Paketname
cups
Datum
2005-01-17
Advisory ID
MDKSA-2005:008
Betroffene Versionen
9.2 i586 , CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 i586 , 9.2 amd64 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

A buffer overflow was discovered in the ParseCommand function in the hpgltops utility. An attacker with the ability to send malicious HPGL files to a printer could possibly execute arbitrary code as the "lp" user (CAN-2004-1267). Vulnerabilities in the lppasswd utility were also discovered. The program ignores write errors when modifying the CUPS passwd file. A local user who is able to fill the associated file system could corrupt the CUPS passwd file or prevent future use of lppasswd (CAN-2004-1268 and CAN-2004-1269). As well, lppasswd does not verify that the passwd.new file is different from STDERR, which could allow a local user to control output to passwd.new via certain user input that could trigger an error message (CAN-2004-1270). The updated packages have been patched to prevent these problems.

Aktualisierte Pakete

9.2 i586

 d3883cb621525731fc167ff32b9f60b8  9.2/RPMS/cups-1.1.19-10.5.92mdk.i586.rpm
7774fbbce517ef94092452b0f6bf6348  9.2/RPMS/cups-common-1.1.19-10.5.92mdk.i586.rpm
b60260260061314180b239b47326b96b  9.2/RPMS/cups-serial-1.1.19-10.5.92mdk.i586.rpm
6a3cc8c852f46f3b3de385993d3c53bf  9.2/RPMS/libcups2-1.1.19-10.5.92mdk.i586.rpm
e53c2e66c366fac0ad470e5972170ac9  9.2/RPMS/libcups2-devel-1.1.19-10.5.92mdk.i586.rpm
811375f41b9f2c85e2bfa6f64a88a7e2  9.2/SRPMS/cups-1.1.19-10.5.92mdk.src.rpm

CS2.1 x86_64

 83b787f50242cbf5576e1b5849e415a9  x86_64/corporate/2.1/RPMS/cups-1.1.18-2.7.C21mdk.x86_64.rpm
7aa9052837d945a572525f4280ba3163  x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.7.C21mdk.x86_64.rpm
96ff5d11e78b862a5d707cbc29d0022f  x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.7.C21mdk.x86_64.rpm
59db51c58eb2dac956ec9a20e72cf968  x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.7.C21mdk.x86_64.rpm
dcfe2dba0c165618ec2c43c4a53550d9  x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.7.C21mdk.x86_64.rpm
45d74173e029fb4357b6fc150b5b0f96  x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.7.C21mdk.src.rpm

10.0 amd64

 5ebeedb2d182f35cf22c31afff3c0972  amd64/10.0/RPMS/cups-1.1.20-5.5.100mdk.amd64.rpm
d84c55b9076c74373fa4dbb4e86432ef  amd64/10.0/RPMS/cups-common-1.1.20-5.5.100mdk.amd64.rpm
ec5098bd9300257fe5011fca0bd8ae68  amd64/10.0/RPMS/cups-serial-1.1.20-5.5.100mdk.amd64.rpm
d0d1aac0eacef95e804e16d0ef5b2c6b  amd64/10.0/RPMS/lib64cups2-1.1.20-5.5.100mdk.amd64.rpm
3c1ff21d12d84af2be6da34d4362f43c  amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.5.100mdk.amd64.rpm
16e7119ecb214022e6ff1297eaad3d2d  amd64/10.0/SRPMS/cups-1.1.20-5.5.100mdk.src.rpm

10.1 i586

 ece1d0df72d1dc15a09ed755172770ba  10.1/RPMS/cups-1.1.21-0.rc1.7.3.101mdk.i586.rpm
288a2795e3e329ff708f3f47373187a1  10.1/RPMS/cups-common-1.1.21-0.rc1.7.3.101mdk.i586.rpm
89901c1c9a8169c5d80f818599bd44b5  10.1/RPMS/cups-serial-1.1.21-0.rc1.7.3.101mdk.i586.rpm
6f8350dd4fb4937c17e362ef797dad96  10.1/RPMS/libcups2-1.1.21-0.rc1.7.3.101mdk.i586.rpm
5bc6dfa8bc58989678a962cfa1722688  10.1/RPMS/libcups2-devel-1.1.21-0.rc1.7.3.101mdk.i586.rpm
55d5adea7a47fc48a582dced0cba3bab  10.1/SRPMS/cups-1.1.21-0.rc1.7.3.101mdk.src.rpm

10.0 i586

 1e0251c77c7b2c9316bc521b0f82a53d  10.0/RPMS/cups-1.1.20-5.5.100mdk.i586.rpm
e77c1d4bff04dc3a1d609ecd1c8c9e0f  10.0/RPMS/cups-common-1.1.20-5.5.100mdk.i586.rpm
62aba65ac5bcdccfe758159b984b3994  10.0/RPMS/cups-serial-1.1.20-5.5.100mdk.i586.rpm
7afb5aea66db7227a6914267be740833  10.0/RPMS/libcups2-1.1.20-5.5.100mdk.i586.rpm
14f7b61865ee7a15f2e1564cc60f9672  10.0/RPMS/libcups2-devel-1.1.20-5.5.100mdk.i586.rpm
16e7119ecb214022e6ff1297eaad3d2d  10.0/SRPMS/cups-1.1.20-5.5.100mdk.src.rpm

CS3.0 i586

 980ef8bdf2fb0edf8f43744c58ab9d02  corporate/3.0/RPMS/cups-1.1.20-5.5.C30mdk.i586.rpm
88e3806fed54ee27bb3454d39d41dbdf  corporate/3.0/RPMS/cups-common-1.1.20-5.5.C30mdk.i586.rpm
9e03b10d467e249a4784f22a57a48138  corporate/3.0/RPMS/cups-serial-1.1.20-5.5.C30mdk.i586.rpm
35c6c14219de93adfd5bd8b3c224d8bd  corporate/3.0/RPMS/libcups2-1.1.20-5.5.C30mdk.i586.rpm
98368e82f1b812c5fdbebd985df65198  corporate/3.0/RPMS/libcups2-devel-1.1.20-5.5.C30mdk.i586.rpm
9b3fdc543ef0aa6d1c593d2b810eee57  corporate/3.0/SRPMS/cups-1.1.20-5.5.C30mdk.src.rpm

9.2 amd64

 d0d6cdc697cc7b200e5b2abd60121f10  amd64/9.2/RPMS/cups-1.1.19-10.5.92mdk.amd64.rpm
c528308bfd48852daecb0e7373c5f2bb  amd64/9.2/RPMS/cups-common-1.1.19-10.5.92mdk.amd64.rpm
99b41ab64d07eba6b75b294a2137c4a8  amd64/9.2/RPMS/cups-serial-1.1.19-10.5.92mdk.amd64.rpm
931920e3bf5e3aea34199e52f8bed860  amd64/9.2/RPMS/lib64cups2-1.1.19-10.5.92mdk.amd64.rpm
05acfa1a72f100c4607c8229784bb81d  amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.5.92mdk.amd64.rpm
811375f41b9f2c85e2bfa6f64a88a7e2  amd64/9.2/SRPMS/cups-1.1.19-10.5.92mdk.src.rpm

CS2.1 i586

 c7acb7c1e2ad053308af52c9729bc903  corporate/2.1/RPMS/cups-1.1.18-2.7.C21mdk.i586.rpm
2a86e725464396da1a7d0d114ce97141  corporate/2.1/RPMS/cups-common-1.1.18-2.7.C21mdk.i586.rpm
812683730d90ceb10dfbd3bd96f4b23b  corporate/2.1/RPMS/cups-serial-1.1.18-2.7.C21mdk.i586.rpm
0112be232e1f7e075c8402431600b450  corporate/2.1/RPMS/libcups1-1.1.18-2.7.C21mdk.i586.rpm
1d51cc74a64648aaaaf94d8d0720d95f  corporate/2.1/RPMS/libcups1-devel-1.1.18-2.7.C21mdk.i586.rpm
45d74173e029fb4357b6fc150b5b0f96  corporate/2.1/SRPMS/cups-1.1.18-2.7.C21mdk.src.rpm

10.1 x86_64

 ac22a09fe5c0d67121fb4584c1bd41dc  x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
a329cc52b9f6b6059a186f2b4758a430  x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
7b7bcd648c962069a534d3c7b3f416d2  x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
fe88bf3a903767f50fe884c1006c72f1  x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
8f71509bfd63c3deb83d1f7e67104088  x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
55d5adea7a47fc48a582dced0cba3bab  x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.3.101mdk.src.rpm

Referenzen