-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-2
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 24 Jan 2006
 Last revised: 25 Jan 2006

 Package: cups

 Summary: Multiple vulnerabilities exist in cups

 More information:
    The Common UNIX Printing System provides a portable printing layer for
    UNIX operating systems.  It has been developed by Easy Software Products
    to promote a standard printing solution for all UNIX vendors and users.
    CUPS provides the System V and Berkeley command-line interfaces.

    Multiple vulnerabilities have been discovered in cups.

 Impact:
    Please refer to the "References" section.

 Affected Products:
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation

 Solution:
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., 
  Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal]
 # turbopkg
 or
 # zabom -u cups cups-devel cups-libs

 [other]
 # turbopkg
 or
 # zabom update cups cups-devel cups-libs
 ---------------------------------------------


 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   cups-1.1.23-4.src.rpm
      9150191 a60e86644c0994d8e18ceb56a9394ea6

   Binary Packages
   Size: MD5

   cups-1.1.23-4.i686.rpm
      8441737 a7851c3c9590349f133e5ee9f2721316
   cups-devel-1.1.23-4.i686.rpm
       142364 00a9be2ea9db5be430ceb8adc2ddf631
   cups-libs-1.1.23-4.i686.rpm
        94748 08d2bbb3f968cd5517f72c42fb63c4b8

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/cups-1.1.20-11.src.rpm
      4214590 1d2e303bc34d2289d305861d32af4b60

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-1.1.20-11.x86_64.rpm
      2508179 7bdc8fea260249f1d18b109168118d0e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-devel-1.1.20-11.x86_64.rpm
       125609 8998e8fa2e5059815f3849dc4706db22
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-libs-1.1.20-11.x86_64.rpm
        90165 acd389e5d3ecea31f8343cfe0826c4d7

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   cups-1.1.19-28.src.rpm
      4203043 97189d9d8b7e117b55b0399cd2ff42d7

   Binary Packages
   Size: MD5

   cups-1.1.19-28.i586.rpm
      2498151 d2b284a0faa2fc4219162d687bf0e7fe
   cups-libs-1.1.19-28.i586.rpm
        93409 2f05bcfe7d003e91ee9adf0391057c8f

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   cups-1.1.19-28.src.rpm
      4203043 353e102aff0ae32556f5795105f05dd5

   Binary Packages
   Size: MD5

   cups-1.1.19-28.i586.rpm
      2497941 de17083de980af3eeaeb0148eb9a8e01
   cups-devel-1.1.19-28.i586.rpm
       115897 ae3534d56390ea53241477fdaa6e5a81
   cups-libs-1.1.19-28.i586.rpm
        93520 7ed6512969c757295d7e2a821b64489c

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/cups-1.1.20-11.src.rpm
      4214590 25f12508ebfa5183a25d699d175e73ce

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-1.1.20-11.i586.rpm
      2510614 097664916657c7781ee86d47f76687d5
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-devel-1.1.20-11.i586.rpm
       126852 e1e9783f493cbe952ece3535548fa2b4
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/cups-libs-1.1.20-11.i586.rpm
        87615 23b62323cb0637e252e1c21e63690c5e

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/cups-1.1.19-28.src.rpm
      4203043 d7d6354e95ab2fdd363324d021096a72

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-1.1.19-28.i586.rpm
      2515739 567a3f60650ea00c8bcf75e95a053c17
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-devel-1.1.19-28.i586.rpm
       118031 1d16eaaedcc2ec65c4504429b5253725
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-libs-1.1.19-28.i586.rpm
        87726 6ef9aba14095ae98c968a56a627e8a9d

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/cups-1.1.19-28.src.rpm
      4203043 f9f6df05395b2909ba81073ddcee8b27

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-1.1.19-28.i586.rpm
      2498288 5796e19e20a09338850af0e002727b83
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-devel-1.1.19-28.i586.rpm
       115816 f2dfcbe02decb7ec4197958879788204
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-libs-1.1.19-28.i586.rpm
        93563 84e00717430a50f4b27cc14c2ae3072c

 <Turbolinux 8 Workstation>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/cups-1.1.19-28.src.rpm
      4203043 f8380ae8816ebaab52fac8f2b3b06187

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-1.1.19-28.i586.rpm
      2498276 a94f5796e2c66d0507665443d8ad7588
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-devel-1.1.19-28.i586.rpm
       115920 d20b775d2c85c2b174c19d80a0a8a287
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-libs-1.1.19-28.i586.rpm
        93584 60af1751c5c62a935cf2f8cc021916e8


 References:

 CVE
   [CAN-2005-3191]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
   [CAN-2005-3192]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
   [CAN-2005-3193]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
   [CAN-2005-3624]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3624
   [CAN-2005-3625]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3625
   [CAN-2005-3626]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3626
   [CAN-2005-3627]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3627
   [CAN-2005-3628]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3628

 --------------------------------------------------------------------------
 Revision History
    24 Jan 2006 Initial release
    25 Jan 2006 Typo Original released date
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD1lVTK0LzjOqIJMwRApXaAJ94ZzYTIEEPEPD+QLjzLYLiYFCZuACgo4zf
ppym4m+Nh7/QkB27JrB3UFQ=
=HYg/
-----END PGP SIGNATURE-----