Skip to navigation

Security Advisory Moderate: cups security update

Advisory: RHSA-2010:0129-1
Type: Security Advisory
Severity: Moderate
Issued on: 2010-03-03
Last updated on: 2010-03-03
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
CVEs (cve.mitre.org): CVE-2010-0302

Details

Updated cups packages that fix one security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.

It was discovered that the Red Hat Security Advisory RHSA-2009:1595 did not
fully correct the use-after-free flaw in the way CUPS handled references in
its file descriptors-handling interface. A remote attacker could send
specially-crafted queries to the CUPS server, causing it to crash.
(CVE-2010-0302)

Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the cupsd daemon will be restarted automatically.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
cups-1.3.7-11.el5_4.6.src.rpm
File outdated by:  RHSA-2013:0580
    MD5: 0129859232589db56a4e8fab9f5c9c8c
 
IA-32:
cups-devel-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 08204f44b08b9655d9d4fbbce5796c0b
 
x86_64:
cups-devel-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 08204f44b08b9655d9d4fbbce5796c0b
cups-devel-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 76deb11ec738176f411035f7932f5aa1
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
cups-1.3.7-11.el5_4.6.src.rpm
File outdated by:  RHSA-2013:0580
    MD5: 0129859232589db56a4e8fab9f5c9c8c
 
IA-32:
cups-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 3daf39647bf6a979d4cba886736b8d7e
cups-devel-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 08204f44b08b9655d9d4fbbce5796c0b
cups-libs-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-lpd-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 2ed85ac92cd25af4e2f15c4df268d85d
 
IA-64:
cups-1.3.7-11.el5_4.6.ia64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 961cb069c10e2b3ed5652ad27f59b594
cups-devel-1.3.7-11.el5_4.6.ia64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 133e97b4903db43b77c288abdd629f7e
cups-libs-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-libs-1.3.7-11.el5_4.6.ia64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 87f1dfbc0275561246c81df83d10ab7f
cups-lpd-1.3.7-11.el5_4.6.ia64.rpm
File outdated by:  RHSA-2013:0580
    MD5: f290b1585b63f2dba1e1c6efd077fc9e
 
PPC:
cups-1.3.7-11.el5_4.6.ppc.rpm
File outdated by:  RHSA-2013:0580
    MD5: 95b77684099d387eceb45e9c0a0fbe05
cups-devel-1.3.7-11.el5_4.6.ppc.rpm
File outdated by:  RHSA-2013:0580
    MD5: 2eb689b822cd440a90a2ae42eb43de7f
cups-devel-1.3.7-11.el5_4.6.ppc64.rpm
File outdated by:  RHSA-2013:0580
    MD5: c9249aa562f8a9fb30793838a5576249
cups-libs-1.3.7-11.el5_4.6.ppc.rpm
File outdated by:  RHSA-2013:0580
    MD5: 3f81de106402ad2a965ea21609b11916
cups-libs-1.3.7-11.el5_4.6.ppc64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 86a297c445996e6a9612f707182853a3
cups-lpd-1.3.7-11.el5_4.6.ppc.rpm
File outdated by:  RHSA-2013:0580
    MD5: 57ffcbc1ef52dddfe83960c4a2cfe58a
 
s390x:
cups-1.3.7-11.el5_4.6.s390x.rpm
File outdated by:  RHSA-2013:0580
    MD5: cd47fa0ff6c0ee9b86d49877f6452d49
cups-devel-1.3.7-11.el5_4.6.s390.rpm
File outdated by:  RHSA-2013:0580
    MD5: 0f6ad8315d7d4879e9d449981d57d062
cups-devel-1.3.7-11.el5_4.6.s390x.rpm
File outdated by:  RHSA-2013:0580
    MD5: 1aedca08440ba12082b1b944454f93ab
cups-libs-1.3.7-11.el5_4.6.s390.rpm
File outdated by:  RHSA-2013:0580
    MD5: fdf2d5cfb53ee91d6ea0afb39c60ee1f
cups-libs-1.3.7-11.el5_4.6.s390x.rpm
File outdated by:  RHSA-2013:0580
    MD5: 1278c5d0c1515cf080c69685e8ae0979
cups-lpd-1.3.7-11.el5_4.6.s390x.rpm
File outdated by:  RHSA-2013:0580
    MD5: 8e91dcda30197e453a5b04ff7c3fe3ab
 
x86_64:
cups-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: d73c18f2d47683555f4d8c6012ca4bee
cups-devel-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 08204f44b08b9655d9d4fbbce5796c0b
cups-devel-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 76deb11ec738176f411035f7932f5aa1
cups-libs-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-libs-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: fb8cdf72bb5b9abc80e0ce24a70e7bc4
cups-lpd-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 6fd0ae0089f0f357dfa499d69f235c87
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
cups-1.3.7-11.el5_4.6.src.rpm
File outdated by:  RHSA-2013:0580
    MD5: 0129859232589db56a4e8fab9f5c9c8c
 
