Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Slackware 12.x SSA:2009-116-01 Critical: CUPS Security Update

slackware
Calendar Grey April 26, 2009
Dist Slackware Esm H88
Revised drivers bundle for Slackware 12.x targets essential vulnerability fixes. Check for comprehensive setup guidelines and enhancement notes.
New cups packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/cups-1.3.10-i486-1_slack12.2.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2009-0146 https://www.cve.org/CVERecord?id=CVE-2009-0147 https://www.cve.org/CVERecord?id=CVE-2009-0163 https://www.cve.org/CVERecord?id=CVE-2009-0164 https://www.cve.org/CVERecord?id=CVE-2009-0166 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service critical Slackware CUPS

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware -current:

MD5 Signatures

Slackware 12.0 package: dbf34b8eb6f942ae8cb14ab43e5d3abf cups-1.3.10-i486-1_slack12.0.tgz
Slackware 12.1 package: 96e3963385de424bd0455760ecf70944 cups-1.3.10-i486-1_slack12.1.tgz
Slackware 12.2 package: ccb8896aeb41dd321af8318e51e9f8d2 cups-1.3.10-i486-1_slack12.2.tgz
Slackware -current package: f7bd3fa36e2c2741ad029ed07fa4425b cups-1.3.10-i486-1.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service critical Slackware CUPS

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg cups-1.3.10-i486-1_slack12.2.tgz If the machine is running the CUPS server, restart it: # sh /etc/rc.d/rc.cups restart

Related News

Your message here