[SECURITY] Fedora 7 Update: cups-1.2.12-6.fc7

updates at fedoraproject.org updates at fedoraproject.org
Thu Nov 1 21:14:31 UTC 2007 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2715
2007-11-01 21:14:24.528990
--------------------------------------------------------------------------------

Name        : cups
Product     : Fedora 7
Version     : 1.2.12
Release     : 6.fc7
URL         : http://www.cups.org/
Summary     : Common Unix Printing System
Description :
The Common UNIX Printing System provides a portable printing layer for
UNIX® operating systems. It has been developed by Easy Software Products
to promote a standard printing solution for all UNIX vendors and users.
CUPS provides the System V and Berkeley command-line interfaces.

--------------------------------------------------------------------------------
Update Information:

This update fixes a remote code execution vulnerability in the IPP handling part of the CUPS scheduler.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov  1 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-6
- Applied patch to fix CVE-2007-4351 (STR #2561, bug #361661).
* Wed Oct 10 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-5
- Use ppdev for parallel port Device ID retrieval (bug #311671).
* Thu Aug  9 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-4
- Applied patch to fix CVE-2007-3387 (bug #251518).
* Tue Jul 31 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-3
- Better buildroot tag.
- Moved LSPP access check and security attributes check in add_job() to
  before allocation of the job structure (bug #231522).
* Mon Jul 23 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-2
- Use kernel support for USB paper-out detection, when available
  (bug #249213).
* Fri Jul 13 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-1
- 1.2.12.  No longer need adminutil or str2408 patches.
* Wed Jul  4 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.11-3
- Better paper-out detection patch still (bug #246222).
* Fri Jun 29 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.11-2
- Applied patch to fix group handling in PPDs (bug #186231, STR #2408).
* Wed Jun 27 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.11-1
- Fixed permissions on classes.conf in the file manifest (bug #245748).
- 1.2.11.
* Tue Jun 12 2007 Tim Waugh <twaugh at redhat.com>
- Make the initscript use start priority 56 (bug #213828).
* Mon Jun 11 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.10-12
- Better paper-out detection patch (bug #241589).
* Mon May 21 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.10-11
- Fixed _cupsAdminSetServerSettings() sharing/shared handling (bug #238057).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #361661 - CVE-2007-4351 cups boundary error [F7]
        https://bugzilla.redhat.com/show_bug.cgi?id=361661
  [ 2 ] CVE-2007-4351
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
--------------------------------------------------------------------------------
Updated packages:

b0c3575602c14bfb0f7457674ff4c41c06dc1afe cups-libs-1.2.12-6.fc7.ppc64.rpm
61a2ac729477965167d50e9bc7d5f6fff1da4791 cups-1.2.12-6.fc7.ppc64.rpm
c4e7a65e6de8572d30f1c3813adc8eb97372e1c1 cups-devel-1.2.12-6.fc7.ppc64.rpm
980ae77e6e878c6723333a9fa91570e2ac88bb19 cups-debuginfo-1.2.12-6.fc7.ppc64.rpm
efdfd7beb1ad7ccf69300f0383567bfd66c58663 cups-lpd-1.2.12-6.fc7.ppc64.rpm
5f6f59cf769d62929792d70ed0d90a2f3b78ab5b cups-libs-1.2.12-6.fc7.i386.rpm
f2f92edf6f133d450b6cd92504f1e0e2463fdd58 cups-1.2.12-6.fc7.i386.rpm
b9e76b2efec9e36bbb77647c245fee17b0643a55 cups-debuginfo-1.2.12-6.fc7.i386.rpm
5b8e62c0c2fa433b3b6c4f864cb0efbbceacec7e cups-lpd-1.2.12-6.fc7.i386.rpm
243a80caff1553f94a25d883cd5339dc1a1682d8 cups-devel-1.2.12-6.fc7.i386.rpm
d1c2350124ec5f4e1adc46a02ae56a330ab5fd4a cups-debuginfo-1.2.12-6.fc7.x86_64.rpm
341659fc96f5c96e8719d470bb3505bacfe1ab56 cups-lpd-1.2.12-6.fc7.x86_64.rpm
3a226517dd4ef5a688f18bd2ae61c8436c355ece cups-1.2.12-6.fc7.x86_64.rpm
e8ea66f3e6081ec019ee61390fd83c2310e07685 cups-devel-1.2.12-6.fc7.x86_64.rpm
db8bcf2a45c9407663a6f3e4de2af3720f636fff cups-libs-1.2.12-6.fc7.x86_64.rpm
09f6754808e4bf585ae56a20bae4ce9e2eef2bb6 cups-libs-1.2.12-6.fc7.ppc.rpm
4c46afab9161663196a0cb6279654c53fabe1df3 cups-1.2.12-6.fc7.ppc.rpm
3ac6fba6fd8c6525211e1bf34491cef8ba285c20 cups-debuginfo-1.2.12-6.fc7.ppc.rpm
ef22a38297681508f7f83590dcd174a211f6b2bb cups-devel-1.2.12-6.fc7.ppc.rpm
ba8e17973711b9907683a55c95fcb5a7e41d992f cups-lpd-1.2.12-6.fc7.ppc.rpm
3398d5e36765e7862403dc573ba190558008d366 cups-1.2.12-6.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update cups' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the Fedora-package-announce mailing list