MDKSA-2005:138 - Updated cups packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: cups
Advisory ID: MDKSA-2005:138
Date: August 11th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
A vulnerability was discovered in the CUPS printing package where
when processing a PDF file, bounds checking was not correctly
performed on some fields. As a result, this could cause the pdtops
filter to crash.
The updated packages have been patched to correct this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
5d48bca988287653dd56975cc47a9011 10.0/RPMS/cups-1.1.20-5.8.100mdk.i586.rpm
4766df09a7d3dab61dff26d18210607e
10.0/RPMS/cups-common-1.1.20-5.8.100mdk.i586.rpm
01d3f0e9fbca7245d29e0008f511379e
10.0/RPMS/cups-serial-1.1.20-5.8.100mdk.i586.rpm
f654610a508b60e19a9fdd909a36ca50 10.0/RPMS/libcups2-1.1.20-5.8.100mdk.i586.rpm
2a8b8d18b2f3aafec1b3f5a6e27c8f76
10.0/RPMS/libcups2-devel-1.1.20-5.8.100mdk.i586.rpm
e8fbda4a5bc004645231929662b461f0 10.0/SRPMS/cups-1.1.20-5.8.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
e6c500410c6737912b341994c1079a02
amd64/10.0/RPMS/cups-1.1.20-5.8.100mdk.amd64.rpm
290cbd28249758d012ce0f6405fe8bb7
amd64/10.0/RPMS/cups-common-1.1.20-5.8.100mdk.amd64.rpm
a23b7e1868ff06db1c3358ddad003e08
amd64/10.0/RPMS/cups-serial-1.1.20-5.8.100mdk.amd64.rpm
501e5559e13ab873eb84ee7449258c2c
amd64/10.0/RPMS/lib64cups2-1.1.20-5.8.100mdk.amd64.rpm
39270cd3e6719b3a531c748a85d005e9
amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.8.100mdk.amd64.rpm
f654610a508b60e19a9fdd909a36ca50
amd64/10.0/RPMS/libcups2-1.1.20-5.8.100mdk.i586.rpm
e8fbda4a5bc004645231929662b461f0
amd64/10.0/SRPMS/cups-1.1.20-5.8.100mdk.src.rpm
Mandrakelinux 10.1:
175bc89b8c2aa3f49f3b264eb3d11c08
10.1/RPMS/cups-1.1.21-0.rc1.7.6.101mdk.i586.rpm
a0f2a26a2c03c4eeb4b2d8c0edead1d7
10.1/RPMS/cups-common-1.1.21-0.rc1.7.6.101mdk.i586.rpm
f266721618d085b9039f5dca9674ecb2
10.1/RPMS/cups-serial-1.1.21-0.rc1.7.6.101mdk.i586.rpm
631dbfd315035444776fd6cf95cf6acd
10.1/RPMS/libcups2-1.1.21-0.rc1.7.6.101mdk.i586.rpm
d35a97d673a4ac95ace0a42537f88025
10.1/RPMS/libcups2-devel-1.1.21-0.rc1.7.6.101mdk.i586.rpm
63feebc89515a0df9119c425c4a35884
10.1/SRPMS/cups-1.1.21-0.rc1.7.6.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
d36a3f804109352ab330793e97e1a0de
x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
b50419737107d955258878707d575935
x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
0d9a6b76fc5eae9190f73ad14f5cfbc2
x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
7782f4c85b11d9eaf980488b84d06e93
x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
ed0fe1a09d4564c4495bacb221df847d
x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.6.101mdk.x86_64.rpm
631dbfd315035444776fd6cf95cf6acd
x86_64/10.1/RPMS/libcups2-1.1.21-0.rc1.7.6.101mdk.i586.rpm
63feebc89515a0df9119c425c4a35884
x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.6.101mdk.src.rpm
Mandrakelinux 10.2:
c1ef8da952cd9e56e2746be2b0bb5bd9 10.2/RPMS/cups-1.1.23-11.1.102mdk.i586.rpm
736fd01eacca34d04607795d1ef6547f
10.2/RPMS/cups-common-1.1.23-11.1.102mdk.i586.rpm
7d9dabe327857b8295bca0c689725732
10.2/RPMS/cups-serial-1.1.23-11.1.102mdk.i586.rpm
829d2177b1f7317e5a8cde837aca55b4
10.2/RPMS/libcups2-1.1.23-11.1.102mdk.i586.rpm
16a599e6757a5bd5ed6820833d968b33
10.2/RPMS/libcups2-devel-1.1.23-11.1.102mdk.i586.rpm
27c0d389d9a85467c9a70944b4362ec4 10.2/SRPMS/cups-1.1.23-11.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
