Date: 15 Sep 2004 18:55:15 -0000
From: Mandrake Linux Security Team <[email protected]>
To: [email protected]Subject: MDKSA-2004:097 - Updated cups packages fix DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: cups
Advisory ID: MDKSA-2004:097
Date: September 15th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Alvaro Martinez Echevarria discovered a vulnerability in the CUPS
print server where an empty UDP datagram sent to port 631 (the default
port that cupsd listens to) would disable browsing. This would
prevent cupsd from seeing any remote printers or any future remote
printer changes.
The updated packages are patched to protect against this vulnerability.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558http://www.cups.org/str.php?L863
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
6f786e3ec36e246d7370f492e53e8071 10.0/RPMS/cups-1.1.20-5.1.100mdk.i586.rpm
3b648685e2d6daca32c19f0c911c2a2d 10.0/RPMS/cups-common-1.1.20-5.1.100mdk.i586.rpm
c38951a854429442227c08493ce95b10 10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.i586.rpm
68d867e3151cc40be946f7e6585718b3 10.0/RPMS/libcups2-1.1.20-5.1.100mdk.i586.rpm
73a61738b404f9ffe2f5d33d999c58d8 10.0/RPMS/libcups2-devel-1.1.20-5.1.100mdk.i586.rpm
dbf32babe26d1b9bf922839fd4f64409 10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
9dd4e92fa6761ce6414583f3673dab6b amd64/10.0/RPMS/cups-1.1.20-5.1.100mdk.amd64.rpm
e49fdc4df0ab800ad48c24a87117a63f amd64/10.0/RPMS/cups-common-1.1.20-5.1.100mdk.amd64.rpm
ccc5ae05b07c3a56eb30cfe3a95e2aea amd64/10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.amd64.rpm
a816a4ad33164d23d0a5425b900d9ce0 amd64/10.0/RPMS/lib64cups2-1.1.20-5.1.100mdk.amd64.rpm
feeed14726902046368619d8e5f680c4 amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.1.100mdk.amd64.rpm
dbf32babe26d1b9bf922839fd4f64409 amd64/10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm
Corporate Server 2.1:
142f95c8680e081dfbfb53e586de0758 corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.i586.rpm
13510fb948f686e81cb0e43ed199a5c9 corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.i586.rpm
fe7759d16276087aea078a4666d27264 corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.i586.rpm
d5a3ad2d14a730b633153bc486f8d043 corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.i586.rpm
b1ac7b51317da42444ea35e5e3e1def3 corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.i586.rpm
0cfaa49e8d722afad7886998121a8ef2 corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
53d838ecedc3d39880e43476cdba933d x86_64/corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.x86_64.rpm
71df87e1abeb7cbf1dff2d206476f149 x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.x86_64.rpm
93d9708fbbc34f7ea44b40f193a35bf1 x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.x86_64.rpm
4a2d2ace8e2ddf9e29061fff3b0b2e72 x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.x86_64.rpm
7edc440141df40c2dbfb814c7221e511 x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.x86_64.rpm
0cfaa49e8d722afad7886998121a8ef2 x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm
Mandrakelinux 9.2:
b46e23e49906b9837f8ff8a2f1551a1a 9.2/RPMS/cups-1.1.19-10.1.92mdk.i586.rpm
41882610ebe7ef19c62d0466a3b856bd 9.2/RPMS/cups-common-1.1.19-10.1.92mdk.i586.rpm
80285eaf595e788bf83cb06c3be6399b 9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.i586.rpm
eeb50273236cab134566e4ba9aa19de7 9.2/RPMS/libcups2-1.1.19-10.1.92mdk.i586.rpm
9eebdc74a019cbf01a36e91cb0f2da38 9.2/RPMS/libcups2-devel-1.1.19-10.1.92mdk.i586.rpm
b2badd330ea284850e42f9107bb178cf 9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
bd01da75ac66983321eca2394853eb56 amd64/9.2/RPMS/cups-1.1.19-10.1.92mdk.amd64.rpm
865443156fd350d0b06c1696f923d413 amd64/9.2/RPMS/cups-common-1.1.19-10.1.92mdk.amd64.rpm
78ed4c034ee5fa27b85dd89d909a1a3c amd64/9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.amd64.rpm
7e868f59baa290fbef9f933ac76156ce amd64/9.2/RPMS/lib64cups2-1.1.19-10.1.92mdk.amd64.rpm
db3266a647e39805f0b9f36fa87dcac1 amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.1.92mdk.amd64.rpm
b2badd330ea284850e42f9107bb178cf amd64/9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBSJATmqjQ0CJFipgRAgi4AJ4hX3e+0849lql7lwNX37B6Wk3I8gCfceiU
lMl3gN7n7Pvj20zxNFqdGtM=
=5r+U
-----END PGP SIGNATURE-----