Red Hat Product Errata RHSA-2009:1083 - Security Advisory
Issued:
2009-06-03
Updated:
2009-06-03

RHSA-2009:1083 - Security Advisory

Synopsis

Important: cups security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated cups packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The Internet Printing Protocol (IPP) allows
users to print and manage printing-related tasks over a network. The CUPS
"pdftops" filter converts Portable Document Format (PDF) files to
PostScript. "pdftops" is based on Xpdf and the CUPS imaging library.

A NULL pointer dereference flaw was found in the CUPS IPP routine, used for
processing incoming IPP requests for the CUPS scheduler. An attacker could
use this flaw to send specially-crafted IPP requests that would crash the
cupsd daemon. (CVE-2009-0949)

A use-after-free flaw was found in the CUPS scheduler directory services
routine, used to process data about available printers and printer classes.
An attacker could use this flaw to cause a denial of service (cupsd daemon
stop or crash). (CVE-2009-1196)

Multiple integer overflows flaws, leading to heap-based buffer overflows,
were found in the CUPS "pdftops" filter. An attacker could create a
malicious PDF file that would cause "pdftops" to crash or, potentially,
execute arbitrary code as the "lp" user if the file was printed.
(CVE-2009-0791)

Red Hat would like to thank Anibal Sacco from Core Security Technologies
for reporting the CVE-2009-0949 flaw, and Swen van Brussel for reporting
the CVE-2009-1196 flaw.

Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc

Fixes

  • BZ - 491840 - CVE-2009-0791 cups: Multiple integer overflows in the CUPS "pdftops" filter
  • BZ - 497135 - CVE-2009-1196 cups: DoS (stop, crash) by renewing CUPS browse packets
  • BZ - 500972 - CVE-2009-0949 cups: IPP_TAG_UNSUPPORTED handling NULL pointer dereference DoS

Red Hat Enterprise Linux Server 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Workstation 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Desktop 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
s390x
cups-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 331738ad924369f166e9f47cf5c5cd053b13e82a08284a69419b2b3c9e7d6ef6
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 08729ce9673309dde391271b3dc75b6d0b3e94ed6dc8777ffcab34e577408f04
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 8ad16dec47754428575d5b1c4d70b9a064afad66d9af64b12dd4a263276b4f89
s390
cups-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 53a8f49629c7c9972f062fe896411d89f158cc119cc68b9fb2d3e499b844d7e5
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 10caa06ab615068c43df4bf4671c7d80ad6444871dc199da9e3acae6dc5fe3ba
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
s390x
cups-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 331738ad924369f166e9f47cf5c5cd053b13e82a08284a69419b2b3c9e7d6ef6
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 08729ce9673309dde391271b3dc75b6d0b3e94ed6dc8777ffcab34e577408f04
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm SHA-256: 8ad16dec47754428575d5b1c4d70b9a064afad66d9af64b12dd4a263276b4f89
s390
cups-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 53a8f49629c7c9972f062fe896411d89f158cc119cc68b9fb2d3e499b844d7e5
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 10caa06ab615068c43df4bf4671c7d80ad6444871dc199da9e3acae6dc5fe3ba
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e

Red Hat Enterprise Linux for Power, big endian 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
ppc
cups-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: 3bf95dafb7c54b9b30076e830872d06f27074cc4c8f65822928a0ed59f0576d9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: 591cfee0984e27ab63d6257e165d31a0fe08a18e48b03150c7af850faf14538d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: e8884f2849236266c4b67f87937a51d684308cd58e93986fe49169e88c54f49b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc64.rpm SHA-256: 9c595c61191dff64bc6cabf5cd996032beaa8125300b43a290f107f41d9d3c56

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
ppc
cups-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: 3bf95dafb7c54b9b30076e830872d06f27074cc4c8f65822928a0ed59f0576d9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: 591cfee0984e27ab63d6257e165d31a0fe08a18e48b03150c7af850faf14538d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm SHA-256: e8884f2849236266c4b67f87937a51d684308cd58e93986fe49169e88c54f49b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc64.rpm SHA-256: 9c595c61191dff64bc6cabf5cd996032beaa8125300b43a290f107f41d9d3c56

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.