3a1ccbf7ae89e47c1778f3c5997b178f
x86_64/10.2/RPMS/cups-1.1.23-11.1.102mdk.x86_64.rpm
d3275ccee68d7429fda7ba20f89c518c
x86_64/10.2/RPMS/cups-common-1.1.23-11.1.102mdk.x86_64.rpm
e665f3d80d4e13de539d9fa39a16d22e
x86_64/10.2/RPMS/cups-serial-1.1.23-11.1.102mdk.x86_64.rpm
9b5863c09729384a019f725d6861839e
x86_64/10.2/RPMS/lib64cups2-1.1.23-11.1.102mdk.x86_64.rpm
63770318c658c4186d7d57a2208ed46a
x86_64/10.2/RPMS/lib64cups2-devel-1.1.23-11.1.102mdk.x86_64.rpm
829d2177b1f7317e5a8cde837aca55b4
x86_64/10.2/RPMS/libcups2-1.1.23-11.1.102mdk.i586.rpm
16a599e6757a5bd5ed6820833d968b33
x86_64/10.2/RPMS/libcups2-devel-1.1.23-11.1.102mdk.i586.rpm
27c0d389d9a85467c9a70944b4362ec4
x86_64/10.2/SRPMS/cups-1.1.23-11.1.102mdk.src.rpm
Corporate Server 2.1:
cf770f5bf37c8318ba77c5fcde438172
corporate/2.1/RPMS/cups-1.1.18-2.10.C21mdk.i586.rpm
524af59e822beba950b117106a1f96ed
corporate/2.1/RPMS/cups-common-1.1.18-2.10.C21mdk.i586.rpm
5be445e71199134e69dabe35c1e3be7d
corporate/2.1/RPMS/cups-serial-1.1.18-2.10.C21mdk.i586.rpm
a54a56a116a971a49bf2f0bdbb68e94f
corporate/2.1/RPMS/libcups1-1.1.18-2.10.C21mdk.i586.rpm
77365811d8997c9ffe4495b27005dfa6
corporate/2.1/RPMS/libcups1-devel-1.1.18-2.10.C21mdk.i586.rpm
20c930c0306bfd6294ac99f4e479b61b
corporate/2.1/SRPMS/cups-1.1.18-2.10.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
65685f8e7a1d812a02e9cb589b2bce69
x86_64/corporate/2.1/RPMS/cups-1.1.18-2.10.C21mdk.x86_64.rpm
aadb1a546919cc920ebec02d2bc49cfd
x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.10.C21mdk.x86_64.rpm
5cfc03537c65469e4d639ef0b70cae89
x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.10.C21mdk.x86_64.rpm
5dcab751c4e4882492824dbcc7cb68d3
x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.10.C21mdk.x86_64.rpm
0277512cc9357f1644abb49f3a514b9d
x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.10.C21mdk.x86_64.rpm
20c930c0306bfd6294ac99f4e479b61b
x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.10.C21mdk.src.rpm
Corporate 3.0:
ada77f1b64381034566313eb87f809c9
corporate/3.0/RPMS/cups-1.1.20-5.8.C30mdk.i586.rpm
55be908096a2354e98f661ce596b2361
corporate/3.0/RPMS/cups-common-1.1.20-5.8.C30mdk.i586.rpm
9d2b28df649b1a96e3937839adac1933
corporate/3.0/RPMS/cups-serial-1.1.20-5.8.C30mdk.i586.rpm
3dde8924c65df2232a1e908605a25c67
corporate/3.0/RPMS/libcups2-1.1.20-5.8.C30mdk.i586.rpm
8aa74d6b8b151d6ca0520c8d8b23cab1
corporate/3.0/RPMS/libcups2-devel-1.1.20-5.8.C30mdk.i586.rpm
e0606323bf662289f25298c29d64faed
corporate/3.0/SRPMS/cups-1.1.20-5.8.C30mdk.src.rpm
Corporate 3.0/X86_64:
88a009de39c8d2f7fa137c0f113ccac2
x86_64/corporate/3.0/RPMS/cups-1.1.20-5.8.C30mdk.x86_64.rpm
7512d729ba5767b120390dd65b2d32d5
x86_64/corporate/3.0/RPMS/cups-common-1.1.20-5.8.C30mdk.x86_64.rpm
15c7f2318320357a8a54d3aa10206a99
x86_64/corporate/3.0/RPMS/cups-serial-1.1.20-5.8.C30mdk.x86_64.rpm
a685089585d71ba77578a25187d4970c
x86_64/corporate/3.0/RPMS/lib64cups2-1.1.20-5.8.C30mdk.x86_64.rpm
89507149b4b041b3d954e7c2e97c0feb
x86_64/corporate/3.0/RPMS/lib64cups2-devel-1.1.20-5.8.C30mdk.x86_64.rpm
3dde8924c65df2232a1e908605a25c67
x86_64/corporate/3.0/RPMS/libcups2-1.1.20-5.8.C30mdk.i586.rpm
e0606323bf662289f25298c29d64faed
x86_64/corporate/3.0/SRPMS/cups-1.1.20-5.8.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC+7Q2mqjQ0CJFipgRArJqAJ9Ct27CrTdqO+IWgn7o/t8y3QxvkACgxyg1
Kl+kyirBMLuNwZYU7mPLmpk=
=HdMX
-----END PGP SIGNATURE-----