[Techtalk] Fwd: [suse-security] Resend: SuSE Security Announcement:
cups (SuSE-SA:2002:006)
Helen Rosseau
hrosseau at vistar.ca
Thu Feb 28 21:10:58 EST 2002
Thank you for the information. I'll give it a look over and try it. I
partially suceeded today getting the printer to work. Star office and
the cups test page both worked. I don't have internet access where I'm
installing the network yet, so anything I find I have to burn to cd and
take with me in the morning.
Helen
jfweber at bellsouth.net wrote:
>
> Pardon me for posting this here , I've just noticed rather a lot of posts reguarding problems w/ Suse 7.3 and cups lately .. thought this Might be of interest to folks using it who do not subscribe to teh suse lists
> j
>
> ** Forwarding message from Thomas Biege <thomas at suse.de> on Thu, 28 Feb 2002 03:11:53 +0100 (CET)
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> ______________________________________________________________________________
>
> SuSE Security Announcement
>
> Package: cups
> Announcement-ID: SuSE-SA:2002:006
> Date: Wednesday, Feb 27th 2002 12:10 MET
> Affected SuSE versions: 7.1, 7.2, 7.3
> Vulnerability Type: remote privilege escalation
> Severity (1-10): 5
> SuSE default package: no
> Other affected systems: all systems running CUPS
>
> Content of this advisory:
> 1) security vulnerability resolved: CUPS bufferoverflow in IPP
> problem description, discussion, solution and upgrade information
> 2) pending vulnerabilities, solutions, workarounds
> 3) standard appendix (further information)
>
> ______________________________________________________________________________
>
> 1) problem description, brief discussion, solution, upgrade information
>
> We re-release SuSE Security Announcement SuSE-SA:2002:005 with the new
> announcement ID SuSE-SA:2002:006 due to minor packaging errors that can
> result in a malfunction of the printing subsystem. The erroneous packages
> have been removed from the ftp server. The new packages are in place as
> announced in the URL list below.
>
> The well known Common Unix Printing System (CUPS) was found vulnerable
> to a buffer overflow in the Internet Printing Protocol (IPP) handling
> code.
> The buffer overflow could be exploited by a remote attacker as long as
> their IP address is allowed to connect to the CUPS server.
>
> Please download the update package for your distribution and verify its
> integrity by the methods listed in section 3) of this announcement.
> Then, install the package using the command "rpm -Fhv file.rpm" to apply
> the update.
>
> After updateing the RPM package run "rclpd restart" as root to make
> the package upgrade effective.
>
> i386 Intel Platform:
>
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/i386/update/7.3/d3/cups-devel-1.1.10-83.i386.rpm
> 8d5053ad177a11625184d0758487fc44
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-1.1.10-83.i386.rpm
> d13c2a15aec1e32d33e67e3c5dfbfcbe
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-client-1.1.10-83.i386.rpm
> f6869afd7a3ca8d25094e8beb685be69
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-libs-1.1.10-83.i386.rpm
> cabe0639064f8d8f4e0966b52f11d879
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/cups-1.1.10-83.src.rpm
> 44565cf9eef0354eda24c79eb6754615
>
> SuSE-7.2
> ftp://ftp.suse.com/pub/suse/i386/update/7.2/d3/cups-devel-1.1.6-104.i386.rpm
> b248ca457d8240380bb5c52a27b18eef
> SuSE-7.2
> ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/cups-1.1.6-104.i386.rpm
> 828f470a6fbee50cfc7405c39aa1d81d
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/cups-1.1.6-104.src.rpm
> 8447e7162c38ecd5f63742de98d80e76
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/i386/update/7.1/d3/cups-devel-1.1.6-105.i386.rpm
> 4ea2040b5c7b46b2e55dacd7073ce9ac
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/cups-1.1.6-105.i386.rpm
> 268428ba6b0470de8ae381552f185420
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/cups-1.1.6-105.src.rpm
> 93195300593a49fe6236b5abbfca8806
>
> Sparc Platform:
>
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/sparc/update/7.3/d3/cups-devel-1.1.10-36.sparc.rpm
> 0970928774ba45661812d2e818b9bbb2
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-1.1.10-36.sparc.rpm
> 4587059b86c2cefd9097d778ec125ab8
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-client-1.1.10-36.sparc.rpm
> b26a1937a8bd286328ab164e1cc91ebe
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-libs-1.1.10-36.sparc.rpm
> afed35a5212b217bab1556e0e5df39e6
> source rpm:
> ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/cups-1.1.10-36.src.rpm
> bb1662c9b437b0b88c56a39df9b4b6ad
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/sparc/update/7.1/d3/cups-devel-1.1.6-38.sparc.rpm
> 0a093efb86b0eb024a21ab5532c2f08a
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/cups-1.1.6-38.sparc.rpm
> 69966f1ee23d904a5085d302a49678d6
> source rpm:
> ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/cups-1.1.6-38.src.rpm
> b4921596bdec11a93da1031c43caa700
>
> AXP Alpha Platform:
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/axp/update/7.1/d3/cups-devel-1.1.6-34.alpha.rpm
> a1883596165edd8b1fa597dcb9e21d70
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/cups-1.1.6-34.alpha.rpm
> 96d90d112b52262dbd01b01aac5b64d3
> source rpm:
> ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/cups-1.1.6-34.src.rpm
> 2d648e906fc29c64682c7797adbbdcac
>
> PPC PowerPC Platform:
>
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/ppc/update/7.3/d3/cups-devel-1.1.10-63.ppc.rpm
> 04d9a84650c335ecc550c4e55e57a576
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-1.1.10-63.ppc.rpm
> 1776913fc7df901ce37fe3f41ce3fcb8
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-client-1.1.10-63.ppc.rpm
> 75d676e87d82d58555bf24d3261d0da6
> SuSE-7.3
> ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-libs-1.1.10-63.ppc.rpm
> 34f744fc2e7b60db32abc89fbda9fbfd
> source rpm:
> ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/cups-1.1.10-63.src.rpm
> fa19fa9c5e0558d426de857f2bf45ac6
>
> ______________________________________________________________________________
>
> 2) Pending vulnerabilities in SuSE Distributions and Workarounds:
>
> - squid
> A heap overflow in squid's URL constructing functions is fixed and
> new packages are currently being built.
>
> - ucd-snmpd
> The UCD snmpd contains various security releated bugs.
> We are currently reviewing the code and available fixes to ensure
> they all get fixed. Patches will be available as soon as possible.
> It is strongly recommended to filter SNMP (TCP and UDP packets
> with destination of port 161) traffic.
>
> - hanterm/wmtv
> The recently reported vulnerabilities in hanterm and wmtv do not
> affect SuSE installations because they are not installed setuid
> or setgid.
>
> - cipe
> We are about to prepare kernel update packages that fix a DoS
> problem in the kernel modules for the cipe encrypted tunneling
> software.
>
> ______________________________________________________________________________
>
> 3) standard appendix: authenticity verification, additional information
>
> - Package authenticity verification:
>
> SuSE update packages are available on many mirror ftp servers all over
> the world. While this service is being considered valuable and important
> to the free and open source software community, many users wish to be
> sure about the origin of the package and its content before installing
> the package. There are two verification methods that can be used
> independently from each other to prove the authenticity of a downloaded
> file or rpm package:
> 1) md5sums as provided in the (cryptographically signed) announcement.
> 2) using the internal gpg signatures of the rpm package.
>
> 1) execute the command
> md5sum <name-of-the-file.rpm>
> after you downloaded the file from a SuSE ftp server or its mirrors.
> Then, compare the resulting md5sum with the one that is listed in the
> announcement. Since the announcement containing the checksums is
> cryptographically signed (usually using the key security at suse.de),
> the checksums show proof of the authenticity of the package.
> We disrecommend to subscribe to security lists which cause the
> email message containing the announcement to be modified so that
> the signature does not match after transport through the mailing
> list software.
> Downsides: You must be able to verify the authenticity of the
> announcement in the first place. If RPM packages are being rebuilt
> and a new version of a package is published on the ftp server, all
> md5 sums for the files are useless.
>
> 2) rpm package signatures provide an easy way to verify the authenticity
> of an rpm package. Use the command
> rpm -v --checksig <file.rpm>
> to verify the signature of the package, where <file.rpm> is the
> filename of the rpm package that you have downloaded. Of course,
> package authenticity verification can only target an uninstalled rpm
> package file.
> Prerequisites:
> a) gpg is installed
> b) The package is signed using a certain key. The public part of this
> key must be installed by the gpg program in the directory
> ~/.gnupg/ under the user's home directory who performs the
> signature verification (usually root). You can import the key
> that is used by SuSE in rpm packages for SuSE Linux by saving
> this announcement to a file ("announcement.txt") and
> running the command (do "su -" to be root):
> gpg --batch; gpg < announcement.txt | gpg --import
> SuSE Linux distributions version 7.1 and thereafter install the
> key "build at suse.de" upon installation or upgrade, provided that
> the package gpg is installed. The file containing the public key
> is placed at the toplevel directory of the first CD (pubring.gpg)
> and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
>
> - SuSE runs two security mailing lists to which any interested party may
> subscribe:
>
> suse-security at suse.com
> - general/linux/SuSE security discussion.
> All SuSE security announcements are sent to this list.
> To subscribe, send an email to
> <suse-security-subscribe at suse.com>.
>
> suse-security-announce at suse.com
> - SuSE's announce-only mailing list.
> Only SuSE's security annoucements are sent to this list.
> To subscribe, send an email to
> <suse-security-announce-subscribe at suse.com>.
>
> For general information or the frequently asked questions (faq)
> send mail to:
> <suse-security-info at suse.com> or
> <suse-security-faq at suse.com> respectively.
>
> =====================================================================
> SuSE's security contact is <security at suse.com> or <security at suse.de>.
> The <security at suse.de> public key is listed below.
> =====================================================================
> ______________________________________________________________________________
>
> The information in this advisory may be distributed or reproduced,
> provided that the advisory is not modified in any way. In particular,
> it is desired that the cleartext signature shows proof of the
> authenticity of the text.
> SuSE GmbH makes no warranties of any kind whatsoever with respect
> to the information contained in this security advisory.
>
> Type Bits/KeyID Date User ID
> pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security at suse.de>
> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build at suse.de>
>
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
> 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
> M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
> QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
> XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
> D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
> G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
> CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
> myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
> YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
> wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
> NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
> QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
> LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
> XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
> D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
> 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
> 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
> cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
> ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
> AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
> Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
> HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
> t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
> tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
> 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
> 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
> QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
> JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
> 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
> ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
> wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
> EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
> 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
> CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
> SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
> omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
> A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
> /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
> GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
> ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
> ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
> RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
> 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
> B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
> 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
> 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
> qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
> WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
> hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
> BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
> AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
> RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
> zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
> /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
> whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
> D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
> dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
> RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
> DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
> =LRKC
> - -----END PGP PUBLIC KEY BLOCK-----
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3in
> Charset: noconv
>
> iQEVAwUBPH2KIXey5gA9JdPZAQE89wf/YtPBnhhWmZhxnOeVkam2dj2QBv1Gh17f
> uZ0ibPLEybRhaeXyCrtLe8tzQaH8Ofdir1jFWLvImf6EyKnwF8r9m8zArc1fR4ym
> SHyseGukEWUhYHoVBXn39Tn+c/Jh5SILpLWD2w/WTLPeCEkSCTTREe85oTykjJNH
> cXMXpaFuQ4+DZogQcjM61kaIlcf3dVnu7f5Iswzf3Z7kDIOVb5AhJ2ZmoDlGhaNj
> nPt83sC90ePBWPkNXB0JaqUMjZTA5y1svipkKQZj71A/WC3jujRa0++e7q9Sm4ms
> lofWxbLpgJYSFi9PKa3tUN3qpvwe+eJ/DQZ53Y118sJvYkkfdC7l3w==
> =Dg+7
> -----END PGP SIGNATURE-----
> Bye,
> Thomas
> --
> Thomas Biege <thomas at suse.de>,SuSE GmbH,Deutschherrnstr. 15-19,90429 Nuernberg
> Function: Security Support & Auditing
> "lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
> Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83
> --
> Trete durch die Form ein, und trete aus der Form heraus.
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe at suse.com
> For additional commands, e-mail: suse-security-help at suse.com
> Security-related bug reports go to security at suse.de, not here
>
> --
> j
>
> afterthought : All the world's a stage and most of us are desperately unrehearsed.-- Sean O'Casey
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk
--
Helen Rosseau
Technologist
Vistar Telecommunications Inc
427 Laurier Ave W
Suite 1410
Ottawa Ontario Canada
K1R 7Y2
613-230-4848 ext 2245
Fax 613-230-4940
email hrosseau at vistar.ca
More information about the Techtalk
mailing list