Package name
cups
Date
2004-10-21
Advisory ID
MDKSA-2004:116
Affected versions
9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , 9.2 i586 , MNF8.2 i586 , CS2.1 i586 , 10.1 x86_64

Problem description

Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code: Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. (CAN-2004-0888) Also, when CUPS debugging is enabled, device URIs containing username and password end up in error_log. This information is also visible via "ps". (CAN-2004-0923) The updated packages are patched to protect against these vulnerabilities.

Updated packages

9.2 amd64

 a5a6317fc35c0c7ec51da2074ea59cdb  amd64/9.2/RPMS/cups-1.1.19-10.3.92mdk.amd64.rpm
2de8b565958236a4cf299967187aaad1  amd64/9.2/RPMS/cups-common-1.1.19-10.3.92mdk.amd64.rpm
944995579621ce5a986459a47924370c  amd64/9.2/RPMS/cups-serial-1.1.19-10.3.92mdk.amd64.rpm
82c5aed6ab6c81a8fab48b0bd2997eb7  amd64/9.2/RPMS/lib64cups2-1.1.19-10.3.92mdk.amd64.rpm
0b99ed51e2b24aac0747334044a5730e  amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.3.92mdk.amd64.rpm
264f7c4310ff0c0bf1166374d49f5ea3  amd64/9.2/SRPMS/cups-1.1.19-10.3.92mdk.src.rpm

CS2.1 x86_64

 067a8b88cf8c1377c9c6412136fc7d6b  x86_64/corporate/2.1/RPMS/cups-1.1.18-2.5.C21mdk.x86_64.rpm
51a15362e5f756aff3211ad343588487  x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.5.C21mdk.x86_64.rpm
525f0dc8a7ef4db2ffcbe9b7d2a7d677  x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.5.C21mdk.x86_64.rpm
72375896902c44ee2d5d3b3297ff8909  x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.5.C21mdk.x86_64.rpm
58dd73863448021e52fbd9bf2536e4c1  x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.5.C21mdk.x86_64.rpm
39b6eb02f3df6a8ac7b6ec1d9a0642a4  x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.5.C21mdk.src.rpm

10.0 amd64

 e8e41e0ad06ea13c49aa4097778ef251  amd64/10.0/RPMS/cups-1.1.20-5.3.100mdk.amd64.rpm
2c76ce0c7f6985fd6cedd2b0f6ba0f67  amd64/10.0/RPMS/cups-common-1.1.20-5.3.100mdk.amd64.rpm
0f993cd224e36539c1c9938877850385  amd64/10.0/RPMS/cups-serial-1.1.20-5.3.100mdk.amd64.rpm
ff9d25d91c01c44760aac8d1f7f36f79  amd64/10.0/RPMS/lib64cups2-1.1.20-5.3.100mdk.amd64.rpm
e72d698c6ac954e51aa05f746bbe9365  amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.3.100mdk.amd64.rpm
f56a2a9b631ff34c6a2e1a8eb01f3690  amd64/10.0/SRPMS/cups-1.1.20-5.3.100mdk.src.rpm

10.1 i586

 9baf30fcb825ab225d07ace6df56e915  10.1/RPMS/cups-1.1.21-0.rc1.7.1.101mdk.i586.rpm
530d4836ff44dbe256e92b3a0264a5f2  10.1/RPMS/cups-common-1.1.21-0.rc1.7.1.101mdk.i586.rpm
5cb8479e2c2b4820d28e0cce20eb76bf  10.1/RPMS/cups-serial-1.1.21-0.rc1.7.1.101mdk.i586.rpm
ea0cc6a3c5ebbaed97f74fe4c15b5353  10.1/RPMS/libcups2-1.1.21-0.rc1.7.1.101mdk.i586.rpm
22334c441887eda75ea311c59336fe0d  10.1/RPMS/libcups2-devel-1.1.21-0.rc1.7.1.101mdk.i586.rpm
de7e827ac11712b294f3cf0aff4fc5cc  10.1/SRPMS/cups-1.1.21-0.rc1.7.1.101mdk.src.rpm

