Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in cups
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in cups
ID: MDKSA-2007:204
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1, Mandriva 2008.0
Datum: Do, 1. November 2007, 22:43
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
Applikationen: Common UNIX Printing System

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1193953390-4794-2640


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:204
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : cups
 Date    : November 1, 2007
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS
 that can be exploited by malicious individuals to execute arbitrary
 code.  This flaw is due to a boundary error when processing IPP
 (Internet Printing Protocol) tags.
 
 Updated packages have been patched to prevent these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 e23b399fd831bdd8c603c9e3b4c48ffc  2007.0/i586/cups-1.2.4-1.4mdv2007.0.i586.rpm
 7c4e0384b1a191627b7f8e9a4ae9d4a6 
 2007.0/i586/cups-common-1.2.4-1.4mdv2007.0.i586.rpm
 ce4b32b8af4fd0977deaafc74441c014 
 2007.0/i586/cups-serial-1.2.4-1.4mdv2007.0.i586.rpm
 d06368c9caa68f936a5e6dda6e7fb5c6 
 2007.0/i586/libcups2-1.2.4-1.4mdv2007.0.i586.rpm
 a244f21ce09342e9c315a344cf596d85 
 2007.0/i586/libcups2-devel-1.2.4-1.4mdv2007.0.i586.rpm
 dc41bf3eb0d83fd03fcc34f289f8eb6c 
 2007.0/i586/php-cups-1.2.4-1.4mdv2007.0.i586.rpm 
 3b2e000cc3b936c3a8b7094f31a09397  2007.0/SRPMS/cups-1.2.4-1.4mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 a6628ec9ac0cbe200e088eda57a9c5bc 
 2007.0/x86_64/cups-1.2.4-1.4mdv2007.0.x86_64.rpm
 2e58f927d087a003e00812d825ee22f5 
 2007.0/x86_64/cups-common-1.2.4-1.4mdv2007.0.x86_64.rpm
 af7e07631f23b72dd253b1c577fd80ba 
 2007.0/x86_64/cups-serial-1.2.4-1.4mdv2007.0.x86_64.rpm
 297711478022026dedc25fb7aafaf780 
 2007.0/x86_64/lib64cups2-1.2.4-1.4mdv2007.0.x86_64.rpm
 c7d7c450464a5b4ce987b873374d7672 
 2007.0/x86_64/lib64cups2-devel-1.2.4-1.4mdv2007.0.x86_64.rpm
 2f9d2f0042ec013c8f7a1bb6ee400165 
 2007.0/x86_64/php-cups-1.2.4-1.4mdv2007.0.x86_64.rpm 
 3b2e000cc3b936c3a8b7094f31a09397  2007.0/SRPMS/cups-1.2.4-1.4mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 b62822552fe48abaeced97000b1645a5 
 2007.1/i586/cups-1.2.10-2.2mdv2007.1.i586.rpm
 4786bd22d5d34e824e06e28a3d1c2c39 
 2007.1/i586/cups-common-1.2.10-2.2mdv2007.1.i586.rpm
 f97ec418e42340268ffd3f525b0bedbe 
 2007.1/i586/cups-serial-1.2.10-2.2mdv2007.1.i586.rpm
 c70082109a3447dc47b873062d0d5a7d 
 2007.1/i586/libcups2-1.2.10-2.2mdv2007.1.i586.rpm
 5ccaf6cc0d42c4d3c6c39fc7a5d1aa47 
 2007.1/i586/libcups2-devel-1.2.10-2.2mdv2007.1.i586.rpm
 ea9bfd729bfeb62ec3abade783056406 
 2007.1/i586/php-cups-1.2.10-2.2mdv2007.1.i586.rpm 
 939f5648ef070af9f2280b0dc127e2fd 
 2007.1/SRPMS/cups-1.2.10-2.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 76efedcbae8bb5d6bba0b53831b0c2a0 
 2007.1/x86_64/cups-1.2.10-2.2mdv2007.1.x86_64.rpm
 a6391bf0397645a1d7c624b65dc4b5e6 
 2007.1/x86_64/cups-common-1.2.10-2.2mdv2007.1.x86_64.rpm
 26fbf6292b5c24aa357485d6739a030b 
 2007.1/x86_64/cups-serial-1.2.10-2.2mdv2007.1.x86_64.rpm
 055ae27cc25345cfe93f672b3f3d3dea 
 2007.1/x86_64/lib64cups2-1.2.10-2.2mdv2007.1.x86_64.rpm
 8c46ae6621d662416c6fd48eb900c3fa 
 2007.1/x86_64/lib64cups2-devel-1.2.10-2.2mdv2007.1.x86_64.rpm
 5bf659a25b401d796a8107e61f71d824 
 2007.1/x86_64/php-cups-1.2.10-2.2mdv2007.1.x86_64.rpm 
 939f5648ef070af9f2280b0dc127e2fd 
 2007.1/SRPMS/cups-1.2.10-2.2mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 a2953f5265fb935eb21b2395bd5e48a5  2008.0/i586/cups-1.3.0-3.1mdv2008.0.i586.rpm
 8d2ee10edb681cffab4bf1b63d327857 
 2008.0/i586/cups-common-1.3.0-3.1mdv2008.0.i586.rpm
 f2487ba24e5f4281892a8295377b9bd7 
 2008.0/i586/cups-serial-1.3.0-3.1mdv2008.0.i586.rpm
 3de803df9e94fb17280953ab8e3e43cc 
 2008.0/i586/libcups2-1.3.0-3.1mdv2008.0.i586.rpm
 27ac1ea66b531ebec1b5c8cfc16e782a 
 2008.0/i586/libcups2-devel-1.3.0-3.1mdv2008.0.i586.rpm
 f1ea38b7d9d6e840fc94b9b6abe1e302 
 2008.0/i586/php-cups-1.3.0-3.1mdv2008.0.i586.rpm 
 6fc544ca63eecd0baaae2235d46c31b4  2008.0/SRPMS/cups-1.3.0-3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 e50c2e551dddb674dddd69ac6eb92c8a 
 2008.0/x86_64/cups-1.3.0-3.1mdv2008.0.x86_64.rpm
 45a3a9b26a88c9a218390535bbc07a5c 
 2008.0/x86_64/cups-common-1.3.0-3.1mdv2008.0.x86_64.rpm
 ef765e8642ed2a2bfb3ff2d48f6ccff6 
 2008.0/x86_64/cups-serial-1.3.0-3.1mdv2008.0.x86_64.rpm
 de91abd87fba62eccf56f6297afde42b 
 2008.0/x86_64/lib64cups2-1.3.0-3.1mdv2008.0.x86_64.rpm
 b6668430e0d7de9409a4944183017c77 
 2008.0/x86_64/lib64cups2-devel-1.3.0-3.1mdv2008.0.x86_64.rpm
 5b2387f00099aa746837651648e1ad86 
 2008.0/x86_64/php-cups-1.3.0-3.1mdv2008.0.x86_64.rpm 
 6fc544ca63eecd0baaae2235d46c31b4  2008.0/SRPMS/cups-1.3.0-3.1mdv2008.0.src.rpm

 Corporate 3.0:
 15d47f4a424509184dd470da0367e4d7 
 corporate/3.0/i586/cups-1.1.20-5.13.C30mdk.i586.rpm
 919fcbbbaf3d98be034b99c8557ca077 
 corporate/3.0/i586/cups-common-1.1.20-5.13.C30mdk.i586.rpm
 4afd975f1d917bdc4295efeff6da7b59 
 corporate/3.0/i586/cups-serial-1.1.20-5.13.C30mdk.i586.rpm
 73cc314ecb9ad5667521b0c25c4bde6b 
 corporate/3.0/i586/libcups2-1.1.20-5.13.C30mdk.i586.rpm
 f735244992f18a5edcf6911b7a755072 
 corporate/3.0/i586/libcups2-devel-1.1.20-5.13.C30mdk.i586.rpm 
 6e7caebc791076f1b7be6e01feb32843 
 corporate/3.0/SRPMS/cups-1.1.20-5.13.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8ac0fa6a86ad44b1542ed2a6917058f0 
 corporate/3.0/x86_64/cups-1.1.20-5.13.C30mdk.x86_64.rpm
 592aa5849264c2e83973b9e0025e6686 
 corporate/3.0/x86_64/cups-common-1.1.20-5.13.C30mdk.x86_64.rpm
 d57eb8c52fd2caacebacf5374915fa3d 
 corporate/3.0/x86_64/cups-serial-1.1.20-5.13.C30mdk.x86_64.rpm
 f96e95f4c460456c4e7fc939245e2c92 
 corporate/3.0/x86_64/lib64cups2-1.1.20-5.13.C30mdk.x86_64.rpm
 a10a7345e5d8854d51cfd3f8b1ace568 
 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.13.C30mdk.x86_64.rpm 
 6e7caebc791076f1b7be6e01feb32843 
 corporate/3.0/SRPMS/cups-1.1.20-5.13.C30mdk.src.rpm

 Corporate 4.0:
 a0f3d078a74b2c53e4584bb38cce9a3c 
 corporate/4.0/i586/cups-1.2.4-0.4.20060mlcs4.i586.rpm
 d6d6ad7ccc2a10e2afef7c4df1ff356f 
 corporate/4.0/i586/cups-common-1.2.4-0.4.20060mlcs4.i586.rpm
 acdb601c9b45c6c3aac33a8c35511df1 
 corporate/4.0/i586/cups-serial-1.2.4-0.4.20060mlcs4.i586.rpm
 92dbd07ab275e28ef5e9389b0ba41044 
 corporate/4.0/i586/libcups2-1.2.4-0.4.20060mlcs4.i586.rpm
 5d785917c935e1be68259d6ddcc39c34 
 corporate/4.0/i586/libcups2-devel-1.2.4-0.4.20060mlcs4.i586.rpm
 30178e2b49f94797265f8bd5521f4feb 
 corporate/4.0/i586/php-cups-1.2.4-0.4.20060mlcs4.i586.rpm 
 c69b9cb3c9cc0195754ad0abbba86909 
 corporate/4.0/SRPMS/cups-1.2.4-0.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 94a66b9c5c857dac0608740b59d3c7d3 
 corporate/4.0/x86_64/cups-1.2.4-0.4.20060mlcs4.x86_64.rpm
 8b85a0601a5140a2124f6f4a226636ab 
 corporate/4.0/x86_64/cups-common-1.2.4-0.4.20060mlcs4.x86_64.rpm
 626e94c62eb6a8542218add3acf5643d 
 corporate/4.0/x86_64/cups-serial-1.2.4-0.4.20060mlcs4.x86_64.rpm
 8981312a07b0073590a0a9fe47d84fa4 
 corporate/4.0/x86_64/lib64cups2-1.2.4-0.4.20060mlcs4.x86_64.rpm
 52c5bcce946a258be2961cfc0aeac04c 
 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.4.20060mlcs4.x86_64.rpm
 b93fee3d490982b27af59c547c82ea26 
 corporate/4.0/x86_64/php-cups-1.2.4-0.4.20060mlcs4.x86_64.rpm 
 c69b9cb3c9cc0195754ad0abbba86909 
 corporate/4.0/SRPMS/cups-1.2.4-0.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHKg0pmqjQ0CJFipgRAm7rAJ9DbE0ifwt++PgAsGkZubl7/XMpPgCeJmnH
Lbv+H8gJvXS25ZSt2Bi04gk=
=7SuA
-----END PGP SIGNATURE-----


------------=_1193953390-4794-2640
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1193953390-4794-2640--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung