copyright
|
disclaimer
|
privacy
|
contact
HOME
About
AusCERT
Membership
Contact Us
PKI Services
Training
Publications
Sec. Bulletins
Conferences
News & Media
Services
Web Log
Site Map
Site Help
Member login
Login »
Become a member »
Home
»
Security Bul...
»
By Operating...
»
UNIX (all)
»
Linux (all)
» ESB-2004.0674 -- RHSA-2004:543-01 -- Updated CUPS pa...
ESB-2004.0674 -- RHSA-2004:543-01 -- Updated CUPS packages fix security issues
Date:
25 October 2004
References
:
ESB-2004.0655
ESB-2004.0670
ESB-2004.0685
Click here for printable version
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0674 -- RHSA-2004:543-01 Updated CUPS packages fix security issues 25 October 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: CUPS Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Desktop version 3 Linux variants Impact: Execute Arbitrary Code/Commands Access Confidential Data Denial of Service Access: Remote/Unauthenticated Existing Account CVE Names: CAN-2004-0923 CAN-2004-0888 Ref: ESB-2004.0670 ESB-2004.0655 Original Bulletin URL: https://rhn.redhat.com/errata/RHSA-2004-543.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated CUPS packages fix security issues Advisory ID: RHSA-2004:543-01 Issue date: 2004-10-22 Updated on: 2004-10-22 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2004:449 CVE Names: CAN-2004-0888 CAN-2004-0923 - - --------------------------------------------------------------------- 1. Summary: Updated cups packages that fix denial of service issues, a security information leak, as well as other various bugs are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Common UNIX Printing System (CUPS) is a print spooler. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect xpdf. CUPS contains a copy of the xpdf code used for parsing PDF files and is therefore affected by these bugs. An attacker who has the ability to send a malicious PDF file to a printer could cause CUPS to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0888 to this issue. When set up to print to a shared printer via Samba, CUPS would authenticate with that shared printer using a username and password. By default, the username and password used to connect to the Samba share is written into the error log file. A local user who is able to read the error log file could collect these usernames and passwords. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0923 to this issue. These updated packages also include a fix that prevents some CUPS configuration files from being accidentally replaced. All users of CUPS should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 99461 - cups configuration 132034 - mime.types was updated - not copied to mime.types.rpmnew 134599 - CAN-2004-0923 Log file information disclosure 135378 - CAN-2004-0888 xpdf issues affect cups 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.16.src.rpm 5115ddbfb412786152b559c645008d04 cups-1.1.17-13.3.16.src.rpm i386: ba0ce8b3a0e6f96f65e805b18abb9710 cups-1.1.17-13.3.16.i386.rpm 15cc19fff26090f2ac2a3ae9fe8edade cups-devel-1.1.17-13.3.16.i386.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm ia64: c8b90a470b68b58fed2e82e570f5ee92 cups-1.1.17-13.3.16.ia64.rpm e6eac12d4a04cc3f2f78d5bcf04b3225 cups-devel-1.1.17-13.3.16.ia64.rpm ca472cbe2195dbc118ccfbc05644da0f cups-libs-1.1.17-13.3.16.ia64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm ppc: e6c4b39d457d9b9877fe95b6fe1dbec4 cups-1.1.17-13.3.16.ppc.rpm d7a9f13c7cc6c53322c66548ad8c76de cups-devel-1.1.17-13.3.16.ppc.rpm 1c0013991559da5dcdff753e0fa29fed cups-libs-1.1.17-13.3.16.ppc.rpm ppc64: 2d58c7b4af3581b720c315d4acc88caa cups-libs-1.1.17-13.3.16.ppc64.rpm s390: 3f8e4d1f0acb1e63cacb04a31d33be7e cups-1.1.17-13.3.16.s390.rpm 9f65609293cab71c27bab23b4766e376 cups-devel-1.1.17-13.3.16.s390.rpm 9b3323c103753b3c97ac6543f73113f1 cups-libs-1.1.17-13.3.16.s390.rpm s390x: 9276fbed4537149de825126e43165244 cups-1.1.17-13.3.16.s390x.rpm 276335bb8d2b6b204ce69c478d708f85 cups-devel-1.1.17-13.3.16.s390x.rpm 56bedea0c9cbabdc50d2f4a1fdf63389 cups-libs-1.1.17-13.3.16.s390x.rpm 9b3323c103753b3c97ac6543f73113f1 cups-libs-1.1.17-13.3.16.s390.rpm x86_64: 2909c8b13ebabafe4f9832e571452226 cups-1.1.17-13.3.16.x86_64.rpm 351a15fe066f9650c293d91d5edca0d8 cups-devel-1.1.17-13.3.16.x86_64.rpm d3dddda473fe262daea7770ad1c6b6b2 cups-libs-1.1.17-13.3.16.x86_64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.16.src.rpm 5115ddbfb412786152b559c645008d04 cups-1.1.17-13.3.16.src.rpm i386: ba0ce8b3a0e6f96f65e805b18abb9710 cups-1.1.17-13.3.16.i386.rpm 15cc19fff26090f2ac2a3ae9fe8edade cups-devel-1.1.17-13.3.16.i386.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm x86_64: 2909c8b13ebabafe4f9832e571452226 cups-1.1.17-13.3.16.x86_64.rpm 351a15fe066f9650c293d91d5edca0d8 cups-devel-1.1.17-13.3.16.x86_64.rpm d3dddda473fe262daea7770ad1c6b6b2 cups-libs-1.1.17-13.3.16.x86_64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.16.src.rpm 5115ddbfb412786152b559c645008d04 cups-1.1.17-13.3.16.src.rpm i386: ba0ce8b3a0e6f96f65e805b18abb9710 cups-1.1.17-13.3.16.i386.rpm 15cc19fff26090f2ac2a3ae9fe8edade cups-devel-1.1.17-13.3.16.i386.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm ia64: c8b90a470b68b58fed2e82e570f5ee92 cups-1.1.17-13.3.16.ia64.rpm e6eac12d4a04cc3f2f78d5bcf04b3225 cups-devel-1.1.17-13.3.16.ia64.rpm ca472cbe2195dbc118ccfbc05644da0f cups-libs-1.1.17-13.3.16.ia64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm x86_64: 2909c8b13ebabafe4f9832e571452226 cups-1.1.17-13.3.16.x86_64.rpm 351a15fe066f9650c293d91d5edca0d8 cups-devel-1.1.17-13.3.16.x86_64.rpm d3dddda473fe262daea7770ad1c6b6b2 cups-libs-1.1.17-13.3.16.x86_64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.16.src.rpm 5115ddbfb412786152b559c645008d04 cups-1.1.17-13.3.16.src.rpm i386: ba0ce8b3a0e6f96f65e805b18abb9710 cups-1.1.17-13.3.16.i386.rpm 15cc19fff26090f2ac2a3ae9fe8edade cups-devel-1.1.17-13.3.16.i386.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm ia64: c8b90a470b68b58fed2e82e570f5ee92 cups-1.1.17-13.3.16.ia64.rpm e6eac12d4a04cc3f2f78d5bcf04b3225 cups-devel-1.1.17-13.3.16.ia64.rpm ca472cbe2195dbc118ccfbc05644da0f cups-libs-1.1.17-13.3.16.ia64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm x86_64: 2909c8b13ebabafe4f9832e571452226 cups-1.1.17-13.3.16.x86_64.rpm 351a15fe066f9650c293d91d5edca0d8 cups-devel-1.1.17-13.3.16.x86_64.rpm d3dddda473fe262daea7770ad1c6b6b2 cups-libs-1.1.17-13.3.16.x86_64.rpm f9c322a11ba0b571dd986dac596fe9e3 cups-libs-1.1.17-13.3.16.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBeSOnXlSAg2UNWIIRAlxAAJ9WyDOPr6em8vXIk0SXsIA9NC2MNwCgv7ws SFXFonpckLShZW9rZb3zjaA= =QEhf - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQXxi3Ch9+71yA2DNAQIThAP7Bba05lTgPWDLqBHyf/Xb4iTXFrrvW1H6 fICfSxHgTbYtDPtGsNo7wTVPAdSafBI1LL3AhOL0o7AtTCcfeTl1bjH+S+cg2jCb XMx6uX2cxlzdacorx3VBfCTKy4OHWOtvYcTbK/Xg11JidQZashoVhOG9Sn+kFoCs /Npz8tkQ03Q= =2Uuh -----END PGP SIGNATURE-----
Comments? Click here
http://www.auscert.org.au/render.html?cid=34&it=4496