cups-1.4.2-67.1.0.1.AXS4
エラータID: AXSA:2015-156:01
Release date:
Thursday, June 18, 2015 - 18:05
Subject:
cups-1.4.2-67.1.0.1.AXS4
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
The Common UNIX Printing System provides a portable printing layer for
UNIX® operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.
Security issues fixed with this release:
CVE-2014-9679
CVE-2015-1158
CVE-2015-1159
Solution:
Update packages.
CVEs:
CVE-2014-9679
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
CVE-2015-1158
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
Additional Info:
N/A
Download:
SRPMS
- cups-1.4.2-67.1.0.1.AXS4.src.rpm
MD5: 0d17627e7340b9cf0c5a8b360b6bdb24
SHA-256: 3647b63936f0394b96037babfa4d26f3cbb4b723781960e9020a7dc00ac1cf65
Size: 4.44 MB
Asianux Server 4 for x86
- cups-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: 5802da44b5f9a96aadf25975a4ca722f
SHA-256: c91a42b944316ab014789736b4b8fa6149e2e3566c063bc3c3dd1955f9eac485
Size: 2.29 MB - cups-devel-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: eab5dcfa6f4e22ae0175a1bcd4781b33
SHA-256: 258cc0b26ac83afe137239a774ec6b208d9c0ba6633e12411c88d0c557543e83
Size: 110.88 kB - cups-libs-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: b23b8ba0ab870adff06d6cbc9780cc36
SHA-256: 1c81ec0e98952377ac8a7fea28c8dcaf2eef17f7d68b84e6f69d84f4c3a7681f
Size: 329.31 kB - cups-lpd-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: dedde589dfc27018a5395916a379912c
SHA-256: 01fb9a2a609ed31935629d88a131308a691420ba92f50a9a8ae90cee61c7bd73
Size: 83.91 kB
Asianux Server 4 for x86_64
- cups-1.4.2-67.1.0.1.AXS4.x86_64.rpm
MD5: 6c60269093725f40e316abc8f93c940b
SHA-256: 7b123f215513f714dd263c95f3cc7015443f3994f1de158f434b2089780c2ac2
Size: 2.29 MB - cups-devel-1.4.2-67.1.0.1.AXS4.x86_64.rpm
MD5: 3f1774a1f663aac06c31cb3971a609d1
SHA-256: 6809db0c22a1b4685ec4e2f0de4422c6cd9704ab0d389c25aa03f4e8042cb2ca
Size: 110.50 kB - cups-libs-1.4.2-67.1.0.1.AXS4.x86_64.rpm
MD5: 89815fd8d0339511520d3b3d83b56b4b
SHA-256: e492aaa63a210601472672d9efcc334cbbf998b8d6133e5b9fb1ccac45d9b53d
Size: 319.09 kB - cups-lpd-1.4.2-67.1.0.1.AXS4.x86_64.rpm
MD5: 0f9d6cc2934ad64ad8c2ed2a50129ef2
SHA-256: 9b1d49c589b28f873dfa3a25c863f143ef5823b3ba4286e3f06837e3c57c7742
Size: 83.57 kB - cups-devel-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: eab5dcfa6f4e22ae0175a1bcd4781b33
SHA-256: 258cc0b26ac83afe137239a774ec6b208d9c0ba6633e12411c88d0c557543e83
Size: 110.88 kB - cups-libs-1.4.2-67.1.0.1.AXS4.i686.rpm
MD5: b23b8ba0ab870adff06d6cbc9780cc36
SHA-256: 1c81ec0e98952377ac8a7fea28c8dcaf2eef17f7d68b84e6f69d84f4c3a7681f
Size: 329.31 kB