LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

November 2009

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA November 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Security ERRATA Moderate: cups on SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Thu, 12 Nov 2009 14:08:37 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (76 lines)

It has been discovered that on some older SL 5 systems, rpm has to be 
updated before the cups update.  Because of this we are pulling the cups 
packages from the security errata area, but we are leaving the updated 
rpm packages.
We will put the cups packages back into the security errata area in a 
week or two, after people have had a chance to update rpm.

We are sorry about the inconvenience this might cause.

Troy Dawson

Troy J Dawson wrote:
> Synopsis:	Moderate: cups security update
> Issue date:	2009-10-15
> CVE Names:	CVE-2009-3608 CVE-2009-3609
> 
> Two integer overflow flaws were found in the CUPS "pdftops" filter. An
> attacker could create a malicious PDF file that would cause "pdftops" to
> crash or, potentially, execute arbitrary code as the "lp" user if the 
> file was printed. (CVE-2009-3608, CVE-2009-3609)
> 
> After installing the update, the cupsd daemon will be restarted 
> automatically.
> 
> Note: Some older versions of SL 5 needed a newer version of rpm for this 
> update.  The SL 5.4 version of rpm and popt is included with this update.
> 
> Note: This update is already in SL 5.4
> 
> SL 5.x
> 
>      SRPMS:
> cups-1.3.7-11.el5_4.3.src.rpm
>      i386:
> cups-1.3.7-11.el5_4.3.i386.rpm
> cups-devel-1.3.7-11.el5_4.3.i386.rpm
> cups-libs-1.3.7-11.el5_4.3.i386.rpm
> cups-lpd-1.3.7-11.el5_4.3.i386.rpm
> popt-1.10.2.3-18.el5.i386.rpm
> rpm-4.4.2.3-18.el5.i386.rpm
> rpm-apidocs-4.4.2.3-18.el5.i386.rpm
> rpm-build-4.4.2.3-18.el5.i386.rpm
> rpm-devel-4.4.2.3-18.el5.i386.rpm
> rpm-libs-4.4.2.3-18.el5.i386.rpm
> rpm-python-4.4.2.3-18.el5.i386.rpm
>      x86_64:
> cups-1.3.7-11.el5_4.3.x86_64.rpm
> cups-devel-1.3.7-11.el5_4.3.i386.rpm
> cups-devel-1.3.7-11.el5_4.3.x86_64.rpm
> cups-libs-1.3.7-11.el5_4.3.i386.rpm
> cups-libs-1.3.7-11.el5_4.3.x86_64.rpm
> cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm
> popt-1.10.2.3-18.el5.i386.rpm
> popt-1.10.2.3-18.el5.x86_64.rpm
> rpm-4.4.2.3-18.el5.x86_64.rpm
> rpm-apidocs-4.4.2.3-18.el5.x86_64.rpm
> rpm-build-4.4.2.3-18.el5.x86_64.rpm
> rpm-devel-4.4.2.3-18.el5.i386.rpm
> rpm-devel-4.4.2.3-18.el5.x86_64.rpm
> rpm-libs-4.4.2.3-18.el5.i386.rpm
> rpm-libs-4.4.2.3-18.el5.x86_64.rpm
> rpm-python-4.4.2.3-18.el5.x86_64.rpm
> 
> -Connie Sieh
> -Troy Dawson
> 
> 
> 


-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LSCS/CSI/USS Group
__________________________________________________

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV