LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

February 2008

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA February 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Mon, 25 Feb 2008 11:47:52 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (69 lines)

Synopsis:	Important: cups security update
Issue date:	2008-02-25
CVE Names:	CVE-2008-0596 CVE-2008-0597 CVE-2008-0882

SL 3 and SL 4 only
A flaw was found in the way CUPS handled the addition and removal of remote
shared printers via IPP.  A remote attacker could send malicious UDP IPP
packets causing the CUPS daemon to attempt to dereference already freed
memory and crash. (CVE-2008-0597)

A memory management flaw was found in the way CUPS handled the addition and
removal of remote shared printers via IPP.  When shared printer was
removed, allocated memory was not properly freed, leading to a memory leak
possibly causing CUPS daemon crash after exhausting available memory.
(CVE-2008-0596)

SL 5 only
A flaw was found in the way CUPS handles the addition and removal of remote
shared printers via IPP. A remote attacker could send malicious UDP IPP
packets causing the CUPS daemon to crash. (CVE-2008-0882)

SL 3.0.x

      SRPMS:
cups-1.1.17-13.3.51.src.rpm
      i386:
cups-1.1.17-13.3.51.i386.rpm
cups-devel-1.1.17-13.3.51.i386.rpm
cups-libs-1.1.17-13.3.51.i386.rpm
      x86_64:
cups-1.1.17-13.3.51.x86_64.rpm
cups-devel-1.1.17-13.3.51.x86_64.rpm
cups-libs-1.1.17-13.3.51.i386.rpm
cups-libs-1.1.17-13.3.51.x86_64.rpm

SL 4.x

      SRPMS:
cups-1.1.22-0.rc1.9.20.2.el4_6.5.src.rpm
      i386:
cups-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-devel-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
      x86_64:
cups-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.i386.rpm
cups-libs-1.1.22-0.rc1.9.20.2.el4_6.5.x86_64.rpm

SL 5.x

      SRPMS:
cups-1.2.4-11.14.el5_1.4.src.rpm
      i386:
cups-1.2.4-11.14.el5_1.4.i386.rpm
cups-devel-1.2.4-11.14.el5_1.4.i386.rpm
cups-libs-1.2.4-11.14.el5_1.4.i386.rpm
cups-lpd-1.2.4-11.14.el5_1.4.i386.rpm
      x86_64:
cups-1.2.4-11.14.el5_1.4.x86_64.rpm
cups-devel-1.2.4-11.14.el5_1.4.i386.rpm
cups-devel-1.2.4-11.14.el5_1.4.x86_64.rpm
cups-libs-1.2.4-11.14.el5_1.4.i386.rpm
cups-libs-1.2.4-11.14.el5_1.4.x86_64.rpm
cups-lpd-1.2.4-11.14.el5_1.4.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV