Red Hat Product Errata RHSA-2009:1083 - Security Advisory

Issued:: 2009-06-03
Updated:: 2009-06-03

RHSA-2009:1083 - Security Advisory

Overview
Updated Packages

Synopsis

Important: cups security update

Type/Severity

Security Advisory: Important

Topic

Updated cups packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The Internet Printing Protocol (IPP) allows
users to print and manage printing-related tasks over a network. The CUPS
"pdftops" filter converts Portable Document Format (PDF) files to
PostScript. "pdftops" is based on Xpdf and the CUPS imaging library.

A NULL pointer dereference flaw was found in the CUPS IPP routine, used for
processing incoming IPP requests for the CUPS scheduler. An attacker could
use this flaw to send specially-crafted IPP requests that would crash the
cupsd daemon. (CVE-2009-0949)

A use-after-free flaw was found in the CUPS scheduler directory services
routine, used to process data about available printers and printer classes.
An attacker could use this flaw to cause a denial of service (cupsd daemon
stop or crash). (CVE-2009-1196)

Multiple integer overflows flaws, leading to heap-based buffer overflows,
were found in the CUPS "pdftops" filter. An attacker could create a
malicious PDF file that would cause "pdftops" to crash or, potentially,
execute arbitrary code as the "lp" user if the file was printed.
(CVE-2009-0791)

Red Hat would like to thank Anibal Sacco from Core Security Technologies
for reporting the CVE-2009-0949 flaw, and Swen van Brussel for reporting
the CVE-2009-1196 flaw.

Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server 3 x86_64
Red Hat Enterprise Linux Server 3 ia64
Red Hat Enterprise Linux Server 3 i386
Red Hat Enterprise Linux Server - Extended Update Support 4.8 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Workstation 3 x86_64
Red Hat Enterprise Linux Workstation 3 ia64
Red Hat Enterprise Linux Workstation 3 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux Desktop 3 x86_64
Red Hat Enterprise Linux Desktop 3 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems 3 s390x
Red Hat Enterprise Linux for IBM z Systems 3 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian 3 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc

Fixes

BZ - 491840 - CVE-2009-0791 cups: Multiple integer overflows in the CUPS "pdftops" filter
BZ - 497135 - CVE-2009-1196 cups: DoS (stop, crash) by renewing CUPS browse packets
BZ - 500972 - CVE-2009-0949 cups: IPP_TAG_UNSUPPORTED handling NULL pointer dereference DoS

CVEs

References

http://www.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Server - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Workstation 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
ia64
cups-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 07d22d1a77c8316d028a45140018dbcf4b8f4926827286d57ce3db4641c5fb42
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: 0017e487e26ac6439b0f4c6ba5011ab5b35657619c7dfbbd2f8776ea7533220b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ia64.rpm	SHA-256: dfe7255a0456f1d3081e37d63695358ac2f8fc5b7e1ad0d76504c0121c7770a6
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux Desktop 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b1ced7675419d2c549864c7dcb6cc237589493b6e125e1dd0fc24e42085782e7
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: b3336517bfae972cd9a7648055fb635757daf0b48c58e98f619e406bca1f4396
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.x86_64.rpm	SHA-256: 1c75d838b5ab6f495b92a7f494dc8c87cde543dfcac1c11c9542519b7d2c3d36
i386
cups-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 5201e4ec209cd1be33d9ad7695f409773a24e1e5ecc58fbc7b08462a7281fa71
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 436f467b69fe65e60af8f850e8ddce04fabe9134418eaa738e300b9992f3eee9
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.i386.rpm	SHA-256: 568915df2d693f0741359209567bf0d214c685025199e1a24a510de20074ea6d

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
s390x
cups-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 331738ad924369f166e9f47cf5c5cd053b13e82a08284a69419b2b3c9e7d6ef6
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 08729ce9673309dde391271b3dc75b6d0b3e94ed6dc8777ffcab34e577408f04
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 8ad16dec47754428575d5b1c4d70b9a064afad66d9af64b12dd4a263276b4f89
s390
cups-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 53a8f49629c7c9972f062fe896411d89f158cc119cc68b9fb2d3e499b844d7e5
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 10caa06ab615068c43df4bf4671c7d80ad6444871dc199da9e3acae6dc5fe3ba
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
s390x
cups-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 331738ad924369f166e9f47cf5c5cd053b13e82a08284a69419b2b3c9e7d6ef6
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 08729ce9673309dde391271b3dc75b6d0b3e94ed6dc8777ffcab34e577408f04
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390x.rpm	SHA-256: 8ad16dec47754428575d5b1c4d70b9a064afad66d9af64b12dd4a263276b4f89
s390
cups-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 53a8f49629c7c9972f062fe896411d89f158cc119cc68b9fb2d3e499b844d7e5
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 10caa06ab615068c43df4bf4671c7d80ad6444871dc199da9e3acae6dc5fe3ba
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.s390.rpm	SHA-256: 624c2c8431ddfb142667ffdfc93c47a8fbc3eacae04016172c91fb7346eace4e

Red Hat Enterprise Linux for Power, big endian 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
ppc
cups-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: 3bf95dafb7c54b9b30076e830872d06f27074cc4c8f65822928a0ed59f0576d9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: 591cfee0984e27ab63d6257e165d31a0fe08a18e48b03150c7af850faf14538d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: e8884f2849236266c4b67f87937a51d684308cd58e93986fe49169e88c54f49b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc64.rpm	SHA-256: 9c595c61191dff64bc6cabf5cd996032beaa8125300b43a290f107f41d9d3c56

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.3.src.rpm	SHA-256: 7c499982964c937ac318d928b0b8ad2ffd94646c1495a7e4720f82a820562ec3
ppc
cups-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: 3bf95dafb7c54b9b30076e830872d06f27074cc4c8f65822928a0ed59f0576d9
cups-devel-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: 591cfee0984e27ab63d6257e165d31a0fe08a18e48b03150c7af850faf14538d
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc.rpm	SHA-256: e8884f2849236266c4b67f87937a51d684308cd58e93986fe49169e88c54f49b
cups-libs-1.1.22-0.rc1.9.32.el4_8.3.ppc64.rpm	SHA-256: 9c595c61191dff64bc6cabf5cd996032beaa8125300b43a290f107f41d9d3c56

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories