Date:         Tue, 16 Dec 2008 13:39:43 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for cups on SL3.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: cups security update
Issue date:	2008-12-15
CVE Names:	CVE-2008-5183 CVE-2008-5286

A null pointer dereference flaw was found in the way CUPS handled
subscriptions for printing job completion notifications. A local user could
use this flaw to crash the CUPS daemon by submitting a large number of
printing jobs requiring mail notification on completion, leading to a
denial of service. (CVE-2008-5183)

An integer overflow flaw, leading to a heap buffer overflow, was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image-converting filters, "imagetops" and "imagetoraster". An attacker
could create a malicious PNG file that could, potentially, execute
arbitrary code as the "lp" user if the file was printed. (CVE-2008-5286)

SL 3.0.x

      SRPMS:
cups-1.1.17-13.3.55.src.rpm
      i386:
cups-1.1.17-13.3.55.i386.rpm
cups-devel-1.1.17-13.3.55.i386.rpm
cups-libs-1.1.17-13.3.55.i386.rpm
      x86_64:
cups-1.1.17-13.3.55.x86_64.rpm
cups-devel-1.1.17-13.3.55.x86_64.rpm
cups-libs-1.1.17-13.3.55.i386.rpm
cups-libs-1.1.17-13.3.55.x86_64.rpm

SL 5.x

      SRPMS:
cups-1.2.4-11.18.el5_2.3.src.rpm
      i386:
cups-1.2.4-11.18.el5_2.3.i386.rpm
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm
cups-lpd-1.2.4-11.18.el5_2.3.i386.rpm
      x86_64:
cups-1.2.4-11.18.el5_2.3.x86_64.rpm
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm
cups-devel-1.2.4-11.18.el5_2.3.x86_64.rpm
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm
cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm
cups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2008-5183 cups SL3.x, SL5.x i386/x86_64

Moderate: cups security update

Summary

Date:         Tue, 16 Dec 2008 13:39:43 -0600Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for cups on SL3.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Moderate: cups security updateIssue date:	2008-12-15CVE Names:	CVE-2008-5183 CVE-2008-5286A null pointer dereference flaw was found in the way CUPS handledsubscriptions for printing job completion notifications. A local user coulduse this flaw to crash the CUPS daemon by submitting a large number ofprinting jobs requiring mail notification on completion, leading to adenial of service. (CVE-2008-5183)An integer overflow flaw, leading to a heap buffer overflow, was discoveredin the Portable Network Graphics (PNG) decoding routines used by the CUPSimage-converting filters, "imagetops" and "imagetoraster". An attackercould create a malicious PNG file that could, potentially, executearbitrary code as the "lp" user if the file was printed. (CVE-2008-5286)SL 3.0.x      SRPMS:cups-1.1.17-13.3.55.src.rpm      i386:cups-1.1.17-13.3.55.i386.rpmcups-devel-1.1.17-13.3.55.i386.rpmcups-libs-1.1.17-13.3.55.i386.rpm      x86_64:cups-1.1.17-13.3.55.x86_64.rpmcups-devel-1.1.17-13.3.55.x86_64.rpmcups-libs-1.1.17-13.3.55.i386.rpmcups-libs-1.1.17-13.3.55.x86_64.rpmSL 5.x      SRPMS:cups-1.2.4-11.18.el5_2.3.src.rpm      i386:cups-1.2.4-11.18.el5_2.3.i386.rpmcups-devel-1.2.4-11.18.el5_2.3.i386.rpmcups-libs-1.2.4-11.18.el5_2.3.i386.rpmcups-lpd-1.2.4-11.18.el5_2.3.i386.rpm      x86_64:cups-1.2.4-11.18.el5_2.3.x86_64.rpmcups-devel-1.2.4-11.18.el5_2.3.i386.rpmcups-devel-1.2.4-11.18.el5_2.3.x86_64.rpmcups-libs-1.2.4-11.18.el5_2.3.i386.rpmcups-libs-1.2.4-11.18.el5_2.3.x86_64.rpmcups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity