MDVSA-2010:072

Package name

cups

Date

2010-04-14

Advisory ID

MDVSA-2010:072

Affected versions

CS4.0 x86_64 , CS4.0 i586

Problem description

Multiple vulnerabilities has been found and corrected in cups:

CUPS in does not properly handle (1) HTTP headers and (2) HTML
templates, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and HTTP response splitting attacks via vectors
related to (a) the product's web interface, (b) the configuration of
the print system, and (c) the titles of printed jobs (CVE-2009-2820).

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS
1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable
to determine the file that provides localized message strings, which
allows local users to gain privileges via a file that contains crafted
localization data with format string specifiers (CVE-2010-0393).

The updated packages have been patched to correct these issues.

Updated packages

CS4.0 x86_64

 45551f204c08ad1bd602cabecbb23dc5  corporate/4.0/x86_64/cups-1.2.4-0.13.20060mlcs4.x86_64.rpm
 e836b68917a8dc53436410fd55723a5b  corporate/4.0/x86_64/cups-common-1.2.4-0.13.20060mlcs4.x86_64.rpm
 1a78d7675b0ea5497ae044ef70a8fb1f  corporate/4.0/x86_64/cups-serial-1.2.4-0.13.20060mlcs4.x86_64.rpm
 fd3d6e9b3c899ecd475acfc9d5ad12b5  corporate/4.0/x86_64/lib64cups2-1.2.4-0.13.20060mlcs4.x86_64.rpm
 07561e3bd8e757ed1ccd9a343a847d61  corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.13.20060mlcs4.x86_64.rpm
 09541108666b89cad59b723949e4fea1  corporate/4.0/x86_64/php-cups-1.2.4-0.13.20060mlcs4.x86_64.rpm 
 dbac43650b92f93f745be6451d30f11f  corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm

CS4.0 i586

 740c074b463cb19e228e8452d654ff77  corporate/4.0/i586/cups-1.2.4-0.13.20060mlcs4.i586.rpm
 b4efdba1af730183bf665ba19eef5e41  corporate/4.0/i586/cups-common-1.2.4-0.13.20060mlcs4.i586.rpm
 3b0c57f1c8aff54f44a8757832b388a7  corporate/4.0/i586/cups-serial-1.2.4-0.13.20060mlcs4.i586.rpm
 e32253a438c2783e88fdba9308c53b34  corporate/4.0/i586/libcups2-1.2.4-0.13.20060mlcs4.i586.rpm
 2ef500ce86c081c4715764209a9cd65e  corporate/4.0/i586/libcups2-devel-1.2.4-0.13.20060mlcs4.i586.rpm
 286f41821b5b92627f756db7437b0047  corporate/4.0/i586/php-cups-1.2.4-0.13.20060mlcs4.i586.rpm 
 dbac43650b92f93f745be6451d30f11f  corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820