LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Slackware alert SSA:2004-266-01 (cups)



From:
    	      Slackware Security Team <security@slackware.com>


To:
    	      slackware-security@slackware.com


Subject:
    	      [slackware-security]  CUPS DoS (SSA:2004-266-01)


Date:
    	      Wed, 22 Sep 2004 13:38:36 -0700 (PDT)




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  CUPS DoS (SSA:2004-266-01)

New CUPS packages are available for Slackware 9.1, 10.0, and -current to
fix a denial of service issue where a malformed packet can crash the
CUPS server.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558

Here are the details from the Slackware 10.0 ChangeLog:

+--------------------------+
patches/packages/cups-1.1.21-i486-1.tgz:  Upgraded to cups-1.1.21.
  This fixes a flaw where a remote attacker can crash the CUPS
  server causing a denial of service.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patch...

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patc...

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/s...


MD5 signatures:
+-------------+

Slackware 9.1 package:
b3f16be12546c626071281bc17e11739  cups-1.1.21-i486-1.tgz

Slackware 10.0 package:
6cca53545b2ea2d260a3ad4f55e22153  cups-1.1.21-i486-1.tgz

Slackware -current package:
01cc7de97fd7f6d51c3803b5c286dcff  cups-1.1.21-i486-1.tgz


Installation instructions:
+------------------------+

First, if the CUPS server (cupsd) is running, stop it:
. /etc/rc.d/rc.cups stop

Then upgrade using upgradepkg (as root):
upgradepkg cups-1.1.21-i486-1.tgz

Finally, restart cupsd (if needed):
. /etc/rc.d/rc.cups start


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBUeKnakRjwEAQIjMRAiE5AKCMKmhtlEO2jRQJefBbiIoYtN9TuQCgiqDX
jGqrQQQUjjxlPEKnPjFaULw=
=ezcQ
-----END PGP SIGNATURE-----
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds