RedHat: cups security update
Summary
Summary
The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. When processing a request, the CUPS scheduler would use case-sensitive matching on the queue name to decide which authorization policy should be used. However, queue names are not case-sensitive. An unauthorized user could print to a password-protected queue without needing a password. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2154 to this issue. Please note that the version of CUPS included in Red Hat Enterprise Linux 4 is not vulnerable to this issue. All users of CUPS should upgrade to these erratum packages which contain a backported patch to correct this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
162405 - CAN-2004-2154
6. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm
i386:
36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm
72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
ia64:
36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm
7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm
ppc:
86f8571af07d8d5fa479ed729a13af37 cups-1.1.17-13.3.29.ppc.rpm
ff62e1f6ae117e1db87a4299a4bd33a9 cups-devel-1.1.17-13.3.29.ppc.rpm
6e334775b2dbb8c09c25e011cb69cba4 cups-libs-1.1.17-13.3.29.ppc.rpm
9f23a140336a37a76bf6a9dbcbcdb9ff cups-libs-1.1.17-13.3.29.ppc64.rpm
s390:
54d08a23a20b825b5c0c1e59ea0fe54b cups-1.1.17-13.3.29.s390.rpm
eb62a6ea4f287a6eab9a0157f909e9e4 cups-devel-1.1.17-13.3.29.s390.rpm
e067385a2f2e9ab235bd9f98943626c7 cups-libs-1.1.17-13.3.29.s390.rpm
s390x:
d400e53066c2c831ae85155c9b8b0de0 cups-1.1.17-13.3.29.s390x.rpm
e3c00601315da00de3b8980a2c93aec8 cups-devel-1.1.17-13.3.29.s390x.rpm
e067385a2f2e9ab235bd9f98943626c7 cups-libs-1.1.17-13.3.29.s390.rpm
f6bb5b5be02c4acd32561a7a857c7eae cups-libs-1.1.17-13.3.29.s390x.rpm
x86_64:
a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm
7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm
i386:
36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm
72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
x86_64:
a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm
7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm
i386:
36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm
72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
ia64:
36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm
7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm
x86_64:
a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm
7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm
i386:
36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm
72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
ia64:
36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm
7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm
x86_64:
a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm
7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm
5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm
56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154
Package List
Topic
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Bugs Fixed