Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in cups-filters
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in cups-filters
ID: MDVSA-2015:100
Distribution: Mandriva
Plattformen: Mandriva Business Server 2.0
Datum: So, 29. März 2015, 13:51
Referenzen: http://advisories.mageia.org/MGASA-2014-0170.html
http://advisories.mageia.org/MGASA-2014-0181.html
http://advisories.mageia.org/MGASA-2014-0267.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4338

Originalnachricht

This is a multi-part message in MIME format...

------------=_1427605051-10360-0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:100
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : cups-filters
Date : March 29, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated cups-filters packages fix security vulnerabilities:

Florian Weimer discovered that cups-filters incorrectly handled
memory in the urftopdf filter. An attacker could possibly use this
issue to execute arbitrary code with the privileges of the lp user
(CVE-2013-6473).

Florian Weimer discovered that cups-filters incorrectly handled
memory in the pdftoopvp filter. An attacker could possibly use this
issue to execute arbitrary code with the privileges of the lp user
(CVE-2013-6474, CVE-2013-6475).

Florian Weimer discovered that cups-filters did not restrict driver
directories in in the pdftoopvp filter. An attacker could possibly
use this issue to execute arbitrary code with the privileges of the
lp user (CVE-2013-6476).

Sebastian Krahmer discovered it was possible to use malicious
broadcast packets to execute arbitrary commands on a server running
the cups-browsed daemon (CVE-2014-2707).

In cups-filters before 1.0.53, out-of-bounds accesses in the
process_browse_data function when reading the packet variable
could leading to a crash, thus resulting in a denial of service
(CVE-2014-4337).

In cups-filters before 1.0.53, if there was only a single BrowseAllow
line in cups-browsed.conf and its host specification was invalid, this
was interpreted as if no BrowseAllow line had been specified, which
resulted in it accepting browse packets from all hosts (CVE-2014-4338).

The CVE-2014-2707 issue with malicious broadcast packets, which
had been fixed in Mageia Bug 13216 (MGASA-2014-0181), had not been
completely fixed by that update. A more complete fix was implemented
in cups-filters 1.0.53 (CVE-2014-4336).

Note that only systems that have enabled the affected feature
by using the CreateIPPPrinterQueues configuration directive in
/etc/cups/cups-browsed.conf were affected by the CVE-2014-2707 /
CVE-2014-4336 issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4338
http://advisories.mageia.org/MGASA-2014-0170.html
http://advisories.mageia.org/MGASA-2014-0181.html
http://advisories.mageia.org/MGASA-2014-0267.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 2/X86_64:
8debeee26ba55f4bb1b93d553da75157
mbs2/x86_64/cups-filters-1.0.53-1.mbs2.x86_64.rpm
37666681642eddb5343e968a58b3d771
mbs2/x86_64/lib64cups-filters1-1.0.53-1.mbs2.x86_64.rpm
d526c4341f34532c8032655f7e334999
mbs2/x86_64/lib64cups-filters-devel-1.0.53-1.mbs2.x86_64.rpm
5ecb3127039ab1eacb519a7b98e1d545
mbs2/SRPMS/cups-filters-1.0.53-1.mbs2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVF3e0mqjQ0CJFipgRAmSxAJ0fLCoHyyU8zzI8WSW36Yi7P1fAMgCfZ3sm
w9BvNovNQW1jwArTVorAJo0=
=0EYE
-----END PGP SIGNATURE-----


------------=_1427605051-10360-0
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1427605051-10360-0--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung