-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2005-88
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 05 Spe 2005
Last revised: 05 Sep 2005
Package: cups
Summary: cups crash
More information:
The Common UNIX Printing System provides a portable printing layer for
UNIX operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.
A vulnerability in the manner in which cpus handles PDF file.
Impact:
The cups allows attackers to cause a denial of service (crash) via a malformed PDF file.
Affected Products:
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 8 Server
- Turbolinux 8 Workstation
Solution:
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F...,
Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal]
# turbopkg
or
# zabom -u cups cups-devel cups-libs
[other]
# turbopkg
or
# zabom update cups cups-devel cups-libs
---------------------------------------------
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages
Size: MD5
cups-1.1.19-26.src.rpm
4199160 5e26331d3cf4ce25c0f8676af5eeba31
Binary Packages
Size: MD5
cups-1.1.19-26.i586.rpm
2496646 8012af93900e94ac58d1c35909732b1d
cups-libs-1.1.19-26.i586.rpm
93070 03a04c12851e3fa8574546ad6300dc8f
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages
Size: MD5
cups-1.1.19-26.src.rpm
4199160 42041815cca05de7652feafbda5972ba
Binary Packages
Size: MD5
cups-1.1.19-26.i586.rpm
2496942 2a84c48f7cc8aa5807a0443c6ef4b54c
cups-devel-1.1.19-26.i586.rpm
115576 96070b4df75cb0b7d5a0a38381a3e63b
cups-libs-1.1.19-26.i586.rpm
93240 2024aa8cf54698f5bc57ef4b18f41bea
<Turbolinux 10 Server>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/cups-1.1.20-9.src.rpm
4210568 4a1b802a6f59cbeaa67eeabdc11f4e30
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-1.1.20-9.i586.rpm
2510796 f2a7cbbd52a216234842873bc5d55808
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-devel-1.1.20-9.i586.rpm
126557 3cf4b0b72ae100ebd41d932da3922968
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-libs-1.1.20-9.i586.rpm
87352 5d83e2b3ada8534be261f199968272ab
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/cups-1.1.19-26.src.rpm
4199160 a6f9b5ef7a9579e8521a5efccbe1bb08
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-1.1.19-26.i586.rpm
2514491 5de31e7b77a7a135c028cf1b7c8c9b75
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-devel-1.1.19-26.i586.rpm
117734 de1c10bf5a9e6eaea121fbaa373fcc7f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-libs-1.1.19-26.i586.rpm
87462 e8a0140dffedf7a7651d85cc3935eaf7
<Turbolinux 8 Server>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/cups-1.1.19-26.src.rpm
4199160 52d57cf95aef7293f8c118dbda5c156c
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-1.1.19-26.i586.rpm
2497590 e715d9336c051a5128ee25b248212647
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-devel-1.1.19-26.i586.rpm
115651 5788bbf47f746cc128c2f5f6d729029c
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-libs-1.1.19-26.i586.rpm
93300 81eae32a6144d38b11fdb8e37d011fbe
<Turbolinux 8 Workstation>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/cups-1.1.19-26.src.rpm
4199160 4bfed9fd80d23456504ab0bc03353122
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-1.1.19-26.i586.rpm
2497016 7dd968ca808db9b92a47d06bc698b050
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-devel-1.1.19-26.i586.rpm
115663 3965c9fea8b76f48db3411ec11b96358
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-libs-1.1.19-26.i586.rpm
93277 efb01fb172587d86b32b1fee5d6e484d
References:
CVE
[
CAN-2005-2097]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
CAN-2005-2097
--------------------------------------------------------------------------
Revision History
05 Sep 2005 Initial release
--------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDHB9dK0LzjOqIJMwRAgbUAJ9+oeEdO6kjkPruQWME77/H5NiWdgCcD0wl
HC09mM++/iKfflgjztPbOoQ=
=wbMX
-----END PGP SIGNATURE-----