[ MDVSA-2010:072 ] cups




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:072
http://www.mandriva.com/security/
_______________________________________________________________________

Package : cups
Date : April 14, 2010
Affected: Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in cups:

CUPS in does not properly handle (1) HTTP headers and (2) HTML
templates, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and HTTP response splitting attacks via vectors
related to (a) the product's web interface, (b) the configuration of
the print system, and (c) the titles of printed jobs (CVE-2009-2820).

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS
1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable
to determine the file that provides localized message strings, which
allows local users to gain privileges via a file that contains crafted
localization data with format string specifiers (CVE-2010-0393).

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
_______________________________________________________________________

Updated Packages:

Corporate 4.0:
740c074b463cb19e228e8452d654ff77 corporate/4.0/i586/cups-1.2.4-0.13.20060mlcs4.i586.rpm
b4efdba1af730183bf665ba19eef5e41 corporate/4.0/i586/cups-common-1.2.4-0.13.20060mlcs4.i586.rpm
3b0c57f1c8aff54f44a8757832b388a7 corporate/4.0/i586/cups-serial-1.2.4-0.13.20060mlcs4.i586.rpm
e32253a438c2783e88fdba9308c53b34 corporate/4.0/i586/libcups2-1.2.4-0.13.20060mlcs4.i586.rpm
2ef500ce86c081c4715764209a9cd65e corporate/4.0/i586/libcups2-devel-1.2.4-0.13.20060mlcs4.i586.rpm
286f41821b5b92627f756db7437b0047 corporate/4.0/i586/php-cups-1.2.4-0.13.20060mlcs4.i586.rpm
dbac43650b92f93f745be6451d30f11f corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
45551f204c08ad1bd602cabecbb23dc5 corporate/4.0/x86_64/cups-1.2.4-0.13.20060mlcs4.x86_64.rpm
e836b68917a8dc53436410fd55723a5b corporate/4.0/x86_64/cups-common-1.2.4-0.13.20060mlcs4.x86_64.rpm
1a78d7675b0ea5497ae044ef70a8fb1f corporate/4.0/x86_64/cups-serial-1.2.4-0.13.20060mlcs4.x86_64.rpm
fd3d6e9b3c899ecd475acfc9d5ad12b5 corporate/4.0/x86_64/lib64cups2-1.2.4-0.13.20060mlcs4.x86_64.rpm
07561e3bd8e757ed1ccd9a343a847d61 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.13.20060mlcs4.x86_64.rpm
09541108666b89cad59b723949e4fea1 corporate/4.0/x86_64/php-cups-1.2.4-0.13.20060mlcs4.x86_64.rpm
dbac43650b92f93f745be6451d30f11f corporate/4.0/SRPMS/cups-1.2.4-0.13.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLxahkmqjQ0CJFipgRAsnrAJ4hIErd0YfzlqHNjOXCKLpzqluKYwCfcdHo
ZXN+jQ9LKCAGJg8zlt2se4k=
=hh1R
-----END PGP SIGNATURE-----