SUSE update for cups - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

SUSE update for cups

Secunia Advisory:	SA29251
Release Date:	2008-03-06

Critical:	Moderately critical
Impact:	DoS System access
Where:	From local network
Solution Status:	Vendor Patch

OS:	openSUSE 10.2 openSUSE 10.3 SUSE Linux 10.1 SUSE Linux Enterprise Server 10 SuSE Linux Enterprise Server 8 SUSE Linux Enterprise Server 9

Software:	Novell Open Enterprise Server 1.x

CVE reference:	CVE-2008-0596 (Secunia mirror) CVE-2008-0597 (Secunia mirror) CVE-2008-0882 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: SUSE has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Two vulnerabilities are caused due to a memory leak and a double free error when adding or removing remote shared printers via IPP. This can be exploited to crash the CUPS daemon by e.g. exhausting all available memory or causing memory to be freed twice by sending specially crafted IPP packets to a vulnerable service. For more information about the third vulnerability: SA28994 Solution: Apply updated packages and restart cups. x86 Platform: openSUSE 10.3: http://download.opensuse.org/pub/open....3/rpm/i586/cups-1.2.12-22.9.i586.rpm 58a5a276cce67effbd6fbe8154bbfb61 http://download.opensuse.org/pub/open...i586/cups-client-1.2.12-22.9.i586.rpm 6d40b6ce8b5fd0a72cd25d8f6fbf8859 http://download.opensuse.org/pub/open.../i586/cups-devel-1.2.12-22.9.i586.rpm 9b3055b00b3ca8ff417b72a981b9e301 http://download.opensuse.org/pub/open...m/i586/cups-libs-1.2.12-22.9.i586.rpm 8f8e73fe3aece7a53f4f51bfce87d921 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-1.2.7-12.11.i586.rpm ce2f6be0cf30e3b71b646e62a029cb79 ftp://ftp.suse.com/pub/suse/update/10...i586/cups-client-1.2.7-12.11.i586.rpm 0a23fa9760a2a88cd1e8451b8d5b48a6 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-devel-1.2.7-12.11.i586.rpm b87ce06a93ee2ef1062153b2a8689749 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-libs-1.2.7-12.11.i586.rpm 7fc972995c533e45ce7577545576e1b9 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-1.1.23-40.38.i586.rpm 4ef1069e44543a4e07048b21128c19a3 ftp://ftp.suse.com/pub/suse/update/10...586/cups-client-1.1.23-40.38.i586.rpm a0ed40efdfa03596535ff90d990409cb ftp://ftp.suse.com/pub/suse/update/10...i586/cups-devel-1.1.23-40.38.i586.rpm f205135dea30ff1079e342e86ac0c240 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-libs-1.1.23-40.38.i586.rpm 3e82329efd71ea8987c6f5ad06f1dcc3 Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/open...10.3/rpm/ppc/cups-1.2.12-22.9.ppc.rpm 1de1c175ed2609c7b6fb17adf619a3bd http://download.opensuse.org/pub/open...m/ppc/cups-client-1.2.12-22.9.ppc.rpm e9b59c6c02679bf8ef010fdc9133211e http://download.opensuse.org/pub/open...pm/ppc/cups-devel-1.2.12-22.9.ppc.rpm c82e8802db9f891d8d0b8ee4ca6f1b0c http://download.opensuse.org/pub/open...rpm/ppc/cups-libs-1.2.12-22.9.ppc.rpm 46fd5eddc31037acd8a26bcb11d351d4 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-1.2.7-12.11.ppc.rpm 3d688a3ec198f3c9a31951caf95ddbb6 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-client-1.2.7-12.11.ppc.rpm e50f0eca33d3666c938648fafd472e1b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-devel-1.2.7-12.11.ppc.rpm cffbbe682c5970e95a42af1c2a5321d5 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-libs-1.2.7-12.11.ppc.rpm aef41b836d4b0f71daa623ae0fead618 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-1.1.23-40.38.ppc.rpm 9878a85c10c4c1299a6f6e8d7887d701 