[ MDVSA-2008:051 ] - Updated cups packages fix vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:051
http://www.mandriva.com/security/
_______________________________________________________________________
Package : cups
Date : February 26, 2008
Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
A flaw was found in how CUPS handled the addition and removal of
remote printers via IPP that could allow a remote attacker to send
a malicious IPP packet to the UDP port causing CUPS to crash.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0886
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
0a7d158dea287d3fb02d562e66144f55 2007.0/i586/cups-1.2.4-1.7mdv2007.0.i586.rpm
0f89e8283a7765359bf587aa1a49d537
2007.0/i586/cups-common-1.2.4-1.7mdv2007.0.i586.rpm
80e246d3868f57bc052f9d0527161ed2
2007.0/i586/cups-serial-1.2.4-1.7mdv2007.0.i586.rpm
11e435c39845560d06451300cee0ff78
2007.0/i586/libcups2-1.2.4-1.7mdv2007.0.i586.rpm
82903c633dfe9b705976ac9cfea5fe13
2007.0/i586/libcups2-devel-1.2.4-1.7mdv2007.0.i586.rpm
f688f9d5d9c80a1c4081ba897bda3b31
2007.0/i586/php-cups-1.2.4-1.7mdv2007.0.i586.rpm
9d8074c34c5471dd2ea7150747e9763d 2007.0/SRPMS/cups-1.2.4-1.7mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
35030a4837fef0355a0353e552d56d45
2007.0/x86_64/cups-1.2.4-1.7mdv2007.0.x86_64.rpm
6f91d3f1c641e623549ad9d102037205
2007.0/x86_64/cups-common-1.2.4-1.7mdv2007.0.x86_64.rpm
5b974bae09a30c051fca184dbfc514a6
2007.0/x86_64/cups-serial-1.2.4-1.7mdv2007.0.x86_64.rpm
d6a2095673a0e3093303bb98c2251fb8
2007.0/x86_64/lib64cups2-1.2.4-1.7mdv2007.0.x86_64.rpm
d705ff9b705c54a3c842c25823c3c412
2007.0/x86_64/lib64cups2-devel-1.2.4-1.7mdv2007.0.x86_64.rpm
64424352ee5b03cc16d6318d47681602
2007.0/x86_64/php-cups-1.2.4-1.7mdv2007.0.x86_64.rpm
9d8074c34c5471dd2ea7150747e9763d 2007.0/SRPMS/cups-1.2.4-1.7mdv2007.0.src.rpm
Mandriva Linux 2007.1:
5105e804cdb43266919ef6a2d4d56172 2007.1/i586/cups-1.2.10-2.5mdv2007.1.i586.rpm
bc59fa659d2a1198cb37e6a5e46147d7
2007.1/i586/cups-common-1.2.10-2.5mdv2007.1.i586.rpm
b42d2a433bf01becc833f1f052117451
2007.1/i586/cups-serial-1.2.10-2.5mdv2007.1.i586.rpm
ac1ab68a5b9d22eed8de1afcfc5244dc
2007.1/i586/libcups2-1.2.10-2.5mdv2007.1.i586.rpm
08523fd668fd17454873aa3f6b62b339
2007.1/i586/libcups2-devel-1.2.10-2.5mdv2007.1.i586.rpm
b0159435bf4e9cd5e69e7215bc936cfe
2007.1/i586/php-cups-1.2.10-2.5mdv2007.1.i586.rpm
f57d2c24cf4c2566019e6457c15a4314 2007.1/SRPMS/cups-1.2.10-2.5mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
104867d41e5732b04cc19c4cb9cb9ecc
2007.1/x86_64/cups-1.2.10-2.5mdv2007.1.x86_64.rpm
bc98f745c4fe6172926c7fae56421dbf
2007.1/x86_64/cups-common-1.2.10-2.5mdv2007.1.x86_64.rpm
75f5cf947fbdf830b4c4ab7a5ab39be3
2007.1/x86_64/cups-serial-1.2.10-2.5mdv2007.1.x86_64.rpm
b792523a1e6607731d428ee8ab750cdb
2007.1/x86_64/lib64cups2-1.2.10-2.5mdv2007.1.x86_64.rpm
7d359e84eb335e0e73a45c3425ba16c7
2007.1/x86_64/lib64cups2-devel-1.2.10-2.5mdv2007.1.x86_64.rpm
