Описание
ELSA-2010-0129: cups security update (MODERATE)
[1:1.3.7-11:.6]
- Applied patch for CVE-2010-0302 (incomplete fix for CVE-2009-3553, bug #557775).
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
cups
1.3.7-11.el5_4.6
cups-devel
1.3.7-11.el5_4.6
cups-libs
1.3.7-11.el5_4.6
cups-lpd
1.3.7-11.el5_4.6
Oracle Linux x86_64
cups
1.3.7-11.el5_4.6
cups-devel
1.3.7-11.el5_4.6
cups-libs
1.3.7-11.el5_4.6
cups-lpd
1.3.7-11.el5_4.6
Oracle Linux i386
cups
1.3.7-11.el5_4.6
cups-devel
1.3.7-11.el5_4.6
cups-libs
1.3.7-11.el5_4.6
cups-lpd
1.3.7-11.el5_4.6
Связанные CVE
Связанные уязвимости
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
Use-after-free vulnerability in the abstract file-descriptor handling ...
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.