Nom du paquet
cups
Date
2011-10-11
Advisory ID
MDVSA-2011:146
Affected versions
2009.0 x86_64 , MES5 i586 , 2010.1 i586 , 2009.0 i586 , MES5 x86_64 , 2010.1 x86_64

Problem description

Multiple vulnerabilities has been discovered and corrected in cups:

The cupsDoAuthentication function in auth.c in the client in CUPS
before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a
demand for authorization, which allows remote CUPS servers to cause
a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses
(CVE-2010-2432).

The LZW decompressor in the LWZReadByte function in giftoppm.c in
the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw
function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte
function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier,
the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4
and earlier, and other products, does not properly handle code words
that are absent from the decompression table when encountered, which
allows remote attackers to trigger an infinite loop or a heap-based
buffer overflow, and possibly execute arbitrary code, via a crafted
compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895
(CVE-2011-2896).

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and
earlier does not properly handle the first code word in an LZW stream,
which allows remote attackers to trigger a heap-based buffer overflow,
and possibly execute arbitrary code, via a crafted stream, a different
vulnerability than CVE-2011-2896 (CVE-2011-3170).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Updated packages

2009.0 x86_64

 557d87c9d241ae39c785c6373dd8b70f  2009.0/x86_64/cups-1.3.10-0.5mdv2009.0.x86_64.rpm
 f68379827c3e1dd18601fff8dd19621f  2009.0/x86_64/cups-common-1.3.10-0.5mdv2009.0.x86_64.rpm
 5439dfb021e198212a04698d95ddb5f2  2009.0/x86_64/cups-serial-1.3.10-0.5mdv2009.0.x86_64.rpm
 6567d318f829bafaa625262159589806  2009.0/x86_64/lib64cups2-1.3.10-0.5mdv2009.0.x86_64.rpm
 17f56ba710371a2297d13880fc7676d7  2009.0/x86_64/lib64cups2-devel-1.3.10-0.5mdv2009.0.x86_64.rpm
 8d29304cb6f1bbb89682bf852a2da6ed  2009.0/x86_64/php-cups-1.3.10-0.5mdv2009.0.x86_64.rpm 
 67417654d026df854d35370724c1565b  2009.0/SRPMS/cups-1.3.10-0.5mdv2009.0.src.rpm

MES5 i586

 776e12f8d570445f63c0a9437fcddd2e  mes5/i586/cups-1.3.10-0.5mdvmes5.2.i586.rpm
 ad33a9c8115cc83c1008028bcb0e29c7  mes5/i586/cups-common-1.3.10-0.5mdvmes5.2.i586.rpm
 21b795c7736553fd6a825598976c866b  mes5/i586/cups-serial-1.3.10-0.5mdvmes5.2.i586.rpm
 c3fd62dd50d3ce0b96ef0b3c2520ff89  mes5/i586/libcups2-1.3.10-0.5mdvmes5.2.i586.rpm
 34b4518819bfac3d5ea9d6e925b7945b  mes5/i586/libcups2-devel-1.3.10-0.5mdvmes5.2.i586.rpm
 5403247140449d963d791c54df419b18  mes5/i586/php-cups-1.3.10-0.5mdvmes5.2.i586.rpm 
 ad71fafb07ed353fa7addfad6049cf8b  mes5/SRPMS/cups-1.3.10-0.5mdvmes5.2.src.rpm

2010.1 i586

 333f2b8f389a7210be1123ce092bbb8b  2010.1/i586/cups-1.4.3-3.2mdv2010.2.i586.rpm
 2f753bd61e2726d1099d2dd3d57f2eca  2010.1/i586/cups-common-1.4.3-3.2mdv2010.2.i586.rpm
 2d9ae53f0a159618391ef18c94561408  2010.1/i586/cups-serial-1.4.3-3.2mdv2010.2.i586.rpm
 9fbb242780d33b802667d5babdeff105  2010.1/i586/libcups2-1.4.3-3.2mdv2010.2.i586.rpm
 461913f016aa628f81379e1a4e67151b  2010.1/i586/libcups2-devel-1.4.3-3.2mdv2010.2.i586.rpm
 3b907ebc975bbf2d700edd64d44e5e79  2010.1/i586/php-cups-1.4.3-3.2mdv2010.2.i586.rpm 
 d079c755b005a0336eef88cdaf7124a4  2010.1/SRPMS/cups-1.4.3-3.2mdv2010.2.src.rpm