b1734f40a5a137d7b040e89f8f2c9cf4
2007.1/x86_64/php-cups-1.2.10-2.5mdv2007.1.x86_64.rpm
f57d2c24cf4c2566019e6457c15a4314 2007.1/SRPMS/cups-1.2.10-2.5mdv2007.1.src.rpm
Mandriva Linux 2008.0:
41c457c0abf00c4cd12c68206d1ef19d 2008.0/i586/cups-1.3.0-3.5mdv2008.0.i586.rpm
527208039efbae8c688e17222375cd25
2008.0/i586/cups-common-1.3.0-3.5mdv2008.0.i586.rpm
77ff879a0416f557da2577e2cc0be520
2008.0/i586/cups-serial-1.3.0-3.5mdv2008.0.i586.rpm
f2e416902352f08a433fa3b42125f069
2008.0/i586/libcups2-1.3.0-3.5mdv2008.0.i586.rpm
464018750437eefcd27c64851dd3babf
2008.0/i586/libcups2-devel-1.3.0-3.5mdv2008.0.i586.rpm
51c51c2d372c97a3bd67ec20a6e8ab1f
2008.0/i586/php-cups-1.3.0-3.5mdv2008.0.i586.rpm
59be42c190d902a00fff01c813933fab 2008.0/SRPMS/cups-1.3.0-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
ae89deb6366ad290ffdad65c50536d05
2008.0/x86_64/cups-1.3.0-3.5mdv2008.0.x86_64.rpm
3dedafa2f472ce3ac5147cb55208b505
2008.0/x86_64/cups-common-1.3.0-3.5mdv2008.0.x86_64.rpm
ed1390e977087d00427082d74a982816
2008.0/x86_64/cups-serial-1.3.0-3.5mdv2008.0.x86_64.rpm
361afea801db6537a050e40c47e52f28
2008.0/x86_64/lib64cups2-1.3.0-3.5mdv2008.0.x86_64.rpm
7b2be918011c91cf5dc30a91ebe09ee4
2008.0/x86_64/lib64cups2-devel-1.3.0-3.5mdv2008.0.x86_64.rpm
1f5dd9fa07b8e29c36fae8a3003b5743
2008.0/x86_64/php-cups-1.3.0-3.5mdv2008.0.x86_64.rpm
59be42c190d902a00fff01c813933fab 2008.0/SRPMS/cups-1.3.0-3.5mdv2008.0.src.rpm
Corporate 4.0:
bbee37ca52c8033ec89f3cc9205e0c05
corporate/4.0/i586/cups-1.2.4-0.7.20060mlcs4.i586.rpm
e72747799613a53d88cea13ac52c1a74
corporate/4.0/i586/cups-common-1.2.4-0.7.20060mlcs4.i586.rpm
548b48c8afa79a83971cb2adb20004a1
corporate/4.0/i586/cups-serial-1.2.4-0.7.20060mlcs4.i586.rpm
df20bcab65ba98cb2587270be4562b97
corporate/4.0/i586/libcups2-1.2.4-0.7.20060mlcs4.i586.rpm
108d380752eeccb01bd80f2d6a25479b
corporate/4.0/i586/libcups2-devel-1.2.4-0.7.20060mlcs4.i586.rpm
2194a57725880ab610799790575f62ed
corporate/4.0/i586/php-cups-1.2.4-0.7.20060mlcs4.i586.rpm
e7131afcaa870e2f49d37224a7b6d6cf
corporate/4.0/SRPMS/cups-1.2.4-0.7.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
7e0ab06ae666103857342dbf5189d3ea
corporate/4.0/x86_64/cups-1.2.4-0.7.20060mlcs4.x86_64.rpm
e5f9340f4748c8ffa07c061444fb1bdf
corporate/4.0/x86_64/cups-common-1.2.4-0.7.20060mlcs4.x86_64.rpm
46089fc8f48fd08bca263967e5fcb21f
corporate/4.0/x86_64/cups-serial-1.2.4-0.7.20060mlcs4.x86_64.rpm
7fac230cf127e832c596f221524d2b8c
corporate/4.0/x86_64/lib64cups2-1.2.4-0.7.20060mlcs4.x86_64.rpm
cca789f65894cbf299b280c3962e7f65
corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.7.20060mlcs4.x86_64.rpm
4eaaaeb37968a80b704c175d5f3019ae
corporate/4.0/x86_64/php-cups-1.2.4-0.7.20060mlcs4.x86_64.rpm
e7131afcaa870e2f49d37224a7b6d6cf
corporate/4.0/SRPMS/cups-1.2.4-0.7.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHxGspmqjQ0CJFipgRAnf/AJ9PEVZ9dqHhbIf/l0ahyAI0X7TSFwCeNPN1
TjNDlFJ7JJuDeIoNPHdWbco=
=UfLp
-----END PGP SIGNATURE-----