-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: cups
Advisory ID: MDKSA-2005:041
Date: February 17th, 2005
Affected versions: 9.2, 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
Previous updates to correct integer overflow issues affecting xpdf
overlooked certain conditions when built for a 64 bit platform.
(formerly CAN-2004-0888). This also affects applications like cups,
that use embedded versions of xpdf.
The updated packages are patched to deal with these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0/AMD64:
0863a33d5e67873f53c0b8fa1d2f4384 amd64/10.0/RPMS/cups-1.1.20-5.7.100mdk.amd64.rpm
3822cee8837630a96f78a33d3bf1bd4a amd64/10.0/RPMS/cups-common-1.1.20-5.7.100mdk.amd64.rpm
931290407a940ff87909496292ac8912 amd64/10.0/RPMS/cups-serial-1.1.20-5.7.100mdk.amd64.rpm
929258c3e29a676e5a91393412105271 amd64/10.0/RPMS/lib64cups2-1.1.20-5.7.100mdk.amd64.rpm
91a2b0e5dbf46c66147297a9896d2d6d amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.7.100mdk.amd64.rpm
d814596362f8e2d01855161ec94bea9e amd64/10.0/SRPMS/cups-1.1.20-5.7.100mdk.src.rpm
Mandrakelinux 10.1/X86_64:
4907f2fb60a614b25f326c54f6937acf x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.5.101mdk.x86_64.rpm
6cdb17b703326feb5a831329b0e7f1eb x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.5.101mdk.x86_64.rpm
81080d7ceb102050b663d5eacdbed61a x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.5.101mdk.x86_64.rpm
40c653a1689810a0555f19a88a7bf7ca x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.5.101mdk.x86_64.rpm
7abd4f4d3194e874aa54d66a32e5cd8d x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.5.101mdk.x86_64.rpm
75dc2c7fad73b6a86b2991ec9374a6fc x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.5.101mdk.src.rpm
Corporate Server 2.1/X86_64:
91e06052bb835506724d476eba84fd40 x86_64/corporate/2.1/RPMS/cups-1.1.18-2.9.C21mdk.x86_64.rpm
4f5c7d6820f07b71e6a68e6aa6d38eec x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.9.C21mdk.x86_64.rpm
4dfedb90e3f6249ea662bb47df938d16 x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.9.C21mdk.x86_64.rpm
94e043c2439c13e3b829298982fe1f42 x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.9.C21mdk.x86_64.rpm
ff21acb50be45d2fba6b47fc65747db6 x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.9.C21mdk.x86_64.rpm
ef9b4b42e7d425fb1994a14c59a6b783 x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.9.C21mdk.src.rpm
Corporate 3.0/X86_64:
d37f68dc8e316d66534b9e8c1271ac28 x86_64/corporate/3.0/RPMS/cups-1.1.20-5.7.C30mdk.x86_64.rpm
5e2b3dfd3f0bd5c5663a941f8249eacb x86_64/corporate/3.0/RPMS/cups-common-1.1.20-5.7.C30mdk.x86_64.rpm
c3f4bfde26c351d68e69f08e32cab55e x86_64/corporate/3.0/RPMS/cups-serial-1.1.20-5.7.C30mdk.x86_64.rpm
66689b4a41a53463a7257add19dcee1b x86_64/corporate/3.0/RPMS/lib64cups2-1.1.20-5.7.C30mdk.x86_64.rpm
5b11a94570f61bf3c783cb9b3474e2c9 x86_64/corporate/3.0/RPMS/lib64cups2-devel-1.1.20-5.7.C30mdk.x86_64.rpm
b1e5fe6870130ab6478dfa0becc16e74 x86_64/corporate/3.0/SRPMS/cups-1.1.20-5.7.C30mdk.src.rpm
Mandrakelinux 9.2/AMD64:
82d2b5794f51069b2e23aa0b2a451205 amd64/9.2/RPMS/cups-1.1.19-10.7.92mdk.amd64.rpm
6fbc82f6e69736e2fca7c947c3f2e2ba amd64/9.2/RPMS/cups-common-1.1.19-10.7.92mdk.amd64.rpm
64452fd2b22d176811d43a4fad4704b5 amd64/9.2/RPMS/cups-serial-1.1.19-10.7.92mdk.amd64.rpm
d317fdcd91d9c1974903025d6eb55da3 amd64/9.2/RPMS/lib64cups2-1.1.19-10.7.92mdk.amd64.rpm
c52af110fdb57c8164e0efedc8074bbe amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.7.92mdk.amd64.rpm
8ed5be0556fac198f872fd7a160b8bf5 amd64/9.2/SRPMS/cups-1.1.19-10.7.92mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCFVehmqjQ0CJFipgRAk41AJ9fEpaiA3ngelDouyMU41C5du1JKgCgy0nU
2r55cl20pwVkb5TATTiRZsU=
=E6Fu
-----END PGP SIGNATURE-----
