Red Hat Linux Errata Advisory
back



Synopsis	Printing exposes system files to reading.

Advisory ID	RHSA-2001:112-11

Issue Date	2001-09-24

Updated On	2001-12-14

Product	Red Hat Linux

Keywords	Ghostscript lpr LPRng printing

Cross References

Obsoletes

1. Topic:

When used in a spooling environment, it is inappropriate to allow programs
to read arbitrary files as a result of print requests. Ghostscript, a
postscript interpreter, can read arbitrary system files with the same
permissions as the print spooler, potentially exposing the system to an
information compromise.

2. Problem description:

Ghostscript, a postscript interpreter, possess various 'file', 'run',
etc., commands internally. It also provides a -dSAFER flag to restrict the
use of the commands. However, the -dSAFER flag is meant to protect a user
from malicious postscript, not to protect a system from inappropriate
snooping by a user, and so it is still possible to _read_ files in the
SAFER mode.

In a print spooling context, even reading arbitrary files is dangerous, and
so this needs to be disabled in that context.

[UPDATE] : previous versions of this errata used packages:
rhs-printfilters-1.46-6,
rhs-printfilters-1.63-2.rh6.2,
rhs-printfilters-1.63-2.rh6.2j,
rhs-printfilters-1.81-2.rh7.0, and
rhs-printfilters-1.81-2.rh7.0j.

These caused spools to break upon upgrade, though they could easily be fixed
by editing the spools with printtool. The updated versions of the errata
packages address this bug.

[update Dec 14th, 2001]
The errata for Red Hat Linux for Japanese, version 7.0J, requires the
ghostscript package available for the 7.1 release.

3. Bug IDs fixed: (see bugzilla for more information)

4. Relevant releases/architectures:

Red Hat Linux 5.2 - alpha, i386, sparc
Red Hat Linux 6.2 - alpha, i386, noarch, sparc
Red Hat Linux 6.2J - i386, noarch
Red Hat Linux 7.0 - alpha, i386, noarch
Red Hat Linux 7.0J - i386, noarch
Red Hat Linux 7.1 - alpha, i386, ia64

5. RPMs required:

6. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

After updating the packages, the spool filter will have to be repaired to
use the -dPARANOIDSAFER mode, IF and only IF you have modified the spools
from what printtool provided. If this is the case, delete the spool queue,
and simply re-add it.

Custom filters and processes can make use of this mode by setting and
exporting the GS_OPTIONS environment variable to contain -dPARANOIDSAFER,
or by adding -dPARANOIDSAFER to the command line call to ghostscript.

7. Verification:

MD5 sum                           Package Name
-------------------------------------------------------------------------
1e2e4ac0ea5e8dd82b2e1d36b79c34f2 5.2/en/os/SRPMS/ghostscript-4.03-4.src.rpm
9909205f309ddb5e065be9c1320dd8b1 5.2/en/os/SRPMS/printtool-3.29-4.src.rpm
f1689b327fc61b0f3af0fa929a5bbb50 5.2/en/os/SRPMS/rhs-printfilters-1.46-7.src.rpm
e5b9efa88914c71b24295af6211b3efd 5.2/en/os/alpha/ghostscript-4.03-4.alpha.rpm
f93992187de99c2e6e990f4b02a1b6f7 5.2/en/os/alpha/rhs-printfilters-1.46-7.alpha.rpm
0ab69b43209d09741f6d044746eb241e 5.2/en/os/i386/ghostscript-4.03-4.i386.rpm
4571d04802b320f74caf39913cfb1e05 5.2/en/os/i386/rhs-printfilters-1.46-7.i386.rpm
10d6eea0b77c170d52a45b891f2359e0 5.2/en/os/sparc/ghostscript-4.03-4.sparc.rpm
8997fa04aa73b32eb083552982bd03a6 5.2/en/os/sparc/rhs-printfilters-1.46-7.sparc.rpm
248661d383b62af3d3208ef430bbb523 6.2/en/os/SRPMS/ghostscript-5.50-19.rh6.2.src.rpm
3938d1c2b436e06990b4853cd721da4f 6.2/en/os/SRPMS/printtool-3.44-2.src.rpm
fa7db4d6926e1e5d5d11ad5683967d05 6.2/en/os/SRPMS/rhs-printfilters-1.63-4.rh6.2.src.rpm
e631891fce4cec7e2dc0121b68d3f738 6.2/en/os/alpha/ghostscript-5.50-19.rh6.2.alpha.rpm
1be28559176724e4b4052752ef62ab34 6.2/en/os/alpha/rhs-printfilters-1.63-4.rh6.2.alpha.rpm
d4272031c27f633bc34dd4b451381ab8 6.2/en/os/i386/ghostscript-5.50-19.rh6.2.i386.rpm
d1db472215ad8c98e22358631597a71c 6.2/en/os/i386/rhs-printfilters-1.63-4.rh6.2.i386.rpm
94a95c0be1a72b173b6d51f8096b8e58 6.2/en/os/noarch/printtool-3.44-2.noarch.rpm
9fbaaee462404c30775cd2e9bc0adbd5 6.2/en/os/sparc/ghostscript-5.50-19.rh6.2.sparc.rpm
01d082f4f927fdc424edbe29b7bc0626 6.2/en/os/sparc/rhs-printfilters-1.63-4.rh6.2.sparc.rpm
8f8714585f711b8b8bc1c2cd783472a1 6.2/ja/os/SRPMS/ghostscript-5.50-19.rh6.2j.src.rpm
e191a1a78b5bdf916bcacb5c21419471 6.2/ja/os/SRPMS/printtool-3.42-4.src.rpm
ea6a3e38ddb6fc603d834c7736fc2bd5 6.2/ja/os/SRPMS/rhs-printfilters-1.63-4.rh6.2j.src.rpm
2cbad9d8965365ba8704ff728e32b2ca 6.2/ja/os/i386/ghostscript-5.50-19.rh6.2j.i386.rpm
c06f53bb72d04b8cec3bbc475ea95ae7 6.2/ja/os/i386/rhs-printfilters-1.63-4.rh6.2j.i386.rpm
c5c8e9ff4171a3eb69b9e17724015345 6.2/ja/os/noarch/printtool-3.42-4.noarch.rpm
5db34e8b133397de814eb9aac4b9eb49 7.0/en/os/SRPMS/ghostscript-5.50-19.rh7.0.src.rpm
b74adc24a474d17db984da3ddc3eb3b1 7.0/en/os/SRPMS/printtool-3.54-2.src.rpm
71c6737bf2fc1e80ebe2993abcff6ac6 7.0/en/os/SRPMS/rhs-printfilters-1.81-4.rh7.0.src.rpm
85ded059428a30beec706275906aaad4 7.0/en/os/alpha/ghostscript-5.50-19.rh7.0.alpha.rpm
235fca1b6b05bc52191d9981f9a63c89 7.0/en/os/alpha/rhs-printfilters-1.81-4.rh7.0.alpha.rpm
4853a8a763df075ab5fdfee5121855fe 7.0/en/os/i386/ghostscript-5.50-19.rh7.0.i386.rpm
884daf36b6717aa65ef37df14dd185f9 7.0/en/os/i386/rhs-printfilters-1.81-4.rh7.0.i386.rpm
ea13fc93f0346f87f70763a7cf2dd645 7.0/en/os/noarch/printtool-3.54-2.noarch.rpm
166bdd66ca50f93a339511f3f3e9d2e6 7.0/ja/os/SRPMS/ghostscript-5.50-19.rh7.1.src.rpm
2571c3d15b6bc025ea5faa5a84c7417f 7.0/ja/os/SRPMS/printtool-3.54-2j.src.rpm
8ac39939d73901ded39b8961eb6b289c 7.0/ja/os/SRPMS/rhs-printfilters-1.81-4.rh7.0j.src.rpm
aab6f7a301909bb2eae04d5ab7b87d5d 7.0/ja/os/i386/ghostscript-5.50-19.rh7.1.i386.rpm
d6d9a40b3af3eb91294dde88856af1bd 7.0/ja/os/i386/rhs-printfilters-1.81-4.rh7.0j.i386.rpm
afb8db5574e0f668675565b994d9a69a 7.0/ja/os/noarch/printtool-3.54-2j.noarch.rpm
166bdd66ca50f93a339511f3f3e9d2e6 7.1/en/os/SRPMS/ghostscript-5.50-19.rh7.1.src.rpm
3d2ec6dc7e1479eff9c1850d13b0306e 7.1/en/os/SRPMS/printconf-0.2.15-2.src.rpm
ebb20c363cbf63112f515af2153d2e59 7.1/en/os/alpha/ghostscript-5.50-19.rh7.1.alpha.rpm
a0dfc995d0648230e1648f616010904b 7.1/en/os/alpha/printconf-0.2.15-2.alpha.rpm
c5f127f4ab3a2964d8d4fa990c8a5d66 7.1/en/os/alpha/printconf-gui-0.2.15-2.alpha.rpm
aab6f7a301909bb2eae04d5ab7b87d5d 7.1/en/os/i386/ghostscript-5.50-19.rh7.1.i386.rpm
a2b7f27e31b71218703cb68f95355e24 7.1/en/os/i386/printconf-0.2.15-2.i386.rpm
b20e1817f9b81ba5503c9864588e2f92 7.1/en/os/i386/printconf-gui-0.2.15-2.i386.rpm
591db681b2312d5101e3a97e4ad26b6d 7.1/en/os/ia64/ghostscript-5.50-19.rh7.1.ia64.rpm
274bbba826571dccae6dbda1f6a73d37 7.1/en/os/ia64/printconf-0.2.15-2.ia64.rpm
19aeb3b64f695b6f0343661173fff3d5 7.1/en/os/ia64/printconf-gui-0.2.15-2.ia64.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
http://www.redhat.com/about/contact.html

You can verify each package with the following command: rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename

Note that you need RPM >= 3.0 to check GnuPG keys.

8. References:

Search by Google