Login
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in Common UNIX Printing System
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in Common UNIX Printing System
ID: TLSA-2007-47
Distribution: TurboLinux
Plattformen: Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 8 Server, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition, TurboLinux wizpy
Datum: Mi, 26. September 2007, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
Applikationen: Common UNIX Printing System

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-47
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 25 Sep 2007
Last revised: 25 Sep 2007

Package: cups

Summary: Integer overflow

More information:
The Common UNIX Printing System provides a portable printing layer for
UNIX operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.

Integer overflow in the StreamPredictor::StreamPredictor function in gpdf.

Impact:
Remote attackers to execute arbitrary code via a crafted PDF file.

Affected Products:
- wizpy
- Turbolinux Appliance Server 2.0
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 8 Server


<wizpy>

Source Packages
Size: MD5

cups-1.1.23-13.src.rpm
9156131 1ba5cb1300b44cc4346eec7f55325593

Binary Packages
Size: MD5

cups-1.1.23-13.i386.rpm
7492748 d5a6450e8fd1b8d66a754f4ad814f998
cups-libs-1.1.23-13.i386.rpm
80523 4373d771098fae7b0881135d4a458411

<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 7947c2c465d362de8f9abfaa8ab9aa6b

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2510725 6f60450358ac7df1b47ad4317fb766fa
cups-devel-1.1.20-17.i586.rpm
127679 bf99cbf466edf2fc9b480bc0e76235be
cups-libs-1.1.20-17.i586.rpm
88335 87b25ac6592ac6108c22b2f52323705f

<Turbolinux FUJI>

Source Packages
Size: MD5

cups-1.1.23-13.src.rpm
9156131 ed7ee6971f01efc4506cb403ba743e75

Binary Packages
Size: MD5

cups-1.1.23-13.i686.rpm
8443610 eb34287254f34bd96e04b6d4ef38e083
cups-devel-1.1.23-13.i686.rpm
143617 79d7b52da8728699f07adc119d0742bf
cups-libs-1.1.23-13.i686.rpm
96019 c31fef8ae97b3908ffa5ba19869595c9

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 d2371ea85fb5158b7112f4ee10d4057e

Binary Packages
Size: MD5

cups-1.1.20-17.x86_64.rpm
2508630 0771961740f2b4eee4f68ab7c66a991a
cups-devel-1.1.20-17.x86_64.rpm
126480 1a497994ba37c3be98d399dd548b9ac0
cups-libs-1.1.20-17.x86_64.rpm
91074 7fbf9c25b59947eeb8f8fb4ccab6b5ea

<Turbolinux Appliance Server 1.0 Hosting Edition>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 0000d86e0214a17c685014e1438ad9f8

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2502190 ad4447dafb9b8d2c5b2e6666ed6b3ab7
cups-libs-1.1.20-17.i586.rpm
94155 6e0f1eab2d654cacfb2ad2eec12c6b6e

<Turbolinux Appliance Server 1.0 Workgroup Edition>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 9230deb4df075ccb1c26729b5ce6d93e

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2502729 74ea5462b607d1e562514651539ece60
cups-devel-1.1.20-17.i586.rpm
125255 93a9d9ca46a6679ebad65d49cb9c1e7a
cups-libs-1.1.20-17.i586.rpm
94344 1f62831e0d3df505541357490cc91aa4

<Turbolinux 10 Server>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 7947c2c465d362de8f9abfaa8ab9aa6b

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2510725 6f60450358ac7df1b47ad4317fb766fa
cups-devel-1.1.20-17.i586.rpm
127679 bf99cbf466edf2fc9b480bc0e76235be
cups-libs-1.1.20-17.i586.rpm
88335 87b25ac6592ac6108c22b2f52323705f

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
Multimedia, Turbolinux Personal>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 94d73a1b02c9080e6ed92fbd4c2a2787

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2519698 124154c202df1daaaae7b658d6e1c1c1
cups-devel-1.1.20-17.i586.rpm
127889 9ec96035fb88988ec542988bf34d1916
cups-libs-1.1.20-17.i586.rpm
88555 b961e035ba26f95b6ab2d43befaa888f

<Turbolinux 8 Server>

Source Packages
Size: MD5

cups-1.1.20-17.src.rpm
4218841 04f883ae54c5efb022efd36c1684e2bf

Binary Packages
Size: MD5

cups-1.1.20-17.i586.rpm
2502497 4403d9207fd35130388611ed7e90e6aa
cups-devel-1.1.20-17.i586.rpm
125292 504680b72663debced40fc695159c726
cups-libs-1.1.20-17.i586.rpm
94311 6af6c06a9e7641c16a35f51e9837e1b7


References:

CVE
[CVE-2007-3387]
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3387

--------------------------------------------------------------------------
Revision History
25 Sep 2007 Initial release
--------------------------------------------------------------------------

Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFG+LoXK0LzjOqIJMwRAhDIAJ48GgYgRDa4halDQ+1vltJMFiDw3ACfVTY4
Lk85mS2p8YGgu9/+BFmLIiE=
=31sx
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung