Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in cups
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in cups
ID: MDKSA-2007:228
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1, Mandriva 2008.0
Datum: Di, 20. November 2007, 03:45
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
Applikationen: Common UNIX Printing System

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1195526741-4794-4212


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:228
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : cups
 Date    : November 19, 2007
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Alin Rad Pop found several flaws in how PDF files are handled in cups.
 An attacker could create a malicious PDF file that would cause cups
 to crash or potentially execute arbitrary code when opened.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 4fd4b6a2d384e2cc599b415131a58edd  2007.0/i586/cups-1.2.4-1.5mdv2007.0.i586.rpm
 29fd652c383d4ea688336bc143f1e5cf 
 2007.0/i586/cups-common-1.2.4-1.5mdv2007.0.i586.rpm
 6a6c275bf900887bc34325ef552f39ab 
 2007.0/i586/cups-serial-1.2.4-1.5mdv2007.0.i586.rpm
 b2f487a129a0ae8cefd66bd89177f5bd 
 2007.0/i586/libcups2-1.2.4-1.5mdv2007.0.i586.rpm
 853850aadbfed2e7a5fe76ddfd293990 
 2007.0/i586/libcups2-devel-1.2.4-1.5mdv2007.0.i586.rpm
 cdeaa28956923402a8986821fb01ec53 
 2007.0/i586/php-cups-1.2.4-1.5mdv2007.0.i586.rpm 
 5152934e9233e36bd1308d36144bbc1c  2007.0/SRPMS/cups-1.2.4-1.5mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 7df3b74de7c7d06ca7e750912993b85a 
 2007.0/x86_64/cups-1.2.4-1.5mdv2007.0.x86_64.rpm
 7c8463926c7a618df34b5e31ddb3b80f 
 2007.0/x86_64/cups-common-1.2.4-1.5mdv2007.0.x86_64.rpm
 49b51564f1e7ce0df1da99f7f86bff3c 
 2007.0/x86_64/cups-serial-1.2.4-1.5mdv2007.0.x86_64.rpm
 e6c50f4ec69f14569036549ee1402beb 
 2007.0/x86_64/lib64cups2-1.2.4-1.5mdv2007.0.x86_64.rpm
 0d4f42989dc3604a551cf1f9f4bb1c76 
 2007.0/x86_64/lib64cups2-devel-1.2.4-1.5mdv2007.0.x86_64.rpm
 8a9a47b66a117d76b6612ac247ee76fb 
 2007.0/x86_64/php-cups-1.2.4-1.5mdv2007.0.x86_64.rpm 
 5152934e9233e36bd1308d36144bbc1c  2007.0/SRPMS/cups-1.2.4-1.5mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 8bca1f69b483c9907b164d090bf71161 
 2007.1/i586/cups-1.2.10-2.3mdv2007.1.i586.rpm
 8d84223e130eb9039dd5e25dfcf47684 
 2007.1/i586/cups-common-1.2.10-2.3mdv2007.1.i586.rpm
 c73459d19f605e2093fe8e7753510cf8 
 2007.1/i586/cups-serial-1.2.10-2.3mdv2007.1.i586.rpm
 9f4e634eb3e900ffefd59562780a3f28 
 2007.1/i586/libcups2-1.2.10-2.3mdv2007.1.i586.rpm
 fd0883a8e8243ff1ceb862f14b9f032b 
 2007.1/i586/libcups2-devel-1.2.10-2.3mdv2007.1.i586.rpm
 bbb9b69f0e77c2e89f82328fa96a254f 
 2007.1/i586/php-cups-1.2.10-2.3mdv2007.1.i586.rpm 
 a9694fcccc09b5fc3e0ab17acff8c857 
 2007.1/SRPMS/cups-1.2.10-2.3mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 b1ae2a278de78e5e90cd818af06c8869 
 2007.1/x86_64/cups-1.2.10-2.3mdv2007.1.x86_64.rpm
 feb3659cf805bbb8d7d528ec00007416 
 2007.1/x86_64/cups-common-1.2.10-2.3mdv2007.1.x86_64.rpm
 f10bf7760a46b9bf195d0ee2f0b20ad0 
 2007.1/x86_64/cups-serial-1.2.10-2.3mdv2007.1.x86_64.rpm
 7dccd2d2bd22194c72821a2315be71f0 
 2007.1/x86_64/lib64cups2-1.2.10-2.3mdv2007.1.x86_64.rpm
 1690756e08eed05d08b9b1dad4554a69 
 2007.1/x86_64/lib64cups2-devel-1.2.10-2.3mdv2007.1.x86_64.rpm
 9d0f9f960a4e171d5b69a51650a0e97c 
 2007.1/x86_64/php-cups-1.2.10-2.3mdv2007.1.x86_64.rpm 
 a9694fcccc09b5fc3e0ab17acff8c857 
 2007.1/SRPMS/cups-1.2.10-2.3mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 fb82aaf844538f1192dc5a5bba48ebb2  2008.0/i586/cups-1.3.0-3.3mdv2008.0.i586.rpm
 0f32262c9fd557a33653d346cf561eb0 
 2008.0/i586/cups-common-1.3.0-3.3mdv2008.0.i586.rpm
 679603be0ff46880b67a8a526fc5e0f6 
 2008.0/i586/cups-serial-1.3.0-3.3mdv2008.0.i586.rpm
 2c475b6dbc51abb97f4978fb38f805aa 
 2008.0/i586/libcups2-1.3.0-3.3mdv2008.0.i586.rpm
 c8bfa0b793dc2f75c15f19e4822bb02d 
 2008.0/i586/libcups2-devel-1.3.0-3.3mdv2008.0.i586.rpm
 002037d0c0296df0f488b6827abd3621 
 2008.0/i586/php-cups-1.3.0-3.3mdv2008.0.i586.rpm 
 81a92819ff1b95379e68d0b92022ef31  2008.0/SRPMS/cups-1.3.0-3.3mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 908ceb359b83acc57734a535e1b7b7a5 
 2008.0/x86_64/cups-1.3.0-3.3mdv2008.0.x86_64.rpm
 3ef9fbbffa74d7ea35ec501c074f6195 
 2008.0/x86_64/cups-common-1.3.0-3.3mdv2008.0.x86_64.rpm
 b29c75dd2616451c33800772d77f6d22 
 2008.0/x86_64/cups-serial-1.3.0-3.3mdv2008.0.x86_64.rpm
 7bc26d62f62bebfd13f748a3e1c92f40 
 2008.0/x86_64/lib64cups2-1.3.0-3.3mdv2008.0.x86_64.rpm
 bd7fca05e68b64f71532007f0d3336b6 
 2008.0/x86_64/lib64cups2-devel-1.3.0-3.3mdv2008.0.x86_64.rpm
 f8a5c7b8727652c48080c7d42ebbbb98 
 2008.0/x86_64/php-cups-1.3.0-3.3mdv2008.0.x86_64.rpm 
 81a92819ff1b95379e68d0b92022ef31  2008.0/SRPMS/cups-1.3.0-3.3mdv2008.0.src.rpm

