cups-1.3.7-18.8.0.1.AXS3
エラータID: AXSA:2010-481:05
Release date:
Wednesday, November 3, 2010 - 13:04
Subject:
cups-1.3.7-18.8.0.1.AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
The Common UNIX Printing System provides a portable printing layer for UNIX® operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces.
Security issues fixed with this release:
CVE-2010-2431
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
CVE-2010-2941
No description available at the time of writing, see the CVE link below.
Solution:
Update packages.
CVEs:
CVE-2010-2431
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
CVE-2010-2941
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Additional Info:
N/A
Download:
SRPMS
- cups-1.3.7-18.8.0.1.AXS3.src.rpm
MD5: 139bc835f48f91200ce552cf59c5c3a7
SHA-256: 931b8ad1d84f6741872850c2ccbd48023b794ccac073c1a32a0f5bb275c2a75a
Size: 4.17 MB
Asianux Server 3 for x86
- cups-1.3.7-18.8.0.1.AXS3.i386.rpm
MD5: b03831d5b4ff856a1751d1f9b531e13e
SHA-256: 220f38c62761536f6429c7d31f8e74e3f1f078f73b5bb1ad15070088a87f5abd
Size: 3.52 MB - cups-devel-1.3.7-18.8.0.1.AXS3.i386.rpm
MD5: f426fb4d254a06515b5ff5bb47821245
SHA-256: 2a4aea2a54e5e97456c37c2fea5cd8310da137e2e8c85acc140054ad87ba0764
Size: 78.18 kB - cups-libs-1.3.7-18.8.0.1.AXS3.i386.rpm
MD5: 89a30d6b4948881be57832ab24203edc
SHA-256: d21698b84cc2baf85f4bd7b902a0ba0995c402f4ec9f67e3dcbbcbc28db2d3dd
Size: 198.90 kB
Asianux Server 3 for x86_64
- cups-1.3.7-18.8.0.1.AXS3.x86_64.rpm
MD5: 622958249b118db91ec835017049f11f
SHA-256: 753d2a1f10def899704ba1941d44363bd5ef1aaf4e9a2462f243fb9e22d76e6a
Size: 3.53 MB - cups-devel-1.3.7-18.8.0.1.AXS3.x86_64.rpm
MD5: 2e57b1b0385e12ca77c411633ff06534
SHA-256: 5cc1e1c4ca9c204c899d0a6512fe3860a936516db7801f46a66080c73d8a4c00
Size: 78.15 kB - cups-libs-1.3.7-18.8.0.1.AXS3.x86_64.rpm
MD5: 141192c798886987226bbdad8df7bdf1
SHA-256: f64612f01cf27e9aced48ebdf4ab40b631a066e77bc6985e1a68c87dcf5b2d36
Size: 194.86 kB
日本語