FLEA-2007-0003-1: cups

---

• From: Foresight Linux Essential Announcement Service <foresight-security-noreply@xxxxxxxxxxxxxxxxxx>
• Date: Sun, 25 Mar 2007 15:12:28 -0400

---

Foresight Linux Essential Advisory: 2007-0003-1
Published: 2007-03-25

Rating: Minor

Updated Versions:

cups=/conary.rpath.com@rpl:devel//foresight.rpath.org@fl:1-devel//1/1.2.10-0.1-1
group-dist=/foresight.rpath.org@fl:1-devel//1/1.1-0.10-2

References:
https://issues.foresightlinux.org/browse/FL-205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0720

Description:
Previous versions of the cups package could be forced to hang via a client "partially negotiating" an ssl connection. In this state, cups would not allow other connections to be made, a denial of service.

---

• References:
  • FLSA - foresight linux security announcements
    • From: Jonathan Smith

• Prev by Date: Re: **SubHub v2.3.0**
• Next by Date: Playstation 3 "Remote Play" Remote DoS Exploit
• Previous by thread: FLEA-2007-0002-1: inkscape
• Next by thread: FLEA-2007-0004-1: openoffice.org
• Index(es):
  • Date
  • Thread

---

Relevant Pages [Full-disclosure] FLEA-2007-0003-1: cups ... Previous versions of the cups package could be forced to hang via a ... client "partially negotiating" an ssl connection. ... (Full-Disclosure) Re: [SLE] KDE printing subsystem crashes on 8.2 (solved) ... > As far as I see there is no error in our CUPS package. ... > (regardless whether this settings are the default settings ... > response the cupsd sends to client, ... (SuSE)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2007-03