.3.31.x86_64.rpm
75ad39e7ec8114ceb2dd1653df48f6c9  cups-devel-1.1.17-13.3.31.x86_64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
7a874e6ac4f4b128041f150cc08a90bb  cups-libs-1.1.17-13.3.31.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.31.src.rpm
6fdfeda1620e95a6ed9141398adb88be  cups-1.1.17-13.3.31.src.rpm

i386:
6f53077afd334ef360da78265a1d3015  cups-1.1.17-13.3.31.i386.rpm
313336568455c6bf53c465b6b9ddfe6b  cups-devel-1.1.17-13.3.31.i386.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm

ia64:
0e3c6790b045e27c30c8546ef147a6b6  cups-1.1.17-13.3.31.ia64.rpm
da9e2d61e6ea694b691d43015d044648  cups-devel-1.1.17-13.3.31.ia64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
42bbd422f83eae3bd94a67709aabc9b6  cups-libs-1.1.17-13.3.31.ia64.rpm

x86_64:
d737dd5cb793f4ad445d93d33b48e082  cups-1.1.17-13.3.31.x86_64.rpm
75ad39e7ec8114ceb2dd1653df48f6c9  cups-devel-1.1.17-13.3.31.x86_64.rpm
f38c9a11506ae85d5de4ddf721dfd1a0  cups-libs-1.1.17-13.3.31.i386.rpm
7a874e6ac4f4b128041f150cc08a90bb  cups-libs-1.1.17-13.3.31.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cups-1.1.22-0.rc1.9.7.src.rpm
9b035487b0771701ede6d2127d250127  cups-1.1.22-0.rc1.9.7.src.rpm

i386:
4c7c20b95e38b497aa610332ce2d0551  cups-1.1.22-0.rc1.9.7.i386.rpm
b8863c846afdf0fce99de34e2ad0ee27  cups-devel-1.1.22-0.rc1.9.7.i386.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm

ia64:
3ff6481aeaeef012e63a7effe7aad71b  cups-1.1.22-0.rc1.9.7.ia64.rpm
133970e22eb1094d10c431809374e897  cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
9b1edfb8aef5edfe2a77e717dd0908cd  cups-libs-1.1.22-0.rc1.9.7.ia64.rpm

ppc:
aeee85359fb8d62f7cadfdbd70389018  cups-1.1.22-0.rc1.9.7.ppc.rpm
e40bc2adb4e988b6cfc6a6f76ab3d361  cups-devel-1.1.22-0.rc1.9.7.ppc.rpm
18c43f70e182dd5fc45af75678f47e92  cups-libs-1.1.22-0.rc1.9.7.ppc.rpm
44fc714c998b6c4a6ae88ffade39b55c  cups-libs-1.1.22-0.rc1.9.7.ppc64.rpm

s390:
017e4f6095f827dcd84351b1555ac841  cups-1.1.22-0.rc1.9.7.s390.rpm
3b66ab340809a2638405e34b02811e9a  cups-devel-1.1.22-0.rc1.9.7.s390.rpm
75e83909b63136a6ba8ab2913d790e06  cups-libs-1.1.22-0.rc1.9.7.s390.rpm

s390x:
7e7dc1aa097cadb6add6c1c9276632f3  cups-1.1.22-0.rc1.9.7.s390x.rpm
f871a5bfcc2b6a8d29a5809a9fef438d  cups-devel-1.1.22-0.rc1.9.7.s390x.rpm
75e83909b63136a6ba8ab2913d790e06  cups-libs-1.1.22-0.rc1.9.7.s390.rpm
ca9e6f369441b2e9049a5ee86cd330dc  cups-libs-1.1.22-0.rc1.9.7.s390x.rpm

x86_64:
f8cdf81a6645b4b7c4955a36a35d0f2f  cups-1.1.22-0.rc1.9.7.x86_64.rpm
e6d59fe158d842f92594c3fc0f12a04a  cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
723689c347475e508dd2adf82d6c8a0c  cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cups-1.1.22-0.rc1.9.7.src.rpm
9b035487b0771701ede6d2127d250127  cups-1.1.22-0.rc1.9.7.src.rpm

i386:
4c7c20b95e38b497aa610332ce2d0551  cups-1.1.22-0.rc1.9.7.i386.rpm
b8863c846afdf0fce99de34e2ad0ee27  cups-devel-1.1.22-0.rc1.9.7.i386.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm

x86_64:
f8cdf81a6645b4b7c4955a36a35d0f2f  cups-1.1.22-0.rc1.9.7.x86_64.rpm
e6d59fe158d842f92594c3fc0f12a04a  cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
723689c347475e508dd2adf82d6c8a0c  cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cups-1.1.22-0.rc1.9.7.src.rpm
9b035487b0771701ede6d2127d250127  cups-1.1.22-0.rc1.9.7.src.rpm

i386:
4c7c20b95e38b497aa610332ce2d0551  cups-1.1.22-0.rc1.9.7.i386.rpm
b8863c846afdf0fce99de34e2ad0ee27  cups-devel-1.1.22-0.rc1.9.7.i386.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm

ia64:
3ff6481aeaeef012e63a7effe7aad71b  cups-1.1.22-0.rc1.9.7.ia64.rpm
133970e22eb1094d10c431809374e897  cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
9b1edfb8aef5edfe2a77e717dd0908cd  cups-libs-1.1.22-0.rc1.9.7.ia64.rpm

x86_64:
f8cdf81a6645b4b7c4955a36a35d0f2f  cups-1.1.22-0.rc1.9.7.x86_64.rpm
e6d59fe158d842f92594c3fc0f12a04a  cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
723689c347475e508dd2adf82d6c8a0c  cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cups-1.1.22-0.rc1.9.7.src.rpm
9b035487b0771701ede6d2127d250127  cups-1.1.22-0.rc1.9.7.src.rpm

i386:
4c7c20b95e38b497aa610332ce2d0551  cups-1.1.22-0.rc1.9.7.i386.rpm
b8863c846afdf0fce99de34e2ad0ee27  cups-devel-1.1.22-0.rc1.9.7.i386.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm

ia64:
3ff6481aeaeef012e63a7effe7aad71b  cups-1.1.22-0.rc1.9.7.ia64.rpm
133970e22eb1094d10c431809374e897  cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
9b1edfb8aef5edfe2a77e717dd0908cd  cups-libs-1.1.22-0.rc1.9.7.ia64.rpm

x86_64:
f8cdf81a6645b4b7c4955a36a35d0f2f  cups-1.1.22-0.rc1.9.7.x86_64.rpm
e6d59fe158d842f92594c3fc0f12a04a  cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
83c915a577bb1e14ff7b41971c37088d  cups-libs-1.1.22-0.rc1.9.7.i386.rpm
723689c347475e508dd2adf82d6c8a0c  cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers From China Waste Little Time in Exploiting Heartbleed
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Why a hacker got paid for finding the Heartbleed bug
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.