Nom du paquet
cups
Date
2007-11-12
Advisory ID
MDKSA-2007:204-1
Affected versions
2008.0 i586 , 2008.0 x86_64

Problem description

Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS
that can be exploited by malicious individuals to execute arbitrary
code. This flaw is due to a boundary error when processing IPP
(Internet Printing Protocol) tags.

Update:

Due to incorrect build requirements/conflicts, the cups-config
in Mandriva Linux 2008.0 was displaying the full CFLAGS and libs
instead of just the libraries when 'cups-config --libs' was invoked.
This update corrects the cups-config behaviour.

Updated packages

2008.0 i586

 066d0553d0d41408d9f0b0d89b9299de  2008.0/i586/cups-1.3.0-3.2mdv2008.0.i586.rpm
 761125ca708cd22b2360e84f36674051  2008.0/i586/cups-common-1.3.0-3.2mdv2008.0.i586.rpm
 24a6797ad61c1ee82710480cba57c912  2008.0/i586/cups-serial-1.3.0-3.2mdv2008.0.i586.rpm
 2c6d558345461a1813ea8ffa9b93be4e  2008.0/i586/libcups2-1.3.0-3.2mdv2008.0.i586.rpm
 30bd123775b39ffd80e94d3232dbd5ce  2008.0/i586/libcups2-devel-1.3.0-3.2mdv2008.0.i586.rpm
 1d147d09513abcb5e556a02dcb4272aa  2008.0/i586/php-cups-1.3.0-3.2mdv2008.0.i586.rpm 
 cfcb64cb2bc0af7b05c3770138a9311c  2008.0/SRPMS/cups-1.3.0-3.2mdv2008.0.src.rpm

2008.0 x86_64

 617534198402457ccce075bfc8341a2d  2008.0/x86_64/cups-1.3.0-3.2mdv2008.0.x86_64.rpm
 d7f56b65a853c2030ee85a5b9db1b800  2008.0/x86_64/cups-common-1.3.0-3.2mdv2008.0.x86_64.rpm
 48c4cd42cd19179ffeb003e1fed91f62  2008.0/x86_64/cups-serial-1.3.0-3.2mdv2008.0.x86_64.rpm
 2760af902f9937b89dfb836a07b373b2  2008.0/x86_64/lib64cups2-1.3.0-3.2mdv2008.0.x86_64.rpm
 a9cb35f7fa4cf7b55ef5730690b04aff  2008.0/x86_64/lib64cups2-devel-1.3.0-3.2mdv2008.0.x86_64.rpm
 7de4fe03981dbf79b9324e6e3fe244e4  2008.0/x86_64/php-cups-1.3.0-3.2mdv2008.0.x86_64.rpm 
 cfcb64cb2bc0af7b05c3770138a9311c  2008.0/SRPMS/cups-1.3.0-3.2mdv2008.0.src.rpm

References