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-client-1.1.23-40.38.ppc.rpm 074944cc0244f49ea5ca0c39866e5e85 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-devel-1.1.23-40.38.ppc.rpm aed89c7c4d0832c7df289cf28b73cfe9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-libs-1.1.23-40.38.ppc.rpm 6fb7c82e682182e4e584ede96c87f2de x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/open...pm/x86_64/cups-1.2.12-22.9.x86_64.rpm fd8d905a8129fdcf79f17b6c35a1e99c http://download.opensuse.org/pub/open...64/cups-client-1.2.12-22.9.x86_64.rpm eb74b82bc67cd0bf048ac75d56e86c54 http://download.opensuse.org/pub/open..._64/cups-devel-1.2.12-22.9.x86_64.rpm 30a69685925386b6fd6a287463f5c596 http://download.opensuse.org/pub/open...6_64/cups-libs-1.2.12-22.9.x86_64.rpm c47e7346ffa3054b9e79b06f4a68f4da http://download.opensuse.org/pub/open...ups-libs-32bit-1.2.12-22.9.x86_64.rpm 15784eb2174e331113e3fd7f313fcf38 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-1.2.7-12.11.x86_64.rpm 3ed2e2dbb567a458071bf2f15e36fcab ftp://ftp.suse.com/pub/suse/update/10...64/cups-client-1.2.7-12.11.x86_64.rpm 746c10e52f6e34b004906dcb705b4d3f ftp://ftp.suse.com/pub/suse/update/10..._64/cups-devel-1.2.7-12.11.x86_64.rpm becb337fcdc4e04325d8abe940056751 ftp://ftp.suse.com/pub/suse/update/10...6_64/cups-libs-1.2.7-12.11.x86_64.rpm 2eeec7af8a643fa95bdf38f9e00b67fa ftp://ftp.suse.com/pub/suse/update/10...ups-libs-32bit-1.2.7-12.11.x86_64.rpm 1f7552edbbc1c7d06c7c68924f3bce8d SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-1.1.23-40.38.x86_64.rpm e987389ac8c86b42e35c8ec7937b837d ftp://ftp.suse.com/pub/suse/update/10...4/cups-client-1.1.23-40.38.x86_64.rpm a8daa44c9179ab1fd4fbeee199861658 ftp://ftp.suse.com/pub/suse/update/10...64/cups-devel-1.1.23-40.38.x86_64.rpm ce844e64c5340593a9da6828afe279b9 ftp://ftp.suse.com/pub/suse/update/10..._64/cups-libs-1.1.23-40.38.x86_64.rpm e5548c55b068f015d7e18f5e02e7ce2e ftp://ftp.suse.com/pub/suse/update/10...ps-libs-32bit-1.1.23-40.38.x86_64.rpm 5d2a7df4d6c7c38f2fd0be0860fcee70 Sources: openSUSE 10.3: http://download.opensuse.org/pub/open...10.3/rpm/src/cups-1.2.12-22.9.src.rpm c8beb8c8be3b611388b81bd3e7c3d9b0 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/cups-1.2.7-12.11.src.rpm 6a7c78bf03906366efc3c7b996db0382 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/cups-1.1.23-40.38.src.rpm 6fadf975197cd21eb83174d32ee192c7 Open Enterprise Server http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.html Original Advisory: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html Other References: SA28994: http://secunia.com/advisories/28994/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

403 Related Secunia Security Advisories, displaying 10

1. SUSE Update for Multiple Packages

2. SUSE update for MozillaFirefox

3. SUSE update for bind

4. SUSE update for MozillaFirefox

5. SUSE update for kernel

6. SUSE Update for Multiple Packages

7. SUSE update for kernel

8. SUSE update for kernel

9. SUSE update for kernel

10. SUSE Update for Multiple Packages

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	OpenBSD BIND Query Port DNS Cache Poisoning

2.	Red Hat update for kernel

3.	Drupal Session Fixation Vulnerability

4.	Debian update for clamav

5.	Linux Kernel LDT Buffer Size Handling Vulnerability

6.	IPCop update for perl

7.	Debian update for xulrunner

8.	Ubuntu update for php

9.	Apple Safari Cross-Domain Cookie Injection Vulnerability

10.	Red Hat update for thunderbird