Описание
ELSA-2008-0157: Important: cups security update (IMPORTANT)
[1.2.4-11.14:.4]
- Prevent double-free when a browsed class has the same name as a printer or vice versa (bug #433766, STR #2656).
[1.2.4-11.14:.3]
- pdftops: Fix invalid dereference from bad Info object (found during testing of bug #356571).
[1.2.4-11.14:.2]
- Applied patch to fix CVE-2007-4045 (bug #356571).
- Applied patch to fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 (bug #356571).
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
cups
1.2.4-11.14.el5_1.4
cups-devel
1.2.4-11.14.el5_1.4
cups-libs
1.2.4-11.14.el5_1.4
cups-lpd
1.2.4-11.14.el5_1.4
Oracle Linux i386
cups
1.2.4-11.14.el5_1.4
cups-devel
1.2.4-11.14.el5_1.4
cups-libs
1.2.4-11.14.el5_1.4
cups-lpd
1.2.4-11.14.el5_1.4
Связанные CVE
Связанные уязвимости
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.
Double free vulnerability in the process_browse_data function in CUPS ...
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.