Resend: SuSE Security Announcement: cups (SuSE-SA:2002:006)
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: cups
Announcement-ID: SuSE-SA:2002:006
Date: Wednesday, Feb 27th 2002 12:10 MET
Affected SuSE versions: 7.1, 7.2, 7.3
Vulnerability Type: remote privilege escalation
Severity (1-10): 5
SuSE default package: no
Other affected systems: all systems running CUPS
Content of this advisory:
1) security vulnerability resolved: CUPS bufferoverflow in IPP
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
We re-release SuSE Security Announcement SuSE-SA:2002:005 with the new
announcement ID SuSE-SA:2002:006 due to minor packaging errors that can
result in a malfunction of the printing subsystem. The erroneous packages
have been removed from the ftp server. The new packages are in place as
announced in the URL list below.
The well known Common Unix Printing System (CUPS) was found vulnerable
to a buffer overflow in the Internet Printing Protocol (IPP) handling
code.
The buffer overflow could be exploited by a remote attacker as long as
their IP address is allowed to connect to the CUPS server.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
After updateing the RPM package run "rclpd restart" as root to make
the package upgrade effective.
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/d3/cups-devel-1.1.10-83.i386.rpm
8d5053ad177a11625184d0758487fc44
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-1.1.10-83.i386.rpm
d13c2a15aec1e32d33e67e3c5dfbfcbe
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-client-1.1.10-83.i386.rpm
f6869afd7a3ca8d25094e8beb685be69
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-libs-1.1.10-83.i386.rpm
cabe0639064f8d8f4e0966b52f11d879
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/cups-1.1.10-83.src.rpm
44565cf9eef0354eda24c79eb6754615
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/d3/cups-devel-1.1.6-104.i386.rpm
b248ca457d8240380bb5c52a27b18eef
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/cups-1.1.6-104.i386.rpm
828f470a6fbee50cfc7405c39aa1d81d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/cups-1.1.6-104.src.rpm
8447e7162c38ecd5f63742de98d80e76
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/d3/cups-devel-1.1.6-105.i386.rpm
4ea2040b5c7b46b2e55dacd7073ce9ac
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/cups-1.1.6-105.i386.rpm
268428ba6b0470de8ae381552f185420
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/cups-1.1.6-105.src.rpm
93195300593a49fe6236b5abbfca8806
Sparc Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/d3/cups-devel-1.1.10-36.sparc.rpm
0970928774ba45661812d2e818b9bbb2
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-1.1.10-36.sparc.rpm
4587059b86c2cefd9097d778ec125ab8
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-client-1.1.10-36.sparc.rpm
b26a1937a8bd286328ab164e1cc91ebe
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-libs-1.1.10-36.sparc.rpm
afed35a5212b217bab1556e0e5df39e6
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/cups-1.1.10-36.src.rpm
bb1662c9b437b0b88c56a39df9b4b6ad
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/d3/cups-devel-1.1.6-38.sparc.rpm
0a093efb86b0eb024a21ab5532c2f08a
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/cups-1.1.6-38.sparc.rpm
69966f1ee23d904a5085d302a49678d6
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/cups-1.1.6-38.src.rpm
b4921596bdec11a93da1031c43caa700
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/d3/cups-devel-1.1.6-34.alpha.rpm
a1883596165edd8b1fa597dcb9e21d70
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/cups-1.1.6-34.alpha.rpm
96d90d112b52262dbd01b01aac5b64d3
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/cups-1.1.6-34.src.rpm
2d648e906fc29c64682c7797adbbdcac
PPC PowerPC Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/d3/cups-devel-1.1.10-63.ppc.rpm
04d9a84650c335ecc550c4e55e57a576
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-1.1.10-63.ppc.rpm
1776913fc7df901ce37fe3f41ce3fcb8
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-client-1.1.10-63.ppc.rpm
75d676e87d82d58555bf24d3261d0da6
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-libs-1.1.10-63.ppc.rpm
34f744fc2e7b60db32abc89fbda9fbfd
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/cups-1.1.10-63.src.rpm
fa19fa9c5e0558d426de857f2bf45ac6
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- squid
A heap overflow in squid's URL constructing functions is fixed and
new packages are currently being built.
- ucd-snmpd
The UCD snmpd contains various security releated bugs.
We are currently reviewing the code and available fixes to ensure
they all get fixed. Patches will be available as soon as possible.
It is strongly recommended to filter SNMP (TCP and UDP packets
with destination of port 161) traffic.
- hanterm/wmtv
The recently reported vulnerabilities in hanterm and wmtv do not
affect SuSE installations because they are not installed setuid
or setgid.
- cipe
We are about to prepare kernel update packages that fix a DoS
problem in the kernel modules for the cipe encrypted tunneling
software.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum
participants (1)
-
Thomas Biege