 Corporate 3.0:
 d8f8b23034ed04134c3adffe8900c3c0 
 corporate/3.0/i586/cups-1.1.20-5.14.C30mdk.i586.rpm
 692d4cc10f27d0b032414bd49047a0d5 
 corporate/3.0/i586/cups-common-1.1.20-5.14.C30mdk.i586.rpm
 f51f15805a46410360a735d266b05513 
 corporate/3.0/i586/cups-serial-1.1.20-5.14.C30mdk.i586.rpm
 ac8c8341c807fe425b95b2d36e540632 
 corporate/3.0/i586/libcups2-1.1.20-5.14.C30mdk.i586.rpm
 9e4381efa99b4259291d83ce12fbbfd1 
 corporate/3.0/i586/libcups2-devel-1.1.20-5.14.C30mdk.i586.rpm 
 dbb2486013936d7ac79996b437871851 
 corporate/3.0/SRPMS/cups-1.1.20-5.14.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 af60c4b209e2d7c8b2926152484d7a16 
 corporate/3.0/x86_64/cups-1.1.20-5.14.C30mdk.x86_64.rpm
 04723ab4e6928c7c94509970ee3affe5 
 corporate/3.0/x86_64/cups-common-1.1.20-5.14.C30mdk.x86_64.rpm
 633e04aa6a1a94e4c16ff06b80c5b0a1 
 corporate/3.0/x86_64/cups-serial-1.1.20-5.14.C30mdk.x86_64.rpm
 8455649b95bd3ccbbbd83643355d0d9d 
 corporate/3.0/x86_64/lib64cups2-1.1.20-5.14.C30mdk.x86_64.rpm
 b0bb5f82abe5e63f2330a2ce3856d9fd 
 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.14.C30mdk.x86_64.rpm 
 dbb2486013936d7ac79996b437871851 
 corporate/3.0/SRPMS/cups-1.1.20-5.14.C30mdk.src.rpm

