Advisories

Mandriva Advisories

Package name	cups
Date	November 5th, 2003
Advisory ID	MDKSA-2003:104
Affected versions	9.0, CS2.1
Synopsis	Updated CUPS packages fix denial of service vulnerability

Problem Description

A bug in versions of CUPS prior to 1.1.19 was reported by Paul
Mitcheson in the Internet Printing Protocol (IPP) implementation
would result in CUPS going into a busy loop, which could result in
a Denial of Service (DoS) condition. To be able to exploit this
problem, an attacker would need to be able to make a TCP connection
to the IPP port (port 631 by default).

The provided packages have been patched to correct this problem.

Updated Packages

Mandrakelinux 9.0

 ef999ce7a7361856bde78493357c173c  9.0/RPMS/cups-1.1.18-2.2.90mdk.i586.rpm
23772861be6813682316071ac5142169  9.0/RPMS/cups-common-1.1.18-2.2.90mdk.i586.rpm
517a0a906e0f6135aacb31fc1dc98c1c  9.0/RPMS/cups-serial-1.1.18-2.2.90mdk.i586.rpm
e5ba8a833fab015d04743e61466adcb3  9.0/RPMS/libcups1-1.1.18-2.2.90mdk.i586.rpm
fce8efc7313816c9aaabaa6c9abf6201  9.0/RPMS/libcups1-devel-1.1.18-2.2.90mdk.i586.rpm
4357ea21f3bb199c65fc37c9eebd1066  9.0/SRPMS/cups-1.1.18-2.2.90mdk.src.rpm

Corporate Server 2.1

 584a05963995876e075e5ca9817cfadb  corporate/2.1/RPMS/cups-1.1.18-2.2.C21mdk.i586.rpm
7971d0e5ac93d322e6aa97677e815eef  corporate/2.1/RPMS/cups-common-1.1.18-2.2.C21mdk.i586.rpm
06320efce369f26e61c37f32eb16169f  corporate/2.1/RPMS/cups-serial-1.1.18-2.2.C21mdk.i586.rpm
525bb92144b0b12c8ed04422cdc82d71  corporate/2.1/RPMS/libcups1-1.1.18-2.2.C21mdk.i586.rpm
6d35d2b7a8cb4eb93292cf47f408a4fe  corporate/2.1/RPMS/libcups1-devel-1.1.18-2.2.C21mdk.i586.rpm
b93777ca1fa1ef8b3471f5a3827c1e32  corporate/2.1/SRPMS/cups-1.1.18-2.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64

 32240f855fb4495a9041f06f595ab8e2  x86_64/corporate/2.1/RPMS/cups-1.1.18-2.2.C21mdk.x86_64.rpm
77f573305193f54dd39d7f0418da466e  x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.2.C21mdk.x86_64.rpm
5b68c85307ccbcb6dd7d8b4494781cf9  x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.2.C21mdk.x86_64.rpm
bcc3fdf22ebc631bbd0560795413d312  x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.2.C21mdk.x86_64.rpm
67d11d928cd59d3e734c90a9b1f02e05  x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.2.C21mdk.x86_64.rpm
b93777ca1fa1ef8b3471f5a3827c1e32  x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.2.C21mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0788

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer