Updated cups packages fix DoS vulnerability

mystified · September 16, 2004

Mandrakesoft Security Advisories

Package name cups

Date September 15th, 2004

Advisory ID MDKSA-2004:097

Affected versions 9.2, 10.0, CS2.1

Synopsis Updated cups packages fix DoS vulnerability

Problem Description

Alvaro Martinez Echevarria discovered a vulnerability in the CUPS print server where an empty UDP datagram sent to port 631 (the default port that cupsd listens to) would disable browsing. This would prevent cupsd from seeing any remote printers or any future remote printer changes.

The updated packages are patched to protect against this vulnerability.

Updated Packages

Mandrakelinux 9.2

b46e23e49906b9837f8ff8a2f1551a1a 9.2/RPMS/cups-1.1.19-10.1.92mdk.i586.rpm

41882610ebe7ef19c62d0466a3b856bd 9.2/RPMS/cups-common-1.1.19-10.1.92mdk.i586.rpm

80285eaf595e788bf83cb06c3be6399b 9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.i586.rpm

eeb50273236cab134566e4ba9aa19de7 9.2/RPMS/libcups2-1.1.19-10.1.92mdk.i586.rpm

9eebdc74a019cbf01a36e91cb0f2da38 9.2/RPMS/libcups2-devel-1.1.19-10.1.92mdk.i586.rpm

b2badd330ea284850e42f9107bb178cf 9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm

Mandrakelinux 9.2/AMD64

bd01da75ac66983321eca2394853eb56 amd64/9.2/RPMS/cups-1.1.19-10.1.92mdk.amd64.rpm

865443156fd350d0b06c1696f923d413 amd64/9.2/RPMS/cups-common-1.1.19-10.1.92mdk.amd64.rpm

78ed4c034ee5fa27b85dd89d909a1a3c amd64/9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.amd64.rpm

7e868f59baa290fbef9f933ac76156ce amd64/9.2/RPMS/lib64cups2-1.1.19-10.1.92mdk.amd64.rpm

db3266a647e39805f0b9f36fa87dcac1 amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.1.92mdk.amd64.rpm

b2badd330ea284850e42f9107bb178cf amd64/9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm

Mandrakelinux 10.0

6f786e3ec36e246d7370f492e53e8071 10.0/RPMS/cups-1.1.20-5.1.100mdk.i586.rpm

3b648685e2d6daca32c19f0c911c2a2d 10.0/RPMS/cups-common-1.1.20-5.1.100mdk.i586.rpm

c38951a854429442227c08493ce95b10 10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.i586.rpm

68d867e3151cc40be946f7e6585718b3 10.0/RPMS/libcups2-1.1.20-5.1.100mdk.i586.rpm

73a61738b404f9ffe2f5d33d999c58d8 10.0/RPMS/libcups2-devel-1.1.20-5.1.100mdk.i586.rpm

dbf32babe26d1b9bf922839fd4f64409 10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64

9dd4e92fa6761ce6414583f3673dab6b amd64/10.0/RPMS/cups-1.1.20-5.1.100mdk.amd64.rpm

e49fdc4df0ab800ad48c24a87117a63f amd64/10.0/RPMS/cups-common-1.1.20-5.1.100mdk.amd64.rpm

ccc5ae05b07c3a56eb30cfe3a95e2aea amd64/10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.amd64.rpm

a816a4ad33164d23d0a5425b900d9ce0 amd64/10.0/RPMS/lib64cups2-1.1.20-5.1.100mdk.amd64.rpm

feeed14726902046368619d8e5f680c4 amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.1.100mdk.amd64.rpm

dbf32babe26d1b9bf922839fd4f64409 amd64/10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm

Corporate Server 2.1

142f95c8680e081dfbfb53e586de0758 corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.i586.rpm

13510fb948f686e81cb0e43ed199a5c9 corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.i586.rpm

fe7759d16276087aea078a4666d27264 corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.i586.rpm

d5a3ad2d14a730b633153bc486f8d043 corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.i586.rpm

b1ac7b51317da42444ea35e5e3e1def3 corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.i586.rpm

0cfaa49e8d722afad7886998121a8ef2 corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm

Corporate Server 2.1/X86_64

53d838ecedc3d39880e43476cdba933d x86_64/corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.x86_64.rpm

71df87e1abeb7cbf1dff2d206476f149 x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.x86_64.rpm

93d9708fbbc34f7ea44b40f193a35bf1 x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.x86_64.rpm

4a2d2ace8e2ddf9e29061fff3b0b2e72 x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.x86_64.rpm

7edc440141df40c2dbfb814c7221e511 x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.x86_64.rpm

0cfaa49e8d722afad7886998121a8ef2 x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558

http://www.cups.org/str.php?L863

Upgrade

To upgrade automatically, use MandrakeUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command:

rpm --checksig package.rpm

You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM.

If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

Sign In

Updated cups packages fix DoS vulnerability

Recommended Posts

mystified

Link to comment

Share on other sites

Browse

Activity