10.0 i586

 404f47bf2e48e0fe5e6351fb0a51e482  10.0/RPMS/cups-1.1.20-5.3.100mdk.i586.rpm
7b4b06f845f94a076c7a5e86ac1ebd0f  10.0/RPMS/cups-common-1.1.20-5.3.100mdk.i586.rpm
86c01887240c7dc25eaa0584f6f286e0  10.0/RPMS/cups-serial-1.1.20-5.3.100mdk.i586.rpm
0817ea1f56f41c96361723bd010f08dd  10.0/RPMS/libcups2-1.1.20-5.3.100mdk.i586.rpm
604d96d4fc8d5590310b0dfdaf95c9da  10.0/RPMS/libcups2-devel-1.1.20-5.3.100mdk.i586.rpm
f56a2a9b631ff34c6a2e1a8eb01f3690  10.0/SRPMS/cups-1.1.20-5.3.100mdk.src.rpm

9.2 i586

 73897a45c5474c390adc09c32c52073e  9.2/RPMS/cups-1.1.19-10.3.92mdk.i586.rpm
35ab026be5795ef537d996dd50b3ec59  9.2/RPMS/cups-common-1.1.19-10.3.92mdk.i586.rpm
34bd630f0656b7eefa331001ebe46d07  9.2/RPMS/cups-serial-1.1.19-10.3.92mdk.i586.rpm
dd362e1edc0774593cbb564d2fcedffb  9.2/RPMS/libcups2-1.1.19-10.3.92mdk.i586.rpm
04119307b9e5e37f36f502f3e299880c  9.2/RPMS/libcups2-devel-1.1.19-10.3.92mdk.i586.rpm
264f7c4310ff0c0bf1166374d49f5ea3  9.2/SRPMS/cups-1.1.19-10.3.92mdk.src.rpm

MNF8.2 i586

 8bfd1913756558cac4e58e7e22f2d67f  mnf8.2/RPMS/libcups1-1.1.18-2.3.M82mdk.i586.rpm
a47dcb23ef45908945eff6977b4387e2  mnf8.2/SRPMS/cups-1.1.18-2.3.M82mdk.src.rpm

CS2.1 i586

 93ff5afeb1743f9e72ab3307b392b534  corporate/2.1/RPMS/cups-1.1.18-2.5.C21mdk.i586.rpm
b29b8d51b7c0dcca6dc45143d7903cb3  corporate/2.1/RPMS/cups-common-1.1.18-2.5.C21mdk.i586.rpm
5e3c5468ea0ab2fae1aec809daa894de  corporate/2.1/RPMS/cups-serial-1.1.18-2.5.C21mdk.i586.rpm
8faf77a298ac1421bcf6c95c618303ab  corporate/2.1/RPMS/libcups1-1.1.18-2.5.C21mdk.i586.rpm
c7ac9f8314bccd7bc4b1104af279e0f1  corporate/2.1/RPMS/libcups1-devel-1.1.18-2.5.C21mdk.i586.rpm
39b6eb02f3df6a8ac7b6ec1d9a0642a4  corporate/2.1/SRPMS/cups-1.1.18-2.5.C21mdk.src.rpm

10.1 x86_64

 69cbb006e26a3a534885383a6c1d1a61  x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.1.101mdk.x86_64.rpm
376d35b70418d3a615c32ac821e97293  x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.1.101mdk.x86_64.rpm
b1301dcc473e6b9b880967dd4cfdb3b8  x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.1.101mdk.x86_64.rpm
2c5f34bd72a47bad2d65eed2d347859e  x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.1.101mdk.x86_64.rpm
6b60780e3867a1651cee14ae1df77007  x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.1.101mdk.x86_64.rpm
de7e827ac11712b294f3cf0aff4fc5cc  x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.1.101mdk.src.rpm

References