Launchpad has imported 9 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=473901.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2008-12-01T13:03:13+00:00 Jan wrote: Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5183 to the following vulnerability: cupsd in CUPS before 1.3.8 allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5183 http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241 http://www.openwall.com/lists/oss-security/2008/11/19/3 http://www.openwall.com/lists/oss-security/2008/11/19/4 Patch: See attachment -- cups-1.3-max-subscriptions.patch Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/6 ------------------------------------------------------------------------ On 2008-12-03T13:03:29+00:00 Fedora wrote: cups-1.3.9-4.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/cups-1.3.9-4.fc10 Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/8 ------------------------------------------------------------------------ On 2008-12-03T13:05:29+00:00 Fedora wrote: cups-1.3.9-2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/cups-1.3.9-2.fc9 Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/9 ------------------------------------------------------------------------ On 2008-12-03T13:19:04+00:00 Fedora wrote: cups-1.3.9-2.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/cups-1.3.9-2.fc8 Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/10 ------------------------------------------------------------------------ On 2008-12-09T11:33:00+00:00 Fedora wrote: cups-1.3.9-4.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/12 ------------------------------------------------------------------------ On 2008-12-09T11:35:46+00:00 Fedora wrote: cups-1.3.9-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/13 ------------------------------------------------------------------------ On 2008-12-09T11:38:24+00:00 Fedora wrote: cups-1.3.9-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/14 ------------------------------------------------------------------------ On 2010-03-29T08:40:07+00:00 Tomas wrote: https://www.redhat.com/security/data/cve/CVE-2008-5183.html Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/19 ------------------------------------------------------------------------ On 2010-12-24T02:14:14+00:00 Vincent wrote: This was addressed via: Red Hat Enterprise Linux version 5 (RHSA-2008:1029) Reply at: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/comments/20 ** Changed in: cups (Fedora) Status: Confirmed => Fix Released ** Changed in: cups (Fedora) Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/298241 Title: Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