 Corporate 4.0:
 601bc4824031861920955ad8555aa4d7 
 corporate/4.0/i586/cups-1.2.4-0.5.20060mlcs4.i586.rpm
 47167ce1b770bf583616d86a06e4b434 
 corporate/4.0/i586/cups-common-1.2.4-0.5.20060mlcs4.i586.rpm
 8b12a32bd46ce350143b1722dbf76de2 
 corporate/4.0/i586/cups-serial-1.2.4-0.5.20060mlcs4.i586.rpm
 7bded05fbaf5b485aef109404f0132f9 
 corporate/4.0/i586/libcups2-1.2.4-0.5.20060mlcs4.i586.rpm
 09c2660b9004454c07b15d3e57124acc 
 corporate/4.0/i586/libcups2-devel-1.2.4-0.5.20060mlcs4.i586.rpm
 55eddc1759513c131465e61564977618 
 corporate/4.0/i586/php-cups-1.2.4-0.5.20060mlcs4.i586.rpm 
 3a2b57f8a67c419bc74f09db58b6e789 
 corporate/4.0/SRPMS/cups-1.2.4-0.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 1e3565148aa5da08a4b999b42d7763c8 
 corporate/4.0/x86_64/cups-1.2.4-0.5.20060mlcs4.x86_64.rpm
 a1da7ffbc6fb5294967fde1b785dc7fa 
 corporate/4.0/x86_64/cups-common-1.2.4-0.5.20060mlcs4.x86_64.rpm
 306ffbfbf7606ffc31c197f77c539eef 
 corporate/4.0/x86_64/cups-serial-1.2.4-0.5.20060mlcs4.x86_64.rpm
 f0364ad9115ceb82978847ab6cdc66e1 
 corporate/4.0/x86_64/lib64cups2-1.2.4-0.5.20060mlcs4.x86_64.rpm
 d93d6cb48d60436c9f1b32181f82b6c7 
 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.5.20060mlcs4.x86_64.rpm
 802a3f4c3167f06640d2a8c3394cb26c 
 corporate/4.0/x86_64/php-cups-1.2.4-0.5.20060mlcs4.x86_64.rpm 
 3a2b57f8a67c419bc74f09db58b6e789 
 corporate/4.0/SRPMS/cups-1.2.4-0.5.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHQhlDmqjQ0CJFipgRAs6VAJ0Z1CEZIWu9sWiiexjGtC+JUXXXMACgo44W
z5jyh/u/+4QFVsSocymKj/g=
=RkrY
-----END PGP SIGNATURE-----


------------=_1195526741-4794-4212
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1195526741-4794-4212--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung