-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2007-31 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date: 11 Jun 2007 Last revised: 11 Jun 2007 Package: cups Summary: Remote attackers to cause a denial of service More information: The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. The CUPS service on multiple platforms allows remote attackers to cause a denial of service via a "partially-negotiated" SSL connection. Impact: Denial of service. Affected Products: - wizpy - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 8 Workstation Source Packages Size: MD5 cups-1.1.23-12.src.rpm 9155672 280696e9031c61229f7101b6e909e822 Binary Packages Size: MD5 cups-1.1.23-12.i386.rpm 7492956 552619e2e9ab3f39f3dbc65b5c036570 cups-libs-1.1.23-12.i386.rpm 80429 7b3ab9d57c7b8edbceff36a4c12394af Source Packages Size: MD5 cups-1.1.20-14.src.rpm 4218202 4fe1294bf69303fd25adc885cab71e25 Binary Packages Size: MD5 cups-1.1.20-14.i586.rpm 2510205 5b28a2f68bc00703bede9ac40b721f36 cups-devel-1.1.20-14.i586.rpm 127637 9b5d7deec4ae6cc5aef9401750f915a3 cups-libs-1.1.20-14.i586.rpm 88248 4404ea156ba60978b09db515e628756d Source Packages Size: MD5 cups-1.1.23-12.src.rpm 9155672 47158c91a807ae0c6dafca4c0a7cdb21 Binary Packages Size: MD5 cups-1.1.23-12.i686.rpm 8444036 ae7d31117d4ce607eb547ab8fa45327f cups-devel-1.1.23-12.i686.rpm 143260 d22d1d257bdba1646f51d2aa283a6962 cups-libs-1.1.23-12.i686.rpm 95977 d9c6fefa7b535f9095e8ba7e71aefb0c Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/cups-1.1.20-14.src.rpm 4218202 80409108f5f869e1aa816b92ba74a825 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-1.1.20-14.x86_64.rpm 2508926 a1a5f7d4c8d0e8aa0bc9a1290d10a84c ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-devel-1.1.20-14.x86_64.rpm 126447 d0628947a3d2e3165d49f195c882f035 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-libs-1.1.20-14.x86_64.rpm 90996 43885120936f1172b51c7c192d415b06 Source Packages Size: MD5 cups-1.1.20-14.src.rpm 4218202 fff4395aa0ce1109cd2b4c373236fc76 Binary Packages Size: MD5 cups-1.1.20-14.i586.rpm 2503827 5327a75c103e985a78d82c8899b91747 cups-libs-1.1.20-14.i586.rpm 94061 25d259507c02f14f5939b0cd6faec6a4 Source Packages Size: MD5 cups-1.1.20-14.src.rpm 4218202 14c68e5262174f63af3d22d5b0d31941 Binary Packages Size: MD5 cups-1.1.20-14.i586.rpm 2503977 1aeda58e5c80f320638922fecc2b52f6 cups-devel-1.1.20-14.i586.rpm 125240 87499ab030bc165b3c99f965dcca9f8c cups-libs-1.1.20-14.i586.rpm 94283 a25a3ae506a179ad51945e0cec53dee3 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/cups-1.1.20-14.src.rpm 4218202 b21e1b5a4f59f842fb9af7c4642d5c2b Binary Packages Size: MD5 cups-1.1.20-14.i586.rpm 2510205 5b28a2f68bc00703bede9ac40b721f36 cups-devel-1.1.20-14.i586.rpm 127637 9b5d7deec4ae6cc5aef9401750f915a3 cups-libs-1.1.20-14.i586.rpm 88248 4404ea156ba60978b09db515e628756d Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/cups-1.1.20-14.src.rpm 4218202 ba127a39d823ca2348e233d028cd77d0 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-1.1.20-14.i586.rpm 2519651 7bd73ce1529917bc44a05f3e572ff6f6 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-devel-1.1.20-14.i586.rpm 127812 4e092e95ceb05e40f9fb4c0d67d29971 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-libs-1.1.20-14.i586.rpm 88440 f5f7d5f830157a38dc5b1d8b1fbaf7ee Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/cups-1.1.20-14.src.rpm 4218202 1ff63dc277cb0100caa8c3837f9f1e66 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-1.1.20-14.i586.rpm 2505328 ae7d1bd6f54577b12d88d8ba2e7886ce ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-devel-1.1.20-14.i586.rpm 125262 e7046376a61e0bb10bb4f50b278a07b1 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-libs-1.1.20-14.i586.rpm 94250 ac7d0d4405deba6b71abaee72bbba427 References: CVE [CVE-2007-0720] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0720 -------------------------------------------------------------------------- Revision History 11 Jun 2007 Initial release -------------------------------------------------------------------------- Copyright(C) 2007 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGbR8wK0LzjOqIJMwRAucCAJwKwHThZSqi2jJgND6wGH+ZHVUOxQCdFaCR RIYIhqKvQBQj5hxlM6pCPxA= =9gRZ -----END PGP SIGNATURE-----