MDKSA-2005:239 - Updated printer-filters-utils packages fix local vulnerability
Posted on: 12/31/2005 01:22 AM

The Mandriva Security Team published a new security update: MDKSA-2005:239 - Updated printer-filters-utils packages fix local vulnerability for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2005:239
http://www.mandriva.com/security/
_______________________________________________________________________

Package : printer-filters-utils
Date : December 30, 2005
Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0
_______________________________________________________________________

Problem Description:

"newbug" discovered a local root vulnerability in the mtink binary,
which has a buffer overflow in its handling of the HOME environment
variable, allowing the possibility for a local user to gain root
privileges.

Mandriva encourages all users to upgrade immediately.

The updated packages have been patched to correct these problems.
_______________________________________________________________________

Updated Packages:

Mandriva Linux 10.1:
833eb7cba3b34208a5ec1979d2490371 10.1/RPMS/cups-drivers-10.1-0.2.1.101mdk.i586.rpm
df172c9129d7cb3251aa24353cef1414 10.1/RPMS/foomatic-db-3.0.1-0.20040828.1.1.101mdk.i586.rpm
873aee9e441369d7e2ce8f945a789925 10.1/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.101mdk.i586.rpm
e193276ae1ac7999dcac95b5f4818665 10.1/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.101mdk.i586.rpm
ead8d555f3ad75128e1c42c6299b5cc8 10.1/RPMS/ghostscript-7.07-25.1.101mdk.i586.rpm
fc2d68dafadddf8e7b8cbee0f5adf1b7 10.1/RPMS/ghostscript-module-X-7.07-25.1.101mdk.i586.rpm
58ff4b34e057c9e0a11f31beb43e736c 10.1/RPMS/libgimpprint1-4.2.7-8.1.101mdk.i586.rpm
150219563c1d95c96b504b4341ec733e 10.1/RPMS/libgimpprint1-devel-4.2.7-8.1.101mdk.i586.rpm
3eda515df62318ef628d4af2272998c6 10.1/RPMS/libijs0-0.34-82.1.101mdk.i586.rpm
914fa246d571a9f648f6e91bec97c7e1 10.1/RPMS/libijs0-devel-0.34-82.1.101mdk.i586.rpm
a2c155c01c4f677b408df4db5b28d8f7 10.1/RPMS/printer-filters-10.1-0.2.1.101mdk.i586.rpm
97ec144c4270ef5474105654f86f8d91 10.1/RPMS/printer-testpages-10.1-0.2.1.101mdk.i586.rpm
20b613b48413d15ecbeed1889ee2db9d 10.1/RPMS/printer-utils-10.1-0.2.1.101mdk.i586.rpm
588d8fc15e1765dead61168c398c7acd 10.1/SRPMS/printer-drivers-10.1-0.2.1.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
1c20a78cf9ae1939762e08eb61fb1a7f x86_64/10.1/RPMS/cups-drivers-10.1-0.2.1.101mdk.x86_64.rpm
eaee592929c55ac3e88d436a132b465a x86_64/10.1/RPMS/foomatic-db-3.0.1-0.20040828.1.1.101mdk.x86_64.rpm
b15c15f7644b32f00053d4ecf123267a x86_64/10.1/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.101mdk.x86_64.rpm
59c8e395e77860b96504fa670d7c8839 x86_64/10.1/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.101mdk.x86_64.rpm
537239840311aaba8129fb749ce1509b x86_64/10.1/RPMS/ghostscript-7.07-25.1.101mdk.x86_64.rpm
0c3e32326c29fbe06cbcfae16698200b x86_64/10.1/RPMS/ghostscript-module-X-7.07-25.1.101mdk.x86_64.rpm
5a11c2a30e84739e85d18ca438f8b963 x86_64/10.1/RPMS/lib64gimpprint1-4.2.7-8.1.101mdk.x86_64.rpm
c611162f5f12ecb0e520c5d509571baa x86_64/10.1/RPMS/lib64gimpprint1-devel-4.2.7-8.1.101mdk.x86_64.rpm
ceba311210763f7cdf604276157a28ec x86_64/10.1/RPMS/lib64ijs0-0.34-82.1.101mdk.x86_64.rpm
dd5c1c64fea96890ea9d39be1fd1a85a x86_64/10.1/RPMS/lib64ijs0-devel-0.34-82.1.101mdk.x86_64.rpm
366888432e116d99a229df11be659703 x86_64/10.1/RPMS/printer-filters-10.1-0.2.1.101mdk.x86_64.rpm
1b72ed7858ceb7c0a906646fe3db8cb6 x86_64/10.1/RPMS/printer-testpages-10.1-0.2.1.101mdk.x86_64.rpm
dd7474b62a02bad43056e010872eb258 x86_64/10.1/RPMS/printer-utils-10.1-0.2.1.101mdk.x86_64.rpm
588d8fc15e1765dead61168c398c7acd x86_64/10.1/SRPMS/printer-drivers-10.1-0.2.1.101mdk.src.rpm

Mandriva Linux 10.2:
3f07497eb509081c5fff4147907dba32 10.2/RPMS/cups-drivers-10.2-0.11.2.102mdk.i586.rpm
4ff88a1dd559489dbea3bb518cc79b00 10.2/RPMS/printer-filters-10.2-0.11.2.102mdk.i586.rpm
9c3579660b29c580fe27d8b9e085e84e 10.2/RPMS/printer-utils-10.2-0.11.2.102mdk.i586.rpm
3d41b62b1838db0d2b7501af358a338a 10.2/SRPMS/printer-filters-utils-10.2-0.11.2.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
50c3f0de464f1f67ed3dc7ee69c3fab4 x86_64/10.2/RPMS/cups-drivers-10.2-0.11.2.102mdk.x86_64.rpm
48b43405d91f82121a276e21a0bd0567 x86_64/10.2/RPMS/printer-filters-10.2-0.11.2.102mdk.x86_64.rpm
2a55ab47afa103065214001c02f24463 x86_64/10.2/RPMS/printer-utils-10.2-0.11.2.102mdk.x86_64.rpm
3d41b62b1838db0d2b7501af358a338a x86_64/10.2/SRPMS/printer-filters-utils-10.2-0.11.2.102mdk.src.rpm

Mandriva Linux 2006.0:
f19ded0f4a4644282393580bbb27409f 2006.0/RPMS/cups-drivers-2006-7.1.20060mdk.i586.rpm
4ef9cf12980d66596e6227b877bcb6f3 2006.0/RPMS/printer-filters-2006-7.1.20060mdk.i586.rpm
9f38f51c69ae767c67608fb1fb3acc55 2006.0/RPMS/printer-utils-2006-7.1.20060mdk.i586.rpm
053fe840e3ec42a658b26d930f043370 2006.0/SRPMS/printer-filters-utils-2006-7.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
1bffd0d102b8e0b20fef30436493c47f x86_64/2006.0/RPMS/cups-drivers-2006-7.1.20060mdk.x86_64.rpm
9d8b7f047212516ccfa848ed0b43eb43 x86_64/2006.0/RPMS/printer-filters-2006-7.1.20060mdk.x86_64.rpm
15818d92dc71c3219fe55a430e655a1c x86_64/2006.0/RPMS/printer-utils-2006-7.1.20060mdk.x86_64.rpm
053fe840e3ec42a658b26d930f043370 x86_64/2006.0/SRPMS/printer-filters-utils-2006-7.1.20060mdk.src.rpm