IA-32:
cups-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 3daf39647bf6a979d4cba886736b8d7e
cups-libs-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-lpd-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: 2ed85ac92cd25af4e2f15c4df268d85d
 
x86_64:
cups-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: d73c18f2d47683555f4d8c6012ca4bee
cups-libs-1.3.7-11.el5_4.6.i386.rpm
File outdated by:  RHSA-2013:0580
    MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-libs-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: fb8cdf72bb5b9abc80e0ce24a70e7bc4
cups-lpd-1.3.7-11.el5_4.6.x86_64.rpm
File outdated by:  RHSA-2013:0580
    MD5: 6fd0ae0089f0f357dfa499d69f235c87
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
cups-1.3.7-11.el5_4.6.src.rpm
File outdated by:  RHSA-2013:0580
    MD5: 0129859232589db56a4e8fab9f5c9c8c
 
IA-32:
cups-1.3.7-11.el5_4.6.i386.rpm     MD5: 3daf39647bf6a979d4cba886736b8d7e
cups-devel-1.3.7-11.el5_4.6.i386.rpm     MD5: 08204f44b08b9655d9d4fbbce5796c0b
cups-libs-1.3.7-11.el5_4.6.i386.rpm     MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-lpd-1.3.7-11.el5_4.6.i386.rpm     MD5: 2ed85ac92cd25af4e2f15c4df268d85d
 
IA-64:
cups-1.3.7-11.el5_4.6.ia64.rpm     MD5: 961cb069c10e2b3ed5652ad27f59b594
cups-devel-1.3.7-11.el5_4.6.ia64.rpm     MD5: 133e97b4903db43b77c288abdd629f7e
cups-libs-1.3.7-11.el5_4.6.i386.rpm     MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-libs-1.3.7-11.el5_4.6.ia64.rpm     MD5: 87f1dfbc0275561246c81df83d10ab7f
cups-lpd-1.3.7-11.el5_4.6.ia64.rpm     MD5: f290b1585b63f2dba1e1c6efd077fc9e
 
PPC:
cups-1.3.7-11.el5_4.6.ppc.rpm     MD5: 95b77684099d387eceb45e9c0a0fbe05
cups-devel-1.3.7-11.el5_4.6.ppc.rpm     MD5: 2eb689b822cd440a90a2ae42eb43de7f
cups-devel-1.3.7-11.el5_4.6.ppc64.rpm     MD5: c9249aa562f8a9fb30793838a5576249
cups-libs-1.3.7-11.el5_4.6.ppc.rpm     MD5: 3f81de106402ad2a965ea21609b11916
cups-libs-1.3.7-11.el5_4.6.ppc64.rpm     MD5: 86a297c445996e6a9612f707182853a3
cups-lpd-1.3.7-11.el5_4.6.ppc.rpm     MD5: 57ffcbc1ef52dddfe83960c4a2cfe58a
 
s390x:
cups-1.3.7-11.el5_4.6.s390x.rpm     MD5: cd47fa0ff6c0ee9b86d49877f6452d49
cups-devel-1.3.7-11.el5_4.6.s390.rpm     MD5: 0f6ad8315d7d4879e9d449981d57d062
cups-devel-1.3.7-11.el5_4.6.s390x.rpm     MD5: 1aedca08440ba12082b1b944454f93ab
cups-libs-1.3.7-11.el5_4.6.s390.rpm     MD5: fdf2d5cfb53ee91d6ea0afb39c60ee1f
cups-libs-1.3.7-11.el5_4.6.s390x.rpm     MD5: 1278c5d0c1515cf080c69685e8ae0979
cups-lpd-1.3.7-11.el5_4.6.s390x.rpm     MD5: 8e91dcda30197e453a5b04ff7c3fe3ab
 
x86_64:
cups-1.3.7-11.el5_4.6.x86_64.rpm     MD5: d73c18f2d47683555f4d8c6012ca4bee
cups-devel-1.3.7-11.el5_4.6.i386.rpm     MD5: 08204f44b08b9655d9d4fbbce5796c0b
cups-devel-1.3.7-11.el5_4.6.x86_64.rpm     MD5: 76deb11ec738176f411035f7932f5aa1
cups-libs-1.3.7-11.el5_4.6.i386.rpm     MD5: ac117d26ef23b7e61e7af32e93f1a573
cups-libs-1.3.7-11.el5_4.6.x86_64.rpm     MD5: fb8cdf72bb5b9abc80e0ce24a70e7bc4
cups-lpd-1.3.7-11.el5_4.6.x86_64.rpm     MD5: 6fd0ae0089f0f357dfa499d69f235c87
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

557775 - CVE-2010-0302 cups Incomplete fix for CVE-2009-3553


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/