<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2004:097 - Updated cups packages fix DoS vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           cups
 Advisory ID:            MDKSA-2004:097
 Date:                   September 15th, 2004

 Affected versions:      10.0, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Alvaro Martinez Echevarria discovered a vulnerability in the CUPS
 print server where an empty UDP datagram sent to port 631 (the default
 port that cupsd listens to) would disable browsing.  This would
 prevent cupsd from seeing any remote printers or any future remote
 printer changes.
 
 The updated packages are patched to protect against this vulnerability.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
  http://www.cups.org/str.php?L863
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 6f786e3ec36e246d7370f492e53e8071  10.0/RPMS/cups-1.1.20-5.1.100mdk.i586.rpm
 3b648685e2d6daca32c19f0c911c2a2d  
10.0/RPMS/cups-common-1.1.20-5.1.100mdk.i586.rpm
 c38951a854429442227c08493ce95b10  
10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.i586.rpm
 68d867e3151cc40be946f7e6585718b3  10.0/RPMS/libcups2-1.1.20-5.1.100mdk.i586.rpm
 73a61738b404f9ffe2f5d33d999c58d8  
10.0/RPMS/libcups2-devel-1.1.20-5.1.100mdk.i586.rpm
 dbf32babe26d1b9bf922839fd4f64409  10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 9dd4e92fa6761ce6414583f3673dab6b  
amd64/10.0/RPMS/cups-1.1.20-5.1.100mdk.amd64.rpm
 e49fdc4df0ab800ad48c24a87117a63f  
amd64/10.0/RPMS/cups-common-1.1.20-5.1.100mdk.amd64.rpm
 ccc5ae05b07c3a56eb30cfe3a95e2aea  
amd64/10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.amd64.rpm
 a816a4ad33164d23d0a5425b900d9ce0  
amd64/10.0/RPMS/lib64cups2-1.1.20-5.1.100mdk.amd64.rpm
 feeed14726902046368619d8e5f680c4  
amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.1.100mdk.amd64.rpm
 dbf32babe26d1b9bf922839fd4f64409  
amd64/10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm

 Corporate Server 2.1:
 142f95c8680e081dfbfb53e586de0758  
corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.i586.rpm
 13510fb948f686e81cb0e43ed199a5c9  
corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.i586.rpm
 fe7759d16276087aea078a4666d27264  
corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.i586.rpm
 d5a3ad2d14a730b633153bc486f8d043  
corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.i586.rpm
 b1ac7b51317da42444ea35e5e3e1def3  
corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.i586.rpm
 0cfaa49e8d722afad7886998121a8ef2  
corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 53d838ecedc3d39880e43476cdba933d  
x86_64/corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.x86_64.rpm
 71df87e1abeb7cbf1dff2d206476f149  
x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.x86_64.rpm
 93d9708fbbc34f7ea44b40f193a35bf1  
x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.x86_64.rpm
 4a2d2ace8e2ddf9e29061fff3b0b2e72  
x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.x86_64.rpm
 7edc440141df40c2dbfb814c7221e511  
x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.x86_64.rpm
 0cfaa49e8d722afad7886998121a8ef2  
x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm

 Mandrakelinux 9.2:
 b46e23e49906b9837f8ff8a2f1551a1a  9.2/RPMS/cups-1.1.19-10.1.92mdk.i586.rpm
 41882610ebe7ef19c62d0466a3b856bd  
9.2/RPMS/cups-common-1.1.19-10.1.92mdk.i586.rpm
 80285eaf595e788bf83cb06c3be6399b  
9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.i586.rpm
 eeb50273236cab134566e4ba9aa19de7  9.2/RPMS/libcups2-1.1.19-10.1.92mdk.i586.rpm
 9eebdc74a019cbf01a36e91cb0f2da38  
9.2/RPMS/libcups2-devel-1.1.19-10.1.92mdk.i586.rpm
 b2badd330ea284850e42f9107bb178cf  9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 bd01da75ac66983321eca2394853eb56  
amd64/9.2/RPMS/cups-1.1.19-10.1.92mdk.amd64.rpm
 865443156fd350d0b06c1696f923d413  
amd64/9.2/RPMS/cups-common-1.1.19-10.1.92mdk.amd64.rpm
 78ed4c034ee5fa27b85dd89d909a1a3c  
amd64/9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.amd64.rpm
 7e868f59baa290fbef9f933ac76156ce  
amd64/9.2/RPMS/lib64cups2-1.1.19-10.1.92mdk.amd64.rpm
 db3266a647e39805f0b9f36fa87dcac1  
amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.1.92mdk.amd64.rpm
 b2badd330ea284850e42f9107bb178cf  
amd64/9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBSJATmqjQ0CJFipgRAgi4AJ4hX3e+0849lql7lwNX37B6Wk3I8gCfceiU
lMl3gN7n7Pvj20zxNFqdGtM=
=5r+U
-----END PGP SIGNATURE-----