SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   CUPS Vendors:   Easy Software Products
(CentOS Issues Fix) CUPS cupsRasterReadPixels() Buffer Overflow Has Unspecified Impact
SecurityTracker Alert ID:  1032640
SecurityTracker URL:  http://securitytracker.com/id/1032640
CVE Reference:   CVE-2014-9679   (Links to External Site)
Date:  Jun 18 2015
Impact:   Not specified
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in CUPS. The impact was not specified.

A remote user can send a specially crafted compressed raster file to trigger a buffer overflow in cupsRasterReadPixels().

The vulnerability resides in 'filter/raster.c'.

The vendor has assigned a priority of "Low" to this vulnerability.

Peter De Wachter reported this vulnerability.

Impact:   The impact was not specified.
Solution:   CentOS has issued a fix.

i386:
66ec9a6b8eae38c42730cfe9bc7bc692f3f09a833edd36f19c5358fef55e3d38 cups-1.4.2-67.el6_6.1.i686.rpm
d8828f29adc025acc0fbb338f6dddbcbe0802749eed42b15d972592ab53c0b6d cups-devel-1.4.2-67.el6_6.1.i686.rpm
3322ec2e7dffe6fbc9c45b4868cf680604f10059dc7a3cb4d0bb10f3d6e5e3a3 cups-libs-1.4.2-67.el6_6.1.i686.rpm
8e2764b166884672cbbeab1c5b93ca301f57144fc29ee641d9b5175d5104cdf2 cups-lpd-1.4.2-67.el6_6.1.i686.rpm
2bd30d9e1e6891dec1ae2b18ffa709c3b0e0c28e51cd1f3d5a07171f0ccc6bb5 cups-php-1.4.2-67.el6_6.1.i686.rpm

x86_64:
34abf99f7ef817dfdd2000581dd00a6a0e58a971a7b0ab4f01e3d2b6d782c4bc cups-1.4.2-67.el6_6.1.x86_64.rpm
d8828f29adc025acc0fbb338f6dddbcbe0802749eed42b15d972592ab53c0b6d cups-devel-1.4.2-67.el6_6.1.i686.rpm
bce9e461adf875feb74a5b9bf273e0d6d4471fe3968d544987296761cec1a840 cups-devel-1.4.2-67.el6_6.1.x86_64.rpm
3322ec2e7dffe6fbc9c45b4868cf680604f10059dc7a3cb4d0bb10f3d6e5e3a3 cups-libs-1.4.2-67.el6_6.1.i686.rpm
b6da7e01721b2ce11affe423d77de600ffedb9f6499399a7f23102705d4dfbf2 cups-libs-1.4.2-67.el6_6.1.x86_64.rpm
d24718b3355681f4feec4378bb6c20e304cebe822d62af818acd6d24cf21a5e2 cups-lpd-1.4.2-67.el6_6.1.x86_64.rpm
c3f21692061194bb7c2884659ad1ebc341d829d820a70748e1f35d243272700f cups-php-1.4.2-67.el6_6.1.x86_64.rpm

Source:
232eea3a52f7b16c040c3e8dec51ff3ff9727439bb6aebc414f93cbed320ce24 cups-1.4.2-67.el6_6.1.src.rpm

Vendor URL:  www.cups.org/str.php?L4551 (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Feb 20 2015 CUPS cupsRasterReadPixels() Buffer Overflow Has Unspecified Impact



 Source Message Contents

Subject:  [CentOS-announce] CESA-2015:1123 Important CentOS 7 cups Security Update


CentOS Errata and Security Advisory 2015:1123 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1123.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
9a0a783639a76c7a31f8b06404a14a695ee4fdb8a23d68e36ad2bf074a39683a  cups-1.6.3-17.el7_1.1.x86_64.rpm
65ac0d62c9aba2c6d7a3af646b4e84813785eca49bcd0ab7ef5fd745cf102803  cups-client-1.6.3-17.el7_1.1.x86_64.rpm
1fc6a991ef7613143d118de74c2cd2371d55d7e2acc5ba3c9044de1a870e0530  cups-devel-1.6.3-17.el7_1.1.i686.rpm
af9dddf564b1f0c35c03d236b91990921617a21e8acab7faffea758e382db90d  cups-devel-1.6.3-17.el7_1.1.x86_64.rpm
ebbc4bf3a5d61a67e4d842df45771a7a8487af30a8010ba74aa4de3dc9c8ba04  cups-filesystem-1.6.3-17.el7_1.1.noarch.rpm
b1b7637e3d914d459ba3a9e7d11c0c1cf9fcea9ec7ba2e682cf541a5aa3b069e  cups-ipptool-1.6.3-17.el7_1.1.x86_64.rpm
2c17418bc05af2157bf6c050851eae652ad0973b3ead4f205ecdd05b968c6998  cups-libs-1.6.3-17.el7_1.1.i686.rpm
323eaae9e86300f4c93e8b61efc91814d8727d83aca2e8ceefe4dd4a5cb82d88  cups-libs-1.6.3-17.el7_1.1.x86_64.rpm
f9f98142b37b03129802443c4e78f4f87168a2f6645af35a892287a5d1e0bf5b  cups-lpd-1.6.3-17.el7_1.1.x86_64.rpm

Source:
172f45bf8b2000e29d5b7418e7f250c188b0d0252edb03434caed2552993a779  cups-1.6.3-17.el7_1.1.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC