Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Ubuntu 14.10 USN-2520-1 Critical: CUPS Denial Of Service Risk

ubuntu
Calendar Grey February 26, 2015
Dist Ubuntu Esm H88
Ubuntu Security Announcement USN-2620-1 addresses a networking flaw that could lead to system instability or enable unauthorized code execution.
CUPS could be made to crash or run programs if it processed a specially crafted file.

Summary

CUPS could be made to crash or run programs if it processed a specially

crafted file.

Software Description:

- cups: Common UNIX Printing System(tm)

Details:

Peter De Wachter discovered that CUPS incorrectly handled certain malformed

compressed raster files. A remote attacker could use this issue to cause

CUPS to crash, resulting in a denial of service, or possibly execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
  cups                            1.7.5-3ubuntu3.1

Ubuntu 14.04 LTS:
  cups                            1.7.2-0ubuntu1.5

Ubuntu 12.04 LTS:
  cups                            1.5.3-0ubuntu8.6

Ubuntu 10.04 LTS:
  cups                            1.4.3-1ubuntu1.14

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-2520-1

CVE-2014-9679

Severity
critical
Lowest
Low
Medium
High
Critical

February 26, 2015

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.