Corporate Server 2.1:
19a8de2c3db7c58d8fedb6b6ad661bf6 corporate/2.1/RPMS/cups-drivers-1.1-84.4.C21mdk.i586.rpm
f1a3cb30b4ba3c7c35f2ddc384c8c8ac corporate/2.1/RPMS/foomatic-2.0.2-20021220.2.4.C21mdk.i586.rpm
5121d2ec3e3f681b6691983bad8ca665 corporate/2.1/RPMS/ghostscript-7.05-33.4.C21mdk.i586.rpm
1fcad314f39a8422383a694db27f8465 corporate/2.1/RPMS/ghostscript-module-X-7.05-33.4.C21mdk.i586.rpm
44f6d138fc7f262fb790e3bd76276dd1 corporate/2.1/RPMS/gimpprint-4.2.5-0.2.4.C21mdk.i586.rpm
d123dd00124cfe3a33f0eebe767c7a3e corporate/2.1/RPMS/libgimpprint1-4.2.5-0.2.4.C21mdk.i586.rpm
efc4bee2d8e0a77e9095641efca3d0fe corporate/2.1/RPMS/libgimpprint1-devel-4.2.5-0.2.4.C21mdk.i586.rpm
78da865521758621f5e95a288f687b59 corporate/2.1/RPMS/libijs0-0.34-24.4.C21mdk.i586.rpm
7c5f0ad0097684d54d6a9af2ba31e4e0 corporate/2.1/RPMS/libijs0-devel-0.34-24.4.C21mdk.i586.rpm
bbecf6ac91d2fb63983aa15eb4d95842 corporate/2.1/RPMS/omni-0.7.1-11.4.C21mdk.i586.rpm
d13db2238b902503a0193977cfcddc8f corporate/2.1/RPMS/printer-filters-1.0-84.4.C21mdk.i586.rpm
44019096c968d31ff63ccd01076d44b3 corporate/2.1/RPMS/printer-testpages-1.0-84.4.C21mdk.i586.rpm
aca5614d66821d716f1c1f8174f55a5d corporate/2.1/RPMS/printer-utils-1.0-84.4.C21mdk.i586.rpm
d5f7a6e6b35e0632079225b07478f758 corporate/2.1/SRPMS/printer-drivers-1.0-84.4.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
b88ee446fb707081cc46484190c31476 x86_64/corporate/2.1/RPMS/cups-drivers-1.1-84.4.C21mdk.x86_64.rpm
e47fd6c176acc1ff366852a4991849ee x86_64/corporate/2.1/RPMS/foomatic-2.0.2-20021220.2.4.C21mdk.x86_64.rpm
fc76cbb96c5efe27060a2137cde46bf5 x86_64/corporate/2.1/RPMS/ghostscript-7.05-33.4.C21mdk.x86_64.rpm
c936ccb31e4567e51c31f1965da94638 x86_64/corporate/2.1/RPMS/ghostscript-module-X-7.05-33.4.C21mdk.x86_64.rpm
fed328852d1afc41c7fb043d7c370af1 x86_64/corporate/2.1/RPMS/gimpprint-4.2.5-0.2.4.C21mdk.x86_64.rpm
7c257aa92cd6514dbac9fedf8a284e39 x86_64/corporate/2.1/RPMS/libgimpprint1-4.2.5-0.2.4.C21mdk.x86_64.rpm
a402bff9c8f4ee1f1a4535f13d263011 x86_64/corporate/2.1/RPMS/libgimpprint1-devel-4.2.5-0.2.4.C21mdk.x86_64.rpm
c242151ea6f0ac777c87f5d2b0c2048b x86_64/corporate/2.1/RPMS/libijs0-0.34-24.4.C21mdk.x86_64.rpm
6570da001a7c045674399d626d00334d x86_64/corporate/2.1/RPMS/libijs0-devel-0.34-24.4.C21mdk.x86_64.rpm
2eabdea962f4aa0ea2acc16a1aa82ac6 x86_64/corporate/2.1/RPMS/omni-0.7.1-11.4.C21mdk.x86_64.rpm
11a665982a39df0b38c54254bd467c96 x86_64/corporate/2.1/RPMS/printer-filters-1.0-84.4.C21mdk.x86_64.rpm
8c4e5cd89ee0f836fada300b453ee5a1 x86_64/corporate/2.1/RPMS/printer-testpages-1.0-84.4.C21mdk.x86_64.rpm
5e8f32376c72beb3ea98bf23449fa8a1 x86_64/corporate/2.1/RPMS/printer-utils-1.0-84.4.C21mdk.x86_64.rpm
d5f7a6e6b35e0632079225b07478f758 x86_64/corporate/2.1/SRPMS/printer-drivers-1.0-84.4.C21mdk.src.rpm

Corporate 3.0:
8a3361c087b76f94b3e233de7fffd178 corporate/3.0/RPMS/cups-drivers-1.1-138.4.C30mdk.i586.rpm
3cb3723dd84e6a9f371b3126fc5e654a corporate/3.0/RPMS/foomatic-db-3.0.1-0.20040828.1.4.C30mdk.i586.rpm
076c54117946d9ab0be6ed5f55cc5451 corporate/3.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.4.C30mdk.i586.rpm
2627a9b7859e5ab79ab92355bf97d805 corporate/3.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.4.C30mdk.i586.rpm
56d4f31cdd52a7a8f8eb1e1b209059a6 corporate/3.0/RPMS/ghostscript-7.07-19.4.C30mdk.i586.rpm
acd6aadf41c20650cfc41c338608c911 corporate/3.0/RPMS/ghostscript-module-X-7.07-19.4.C30mdk.i586.rpm
67092f2db4b77a07819dc1bcaba57ffe corporate/3.0/RPMS/gimpprint-4.2.7-2.4.C30mdk.i586.rpm
9994789e9842f54a1e7bee8a3774c327 corporate/3.0/RPMS/libgimpprint1-4.2.7-2.4.C30mdk.i586.rpm
33ac650d279a164337573963ef2becb3 corporate/3.0/RPMS/libgimpprint1-devel-4.2.7-2.4.C30mdk.i586.rpm
e3ea45d255f2792a42f4c6db54fc76b3 corporate/3.0/RPMS/libijs0-0.34-76.4.C30mdk.i586.rpm
682b8401e7c1ffc2e9842b4d241f485f corporate/3.0/RPMS/libijs0-devel-0.34-76.4.C30mdk.i586.rpm
031fc3adfb5308c9a483c43662c097b8 corporate/3.0/RPMS/printer-filters-1.0-138.4.C30mdk.i586.rpm
30936ff4acd3ba4260fd7016d8ce5dc8 corporate/3.0/RPMS/printer-testpages-1.0-138.4.C30mdk.i586.rpm
fbcd3e47162a51d94ea8be1a93cc0966 corporate/3.0/RPMS/printer-utils-1.0-138.4.C30mdk.i586.rpm
265470bc7807f37322e6120fbee2bb29 corporate/3.0/SRPMS/printer-drivers-1.0-138.4.C30mdk.src.rpm

Corporate 3.0/X86_64:
babed23e2ec78f8c42df7103a14188b3 x86_64/corporate/3.0/RPMS/cups-drivers-1.1-138.4.C30mdk.x86_64.rpm
518465e895afa740557c285e35a2854a x86_64/corporate/3.0/RPMS/foomatic-db-3.0.1-0.20040828.1.4.C30mdk.x86_64.rpm
71d2a30104d202d0a33749b8879c48c6 x86_64/corporate/3.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.4.C30mdk.x86_64.rpm
43f0f8ff771400bd8353c77db365a9bc x86_64/corporate/3.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.4.C30mdk.x86_64.rpm
296473ae2049a1f9999d40345704659b x86_64/corporate/3.0/RPMS/ghostscript-7.07-19.4.C30mdk.x86_64.rpm
119d21186a0d38d19c0a1e973a6acfdd x86_64/corporate/3.0/RPMS/ghostscript-module-X-7.07-19.4.C30mdk.x86_64.rpm
d2105ab191a112446bfd5c744323c7de x86_64/corporate/3.0/RPMS/gimpprint-4.2.7-2.4.C30mdk.x86_64.rpm
10de82d20dfa1d2abdacfa04347b67f3 x86_64/corporate/3.0/RPMS/lib64gimpprint1-4.2.7-2.4.C30mdk.x86_64.rpm
b006bab4ea62fad16ac5638b982cb362 x86_64/corporate/3.0/RPMS/lib64gimpprint1-devel-4.2.7-2.4.C30mdk.x86_64.rpm
46acabdeb28235c3b01791e33b4dd416 x86_64/corporate/3.0/RPMS/lib64ijs0-0.34-76.4.C30mdk.x86_64.rpm
3d49ce66bf0118c759c87fa4a59b9970 x86_64/corporate/3.0/RPMS/lib64ijs0-devel-0.34-76.4.C30mdk.x86_64.rpm
bc45643565f3e0e9a2d6a3bdb1298d40 x86_64/corporate/3.0/RPMS/printer-filters-1.0-138.4.C30mdk.x86_64.rpm
339a0174537736b232b7a3b81c07e18b x86_64/corporate/3.0/RPMS/printer-testpages-1.0-138.4.C30mdk.x86_64.rpm
9ed4501697bc928ab930b6d6a1bdb239 x86_64/corporate/3.0/RPMS/printer-utils-1.0-138.4.C30mdk.x86_64.rpm
265470bc7807f37322e6120fbee2bb29 x86_64/corporate/3.0/SRPMS/printer-drivers-1.0-138.4.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDtZIPmqjQ0CJFipgRAjhiAJ9xPiYh3uXs1ywyUdPStga+xL0ShACghDsK
XEae8mQgKvYplSY6Jjp0MyU=
=K9q6
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/_mdksa_2005239__updated_printer_filters_utils_packages_fix_local_vulnerability.html)