Date:         Fri, 10 Oct 2008 14:03:17 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: cups security update
Issue date:	2008-10-10
CVE Names:	CVE-2008-3639 CVE-2008-3640 CVE-2008-3641

A buffer overflow flaw was discovered in the SGI image format decoding
routines used by the CUPS image converting filter "imagetops". An attacker
could create a malicious SGI image file that could, possibly, execute
arbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)

An integer overflow flaw leading to a heap buffer overflow was discovered
in the Text-to-PostScript "texttops" filter. An attacker could create a
malicious text file that could, possibly, execute arbitrary code as the
"lp" user if the file was printed. (CVE-2008-3640)

An insufficient buffer bounds checking flaw was discovered in the
HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a
malicious HP-GL/2 file that could, possibly, execute arbitrary code as the
"lp" user if the file was printed. (CVE-2008-3641)

SL 3.0.x

      SRPMS:
cups-1.1.17-13.3.54.src.rpm
      i386:
cups-1.1.17-13.3.54.i386.rpm
cups-devel-1.1.17-13.3.54.i386.rpm
cups-libs-1.1.17-13.3.54.i386.rpm
      x86_64:
cups-1.1.17-13.3.54.x86_64.rpm
cups-devel-1.1.17-13.3.54.x86_64.rpm
cups-libs-1.1.17-13.3.54.i386.rpm
cups-libs-1.1.17-13.3.54.x86_64.rpm

SL 4.x

      SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.1.src.rpm
      i386:
cups-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
cups-devel-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
      x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm
cups-devel-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm
cups-libs-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpm

SL 5.x

      SRPMS:
cups-1.2.4-11.18.el5_2.2.src.rpm
      i386:
cups-1.2.4-11.18.el5_2.2.i386.rpm
cups-devel-1.2.4-11.18.el5_2.2.i386.rpm
cups-libs-1.2.4-11.18.el5_2.2.i386.rpm
cups-lpd-1.2.4-11.18.el5_2.2.i386.rpm
      x86_64:
cups-1.2.4-11.18.el5_2.2.x86_64.rpm
cups-devel-1.2.4-11.18.el5_2.2.i386.rpm
cups-devel-1.2.4-11.18.el5_2.2.x86_64.rpm
cups-libs-1.2.4-11.18.el5_2.2.i386.rpm
cups-libs-1.2.4-11.18.el5_2.2.x86_64.rpm
cups-lpd-1.2.4-11.18.el5_2.2.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2008-3639 cups SL3.x, SL4.x, SL5.x i386/x86_64

Important: cups security update

Summary

Date:         Fri, 10 Oct 2008 14:03:17 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Important: cups security updateIssue date:	2008-10-10CVE Names:	CVE-2008-3639 CVE-2008-3640 CVE-2008-3641A buffer overflow flaw was discovered in the SGI image format decodingroutines used by the CUPS image converting filter "imagetops". An attackercould create a malicious SGI image file that could, possibly, executearbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)An integer overflow flaw leading to a heap buffer overflow was discoveredin the Text-to-PostScript "texttops" filter. An attacker could create amalicious text file that could, possibly, execute arbitrary code as the"lp" user if the file was printed. (CVE-2008-3640)An insufficient buffer bounds checking flaw was discovered in theHP-GL/2-to-PostScript "hpgltops" filter. An attacker could create amalicious HP-GL/2 file that could, possibly, execute arbitrary code as the"lp" user if the file was printed. (CVE-2008-3641)SL 3.0.x      SRPMS:cups-1.1.17-13.3.54.src.rpm      i386:cups-1.1.17-13.3.54.i386.rpmcups-devel-1.1.17-13.3.54.i386.rpmcups-libs-1.1.17-13.3.54.i386.rpm      x86_64:cups-1.1.17-13.3.54.x86_64.rpmcups-devel-1.1.17-13.3.54.x86_64.rpmcups-libs-1.1.17-13.3.54.i386.rpmcups-libs-1.1.17-13.3.54.x86_64.rpmSL 4.x      SRPMS:cups-1.1.22-0.rc1.9.27.el4_7.1.src.rpm      i386:cups-1.1.22-0.rc1.9.27.el4_7.1.i386.rpmcups-devel-1.1.22-0.rc1.9.27.el4_7.1.i386.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpm      x86_64:cups-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpmcups-devel-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.i386.rpmcups-libs-1.1.22-0.rc1.9.27.el4_7.1.x86_64.rpmSL 5.x      SRPMS:cups-1.2.4-11.18.el5_2.2.src.rpm      i386:cups-1.2.4-11.18.el5_2.2.i386.rpmcups-devel-1.2.4-11.18.el5_2.2.i386.rpmcups-libs-1.2.4-11.18.el5_2.2.i386.rpmcups-lpd-1.2.4-11.18.el5_2.2.i386.rpm      x86_64:cups-1.2.4-11.18.el5_2.2.x86_64.rpmcups-devel-1.2.4-11.18.el5_2.2.i386.rpmcups-devel-1.2.4-11.18.el5_2.2.x86_64.rpmcups-libs-1.2.4-11.18.el5_2.2.i386.rpmcups-libs-1.2.4-11.18.el5_2.2.x86_64.rpmcups-lpd-1.2.4-11.18.el5_2.2.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News