RHSA-2007:1023-01 Important: cups security update
Posted on: 11/08/2007 12:45 AM

A new update is available for Red Hat Enterprise Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: cups security update
Advisory ID: RHSA-2007:1023-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1023.html
Issue date: 2007-11-07
Updated on: 2007-11-07
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4045 CVE-2007-4351 CVE-2007-5393
- ---------------------------------------------------------------------

1. Summary:

Updated cups packages that fix several security issues are now available
for Red Hat Enterprise Linux 3.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX(R) operating systems.

Alin Rad Pop discovered a flaw in the handling of PDF files. An attacker
could create a malicious PDF file that would cause CUPS to crash or
potentially execute arbitrary code when printed. (CVE-2007-5393)

Alin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags.
A remote attacker who is able to connect to the IPP TCP port could send a
malicious request causing the CUPS daemon to crash. (CVE-2007-4351)

A flaw was found in the way CUPS handled SSL negotiation. A remote attacker
capable of connecting to the CUPS daemon could cause CUPS to crash.
(CVE-2007-4045)

All CUPS users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

250161 - CVE-2007-4045 Incomplete fix for CVE-2007-0720 CUPS denial of service
345091 - CVE-2007-4351 cups boundary error
345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar()

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5 cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1 cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57 cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6 cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb cups-libs-1.1.17-13.3.46.ia64.rpm

ppc:
2867471d07abf916a09661e210452eb5 cups-1.1.17-13.3.46.ppc.rpm
136fe0dc122329e8b11cdb566b525f97 cups-debuginfo-1.1.17-13.3.46.ppc.rpm
a11bf7e757a8d6150a3cf8bdfdf4da15 cups-debuginfo-1.1.17-13.3.46.ppc64.rpm
e9bea7b8a5fbc22c61a6c418d1eb78a2 cups-devel-1.1.17-13.3.46.ppc.rpm
47bfa96ebf919d2d5fb674385567804d cups-libs-1.1.17-13.3.46.ppc.rpm
0995e9aa0e95656b2db64b9488dafae3 cups-libs-1.1.17-13.3.46.ppc64.rpm

s390:
d89b822fd9c6785cc65716569750ef66 cups-1.1.17-13.3.46.s390.rpm
99235d722639fc075be91f4518bb880f cups-debuginfo-1.1.17-13.3.46.s390.rpm
728e5f195fef201ebce131f1e02b5cc9 cups-devel-1.1.17-13.3.46.s390.rpm
d6127b0b5a9854292ca57958363ce74c cups-libs-1.1.17-13.3.46.s390.rpm

s390x:
80a32a8329e423361fb417200427f2de cups-1.1.17-13.3.46.s390x.rpm
99235d722639fc075be91f4518bb880f cups-debuginfo-1.1.17-13.3.46.s390.rpm
307df9444ae2a89ac33ad753b87cb2a0 cups-debuginfo-1.1.17-13.3.46.s390x.rpm
6a178fff3a8264aa22e010491ee70cab cups-devel-1.1.17-13.3.46.s390x.rpm
d6127b0b5a9854292ca57958363ce74c cups-libs-1.1.17-13.3.46.s390.rpm
5521921be20a245d605c4e85b325163a cups-libs-1.1.17-13.3.46.s390x.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632 cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593 cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5 cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1 cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632 cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593 cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5 cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1 cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57 cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6 cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb cups-libs-1.1.17-13.3.46.ia64.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632 cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593 cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b cups-libs-1.1.17-13.3.46.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.46.src.rpm
a09f89cd409ee521a73c4a7b0d72e29b cups-1.1.17-13.3.46.src.rpm

i386:
f55403eca3a9567f06d4f7c23c306aa5 cups-1.1.17-13.3.46.i386.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
0367f3b029e7d2e19026c5de170cc1c1 cups-devel-1.1.17-13.3.46.i386.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm

ia64:
7f71acf2fa6ed3293093d702db16d41f cups-1.1.17-13.3.46.ia64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
d07ac232859f491bf1e0da3a35ec9a57 cups-debuginfo-1.1.17-13.3.46.ia64.rpm
981c9e9d29f188c76f23d517223b62b6 cups-devel-1.1.17-13.3.46.ia64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
9eb3353013c45f36f51898546d6449cb cups-libs-1.1.17-13.3.46.ia64.rpm

x86_64:
ae11cae5bf269e1d1169bf7c60325632 cups-1.1.17-13.3.46.x86_64.rpm
e1ae947c7428c82017b77b69efa8e5cc cups-debuginfo-1.1.17-13.3.46.i386.rpm
abae6e413a7854db0727d50ce87bce9f cups-debuginfo-1.1.17-13.3.46.x86_64.rpm
7a31caefcfee7a387703847925345593 cups-devel-1.1.17-13.3.46.x86_64.rpm
6ac644913a17a1ad25d4e9a2cc22067b cups-libs-1.1.17-13.3.46.i386.rpm
77db48d6d4d4fbe4f7d510384118d62b cups-libs-1.1.17-13.3.46.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHMf02XlSAg2UNWIIRAurSAKCTTixBE4m91WfBRZ7pBSrUBSo5mACfehEq
vPDjBf60QORIQ3m6Lzp2/sg=
4rU
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_20071023_01_important_cups_security_update.html)