-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-3100 2007-11-09 23:51:45.074621 --------------------------------------------------------------------------------
Name : cups Product : Fedora 7 Version : 1.2.12 Release : 7.fc7 URL : http://www.cups.org/ Summary : Common Unix Printing System Description : The Common UNIX Printing System provides a portable printing layer for UNIX® operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. -------------------------------------------------------------------------------- Update Information: This update fixes several PDF handling security issues. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 7 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-7 - Applied patch to fix CVE-2007-4045 (bug #250161). - Applied patch to fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 (bug #345101). * Thu Nov 1 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-6 - Applied patch to fix CVE-2007-4351 (STR #2561, bug #361661). * Wed Oct 10 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-5 - Use ppdev for parallel port Device ID retrieval (bug #311671). * Thu Aug 9 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-4 - Applied patch to fix CVE-2007-3387 (bug #251518). * Tue Jul 31 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-3 - Better buildroot tag. - Moved LSPP access check and security attributes check in add_job() to before allocation of the job structure (bug #231522). * Mon Jul 23 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-2 - Use kernel support for USB paper-out detection, when available (bug #249213). * Fri Jul 13 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.12-1 - 1.2.12. No longer need adminutil or str2408 patches. * Wed Jul 4 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.11-3 - Better paper-out detection patch still (bug #246222). * Fri Jun 29 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.11-2 - Applied patch to fix group handling in PPDs (bug #186231, STR #2408). * Wed Jun 27 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.11-1 - Fixed permissions on classes.conf in the file manifest (bug #245748). - 1.2.11. * Tue Jun 12 2007 Tim Waugh <[EMAIL PROTECTED]> - Make the initscript use start priority 56 (bug #213828). * Mon Jun 11 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.10-12 - Better paper-out detection patch (bug #241589). * Mon May 21 2007 Tim Waugh <[EMAIL PROTECTED]> 1:1.2.10-11 - Fixed _cupsAdminSetServerSettings() sharing/shared handling (bug #238057). -------------------------------------------------------------------------------- References: [ 1 ] Bug #345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit() https://bugzilla.redhat.com/show_bug.cgi?id=345101 [ 2 ] Bug #250161 - CVE-2007-4045 Incomplete fix for CVE-2007-0720 CUPS denial of service https://bugzilla.redhat.com/show_bug.cgi?id=250161 [ 3 ] CVE-2007-4045 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045 [ 4 ] CVE-2007-4352 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 [ 5 ] CVE-2007-5392 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 [ 6 ] CVE-2007-5393 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 -------------------------------------------------------------------------------- Updated packages: e0b6ddf1f64bc55861a4c7e7d8750d3ae4022a22 cups-debuginfo-1.2.12-7.fc7.ppc64.rpm d5933da4154a0ef82a7976bcf43bea3626926a08 cups-lpd-1.2.12-7.fc7.ppc64.rpm 5e7ae92bcbe2943f4597ec871bf244be170f1840 cups-libs-1.2.12-7.fc7.ppc64.rpm 4943c7f5c8d433a92f32e7cbc82325802f041e5b cups-1.2.12-7.fc7.ppc64.rpm 46a30896d2a82320a6f9166bd4f670367d2a761d cups-devel-1.2.12-7.fc7.ppc64.rpm 71df8ed89025b65ddbf9af50c8419b9abd32664f cups-1.2.12-7.fc7.i386.rpm f27677c3460e9fe5b558d8bab7f5ef72001c9e14 cups-libs-1.2.12-7.fc7.i386.rpm 0d44cd1e566fea486726710d48b1745d5155cae4 cups-debuginfo-1.2.12-7.fc7.i386.rpm b911ee6c056ebca7be080d80930e25f6c89a7fda cups-devel-1.2.12-7.fc7.i386.rpm 991b6e3206a689f17ce03136e4ca933f9dafc3e0 cups-lpd-1.2.12-7.fc7.i386.rpm f0c3ef122f5b396501bf9abac5b913fd7526a34a cups-1.2.12-7.fc7.x86_64.rpm 0864d55d0eab42d4fc0a881e820a3da37b62be33 cups-lpd-1.2.12-7.fc7.x86_64.rpm d848e4eeb9ee488e8219a26708750637015652b9 cups-devel-1.2.12-7.fc7.x86_64.rpm 504469b9dc56a42241b9aa5f07f3bfc1f7387ba4 cups-debuginfo-1.2.12-7.fc7.x86_64.rpm 0e03a675de4adb8ba4cf57b6e505c3addb7284c6 cups-libs-1.2.12-7.fc7.x86_64.rpm 1ec1eea5b5ab2b65411eab28437ded3626e59e52 cups-debuginfo-1.2.12-7.fc7.ppc.rpm 381bf8abcc9af034f3a93ba55d9954f3e4953b9c cups-libs-1.2.12-7.fc7.ppc.rpm 989139479ede1327c6dc9523169c7ee443b51da2 cups-1.2.12-7.fc7.ppc.rpm 2388a46fe015fa67918ef9af6fbd749da91e6546 cups-devel-1.2.12-7.fc7.ppc.rpm f08c7c3783948b16ffad6d115a97953280b33211 cups-lpd-1.2.12-7.fc7.ppc.rpm c0cbea01f2ed07f50f9176b7b04b5a37f3b4af9a cups-1.2.12-7.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update cups' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-announce