2009.0 i586

 451f5c217b5607e6ae8e2c091b7ecc75  2009.0/i586/cups-1.3.10-0.5mdv2009.0.i586.rpm
 0c7f78718f376f9df426aa4dc1b6f93e  2009.0/i586/cups-common-1.3.10-0.5mdv2009.0.i586.rpm
 deefb9a51325690a9f4fe8fe519faf9f  2009.0/i586/cups-serial-1.3.10-0.5mdv2009.0.i586.rpm
 bdea2daf7c44f8a5250df2d548a9e030  2009.0/i586/libcups2-1.3.10-0.5mdv2009.0.i586.rpm
 dd60444ba124fa9c024375b9356848d6  2009.0/i586/libcups2-devel-1.3.10-0.5mdv2009.0.i586.rpm
 680ac463439bb2332229a52fb1d8a4c4  2009.0/i586/php-cups-1.3.10-0.5mdv2009.0.i586.rpm 
 67417654d026df854d35370724c1565b  2009.0/SRPMS/cups-1.3.10-0.5mdv2009.0.src.rpm

MES5 x86_64

 7f11915d7803d01df1840d891882e6ba  mes5/x86_64/cups-1.3.10-0.5mdvmes5.2.x86_64.rpm
 1a364126747bf4f24987c184344c4ec4  mes5/x86_64/cups-common-1.3.10-0.5mdvmes5.2.x86_64.rpm
 3d728c0528cc1ad0d23b1a511c122f68  mes5/x86_64/cups-serial-1.3.10-0.5mdvmes5.2.x86_64.rpm
 1abee6673d58115557b11c5fded196d2  mes5/x86_64/lib64cups2-1.3.10-0.5mdvmes5.2.x86_64.rpm
 dab5b4d9ef8442301b180e21fc003b45  mes5/x86_64/lib64cups2-devel-1.3.10-0.5mdvmes5.2.x86_64.rpm
 91955cdd36674dc12ba5bb716c2bee36  mes5/x86_64/php-cups-1.3.10-0.5mdvmes5.2.x86_64.rpm 
 ad71fafb07ed353fa7addfad6049cf8b  mes5/SRPMS/cups-1.3.10-0.5mdvmes5.2.src.rpm

2010.1 x86_64

 0eb77a9809fcd349c3fa223781f7794e  2010.1/x86_64/cups-1.4.3-3.2mdv2010.2.x86_64.rpm
 e5e69d444efa6344cff81af4278c9755  2010.1/x86_64/cups-common-1.4.3-3.2mdv2010.2.x86_64.rpm
 6c0a637a71baa5c5a58ce5c4b28d0137  2010.1/x86_64/cups-serial-1.4.3-3.2mdv2010.2.x86_64.rpm
 b34fcde9ed6ef29b76e816f800d11237  2010.1/x86_64/lib64cups2-1.4.3-3.2mdv2010.2.x86_64.rpm
 ebc1a568d6dee5bf1d88bdceded2a716  2010.1/x86_64/lib64cups2-devel-1.4.3-3.2mdv2010.2.x86_64.rpm
 98f1846e79b75e9e0a3e98b15385d80d  2010.1/x86_64/php-cups-1.4.3-3.2mdv2010.2.x86_64.rpm 
 d079c755b005a0336eef88cdaf7124a4  2010.1/SRPMS/cups-1.4.3-3.2mdv2010.2.src.rpm

References