[Full-disclosure] [SECURITY] [DSA 1407-1] New cupsys packages fix arbitrary code execution



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA 1407-1 security@xxxxxxxxxx
http://www.debian.org/security/ Moritz Muehlenhoff
November 18, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : cupsys
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-4351

Alin Rad Pop discovered that the Common UNIX Printing System is
vulnerable to an off-by-one buffer overflow in the code to process IPP
packets, which may lead to the execution of arbitrary code.

For the stable distribution (etch), this problem has been fixed in
version 1.2.7-4etch1. Updated packages for the arm architecure will be
provided later.

The cupsys version in the old stable distribution (sarge) is not
vulnerable to arbitrary code execution.

We recommend that you upgrade your cupsys packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz
Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1.diff.gz
Size/MD5 checksum: 102236 6a73afdc41561116f156326fd9d7fd0a
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1.dsc
Size/MD5 checksum: 1084 0331998422b6b0e7d8461050918762a0

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch1_all.deb
Size/MD5 checksum: 892958 b72f4306cdcc411968bc54491ac6696b
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch1_all.deb
Size/MD5 checksum: 45176 6ca4f99c22bf3e6eec0079e8a01a68ef

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 1096368 6523296d1d1613a7cfd36bd265c974f7
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 184368 c7e3133c196127974d6b71c67358c246
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 39260 b8d5365d556d5b64963e3b6178d68b22
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 86290 45dfb12be30b25e61cf8bf460e97911e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 174548 b1ee2a0d2bb0735d0b2bbf7c0e40476e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 94398 15b3f227f555b1941989759912973848
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 1608552 b80b721d60e124eb4c05f435030871ea
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_alpha.deb
Size/MD5 checksum: 72420 6737d2589f6a677163c4c87e635dd0fd

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 1085590 2be48ac8d50f01f7ecf2a5b114ec6d05
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 161610 4239e0f75c12f2210a3df46906dcd04c
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 85250 0ea980db61895312baaf357a226bf184
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 80708 cefeab800fbd1e48171372203d23f603
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 52852 af100770f7496a6e3ab8d03283c3c170
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 1574368 fbcc426835208cdf90a16c2d8d876ea5
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 36356 4ced6fa9d3fa0f490d42b706d6fbc2d7
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_amd64.deb
Size/MD5 checksum: 142542 cb294af1bf5f3a86e088cb0a4ba2b89e

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 85262 cea796443cbc5a4b297d4fdff69c60dd
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 154608 7d5653bf254a432d58e3ecd87235c686
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 90248 3ac94bf54aaaf6f125feae5fb373b4a7
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 1611698 1c118850dcdd0f59e950d9a6259b2bae
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 39264 93dd50135016228f41f32434672cb9de
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 171474 626f51ffccd4614f965ce72223810a88
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 1031688 d467fa526d60f87c1e400db486656ed6
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_hppa.deb
Size/MD5 checksum: 57030 db19780579849019066db485b6b39190

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 138282 713073b5aded91b6913869844b81c2b9
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 997326 94683e30e3e2eaf169836932d5b10283
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 53068 1f45072161216e0123e010464a11c79e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 159754 6b8efa259423318ea71cd27542be73a0
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 85710 9afd174e17e093ca4f447e2d044ea1f0
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 1547682 8b9edf0c2c0a33fc1000a4f78ead6633
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 36476 3f7704fef2bcc894e4c89a905435509d
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_i386.deb
Size/MD5 checksum: 79880 88410a323f4a62751b74f8cae2ed5eae

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 105812 01d0ce80c4286050e3edc221860a7ad7
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 73942 cef607c3148bff5a5a18c1c97cad0212
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 1769578 d74f8dde8f1c474f28209ec3117ea228
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 192376 4b8265610a77f7c88c67aeeeba29a52e
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 1107086 0e2c971cd8cbf4003188c5ef0755c5d1
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 46338 98fa8223613e2ddb6158f7b91f738be5
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 106230 21cfc1eec3a0373d4b36da7acaa36940
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_ia64.deb
Size/MD5 checksum: 203338 ddbf93df0b74df0556c696845a185b5b

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 1550544 be10b6e99f8545fb66b963498030fad8
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 1096062 48ee341d4561148e8a05e6f1504f8522
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 150772 b9d7903a33330a462c5989594a0bee02
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 57380 2704bb60a3790ee503f84cf84f9155e7
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 85804 c6e8ac67003ca1d670a9153bf56dab14
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 35962 1d30fa64056e5adb82c58183c45bbf18
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 77144 95712323adff30308861f025003cc8ca
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_mips.deb
Size/MD5 checksum: 157838 97fb801349f707ea7a9e025a4b8250f3

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 1552214 f7e0ea2187c3185591b039579b632d2a
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 150896 f5dc0011462eee9d29b72e6fac926853
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 85994 c932793d6b6cc3f77d0dae4ab460835f
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 1083620 c77413f9100f79102126f85f140d7aba
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 77458 a5c5193f32e34bd16aa3fa76de70c0fa
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 57698 85e531161014ca61af1099bb850ebfb8
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 157656 4ce6453e82e7b72a815381598eafd07c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_mipsel.deb
Size/MD5 checksum: 36068 2ea446ca5109029b7ccb0bdf0afe684f

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 162316 b290c4e2dcb2b912a27b11bf80d87e4d
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 136868 2d33cd080d75b72088cc2ecf13d890da
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 51790 c23ca3c579d934530f08cb8bc855a8f7
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 89992 267ec05945cfbae784a6c87267937c55
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 1141630 06459bf9702b34cc3afa6ef3823eb8f1
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 1574926 367061720048ddf3bf9e3f17a56f8c66
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 87506 7146748e5fd7019f8cd16deabbb8f54c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_powerpc.deb
Size/MD5 checksum: 41300 04feb8070d8165446e11d2e4a53ece65

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 144940 120e43e71eb720990d496b3a0a119dfa
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 1035610 938128905022c0db54f428c6e0ac3eeb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 82342 4cf018726ae078bbd304fb7237f94773
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 52262 842555bf6876b92abf05a83faed86da3
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 1586112 798b5fe4d6e57dbd33875d5e4a9e73f8
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 165758 7ca2038408cc51fec6b17eb6d3904fb9
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 86780 cd22242f0e6e248acaad203ac2cc6b30
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_s390.deb
Size/MD5 checksum: 37424 e3f7421d734703aa060d36c343175a79

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 84224 95f8cc3f21eb202aeb64180e0f5ba7a4
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 36038 38e101fd5d6a2ea622f58b5164a62fbc
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 78520 8c6a75d59ac7caa3e8c9d94a664f4c18
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 158214 cff2c1a256a44403f5817eb0d0444b7f
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 992380 b8c029eae7c897df49cf4c3a8bebb14e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 139564 38b3799ab3fe2b52efa680505fcf01bc
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 1561256 6d6f9839358339e0be70009d3e053e71
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch1_sparc.deb
Size/MD5 checksum: 51590 e698beb0a58fd4f4f40692bac8f6ada0


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHQDxaXm3vHE4uyloRAq1/AJ9MWdiNTnrrmq0iAWfluF7dtASR8QCg3vc8
8zc04kk9eNTWN3J939BX2Lw=
=QlQc
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages