LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Important: cups security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated cups packages that fix several security issues are now available for Red Hat Enterprise Linux 3. Alin Rad Pop discovered a flaw in the handling of PDF files. An attacker could create a malicious PDF file that would cause CUPS to crash or potentially execute arbitrary code when printed. This update has been rated as having important security impact by the Red Hat Security Response Team.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: cups security update
Advisory ID:       RHSA-2007:1023-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-1023.html
Issue date:        2007-11-07
Updated on:        2007-11-07
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-4045 CVE-2007-4351 CVE-2007-5393 
- ---------------------------------------------------------------------

1. Summary:

Updated cups packages that fix several security issues are now available
for Red Hat Enterprise Linux 3.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX(R) operating systems.

Alin Rad Pop discovered a flaw in the handling of PDF files. An attacker
could create a malicious PDF file that would cause CUPS to crash or
potentially execute arbitrary code when printed. (CVE-2007-5393)

Alin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags.
A remote attacker who is able to connect to the IPP TCP port could send a
malicious request causing the CUPS daemon to crash. (CVE-2007-4351)

A flaw was found in the way CUPS handled SSL negotiation. A remote attacker
capable of connecting to the CUPS daemon could cause CUPS to crash.
(CVE-2007-4045)

All CUPS users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

250161 - CVE-2007-4045 Incomplete fix for CVE-2007-0720 CUPS denial of service
345091 - CVE-2007-4351 cups boundary error
345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar()

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b  cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5  cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1  cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f  cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57  cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6  cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb  cups-libs-1.1.17-13.3.46.ia64.rpm

ppc:
2867471d07abf916a09661e210452eb5  cups-1.1.17-13.3.46.ppc.rpm
136fe0dc122329e8b11cdb566b525f97  cups-debuginfo-1.1.17-13.3.46.ppc.rpm
a11bf7e757a8d6150a3cf8bdfdf4da15  cups-debuginfo-1.1.17-13.3.46.ppc64.rpm
e9bea7b8a5fbc22c61a6c418d1eb78a2  cups-devel-1.1.17-13.3.46.ppc.rpm
47bfa96ebf919d2d5fb674385567804d  cups-libs-1.1.17-13.3.46.ppc.rpm
0995e9aa0e95656b2db64b9488dafae3  cups-libs-1.1.17-13.3.46.ppc64.rpm

s390:
d89b822fd9c6785cc65716569750ef66  cups-1.1.17-13.3.46.s390.rpm
99235d722639fc075be91f4518bb880f  cups-debuginfo-1.1.17-13.3.46.s390.rpm
728e5f195fef201ebce131f1e02b5cc9  cups-devel-1.1.17-13.3.46.s390.rpm
d6127b0b5a9854292ca57958363ce74c  cups-libs-1.1.17-13.3.46.s390.rpm

s390x:
80a32a8329e423361fb417200427f2de  cups-1.1.17-13.3.46.s390x.rpm
99235d722639fc075be91f4518bb880f  cups-debuginfo-1.1.17-13.3.46.s390.rpm
307df9444ae2a89ac33ad753b87cb2a0  cups-debuginfo-1.1.17-13.3.46.s390x.rpm
6a178fff3a8264aa22e010491ee70cab  cups-devel-1.1.17-13.3.46.s390x.rpm
d6127b0b5a9854292ca57958363ce74c  cups-libs-1.1.17-13.3.46.s390.rpm
5521921be20a245d605c4e85b325163a  cups-libs-1.1.17-13.3.46.s390x.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632  cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f  cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593  cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b  cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b  cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5  cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1  cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632  cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f  cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593  cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b  cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b  cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5  cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1  cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f  cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57  cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6  cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb  cups-libs-1.1.17-13.3.46.ia64.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632  cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f  cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593  cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b  cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b  cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5  cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1  cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f  cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57  cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6  cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb  cups-libs-1.1.17-13.3.46.ia64.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632  cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc  cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f  cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593  cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b  cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b  cups-libs-1.1.17-13.3.46.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says
What a hacker can learn about your life from the coffee shop’s Wi-Fi network
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.