=========================================================== Ubuntu Security Notice USN-50-1 December 23, 2004 cupsys vulnerabilities CAN-2004-1125, CAN-2004-2467, CAN-2004-1268, CAN-2004-1269, CAN-2004-1270 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: cupsys cupsys-client libcupsimage2 The problem can be corrected by upgrading the affected package to version 1.1.20final+cvs20040330-4ubuntu16.3. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS contains xpdf code to convert incoming PDF files to the PostScript format, this vulnerability applies to cups as well. In this case it could even lead to privilege escalation: if an attacker submitted a malicious PDF file for printing, he could be able to execute arbitrary commands with the privileges of the CUPS server. Please note that the Ubuntu version of CUPS runs as a minimally privileged user 'cupsys' by default, so there is no possibility of root privilege escalation. The privileges of the 'cupsys' user are confined to modifying printer configurations, altering print jobs, and controlling printers. CAN-2004-1267: Ariel Berkman discovered a buffer overflow in the ParseCommand() function of the HPGL input driver. If an attacker printed a malicious HPGL file, they could exploit this to execute arbitrary commands with the privileges of the CUPS server. CAN-2004-1268, CAN-2004-1269, CAN-2004-1270: Bartlomiej Sieka discovered three flaws in lppasswd. These allowed users to corrupt the new password file by filling up the disk, sending certain signals, or closing the standard output and/or error streams. Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.3.diff.gz Size/MD5: 1352536 0b3dff4b36a5f404c750dcc10d10a9ae http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.3.dsc Size/MD5: 867 307e3cfac3d2e0d2b840edda6766d363 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330.orig.tar.gz Size/MD5: 5645146 5eb5983a71b26e4af841c26703fc2f79 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 58738 ce86aa8106bb723c24cf06742cac43d3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 106996 32f1883093b7d51c9db3d034d6683324 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 3614338 ffcd9fbfb622e1a0f88801314d76a55d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 62374 61ed662f10903693d9daa11ce1003e4d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 53022 b005e4d8a35b5b9106f9ed6319a4a3a9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 101516 bae3a9b731cb9674e39f324339a6bfb7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.3_amd64.deb Size/MD5: 74574 41b6f5c20b92936cd561f1b498b2bffa i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 58086 fc2585df5a6c9a6f91e2c96422a6a5eb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 104794 ed83510fe5438b49906aa53869d1f941 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 3602978 c527a4935a8191916bd15d95a5594994 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 61954 438afe729fe9c0860a3230d7e7c9f6b3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 52614 1c9edae57f661ab6619658147f56f209 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 98164 c433f521beaca797904ffa75e885e779 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.3_i386.deb Size/MD5: 71840 d79c1d3435f8a011cc48365d4ba09a67 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 62658 1a76c764e7f49a3f1905e857a0711af6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 114586 aa0c5d46151616c81da44f58ae0da2f3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 3633420 5445b181420280d11ff495d7f7852358 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 61582 7220dcf33aca9c57aeb56b99383ac956 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 55258 f0b7d3760ef14240d7c641bf2905e0e6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 100890 0510f214580a48d951df058cb7a96e58 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.3_powerpc.deb Size/MD5: 74666 4001918d5233a43ce5014328e3001449
Attachment:
signature.asc
Description: Digital signature