Issued:
2008-12-15
Updated:
2008-12-15

RHSA-2008:1029 - Security Advisory

Synopsis

Moderate: cups security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated cups packages that fix a security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The Common UNIX(r) Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.

A null pointer dereference flaw was found in the way CUPS handled
subscriptions for printing job completion notifications. A local user could
use this flaw to crash the CUPS daemon by submitting a large number of
printing jobs requiring mail notification on completion, leading to a
denial of service. (CVE-2008-5183)

Users of cups should upgrade to these updated packages, which contain a
backported patch to correct this issue.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.2 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.2 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 473901 - CVE-2008-5183 cups: DoS (daemon crash) caused by the large number of subscriptions

Red Hat Enterprise Linux Server 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
x86_64
cups-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 5f6ec87afe3fec5a1e51cfb7b5512f11db46481e491e52adc424d4d430a55b6b
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-devel-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 1d7089c0d2e3fbd7d8ae0d2e247ee33db051f6a7dbb75e2a3303e20a19b60e40
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: c40d0c23fec445a12958e6e1d185c59eba9dd90c00c6dc7aa87b83dfdf8c2ad4
cups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 2e59b32161df31143f7b365270d2a3586b40a069905c4ed4ea125920c57b76d6
ia64
cups-1.2.4-11.18.el5_2.3.ia64.rpm SHA-256: 14289ad90bea2bcd8a8272294804050eb0ae917a2d25bf6c34beec5d5f6a99a2
cups-devel-1.2.4-11.18.el5_2.3.ia64.rpm SHA-256: c0ed45e541b2fbdcbe65aac8b26ffb24ac849f54558643483139ee2b9f00a7fc
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-libs-1.2.4-11.18.el5_2.3.ia64.rpm SHA-256: 9c58e2b4a41b76e6e0d7b04f686ccef7da5bedd3bccad44ce1a4c1ef45375f46
cups-lpd-1.2.4-11.18.el5_2.3.ia64.rpm SHA-256: a76f48f8247f5e4bb0c9f1cac2af0687a4c18bd3b8cbc0003c5facb1815ec7f8
i386
cups-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: b33b6226754a4bf0b05c1f197abb44685976ec3b57b40f1d8a84d1d5d636e018
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-lpd-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: 78b642e44dceb0f3607eb0f2142844026a8e34e3b6858f7a2a0a0b8c652b5f1f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
x86_64
cups-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 5f6ec87afe3fec5a1e51cfb7b5512f11db46481e491e52adc424d4d430a55b6b
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-devel-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 1d7089c0d2e3fbd7d8ae0d2e247ee33db051f6a7dbb75e2a3303e20a19b60e40
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: c40d0c23fec445a12958e6e1d185c59eba9dd90c00c6dc7aa87b83dfdf8c2ad4
cups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 2e59b32161df31143f7b365270d2a3586b40a069905c4ed4ea125920c57b76d6
i386
cups-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: b33b6226754a4bf0b05c1f197abb44685976ec3b57b40f1d8a84d1d5d636e018
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-lpd-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: 78b642e44dceb0f3607eb0f2142844026a8e34e3b6858f7a2a0a0b8c652b5f1f

Red Hat Enterprise Linux Desktop 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
x86_64
cups-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 5f6ec87afe3fec5a1e51cfb7b5512f11db46481e491e52adc424d4d430a55b6b
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: c40d0c23fec445a12958e6e1d185c59eba9dd90c00c6dc7aa87b83dfdf8c2ad4
cups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 2e59b32161df31143f7b365270d2a3586b40a069905c4ed4ea125920c57b76d6
i386
cups-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: b33b6226754a4bf0b05c1f197abb44685976ec3b57b40f1d8a84d1d5d636e018
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-lpd-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: 78b642e44dceb0f3607eb0f2142844026a8e34e3b6858f7a2a0a0b8c652b5f1f

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
s390x
cups-1.2.4-11.18.el5_2.3.s390x.rpm SHA-256: 4c27442338d2a5b0cb16ef2156d3fb672a9bc34341a5871c697dc5731c8f00f7
cups-devel-1.2.4-11.18.el5_2.3.s390.rpm SHA-256: 897db28e72e7c232d596bb70b1226f8663b8dbd3d1633f17619dfed4529cf41d
cups-devel-1.2.4-11.18.el5_2.3.s390x.rpm SHA-256: 28466ffeedc323f5ccf0fd896346df12f5c18e66e64d96d0237cb4e359e0277a
cups-libs-1.2.4-11.18.el5_2.3.s390.rpm SHA-256: 8905b3eb6ab25ba1e7fafab9573c0d9c3ab70e5864df4c708fefea20f105897f
cups-libs-1.2.4-11.18.el5_2.3.s390x.rpm SHA-256: 8d41e0f083d08afce931c4955a47ac90b73af2028541c4c3e289917b0153f718
cups-lpd-1.2.4-11.18.el5_2.3.s390x.rpm SHA-256: 907cb34d7d0af5345ea23a595e019d4a97cfef717cacefbf96a427aa7e852c74

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.2

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
ppc
cups-1.2.4-11.18.el5_2.3.ppc.rpm SHA-256: 3f8f7a471d9f764dcb43ee13fbd75678f900b6c45cc5723b56c1401054e3b1b5
cups-devel-1.2.4-11.18.el5_2.3.ppc.rpm SHA-256: cbf81631c9ebf5dd73df44c7c781520f92feade64e161635488c9d59af5b40e5
cups-devel-1.2.4-11.18.el5_2.3.ppc64.rpm SHA-256: 1c9c63250916f16ffd30a5965550fa37c23c10ae3b8461f187af97fc95ffea3f
cups-libs-1.2.4-11.18.el5_2.3.ppc.rpm SHA-256: e6cc5c98b3be5f8350f1a734e57bab161f21e84e73805ff45cf33e26862cdc0c
cups-libs-1.2.4-11.18.el5_2.3.ppc64.rpm SHA-256: bec3b10d4ca56ccbf4c23038ea2de42eebf7271445b250033c567b6061dd5102
cups-lpd-1.2.4-11.18.el5_2.3.ppc.rpm SHA-256: 2fcfbaa8d9a12a780cf67827df9058d6067df70a62942542ddcdb9e016d6859d

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.2

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
cups-1.2.4-11.18.el5_2.3.src.rpm SHA-256: f9534dffde09c0a48573466d1792eccdccec64720ab80534a1977dd60b2165df
x86_64
cups-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 5f6ec87afe3fec5a1e51cfb7b5512f11db46481e491e52adc424d4d430a55b6b
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-devel-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 1d7089c0d2e3fbd7d8ae0d2e247ee33db051f6a7dbb75e2a3303e20a19b60e40
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: c40d0c23fec445a12958e6e1d185c59eba9dd90c00c6dc7aa87b83dfdf8c2ad4
cups-lpd-1.2.4-11.18.el5_2.3.x86_64.rpm SHA-256: 2e59b32161df31143f7b365270d2a3586b40a069905c4ed4ea125920c57b76d6
i386
cups-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: b33b6226754a4bf0b05c1f197abb44685976ec3b57b40f1d8a84d1d5d636e018
cups-devel-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: c31874ee684fca0b8be0022c17e580d4a6882eea7085a5848236ce1ffdd14a10
cups-libs-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: a598404b2b26e4386d73bd579765d4ba780a18738d7b35e2a7717b213e7c5691
cups-lpd-1.2.4-11.18.el5_2.3.i386.rpm SHA-256: 78b642e44dceb0f3607eb0f2142844026a8e34e3b6858f7a2a0a0b8c652b5f1f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.