Package name cups
Date February 26th, 2008
Advisory ID MDVSA-2008:050
Affected versions CS3.0
Synopsis Updated cups packages fix multiple vulnerabilities

Problem Description

Dave Camp at Critical Path Software discovered a buffer overflow
in CUPS 1.1.23 and earlier could allow local admin users to execute
arbitrary code via a crafted URI to the CUPS service (CVE-2007-5848).

The Red Hat Security Team also found two flaws in CUPS 1.1.x where
a malicious user on the local subnet could send a set of carefully
crafted IPP packets to the UDP port in such a way as to cause CUPS
to crash (CVE-2008-0597) or consume memory and lead to a CUPS crash
(CVE-2008-0596).

Finally, another flaw was found in how CUPS handled the addition and
removal of remote printers via IPP that could allow a remote attacker
to send a malicious IPP packet to the UDP port causing CUPS to crash
(CVE-2008-0882).

The updated packages have been patched to correct these issues.

Updated Packages

Corporate Server 3.0

 71c1bd1c9099440da3e9afcfe4636525  corporate/3.0/i586/cups-1.1.20-5.16.C30mdk.i586.rpm
 a73fba38dbcf62fd4c64590e5d754126  corporate/3.0/i586/cups-common-1.1.20-5.16.C30mdk.i586.rpm
 60b6e82788d5b0c51f68b0db44e31240  corporate/3.0/i586/cups-serial-1.1.20-5.16.C30mdk.i586.rpm
 419d078e2df1396531c23cbbf2f2785d  corporate/3.0/i586/libcups2-1.1.20-5.16.C30mdk.i586.rpm
 064e5b42b27c90602bf8e7c47200bef8  corporate/3.0/i586/libcups2-devel-1.1.20-5.16.C30mdk.i586.rpm 
 5c363b9a8573a4ae3da5e654da34bae5  corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 c33aff1c5bab9bce22f7a018f2fbfe7d  corporate/3.0/x86_64/cups-1.1.20-5.16.C30mdk.x86_64.rpm
 ba1cba41b479e332e8d43652af86756d  corporate/3.0/x86_64/cups-common-1.1.20-5.16.C30mdk.x86_64.rpm
 211561645f6743343a0a9189ecd8e24e  corporate/3.0/x86_64/cups-serial-1.1.20-5.16.C30mdk.x86_64.rpm
 d1cb2198f9b73cfb5d2ae3d69bacf12c  corporate/3.0/x86_64/lib64cups2-1.1.20-5.16.C30mdk.x86_64.rpm
 104350956cda23c2e2f5bb05a22df9c7  corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.16.C30mdk.x86_64.rpm 
 5c363b9a8573a4ae3da5e654da34bae5  corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5848

Upgrade

To upgrade automatically, use MandrivaUpdate.


Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.