-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:050 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : February 26, 2008 Affected: Corporate 3.0 _______________________________________________________________________ Problem Description: Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and earlier could allow local admin users to execute arbitrary code via a crafted URI to the CUPS service (CVE-2007-5848). The Red Hat Security Team also found two flaws in CUPS 1.1.x where a malicious user on the local subnet could send a set of carefully crafted IPP packets to the UDP port in such a way as to cause CUPS to crash (CVE-2008-0597) or consume memory and lead to a CUPS crash (CVE-2008-0596). Finally, another flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash (CVE-2008-0882). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0596 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0886 _______________________________________________________________________ Updated Packages: Corporate 3.0: 71c1bd1c9099440da3e9afcfe4636525 corporate/3.0/i586/cups-1.1.20-5.16.C30mdk.i586.rpm a73fba38dbcf62fd4c64590e5d754126 corporate/3.0/i586/cups-common-1.1.20-5.16.C30mdk.i586.rpm 60b6e82788d5b0c51f68b0db44e31240 corporate/3.0/i586/cups-serial-1.1.20-5.16.C30mdk.i586.rpm 419d078e2df1396531c23cbbf2f2785d corporate/3.0/i586/libcups2-1.1.20-5.16.C30mdk.i586.rpm 064e5b42b27c90602bf8e7c47200bef8 corporate/3.0/i586/libcups2-devel-1.1.20-5.16.C30mdk.i586.rpm 5c363b9a8573a4ae3da5e654da34bae5 corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm Corporate 3.0/X86_64: c33aff1c5bab9bce22f7a018f2fbfe7d corporate/3.0/x86_64/cups-1.1.20-5.16.C30mdk.x86_64.rpm ba1cba41b479e332e8d43652af86756d corporate/3.0/x86_64/cups-common-1.1.20-5.16.C30mdk.x86_64.rpm 211561645f6743343a0a9189ecd8e24e corporate/3.0/x86_64/cups-serial-1.1.20-5.16.C30mdk.x86_64.rpm d1cb2198f9b73cfb5d2ae3d69bacf12c corporate/3.0/x86_64/lib64cups2-1.1.20-5.16.C30mdk.x86_64.rpm 104350956cda23c2e2f5bb05a22df9c7 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.16.C30mdk.x86_64.rpm 5c363b9a8573a4ae3da5e654da34bae5 corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) iD8DBQFHxGl7mqjQ0CJFipgRAgVuAJ9rJyJ0ysTKDyXgzUhz1Yl5SEP38wCg9SSt G00zNYjRErOH1eJ5lnnUNVs= =sKtb -----END PGP SIGNATURE-----