-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2008-19 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date: 16 Jun 2008 Last revised: 15 Aug 2008 Package: cups Summary: Multiple vulnerabilities exist in cups More information: The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. Multiple vulnerabilities have been discovered in cups. Affected Products: - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0 - Turbolinux 11 Server x64 Edition - Turbolinux 11 Server - wizpy - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Multimedia - Turbolinux Personal Source Packages Size: MD5 cups-1.3.2-4.src.rpm 4080735 354102fdc787af989cd4592480788a73 Binary Packages Size: MD5 cups-1.3.2-4.x86_64.rpm 3580782 3733487d7bb3af6e97bce6101332e598 cups-libs-1.3.2-4.x86_64.rpm 159201 1135b7063e8b692556769a3c37ac72af cups-lpd-1.3.2-4.x86_64.rpm 19285 e9bf2db52e3876f8ada5d00fad18d791 Source Packages Size: MD5 cups-1.3.2-4.src.rpm 4080735 354102fdc787af989cd4592480788a73 Binary Packages Size: MD5 cups-1.3.2-4.i686.rpm 3524957 d33fd5045724c0e33e63a0dc1c6801b8 cups-libs-1.3.2-4.i686.rpm 159169 f355e610db8cbbe4263f584d6bb5fc9b cups-lpd-1.3.2-4.i686.rpm 19312 7f49b5759e8f423596418d0246a9a8ea Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/11/updates/SRPMS/cups-1.3.2-4.src.rpm 4080735 c1242318146a692338f2f67d03e510af Binary Packages Size: MD5 cups-1.3.2-4.x86_64.rpm 3580782 3733487d7bb3af6e97bce6101332e598 cups-devel-1.3.2-4.x86_64.rpm 35750 a3aceb5c00868b00c66d248b9e31ab68 cups-libs-1.3.2-4.x86_64.rpm 159201 1135b7063e8b692556769a3c37ac72af cups-lpd-1.3.2-4.x86_64.rpm 19285 e9bf2db52e3876f8ada5d00fad18d791 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/11/updates/SRPMS/cups-1.3.2-4.src.rpm 4080735 354102fdc787af989cd4592480788a73 Binary Packages Size: MD5 cups-1.3.2-4.i686.rpm 3524957 d33fd5045724c0e33e63a0dc1c6801b8 cups-devel-1.3.2-4.i686.rpm 35689 1f1252a2f73e5522b847cdf2bb2e371d cups-libs-1.3.2-4.i686.rpm 159169 f355e610db8cbbe4263f584d6bb5fc9b cups-lpd-1.3.2-4.i686.rpm 19312 7f49b5759e8f423596418d0246a9a8ea Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/wizpy/updates/SRPMS/cups-1.1.23-16.src.rpm 9166297 f91da2812067d5efd0260be7ee8cdafd Binary Packages Size: MD5 cups-1.1.23-16.i386.rpm 7492210 4140852b94d4e839940b7aa00a91a0c7 cups-libs-1.1.23-16.i386.rpm 81155 3db54a3e2cfb67c4df29ba8b92de1655 Source Packages Size: MD5 cups-1.1.20-19.src.rpm 4229305 4e946142be2d6bd61fcd0ea893a3e092 Binary Packages Size: MD5 cups-1.1.20-19.i586.rpm 2512669 00518c8ea73bb61c1e5a002e474e123c cups-devel-1.1.20-19.i586.rpm 128128 59843e3c5c42e3850c447c7f136f657a cups-libs-1.1.20-19.i586.rpm 88690 f7faee1643f91ec37e0c3c4fd4ae1ef3 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/11/updates/SRPMS/cups-1.1.23-16.src.rpm 9166297 cfad0e148e4506c3fe78385fcf8d30e0 Binary Packages Size: MD5 cups-1.1.23-16.i686.rpm 8443661 187fe8f930471d0cda216f583406e56a cups-devel-1.1.23-16.i686.rpm 144552 7199dd33482e6b6053a17ef8fb5adb60 cups-libs-1.1.23-16.i686.rpm 96809 e350c9282aea6d5e6c8d0235aecdea2a Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/cups-1.1.20-19.src.rpm 4229305 bc3d2a648b9d390b95314539ceef7953 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-1.1.20-19.x86_64.rpm 2509784 49bfcc6f0866f2367ed5463301f2b3b6 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-devel-1.1.20-19.x86_64.rpm 127014 2ce88490ee8cc0ab10481eac3f36251f ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/cups-libs-1.1.20-19.x86_64.rpm 91529 b069429157ed33d47de2e09fc5fde3c7 Source Packages Size: MD5 cups-1.1.20-19.src.rpm 4229305 ac600e74ef7878d75bd39535f55b151e Binary Packages Size: MD5 cups-1.1.20-19.i586.rpm 2504665 ee38bfe7d7e1d671984a971c9e23d8f1 cups-libs-1.1.20-19.i586.rpm 94588 ec08ed773139b5479b85839c381087e1 Source Packages Size: MD5 cups-1.1.20-19.src.rpm 4229305 ab1dfe1214a207a5b36d6a45171ea660 Binary Packages Size: MD5 cups-1.1.20-19.i586.rpm 2504572 3f2803aa95a71b149c60f55836f57173 cups-devel-1.1.20-19.i586.rpm 125697 4223831a41a1a1c0fc99f752e193301e cups-libs-1.1.20-19.i586.rpm 94727 b1bbb9827fd105c17ea6c955e03829e7 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/cups-1.1.20-19.src.rpm 4229305 4e946142be2d6bd61fcd0ea893a3e092 Binary Packages Size: MD5 cups-1.1.20-19.i586.rpm 2512669 00518c8ea73bb61c1e5a002e474e123c cups-devel-1.1.20-19.i586.rpm 128128 59843e3c5c42e3850c447c7f136f657a cups-libs-1.1.20-19.i586.rpm 88690 f7faee1643f91ec37e0c3c4fd4ae1ef3 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/cups-1.1.20-19.src.rpm 4229305 e8111bb5ca7c63e431a463163f5baf2f Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-1.1.20-19.i586.rpm 2520587 eaf8677fea150af38f272439b8944b80 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-devel-1.1.20-19.i586.rpm 128302 65aa68fcbc1160b03629f5f216637113 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/cups-libs-1.1.20-19.i586.rpm 88907 0345f687e7499f1f534c635aa89ef289 References: CVE [CVE-2007-4045] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045 [CVE-2007-4351] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 [CVE-2007-4352] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 [CVE-2007-5392] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 [CVE-2007-5393] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [CVE-2008-0047] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 [CVE-2008-0053] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0053 [CVE-2008-0596] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0596 [CVE-2008-0597] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0597 [CVE-2008-0882] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882 [CVE-2008-1373] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 [CVE-2008-1374] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1374 -------------------------------------------------------------------------- Revision History 16 Jun 2008 Initial release 15 Aug 2008 Added CVE-2008-1374 -------------------------------------------------------------------------- Copyright(C) 2008 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEUEARECAAYFAkilLXoACgkQK0LzjOqIJMwaIgCUD0bi1vcGHOy8DhxyElOEnNeK tgCeJlU0UZO6eNu1To8CqVUz7BKy4VM= =Ew+F -----END PGP SIGNATURE-----